From fdf4830b28af379917ef6cbb46d4830da8910740 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Mon, 8 Jan 2024 06:22:02 -0800 Subject: [PATCH 1/6] feat: update L1 CloudFormation resource definitions (#28613) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[+] service amzn-sdc │ ├ capitalized: SDC │ │ cloudFormationNamespace: AMZN::SDC │ │ name: amzn-sdc │ │ shortName: sdc │ └ resources │ └resource AMZN::SDC::Deployment │ ├ name: Deployment │ │ cloudFormationType: AMZN::SDC::Deployment │ │ documentation: Resource Type definition for AMZN::SDC::Deployment │ ├ properties │ │ ├ConfigName: string (required) │ │ ├S3Bucket: string (required) │ │ ├TargetRegionOverride: string │ │ ├S3Key: string (required, immutable) │ │ ├Stage: string (required) │ │ ├PipelineId: string │ │ └Dimension: string (required) │ └ attributes │ └Id: string ├[~] service aws-appsync │ └ resources │ └[~] resource AWS::AppSync::GraphQLApi │ └ properties │ ├ IntrospectionConfig: (documentation changed) │ ├ QueryDepthLimit: (documentation changed) │ └ ResolverCountLimit: (documentation changed) ├[~] service aws-cloud9 │ └ resources │ └[~] resource AWS::Cloud9::EnvironmentEC2 │ └ properties │ └ ImageId: (documentation changed) ├[~] service aws-cloudfront │ └ resources │ └[~] resource AWS::CloudFront::Function │ └ types │ ├[~] type FunctionConfig │ │ └ properties │ │ └[+] KeyValueStoreAssociations: Array │ └[+] type KeyValueStoreAssociation │ ├ documentation: The Key Value Store association. │ │ name: KeyValueStoreAssociation │ └ properties │ └KeyValueStoreARN: string (required) ├[~] service aws-cloudtrail │ └ resources │ ├[~] resource AWS::CloudTrail::EventDataStore │ │ └ types │ │ └[~] type AdvancedFieldSelector │ │ └ properties │ │ └ Field: (documentation changed) │ └[~] resource AWS::CloudTrail::Trail │ └ types │ └[~] type AdvancedFieldSelector │ └ properties │ └ Field: (documentation changed) ├[~] service aws-codecommit │ └ resources │ └[~] resource AWS::CodeCommit::Repository │ └ properties │ └ KmsKeyId: (documentation changed) ├[+] service aws-codetest │ ├ capitalized: CodeTest │ │ cloudFormationNamespace: AWS::CodeTest │ │ name: aws-codetest │ │ shortName: codetest │ └ resources │ ├resource AWS::CodeTest::PersistentConfiguration │ │├ name: PersistentConfiguration │ ││ cloudFormationType: AWS::CodeTest::PersistentConfiguration │ ││ documentation: Resource Type definition for AWS::CodeTest::PersistentConfiguration │ │├ properties │ ││ ├Version: string │ ││ ├VpcConfig: VpcConfig │ ││ ├Name: string (immutable) │ ││ └ResultsRoleArn: string (required) │ │├ attributes │ ││ └Id: string │ │└ types │ │ └type VpcConfig │ │ ├ name: VpcConfig │ │ └ properties │ │ ├SecurityGroupIds: Array │ │ └Subnets: Array │ └resource AWS::CodeTest::Series │ ├ name: Series │ │ cloudFormationType: AWS::CodeTest::Series │ │ documentation: Resource Type definition for AWS::CodeTest::Series │ ├ properties │ │ ├PersistentConfigurationId: string (required, immutable) │ │ ├RunDefinition: json (required) │ │ ├State: string (required) │ │ └Name: string (immutable) │ └ attributes │ └Id: string ├[~] service aws-cognito │ └ resources │ └[~] resource AWS::Cognito::UserPool │ └ types │ ├[~] type LambdaConfig │ │ └ properties │ │ └[+] PreTokenGenerationConfig: PreTokenGenerationConfig │ └[+] type PreTokenGenerationConfig │ ├ name: PreTokenGenerationConfig │ └ properties │ ├LambdaVersion: string │ └LambdaArn: string ├[~] service aws-connect │ └ resources │ ├[~] resource AWS::Connect::Instance │ │ └ properties │ │ └ Tags: (documentation changed) │ ├[~] resource AWS::Connect::PhoneNumber │ │ └ properties │ │ ├ CountryCode: - string (required, immutable) │ │ │ + string (immutable) │ │ ├[+] SourcePhoneNumberArn: string (immutable) │ │ └ Type: - string (required, immutable) │ │ + string (immutable) │ ├[+] resource AWS::Connect::PredefinedAttribute │ │ ├ name: PredefinedAttribute │ │ │ cloudFormationType: AWS::Connect::PredefinedAttribute │ │ │ documentation: Textual or numeric value that describes an attribute. │ │ ├ properties │ │ │ ├InstanceArn: string (required, immutable) │ │ │ ├Name: string (required, immutable) │ │ │ └Values: Values (required) │ │ └ types │ │ └type Values │ │ ├ documentation: The values of a predefined attribute. │ │ │ name: Values │ │ └ properties │ │ └StringList: Array │ ├[~] resource AWS::Connect::User │ │ ├ properties │ │ │ └[+] UserProficiencies: Array │ │ └ types │ │ └[+] type UserProficiency │ │ ├ documentation: > A predefined attribute must be created before using `UserProficiencies` in the Cloudformation *User* template. For more information, see [Predefined attributes](https://docs.aws.amazon.com/connect/latest/adminguide/predefined-attributes.html) . │ │ │ Proficiency of a user. │ │ │ name: UserProficiency │ │ └ properties │ │ ├AttributeName: string (required) │ │ ├AttributeValue: string (required) │ │ └Level: number (required) │ └[~] resource AWS::Connect::UserHierarchyGroup │ └ properties │ └ Tags: (documentation changed) ├[~] service aws-docdb │ └ resources │ └[+] resource AWS::DocDB::EventSubscription │ ├ name: EventSubscription │ │ cloudFormationType: AWS::DocDB::EventSubscription │ │ documentation: Creates an Amazon DocumentDB event notification subscription. This action requires a topic Amazon Resource Name (ARN) created by using the Amazon DocumentDB console, the Amazon SNS console, or the Amazon SNS API. To obtain an ARN with Amazon SNS, you must create a topic in Amazon SNS and subscribe to the topic. The ARN is displayed in the Amazon SNS console. │ │ You can specify the type of source ( `SourceType` ) that you want to be notified of. You can also provide a list of Amazon DocumentDB sources ( `SourceIds` ) that trigger the events, and you can provide a list of event categories ( `EventCategories` ) for events that you want to be notified of. For example, you can specify `SourceType = db-instance` , `SourceIds = mydbinstance1, mydbinstance2` and `EventCategories = Availability, Backup` . │ │ If you specify both the `SourceType` and `SourceIds` (such as `SourceType = db-instance` and `SourceIdentifier = myDBInstance1` ), you are notified of all the `db-instance` events for the specified source. If you specify a `SourceType` but do not specify a `SourceIdentifier` , you receive notice of the events for that source type for all your Amazon DocumentDB sources. If you do not specify either the `SourceType` or the `SourceIdentifier` , you are notified of events generated from all Amazon DocumentDB sources belonging to your customer account. │ ├ properties │ │ ├SourceType: string │ │ ├Enabled: boolean │ │ ├EventCategories: Array │ │ ├SubscriptionName: string (immutable) │ │ ├SnsTopicArn: string (required, immutable) │ │ └SourceIds: Array │ └ attributes │ └Id: string ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::LaunchTemplate │ │ └ types │ │ └[~] type MaintenanceOptions │ │ └ properties │ │ └[+] RebootMigration: string │ ├[~] resource AWS::EC2::NetworkInterface │ │ ├ properties │ │ │ └[+] EnablePrimaryIpv6: boolean │ │ └ attributes │ │ └[+] PrimaryIpv6Address: string │ ├[~] resource AWS::EC2::Subnet │ │ └ properties │ │ ├[+] Ipv4IpamPoolId: string (immutable) │ │ ├[+] Ipv4NetmaskLength: integer (immutable) │ │ ├[+] Ipv6IpamPoolId: string (immutable) │ │ └[+] Ipv6NetmaskLength: integer (immutable) │ └[~] resource AWS::EC2::SubnetCidrBlock │ └ properties │ ├ Ipv6CidrBlock: - string (required, immutable) │ │ + string (immutable) │ ├[+] Ipv6IpamPoolId: string (immutable) │ └[+] Ipv6NetmaskLength: integer (immutable) ├[~] service aws-emrserverless │ └ resources │ └[~] resource AWS::EMRServerless::Application │ └ types │ ├[~] type CloudWatchLoggingConfiguration │ │ ├ - documentation: undefined │ │ │ + documentation: The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch . │ │ └ properties │ │ ├ Enabled: (documentation changed) │ │ ├ EncryptionKeyArn: (documentation changed) │ │ ├ LogGroupName: (documentation changed) │ │ └ LogStreamNamePrefix: (documentation changed) │ └[~] type MonitoringConfiguration │ └ properties │ └ CloudWatchLoggingConfiguration: (documentation changed) ├[~] service aws-events │ └ resources │ ├[~] resource AWS::Events::EventBus │ │ └ - documentation: Creates a new event bus within your account. This can be a custom event bus which you can use to receive events from your custom applications and services, or it can be a partner event bus which can be matched to a partner event source. │ │ + documentation: Specifies an event bus within your account. This can be a custom event bus which you can use to receive events from your custom applications and services, or it can be a partner event bus which can be matched to a partner event source. │ │ > As an aid to help you jumpstart developing CloudFormation templates, the EventBridge console enables you to create templates from the existing event buses in your account. For more information, see [Generating CloudFormation templates from an EventBridge event bus](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-generate-event-bus-template.html) in the *Amazon EventBridge User Guide* . │ └[~] resource AWS::Events::Rule │ ├ - documentation: Creates or updates the specified rule. Rules are enabled by default, or based on value of the state. You can disable a rule using [DisableRule](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DisableRule.html) . │ │ A single rule watches for events from a single event bus. Events generated by AWS services go to your account's default event bus. Events generated by SaaS partner services or applications go to the matching partner event bus. If you have custom applications or services, you can specify whether their events go to your default event bus or a custom event bus that you have created. For more information, see [CreateEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEventBus.html) . │ │ If you are updating an existing rule, the rule is replaced with what you specify in this `PutRule` command. If you omit arguments in `PutRule` , the old values for those arguments are not kept. Instead, they are replaced with null values. │ │ When you create or update a rule, incoming events might not immediately start matching to new or updated rules. Allow a short period of time for changes to take effect. │ │ A rule must contain at least an EventPattern or ScheduleExpression. Rules with EventPatterns are triggered when a matching event is observed. Rules with ScheduleExpressions self-trigger based on the given schedule. A rule can have both an EventPattern and a ScheduleExpression, in which case the rule triggers on matching events as well as on a schedule. │ │ Most services in AWS treat : or / as the same character in Amazon Resource Names (ARNs). However, EventBridge uses an exact match in event patterns and rules. Be sure to use the correct ARN characters when creating event patterns so that they match the ARN syntax in the event you want to match. │ │ In EventBridge, it is possible to create rules that lead to infinite loops, where a rule is fired repeatedly. For example, a rule might detect that ACLs have changed on an S3 bucket, and trigger software to change them to the desired state. If the rule is not written carefully, the subsequent change to the ACLs fires the rule again, creating an infinite loop. │ │ To prevent this, write the rules so that the triggered actions do not re-fire the same rule. For example, your rule could fire only if ACLs are found to be in a bad state, instead of after any change. │ │ An infinite loop can quickly cause higher than expected charges. We recommend that you use budgeting, which alerts you when charges exceed your specified limit. For more information, see [Managing Your Costs with Budgets](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html) . │ │ + documentation: Creates or updates the specified rule. Rules are enabled by default, or based on value of the state. You can disable a rule using [DisableRule](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DisableRule.html) . │ │ A single rule watches for events from a single event bus. Events generated by AWS services go to your account's default event bus. Events generated by SaaS partner services or applications go to the matching partner event bus. If you have custom applications or services, you can specify whether their events go to your default event bus or a custom event bus that you have created. For more information, see [CreateEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEventBus.html) . │ │ If you are updating an existing rule, the rule is replaced with what you specify in this `PutRule` command. If you omit arguments in `PutRule` , the old values for those arguments are not kept. Instead, they are replaced with null values. │ │ When you create or update a rule, incoming events might not immediately start matching to new or updated rules. Allow a short period of time for changes to take effect. │ │ A rule must contain at least an EventPattern or ScheduleExpression. Rules with EventPatterns are triggered when a matching event is observed. Rules with ScheduleExpressions self-trigger based on the given schedule. A rule can have both an EventPattern and a ScheduleExpression, in which case the rule triggers on matching events as well as on a schedule. │ │ Most services in AWS treat : or / as the same character in Amazon Resource Names (ARNs). However, EventBridge uses an exact match in event patterns and rules. Be sure to use the correct ARN characters when creating event patterns so that they match the ARN syntax in the event you want to match. │ │ In EventBridge, it is possible to create rules that lead to infinite loops, where a rule is fired repeatedly. For example, a rule might detect that ACLs have changed on an S3 bucket, and trigger software to change them to the desired state. If the rule is not written carefully, the subsequent change to the ACLs fires the rule again, creating an infinite loop. │ │ To prevent this, write the rules so that the triggered actions do not re-fire the same rule. For example, your rule could fire only if ACLs are found to be in a bad state, instead of after any change. │ │ An infinite loop can quickly cause higher than expected charges. We recommend that you use budgeting, which alerts you when charges exceed your specified limit. For more information, see [Managing Your Costs with Budgets](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html) . │ │ > As an aid to help you jumpstart developing CloudFormation templates, the EventBridge console enables you to create templates from the existing rules in your account. For more information, see [Generating CloudFormation templates from an EventBridge rule](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-generate-template.html) in the *Amazon EventBridge User Guide* . │ └ types │ ├[+] type AppSyncParameters │ │ ├ name: AppSyncParameters │ │ └ properties │ │ └GraphQLOperation: string (required) │ └[~] type Target │ └ properties │ └[+] AppSyncParameters: AppSyncParameters ├[~] service aws-fis │ └ resources │ └[~] resource AWS::FIS::ExperimentTemplate │ ├ - documentation: Specifies an experiment template. │ │ An experiment template includes the following components: │ │ - *Targets* : A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags. │ │ - *Actions* : The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment. │ │ - *Stop conditions* : If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm. │ │ For more information, see [Experiment templates](https://docs.aws.amazon.com/fis/latest/userguide/experiment-templates.html) in the *AWS Fault Injection Service User Guide* . │ │ + documentation: Describes an experiment template. │ └ types │ ├[~] type ExperimentTemplateAction │ │ └ - documentation: Specifies an action for an experiment template. │ │ For more information, see [Actions](https://docs.aws.amazon.com/fis/latest/userguide/actions.html) in the *AWS Fault Injection Service User Guide* . │ │ + documentation: Describes an action for an experiment template. │ ├[~] type ExperimentTemplateLogConfiguration │ │ ├ - documentation: Specifies the configuration for experiment logging. │ │ │ For more information, see [Experiment logging](https://docs.aws.amazon.com/fis/latest/userguide/monitoring-logging.html) in the *AWS Fault Injection Service User Guide* . │ │ │ + documentation: Describes the configuration for experiment logging. │ │ └ properties │ │ ├ CloudWatchLogsConfiguration: (documentation changed) │ │ └ S3Configuration: (documentation changed) │ ├[~] type ExperimentTemplateStopCondition │ │ └ - documentation: Specifies a stop condition for an experiment template. │ │ For more information, see [Stop conditions](https://docs.aws.amazon.com/fis/latest/userguide/stop-conditions.html) in the *AWS Fault Injection Service User Guide* . │ │ + documentation: Describes a stop condition for an experiment template. │ ├[~] type ExperimentTemplateTarget │ │ ├ - documentation: Specifies a target for an experiment. You must specify at least one Amazon Resource Name (ARN) or at least one resource tag. You cannot specify both ARNs and tags. │ │ │ For more information, see [Targets](https://docs.aws.amazon.com/fis/latest/userguide/targets.html) in the *AWS Fault Injection Service User Guide* . │ │ │ + documentation: Describes a target for an experiment template. │ │ └ properties │ │ └ Parameters: (documentation changed) │ └[~] type ExperimentTemplateTargetFilter │ └ - documentation: Specifies a filter used for the target resource input in an experiment template. │ For more information, see [Resource filters](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters) in the *AWS Fault Injection Service User Guide* . │ + documentation: Describes a filter used for the target resources in an experiment template. ├[~] service aws-globalaccelerator │ └ resources │ └[~] resource AWS::GlobalAccelerator::EndpointGroup │ └ types │ └[~] type EndpointConfiguration │ └ properties │ └[+] AttachmentArn: string ├[~] service aws-glue │ └ resources │ └[+] resource AWS::Glue::CustomEntityType │ ├ name: CustomEntityType │ │ cloudFormationType: AWS::Glue::CustomEntityType │ │ documentation: Creates a custom pattern that is used to detect sensitive data across the columns and rows of your structured data. │ │ Each custom pattern you create specifies a regular expression and an optional list of context words. If no context words are passed only a regular expression is checked. │ │ tagInformation: {"tagPropertyName":"Tags","variant":"map"} │ ├ properties │ │ ├RegexString: string │ │ ├ContextWords: Array │ │ ├Tags: json │ │ └Name: string │ └ attributes │ └Id: string ├[~] service aws-iot │ └ resources │ └[~] resource AWS::IoT::DomainConfiguration │ ├ properties │ │ └[+] ServerCertificateConfig: ServerCertificateConfig │ └ types │ └[+] type ServerCertificateConfig │ ├ name: ServerCertificateConfig │ └ properties │ └EnableOCSPCheck: boolean ├[~] service aws-iotsitewise │ └ resources │ └[~] resource AWS::IoTSiteWise::Gateway │ └ types │ ├[~] type GatewayPlatform │ │ └ properties │ │ └ GreengrassV2: (documentation changed) │ └[~] type GreengrassV2 │ └ - documentation: Contains details for a gateway that runs on AWS IoT Greengrass V2. To create a gateway that runs on AWS IoT Greengrass V2, you must deploy the IoT SiteWise Edge component to your gateway device. Your [Greengrass device role](https://docs.aws.amazon.com/greengrass/v2/developerguide/device-service-role.html) must use the `AWSIoTSiteWiseEdgeAccess` policy. For more information, see [Using AWS IoT SiteWise at the edge](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/sw-gateways.html) in the *AWS IoT SiteWise User Guide* . │ + documentation: Contains details for a gateway that runs on AWS IoT Greengrass V2 . To create a gateway that runs on AWS IoT Greengrass V2 , you must deploy the IoT SiteWise Edge component to your gateway device. Your [Greengrass device role](https://docs.aws.amazon.com/greengrass/v2/developerguide/device-service-role.html) must use the `AWSIoTSiteWiseEdgeAccess` policy. For more information, see [Using AWS IoT SiteWise at the edge](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/sw-gateways.html) in the *AWS IoT SiteWise User Guide* . ├[~] service aws-kendra │ └ resources │ └[~] resource AWS::Kendra::DataSource │ └ types │ └[~] type S3DataSourceConfiguration │ └ properties │ └ ExclusionPatterns: (documentation changed) ├[~] service aws-kinesisfirehose │ └ resources │ └[~] resource AWS::KinesisFirehose::DeliveryStream │ └ types │ ├[+] type SplunkBufferingHints │ │ ├ documentation: The buffering options. If no value is specified, the default values for Splunk are used. │ │ │ name: SplunkBufferingHints │ │ └ properties │ │ ├IntervalInSeconds: integer │ │ └SizeInMBs: integer │ └[~] type SplunkDestinationConfiguration │ └ properties │ └[+] BufferingHints: SplunkBufferingHints ├[~] service aws-location │ └ resources │ ├[+] resource AWS::Location::APIKey │ │ ├ name: APIKey │ │ │ cloudFormationType: AWS::Location::APIKey │ │ │ documentation: The API key resource in your AWS account, which lets you grant actions for Amazon Location resources to the API key bearer. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├Description: string │ │ │ ├ExpireTime: string │ │ │ ├ForceUpdate: boolean │ │ │ ├KeyName: string (required, immutable) │ │ │ ├NoExpiry: boolean │ │ │ ├Restrictions: ApiKeyRestrictions (required) │ │ │ ├Tags: Array │ │ │ └ForceDelete: boolean │ │ ├ attributes │ │ │ ├CreateTime: string │ │ │ ├Arn: string │ │ │ ├KeyArn: string │ │ │ └UpdateTime: string │ │ └ types │ │ └type ApiKeyRestrictions │ │ ├ documentation: API Restrictions on the allowed actions, resources, and referers for an API key resource. │ │ │ name: ApiKeyRestrictions │ │ └ properties │ │ ├AllowActions: Array (required) │ │ ├AllowResources: Array (required) │ │ └AllowReferers: Array │ ├[~] resource AWS::Location::GeofenceCollection │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array │ ├[~] resource AWS::Location::Map │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ └[+] Tags: Array │ │ ├ attributes │ │ │ └ DataSource: (documentation changed) │ │ └ types │ │ └[~] type MapConfiguration │ │ └ properties │ │ └[+] PoliticalView: string │ ├[~] resource AWS::Location::PlaceIndex │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array │ ├[~] resource AWS::Location::RouteCalculator │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array │ └[~] resource AWS::Location::Tracker │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ ├[+] EventBridgeEnabled: boolean │ ├[+] KmsKeyEnableGeospatialQueries: boolean │ └[+] Tags: Array ├[~] service aws-mediatailor │ └ resources │ └[~] resource AWS::MediaTailor::Channel │ ├ properties │ │ └[+] TimeShiftConfiguration: TimeShiftConfiguration │ └ types │ ├[~] type DashPlaylistSettings │ │ └ properties │ │ ├ ManifestWindowSeconds: - number (default=0) │ │ │ + number │ │ ├ MinBufferTimeSeconds: - number (default=0) │ │ │ + number │ │ ├ MinUpdatePeriodSeconds: - number (default=0) │ │ │ + number │ │ └ SuggestedPresentationDelaySeconds: - number (default=0) │ │ + number │ ├[~] type HlsPlaylistSettings │ │ └ properties │ │ └ ManifestWindowSeconds: - number (default=0) │ │ + number │ └[+] type TimeShiftConfiguration │ ├ documentation: The configuration for time-shifted viewing. │ │ name: TimeShiftConfiguration │ └ properties │ └MaxTimeDelaySeconds: number (required) ├[~] service aws-networkfirewall │ └ resources │ └[~] resource AWS::NetworkFirewall::FirewallPolicy │ └ types │ └[~] type FirewallPolicy │ └ properties │ └ TLSInspectionConfigurationArn: (documentation changed) ├[~] service aws-networkmanager │ └ resources │ └[~] resource AWS::NetworkManager::Device │ └ attributes │ └ CreatedAt: (documentation changed) ├[~] service aws-omics │ └ resources │ └[~] resource AWS::Omics::Workflow │ └ properties │ └ StorageCapacity: (documentation changed) ├[~] service aws-pinpoint │ └ resources │ └[~] resource AWS::Pinpoint::GCMChannel │ └ properties │ ├ DefaultAuthenticationMethod: (documentation changed) │ └ ServiceJson: (documentation changed) ├[~] service aws-pipes │ └ resources │ └[~] resource AWS::Pipes::Pipe │ ├ - documentation: Create a pipe. Amazon EventBridge Pipes connect event sources to targets and reduces the need for specialized knowledge and integration code. │ │ + documentation: Specifies a pipe. Amazon EventBridge Pipes connect event sources to targets and reduces the need for specialized knowledge and integration code. │ │ > As an aid to help you jumpstart developing CloudFormation templates, the EventBridge console enables you to create templates from the existing pipes in your account. For more information, see [Generate an CloudFormation template from EventBridge Pipes](https://docs.aws.amazon.com/eventbridge/latest/userguide/pipes-generate-template.html) in the *Amazon EventBridge User Guide* . │ └ types │ └[~] type PipeLogConfiguration │ └ properties │ └ IncludeExecutionData: (documentation changed) ├[~] service aws-rds │ └ resources │ └[~] resource AWS::RDS::DBInstance │ └ properties │ └ CACertificateIdentifier: (documentation changed) ├[~] service aws-redshift │ └ resources │ └[~] resource AWS::Redshift::Cluster │ ├ properties │ │ ├[+] ManageMasterPassword: boolean │ │ └[+] MasterPasswordSecretKmsKeyId: string │ └ attributes │ └[+] MasterPasswordSecretArn: string ├[~] service aws-s3 │ └ resources │ └[~] resource AWS::S3::Bucket │ └ types │ └[~] type OwnershipControlsRule │ └ properties │ └ ObjectOwnership: (documentation changed) ├[~] service aws-s3objectlambda │ └ resources │ └[~] resource AWS::S3ObjectLambda::AccessPoint │ └ types │ └[~] type TransformationConfiguration │ └ properties │ └ Actions: (documentation changed) ├[~] service aws-servicecatalogappregistry │ └ resources │ └[~] resource AWS::ServiceCatalogAppRegistry::Application │ └ attributes │ ├ ApplicationTagKey: (documentation changed) │ └ ApplicationTagValue: (documentation changed) └[~] service aws-ssm └ resources └[~] resource AWS::SSM::PatchBaseline ├ properties │ ├ ApprovedPatchesComplianceLevel: - string │ │ + string (default="UNSPECIFIED") │ ├ ApprovedPatchesEnableNonSecurity: - boolean │ │ + boolean (default=false) │ ├[+] DefaultBaseline: boolean (default=false) │ ├ OperatingSystem: - string (immutable) │ │ + string (default="WINDOWS", immutable) │ └ RejectedPatchesAction: - string │ + string (default="ALLOW_AS_DEPENDENCY") ├ attributes │ └ Id: (documentation changed) └ types ├[~] type PatchSource │ ├ - documentation: `PatchSource` is the property type for the `Sources` resource of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource. │ │ The AWS CloudFormation `AWS::SSM::PatchSource` resource is used to provide information about the patches to use to update target instances, including target operating systems and source repository. Applies to Linux instances only. │ │ + documentation: `PatchSource` is the property type for the `Sources` resource of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource. │ │ The AWS CloudFormation `AWS::SSM::PatchSource` resource is used to provide information about the patches to use to update target instances, including target operating systems and source repository. Applies to Linux managed nodes only. │ └ properties │ └ Products: (documentation changed) └[~] type Rule └ properties ├ ApproveUntilDate: - json ⇐ string │ + string └ EnableNonSecurity: - boolean + boolean (default=false) ``` --- .../@aws-cdk/cloudformation-diff/package.json | 4 +- packages/@aws-cdk/integ-runner/package.json | 2 +- packages/aws-cdk-lib/amzn-sdc/.jsiirc.json | 13 +++++++ packages/aws-cdk-lib/amzn-sdc/README.md | 39 +++++++++++++++++++ packages/aws-cdk-lib/amzn-sdc/index.ts | 1 + packages/aws-cdk-lib/amzn-sdc/lib/index.ts | 2 + .../aws-cdk-lib/aws-codetest/.jsiirc.json | 13 +++++++ packages/aws-cdk-lib/aws-codetest/README.md | 39 +++++++++++++++++++ packages/aws-cdk-lib/aws-codetest/index.ts | 1 + .../aws-cdk-lib/aws-codetest/lib/index.ts | 2 + packages/aws-cdk-lib/index.ts | 2 + packages/aws-cdk-lib/package.json | 4 +- packages/aws-cdk-lib/scripts/scope-map.json | 6 +++ tools/@aws-cdk/spec2cdk/package.json | 4 +- yarn.lock | 17 +++++--- 15 files changed, 138 insertions(+), 11 deletions(-) create mode 100644 packages/aws-cdk-lib/amzn-sdc/.jsiirc.json create mode 100644 packages/aws-cdk-lib/amzn-sdc/README.md create mode 100644 packages/aws-cdk-lib/amzn-sdc/index.ts create mode 100644 packages/aws-cdk-lib/amzn-sdc/lib/index.ts create mode 100644 packages/aws-cdk-lib/aws-codetest/.jsiirc.json create mode 100644 packages/aws-cdk-lib/aws-codetest/README.md create mode 100644 packages/aws-cdk-lib/aws-codetest/index.ts create mode 100644 packages/aws-cdk-lib/aws-codetest/lib/index.ts diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 2e502090932d3..51b2fb7d0963b 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.38", - "@aws-cdk/service-spec-types": "^0.0.38", + "@aws-cdk/aws-service-spec": "^0.0.40", + "@aws-cdk/service-spec-types": "^0.0.40", "chalk": "^4", "diff": "^5.1.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index 3b3c3a89d2569..cf88a2c0340c8 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -74,7 +74,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.0.38", + "@aws-cdk/aws-service-spec": "^0.0.40", "cdk-assets": "0.0.0", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/amzn-sdc/.jsiirc.json b/packages/aws-cdk-lib/amzn-sdc/.jsiirc.json new file mode 100644 index 0000000000000..5cfe20f8f3d23 --- /dev/null +++ b/packages/aws-cdk-lib/amzn-sdc/.jsiirc.json @@ -0,0 +1,13 @@ +{ + "targets": { + "java": { + "package": "amzn.sdc" + }, + "dotnet": { + "package": "Amazon.CDK.AMZN.SDC" + }, + "python": { + "module": "aws_cdk.amzn_sdc" + } + } +} diff --git a/packages/aws-cdk-lib/amzn-sdc/README.md b/packages/aws-cdk-lib/amzn-sdc/README.md new file mode 100644 index 0000000000000..e3bbbe4e450b3 --- /dev/null +++ b/packages/aws-cdk-lib/amzn-sdc/README.md @@ -0,0 +1,39 @@ +# AMZN::SDC Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts nofixture +import * as amzn_sdc from 'aws-cdk-lib/amzn-sdc'; +``` + + + +There are no official hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. Here are some suggestions on how to proceed: + +- Search [Construct Hub for SDC construct libraries](https://constructs.dev/search?q=sdc) +- Use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, in the same way you would use [the CloudFormation AMZN::SDC resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AMZN_SDC.html) directly. + + + + +There are no hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. +However, you can still use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, and use this service exactly as you would using CloudFormation directly. + +For more information on the resources and properties available for this service, see the [CloudFormation documentation for AMZN::SDC](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AMZN_SDC.html). + +(Read the [CDK Contributing Guide](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and submit an RFC if you are interested in contributing to this construct library.) + + diff --git a/packages/aws-cdk-lib/amzn-sdc/index.ts b/packages/aws-cdk-lib/amzn-sdc/index.ts new file mode 100644 index 0000000000000..f41a696fd204d --- /dev/null +++ b/packages/aws-cdk-lib/amzn-sdc/index.ts @@ -0,0 +1 @@ +export * from './lib'; diff --git a/packages/aws-cdk-lib/amzn-sdc/lib/index.ts b/packages/aws-cdk-lib/amzn-sdc/lib/index.ts new file mode 100644 index 0000000000000..35a2984cc24f3 --- /dev/null +++ b/packages/aws-cdk-lib/amzn-sdc/lib/index.ts @@ -0,0 +1,2 @@ +// AMZN::SDC Cloudformation Resources +export * from './sdc.generated'; diff --git a/packages/aws-cdk-lib/aws-codetest/.jsiirc.json b/packages/aws-cdk-lib/aws-codetest/.jsiirc.json new file mode 100644 index 0000000000000..c2f229e5beedf --- /dev/null +++ b/packages/aws-cdk-lib/aws-codetest/.jsiirc.json @@ -0,0 +1,13 @@ +{ + "targets": { + "java": { + "package": "software.amazon.awscdk.services.codetest" + }, + "dotnet": { + "package": "Amazon.CDK.AWS.CodeTest" + }, + "python": { + "module": "aws_cdk.aws_codetest" + } + } +} diff --git a/packages/aws-cdk-lib/aws-codetest/README.md b/packages/aws-cdk-lib/aws-codetest/README.md new file mode 100644 index 0000000000000..57a3722006d41 --- /dev/null +++ b/packages/aws-cdk-lib/aws-codetest/README.md @@ -0,0 +1,39 @@ +# AWS::CodeTest Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts nofixture +import * as codetest from 'aws-cdk-lib/aws-codetest'; +``` + + + +There are no official hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. Here are some suggestions on how to proceed: + +- Search [Construct Hub for CodeTest construct libraries](https://constructs.dev/search?q=codetest) +- Use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, in the same way you would use [the CloudFormation AWS::CodeTest resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_CodeTest.html) directly. + + + + +There are no hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. +However, you can still use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, and use this service exactly as you would using CloudFormation directly. + +For more information on the resources and properties available for this service, see the [CloudFormation documentation for AWS::CodeTest](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_CodeTest.html). + +(Read the [CDK Contributing Guide](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and submit an RFC if you are interested in contributing to this construct library.) + + diff --git a/packages/aws-cdk-lib/aws-codetest/index.ts b/packages/aws-cdk-lib/aws-codetest/index.ts new file mode 100644 index 0000000000000..f41a696fd204d --- /dev/null +++ b/packages/aws-cdk-lib/aws-codetest/index.ts @@ -0,0 +1 @@ +export * from './lib'; diff --git a/packages/aws-cdk-lib/aws-codetest/lib/index.ts b/packages/aws-cdk-lib/aws-codetest/lib/index.ts new file mode 100644 index 0000000000000..f2606fb9ca317 --- /dev/null +++ b/packages/aws-cdk-lib/aws-codetest/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::CodeTest Cloudformation Resources +export * from './codetest.generated'; diff --git a/packages/aws-cdk-lib/index.ts b/packages/aws-cdk-lib/index.ts index 89b01494ed956..99a3876bfad74 100644 --- a/packages/aws-cdk-lib/index.ts +++ b/packages/aws-cdk-lib/index.ts @@ -1,4 +1,5 @@ export * as alexa_ask from './alexa-ask'; +export * as amzn_sdc from './amzn-sdc'; export * as assertions from './assertions'; export * as assets from './assets'; export * as aws_accessanalyzer from './aws-accessanalyzer'; @@ -57,6 +58,7 @@ export * as aws_codepipeline_actions from './aws-codepipeline-actions'; export * as aws_codestar from './aws-codestar'; export * as aws_codestarconnections from './aws-codestarconnections'; export * as aws_codestarnotifications from './aws-codestarnotifications'; +export * as aws_codetest from './aws-codetest'; export * as aws_cognito from './aws-cognito'; export * as aws_comprehend from './aws-comprehend'; export * as aws_config from './aws-config'; diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 87c434cf4ccff..c904c9ad791c0 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -133,7 +133,7 @@ "yaml": "1.10.2" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.0.38", + "@aws-cdk/aws-service-spec": "^0.0.40", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", @@ -209,6 +209,7 @@ "./.jsii": "./.jsii", "./.warnings.jsii.js": "./.warnings.jsii.js", "./alexa-ask": "./alexa-ask/index.js", + "./amzn-sdc": "./amzn-sdc/index.js", "./assertions": "./assertions/index.js", "./assertions/lib/helpers-internal": "./assertions/lib/helpers-internal/index.js", "./assets": "./assets/index.js", @@ -268,6 +269,7 @@ "./aws-codestar": "./aws-codestar/index.js", "./aws-codestarconnections": "./aws-codestarconnections/index.js", "./aws-codestarnotifications": "./aws-codestarnotifications/index.js", + "./aws-codetest": "./aws-codetest/index.js", "./aws-cognito": "./aws-cognito/index.js", "./aws-comprehend": "./aws-comprehend/index.js", "./aws-config": "./aws-config/index.js", diff --git a/packages/aws-cdk-lib/scripts/scope-map.json b/packages/aws-cdk-lib/scripts/scope-map.json index 6f66e3226a6ab..8263a92920b6c 100644 --- a/packages/aws-cdk-lib/scripts/scope-map.json +++ b/packages/aws-cdk-lib/scripts/scope-map.json @@ -2,6 +2,9 @@ "alexa-ask": [ "Alexa::ASK" ], + "amzn-sdc": [ + "AMZN::SDC" + ], "aws-accessanalyzer": [ "AWS::AccessAnalyzer" ], @@ -146,6 +149,9 @@ "aws-codestarnotifications": [ "AWS::CodeStarNotifications" ], + "aws-codetest": [ + "AWS::CodeTest" + ], "aws-cognito": [ "AWS::Cognito" ], diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index 5b9139a5f0430..bea9f963fdca3 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.38", + "@aws-cdk/aws-service-spec": "^0.0.40", "@aws-cdk/service-spec-importers": "^0.0.14", - "@aws-cdk/service-spec-types": "^0.0.38", + "@aws-cdk/service-spec-types": "^0.0.40", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/yarn.lock b/yarn.lock index defe75ce5a696..b9aac9b609e00 100644 --- a/yarn.lock +++ b/yarn.lock @@ -56,12 +56,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac" integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg== -"@aws-cdk/aws-service-spec@^0.0.38": - version "0.0.38" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.38.tgz#bcc5fedaaec1358f3b299be7f6b60691b9d887eb" - integrity sha512-rnsZbD+S9RZxqQ6hhSmJEhW3iKgIkq1ztex74uYE7jFZszTIM0F1tdbnyb78RtC/+FuUwZ7FDnrXdQmWMMSsNg== +"@aws-cdk/aws-service-spec@^0.0.40": + version "0.0.40" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.40.tgz#f1b7cb34323b060d6ab72df456f5a92ec8346bdf" + integrity sha512-ujRd7lEnmwsoaHAAY04QjjzKoOHnyEcv6APSEH7airjv+rodJG6713wZOWo5su8ESaC/1SE/+cFix2mKtpcz1Q== dependencies: - "@aws-cdk/service-spec-types" "^0.0.38" + "@aws-cdk/service-spec-types" "^0.0.40" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/lambda-layer-kubectl-v24@^2.0.242": @@ -92,6 +92,13 @@ dependencies: "@cdklabs/tskb" "^0.0.3" +"@aws-cdk/service-spec-types@^0.0.40": + version "0.0.40" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.40.tgz#348f67da375fbed4538f3dcbefae6f5458662b37" + integrity sha512-+UWCCRQ5CtkLVaiJMCdG+r/0ifHo/YIE2u0hhD731Ud1iO99cMEzulzMztfBXxNdX4ySNq9WthyJTFSFWWAxYw== + dependencies: + "@cdklabs/tskb" "^0.0.3" + "@aws-crypto/crc32@3.0.0": version "3.0.0" resolved "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz#07300eca214409c33e3ff769cd5697b57fdd38fa" From 0f38b6e283d3e8e471847ff691702a94675b340d Mon Sep 17 00:00:00 2001 From: "k.goto" <24818752+go-to-k@users.noreply.github.com> Date: Tue, 9 Jan 2024 01:52:34 +0900 Subject: [PATCH 2/6] feat(rds): RDS for SQL Server 15.00.4345.5.v1 (#28614) This PR supports RDS for SQL Server 15.00.4345.5.v1. ``` aws rds describe-db-engine-versions \ --engine sqlserver-ee \ --query "DBEngineVersions[?EngineVersion=='15.00.4345.5.v1'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]" [ [ "SQL Server 2019 15.00.4345.5.v1", "15.00.4345.5.v1", "sqlserver-ee-15.0", "15.00", "available" ] ] ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts index 52773f1f0bbea..8fabbdc351658 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts @@ -1973,6 +1973,8 @@ export class SqlServerEngineVersion { public static readonly VER_15_00_4322_2_V1 = SqlServerEngineVersion.of('15.00.4322.2.v1', '15.00'); /** Version "15.00.4335.1.v1". */ public static readonly VER_15_00_4335_1_V1 = SqlServerEngineVersion.of('15.00.4335.1.v1', '15.00'); + /** Version "15.00.4345.5.v1". */ + public static readonly VER_15_00_4345_5_V1 = SqlServerEngineVersion.of('15.00.4345.5.v1', '15.00'); /** Version "16.00.4085.2.v1". */ public static readonly VER_16_00_4085_2_V1 = SqlServerEngineVersion.of('16.00.4085.2.v1', '16.00'); /** Version "16.00.4095.4.v1". */ From d7aa19677682d28592fe202a8065bd06d468fd12 Mon Sep 17 00:00:00 2001 From: Luca Pizzini Date: Mon, 8 Jan 2024 18:19:42 +0100 Subject: [PATCH 3/6] feat(signer): Notation-OCI-SHA384-ECDSA platform (#28612) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds support for the `Notation-OCI-SHA384-ECDSA` signing profile platform. Also, refactors the `Platform` class to an enum-like class to allow custom platforms (and prevent blocking users if added platforms are missing on the `enum` declaration). Closes #28580. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...aws-cdk-signer-signing-profile.assets.json | 19 +++ ...s-cdk-signer-signing-profile.template.json | 58 +++++++ .../integ.signing-profile.js.snapshot/cdk.out | 1 + ...efaultTestDeployAssertE50BA0E5.assets.json | 19 +++ ...aultTestDeployAssertE50BA0E5.template.json | 36 ++++ .../integ.json | 12 ++ .../manifest.json | 119 +++++++++++++ .../tree.json | 157 ++++++++++++++++++ .../test/aws-signer/integ.signing-profile.ts | 21 +++ .../aws-signer/lib/signing-profile.ts | 29 +++- .../aws-signer/test/signing-profile.test.ts | 40 +++-- 11 files changed, 491 insertions(+), 20 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.assets.json new file mode 100644 index 0000000000000..2adbb529701d8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "bb5554b18d5450c7ca1e64100800a89c7f35242a1286267155fa2f0bae8ae2de": { + "source": { + "path": "aws-cdk-signer-signing-profile.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "bb5554b18d5450c7ca1e64100800a89c7f35242a1286267155fa2f0bae8ae2de.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.template.json new file mode 100644 index 0000000000000..983f40aa39404 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/aws-cdk-signer-signing-profile.template.json @@ -0,0 +1,58 @@ +{ + "Resources": { + "SigningProfileLambda4B150CCB": { + "Type": "AWS::Signer::SigningProfile", + "Properties": { + "PlatformId": "AWSLambda-SHA384-ECDSA", + "SignatureValidityPeriod": { + "Type": "MONTHS", + "Value": 135 + } + } + }, + "SigningProfileOCI1EA741C3": { + "Type": "AWS::Signer::SigningProfile", + "Properties": { + "PlatformId": "Notation-OCI-SHA384-ECDSA", + "SignatureValidityPeriod": { + "Type": "DAYS", + "Value": 60 + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdk.out new file mode 100644 index 0000000000000..2313ab5436501 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets.json new file mode 100644 index 0000000000000..cb7757bedf497 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/integ.json new file mode 100644 index 0000000000000..3711c89c20dca --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "34.0.0", + "testCases": { + "cdk-integ-signer-signing-profile/DefaultTest": { + "stacks": [ + "aws-cdk-signer-signing-profile" + ], + "assertionStack": "cdk-integ-signer-signing-profile/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/manifest.json new file mode 100644 index 0000000000000..530d693df32cd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "34.0.0", + "artifacts": { + "aws-cdk-signer-signing-profile.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-signer-signing-profile.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-signer-signing-profile": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-signer-signing-profile.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/bb5554b18d5450c7ca1e64100800a89c7f35242a1286267155fa2f0bae8ae2de.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-signer-signing-profile.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-signer-signing-profile.assets" + ], + "metadata": { + "/aws-cdk-signer-signing-profile/SigningProfileLambda/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SigningProfileLambda4B150CCB" + } + ], + "/aws-cdk-signer-signing-profile/SigningProfileOCI/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SigningProfileOCI1EA741C3" + } + ], + "/aws-cdk-signer-signing-profile/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-signer-signing-profile/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-signer-signing-profile" + }, + "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegsignersigningprofileDefaultTestDeployAssertE50BA0E5.assets" + ], + "metadata": { + "/cdk-integ-signer-signing-profile/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-signer-signing-profile/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-signer-signing-profile/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/tree.json new file mode 100644 index 0000000000000..4ebcd4249d0d4 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.js.snapshot/tree.json @@ -0,0 +1,157 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-signer-signing-profile": { + "id": "aws-cdk-signer-signing-profile", + "path": "aws-cdk-signer-signing-profile", + "children": { + "SigningProfileLambda": { + "id": "SigningProfileLambda", + "path": "aws-cdk-signer-signing-profile/SigningProfileLambda", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-signer-signing-profile/SigningProfileLambda/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Signer::SigningProfile", + "aws:cdk:cloudformation:props": { + "platformId": "AWSLambda-SHA384-ECDSA", + "signatureValidityPeriod": { + "type": "MONTHS", + "value": 135 + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_signer.CfnSigningProfile", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_signer.SigningProfile", + "version": "0.0.0" + } + }, + "SigningProfileOCI": { + "id": "SigningProfileOCI", + "path": "aws-cdk-signer-signing-profile/SigningProfileOCI", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-signer-signing-profile/SigningProfileOCI/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Signer::SigningProfile", + "aws:cdk:cloudformation:props": { + "platformId": "Notation-OCI-SHA384-ECDSA", + "signatureValidityPeriod": { + "type": "DAYS", + "value": 60 + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_signer.CfnSigningProfile", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_signer.SigningProfile", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-signer-signing-profile/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-signer-signing-profile/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-signer-signing-profile": { + "id": "cdk-integ-signer-signing-profile", + "path": "cdk-integ-signer-signing-profile", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-signer-signing-profile/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-signer-signing-profile/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-signer-signing-profile/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-signer-signing-profile/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-signer-signing-profile/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.ts new file mode 100644 index 0000000000000..fbbd536cd3eba --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-signer/integ.signing-profile.ts @@ -0,0 +1,21 @@ +#!/usr/bin/env node +import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as signer from 'aws-cdk-lib/aws-signer'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-cdk-signer-signing-profile'); + +new signer.SigningProfile(stack, 'SigningProfileLambda', { + platform: signer.Platform.AWS_LAMBDA_SHA384_ECDSA, +}); + +new signer.SigningProfile(stack, 'SigningProfileOCI', { + platform: signer.Platform.NOTATION_OCI_SHA384_ECDSA, + signatureValidity: cdk.Duration.days(60), +}); + +new IntegTest(app, 'cdk-integ-signer-signing-profile', { + testCases: [stack], +}); diff --git a/packages/aws-cdk-lib/aws-signer/lib/signing-profile.ts b/packages/aws-cdk-lib/aws-signer/lib/signing-profile.ts index 8637f242f5a36..d562dfa566393 100644 --- a/packages/aws-cdk-lib/aws-signer/lib/signing-profile.ts +++ b/packages/aws-cdk-lib/aws-signer/lib/signing-profile.ts @@ -10,32 +10,47 @@ export class Platform { /** * Specification of signature format and signing algorithms for AWS IoT Device. */ - public static readonly AWS_IOT_DEVICE_MANAGEMENT_SHA256_ECDSA = new Platform('AWSIoTDeviceManagement-SHA256-ECDSA'); + public static readonly AWS_IOT_DEVICE_MANAGEMENT_SHA256_ECDSA = Platform.of('AWSIoTDeviceManagement-SHA256-ECDSA'); /** * Specification of signature format and signing algorithms for AWS Lambda. */ - public static readonly AWS_LAMBDA_SHA384_ECDSA = new Platform('AWSLambda-SHA384-ECDSA'); + public static readonly AWS_LAMBDA_SHA384_ECDSA = Platform.of('AWSLambda-SHA384-ECDSA'); /** * Specification of signature format and signing algorithms with * SHA1 hash and RSA encryption for Amazon FreeRTOS. */ - public static readonly AMAZON_FREE_RTOS_TI_CC3220SF = new Platform('AmazonFreeRTOS-TI-CC3220SF'); + public static readonly AMAZON_FREE_RTOS_TI_CC3220SF = Platform.of('AmazonFreeRTOS-TI-CC3220SF'); /** * Specification of signature format and signing algorithms with * SHA256 hash and ECDSA encryption for Amazon FreeRTOS. */ - public static readonly AMAZON_FREE_RTOS_DEFAULT = new Platform('AmazonFreeRTOS-Default'); + public static readonly AMAZON_FREE_RTOS_DEFAULT = Platform.of('AmazonFreeRTOS-Default'); /** - * The id of signing platform. + * Specification of signature format and signing algorithms with + * SHA256 hash and ECDSA encryption for container registries with notation. + */ + public static readonly NOTATION_OCI_SHA384_ECDSA = Platform.of('Notation-OCI-SHA384-ECDSA'); + + /** + * Custom signing profile platform. + * * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-signingprofile.html#cfn-signer-signingprofile-platformid + * + * @param platformId - The id of signing platform. */ - public readonly platformId: string; + public static of(platformId: string): Platform { + return new Platform(platformId); + } - private constructor(platformId: string) { + /** + * + * @param platformId - The id of signing platform. + */ + private constructor(public readonly platformId: string) { this.platformId = platformId; } } diff --git a/packages/aws-cdk-lib/aws-signer/test/signing-profile.test.ts b/packages/aws-cdk-lib/aws-signer/test/signing-profile.test.ts index 49075529598fb..e415832424f31 100644 --- a/packages/aws-cdk-lib/aws-signer/test/signing-profile.test.ts +++ b/packages/aws-cdk-lib/aws-signer/test/signing-profile.test.ts @@ -4,15 +4,16 @@ import * as signer from '../lib'; let app: cdk.App; let stack: cdk.Stack; -beforeEach( () => { - app = new cdk.App( {} ); - stack = new cdk.Stack( app ); -} ); + +beforeEach(() => { + app = new cdk.App({}); + stack = new cdk.Stack(app); +}); describe('signing profile', () => { - test( 'default', () => { + test('default', () => { const platform = signer.Platform.AWS_LAMBDA_SHA384_ECDSA; - new signer.SigningProfile( stack, 'SigningProfile', { platform } ); + new signer.SigningProfile(stack, 'SigningProfile', { platform }); Template.fromStack(stack).hasResourceProperties('AWS::Signer::SigningProfile', { PlatformId: platform.platformId, @@ -23,12 +24,12 @@ describe('signing profile', () => { }); }); - test( 'default with signature validity period', () => { + test('default with signature validity period', () => { const platform = signer.Platform.AWS_LAMBDA_SHA384_ECDSA; - new signer.SigningProfile( stack, 'SigningProfile', { + new signer.SigningProfile(stack, 'SigningProfile', { platform, - signatureValidity: cdk.Duration.days( 7 ), - } ); + signatureValidity: cdk.Duration.days(7), + }); Template.fromStack(stack).hasResourceProperties('AWS::Signer::SigningProfile', { PlatformId: platform.platformId, @@ -39,9 +40,9 @@ describe('signing profile', () => { }); }); - test( 'default with some tags', () => { + test('default with some tags', () => { const platform = signer.Platform.AWS_LAMBDA_SHA384_ECDSA; - const signing = new signer.SigningProfile( stack, 'SigningProfile', { platform } ); + const signing = new signer.SigningProfile(stack, 'SigningProfile', { platform }); cdk.Tags.of(signing).add('tag1', 'value1'); cdk.Tags.of(signing).add('tag2', 'value2'); @@ -70,6 +71,19 @@ describe('signing profile', () => { }); }); + test('default container registries with notation platform', () => { + const platform = signer.Platform.NOTATION_OCI_SHA384_ECDSA; + new signer.SigningProfile(stack, 'SigningProfile', { platform }); + + Template.fromStack(stack).hasResourceProperties('AWS::Signer::SigningProfile', { + PlatformId: platform.platformId, + SignatureValidityPeriod: { + Type: 'MONTHS', + Value: 135, + }, + }); + }); + describe('import', () => { test('from signingProfileProfileName and signingProfileProfileVersion', () => { const signingProfileName = 'test'; @@ -111,5 +125,5 @@ describe('signing profile', () => { }); Template.fromStack(stack).templateMatches({}); }); - } ); + }); }); From d184ac2c7dde4d40e39ea31a009ff0b31d064755 Mon Sep 17 00:00:00 2001 From: Andrew Hammond <445764+ahammond@users.noreply.github.com> Date: Mon, 8 Jan 2024 09:46:46 -0800 Subject: [PATCH 4/6] feat(pipelines): expose crossRegionReplicationBuckets (#28447) Closes #28446. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../PipelineStack.assets.json | 20 + .../PipelineStack.template.json | 918 +++++++ .../PipelineStackPipeline9DB740AF.dot | 55 + ...lineStackuseast1Queue1822FD5F8.assets.json | 20 + ...neStackuseast1Queue1822FD5F8.template.json | 43 + .../assembly-PipelineStack-us-east-1/cdk.out | 1 + .../manifest.json | 60 + ...lineStackuswest2Queue1C1AD8043.assets.json | 20 + ...neStackuswest2Queue1C1AD8043.template.json | 43 + .../assembly-PipelineStack-us-west-2/cdk.out | 1 + .../manifest.json | 60 + .../index.js | 1 + .../cdk.out | 1 + ...efaultTestDeployAssertFB66B33F.assets.json | 19 + ...aultTestDeployAssertFB66B33F.template.json | 36 + .../integ.json | 14 + .../manifest.json | 363 +++ .../tree.json | 2125 +++++++++++++++++ .../usEast1S3Stack.assets.json | 34 + .../usEast1S3Stack.template.json | 306 +++ .../usWest2S3Stack.assets.json | 34 + .../usWest2S3Stack.template.json | 285 +++ ...e-with-cross-region-replication-buckets.ts | 112 + packages/aws-cdk-lib/pipelines/README.md | 46 + .../lib/codepipeline/codepipeline.ts | 14 + .../codepipeline-existing.test.ts | 16 + .../rosetta/pipelines/default.ts-fixture | 1 + 27 files changed, 4648 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStackPipeline9DB740AF.dot create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3/index.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.assets.json new file mode 100644 index 0000000000000..81987a6476a91 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.assets.json @@ -0,0 +1,20 @@ +{ + "version": "36.0.0", + "files": { + "7ef69b8c181a37746d9dd86efa256698f93bd815bd82571bc18eee7c39ba9436": { + "source": { + "path": "PipelineStack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-us-east-1": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", + "objectKey": "7ef69b8c181a37746d9dd86efa256698f93bd815bd82571bc18eee7c39ba9436.json", + "region": "us-east-1", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.template.json new file mode 100644 index 0000000000000..30d593d002a21 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStack.template.json @@ -0,0 +1,918 @@ +{ + "Resources": { + "PipelineRoleB27FAA37": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codepipeline.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineRoleDefaultPolicy7BDC1ABB": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::us-west-2-newpipeline-with-cross-region-replication-buckets", + "arn:aws:s3:::us-west-2-newpipeline-with-cross-region-replication-buckets/*", + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + }, + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineRoleDefaultPolicy7BDC1ABB", + "Roles": [ + { + "Ref": "PipelineRoleB27FAA37" + } + ] + } + }, + "Pipeline9850B417": { + "Type": "AWS::CodePipeline::Pipeline", + "Properties": { + "ArtifactStores": [ + { + "ArtifactStore": { + "Location": { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputRefRegionalBucketF5C80E4B3E52A444" + }, + "Type": "S3" + }, + "Region": "us-east-1" + }, + { + "ArtifactStore": { + "Location": "us-west-2-newpipeline-with-cross-region-replication-buckets", + "Type": "S3" + }, + "Region": "us-west-2" + } + ], + "RestartExecutionOnUpdate": true, + "RoleArn": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + }, + "Stages": [ + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Source", + "Owner": "ThirdParty", + "Provider": "GitHub", + "Version": "1" + }, + "Configuration": { + "Owner": "jose-clickup", + "Repo": "cdk-pipelines-demo", + "Branch": "main", + "OAuthToken": "{{resolve:secretsmanager:github-token:SecretString:::}}", + "PollForSourceChanges": false + }, + "Name": "jose-clickup_cdk-pipelines-demo", + "OutputArtifacts": [ + { + "Name": "jose_clickup_cdk_pipelines_demo_Source" + } + ], + "RunOrder": 1 + } + ], + "Name": "Source" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Build", + "Owner": "AWS", + "Provider": "CodeBuild", + "Version": "1" + }, + "Configuration": { + "ProjectName": { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"9846e726ec481ed25679c0170187f40b4920586fd0e7314d24f56620d9f53f5b\"}]" + }, + "InputArtifacts": [ + { + "Name": "jose_clickup_cdk_pipelines_demo_Source" + } + ], + "Name": "Synth", + "OutputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "RoleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + "RunOrder": 1 + } + ], + "Name": "Build" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Build", + "Owner": "AWS", + "Provider": "CodeBuild", + "Version": "1" + }, + "Configuration": { + "ProjectName": { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"167eef1378d6e6ad8c4c8da3461f900d6e066cd0916052ee812a8d94b87ad38c\"}]" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "SelfMutate", + "RoleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + "RunOrder": 1 + } + ], + "Name": "UpdatePipeline" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "us-east-1-Queue1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "us-east-1.Queue1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "us-west-2-Queue1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "us-west-2.Queue1.Prepare", + "Region": "us-west-2", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "us-east-1-Queue1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "us-east-1.Queue1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "us-west-2-Queue1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "us-west-2.Queue1.Deploy", + "Region": "us-west-2", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "RunOrder": 2 + } + ], + "Name": "MultiRegion" + } + ] + }, + "DependsOn": [ + "PipelineRoleDefaultPolicy7BDC1ABB", + "PipelineRoleB27FAA37" + ] + }, + "PipelineSourcejoseclickupcdkpipelinesdemoWebhookResourceEAB0C0F4": { + "Type": "AWS::CodePipeline::Webhook", + "Properties": { + "Authentication": "GITHUB_HMAC", + "AuthenticationConfiguration": { + "SecretToken": "{{resolve:secretsmanager:github-token:SecretString:::}}" + }, + "Filters": [ + { + "JsonPath": "$.ref", + "MatchEquals": "refs/heads/{Branch}" + } + ], + "RegisterWithThirdParty": true, + "TargetAction": "jose-clickup_cdk-pipelines-demo", + "TargetPipeline": { + "Ref": "Pipeline9850B417" + }, + "TargetPipelineVersion": 1 + } + }, + "PipelineBuildSynthCdkBuildProjectRole231EEA2A": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:aws:codebuild:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "-*" + ] + ] + } + }, + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C", + "Roles": [ + { + "Ref": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ] + } + }, + "PipelineBuildSynthCdkBuildProject6BEFA8E6": { + "Type": "AWS::CodeBuild::Project", + "Properties": { + "Artifacts": { + "Type": "CODEPIPELINE" + }, + "Cache": { + "Type": "NO_CACHE" + }, + "Description": "Pipeline step PipelineStack/Pipeline/Build/Synth", + "EncryptionKey": "alias/aws/s3", + "Environment": { + "ComputeType": "BUILD_GENERAL1_SMALL", + "Image": "aws/codebuild/standard:7.0", + "ImagePullCredentialsType": "CODEBUILD", + "PrivilegedMode": false, + "Type": "LINUX_CONTAINER" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProjectRole231EEA2A", + "Arn" + ] + }, + "Source": { + "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"build\": {\n \"commands\": [\n \"npm ci\",\n \"npm run build\",\n \"npx cdk synth\"\n ]\n }\n },\n \"artifacts\": {\n \"base-directory\": \"cdk.out\",\n \"files\": \"**/*\"\n }\n}", + "Type": "CODEPIPELINE" + } + } + }, + "PipelineCodeBuildActionRole226DB0CB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "codebuild:BatchGetBuilds", + "codebuild:StartBuild", + "codebuild:StopBuild" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProject6BEFA8E6", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationDAA41400", + "Arn" + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE", + "Roles": [ + { + "Ref": "PipelineCodeBuildActionRole226DB0CB" + } + ] + } + }, + "PipelineUpdatePipelineSelfMutationRole57E559E8": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:aws:codebuild:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "-*" + ] + ] + } + }, + { + "Action": "sts:AssumeRole", + "Condition": { + "ForAnyValue:StringEquals": { + "iam:ResourceTag/aws-cdk:bootstrap-role": [ + "image-publishing", + "file-publishing", + "deploy" + ] + } + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:*:iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/*" + ] + ] + } + }, + { + "Action": [ + "cloudformation:DescribeStacks", + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E", + "Roles": [ + { + "Ref": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ] + } + }, + "PipelineUpdatePipelineSelfMutationDAA41400": { + "Type": "AWS::CodeBuild::Project", + "Properties": { + "Artifacts": { + "Type": "CODEPIPELINE" + }, + "Cache": { + "Type": "NO_CACHE" + }, + "Description": "Pipeline step PipelineStack/Pipeline/UpdatePipeline/SelfMutate", + "EncryptionKey": "alias/aws/s3", + "Environment": { + "ComputeType": "BUILD_GENERAL1_SMALL", + "Image": "aws/codebuild/standard:7.0", + "ImagePullCredentialsType": "CODEBUILD", + "PrivilegedMode": false, + "Type": "LINUX_CONTAINER" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationRole57E559E8", + "Arn" + ] + }, + "Source": { + "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g aws-cdk@2\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk -a . deploy PipelineStack --require-approval=never --verbose\"\n ]\n }\n }\n}", + "Type": "CODEPIPELINE" + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStackPipeline9DB740AF.dot b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStackPipeline9DB740AF.dot new file mode 100644 index 0000000000000..7e39513541b14 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/PipelineStackPipeline9DB740AF.dot @@ -0,0 +1,55 @@ +digraph G { + # Arrows represent an "unlocks" relationship (opposite of dependency). So chosen + # because the layout looks more natural that way. + # To represent subgraph dependencies, subgraphs are represented by BEGIN/END nodes. + # To render: `dot -Tsvg PipelineStackPipeline9DB740AF.dot > graph.svg`, open in a browser. + node [shape="box"]; +"BEGIN Build" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END Build" [shape="cds", style="filled", fillcolor="#b7deff"]; +"Build.Synth"; +"Source.jose-clickup/cdk-pipelines-demo" -> "Build.Synth"; +"BEGIN Build" -> "Build.Synth"; +"Build.Synth" -> "END Build"; +"BEGIN UpdatePipeline" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END UpdatePipeline" [shape="cds", style="filled", fillcolor="#b7deff"]; +"UpdatePipeline.SelfMutate"; +"Build.Synth" -> "UpdatePipeline.SelfMutate"; +"BEGIN UpdatePipeline" -> "UpdatePipeline.SelfMutate"; +"UpdatePipeline.SelfMutate" -> "END UpdatePipeline"; +"BEGIN MultiRegion" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END MultiRegion" [shape="cds", style="filled", fillcolor="#b7deff"]; +"UpdatePipeline.SelfMutate" -> "BEGIN MultiRegion"; +"BEGIN MultiRegion.us-east-1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END MultiRegion.us-east-1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"BEGIN MultiRegion.us-east-1.Queue1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END MultiRegion.us-east-1.Queue1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"MultiRegion.us-east-1.Queue1.Deploy"; +"MultiRegion.us-east-1.Queue1.Prepare" -> "MultiRegion.us-east-1.Queue1.Deploy"; +"MultiRegion.us-east-1.Queue1.Prepare"; +"Build.Synth" -> "MultiRegion.us-east-1.Queue1.Prepare"; +"BEGIN MultiRegion.us-east-1.Queue1" -> "MultiRegion.us-east-1.Queue1.Prepare"; +"MultiRegion.us-east-1.Queue1.Deploy" -> "END MultiRegion.us-east-1.Queue1"; +"BEGIN MultiRegion.us-east-1" -> "BEGIN MultiRegion.us-east-1.Queue1"; +"END MultiRegion.us-east-1.Queue1" -> "END MultiRegion.us-east-1"; +"BEGIN MultiRegion.us-west-2" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END MultiRegion.us-west-2" [shape="cds", style="filled", fillcolor="#b7deff"]; +"BEGIN MultiRegion.us-west-2.Queue1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END MultiRegion.us-west-2.Queue1" [shape="cds", style="filled", fillcolor="#b7deff"]; +"MultiRegion.us-west-2.Queue1.Deploy"; +"MultiRegion.us-west-2.Queue1.Prepare" -> "MultiRegion.us-west-2.Queue1.Deploy"; +"MultiRegion.us-west-2.Queue1.Prepare"; +"Build.Synth" -> "MultiRegion.us-west-2.Queue1.Prepare"; +"BEGIN MultiRegion.us-west-2.Queue1" -> "MultiRegion.us-west-2.Queue1.Prepare"; +"MultiRegion.us-west-2.Queue1.Deploy" -> "END MultiRegion.us-west-2.Queue1"; +"BEGIN MultiRegion.us-west-2" -> "BEGIN MultiRegion.us-west-2.Queue1"; +"END MultiRegion.us-west-2.Queue1" -> "END MultiRegion.us-west-2"; +"BEGIN MultiRegion" -> "BEGIN MultiRegion.us-east-1"; +"BEGIN MultiRegion" -> "BEGIN MultiRegion.us-west-2"; +"END MultiRegion.us-east-1" -> "END MultiRegion"; +"END MultiRegion.us-west-2" -> "END MultiRegion"; +"BEGIN Source" [shape="cds", style="filled", fillcolor="#b7deff"]; +"END Source" [shape="cds", style="filled", fillcolor="#b7deff"]; +"Source.jose-clickup/cdk-pipelines-demo"; +"BEGIN Source" -> "Source.jose-clickup/cdk-pipelines-demo"; +"Source.jose-clickup/cdk-pipelines-demo" -> "END Source"; +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.assets.json new file mode 100644 index 0000000000000..ee3b8cd59ea37 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.assets.json @@ -0,0 +1,20 @@ +{ + "version": "36.0.0", + "files": { + "0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5": { + "source": { + "path": "PipelineStackuseast1Queue1822FD5F8.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-us-east-1": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", + "objectKey": "0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5.json", + "region": "us-east-1", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json new file mode 100644 index 0000000000000..132b710b85c15 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json @@ -0,0 +1,43 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/manifest.json new file mode 100644 index 0000000000000..09464ce251ef7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-east-1/manifest.json @@ -0,0 +1,60 @@ +{ + "version": "36.0.0", + "artifacts": { + "PipelineStackuseast1Queue1822FD5F8.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackuseast1Queue1822FD5F8.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackuseast1Queue1822FD5F8": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/us-east-1", + "properties": { + "templateFile": "PipelineStackuseast1Queue1822FD5F8.template.json", + "terminationProtection": false, + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1/0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackuseast1Queue1822FD5F8.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-us-east-1", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "us-east-1-Queue1" + }, + "dependencies": [ + "PipelineStackuseast1Queue1822FD5F8.assets" + ], + "metadata": { + "/PipelineStack/us-east-1/Queue1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/us-east-1/Queue1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/us-east-1/Queue1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/us-east-1/Queue1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.assets.json new file mode 100644 index 0000000000000..bf33a9a36c1e7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.assets.json @@ -0,0 +1,20 @@ +{ + "version": "36.0.0", + "files": { + "0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5": { + "source": { + "path": "PipelineStackuswest2Queue1C1AD8043.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-us-west-2": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2", + "objectKey": "0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5.json", + "region": "us-west-2", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-west-2" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json new file mode 100644 index 0000000000000..132b710b85c15 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json @@ -0,0 +1,43 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/manifest.json new file mode 100644 index 0000000000000..9caf57624ba77 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/assembly-PipelineStack-us-west-2/manifest.json @@ -0,0 +1,60 @@ +{ + "version": "36.0.0", + "artifacts": { + "PipelineStackuswest2Queue1C1AD8043.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackuswest2Queue1C1AD8043.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackuswest2Queue1C1AD8043": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/us-west-2", + "properties": { + "templateFile": "PipelineStackuswest2Queue1C1AD8043.template.json", + "terminationProtection": false, + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2/0cb2dea76b65bd66a374af57914e8583b3c20712b5758474102ef97620d68ec5.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackuswest2Queue1C1AD8043.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-us-west-2", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "us-west-2-Queue1" + }, + "dependencies": [ + "PipelineStackuswest2Queue1C1AD8043.assets" + ], + "metadata": { + "/PipelineStack/us-west-2/Queue1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/us-west-2/Queue1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/us-west-2/Queue1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/us-west-2/Queue1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3/index.js b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3/index.js new file mode 100644 index 0000000000000..9d841e15260d7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3/index.js @@ -0,0 +1 @@ +"use strict";var C=Object.create;var i=Object.defineProperty;var I=Object.getOwnPropertyDescriptor;var w=Object.getOwnPropertyNames;var P=Object.getPrototypeOf,A=Object.prototype.hasOwnProperty;var L=(e,t)=>{for(var o in t)i(e,o,{get:t[o],enumerable:!0})},d=(e,t,o,r)=>{if(t&&typeof t=="object"||typeof t=="function")for(let s of w(t))!A.call(e,s)&&s!==o&&i(e,s,{get:()=>t[s],enumerable:!(r=I(t,s))||r.enumerable});return e};var l=(e,t,o)=>(o=e!=null?C(P(e)):{},d(t||!e||!e.__esModule?i(o,"default",{value:e,enumerable:!0}):o,e)),k=e=>d(i({},"__esModule",{value:!0}),e);var U={};L(U,{autoDeleteHandler:()=>S,handler:()=>_});module.exports=k(U);var h=require("@aws-sdk/client-s3");var y=l(require("https")),m=l(require("url")),a={sendHttpRequest:T,log:b,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",B="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(e){return async(t,o)=>{let r={...t,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),t.RequestType==="Delete"&&t.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",t);return}try{let s=await e(r,o),n=D(t,s);await u("SUCCESS",n)}catch(s){let n={...t,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(t.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(t)}`)),await u("FAILED",n)}}}function D(e,t={}){let o=t.PhysicalResourceId??e.PhysicalResourceId??e.RequestId;if(e.RequestType==="Delete"&&o!==e.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${e.PhysicalResourceId}" to "${t.PhysicalResourceId}" during deletion`);return{...e,...t,PhysicalResourceId:o}}async function u(e,t){let o={Status:e,Reason:t.Reason??e,StackId:t.StackId,RequestId:t.RequestId,PhysicalResourceId:t.PhysicalResourceId||B,LogicalResourceId:t.LogicalResourceId,NoEcho:t.NoEcho,Data:t.Data};a.log("submit response to cloudformation",o);let r=JSON.stringify(o),s=m.parse(t.ResponseURL),n={hostname:s.hostname,path:s.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(r,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(n,r)}async function T(e,t){return new Promise((o,r)=>{try{let s=y.request(e,n=>o());s.on("error",r),s.write(t),s.end()}catch(s){r(s)}})}function b(e,...t){console.log(e,...t)}function O(e,t){return async(...o)=>{let r=e.attempts,s=e.sleep;for(;;)try{return await t(...o)}catch(n){if(r--<=0)throw n;await x(Math.floor(Math.random()*s)),s*=2}}}async function x(e){return new Promise(t=>setTimeout(t,e))}var g="aws-cdk:auto-delete-objects",H=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),_=R(S);async function S(e){switch(e.RequestType){case"Create":return;case"Update":return F(e);case"Delete":return f(e.ResourceProperties?.BucketName)}}async function F(e){let t=e,o=t.OldResourceProperties?.BucketName,r=t.ResourceProperties?.BucketName;if(r!=null&&o!=null&&r!==o)return f(o)}async function N(e){try{let t=(await c.getBucketPolicy({Bucket:e}))?.Policy??H,o=JSON.parse(t);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${e}/*`]}),await c.putBucketPolicy({Bucket:e,Policy:JSON.stringify(o)})}catch(t){if(t.name==="NoSuchBucket")throw t;console.log(`Could not set new object deny policy on bucket '${e}' prior to deletion.`)}}async function E(e){let t=await c.listObjectVersions({Bucket:e}),o=[...t.Versions??[],...t.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:e,Delete:{Objects:r}}),t?.IsTruncated&&await E(e)}async function f(e){if(!e)throw new Error("No BucketName was provided.");try{if(!await W(e)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await N(e),await E(e)}catch(t){if(t.name==="NoSuchBucket"){console.log(`Bucket '${e}' does not exist.`);return}throw t}}async function W(e){return(await c.getBucketTagging({Bucket:e})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}0&&(module.exports={autoDeleteHandler,handler}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets.json new file mode 100644 index 0000000000000..b60f3d5dac4ab --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/integ.json new file mode 100644 index 0000000000000..7e473fa163179 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/integ.json @@ -0,0 +1,14 @@ +{ + "version": "36.0.0", + "testCases": { + "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest": { + "stacks": [ + "PipelineStack", + "usEast1S3Stack", + "usWest2S3Stack" + ], + "assertionStack": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/manifest.json new file mode 100644 index 0000000000000..0a3f70b362a29 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/manifest.json @@ -0,0 +1,363 @@ +{ + "version": "36.0.0", + "artifacts": { + "assembly-PipelineStack-us-east-1": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-us-east-1", + "displayName": "PipelineStack/us-east-1" + } + }, + "assembly-PipelineStack-us-west-2": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-us-west-2", + "displayName": "PipelineStack/us-west-2" + } + }, + "usEast1S3Stack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "usEast1S3Stack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "usEast1S3Stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/us-east-1", + "properties": { + "templateFile": "usEast1S3Stack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1/dcb3b9d224db2e26297b5d99818cb49212a518e995d9fbba3f43d0f3cbb95373.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "usEast1S3Stack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-us-east-1", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "usEast1S3Stack.assets" + ], + "metadata": { + "/usEast1S3Stack/RegionalBucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketF5C80E4B" + } + ], + "/usEast1S3Stack/RegionalBucket/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketPolicyC6508E8A" + } + ], + "/usEast1S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketAutoDeleteObjectsCustomResource10BE89C6" + } + ], + "/usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + } + ], + "/usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" + } + ], + "/usEast1S3Stack/Exports/Output{\"Fn::GetAtt\":[\"RegionalBucketF5C80E4B\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + } + ], + "/usEast1S3Stack/Exports/Output{\"Ref\":\"RegionalBucketF5C80E4B\"}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputRefRegionalBucketF5C80E4B3E52A444" + } + ], + "/usEast1S3Stack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/usEast1S3Stack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "usEast1S3Stack" + }, + "usWest2S3Stack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "usWest2S3Stack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "usWest2S3Stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/us-west-2", + "properties": { + "templateFile": "usWest2S3Stack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2/be060ef9e9df7c21dec49e21423280cd2c208089a6f149a020bd51bb222fd15f.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "usWest2S3Stack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-us-west-2", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "usWest2S3Stack.assets" + ], + "metadata": { + "/usWest2S3Stack/RegionalBucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketF5C80E4B" + } + ], + "/usWest2S3Stack/RegionalBucket/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketPolicyC6508E8A" + } + ], + "/usWest2S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "RegionalBucketAutoDeleteObjectsCustomResource10BE89C6" + } + ], + "/usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + } + ], + "/usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" + } + ], + "/usWest2S3Stack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/usWest2S3Stack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "usWest2S3Stack" + }, + "PipelineStack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/us-east-1", + "properties": { + "templateFile": "PipelineStack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1/7ef69b8c181a37746d9dd86efa256698f93bd815bd82571bc18eee7c39ba9436.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-us-east-1", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "usWest2S3Stack", + "usEast1S3Stack", + "PipelineStack.assets" + ], + "metadata": { + "/PipelineStack/Pipeline/Pipeline/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineRoleB27FAA37" + } + ], + "/PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineRoleDefaultPolicy7BDC1ABB" + } + ], + "/PipelineStack/Pipeline/Pipeline/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Pipeline9850B417" + } + ], + "/PipelineStack/Pipeline/Pipeline/Source/jose-clickup_cdk-pipelines-demo/WebhookResource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineSourcejoseclickupcdkpipelinesdemoWebhookResourceEAB0C0F4" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ], + "/PipelineStack/Pipeline/CodeBuildActionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineCodeBuildActionRole226DB0CB" + } + ], + "/PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ], + "/PipelineStack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack" + }, + "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegcodepipelinewithcrossregionreplicationbucketsDefaultTestDeployAssertFB66B33F.assets" + ], + "metadata": { + "/cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/tree.json new file mode 100644 index 0000000000000..6647147e9ba1a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/tree.json @@ -0,0 +1,2125 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "usEast1S3Stack": { + "id": "usEast1S3Stack", + "path": "usEast1S3Stack", + "children": { + "RegionalBucket": { + "id": "RegionalBucket", + "path": "usEast1S3Stack/RegionalBucket", + "children": { + "Resource": { + "id": "Resource", + "path": "usEast1S3Stack/RegionalBucket/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": { + "bucketEncryption": { + "serverSideEncryptionConfiguration": [ + { + "serverSideEncryptionByDefault": { + "sseAlgorithm": "AES256" + } + } + ] + }, + "bucketName": "us-east-1-newpipeline-with-cross-region-replication-buckets", + "publicAccessBlockConfiguration": { + "blockPublicAcls": true, + "blockPublicPolicy": true, + "ignorePublicAcls": true, + "restrictPublicBuckets": true + }, + "tags": [ + { + "key": "aws-cdk:auto-delete-objects", + "value": "true" + } + ], + "versioningConfiguration": { + "status": "Enabled" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "usEast1S3Stack/RegionalBucket/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "usEast1S3Stack/RegionalBucket/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy", + "aws:cdk:cloudformation:props": { + "bucket": { + "Ref": "RegionalBucketF5C80E4B" + }, + "policyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*", + "s3:PutBucketPolicy" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketPolicy", + "version": "0.0.0" + } + }, + "AutoDeleteObjectsCustomResource": { + "id": "AutoDeleteObjectsCustomResource", + "path": "usEast1S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource", + "children": { + "Default": { + "id": "Default", + "path": "usEast1S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource/Default", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.Bucket", + "version": "0.0.0" + } + }, + "Custom::S3AutoDeleteObjectsCustomResourceProvider": { + "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider", + "path": "usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider", + "children": { + "Staging": { + "id": "Staging", + "path": "usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "usEast1S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResourceProviderBase", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "usEast1S3Stack/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"RegionalBucketF5C80E4B\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"RegionalBucketF5C80E4B\",\"Arn\"]}", + "path": "usEast1S3Stack/Exports/Output{\"Fn::GetAtt\":[\"RegionalBucketF5C80E4B\",\"Arn\"]}", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "Output{\"Ref\":\"RegionalBucketF5C80E4B\"}": { + "id": "Output{\"Ref\":\"RegionalBucketF5C80E4B\"}", + "path": "usEast1S3Stack/Exports/Output{\"Ref\":\"RegionalBucketF5C80E4B\"}", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "usEast1S3Stack/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "usEast1S3Stack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "usWest2S3Stack": { + "id": "usWest2S3Stack", + "path": "usWest2S3Stack", + "children": { + "RegionalBucket": { + "id": "RegionalBucket", + "path": "usWest2S3Stack/RegionalBucket", + "children": { + "Resource": { + "id": "Resource", + "path": "usWest2S3Stack/RegionalBucket/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": { + "bucketEncryption": { + "serverSideEncryptionConfiguration": [ + { + "serverSideEncryptionByDefault": { + "sseAlgorithm": "AES256" + } + } + ] + }, + "bucketName": "us-west-2-newpipeline-with-cross-region-replication-buckets", + "publicAccessBlockConfiguration": { + "blockPublicAcls": true, + "blockPublicPolicy": true, + "ignorePublicAcls": true, + "restrictPublicBuckets": true + }, + "tags": [ + { + "key": "aws-cdk:auto-delete-objects", + "value": "true" + } + ], + "versioningConfiguration": { + "status": "Enabled" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "usWest2S3Stack/RegionalBucket/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "usWest2S3Stack/RegionalBucket/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy", + "aws:cdk:cloudformation:props": { + "bucket": { + "Ref": "RegionalBucketF5C80E4B" + }, + "policyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*", + "s3:PutBucketPolicy" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketPolicy", + "version": "0.0.0" + } + }, + "AutoDeleteObjectsCustomResource": { + "id": "AutoDeleteObjectsCustomResource", + "path": "usWest2S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource", + "children": { + "Default": { + "id": "Default", + "path": "usWest2S3Stack/RegionalBucket/AutoDeleteObjectsCustomResource/Default", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.Bucket", + "version": "0.0.0" + } + }, + "Custom::S3AutoDeleteObjectsCustomResourceProvider": { + "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider", + "path": "usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider", + "children": { + "Staging": { + "id": "Staging", + "path": "usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "usWest2S3Stack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResourceProviderBase", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "usWest2S3Stack/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "usWest2S3Stack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "PipelineStack": { + "id": "PipelineStack", + "path": "PipelineStack", + "children": { + "Pipeline": { + "id": "Pipeline", + "path": "PipelineStack/Pipeline", + "children": { + "Pipeline": { + "id": "Pipeline", + "path": "PipelineStack/Pipeline/Pipeline", + "children": { + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/Pipeline/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/Pipeline/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codepipeline.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::us-west-2-newpipeline-with-cross-region-replication-buckets", + "arn:aws:s3:::us-west-2-newpipeline-with-cross-region-replication-buckets/*", + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + }, + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineRoleDefaultPolicy7BDC1ABB", + "roles": [ + { + "Ref": "PipelineRoleB27FAA37" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodePipeline::Pipeline", + "aws:cdk:cloudformation:props": { + "artifactStores": [ + { + "region": "us-east-1", + "artifactStore": { + "type": "S3", + "location": { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputRefRegionalBucketF5C80E4B3E52A444" + } + } + }, + { + "region": "us-west-2", + "artifactStore": { + "type": "S3", + "location": "us-west-2-newpipeline-with-cross-region-replication-buckets" + } + } + ], + "restartExecutionOnUpdate": true, + "roleArn": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + }, + "stages": [ + { + "name": "Source", + "actions": [ + { + "name": "jose-clickup_cdk-pipelines-demo", + "outputArtifacts": [ + { + "name": "jose_clickup_cdk_pipelines_demo_Source" + } + ], + "actionTypeId": { + "category": "Source", + "version": "1", + "owner": "ThirdParty", + "provider": "GitHub" + }, + "configuration": { + "Owner": "jose-clickup", + "Repo": "cdk-pipelines-demo", + "Branch": "main", + "OAuthToken": "{{resolve:secretsmanager:github-token:SecretString:::}}", + "PollForSourceChanges": false + }, + "runOrder": 1 + } + ] + }, + { + "name": "Build", + "actions": [ + { + "name": "Synth", + "inputArtifacts": [ + { + "name": "jose_clickup_cdk_pipelines_demo_Source" + } + ], + "outputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Build", + "version": "1", + "owner": "AWS", + "provider": "CodeBuild" + }, + "configuration": { + "ProjectName": { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"9846e726ec481ed25679c0170187f40b4920586fd0e7314d24f56620d9f53f5b\"}]" + }, + "runOrder": 1, + "roleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + } + } + ] + }, + { + "name": "UpdatePipeline", + "actions": [ + { + "name": "SelfMutate", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Build", + "version": "1", + "owner": "AWS", + "provider": "CodeBuild" + }, + "configuration": { + "ProjectName": { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"167eef1378d6e6ad8c4c8da3461f900d6e066cd0916052ee812a8d94b87ad38c\"}]" + }, + "runOrder": 1, + "roleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + } + } + ] + }, + { + "name": "MultiRegion", + "actions": [ + { + "name": "us-east-1.Queue1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "us-east-1-Queue1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-us-east-1/PipelineStackuseast1Queue1822FD5F8.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + } + }, + { + "name": "us-west-2.Queue1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "us-west-2-Queue1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-us-west-2/PipelineStackuswest2Queue1C1AD8043.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "region": "us-west-2" + }, + { + "name": "us-east-1.Queue1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "us-east-1-Queue1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + } + }, + { + "name": "us-west-2.Queue1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "us-west-2-Queue1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + }, + "region": "us-west-2" + } + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codepipeline.CfnPipeline", + "version": "0.0.0" + } + }, + "Source": { + "id": "Source", + "path": "PipelineStack/Pipeline/Pipeline/Source", + "children": { + "jose-clickup_cdk-pipelines-demo": { + "id": "jose-clickup_cdk-pipelines-demo", + "path": "PipelineStack/Pipeline/Pipeline/Source/jose-clickup_cdk-pipelines-demo", + "children": { + "WebhookResource": { + "id": "WebhookResource", + "path": "PipelineStack/Pipeline/Pipeline/Source/jose-clickup_cdk-pipelines-demo/WebhookResource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodePipeline::Webhook", + "aws:cdk:cloudformation:props": { + "authentication": "GITHUB_HMAC", + "authenticationConfiguration": { + "secretToken": "{{resolve:secretsmanager:github-token:SecretString:::}}" + }, + "filters": [ + { + "jsonPath": "$.ref", + "matchEquals": "refs/heads/{Branch}" + } + ], + "registerWithThirdParty": true, + "targetAction": "jose-clickup_cdk-pipelines-demo", + "targetPipeline": { + "Ref": "Pipeline9850B417" + }, + "targetPipelineVersion": 1 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codepipeline.CfnWebhook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "Build": { + "id": "Build", + "path": "PipelineStack/Pipeline/Pipeline/Build", + "children": { + "Synth": { + "id": "Synth", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth", + "children": { + "CdkBuildProject": { + "id": "CdkBuildProject", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject", + "children": { + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:aws:codebuild:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "-*" + ] + ] + } + }, + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C", + "roles": [ + { + "Ref": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodeBuild::Project", + "aws:cdk:cloudformation:props": { + "artifacts": { + "type": "CODEPIPELINE" + }, + "cache": { + "type": "NO_CACHE" + }, + "description": "Pipeline step PipelineStack/Pipeline/Build/Synth", + "encryptionKey": "alias/aws/s3", + "environment": { + "type": "LINUX_CONTAINER", + "image": "aws/codebuild/standard:7.0", + "imagePullCredentialsType": "CODEBUILD", + "privilegedMode": false, + "computeType": "BUILD_GENERAL1_SMALL" + }, + "serviceRole": { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProjectRole231EEA2A", + "Arn" + ] + }, + "source": { + "type": "CODEPIPELINE", + "buildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"build\": {\n \"commands\": [\n \"npm ci\",\n \"npm run build\",\n \"npx cdk synth\"\n ]\n }\n },\n \"artifacts\": {\n \"base-directory\": \"cdk.out\",\n \"files\": \"**/*\"\n }\n}" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codebuild.CfnProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codebuild.PipelineProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "UpdatePipeline": { + "id": "UpdatePipeline", + "path": "PipelineStack/Pipeline/Pipeline/UpdatePipeline", + "children": { + "SelfMutate": { + "id": "SelfMutate", + "path": "PipelineStack/Pipeline/Pipeline/UpdatePipeline/SelfMutate", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "MultiRegion": { + "id": "MultiRegion", + "path": "PipelineStack/Pipeline/Pipeline/MultiRegion", + "children": { + "us-east-1.Queue1.Prepare": { + "id": "us-east-1.Queue1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/MultiRegion/us-east-1.Queue1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "us-west-2.Queue1.Prepare": { + "id": "us-west-2.Queue1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/MultiRegion/us-west-2.Queue1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "us-east-1.Queue1.Deploy": { + "id": "us-east-1.Queue1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/MultiRegion/us-east-1.Queue1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "us-west-2.Queue1.Deploy": { + "id": "us-west-2.Queue1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/MultiRegion/us-west-2.Queue1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", + "children": { + "8389e75f-0810-4838-bf64-d6f85a95cf83": { + "id": "8389e75f-0810-4838-bf64-d6f85a95cf83", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1/8389e75f-0810-4838-bf64-d6f85a95cf83", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2", + "children": { + "8389e75f-0810-4838-bf64-d6f85a95cf83": { + "id": "8389e75f-0810-4838-bf64-d6f85a95cf83", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-west-2/8389e75f-0810-4838-bf64-d6f85a95cf83", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-west-2", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codepipeline.Pipeline", + "version": "0.0.0" + } + }, + "CodeBuildActionRole": { + "id": "CodeBuildActionRole", + "path": "PipelineStack/Pipeline/CodeBuildActionRole", + "children": { + "ImportCodeBuildActionRole": { + "id": "ImportCodeBuildActionRole", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/ImportCodeBuildActionRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "codebuild:BatchGetBuilds", + "codebuild:StartBuild", + "codebuild:StopBuild" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProject6BEFA8E6", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationDAA41400", + "Arn" + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE", + "roles": [ + { + "Ref": "PipelineCodeBuildActionRole226DB0CB" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "UpdatePipeline": { + "id": "UpdatePipeline", + "path": "PipelineStack/Pipeline/UpdatePipeline", + "children": { + "SelfMutation": { + "id": "SelfMutation", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation", + "children": { + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:logs:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:aws:codebuild:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "-*" + ] + ] + } + }, + { + "Action": "sts:AssumeRole", + "Condition": { + "ForAnyValue:StringEquals": { + "iam:ResourceTag/aws-cdk:bootstrap-role": [ + "image-publishing", + "file-publishing", + "deploy" + ] + } + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:*:iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/*" + ] + ] + } + }, + { + "Action": [ + "cloudformation:DescribeStacks", + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::ImportValue": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E", + "roles": [ + { + "Ref": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodeBuild::Project", + "aws:cdk:cloudformation:props": { + "artifacts": { + "type": "CODEPIPELINE" + }, + "cache": { + "type": "NO_CACHE" + }, + "description": "Pipeline step PipelineStack/Pipeline/UpdatePipeline/SelfMutate", + "encryptionKey": "alias/aws/s3", + "environment": { + "type": "LINUX_CONTAINER", + "image": "aws/codebuild/standard:7.0", + "imagePullCredentialsType": "CODEBUILD", + "privilegedMode": false, + "computeType": "BUILD_GENERAL1_SMALL" + }, + "serviceRole": { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationRole57E559E8", + "Arn" + ] + }, + "source": { + "type": "CODEPIPELINE", + "buildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g aws-cdk@2\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk -a . deploy PipelineStack --require-approval=never --verbose\"\n ]\n }\n }\n}" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codebuild.CfnProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_codebuild.PipelineProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.pipelines.CodePipeline", + "version": "0.0.0" + } + }, + "us-east-1": { + "id": "us-east-1", + "path": "PipelineStack/us-east-1", + "children": { + "Queue1": { + "id": "Queue1", + "path": "PipelineStack/us-east-1/Queue1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/us-east-1/Queue1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/us-east-1/Queue1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/us-east-1/Queue1/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/us-east-1/Queue1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stage", + "version": "0.0.0" + } + }, + "us-west-2": { + "id": "us-west-2", + "path": "PipelineStack/us-west-2", + "children": { + "Queue1": { + "id": "Queue1", + "path": "PipelineStack/us-west-2/Queue1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/us-west-2/Queue1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/us-west-2/Queue1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/us-west-2/Queue1/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/us-west-2/Queue1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stage", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-codepipeline-with-cross-region-replication-buckets": { + "id": "cdk-integ-codepipeline-with-cross-region-replication-buckets", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-codepipeline-with-cross-region-replication-buckets/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.assets.json new file mode 100644 index 0000000000000..9cba80d2c32f7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.assets.json @@ -0,0 +1,34 @@ +{ + "version": "36.0.0", + "files": { + "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3": { + "source": { + "path": "asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3", + "packaging": "zip" + }, + "destinations": { + "current_account-us-east-1": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", + "objectKey": "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3.zip", + "region": "us-east-1", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" + } + } + }, + "dcb3b9d224db2e26297b5d99818cb49212a518e995d9fbba3f43d0f3cbb95373": { + "source": { + "path": "usEast1S3Stack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-us-east-1": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", + "objectKey": "dcb3b9d224db2e26297b5d99818cb49212a518e995d9fbba3f43d0f3cbb95373.json", + "region": "us-east-1", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.template.json new file mode 100644 index 0000000000000..e638647bfcba3 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usEast1S3Stack.template.json @@ -0,0 +1,306 @@ +{ + "Resources": { + "RegionalBucketF5C80E4B": { + "Type": "AWS::S3::Bucket", + "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, + "BucketName": "us-east-1-newpipeline-with-cross-region-replication-buckets", + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true + }, + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ], + "VersioningConfiguration": { + "Status": "Enabled" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "RegionalBucketPolicyC6508E8A": { + "Type": "AWS::S3::BucketPolicy", + "Properties": { + "Bucket": { + "Ref": "RegionalBucketF5C80E4B" + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*", + "s3:PutBucketPolicy" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-east-1" + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "RegionalBucketAutoDeleteObjectsCustomResource10BE89C6": { + "Type": "Custom::S3AutoDeleteObjects", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", + "Arn" + ] + }, + "BucketName": { + "Ref": "RegionalBucketF5C80E4B" + } + }, + "DependsOn": [ + "RegionalBucketPolicyC6508E8A" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ] + } + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" + }, + "S3Key": "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3.zip" + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + }, + "Runtime": "nodejs18.x", + "Description": { + "Fn::Join": [ + "", + [ + "Lambda function for auto-deleting objects in ", + { + "Ref": "RegionalBucketF5C80E4B" + }, + " S3 bucket." + ] + ] + } + }, + "DependsOn": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + ] + } + }, + "Outputs": { + "ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C": { + "Value": { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "Export": { + "Name": "usEast1S3Stack:ExportsOutputFnGetAttRegionalBucketF5C80E4BArn49E35D9C" + } + }, + "ExportsOutputRefRegionalBucketF5C80E4B3E52A444": { + "Value": { + "Ref": "RegionalBucketF5C80E4B" + }, + "Export": { + "Name": "usEast1S3Stack:ExportsOutputRefRegionalBucketF5C80E4B3E52A444" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.assets.json new file mode 100644 index 0000000000000..b8c0fa5f9737e --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.assets.json @@ -0,0 +1,34 @@ +{ + "version": "36.0.0", + "files": { + "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3": { + "source": { + "path": "asset.2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3", + "packaging": "zip" + }, + "destinations": { + "current_account-us-west-2": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2", + "objectKey": "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3.zip", + "region": "us-west-2", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-west-2" + } + } + }, + "be060ef9e9df7c21dec49e21423280cd2c208089a6f149a020bd51bb222fd15f": { + "source": { + "path": "usWest2S3Stack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-us-west-2": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2", + "objectKey": "be060ef9e9df7c21dec49e21423280cd2c208089a6f149a020bd51bb222fd15f.json", + "region": "us-west-2", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-west-2" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.template.json b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.template.json new file mode 100644 index 0000000000000..64ba53840c761 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.js.snapshot/usWest2S3Stack.template.json @@ -0,0 +1,285 @@ +{ + "Resources": { + "RegionalBucketF5C80E4B": { + "Type": "AWS::S3::Bucket", + "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, + "BucketName": "us-west-2-newpipeline-with-cross-region-replication-buckets", + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true + }, + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ], + "VersioningConfiguration": { + "Status": "Enabled" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "RegionalBucketPolicyC6508E8A": { + "Type": "AWS::S3::BucketPolicy", + "Properties": { + "Bucket": { + "Ref": "RegionalBucketF5C80E4B" + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*", + "s3:PutBucketPolicy" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-us-west-2" + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "RegionalBucketF5C80E4B", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "RegionalBucketAutoDeleteObjectsCustomResource10BE89C6": { + "Type": "Custom::S3AutoDeleteObjects", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", + "Arn" + ] + }, + "BucketName": { + "Ref": "RegionalBucketF5C80E4B" + } + }, + "DependsOn": [ + "RegionalBucketPolicyC6508E8A" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ] + } + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-west-2" + }, + "S3Key": "2ec8ad9e91dcd6e7ad6a5c84ffc6c9c05c408aca3b26ceb2816d81043e6c4dc3.zip" + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + }, + "Runtime": "nodejs18.x", + "Description": { + "Fn::Join": [ + "", + [ + "Lambda function for auto-deleting objects in ", + { + "Ref": "RegionalBucketF5C80E4B" + }, + " S3 bucket." + ] + ] + } + }, + "DependsOn": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.ts b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.ts new file mode 100644 index 0000000000000..ce91fd3fad3f4 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/pipelines/test/integ.newpipeline-with-cross-region-replication-buckets.ts @@ -0,0 +1,112 @@ +// eslint-disable-next-line import/no-extraneous-dependencies +/// !cdk-integ PipelineStack pragma:set-context:@aws-cdk/core:newStyleStackSynthesis=true +import * as sqs from 'aws-cdk-lib/aws-sqs'; +import { + App, + Stack, + StackProps, + Stage, + StageProps, + RemovalPolicy, +} from 'aws-cdk-lib'; +import { Construct } from 'constructs'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import * as pipelines from 'aws-cdk-lib/pipelines'; +import * as s3 from 'aws-cdk-lib/aws-s3'; + +const regionalBuckets: {[key: string]: string} = { + 'us-east-1': 'us-east-1-newpipeline-with-cross-region-replication-buckets', + 'us-west-2': 'us-west-2-newpipeline-with-cross-region-replication-buckets', +}; + +interface CrossRegionReplicationBuckets { + [key: string]: s3.Bucket; +} + +class RegionalS3Stack extends Stack { + public bucket: s3.Bucket; + + constructor(scope: Construct, id: string, props?: StackProps, bucketName?: string) { + super(scope, id, props); + + this.bucket = new s3.Bucket(this, 'RegionalBucket', { + bucketName: bucketName, + blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, + encryption: s3.BucketEncryption.S3_MANAGED, + enforceSSL: true, + versioned: true, + autoDeleteObjects: true, + removalPolicy: RemovalPolicy.DESTROY, + }); + } +} + +class PipelineStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps, crossRegionReplicationBuckets?: CrossRegionReplicationBuckets) { + super(scope, id, props); + + const pipeline = new pipelines.CodePipeline(this, 'Pipeline', { + synth: new pipelines.ShellStep('Synth', { + input: pipelines.CodePipelineSource.gitHub( + 'jose-clickup/cdk-pipelines-demo', + 'main', + ), + commands: ['npm ci', 'npm run build', 'npx cdk synth'], + }), + crossRegionReplicationBuckets, + }); + + const wave = pipeline.addWave('MultiRegion'); + for (const region in regionalBuckets) { + wave.addStage(new AppStage(this, region, { env: { region: region } })); + } + } +} + +class AppStage extends Stage { + constructor(scope: Construct, id: string, props?: StageProps) { + super(scope, id, props); + + const stack1 = new Stack(this, 'Queue1'); + new sqs.Queue(stack1, 'Queue'); + } +} + +const app = new App({ + context: { + '@aws-cdk/core:newStyleStackSynthesis': '1', + }, +}); + +const usEast1S3Stack = new RegionalS3Stack(app, 'usEast1S3Stack', { + env: { + region: 'us-east-1', + }, +}, regionalBuckets['us-east-1']); + +const usWest2S3Stack = new RegionalS3Stack(app, 'usWest2S3Stack', { + env: { + region: 'us-west-2', + }, +}, regionalBuckets['us-west-2']); + +const crossRegionReplicationBuckets = { + 'us-east-1': usEast1S3Stack.bucket, + 'us-west-2': usWest2S3Stack.bucket, +}; + +const pipelineStack = new PipelineStack(app, 'PipelineStack', { + env: { + region: 'us-east-1', + }, +}, crossRegionReplicationBuckets); + +new integ.IntegTest( + app, + 'cdk-integ-codepipeline-with-cross-region-replication-buckets', + { + testCases: [pipelineStack, usEast1S3Stack, usWest2S3Stack], + }, +); + +app.synth(); diff --git a/packages/aws-cdk-lib/pipelines/README.md b/packages/aws-cdk-lib/pipelines/README.md index 4eefcbf3a8991..35cf868d28626 100644 --- a/packages/aws-cdk-lib/pipelines/README.md +++ b/packages/aws-cdk-lib/pipelines/README.md @@ -1232,6 +1232,52 @@ and orphan the old bucket. You should manually delete the orphaned bucket after you are sure you have redeployed all CDK applications and there are no more references to the old asset bucket. +## Considerations around Running at Scale + +If you are planning to run pipelines for more than a hundred repos +deploying across multiple regions, then you will want to consider reusing +both artifacts buckets and cross-region replication buckets. + +In a situation like this, you will want to have a separate CDK app / dedicated repo which creates +and managed the buckets which will be shared by the pipelines of all your other apps. +Note that this app must NOT be using the shared buckets because of chicken & egg issues. + +The following code assumes you have created and are managing your buckets in the aforementioned +separate cdk repo and are just importing them for use in one of your (many) pipelines. + +```ts +declare const sharedXRegionUsWest1BucketArn: string; +declare const sharedXRegionUsWest1KeyArn: string; + +declare const sharedXRegionUsWest2BucketArn: string; +declare const sharedXRegionUsWest2KeyArn: string; + +const usWest1Bucket = s3.Bucket.fromBucketAttributes(scope, 'UsEast1Bucket', { + bucketArn: sharedXRegionUsWest1BucketArn, + encryptionKey: kms.Key.fromKeyArn(scope, 'UsEast1BucketKeyArn', sharedXRegionUsWest1BucketArn), +}); + +const usWest2Bucket = s3.Bucket.fromBucketAttributes(scope, 'UsWest2Bucket', { + bucketArn: sharedXRegionUsWest2BucketArn, + encryptionKey: kms.Key.fromKeyArn(scope, 'UsWest2BucketKeyArn', sharedXRegionUsWest2KeyArn), +}); + +const crossRegionReplicationBuckets: Record = { + 'us-west-1': usWest1Bucket, + 'us-west-2': usWest2Bucket, + // Support for additional regions. +} + +const pipeline = new pipelines.CodePipeline(this, 'Pipeline', { + synth: new pipelines.ShellStep('Synth', { + input: pipelines.CodePipelineSource.connection('my-org/my-app', 'main', { + connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', + }), + commands: ['npm ci','npm run build','npx cdk synth'], + }), // Use shared buckets. + crossRegionReplicationBuckets, +}); +``` ## Context Lookups You might be using CDK constructs that need to look up [runtime diff --git a/packages/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.ts b/packages/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.ts index 92ad511679ebc..d699cd3c45aa1 100644 --- a/packages/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.ts +++ b/packages/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.ts @@ -244,6 +244,16 @@ export interface CodePipelineProps { * @default - A new S3 bucket will be created. */ readonly artifactBucket?: s3.IBucket; + /** + * A map of region to S3 bucket name used for cross-region CodePipeline. + * For every Action that you specify targeting a different region than the Pipeline itself, + * if you don't provide an explicit Bucket for that region using this property, + * the construct will automatically create a Stack containing an S3 Bucket in that region. + * Passed directly through to the {@link cp.Pipeline}. + * + * @default - no cross region replication buckets. + */ + readonly crossRegionReplicationBuckets?: { [region: string]: s3.IBucket }; } /** @@ -440,6 +450,9 @@ export class CodePipeline extends PipelineBase { if (this.props.enableKeyRotation !== undefined) { throw new Error('Cannot set \'enableKeyRotation\' if an existing CodePipeline is given using \'codePipeline\''); } + if (this.props.crossRegionReplicationBuckets !== undefined) { + throw new Error('Cannot set \'crossRegionReplicationBuckets\' if an existing CodePipeline is given using \'codePipeline\''); + } if (this.props.reuseCrossRegionSupportStacks !== undefined) { throw new Error('Cannot set \'reuseCrossRegionSupportStacks\' if an existing CodePipeline is given using \'codePipeline\''); } @@ -455,6 +468,7 @@ export class CodePipeline extends PipelineBase { this._pipeline = new cp.Pipeline(this, 'Pipeline', { pipelineName: this.props.pipelineName, crossAccountKeys: this.props.crossAccountKeys ?? false, + crossRegionReplicationBuckets: this.props.crossRegionReplicationBuckets, reuseCrossRegionSupportStacks: this.props.reuseCrossRegionSupportStacks, // This is necessary to make self-mutation work (deployments are guaranteed // to happen only after the builds of the latest pipeline definition). diff --git a/packages/aws-cdk-lib/pipelines/test/codepipeline/codepipeline-existing.test.ts b/packages/aws-cdk-lib/pipelines/test/codepipeline/codepipeline-existing.test.ts index b63378fedb0c4..1da9b4ecfb71e 100644 --- a/packages/aws-cdk-lib/pipelines/test/codepipeline/codepipeline-existing.test.ts +++ b/packages/aws-cdk-lib/pipelines/test/codepipeline/codepipeline-existing.test.ts @@ -46,4 +46,20 @@ describeDeprecated('codepipeline existing', () => { }); }).toThrow("Cannot set 'enableKeyRotation' if an existing CodePipeline is given using 'codePipeline'"); }); + + test('Does not allow setting crossRegionReplicationBuckets if an existing CodePipeline is given', () => { + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'PipelineStack'); + const existingCodePipeline = new codePipeline.Pipeline(stack, 'CustomCodePipeline'); + + expect(() => { + new cdkp.CodePipeline(stack, 'CDKPipeline', { + crossRegionReplicationBuckets: {}, // Even the empty set is forbidden. + codePipeline: existingCodePipeline, + synth: new cdkp.ShellStep('Synth', { + commands: ['echo hello'], + }), + }).buildPipeline(); + }).toThrow("Cannot set 'crossRegionReplicationBuckets' if an existing CodePipeline is given using 'codePipeline'"); + }); }); \ No newline at end of file diff --git a/packages/aws-cdk-lib/rosetta/pipelines/default.ts-fixture b/packages/aws-cdk-lib/rosetta/pipelines/default.ts-fixture index 61817e5475480..72368fdb67f9b 100644 --- a/packages/aws-cdk-lib/rosetta/pipelines/default.ts-fixture +++ b/packages/aws-cdk-lib/rosetta/pipelines/default.ts-fixture @@ -16,6 +16,7 @@ import secretsmanager = require('aws-cdk-lib/aws-secretsmanager'); import sns = require('aws-cdk-lib/aws-sns'); import subscriptions = require('aws-cdk-lib/aws-sns-subscriptions'); import s3 = require('aws-cdk-lib/aws-s3'); +import kms = require('aws-cdk-lib/aws-kms'); class MyApplicationStage extends Stage { constructor(scope: Construct, id: string, props?: StageProps) { From 050a305d6be65df7e5f1e17668cbf512ead34d23 Mon Sep 17 00:00:00 2001 From: James Cockshull Date: Mon, 8 Jan 2024 18:13:57 +0000 Subject: [PATCH 5/6] docs(pipelines): fix split blockquote (#28616) Unify the orphaned line back into to the blockquote ![Screenshot from 2024-01-08 16-33-10](https://github.com/aws/aws-cdk/assets/18142513/ba9b64c7-8ff4-4f61-afad-63ffb3e43d43) https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines-readme.html#cdk-pipelines ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/pipelines/README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/packages/aws-cdk-lib/pipelines/README.md b/packages/aws-cdk-lib/pipelines/README.md index 35cf868d28626..1e8e0030f9b4c 100644 --- a/packages/aws-cdk-lib/pipelines/README.md +++ b/packages/aws-cdk-lib/pipelines/README.md @@ -16,17 +16,18 @@ everything you need. If you want or need more control, we recommend you drop down to using the `aws-codepipeline` construct library directly. > This module contains two sets of APIs: an **original** and a **modern** version of -CDK Pipelines. The *modern* API has been updated to be easier to work with and -customize, and will be the preferred API going forward. The *original* version -of the API is still available for backwards compatibility, but we recommend migrating -to the new version if possible. +> CDK Pipelines. The *modern* API has been updated to be easier to work with and +> customize, and will be the preferred API going forward. The *original* version +> of the API is still available for backwards compatibility, but we recommend migrating +> to the new version if possible. > > Compared to the original API, the modern API: has more sensible defaults; is > more flexible; supports parallel deployments; supports multiple synth inputs; > allows more control of CodeBuild project generation; supports deployment > engines other than CodePipeline. > -> The README for the original API, as well as a migration guide, can be found in [our GitHub repository](https://github.com/aws/aws-cdk/blob/main/packages/@aws-cdk/pipelines/ORIGINAL_API.md). +> The README for the original API, as well as a migration guide, can be found in +> [our GitHub repository](https://github.com/aws/aws-cdk/blob/main/packages/@aws-cdk/pipelines/ORIGINAL_API.md). ## At a glance From 8562c173227f7b1d522ffaca92338f54d4bb1a01 Mon Sep 17 00:00:00 2001 From: Kendra Neil <53584728+TheRealAmazonKendra@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:05:43 -0800 Subject: [PATCH 6/6] chore(tools): eslint update requires promises.all (#28617) The update on eslint is causing the following error: ``` @aws-cdk/spec2cdk: 165:3 error An array of Promises may be unintentional. Consider handling the promises' fulfillment or rejection with Promise.all or similar, or explicitly marking the expression as ignored with the `void` operator @typescript-eslint/no-floating-promises ``` This PR has been separated out from [28434](https://github.com/aws/aws-cdk/pull/28434) because there are other failures. I am splitting these out to make clear which code is fixing which issue. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../cli-lib-alpha/THIRD_PARTY_LICENSES | 6 +- packages/awslint/package.json | 6 +- tools/@aws-cdk/cdk-build-tools/package.json | 8 +- tools/@aws-cdk/eslint-plugin/package.json | 2 +- tools/@aws-cdk/lazify/package.json | 2 +- tools/@aws-cdk/node-bundle/package.json | 8 +- tools/@aws-cdk/pkglint/package.json | 6 +- tools/@aws-cdk/prlint/package.json | 2 +- tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts | 4 +- yarn.lock | 137 ++++++++++-------- 10 files changed, 96 insertions(+), 85 deletions(-) diff --git a/packages/@aws-cdk/cli-lib-alpha/THIRD_PARTY_LICENSES b/packages/@aws-cdk/cli-lib-alpha/THIRD_PARTY_LICENSES index 9927af86bd644..c430595bb0514 100644 --- a/packages/@aws-cdk/cli-lib-alpha/THIRD_PARTY_LICENSES +++ b/packages/@aws-cdk/cli-lib-alpha/THIRD_PARTY_LICENSES @@ -207,7 +207,7 @@ The @aws-cdk/cli-lib-alpha package includes the following third-party software/l ---------------- -** @jsii/check-node@1.92.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.92.0 | Apache-2.0 +** @jsii/check-node@1.93.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.93.0 | Apache-2.0 jsii Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -471,7 +471,7 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE ---------------- -** aws-sdk@2.1498.0 - https://www.npmjs.com/package/aws-sdk/v/2.1498.0 | Apache-2.0 +** aws-sdk@2.1517.0 - https://www.npmjs.com/package/aws-sdk/v/2.1517.0 | Apache-2.0 AWS SDK for JavaScript Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -668,7 +668,7 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI ---------------- -** cdk-from-cfn@0.84.0 - https://www.npmjs.com/package/cdk-from-cfn/v/0.84.0 | MIT OR Apache-2.0 +** cdk-from-cfn@0.91.0 - https://www.npmjs.com/package/cdk-from-cfn/v/0.91.0 | MIT OR Apache-2.0 ---------------- diff --git a/packages/awslint/package.json b/packages/awslint/package.json index af3b31f1bad82..77852e5d00703 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -31,12 +31,12 @@ "@types/fs-extra": "^9.0.13", "@types/jest": "^29.5.11", "@types/yargs": "^15.0.19", - "@typescript-eslint/eslint-plugin": "^6.14.0", - "@typescript-eslint/parser": "^6.14.0", + "@typescript-eslint/eslint-plugin": "^6.18.0", + "@typescript-eslint/parser": "^6.18.0", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", - "eslint-plugin-import": "^2.29.0", + "eslint-plugin-import": "^2.29.1", "eslint-plugin-jest": "^24.7.0", "jest": "^29.7.0", "typescript": "~5.1.6" diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index 0425000850005..9d42a82b12805 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -47,14 +47,14 @@ "@aws-cdk/eslint-plugin": "0.0.0", "@aws-cdk/yarn-cling": "0.0.0", "@aws-cdk/node-bundle": "0.0.0", - "@typescript-eslint/eslint-plugin": "^6.14.0", - "@typescript-eslint/parser": "^6.14.0", + "@typescript-eslint/eslint-plugin": "^6.18.0", + "@typescript-eslint/parser": "^6.18.0", "awslint": "0.0.0", "chalk": "^4", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", - "eslint-plugin-import": "^2.29.0", + "eslint-plugin-import": "^2.29.1", "eslint-plugin-jest": "^24.7.0", "fs-extra": "^9.1.0", "glob": "^7.2.3", @@ -86,4 +86,4 @@ "ubergen": { "exclude": true } -} +} \ No newline at end of file diff --git a/tools/@aws-cdk/eslint-plugin/package.json b/tools/@aws-cdk/eslint-plugin/package.json index 537021e7f50ae..49d9245a6981a 100644 --- a/tools/@aws-cdk/eslint-plugin/package.json +++ b/tools/@aws-cdk/eslint-plugin/package.json @@ -22,7 +22,7 @@ "typescript": "~5.1.6" }, "dependencies": { - "@typescript-eslint/parser": "^6.14.0", + "@typescript-eslint/parser": "^6.18.0", "eslint": "^7.32.0", "fs-extra": "^9.1.0" }, diff --git a/tools/@aws-cdk/lazify/package.json b/tools/@aws-cdk/lazify/package.json index f84cd226867e2..094d43c472a3d 100644 --- a/tools/@aws-cdk/lazify/package.json +++ b/tools/@aws-cdk/lazify/package.json @@ -30,4 +30,4 @@ }, "main": "lib/index.js", "license": "Apache-2.0" -} +} \ No newline at end of file diff --git a/tools/@aws-cdk/node-bundle/package.json b/tools/@aws-cdk/node-bundle/package.json index 4dacec9b14182..8425029c7d0bb 100644 --- a/tools/@aws-cdk/node-bundle/package.json +++ b/tools/@aws-cdk/node-bundle/package.json @@ -17,12 +17,12 @@ "@types/license-checker": "^25.0.6", "@types/madge": "^5.0.3", "@types/node": "^16", - "@typescript-eslint/eslint-plugin": "^6.14.0", - "@typescript-eslint/parser": "^6.14.0", + "@typescript-eslint/eslint-plugin": "^6.18.0", + "@typescript-eslint/parser": "^6.18.0", "eslint": "^8", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", - "eslint-plugin-import": "^2.29.0", + "eslint-plugin-import": "^2.29.1", "jest": "^29", "jest-junit": "^15", "npm-check-updates": "^16", @@ -87,4 +87,4 @@ }, "types": "lib/index.d.ts", "private": true -} +} \ No newline at end of file diff --git a/tools/@aws-cdk/pkglint/package.json b/tools/@aws-cdk/pkglint/package.json index 0f65942f7848a..07fd03e5a6f9f 100644 --- a/tools/@aws-cdk/pkglint/package.json +++ b/tools/@aws-cdk/pkglint/package.json @@ -43,12 +43,12 @@ "@types/jest": "^29.5.11", "@types/semver": "^7.5.6", "@types/yargs": "^15.0.19", - "@typescript-eslint/eslint-plugin": "^6.14.0", - "@typescript-eslint/parser": "^6.14.0", + "@typescript-eslint/eslint-plugin": "^6.18.0", + "@typescript-eslint/parser": "^6.18.0", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", - "eslint-plugin-import": "^2.29.0", + "eslint-plugin-import": "^2.29.1", "eslint-plugin-jest": "^24.7.0", "jest": "^29.7.0", "typescript": "~5.1.6" diff --git a/tools/@aws-cdk/prlint/package.json b/tools/@aws-cdk/prlint/package.json index a0769d0f4a6d1..4773d5b771e6c 100644 --- a/tools/@aws-cdk/prlint/package.json +++ b/tools/@aws-cdk/prlint/package.json @@ -29,7 +29,7 @@ "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", - "eslint-plugin-import": "^2.29.0", + "eslint-plugin-import": "^2.29.1", "eslint-plugin-jest": "^24.7.0" }, "jest": { diff --git a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts index 144194e69ee26..b14a03c1a057c 100644 --- a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts +++ b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts @@ -162,11 +162,11 @@ export async function generateAll( }, ); - Object.keys(moduleMap).map(async (moduleName) => { + await Promise.all(Object.keys(moduleMap).map(async (moduleName) => { // Add generated resources and files to module in map moduleMap[moduleName].resources = generated.modules[moduleName].map((m) => m.resources).reduce(mergeObjects, {}); moduleMap[moduleName].files = generated.modules[moduleName].flatMap((m) => m.outputFiles); - }); + })); return moduleMap; } diff --git a/yarn.lock b/yarn.lock index b9aac9b609e00..d9e8f04956dec 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5182,16 +5182,16 @@ resolved "https://registry.npmjs.org/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.9.tgz#b3c8e8d66dc8ce79827f422a660a557cda9ded14" integrity sha512-GD4Fk15UoP5NLCNor51YdfL9MSdldKCqOC9EssrRw3HVfar9wUZ5y8Lfnp+qVD6hIinLr8ygklDYnmlnlQo12Q== -"@typescript-eslint/eslint-plugin@^6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.14.0.tgz#fc1ab5f23618ba590c87e8226ff07a760be3dd7b" - integrity sha512-1ZJBykBCXaSHG94vMMKmiHoL0MhNHKSVlcHVYZNw+BKxufhqQVTOawNpwwI1P5nIFZ/4jLVop0mcY6mJJDFNaw== +"@typescript-eslint/eslint-plugin@^6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.18.0.tgz#94b86f3c25b468c714a04bd490017ecec2fd3746" + integrity sha512-3lqEvQUdCozi6d1mddWqd+kf8KxmGq2Plzx36BlkjuQe3rSTm/O98cLf0A4uDO+a5N1KD2SeEEl6fW97YHY+6w== dependencies: "@eslint-community/regexpp" "^4.5.1" - "@typescript-eslint/scope-manager" "6.14.0" - "@typescript-eslint/type-utils" "6.14.0" - "@typescript-eslint/utils" "6.14.0" - "@typescript-eslint/visitor-keys" "6.14.0" + "@typescript-eslint/scope-manager" "6.18.0" + "@typescript-eslint/type-utils" "6.18.0" + "@typescript-eslint/utils" "6.18.0" + "@typescript-eslint/visitor-keys" "6.18.0" debug "^4.3.4" graphemer "^1.4.0" ignore "^5.2.4" @@ -5211,15 +5211,15 @@ eslint-scope "^5.1.1" eslint-utils "^3.0.0" -"@typescript-eslint/parser@^6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.14.0.tgz#a2d6a732e0d2b95c73f6a26ae7362877cc1b4212" - integrity sha512-QjToC14CKacd4Pa7JK4GeB/vHmWFJckec49FR4hmIRf97+KXole0T97xxu9IFiPxVQ1DBWrQ5wreLwAGwWAVQA== +"@typescript-eslint/parser@^6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.18.0.tgz#d494161d64832e869f0a6acc6000a2cdff858383" + integrity sha512-v6uR68SFvqhNQT41frCMCQpsP+5vySy6IdgjlzUWoo7ALCnpaWYcz/Ij2k4L8cEsL0wkvOviCMpjmtRtHNOKzA== dependencies: - "@typescript-eslint/scope-manager" "6.14.0" - "@typescript-eslint/types" "6.14.0" - "@typescript-eslint/typescript-estree" "6.14.0" - "@typescript-eslint/visitor-keys" "6.14.0" + "@typescript-eslint/scope-manager" "6.18.0" + "@typescript-eslint/types" "6.18.0" + "@typescript-eslint/typescript-estree" "6.18.0" + "@typescript-eslint/visitor-keys" "6.18.0" debug "^4.3.4" "@typescript-eslint/scope-manager@4.33.0": @@ -5230,21 +5230,21 @@ "@typescript-eslint/types" "4.33.0" "@typescript-eslint/visitor-keys" "4.33.0" -"@typescript-eslint/scope-manager@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.14.0.tgz#53d24363fdb5ee0d1d8cda4ed5e5321272ab3d48" - integrity sha512-VT7CFWHbZipPncAZtuALr9y3EuzY1b1t1AEkIq2bTXUPKw+pHoXflGNG5L+Gv6nKul1cz1VH8fz16IThIU0tdg== +"@typescript-eslint/scope-manager@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.18.0.tgz#24ca6fc1f4a2afa71122dcfca9282878687d9997" + integrity sha512-o/UoDT2NgOJ2VfHpfr+KBY2ErWvCySNUIX/X7O9g8Zzt/tXdpfEU43qbNk8LVuWUT2E0ptzTWXh79i74PP0twA== dependencies: - "@typescript-eslint/types" "6.14.0" - "@typescript-eslint/visitor-keys" "6.14.0" + "@typescript-eslint/types" "6.18.0" + "@typescript-eslint/visitor-keys" "6.18.0" -"@typescript-eslint/type-utils@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.14.0.tgz#ac9cb5ba0615c837f1a6b172feeb273d36e4f8af" - integrity sha512-x6OC9Q7HfYKqjnuNu5a7kffIYs3No30isapRBJl1iCHLitD8O0lFbRcVGiOcuyN837fqXzPZ1NS10maQzZMKqw== +"@typescript-eslint/type-utils@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.18.0.tgz#a492da599da5c38c70aa9ff9bfb473961b8ae663" + integrity sha512-ZeMtrXnGmTcHciJN1+u2CigWEEXgy1ufoxtWcHORt5kGvpjjIlK9MUhzHm4RM8iVy6dqSaZA/6PVkX6+r+ChjQ== dependencies: - "@typescript-eslint/typescript-estree" "6.14.0" - "@typescript-eslint/utils" "6.14.0" + "@typescript-eslint/typescript-estree" "6.18.0" + "@typescript-eslint/utils" "6.18.0" debug "^4.3.4" ts-api-utils "^1.0.1" @@ -5253,10 +5253,10 @@ resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz#a1e59036a3b53ae8430ceebf2a919dc7f9af6d72" integrity sha512-zKp7CjQzLQImXEpLt2BUw1tvOMPfNoTAfb8l51evhYbOEEzdWyQNmHWWGPR6hwKJDAi+1VXSBmnhL9kyVTTOuQ== -"@typescript-eslint/types@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.14.0.tgz#935307f7a931016b7a5eb25d494ea3e1f613e929" - integrity sha512-uty9H2K4Xs8E47z3SnXEPRNDfsis8JO27amp2GNCnzGETEW3yTqEIVg5+AI7U276oGF/tw6ZA+UesxeQ104ceA== +"@typescript-eslint/types@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.18.0.tgz#ffce610a1540c17cf7d8ecf2bb34b8b0e2e77101" + integrity sha512-/RFVIccwkwSdW/1zeMx3hADShWbgBxBnV/qSrex6607isYjj05t36P6LyONgqdUrNLl5TYU8NIKdHUYpFvExkA== "@typescript-eslint/typescript-estree@4.33.0", "@typescript-eslint/typescript-estree@^4.33.0": version "4.33.0" @@ -5271,30 +5271,31 @@ semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/typescript-estree@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.14.0.tgz#90c7ddd45cd22139adf3d4577580d04c9189ac13" - integrity sha512-yPkaLwK0yH2mZKFE/bXkPAkkFgOv15GJAUzgUVonAbv0Hr4PK/N2yaA/4XQbTZQdygiDkpt5DkxPELqHguNvyw== +"@typescript-eslint/typescript-estree@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.18.0.tgz#1c357c3ca435c3cfa2af6b9daf45ca0bc2bb059a" + integrity sha512-klNvl+Ql4NsBNGB4W9TZ2Od03lm7aGvTbs0wYaFYsplVPhr+oeXjlPZCDI4U9jgJIDK38W1FKhacCFzCC+nbIg== dependencies: - "@typescript-eslint/types" "6.14.0" - "@typescript-eslint/visitor-keys" "6.14.0" + "@typescript-eslint/types" "6.18.0" + "@typescript-eslint/visitor-keys" "6.18.0" debug "^4.3.4" globby "^11.1.0" is-glob "^4.0.3" + minimatch "9.0.3" semver "^7.5.4" ts-api-utils "^1.0.1" -"@typescript-eslint/utils@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.14.0.tgz#856a9e274367d99ffbd39c48128b93a86c4261e3" - integrity sha512-XwRTnbvRr7Ey9a1NT6jqdKX8y/atWG+8fAIu3z73HSP8h06i3r/ClMhmaF/RGWGW1tHJEwij1uEg2GbEmPYvYg== +"@typescript-eslint/utils@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.18.0.tgz#4d07c9c08f84b9939a1aca7aef98c8f378936142" + integrity sha512-wiKKCbUeDPGaYEYQh1S580dGxJ/V9HI7K5sbGAVklyf+o5g3O+adnS4UNJajplF4e7z2q0uVBaTdT/yLb4XAVA== dependencies: "@eslint-community/eslint-utils" "^4.4.0" "@types/json-schema" "^7.0.12" "@types/semver" "^7.5.0" - "@typescript-eslint/scope-manager" "6.14.0" - "@typescript-eslint/types" "6.14.0" - "@typescript-eslint/typescript-estree" "6.14.0" + "@typescript-eslint/scope-manager" "6.18.0" + "@typescript-eslint/types" "6.18.0" + "@typescript-eslint/typescript-estree" "6.18.0" semver "^7.5.4" "@typescript-eslint/visitor-keys@4.33.0": @@ -5305,12 +5306,12 @@ "@typescript-eslint/types" "4.33.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@6.14.0": - version "6.14.0" - resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.14.0.tgz#1d1d486581819287de824a56c22f32543561138e" - integrity sha512-fB5cw6GRhJUz03MrROVuj5Zm/Q+XWlVdIsFj+Zb1Hvqouc8t+XP2H5y53QYU/MGtd2dPg6/vJJlhoX3xc2ehfw== +"@typescript-eslint/visitor-keys@6.18.0": + version "6.18.0" + resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.18.0.tgz#3c8733737786fa6c78a347b4fa306ae7155b560f" + integrity sha512-1wetAlSZpewRDb2h9p/Q8kRjdGuqdTAQbkJIOUMLug2LBLG+QOjiWoSj6/3B/hA9/tVTFFdtiKvAYoYnSRW/RA== dependencies: - "@typescript-eslint/types" "6.14.0" + "@typescript-eslint/types" "6.18.0" eslint-visitor-keys "^3.4.1" "@ungap/structured-clone@^1.2.0": @@ -7795,10 +7796,10 @@ eslint-module-utils@^2.8.0: dependencies: debug "^3.2.7" -eslint-plugin-import@^2.29.0: - version "2.29.0" - resolved "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.29.0.tgz#8133232e4329ee344f2f612885ac3073b0b7e155" - integrity sha512-QPOO5NO6Odv5lpoTkddtutccQjysJuFxoPS7fAHO+9m9udNHvTCPSAMW9zGAYj8lAIdr40I8yPCdUYrncXtrwg== +eslint-plugin-import@^2.29.1: + version "2.29.1" + resolved "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.29.1.tgz#d45b37b5ef5901d639c15270d74d46d161150643" + integrity sha512-BbPC0cuExzhiMo4Ff1BTVwHpjjv28C5R+btTOGaCRC7UEz801up0JadwkeSk5Ued6TG34uaczuVuH6qyy5YUxw== dependencies: array-includes "^3.1.7" array.prototype.findlastindex "^1.2.3" @@ -7816,7 +7817,7 @@ eslint-plugin-import@^2.29.0: object.groupby "^1.0.1" object.values "^1.1.7" semver "^6.3.1" - tsconfig-paths "^3.14.2" + tsconfig-paths "^3.15.0" eslint-plugin-jest@^24.7.0: version "24.7.0" @@ -11217,6 +11218,13 @@ minimatch@3.0.5: dependencies: brace-expansion "^1.1.7" +minimatch@9.0.3, minimatch@^9.0.0, minimatch@^9.0.1, minimatch@^9.0.3, minimatch@~9.0.3: + version "9.0.3" + resolved "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz#a6e00c3de44c3a542bfaae70abfc22420a6da825" + integrity sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg== + dependencies: + brace-expansion "^2.0.1" + minimatch@^3.0.2, minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.1, minimatch@^3.1.2: version "3.1.2" resolved "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" @@ -11238,13 +11246,6 @@ minimatch@^8.0.2: dependencies: brace-expansion "^2.0.1" -minimatch@^9.0.0, minimatch@^9.0.1, minimatch@^9.0.3, minimatch@~9.0.3: - version "9.0.3" - resolved "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz#a6e00c3de44c3a542bfaae70abfc22420a6da825" - integrity sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg== - dependencies: - brace-expansion "^2.0.1" - minimist-options@4.1.0: version "4.1.0" resolved "https://registry.npmjs.org/minimist-options/-/minimist-options-4.1.0.tgz#c0655713c53a8a2ebd77ffa247d342c40f010619" @@ -14323,7 +14324,7 @@ ts-node@^10.9.1, ts-node@^10.9.2: v8-compile-cache-lib "^3.0.1" yn "3.1.1" -tsconfig-paths@^3.10.1, tsconfig-paths@^3.14.1, tsconfig-paths@^3.14.2: +tsconfig-paths@^3.10.1, tsconfig-paths@^3.14.1: version "3.14.2" resolved "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.14.2.tgz#6e32f1f79412decd261f92d633a9dc1cfa99f088" integrity sha512-o/9iXgCYc5L/JxCHPe3Hvh8Q/2xm5Z+p18PESBU6Ff33695QnCHBEjcytY2q19ua7Mbl/DavtBOLq+oG0RCL+g== @@ -14333,6 +14334,16 @@ tsconfig-paths@^3.10.1, tsconfig-paths@^3.14.1, tsconfig-paths@^3.14.2: minimist "^1.2.6" strip-bom "^3.0.0" +tsconfig-paths@^3.15.0: + version "3.15.0" + resolved "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz#5299ec605e55b1abb23ec939ef15edaf483070d4" + integrity sha512-2Ac2RgzDe/cn48GvOe3M+o82pEFewD3UPbyoUHHdKasHwJKjds4fLXWf/Ux5kATBKN20oaFGu+jbElp1pos0mg== + dependencies: + "@types/json5" "^0.0.29" + json5 "^1.0.2" + minimist "^1.2.6" + strip-bom "^3.0.0" + tsconfig-paths@^4.1.2: version "4.2.0" resolved "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-4.2.0.tgz#ef78e19039133446d244beac0fd6a1632e2d107c"