Skip to content

Commit

Permalink
Merge branch 'master' into otaviom/eks-legacy-assertions
Browse files Browse the repository at this point in the history
  • Loading branch information
@mergify
mergify[bot] committed Jan 21, 2022
2 parents ff203f3 + 0e08eeb commit 37f7bb1
Show file tree
Hide file tree
Showing 19 changed files with 700 additions and 201 deletions.
5 changes: 3 additions & 2 deletions packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import * as iam from '@aws-cdk/aws-iam';
import * as lambda from '@aws-cdk/aws-lambda';
import { Duration, Lazy, Names, Stack } from '@aws-cdk/core';
import { Arn, ArnFormat, Duration, Lazy, Names, Stack } from '@aws-cdk/core';
import { Construct } from 'constructs';
import { CfnAuthorizer } from '../apigateway.generated';
import { Authorizer, IAuthorizer } from '../authorizer';
Expand Down Expand Up @@ -254,5 +254,6 @@ export class RequestAuthorizer extends LambdaAuthorizer {
* constructs the authorizerURIArn.
*/
function lambdaAuthorizerArn(handler: lambda.IFunction) {
return `arn:${Stack.of(handler).partition}:apigateway:${Stack.of(handler).region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`;
const { region, partition } = Arn.split( handler.functionArn, ArnFormat.COLON_RESOURCE_NAME);
return `arn:${partition}:apigateway:${region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`;
}
30 changes: 28 additions & 2 deletions packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.lit.expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,11 +253,37 @@
[
"arn:",
{
"Ref": "AWS::Partition"
"Fn::Select": [
1,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":apigateway:",
{
"Ref": "AWS::Region"
"Fn::Select": [
3,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":lambda:path/2015-03-31/functions/",
{
Expand Down
30 changes: 28 additions & 2 deletions ...es/@aws-cdk/aws-apigateway/test/authorizers/integ.token-authorizer-iam-role.expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,11 +122,37 @@
[
"arn:",
{
"Ref": "AWS::Partition"
"Fn::Select": [
1,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":apigateway:",
{
"Ref": "AWS::Region"
"Fn::Select": [
3,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":lambda:path/2015-03-31/functions/",
{
Expand Down
30 changes: 28 additions & 2 deletions packages/@aws-cdk/aws-apigateway/test/authorizers/integ.token-authorizer.lit.expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,11 +253,37 @@
[
"arn:",
{
"Ref": "AWS::Partition"
"Fn::Select": [
1,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":apigateway:",
{
"Ref": "AWS::Region"
"Fn::Select": [
3,
{
"Fn::Split": [
":",
{
"Fn::GetAtt": [
"MyAuthorizerFunction70F1223E",
"Arn"
]
}
]
}
]
},
":lambda:path/2015-03-31/functions/",
{
Expand Down
144 changes: 132 additions & 12 deletions packages/@aws-cdk/aws-apigateway/test/authorizers/lambda.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down Expand Up @@ -89,11 +109,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down Expand Up @@ -167,11 +207,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down Expand Up @@ -218,11 +278,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down Expand Up @@ -269,11 +349,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down Expand Up @@ -341,11 +441,31 @@ describe('lambda authorizer', () => {
[
'arn:',
{
Ref: 'AWS::Partition',
'Fn::Select': [
1,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':apigateway:',
{
Ref: 'AWS::Region',
'Fn::Select': [
3,
{
'Fn::Split': [
':',
{
'Fn::GetAtt': ['myfunction9B95E948', 'Arn'],
},
],
},
],
},
':lambda:path/2015-03-31/functions/',
{
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ export class WebSocketApi extends ApiBase implements IWebSocketApi {
return Grant.addToPrincipal({
grantee: identity,
actions: ['execute-api:ManageConnections'],
resourceArns: [`${arn}/*/POST/@connections/*`],
resourceArns: [`${arn}/*/*/@connections/*`],
});
}
}
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/lib/websocket/stage.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ export class WebSocketStage extends StageBase implements IWebSocketStage {
return Grant.addToPrincipal({
grantee: identity,
actions: ['execute-api:ManageConnections'],
resourceArns: [`${arn}/${this.stageName}/POST/@connections/*`],
resourceArns: [`${arn}/${this.stageName}/*/@connections/*`],
});
}
}
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ describe('WebSocketApi', () => {
{
Ref: 'apiC8550315',
},
'/*/POST/@connections/*',
'/*/*/@connections/*',
]],
},
}]),
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/test/websocket/stage.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ describe('WebSocketStage', () => {
{
Ref: 'ApiF70053CD',
},
`/${defaultStage.stageName}/POST/@connections/*`,
`/${defaultStage.stageName}/*/@connections/*`,
]],
},
}]),
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-dynamodb/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@
},
"license": "Apache-2.0",
"devDependencies": {
"@aws-cdk/assert-internal": "0.0.0",
"@aws-cdk/assertions": "0.0.0",
"@aws-cdk/cdk-build-tools": "0.0.0",
"@aws-cdk/cdk-integ-tools": "0.0.0",
"@aws-cdk/cfn2ts": "0.0.0",
Expand Down
Loading

0 comments on commit 37f7bb1

Please sign in to comment.