Merge branch 'main' into rmuller/fix-toolkit-review-in-progress

aws · Dec 7, 2022 · ea93458 · ea93458
2 parents 33eb4c9 + c9fdc8a
commit ea93458
Show file tree

Hide file tree

Showing 347 changed files with 11,489 additions and 886 deletions.
diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml
@@ -24,7 +24,7 @@ jobs:
 
       - name: Locate Yarn cache
         id: yarn-cache
-        run: echo "::set-output name=dir::$(yarn cache dir)"
+        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
 
       - name: Restore Yarn cache
         uses: actions/cache@v3
@@ -45,7 +45,7 @@ jobs:
         # These need to be ignored from the `ncu` runs!
         run: |-
           echo -n "::set-output name=list::"
-          node -p "$(lerna ls --all --json 2>/dev/null).map(item => item.name).join(',')"
+          echo "list=$(lerna ls --all --json 2>/dev/null | jq -r 'map(.name) | join(",")')" >> $GITHUB_OUTPUT 
       - name: Run "ncu -u"
         # We special-case @types/node because we want to stay on the current major (minimum supported node release)
         # We special-case @types/fs-extra because the current major (9.x) is broken with @types/node >= 10
@@ -65,10 +65,10 @@ jobs:
           lerna exec --parallel ncu -- --upgrade --reject='@types/node,@types/prettier,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,${{ steps.list-packages.outputs.list }}'  --target=minor
           # Upgrade package.jsons in init templates
           for pj in $(find packages/aws-cdk/lib/init-templates -name package.json); do
-            (cd $(dirname $pj) && ncu --upgrade --reject='@types/babel__traverse,@types/jest,@types/node,@types/prettier,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,ts-jest,jest,${{ steps.list-packages.outputs.list }}')
+            (cd $(dirname $pj) && ncu --upgrade --reject='constructs,${{ steps.list-packages.outputs.list }}')
           done
           # Upgrade dependencies at an aws-eks integ test docker image
-          cd packages/@aws-cdk/aws-eks/test/sdk-call-integ-test-docker-app/app/ && ncu --upgrade --reject='@types/jest,@types/node,@types/prettier,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,ts-jest,jest,${{ steps.list-packages.outputs.list }}'
+          cd packages/@aws-cdk/aws-eks/test/sdk-call-integ-test-docker-app/app/ && ncu --upgrade --reject='aws-sdk,${{ steps.list-packages.outputs.list }}'
 
       # This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn update" to run)
       - name: Run "yarn install"

diff --git a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts
@@ -408,6 +408,13 @@ export enum SpotAllocationStrategy {
    * honors the instance type priorities on a best-effort basis but optimizes for capacity first.
    */
   CAPACITY_OPTIMIZED_PRIORITIZED = 'capacity-optimized-prioritized',
+
+  /**
+   * The price and capacity optimized allocation strategy looks at both price and
+   * capacity to select the Spot Instance pools that are the least likely to be
+   * interrupted and have the lowest possible price.
+   */
+  PRICE_CAPACITY_OPTIMIZED = 'price-capacity-optimized',
 }
 
 /**

diff --git a/packages/@aws-cdk/aws-autoscaling/test/auto-scaling-group.test.ts b/packages/@aws-cdk/aws-autoscaling/test/auto-scaling-group.test.ts
@@ -1915,6 +1915,47 @@ test('can use Vpc imported from unparseable list tokens', () => {
   });
 });
 
+test('add price-capacity-optimized', () => {
+  // GIVEN
+  const stack = new cdk.Stack();
+
+  // WHEN
+  const lt = LaunchTemplate.fromLaunchTemplateAttributes(stack, 'imported-lt', {
+    launchTemplateId: 'test-lt-id',
+    versionNumber: '0',
+  });
+
+  new autoscaling.AutoScalingGroup(stack, 'mip-asg', {
+    mixedInstancesPolicy: {
+      launchTemplate: lt,
+      launchTemplateOverrides: [{
+        instanceType: new InstanceType('t4g.micro'),
+        launchTemplate: lt,
+        weightedCapacity: 9,
+      }],
+      instancesDistribution: {
+        onDemandAllocationStrategy: OnDemandAllocationStrategy.PRIORITIZED,
+        onDemandBaseCapacity: 1,
+        onDemandPercentageAboveBaseCapacity: 2,
+        spotAllocationStrategy: SpotAllocationStrategy.PRICE_CAPACITY_OPTIMIZED,
+        spotInstancePools: 3,
+        spotMaxPrice: '4',
+      },
+    },
+    vpc: mockVpc(stack),
+  });
+
+  // THEN
+  Template.fromStack(stack).hasResourceProperties('AWS::AutoScaling::AutoScalingGroup', {
+    MixedInstancesPolicy: {
+      InstancesDistribution: {
+        SpotAllocationStrategy: 'price-capacity-optimized',
+      },
+    },
+  });
+});
+
+
 function mockSecurityGroup(stack: cdk.Stack) {
   return ec2.SecurityGroup.fromSecurityGroupId(stack, 'MySG', 'most-secure');
 }

diff --git a/packages/@aws-cdk/aws-cloudtrail/README.md b/packages/@aws-cdk/aws-cloudtrail/README.md
@@ -197,3 +197,17 @@ new cloudtrail.Trail(this, 'OrganizationTrail', {
   isOrganizationTrail: true,
 });
 ```
+
+## CloudTrail Insights
+
+Set `InsightSelector` to enable Insight.
+Insights selector values can be `ApiCallRateInsight`, `ApiErrorRateInsight`, or both.
+
+```ts
+new Trail(stack, 'Insights', {
+    insightTypes: [
+      InsightType.API_CALL_RATE,
+      InsightType.API_ERROR_RATE,
+    ],
+});
+```
diff --git a/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts b/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts
@@ -127,6 +127,13 @@ export interface TrailProps {
    * @default - false
    */
   readonly isOrganizationTrail?: boolean
+
+  /**
+   * A JSON string that contains the insight types you want to log on a trail.
+   *
+   * @default - No Value.
+   */
+  readonly insightTypes?: InsightType[]
 }
 
 /**
@@ -158,6 +165,23 @@ export enum ReadWriteType {
   NONE = 'None',
 }
 
+/**
+ * Util element for InsightSelector
+ */
+export class InsightType {
+  /**
+   * The type of insights to log on a trail. (API Call Rate)
+   */
+  public static readonly API_CALL_RATE = new InsightType('ApiCallRateInsight');
+
+  /**
+   * The type of insights to log on a trail. (API Error Rate)
+   */
+  public static readonly API_ERROR_RATE = new InsightType('ApiErrorRateInsight');
+
+  protected constructor(public readonly value: string) {}
+}
+
 /**
  * Cloud trail allows you to log events that happen in your AWS account
  * For example:
@@ -213,6 +237,7 @@ export class Trail extends Resource {
   private s3bucket: s3.IBucket;
   private eventSelectors: EventSelector[] = [];
   private topic: sns.ITopic | undefined;
+  private insightTypeValues: InsightSelector[] | undefined;
 
   constructor(scope: Construct, id: string, props: TrailProps = {}) {
     super(scope, id, {
@@ -283,6 +308,12 @@ export class Trail extends Resource {
       throw new Error('Both kmsKey and encryptionKey must not be specified. Use only encryptionKey');
     }
 
+    if (props.insightTypes) {
+      this.insightTypeValues = props.insightTypes.map(function(t) {
+        return { insightType: t.value };
+      });
+    }
+
     // TODO: not all regions support validation. Use service configuration data to fail gracefully
     const trail = new CfnTrail(this, 'Resource', {
       isLogging: true,
@@ -298,6 +329,7 @@ export class Trail extends Resource {
       snsTopicName: this.topic?.topicName,
       eventSelectors: this.eventSelectors,
       isOrganizationTrail: props.isOrganizationTrail,
+      insightSelectors: this.insightTypeValues,
     });
 
     this.trailArn = this.getResourceArnAttribute(trail.attrArn, {
@@ -502,3 +534,7 @@ interface EventSelectorData {
   readonly type: string;
   readonly values: string[];
 }
+
+interface InsightSelector {
+  readonly insightType?: string;
+}
diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json
@@ -115,7 +115,8 @@
   },
   "awslint": {
     "exclude": [
-      "events-method-signature:@aws-cdk/aws-cloudtrail.Trail.onEvent"
+      "events-method-signature:@aws-cdk/aws-cloudtrail.Trail.onEvent",
+      "docs-public-apis:@aws-cdk/aws-cloudtrail.InsightType.value"
     ]
   },
   "engines": {

diff --git a/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts b/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts
@@ -7,7 +7,7 @@ import * as s3 from '@aws-cdk/aws-s3';
 import * as sns from '@aws-cdk/aws-sns';
 import { testDeprecated } from '@aws-cdk/cdk-build-tools';
 import { Stack } from '@aws-cdk/core';
-import { ManagementEventSources, ReadWriteType, Trail } from '../lib';
+import { ManagementEventSources, ReadWriteType, Trail, InsightType } from '../lib';
 
 const ExpectedBucketPolicyProperties = {
   PolicyDocument: {
@@ -702,4 +702,79 @@ describe('cloudtrail', () => {
       });
     });
   });
-});
+  describe('insights ', () => {
+    test('no properties', () => {
+      const stack = getTestStack();
+      new Trail(stack, 'MyAmazingCloudTrail', {
+        insightTypes: [],
+      });
+      Template.fromStack(stack).hasResourceProperties('AWS::CloudTrail::Trail', {
+        InsightSelectors: [],
+      });
+    });
+    test('API Call Rate properties', () => {
+      const stack = getTestStack();
+      new Trail(stack, 'MyAmazingCloudTrail', {
+        insightTypes: [
+          InsightType.API_CALL_RATE,
+        ],
+      });
+      Template.fromStack(stack).hasResourceProperties('AWS::CloudTrail::Trail', {
+        InsightSelectors: [{
+          InsightType: 'ApiCallRateInsight',
+        }],
+      });
+    });
+    test('API Error Rate properties', () => {
+      const stack = getTestStack();
+      new Trail(stack, 'MyAmazingCloudTrail', {
+        insightTypes: [
+          InsightType.API_ERROR_RATE,
+        ],
+      });
+      Template.fromStack(stack).hasResourceProperties('AWS::CloudTrail::Trail', {
+        InsightSelectors: [{
+          InsightType: 'ApiErrorRateInsight',
+        }],
+      });
+    });
+    test('duplicate properties', () => {
+      const stack = getTestStack();
+      new Trail(stack, 'MyAmazingCloudTrail', {
+        insightTypes: [
+          InsightType.API_CALL_RATE,
+          InsightType.API_CALL_RATE,
+        ],
+      });
+      Template.fromStack(stack).hasResourceProperties('AWS::CloudTrail::Trail', {
+        InsightSelectors: [
+          {
+            InsightType: 'ApiCallRateInsight',
+          },
+          {
+            InsightType: 'ApiCallRateInsight',
+          },
+        ],
+      });
+    });
+    test('ALL properties', () => {
+      const stack = getTestStack();
+      new Trail(stack, 'MyAmazingCloudTrail', {
+        insightTypes: [
+          InsightType.API_CALL_RATE,
+          InsightType.API_ERROR_RATE,
+        ],
+      });
+      Template.fromStack(stack).hasResourceProperties('AWS::CloudTrail::Trail', {
+        InsightSelectors: [
+          {
+            InsightType: 'ApiCallRateInsight',
+          },
+          {
+            InsightType: 'ApiErrorRateInsight',
+          },
+        ],
+      });
+    });
+  });
+});