From d308bc56b4018c4d5c42a3e545783f954159f847 Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Thu, 1 Dec 2022 01:28:27 +0900 Subject: [PATCH 1/2] chore(ec2): missing vpc endpoint per service (#22774) Continued work on https://github.com/aws/aws-cdk/pull/22481/ We are focusing on "multiple endpoints per service". Some of the property names were chosen arbitrarily, so if you have any comments on them, please let us know. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts | 89 ++++++++++++++++++- packages/@aws-cdk/aws-ec2/package.json | 81 +++++++++++++++++ 2 files changed, 166 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts index 9b15b17ffc895..5a4b564b20fb7 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts @@ -264,26 +264,41 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly ACCOUNT_MANAGEMENT = new InterfaceVpcEndpointAwsService('account'); public static readonly APP_MESH = new InterfaceVpcEndpointAwsService('appmesh-envoy-management'); public static readonly APP_RUNNER = new InterfaceVpcEndpointAwsService('apprunner'); + public static readonly APP_RUNNER_REQUESTS = new InterfaceVpcEndpointAwsService('apprunner.requests'); public static readonly APPLICATION_MIGRATION_SERVICE = new InterfaceVpcEndpointAwsService('mgn'); + public static readonly APPSTREAM_API = new InterfaceVpcEndpointAwsService('appstream.api'); + public static readonly APPSTREAM_STREAMING = new InterfaceVpcEndpointAwsService('appstream.streaming'); public static readonly ATHENA = new InterfaceVpcEndpointAwsService('athena'); public static readonly AUDIT_MANAGER = new InterfaceVpcEndpointAwsService('auditmanager'); public static readonly APPLICATION_AUTOSCALING = new InterfaceVpcEndpointAwsService('application-autoscaling'); public static readonly AUTOSCALING = new InterfaceVpcEndpointAwsService('autoscaling'); public static readonly AUTOSCALING_PLANS = new InterfaceVpcEndpointAwsService('autoscaling-plans'); + public static readonly BACKUP = new InterfaceVpcEndpointAwsService('backup'); + public static readonly BACKUP_GATEWAY = new InterfaceVpcEndpointAwsService('backup-gateway'); public static readonly BATCH = new InterfaceVpcEndpointAwsService('batch'); public static readonly BILLING_CONDUCTOR = new InterfaceVpcEndpointAwsService('billingconductor'); public static readonly BRAKET = new InterfaceVpcEndpointAwsService('braket'); public static readonly PRIVATE_CERTIFICATE_AUTHORITY = new InterfaceVpcEndpointAwsService('acm-pca'); + public static readonly CLOUD_CONTROL_API = new InterfaceVpcEndpointAwsService('cloudcontrolapi'); + public static readonly CLOUD_CONTROL_API_FIPS = new InterfaceVpcEndpointAwsService('cloudcontrolapi-fips'); public static readonly CLOUD_DIRECTORY = new InterfaceVpcEndpointAwsService('clouddirectory'); public static readonly CLOUDFORMATION = new InterfaceVpcEndpointAwsService('cloudformation'); public static readonly CLOUDHSM = new InterfaceVpcEndpointAwsService('cloudhsmv2'); public static readonly CLOUDTRAIL = new InterfaceVpcEndpointAwsService('cloudtrail'); + public static readonly CLOUDWATCH_EVIDENTLY = new InterfaceVpcEndpointAwsService('evidently'); + public static readonly CLOUDWATCH_EVIDENTLY_DATAPLANE = new InterfaceVpcEndpointAwsService('evidently-dataplane'); + public static readonly CLOUDWATCH_MONITORING = new InterfaceVpcEndpointAwsService('monitoring'); + public static readonly CLOUDWATCH_RUM = new InterfaceVpcEndpointAwsService('rum'); + public static readonly CLOUDWATCH_RUM_DATAPLANE = new InterfaceVpcEndpointAwsService('rum-dataplane'); + public static readonly CLOUDWATCH_SYNTHETICS = new InterfaceVpcEndpointAwsService('synthetics'); public static readonly CODEARTIFACT_API = new InterfaceVpcEndpointAwsService('codeartifact.api'); public static readonly CODEARTIFACT_REPOSITORIES = new InterfaceVpcEndpointAwsService('codeartifact.repositories'); public static readonly CODEBUILD = new InterfaceVpcEndpointAwsService('codebuild'); public static readonly CODEBUILD_FIPS = new InterfaceVpcEndpointAwsService('codebuild-fips'); public static readonly CODECOMMIT = new InterfaceVpcEndpointAwsService('codecommit'); public static readonly CODECOMMIT_FIPS = new InterfaceVpcEndpointAwsService('codecommit-fips'); + public static readonly CODEDEPLOY = new InterfaceVpcEndpointAwsService('codedeploy'); + public static readonly CODEDEPLOY_COMMANDS_SECURE = new InterfaceVpcEndpointAwsService('codedeploy-commands-secure'); public static readonly CODEGURU_PROFILER = new InterfaceVpcEndpointAwsService('codeguru-profiler'); public static readonly CODEGURU_REVIEWER = new InterfaceVpcEndpointAwsService('codeguru-reviewer'); public static readonly CODEPIPELINE = new InterfaceVpcEndpointAwsService('codepipeline'); @@ -291,7 +306,14 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly COMPREHEND = new InterfaceVpcEndpointAwsService('comprehend'); public static readonly COMPREHEND_MEDICAL = new InterfaceVpcEndpointAwsService('comprehendmedical'); public static readonly CONFIG = new InterfaceVpcEndpointAwsService('config'); + public static readonly CONNECT_APP_INTEGRATIONS = new InterfaceVpcEndpointAwsService('app-integrations'); + public static readonly CONNECT_CONNECT_CAMPAIGNS = new InterfaceVpcEndpointAwsService('connect-campaigns'); + public static readonly CONNECT_PROFILE = new InterfaceVpcEndpointAwsService('profile'); + public static readonly CONNECT_VOICEID = new InterfaceVpcEndpointAwsService('voiceid'); + public static readonly CONNECT_WISDOM = new InterfaceVpcEndpointAwsService('wisdom'); public static readonly DATA_EXCHANGE = new InterfaceVpcEndpointAwsService('dataexchange'); + public static readonly DATABASE_MIGRATION_SERVICE = new InterfaceVpcEndpointAwsService('dms'); + public static readonly DATABASE_MIGRATION_SERVICE_FIPS = new InterfaceVpcEndpointAwsService('dms-fips'); public static readonly DATASYNC = new InterfaceVpcEndpointAwsService('datasync'); public static readonly DEVOPS_GURU = new InterfaceVpcEndpointAwsService('devops-guru'); public static readonly EBS_DIRECT = new InterfaceVpcEndpointAwsService('ebs'); @@ -303,18 +325,30 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly ECS = new InterfaceVpcEndpointAwsService('ecs'); public static readonly ECS_AGENT = new InterfaceVpcEndpointAwsService('ecs-agent'); public static readonly ECS_TELEMETRY = new InterfaceVpcEndpointAwsService('ecs-telemetry'); + public static readonly ELASTIC_BEANSTALK = new InterfaceVpcEndpointAwsService('elasticbeanstalk'); + public static readonly ELASTIC_BEANSTALK_HEALTH = new InterfaceVpcEndpointAwsService('elasticbeanstalk-health'); public static readonly ELASTIC_FILESYSTEM = new InterfaceVpcEndpointAwsService('elasticfilesystem'); public static readonly ELASTIC_FILESYSTEM_FIPS = new InterfaceVpcEndpointAwsService('elasticfilesystem-fips'); public static readonly ELASTIC_INFERENCE_RUNTIME = new InterfaceVpcEndpointAwsService('elastic-inference.runtime'); public static readonly ELASTIC_LOAD_BALANCING = new InterfaceVpcEndpointAwsService('elasticloadbalancing'); public static readonly ELASTICACHE = new InterfaceVpcEndpointAwsService('elasticache'); + public static readonly ELASTICACHE_FIPS = new InterfaceVpcEndpointAwsService('elasticache-fips'); public static readonly EMR = new InterfaceVpcEndpointAwsService('elasticmapreduce'); public static readonly EMR_EKS = new InterfaceVpcEndpointAwsService('emr-containers'); - public static readonly EMR_SERVERLESS = new InterfaceVpcEndpointAwsService('.emr-serverless'); + public static readonly EMR_SERVERLESS = new InterfaceVpcEndpointAwsService('emr-serverless'); public static readonly CLOUDWATCH_EVENTS = new InterfaceVpcEndpointAwsService('events'); + public static readonly EVENTBRIDGE = new InterfaceVpcEndpointAwsService('events'); public static readonly APIGATEWAY = new InterfaceVpcEndpointAwsService('execute-api'); public static readonly FAULT_INJECTION_SIMULATOR = new InterfaceVpcEndpointAwsService('fis'); + public static readonly FINSPACE = new InterfaceVpcEndpointAwsService('finspace'); + public static readonly FINSPACE_API = new InterfaceVpcEndpointAwsService('finspace-api'); + public static readonly FORECAST = new InterfaceVpcEndpointAwsService('forecast'); + public static readonly FORECAST_QUERY = new InterfaceVpcEndpointAwsService('forecastquery'); + public static readonly FORECAST_FIPS = new InterfaceVpcEndpointAwsService('forecast-fips'); + public static readonly FORECAST_QUERY_FIPS = new InterfaceVpcEndpointAwsService('forecastquery-fips'); public static readonly FRAUD_DETECTOR = new InterfaceVpcEndpointAwsService('frauddetector'); + public static readonly FSX = new InterfaceVpcEndpointAwsService('fsx'); + public static readonly FSX_FIPS = new InterfaceVpcEndpointAwsService('fsx-fips'); public static readonly CODECOMMIT_GIT = new InterfaceVpcEndpointAwsService('git-codecommit'); public static readonly CODECOMMIT_GIT_FIPS = new InterfaceVpcEndpointAwsService('git-codecommit-fips'); public static readonly GLUE = new InterfaceVpcEndpointAwsService('glue'); @@ -326,39 +360,86 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly IAM_ROLES_ANYWHERE = new InterfaceVpcEndpointAwsService('rolesanywhere'); public static readonly INSPECTOR = new InterfaceVpcEndpointAwsService('inspector2'); public static readonly IOT_CORE = new InterfaceVpcEndpointAwsService('iot.data'); + public static readonly IOT_CORE_FOR_LORAWAN = new InterfaceVpcEndpointAwsService('iotwireless.api'); + public static readonly IOT_LORAWAN_CUPS = new InterfaceVpcEndpointAwsService('lorawan.cups'); + public static readonly IOT_LORAWAN_LNS = new InterfaceVpcEndpointAwsService('lorawan.lns'); public static readonly IOT_GREENGRASS = new InterfaceVpcEndpointAwsService('greengrass'); + public static readonly IOT_SITEWISE_API = new InterfaceVpcEndpointAwsService('iotsitewise.api'); + public static readonly IOT_SITEWISE_DATA = new InterfaceVpcEndpointAwsService('iotsitewise.data'); + public static readonly IOT_TWINMAKER_API = new InterfaceVpcEndpointAwsService('iottwinmaker.api'); + public static readonly IOT_TWINMAKER_DATA = new InterfaceVpcEndpointAwsService('iottwinmaker.data'); public static readonly KEYSPACES = new InterfaceVpcEndpointAwsService('cassandra', '', 9142); + public static readonly KEYSPACES_FIPS = new InterfaceVpcEndpointAwsService('cassandra-fips', '', 9142); public static readonly KINESIS_STREAMS = new InterfaceVpcEndpointAwsService('kinesis-streams'); public static readonly KINESIS_FIREHOSE = new InterfaceVpcEndpointAwsService('kinesis-firehose'); public static readonly KMS = new InterfaceVpcEndpointAwsService('kms'); + public static readonly LAKE_FORMATION = new InterfaceVpcEndpointAwsService('lakeformation'); public static readonly CLOUDWATCH_LOGS = new InterfaceVpcEndpointAwsService('logs'); public static readonly CLOUDWATCH = new InterfaceVpcEndpointAwsService('monitoring'); + public static readonly LAMBDA = new InterfaceVpcEndpointAwsService('lambda'); + public static readonly LEX_MODELS = new InterfaceVpcEndpointAwsService('models-v2-lex'); + public static readonly LEX_RUNTIME = new InterfaceVpcEndpointAwsService('runtime-v2-lex'); + public static readonly LICENSE_MANAGER = new InterfaceVpcEndpointAwsService('license-manager'); + public static readonly LICENSE_MANAGER_FIPS = new InterfaceVpcEndpointAwsService('license-manager-fips'); + public static readonly LOOKOUT_EQUIPMENT = new InterfaceVpcEndpointAwsService('lookoutequipment'); + public static readonly LOOKOUT_METRICS = new InterfaceVpcEndpointAwsService('lookoutmetrics'); + public static readonly LOOKOUT_VISION = new InterfaceVpcEndpointAwsService('lookoutvision'); + public static readonly MACIE = new InterfaceVpcEndpointAwsService('macie2'); + public static readonly MAINFRAME_MODERNIZATION = new InterfaceVpcEndpointAwsService('m2'); + public static readonly PROMETHEUS = new InterfaceVpcEndpointAwsService('aps'); + public static readonly PROMETHEUS_WORKSPACES = new InterfaceVpcEndpointAwsService('aps-workspaces'); + public static readonly AIRFLOW_API = new InterfaceVpcEndpointAwsService('airflow.api'); + public static readonly AIRFLOW_ENV = new InterfaceVpcEndpointAwsService('airflow.env'); + public static readonly AIRFLOW_OPS = new InterfaceVpcEndpointAwsService('airflow.ops'); + public static readonly MEMORY_DB = new InterfaceVpcEndpointAwsService('memory-db'); + public static readonly MEMORY_DB_FIPS = new InterfaceVpcEndpointAwsService('memorydb-fips'); + public static readonly MIGRATIONHUB_ORCHESTRATOR = new InterfaceVpcEndpointAwsService('migrationhub-orchestrator'); + public static readonly MIGRATIONHUB_REFACTOR_SPACES = new InterfaceVpcEndpointAwsService('refactor-spaces'); + public static readonly MIGRATIONHUB_STRATEGY = new InterfaceVpcEndpointAwsService('migrationhub-strategy'); + public static readonly NIMBLE_STUDIO = new InterfaceVpcEndpointAwsService('nimble'); + public static readonly PANORAMA = new InterfaceVpcEndpointAwsService('panorama'); + public static readonly PINPOINT = new InterfaceVpcEndpointAwsService('pinpoint-sms-voice-v2'); + public static readonly PROTON = new InterfaceVpcEndpointAwsService('proton'); + public static readonly QLDB = new InterfaceVpcEndpointAwsService('qldb.session'); public static readonly RDS = new InterfaceVpcEndpointAwsService('rds'); - public static readonly ROBOMAKER = new InterfaceVpcEndpointAwsService('robomaker'); public static readonly RDS_DATA = new InterfaceVpcEndpointAwsService('rds-data'); + public static readonly ROBOMAKER = new InterfaceVpcEndpointAwsService('robomaker'); + public static readonly REDSHIFT = new InterfaceVpcEndpointAwsService('redshift'); + public static readonly REDSHIFT_FIPS = new InterfaceVpcEndpointAwsService('redshift-fips'); + public static readonly REDSHIFT_DATA = new InterfaceVpcEndpointAwsService('redshift-data'); public static readonly S3 = new InterfaceVpcEndpointAwsService('s3'); public static readonly S3_OUTPOSTS = new InterfaceVpcEndpointAwsService('s3-outposts'); public static readonly SAGEMAKER_API = new InterfaceVpcEndpointAwsService('sagemaker.api'); + public static readonly SAGEMAKER_FEATURESTORE_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.featurestore-runtime'); public static readonly SAGEMAKER_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.runtime'); public static readonly SAGEMAKER_RUNTIME_FIPS = new InterfaceVpcEndpointAwsService('sagemaker.runtime-fips'); public static readonly SECRETS_MANAGER = new InterfaceVpcEndpointAwsService('secretsmanager'); public static readonly SERVICE_CATALOG = new InterfaceVpcEndpointAwsService('servicecatalog'); + public static readonly SERVICE_CATALOG_APPREGISTRY = new InterfaceVpcEndpointAwsService('servicecatalog-appregistry'); + public static readonly SERVER_MIGRATION_SERVICE = new InterfaceVpcEndpointAwsService('sms'); + public static readonly SERVER_MIGRATION_SERVICE_FIPS = new InterfaceVpcEndpointAwsService('sms-fips'); + public static readonly SERVER_MIGRATION_SERVICE_AWSCONNECTOR = new InterfaceVpcEndpointAwsService('awsconnector'); public static readonly SES = new InterfaceVpcEndpointAwsService('email-smtp'); public static readonly SNS = new InterfaceVpcEndpointAwsService('sns'); public static readonly SQS = new InterfaceVpcEndpointAwsService('sqs'); public static readonly SSM = new InterfaceVpcEndpointAwsService('ssm'); public static readonly SSM_MESSAGES = new InterfaceVpcEndpointAwsService('ssmmessages'); + public static readonly SSM_CONTACTS = new InterfaceVpcEndpointAwsService('ssm-contacts'); + public static readonly SSM_INCIDENTS = new InterfaceVpcEndpointAwsService('ssm-incidents'); public static readonly STS = new InterfaceVpcEndpointAwsService('sts'); public static readonly SNOW_DEVICE_MANAGEMENT = new InterfaceVpcEndpointAwsService('snow-device-management'); public static readonly TEXTRACT = new InterfaceVpcEndpointAwsService('textract'); public static readonly TEXTRACT_FIPS = new InterfaceVpcEndpointAwsService('textract-fips'); - public static readonly TRANSFER = new InterfaceVpcEndpointAwsService('transfer.server'); + public static readonly TRANSFER = new InterfaceVpcEndpointAwsService('transfer'); + public static readonly TRANSFER_SERVER = new InterfaceVpcEndpointAwsService('transfer.server'); + public static readonly TRANSLATE = new InterfaceVpcEndpointAwsService('translate'); public static readonly STORAGE_GATEWAY = new InterfaceVpcEndpointAwsService('storagegateway'); public static readonly REKOGNITION = new InterfaceVpcEndpointAwsService('rekognition'); public static readonly REKOGNITION_FIPS = new InterfaceVpcEndpointAwsService('rekognition-fips'); public static readonly STEP_FUNCTIONS = new InterfaceVpcEndpointAwsService('states'); - public static readonly LAMBDA = new InterfaceVpcEndpointAwsService('lambda'); + public static readonly STEP_FUNCTIONS_SYNC = new InterfaceVpcEndpointAwsService('sync-states'); public static readonly TRANSCRIBE = new InterfaceVpcEndpointAwsService('transcribe'); + public static readonly TRANSCRIBE_STREAMING = new InterfaceVpcEndpointAwsService('transcribestreaming'); public static readonly WORKSPACES = new InterfaceVpcEndpointAwsService('workspaces'); public static readonly XRAY = new InterfaceVpcEndpointAwsService('xray'); public static readonly SECURITYHUB = new InterfaceVpcEndpointAwsService('securityhub'); diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index 80487d0361d7f..6ac7a71eb045b 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -364,6 +364,87 @@ "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SECURITYHUB", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.EMAIL_SMTP", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.WORKSPACES", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.AIRFLOW_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.AIRFLOW_ENV", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.AIRFLOW_OPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APP_RUNNER_REQUESTS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APPSTREAM_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APPSTREAM_STREAMING", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.BACKUP", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.BACKUP_GATEWAY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUD_CONTROL_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUD_CONTROL_API_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_EVIDENTLY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_EVIDENTLY_DATAPLANE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_MONITORING", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_RUM", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_RUM_DATAPLANE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_SYNTHETICS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEDEPLOY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEDEPLOY_COMMANDS_SECURE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONNECT_APP_INTEGRATIONS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONNECT_CONNECT_CAMPAIGNS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONNECT_PROFILE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONNECT_VOICEID", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONNECT_WISDOM", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.DATABASE_MIGRATION_SERVICE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.DATABASE_MIGRATION_SERVICE_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.ELASTIC_BEANSTALK", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.ELASTIC_BEANSTALK_HEALTH", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.ELASTICACHE_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.EVENTBRIDGE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FINSPACE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FINSPACE_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FORECAST", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FORECAST_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FORECAST_QUERY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FORECAST_QUERY_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FSX", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.FSX_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_CORE_FOR_LORAWAN", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_LORAWAN_CUPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_LORAWAN_LNS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_SITEWISE_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_SITEWISE_DATA", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_TWINMAKER_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.IOT_TWINMAKER_DATA", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.KEYSPACES_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LAKE_FORMATION", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LEX_MODELS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LEX_RUNTIME", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LICENSE_MANAGER", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LICENSE_MANAGER_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LOOKOUT_EQUIPMENT", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LOOKOUT_METRICS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LOOKOUT_VISION", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MACIE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MAINFRAME_MODERNIZATION", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MEMORY_DB", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MEMORY_DB_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MIGRATIONHUB_ORCHESTRATOR", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MIGRATIONHUB_REFACTOR_SPACES", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.MIGRATIONHUB_STRATEGY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.NIMBLE_STUDIO", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.PANORAMA", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.PINPOINT", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.PROMETHEUS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.PROMETHEUS_WORKSPACES", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.PROTON", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.QLDB", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.REDSHIFT", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.REDSHIFT_DATA", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.REDSHIFT_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SAGEMAKER_FEATURESTORE_RUNTIME", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SERVER_MIGRATION_SERVICE", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SERVER_MIGRATION_SERVICE_AWSCONNECTOR", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SERVER_MIGRATION_SERVICE_FIPS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SERVICE_CATALOG_APPREGISTRY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SSM_CONTACTS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SSM_INCIDENTS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.STEP_FUNCTIONS_SYNC", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.TRANSCRIBE_STREAMING", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.TRANSFER_SERVER", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.TRANSLATE", "docs-public-apis:@aws-cdk/aws-ec2.LogFormat.value", "docs-public-apis:@aws-cdk/aws-ec2.Port.toString", "docs-public-apis:@aws-cdk/aws-ec2.PrivateSubnet.fromPrivateSubnetAttributes", From 320cc2595c482884089331eea437c80064642539 Mon Sep 17 00:00:00 2001 From: Niko Virtala Date: Wed, 30 Nov 2022 19:10:46 +0200 Subject: [PATCH 2/2] fix(lambda): allow tokens in kafka consumer group id (#22993) - fix(lambda): allow token kafka consumer group id - fix(lambda): typo in kafka consumer group id validation Fixes: #22932 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-lambda/lib/event-source-mapping.ts | 6 +++++- .../aws-lambda/test/event-source-mapping.test.ts | 10 +++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts index 9798a31c313f0..c0475dd206050 100644 --- a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts +++ b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts @@ -382,6 +382,10 @@ export class EventSourceMapping extends cdk.Resource implements IEventSourceMapp } private validateKafkaConsumerGroupIdOrThrow(kafkaConsumerGroupId: string) { + if (cdk.Token.isUnresolved(kafkaConsumerGroupId)) { + return; + } + if (kafkaConsumerGroupId.length > 200 ||kafkaConsumerGroupId.length < 1) { throw new Error('kafkaConsumerGroupId must be a valid string between 1 and 200 characters'); } @@ -389,7 +393,7 @@ export class EventSourceMapping extends cdk.Resource implements IEventSourceMapp const regex = new RegExp(/[a-zA-Z0-9-\/*:_+=.@-]*/); const patternMatch = regex.exec(kafkaConsumerGroupId); if (patternMatch === null || patternMatch[0] !== kafkaConsumerGroupId) { - throw new Error('kafkaConsumerGroupId contain ivalid characters. Allowed values are "[a-zA-Z0-9-\/*:_+=.@-]"'); + throw new Error('kafkaConsumerGroupId contains invalid characters. Allowed values are "[a-zA-Z0-9-\/*:_+=.@-]"'); } } } diff --git a/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts b/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts index 728cfd5d161ee..0fb2ee80e2330 100644 --- a/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts @@ -159,7 +159,7 @@ describe('event source mapping', () => { eventSourceArn: 'arn:aws:kafka:us-east-1:123456789012:cluster/vpc-2priv-2pub/751d2973-a626-431c-9d4e-d7975eb44dd7-2', kafkaConsumerGroupId: 'some invalid', target: fn, - })).toThrow('kafkaConsumerGroupId contain ivalid characters. Allowed values are "[a-zA-Z0-9-\/*:_+=.@-]"'); + })).toThrow('kafkaConsumerGroupId contains invalid characters. Allowed values are "[a-zA-Z0-9-\/*:_+=.@-]"'); }); test('throws if kafkaConsumerGroupId is too long', () => { @@ -178,6 +178,14 @@ describe('event source mapping', () => { })).not.toThrow(); }); + test('not throws if kafkaConsumerGroupId is token', () => { + expect(() => new EventSourceMapping(stack, 'test', { + eventSourceArn: 'arn:aws:kafka:us-east-1:123456789012:cluster/vpc-2priv-2pub/751d2973-a626-431c-9d4e-d7975eb44dd7-2', + kafkaConsumerGroupId: cdk.Lazy.string({ produce: () => 'test' }), + target: fn, + })).not.toThrow(); + }); + test('not throws if kafkaConsumerGroupId is valid for amazon managed kafka', () => { expect(() => new EventSourceMapping(stack, 'test', { eventSourceArn: 'arn:aws:kafka:us-east-1:123456789012:cluster/vpc-2priv-2pub/751d2973-a626-431c-9d4e-d7975eb44dd7-2',