From 14c6e04d1ac057c60cd728f97a0574f81659b00b Mon Sep 17 00:00:00 2001 From: Thomas Ladd Date: Fri, 5 Feb 2021 09:17:24 -0600 Subject: [PATCH] chore(rds): Add AuroraPostgresEngineVersion 12.4 A new version of Aurora Postgres was recently released https://aws.amazon.com/about-aws/whats-new/2021/01/amazon-aurora-supports-postgresql-12/ --- .../auto-approve-v2-merge-forward.yml | 26 - .github/workflows/v2-pull-request.yml | 46 ++ .github/workflows/yarn-upgrade.yml | 13 +- .../assert/lib/assertions/have-resource.ts | 2 +- packages/@aws-cdk/aws-amplify/lib/app.ts | 4 +- packages/@aws-cdk/aws-amplify/lib/branch.ts | 4 +- packages/@aws-cdk/aws-amplify/lib/domain.ts | 2 +- .../aws-apigateway/lib/integrations/http.ts | 2 +- .../aws-apigateway/lib/integrations/lambda.ts | 4 +- .../@aws-cdk/aws-apigateway/lib/resource.ts | 4 +- .../@aws-cdk/aws-apigateway/lib/restapi.ts | 10 +- .../lib/base-scalable-attribute.ts | 2 +- .../lib/interval-utils.ts | 2 +- .../aws-autoscaling/lib/auto-scaling-group.ts | 9 +- .../aws-batch/lib/compute-environment.ts | 9 +- .../aws-cloudformation/lib/nested-stack.ts | 2 +- .../test/integ.nested-stack.ts | 2 +- .../aws-cloudfront/lib/web-distribution.ts | 4 +- packages/@aws-cdk/aws-cloudwatch/lib/graph.ts | 6 +- packages/@aws-cdk/aws-codebuild/lib/source.ts | 4 +- .../lib/lambda/custom-deployment-config.ts | 5 +- .../lib/server/deployment-group.ts | 2 +- .../lib/custom-action-registration.ts | 2 +- .../lib/private/full-action-descriptor.ts | 4 +- .../aws-codepipeline/test/pipeline.test.ts | 89 ++- .../@aws-cdk/aws-cognito/lib/user-pool.ts | 2 +- packages/@aws-cdk/aws-dynamodb/lib/table.ts | 4 +- packages/@aws-cdk/aws-ec2/README.md | 24 + packages/@aws-cdk/aws-ec2/lib/index.ts | 1 + packages/@aws-cdk/aws-ec2/lib/instance.ts | 5 +- .../@aws-cdk/aws-ec2/lib/launch-template.ts | 665 +++++++++++++++++ .../@aws-cdk/aws-ec2/lib/machine-image.ts | 54 +- packages/@aws-cdk/aws-ec2/lib/network-acl.ts | 2 +- .../@aws-cdk/aws-ec2/lib/private/ebs-util.ts | 42 ++ packages/@aws-cdk/aws-ec2/lib/user-data.ts | 2 +- packages/@aws-cdk/aws-ec2/lib/volume.ts | 123 ++-- .../aws-ec2/lib/vpc-endpoint-service.ts | 7 +- packages/@aws-cdk/aws-ec2/lib/vpc.ts | 5 +- packages/@aws-cdk/aws-ec2/lib/vpn.ts | 2 +- .../aws-ec2/test/launch-template.test.ts | 685 ++++++++++++++++++ .../aws-ec2/test/machine-image.test.ts | 63 ++ packages/@aws-cdk/aws-ec2/test/volume.test.ts | 245 +++++-- .../aws-ec2/test/vpc.from-lookup.test.ts | 41 ++ packages/@aws-cdk/aws-ec2/test/vpn.test.ts | 22 +- packages/@aws-cdk/aws-ecr/lib/repository.ts | 6 +- .../application-load-balanced-service-base.ts | 8 +- ...ion-multiple-target-groups-service-base.ts | 10 +- .../network-load-balanced-service-base.ts | 9 +- ...ork-multiple-target-groups-service-base.ts | 8 +- .../lib/base/queue-processing-service-base.ts | 12 +- .../application-load-balanced-ecs-service.ts | 8 +- ...tion-multiple-target-groups-ecs-service.ts | 2 +- .../ecs/network-load-balanced-ecs-service.ts | 8 +- ...work-multiple-target-groups-ecs-service.ts | 2 +- .../lib/ecs/scheduled-ecs-task.ts | 2 +- ...plication-load-balanced-fargate-service.ts | 6 +- ...-multiple-target-groups-fargate-service.ts | 4 +- .../network-load-balanced-fargate-service.ts | 10 +- ...-multiple-target-groups-fargate-service.ts | 4 +- .../lib/fargate/scheduled-fargate-task.ts | 2 +- .../@aws-cdk/aws-ecs/lib/base/base-service.ts | 13 +- .../aws-ecs/lib/base/task-definition.ts | 3 +- packages/@aws-cdk/aws-ecs/lib/cluster.ts | 2 +- .../aws-ecs/lib/container-definition.ts | 10 +- .../@aws-cdk/aws-ecs/lib/ec2/ec2-service.ts | 3 +- .../aws-ecs/lib/fargate/fargate-service.ts | 3 +- .../@aws-cdk/aws-eks-legacy/lib/cluster.ts | 10 +- .../@aws-cdk/aws-eks-legacy/lib/user-data.ts | 2 +- packages/@aws-cdk/aws-eks/lib/cluster.ts | 8 +- packages/@aws-cdk/aws-eks/lib/user-data.ts | 2 +- .../lib/load-balancer.ts | 2 +- .../lib/shared/base-listener.ts | 2 +- .../lib/shared/base-target-group.ts | 18 +- .../lib/shared/util.ts | 2 +- .../test/alb/security-group.test.ts | 2 +- .../aws-events-targets/lib/ecs-task.ts | 2 +- packages/@aws-cdk/aws-events/lib/rule.ts | 4 +- packages/@aws-cdk/aws-events/lib/schedule.ts | 2 +- packages/@aws-cdk/aws-glue/lib/table.ts | 4 +- packages/@aws-cdk/aws-iam/lib/policy.ts | 2 +- packages/@aws-cdk/aws-kms/lib/key.ts | 2 +- packages/@aws-cdk/aws-kms/test/key.test.ts | 97 +++ .../lib/Dockerfile.dependencies | 3 + .../test/integ.function.expected.json | 20 +- .../test/integ.function.pipenv.expected.json | 60 +- .../test/integ.function.poetry.expected.json | 60 +- .../test/integ.function.project.expected.json | 24 +- .../test/integ.function.py38.expected.json | 20 +- ...unction.requirements.removed.expected.json | 2 +- .../test/integ.function.vpc.expected.json | 20 +- .../aws-lambda/lib/event-invoke-config.ts | 2 +- .../@aws-cdk/aws-logs/lib/metric-filter.ts | 2 +- .../@aws-cdk/aws-rds/lib/cluster-engine.ts | 2 + packages/@aws-cdk/aws-rds/lib/instance.ts | 18 +- packages/@aws-cdk/aws-rds/lib/private/util.ts | 4 +- packages/@aws-cdk/aws-redshift/lib/cluster.ts | 35 +- packages/@aws-cdk/aws-s3-assets/README.md | 1 + .../lib/bucket-deployment.ts | 2 +- packages/@aws-cdk/aws-s3/lib/bucket.ts | 6 +- .../@aws-cdk/aws-ses-actions/lib/bounce.ts | 2 +- .../@aws-cdk/aws-ses-actions/lib/lambda.ts | 2 +- packages/@aws-cdk/aws-ses-actions/lib/s3.ts | 4 +- packages/@aws-cdk/aws-ses-actions/lib/stop.ts | 2 +- .../@aws-cdk/aws-ses/lib/receipt-rule-set.ts | 2 +- packages/@aws-cdk/aws-ses/lib/receipt-rule.ts | 4 +- .../lib/emr/emr-create-cluster.ts | 2 +- .../aws-stepfunctions/lib/state-machine.ts | 4 +- .../aws-stepfunctions/lib/states/pass.ts | 2 +- .../aws-stepfunctions/lib/states/state.ts | 6 +- packages/@aws-cdk/core/lib/app.ts | 2 +- packages/@aws-cdk/core/lib/arn.ts | 8 +- packages/@aws-cdk/core/lib/bundling.ts | 31 +- packages/@aws-cdk/core/lib/fs/copy.ts | 2 +- packages/@aws-cdk/core/lib/stack.ts | 2 +- packages/@aws-cdk/core/lib/tag-aspect.ts | 4 +- packages/@aws-cdk/core/lib/token.ts | 2 +- packages/@aws-cdk/core/test/bundling.test.ts | 38 + .../@aws-cdk/core/test/tag-aspect.test.ts | 6 +- packages/aws-cdk/README.md | 12 + packages/aws-cdk/lib/api/deploy-stack.ts | 34 +- packages/aws-cdk/lib/cdk-toolkit.ts | 2 +- packages/aws-cdk/test/api/bootstrap.test.ts | 1 + .../aws-cdk/test/api/deploy-stack.test.ts | 47 ++ tools/cfn2ts/lib/codegen.ts | 2 +- 124 files changed, 2497 insertions(+), 556 deletions(-) delete mode 100644 .github/workflows/auto-approve-v2-merge-forward.yml create mode 100644 .github/workflows/v2-pull-request.yml create mode 100644 packages/@aws-cdk/aws-ec2/lib/launch-template.ts create mode 100644 packages/@aws-cdk/aws-ec2/lib/private/ebs-util.ts create mode 100644 packages/@aws-cdk/aws-ec2/test/launch-template.test.ts diff --git a/.github/workflows/auto-approve-v2-merge-forward.yml b/.github/workflows/auto-approve-v2-merge-forward.yml deleted file mode 100644 index f05cd6753316c..0000000000000 --- a/.github/workflows/auto-approve-v2-merge-forward.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Automatically approve PRs that merge master forward to v2-main -# -# Only does approvals! mergify takes care of the actual merge. -name: Auto-approve automated PRs around CDK v2 -on: - pull_request: - types: - - labeled - - opened - - ready_for_review - - reopened - - synchronize - - unlabeled - - unlocked - -jobs: - approve: - runs-on: ubuntu-latest - steps: - - uses: hmarr/auto-approve-action@v2.0.0 - if: > - github.event.pull_request.user.login == 'aws-cdk-automation' - && github.event.pull_request.base.ref == 'v2-main' - && contains(github.event.pull_request.labels.*.name, 'pr/auto-approve') - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/v2-pull-request.yml b/.github/workflows/v2-pull-request.yml new file mode 100644 index 0000000000000..c4118d3298a00 --- /dev/null +++ b/.github/workflows/v2-pull-request.yml @@ -0,0 +1,46 @@ +# Automated actions for PRs against the v2-main branch +name: v2 +on: + pull_request: + branches: + - v2-main + types: + - labeled + - opened + - ready_for_review + - reopened + - synchronize + - unlabeled + - unlocked + +jobs: + # Run yarn pkglint on merge forward PRs and commit the results + pkglint: + if: contains(github.event.pull_request.labels.*.name, 'pr/forward-merge') + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v2 + with: + branch: ${{ github.event.pull_request.head.ref }} + token: ${{ secrets.GITHUB_TOKEN }} + - name: lint + run: |- + yarn install --frozen-lockfile + yarn pkglint + - name: push + uses: stefanzweifel/git-auto-commit-action@v4 + with: + commit_message: 'automatic pkglint fixes' + + # Approve automated PRs + # Only approve! mergify takes care of the actual merge. + auto-approve: + if: > + github.event.pull_request.user.login == 'aws-cdk-automation' + && contains(github.event.pull_request.labels.*.name, 'pr/auto-approve') + runs-on: ubuntu-latest + steps: + - uses: hmarr/auto-approve-action@v2.0.0 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml index 586e7f2c9357a..6734719a67184 100644 --- a/.github/workflows/yarn-upgrade.yml +++ b/.github/workflows/yarn-upgrade.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v2 - name: Set up Node - uses: actions/setup-node@v2.1.0 + uses: actions/setup-node@v2.1.4 with: node-version: 10 @@ -55,12 +55,15 @@ jobs: lerna exec --parallel ncu -- --upgrade --filter=@types/node,@types/fs-extra --target=minor lerna exec --parallel ncu -- --upgrade --filter=typescript --target=patch lerna exec --parallel ncu -- --upgrade --reject='@types/node,@types/fs-extra,constructs,typescript,aws-sdk,${{ steps.list-packages.outputs.list }}' --target=minor - # This will create a brand new `yarn.lock` file (this is more efficient than `yarn install && yarn upgrade`) - - name: Run "yarn install --force" - run: yarn install --force + # This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn update" to run) + - name: Run "yarn install" + run: yarn install + + - name: Run "yarn upgrade" + run: yarn upgrade - name: Make Pull Request - uses: peter-evans/create-pull-request@v2 + uses: peter-evans/create-pull-request@v3 with: # Git commit details branch: automation/yarn-upgrade diff --git a/packages/@aws-cdk/assert/lib/assertions/have-resource.ts b/packages/@aws-cdk/assert/lib/assertions/have-resource.ts index 3e44013188b2c..5a977d8252fd4 100644 --- a/packages/@aws-cdk/assert/lib/assertions/have-resource.ts +++ b/packages/@aws-cdk/assert/lib/assertions/have-resource.ts @@ -59,7 +59,7 @@ export class HaveResourceAssertion extends JestFriendlyAssertion properties === undefined ? anything() : allowValueExtension ? deepObjectLike(properties) : objectLike(properties); - this.part = part !== undefined ? part : ResourcePart.Properties; + this.part = part ?? ResourcePart.Properties; } public assertUsing(inspector: StackInspector): boolean { diff --git a/packages/@aws-cdk/aws-amplify/lib/app.ts b/packages/@aws-cdk/aws-amplify/lib/app.ts index 8e7217a59cc58..bf1d5bc3d5e89 100644 --- a/packages/@aws-cdk/aws-amplify/lib/app.ts +++ b/packages/@aws-cdk/aws-amplify/lib/app.ts @@ -218,9 +218,9 @@ export class App extends Resource implements IApp, iam.IGrantable { basicAuthConfig: props.autoBranchCreation.basicAuth && props.autoBranchCreation.basicAuth.bind(this, 'BranchBasicAuth'), buildSpec: props.autoBranchCreation.buildSpec && props.autoBranchCreation.buildSpec.toBuildSpec(), enableAutoBranchCreation: true, - enableAutoBuild: props.autoBranchCreation.autoBuild === undefined ? true : props.autoBranchCreation.autoBuild, + enableAutoBuild: props.autoBranchCreation.autoBuild ?? true, environmentVariables: Lazy.any({ produce: () => renderEnvironmentVariables(this.autoBranchEnvironmentVariables ) }, { omitEmptyArray: true }), // eslint-disable-line max-len - enablePullRequestPreview: props.autoBranchCreation.pullRequestPreview === undefined ? true : props.autoBranchCreation.pullRequestPreview, + enablePullRequestPreview: props.autoBranchCreation.pullRequestPreview ?? true, pullRequestEnvironmentName: props.autoBranchCreation.pullRequestEnvironmentName, stage: props.autoBranchCreation.stage, }, diff --git a/packages/@aws-cdk/aws-amplify/lib/branch.ts b/packages/@aws-cdk/aws-amplify/lib/branch.ts index e26fe6c4d46a2..210f27d4831e2 100644 --- a/packages/@aws-cdk/aws-amplify/lib/branch.ts +++ b/packages/@aws-cdk/aws-amplify/lib/branch.ts @@ -139,8 +139,8 @@ export class Branch extends Resource implements IBranch { branchName, buildSpec: props.buildSpec && props.buildSpec.toBuildSpec(), description: props.description, - enableAutoBuild: props.autoBuild === undefined ? true : props.autoBuild, - enablePullRequestPreview: props.pullRequestPreview === undefined ? true : props.pullRequestPreview, + enableAutoBuild: props.autoBuild ?? true, + enablePullRequestPreview: props.pullRequestPreview ?? true, environmentVariables: Lazy.any({ produce: () => renderEnvironmentVariables(this.environmentVariables) }, { omitEmptyArray: true }), pullRequestEnvironmentName: props.pullRequestEnvironmentName, stage: props.stage, diff --git a/packages/@aws-cdk/aws-amplify/lib/domain.ts b/packages/@aws-cdk/aws-amplify/lib/domain.ts index b657ebdefb247..bf6ba7afe8017 100644 --- a/packages/@aws-cdk/aws-amplify/lib/domain.ts +++ b/packages/@aws-cdk/aws-amplify/lib/domain.ts @@ -147,7 +147,7 @@ export class Domain extends Resource { private renderSubDomainSettings() { return this.subDomains.map(s => ({ branchName: s.branch.branchName, - prefix: s.prefix === undefined ? s.branch.branchName : s.prefix, + prefix: s.prefix ?? s.branch.branchName, })); } } diff --git a/packages/@aws-cdk/aws-apigateway/lib/integrations/http.ts b/packages/@aws-cdk/aws-apigateway/lib/integrations/http.ts index fac5bb7cc6800..65f0657e19817 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/integrations/http.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/integrations/http.ts @@ -38,7 +38,7 @@ export interface HttpIntegrationProps { */ export class HttpIntegration extends Integration { constructor(url: string, props: HttpIntegrationProps = { }) { - const proxy = props.proxy !== undefined ? props.proxy : true; + const proxy = props.proxy ?? true; const method = props.httpMethod || 'GET'; super({ type: proxy ? IntegrationType.HTTP_PROXY : IntegrationType.HTTP, diff --git a/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts b/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts index 399484510f343..97772fe7eddb5 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts @@ -41,7 +41,7 @@ export class LambdaIntegration extends AwsIntegration { private readonly enableTest: boolean; constructor(handler: lambda.IFunction, options: LambdaIntegrationOptions = { }) { - const proxy = options.proxy === undefined ? true : options.proxy; + const proxy = options.proxy ?? true; super({ proxy, @@ -51,7 +51,7 @@ export class LambdaIntegration extends AwsIntegration { }); this.handler = handler; - this.enableTest = options.allowTestInvoke === undefined ? true : options.allowTestInvoke; + this.enableTest = options.allowTestInvoke ?? true; } public bind(method: Method): IntegrationConfig { diff --git a/packages/@aws-cdk/aws-apigateway/lib/resource.ts b/packages/@aws-cdk/aws-apigateway/lib/resource.ts index 33ec6f1d5f7fd..49d0bf0356d80 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/resource.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/resource.ts @@ -276,7 +276,7 @@ export abstract class ResourceBase extends ResourceConstruct implements IResourc // // statusCode - const statusCode = options.statusCode !== undefined ? options.statusCode : 204; + const statusCode = options.statusCode ?? 204; // // prepare responseParams @@ -522,7 +522,7 @@ export class ProxyResource extends Resource { defaultMethodOptions: props.defaultMethodOptions, }); - const anyMethod = props.anyMethod !== undefined ? props.anyMethod : true; + const anyMethod = props.anyMethod ?? true; if (anyMethod) { this.anyMethod = this.addMethod('ANY'); } diff --git a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts index 0911c92dda94b..32c400c52d23e 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts @@ -504,7 +504,7 @@ export abstract class RestApiBase extends Resource implements IRestApi { } protected configureDeployment(props: RestApiOptions) { - const deploy = props.deploy === undefined ? true : props.deploy; + const deploy = props.deploy ?? true; if (deploy) { this._latestDeployment = new Deployment(this, 'Deployment', { @@ -593,7 +593,7 @@ export class SpecRestApi extends RestApiBase { name: this.restApiName, policy: props.policy, failOnWarnings: props.failOnWarnings, - body: apiDefConfig.inlineDefinition ? apiDefConfig.inlineDefinition : undefined, + body: apiDefConfig.inlineDefinition ?? undefined, bodyS3Location: apiDefConfig.inlineDefinition ? undefined : apiDefConfig.s3Location, endpointConfiguration: this._configureEndpoints(props), parameters: props.parameters, @@ -608,7 +608,7 @@ export class SpecRestApi extends RestApiBase { this.addDomainName('CustomDomain', props.domainName); } - const cloudWatchRole = props.cloudWatchRole !== undefined ? props.cloudWatchRole : true; + const cloudWatchRole = props.cloudWatchRole ?? true; if (cloudWatchRole) { this.configureCloudWatchRole(resource); } @@ -700,13 +700,13 @@ export class RestApi extends RestApiBase { binaryMediaTypes: props.binaryMediaTypes, endpointConfiguration: this._configureEndpoints(props), apiKeySourceType: props.apiKeySourceType, - cloneFrom: props.cloneFrom ? props.cloneFrom.restApiId : undefined, + cloneFrom: props.cloneFrom?.restApiId, parameters: props.parameters, }); this.node.defaultChild = resource; this.restApiId = resource.ref; - const cloudWatchRole = props.cloudWatchRole !== undefined ? props.cloudWatchRole : true; + const cloudWatchRole = props.cloudWatchRole ?? true; if (cloudWatchRole) { this.configureCloudWatchRole(resource); } diff --git a/packages/@aws-cdk/aws-applicationautoscaling/lib/base-scalable-attribute.ts b/packages/@aws-cdk/aws-applicationautoscaling/lib/base-scalable-attribute.ts index 762da275c33a5..95d2a19c8a17d 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/lib/base-scalable-attribute.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/lib/base-scalable-attribute.ts @@ -58,7 +58,7 @@ export abstract class BaseScalableAttribute extends CoreConstruct { scalableDimension: this.props.dimension, resourceId: this.props.resourceId, role: this.props.role, - minCapacity: props.minCapacity !== undefined ? props.minCapacity : 1, + minCapacity: props.minCapacity ?? 1, maxCapacity: props.maxCapacity, }); } diff --git a/packages/@aws-cdk/aws-autoscaling-common/lib/interval-utils.ts b/packages/@aws-cdk/aws-autoscaling-common/lib/interval-utils.ts index 39a05beb1e70e..246bfc018507b 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/lib/interval-utils.ts +++ b/packages/@aws-cdk/aws-autoscaling-common/lib/interval-utils.ts @@ -43,7 +43,7 @@ function orderAndCompleteIntervals(intervals: ScalingInterval[]): CompleteScalin intervals = intervals.map(x => ({ ...x })); // Sort by whatever number we have for each interval - intervals.sort(comparatorFromKey((x: ScalingInterval) => x.lower !== undefined ? x.lower : x.upper)); + intervals.sort(comparatorFromKey((x: ScalingInterval) => x.lower ?? x.upper)); // Propagate boundaries until no more change while (propagateBounds(intervals)) { /* Repeat */ } diff --git a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts index 0d5dd3f147235..4b14a4ea710cb 100644 --- a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts +++ b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts @@ -957,9 +957,8 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements // desiredCapacity just reflects what the user has supplied. const desiredCapacity = props.desiredCapacity; - const minCapacity = props.minCapacity !== undefined ? props.minCapacity : 1; - const maxCapacity = props.maxCapacity !== undefined ? props.maxCapacity : - desiredCapacity !== undefined ? desiredCapacity : Math.max(minCapacity, 1); + const minCapacity = props.minCapacity ?? 1; + const maxCapacity = props.maxCapacity ?? desiredCapacity ?? Math.max(minCapacity, 1); withResolved(minCapacity, maxCapacity, (min, max) => { if (min > max) { @@ -1009,7 +1008,7 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements const { subnetIds, hasPublic } = props.vpc.selectSubnets(props.vpcSubnets); const asgProps: CfnAutoScalingGroupProps = { autoScalingGroupName: this.physicalName, - cooldown: props.cooldown !== undefined ? props.cooldown.toSeconds().toString() : undefined, + cooldown: props.cooldown?.toSeconds().toString(), minSize: Tokenization.stringifyNumber(minCapacity), maxSize: Tokenization.stringifyNumber(maxCapacity), desiredCapacity: desiredCapacity !== undefined ? Tokenization.stringifyNumber(desiredCapacity) : undefined, @@ -1509,7 +1508,7 @@ enum HealthCheckType { * Render the rolling update configuration into the appropriate object */ function renderRollingUpdateConfig(config: RollingUpdateConfiguration = {}): CfnAutoScalingRollingUpdate { - const waitOnResourceSignals = config.minSuccessfulInstancesPercent !== undefined ? true : false; + const waitOnResourceSignals = config.minSuccessfulInstancesPercent !== undefined; const pauseTime = config.pauseTime || (waitOnResourceSignals ? Duration.minutes(5) : Duration.seconds(0)); return { diff --git a/packages/@aws-cdk/aws-batch/lib/compute-environment.ts b/packages/@aws-cdk/aws-batch/lib/compute-environment.ts index 96c356ac13d50..18a2d1a446325 100644 --- a/packages/@aws-cdk/aws-batch/lib/compute-environment.ts +++ b/packages/@aws-cdk/aws-batch/lib/compute-environment.ts @@ -374,7 +374,7 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment minvCpus: props.computeResources.minvCpus || 0, placementGroup: props.computeResources.placementGroup, securityGroupIds: this.buildSecurityGroupIds(props.computeResources.vpc, props.computeResources.securityGroups), - spotIamFleetRole: spotFleetRole ? spotFleetRole.roleArn : undefined, + spotIamFleetRole: spotFleetRole?.roleArn, subnets: props.computeResources.vpc.selectSubnets(props.computeResources.vpcSubnets).subnetIds, tags: props.computeResources.computeResourcesTags, type: props.computeResources.type || ComputeResourceType.ON_DEMAND, @@ -384,9 +384,8 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment const computeEnvironment = new CfnComputeEnvironment(this, 'Resource', { computeEnvironmentName: this.physicalName, computeResources, - serviceRole: props.serviceRole - ? props.serviceRole.roleArn - : new iam.Role(this, 'Resource-Service-Instance-Role', { + serviceRole: props.serviceRole?.roleArn + ?? new iam.Role(this, 'Resource-Service-Instance-Role', { managedPolicies: [ iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSBatchServiceRole'), ], @@ -409,7 +408,7 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment } private isManaged(props: ComputeEnvironmentProps): boolean { - return props.managed === undefined ? true : props.managed; + return props.managed ?? true; } /** diff --git a/packages/@aws-cdk/aws-cloudformation/lib/nested-stack.ts b/packages/@aws-cdk/aws-cloudformation/lib/nested-stack.ts index 57268c5291bb9..c72d94598ecfc 100644 --- a/packages/@aws-cdk/aws-cloudformation/lib/nested-stack.ts +++ b/packages/@aws-cdk/aws-cloudformation/lib/nested-stack.ts @@ -71,7 +71,7 @@ export class NestedStack extends core.NestedStack { super(scope, id, { parameters: props.parameters, timeout: props.timeout, - notificationArns: props.notifications ? props.notifications.map(n => n.topicArn) : undefined, + notificationArns: props.notifications?.map(n => n.topicArn), }); } } diff --git a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts index 9bb2ba7e5f852..b6357115f7667 100644 --- a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts +++ b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts @@ -46,7 +46,7 @@ class MyNestedStack extends cfn.NestedStack { code: lambda.Code.inline('console.error("hi")'), handler: 'index.handler', environment: { - TOPIC_ARN: props.siblingTopic ? props.siblingTopic.topicArn : '', + TOPIC_ARN: props.siblingTopic?.topicArn ?? '', QUEUE_URL: props.subscriber.queueUrl, // nested stack references a resource in the parent }, }); diff --git a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts index ae3cbae6051d3..f191813dada2b 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts @@ -771,10 +771,10 @@ export class CloudFrontWebDistribution extends cdk.Resource implements IDistribu let distributionConfig: CfnDistribution.DistributionConfigProperty = { comment: props.comment, enabled: true, - defaultRootObject: props.defaultRootObject !== undefined ? props.defaultRootObject : 'index.html', + defaultRootObject: props.defaultRootObject ?? 'index.html', httpVersion: props.httpVersion || HttpVersion.HTTP2, priceClass: props.priceClass || PriceClass.PRICE_CLASS_100, - ipv6Enabled: (props.enableIpV6 !== undefined) ? props.enableIpV6 : true, + ipv6Enabled: props.enableIpV6 ?? true, // eslint-disable-next-line max-len customErrorResponses: props.errorConfigurations, // TODO: validation : https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-customerrorresponse.html#cfn-cloudfront-distribution-customerrorresponse-errorcachingminttl webAclId: props.webACLId, diff --git a/packages/@aws-cdk/aws-cloudwatch/lib/graph.ts b/packages/@aws-cdk/aws-cloudwatch/lib/graph.ts index f232b5d27edf5..98f8980db4f4b 100644 --- a/packages/@aws-cdk/aws-cloudwatch/lib/graph.ts +++ b/packages/@aws-cdk/aws-cloudwatch/lib/graph.ts @@ -114,7 +114,7 @@ export class AlarmWidget extends ConcreteWidget { alarms: [this.props.alarm.alarmArn], }, yAxis: { - left: this.props.leftYAxis !== undefined ? this.props.leftYAxis : undefined, + left: this.props.leftYAxis ?? undefined, }, }, }]; @@ -271,8 +271,8 @@ export class GraphWidget extends ConcreteWidget { metrics: metrics.length > 0 ? metrics : undefined, annotations: horizontalAnnotations.length > 0 ? { horizontal: horizontalAnnotations } : undefined, yAxis: { - left: this.props.leftYAxis !== undefined ? this.props.leftYAxis : undefined, - right: this.props.rightYAxis !== undefined ? this.props.rightYAxis : undefined, + left: this.props.leftYAxis ?? undefined, + right: this.props.rightYAxis ?? undefined, }, legend: this.props.legendPosition !== undefined ? { position: this.props.legendPosition } : undefined, liveData: this.props.liveData, diff --git a/packages/@aws-cdk/aws-codebuild/lib/source.ts b/packages/@aws-cdk/aws-codebuild/lib/source.ts index 7706328a92bc7..19161ef9b6172 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/source.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/source.ts @@ -515,14 +515,14 @@ abstract class ThirdPartyGitSource extends GitSource { super(props); this.webhook = props.webhook; - this.reportBuildStatus = props.reportBuildStatus === undefined ? true : props.reportBuildStatus; + this.reportBuildStatus = props.reportBuildStatus ?? true; this.webhookFilters = props.webhookFilters || []; this.webhookTriggersBatchBuild = props.webhookTriggersBatchBuild; } public bind(_scope: CoreConstruct, project: IProject): SourceConfig { const anyFilterGroupsProvided = this.webhookFilters.length > 0; - const webhook = this.webhook === undefined ? (anyFilterGroupsProvided ? true : undefined) : this.webhook; + const webhook = this.webhook ?? (anyFilterGroupsProvided ? true : undefined); if (!webhook && anyFilterGroupsProvided) { throw new Error('`webhookFilters` cannot be used when `webhook` is `false`'); diff --git a/packages/@aws-cdk/aws-codedeploy/lib/lambda/custom-deployment-config.ts b/packages/@aws-cdk/aws-codedeploy/lib/lambda/custom-deployment-config.ts index 20822a0d2356b..55077fe93f273 100644 --- a/packages/@aws-cdk/aws-codedeploy/lib/lambda/custom-deployment-config.ts +++ b/packages/@aws-cdk/aws-codedeploy/lib/lambda/custom-deployment-config.ts @@ -99,9 +99,8 @@ export class CustomLambdaDeploymentConfig extends Resource implements ILambdaDep // Generates the name of the deployment config. It's also what you'll see in the AWS console // The name of the config is .LambdaPercentMinutes // Unless the user provides an explicit name - this.deploymentConfigName = props.deploymentConfigName !== undefined - ? props.deploymentConfigName - : `${Names.uniqueId(this)}.Lambda${props.type}${props.percentage}Percent${props.type === CustomLambdaDeploymentConfigType.LINEAR + this.deploymentConfigName = props.deploymentConfigName + ?? `${Names.uniqueId(this)}.Lambda${props.type}${props.percentage}Percent${props.type === CustomLambdaDeploymentConfigType.LINEAR ? 'Every' : ''}${props.interval.toMinutes()}Minutes`; this.deploymentConfigArn = arnForDeploymentConfig(this.deploymentConfigName); diff --git a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts index 0864d603d2e28..e1108acb5205d 100644 --- a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts @@ -277,7 +277,7 @@ export class ServerDeploymentGroup extends ServerDeploymentGroupBase { }); this._autoScalingGroups = props.autoScalingGroups || []; - this.installAgent = props.installAgent === undefined ? true : props.installAgent; + this.installAgent = props.installAgent ?? true; this.codeDeployBucket = s3.Bucket.fromBucketName(this, 'Bucket', `aws-codedeploy-${cdk.Stack.of(this).region}`); for (const asg of this._autoScalingGroups) { this.addCodeDeployAgentInstallUserData(asg); diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/custom-action-registration.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/custom-action-registration.ts index 41e34ac8a0b5d..dad9e84a47094 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/custom-action-registration.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/custom-action-registration.ts @@ -132,7 +132,7 @@ export class CustomActionRegistration extends Construct { entityUrlTemplate: props.entityUrl, executionUrlTemplate: props.executionUrl, }, - configurationProperties: props.actionProperties === undefined ? undefined : props.actionProperties.map((ap) => { + configurationProperties: props.actionProperties?.map((ap) => { return { key: ap.key || false, secret: ap.secret || false, diff --git a/packages/@aws-cdk/aws-codepipeline/lib/private/full-action-descriptor.ts b/packages/@aws-cdk/aws-codepipeline/lib/private/full-action-descriptor.ts index 6d58bf815d3db..895d3cf15430c 100644 --- a/packages/@aws-cdk/aws-codepipeline/lib/private/full-action-descriptor.ts +++ b/packages/@aws-cdk/aws-codepipeline/lib/private/full-action-descriptor.ts @@ -36,13 +36,13 @@ export class FullActionDescriptor { this.owner = actionProperties.owner || 'AWS'; this.provider = actionProperties.provider; this.version = actionProperties.version || '1'; - this.runOrder = actionProperties.runOrder === undefined ? 1 : actionProperties.runOrder; + this.runOrder = actionProperties.runOrder ?? 1; this.artifactBounds = actionProperties.artifactBounds; this.namespace = actionProperties.variablesNamespace; this.inputs = deduplicateArtifacts(actionProperties.inputs); this.outputs = deduplicateArtifacts(actionProperties.outputs); this.region = props.actionRegion || actionProperties.region; - this.role = actionProperties.role !== undefined ? actionProperties.role : props.actionRole; + this.role = actionProperties.role ?? props.actionRole; this.configuration = props.actionConfig.configuration; } diff --git a/packages/@aws-cdk/aws-codepipeline/test/pipeline.test.ts b/packages/@aws-cdk/aws-codepipeline/test/pipeline.test.ts index 880c45b1f8a05..3b091ac8ef339 100644 --- a/packages/@aws-cdk/aws-codepipeline/test/pipeline.test.ts +++ b/packages/@aws-cdk/aws-codepipeline/test/pipeline.test.ts @@ -5,16 +5,15 @@ import * as kms from '@aws-cdk/aws-kms'; import * as s3 from '@aws-cdk/aws-s3'; import * as cdk from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; -import { nodeunitShim, Test } from 'nodeunit-shim'; import * as codepipeline from '../lib'; import { FakeBuildAction } from './fake-build-action'; import { FakeSourceAction } from './fake-source-action'; /* eslint-disable quote-props */ -nodeunitShim({ - 'Pipeline': { - 'can be passed an IAM role during pipeline creation'(test: Test) { +describe('', () => { + describe('Pipeline', () => { + test('can be passed an IAM role during pipeline creation', () => { const stack = new cdk.Stack(); const role = new iam.Role(stack, 'Role', { assumedBy: new iam.ServicePrincipal('codepipeline.amazonaws.com'), @@ -32,23 +31,23 @@ nodeunitShim({ }, })); - test.done(); - }, - 'can be imported by ARN'(test: Test) { + }); + + test('can be imported by ARN', () => { const stack = new cdk.Stack(); const pipeline = codepipeline.Pipeline.fromPipelineArn(stack, 'Pipeline', 'arn:aws:codepipeline:us-east-1:123456789012:MyPipeline'); - test.equal(pipeline.pipelineArn, 'arn:aws:codepipeline:us-east-1:123456789012:MyPipeline'); - test.equal(pipeline.pipelineName, 'MyPipeline'); + expect(pipeline.pipelineArn).toEqual('arn:aws:codepipeline:us-east-1:123456789012:MyPipeline'); + expect(pipeline.pipelineName).toEqual('MyPipeline'); + - test.done(); - }, + }); - 'that is cross-region': { - 'validates that source actions are in the same region as the pipeline'(test: Test) { + describe('that is cross-region', () => { + test('validates that source actions are in the same region as the pipeline', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'PipelineStack', { env: { region: 'us-west-1', account: '123456789012' } }); const pipeline = new codepipeline.Pipeline(stack, 'Pipeline'); @@ -61,14 +60,14 @@ nodeunitShim({ region: 'ap-southeast-1', }); - test.throws(() => { + expect(() => { sourceStage.addAction(sourceAction); - }, /Source action 'FakeSource' must be in the same region as the pipeline/); + }).toThrow(/Source action 'FakeSource' must be in the same region as the pipeline/); + - test.done(); - }, + }); - 'allows passing an Alias in place of the KMS Key in the replication Bucket'(test: Test) { + test('allows passing an Alias in place of the KMS Key in the replication Bucket', () => { const app = new cdk.App(); const replicationRegion = 'us-west-1'; @@ -173,10 +172,10 @@ nodeunitShim({ }, }); - test.done(); - }, - "generates ArtifactStores with the alias' ARN as the KeyID"(test: Test) { + }); + + test('generates ArtifactStores with the alias ARN as the KeyID', () => { const app = new cdk.App(); const replicationRegion = 'us-west-1'; @@ -239,10 +238,10 @@ nodeunitShim({ 'UpdateReplacePolicy': 'Delete', }, ResourcePart.CompleteDefinition); - test.done(); - }, - 'allows passing an imported Bucket and Key for the replication Bucket'(test: Test) { + }); + + test('allows passing an imported Bucket and Key for the replication Bucket', () => { const replicationRegion = 'us-west-1'; const pipelineRegion = 'us-west-2'; @@ -296,10 +295,10 @@ nodeunitShim({ ], }); - test.done(); - }, - 'generates the support stack containing the replication Bucket without the need to bootstrap in that environment'(test: Test) { + }); + + test('generates the support stack containing the replication Bucket without the need to bootstrap in that environment', () => { const app = new cdk.App({ treeMetadata: false, // we can't set the context otherwise, because App will have a child }); @@ -331,17 +330,17 @@ nodeunitShim({ const assembly = app.synth(); const supportStackArtifact = assembly.getStackByName('PipelineStack-support-eu-south-1'); - test.equal(supportStackArtifact.assumeRoleArn, + expect(supportStackArtifact.assumeRoleArn).toEqual( 'arn:${AWS::Partition}:iam::123456789012:role/cdk-hnb659fds-deploy-role-123456789012-us-west-2'); - test.equal(supportStackArtifact.cloudFormationExecutionRoleArn, + expect(supportStackArtifact.cloudFormationExecutionRoleArn).toEqual( 'arn:${AWS::Partition}:iam::123456789012:role/cdk-hnb659fds-cfn-exec-role-123456789012-us-west-2'); - test.done(); - }, - }, - 'that is cross-account': { - 'does not allow passing a dynamic value in the Action account property'(test: Test) { + }); + }); + + describe('that is cross-account', () => { + test('does not allow passing a dynamic value in the Action account property', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'PipelineStack', { env: { account: '123456789012' } }); const sourceOutput = new codepipeline.Artifact(); @@ -355,18 +354,18 @@ nodeunitShim({ }); const buildStage = pipeline.addStage({ stageName: 'Build' }); - test.throws(() => { + expect(() => { buildStage.addAction(new FakeBuildAction({ actionName: 'FakeBuild', input: sourceOutput, account: cdk.Aws.ACCOUNT_ID, })); - }, /The 'account' property must be a concrete value \(action: 'FakeBuild'\)/); + }).toThrow(/The 'account' property must be a concrete value \(action: 'FakeBuild'\)/); + - test.done(); - }, + }); - 'does not allow an env-agnostic Pipeline Stack if an Action account has been provided'(test: Test) { + test('does not allow an env-agnostic Pipeline Stack if an Action account has been provided', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'PipelineStack'); const sourceOutput = new codepipeline.Artifact(); @@ -380,18 +379,18 @@ nodeunitShim({ }); const buildStage = pipeline.addStage({ stageName: 'Build' }); - test.throws(() => { + expect(() => { buildStage.addAction(new FakeBuildAction({ actionName: 'FakeBuild', input: sourceOutput, account: '123456789012', })); - }, /Pipeline stack which uses cross-environment actions must have an explicitly set account/); + }).toThrow(/Pipeline stack which uses cross-environment actions must have an explicitly set account/); + - test.done(); - }, - }, - }, + }); + }); + }); }); describe('test with shared setup', () => { diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts index 960d14bb8b426..d85199ee6507f 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts @@ -723,7 +723,7 @@ export class UserPool extends UserPoolBase { emailSubject: props.userInvitation?.emailSubject, smsMessage: props.userInvitation?.smsMessage, }; - const selfSignUpEnabled = props.selfSignUpEnabled !== undefined ? props.selfSignUpEnabled : false; + const selfSignUpEnabled = props.selfSignUpEnabled ?? false; const adminCreateUserConfig: CfnUserPool.AdminCreateUserConfigProperty = { allowAdminCreateUserOnly: !selfSignUpEnabled, inviteMessageTemplate: props.userInvitation !== undefined ? inviteMessageTemplate : undefined, diff --git a/packages/@aws-cdk/aws-dynamodb/lib/table.ts b/packages/@aws-cdk/aws-dynamodb/lib/table.ts index b1c7c4f339ccd..1b12eef42de1f 100644 --- a/packages/@aws-cdk/aws-dynamodb/lib/table.ts +++ b/packages/@aws-cdk/aws-dynamodb/lib/table.ts @@ -1391,8 +1391,8 @@ export class Table extends TableBase { } return { - projectionType: props.projectionType ? props.projectionType : ProjectionType.ALL, - nonKeyAttributes: props.nonKeyAttributes ? props.nonKeyAttributes : undefined, + projectionType: props.projectionType ?? ProjectionType.ALL, + nonKeyAttributes: props.nonKeyAttributes ?? undefined, }; } diff --git a/packages/@aws-cdk/aws-ec2/README.md b/packages/@aws-cdk/aws-ec2/README.md index 6ab25bfb78b3f..3b902e5cb8c75 100644 --- a/packages/@aws-cdk/aws-ec2/README.md +++ b/packages/@aws-cdk/aws-ec2/README.md @@ -538,6 +538,9 @@ examples of things you might want to use: > `cdk.context.json`, or use the `cdk context` command. For more information, see > [Runtime Context](https://docs.aws.amazon.com/cdk/latest/guide/context.html) in the CDK > developer guide. +> +> `MachineImage.genericLinux()`, `MachineImage.genericWindows()` will use `CfnMapping` in +> an agnostic stack. ## Special VPC configurations @@ -999,3 +1002,24 @@ const subnet = Subnet.fromSubnetAttributes(this, 'SubnetFromAttributes', { // Supply only subnet id const subnet = Subnet.fromSubnetId(this, 'SubnetFromId', 's-1234'); ``` + +## Launch Templates + +A Launch Template is a standardized template that contains the configuration information to launch an instance. +They can be used when launching instances on their own, through Amazon EC2 Auto Scaling, EC2 Fleet, and Spot Fleet. +Launch templates enable you to store launch parameters so that you do not have to specify them every time you launch +an instance. For information on Launch Templates please see the +[official documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html). + +The following demonstrates how to create a launch template with an Amazon Machine Image, and security group. + +```ts +const vpc = new ec2.Vpc(...); +// ... +const template = new ec2.LaunchTemplate(this, 'LaunchTemplate', { + machineImage: new ec2.AmazonMachineImage(), + securityGroup: new ec2.SecurityGroup(this, 'LaunchTemplateSG', { + vpc: vpc, + }), +}); +``` diff --git a/packages/@aws-cdk/aws-ec2/lib/index.ts b/packages/@aws-cdk/aws-ec2/lib/index.ts index ca25a02f3f8d1..9f70a4320060d 100644 --- a/packages/@aws-cdk/aws-ec2/lib/index.ts +++ b/packages/@aws-cdk/aws-ec2/lib/index.ts @@ -4,6 +4,7 @@ export * from './cfn-init'; export * from './cfn-init-elements'; export * from './instance-types'; export * from './instance'; +export * from './launch-template'; export * from './machine-image'; export * from './nat'; export * from './network-acl'; diff --git a/packages/@aws-cdk/aws-ec2/lib/instance.ts b/packages/@aws-cdk/aws-ec2/lib/instance.ts index 22c4fa7cf880f..82fbb22bea4e3 100644 --- a/packages/@aws-cdk/aws-ec2/lib/instance.ts +++ b/packages/@aws-cdk/aws-ec2/lib/instance.ts @@ -8,9 +8,10 @@ import { Connections, IConnectable } from './connections'; import { CfnInstance } from './ec2.generated'; import { InstanceType } from './instance-types'; import { IMachineImage, OperatingSystemType } from './machine-image'; +import { instanceBlockDeviceMappings } from './private/ebs-util'; import { ISecurityGroup, SecurityGroup } from './security-group'; import { UserData } from './user-data'; -import { BlockDevice, synthesizeBlockDeviceMappings } from './volume'; +import { BlockDevice } from './volume'; import { IVpc, Subnet, SubnetSelection } from './vpc'; /** @@ -362,7 +363,7 @@ export class Instance extends Resource implements IInstance { subnetId: subnet.subnetId, availabilityZone: subnet.availabilityZone, sourceDestCheck: props.sourceDestCheck, - blockDeviceMappings: props.blockDevices !== undefined ? synthesizeBlockDeviceMappings(this, props.blockDevices) : undefined, + blockDeviceMappings: props.blockDevices !== undefined ? instanceBlockDeviceMappings(this, props.blockDevices) : undefined, privateIpAddress: props.privateIpAddress, }); this.instance.node.addDependency(this.role); diff --git a/packages/@aws-cdk/aws-ec2/lib/launch-template.ts b/packages/@aws-cdk/aws-ec2/lib/launch-template.ts new file mode 100644 index 0000000000000..3b5b39f9b6370 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/launch-template.ts @@ -0,0 +1,665 @@ +import * as iam from '@aws-cdk/aws-iam'; + +import { + Annotations, + Duration, + Expiration, + Fn, + IResource, + Lazy, + Resource, + TagManager, + TagType, + Tags, + Token, +} from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import { Connections, IConnectable } from './connections'; +import { CfnLaunchTemplate } from './ec2.generated'; +import { InstanceType } from './instance-types'; +import { IMachineImage, MachineImageConfig, OperatingSystemType } from './machine-image'; +import { launchTemplateBlockDeviceMappings } from './private/ebs-util'; +import { ISecurityGroup } from './security-group'; +import { UserData } from './user-data'; +import { BlockDevice } from './volume'; + +/** + * Name tag constant + */ +const NAME_TAG: string = 'Name'; + +/** + * Provides the options for specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc). + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-how-to.html + */ +// dev-note: This could be used in the Instance L2 +export enum CpuCredits { + /** + * Standard bursting mode. + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-standard-mode.html + */ + STANDARD = 'standard', + + /** + * Unlimited bursting mode. + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode.html + */ + UNLIMITED = 'unlimited', +}; + +/** + * Provides the options for specifying the instance initiated shutdown behavior. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior + */ +// dev-note: This could be used in the Instance L2 +export enum InstanceInitiatedShutdownBehavior { + /** + * The instance will stop when it initiates a shutdown. + */ + STOP = 'stop', + + /** + * The instance will be terminated when it initiates a shutdown. + */ + TERMINATE = 'terminate', +}; + +/** + * Interface for LaunchTemplate-like objects. + */ +export interface ILaunchTemplate extends IResource { + /** + * The version number of this launch template to use + * + * @attribute + */ + readonly versionNumber: string; + + /** + * The identifier of the Launch Template + * + * Exactly one of `launchTemplateId` and `launchTemplateName` will be set. + * + * @attribute + */ + readonly launchTemplateId?: string; + + /** + * The name of the Launch Template + * + * Exactly one of `launchTemplateId` and `launchTemplateName` will be set. + * + * @attribute + */ + readonly launchTemplateName?: string; +} + +/** + * Provides the options for the types of interruption for spot instances. + */ +// dev-note: This could be used in a SpotFleet L2 if one gets developed. +export enum SpotInstanceInterruption { + /** + * The instance will stop when interrupted. + */ + STOP = 'stop', + + /** + * The instance will be terminated when interrupted. + */ + TERMINATE = 'terminate', + + /** + * The instance will hibernate when interrupted. + */ + HIBERNATE = 'hibernate', +} + +/** + * The Spot Instance request type. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html + */ +export enum SpotRequestType { + /** + * A one-time Spot Instance request remains active until Amazon EC2 launches the Spot Instance, + * the request expires, or you cancel the request. If the Spot price exceeds your maximum price + * or capacity is not available, your Spot Instance is terminated and the Spot Instance request + * is closed. + */ + ONE_TIME = 'one-time', + + /** + * A persistent Spot Instance request remains active until it expires or you cancel it, even if + * the request is fulfilled. If the Spot price exceeds your maximum price or capacity is not available, + * your Spot Instance is interrupted. After your instance is interrupted, when your maximum price exceeds + * the Spot price or capacity becomes available again, the Spot Instance is started if stopped or resumed + * if hibernated. + */ + PERSISTENT = 'persistent', +} + +/** + * Interface for the Spot market instance options provided in a LaunchTemplate. + */ +export interface LaunchTemplateSpotOptions { + /** + * Spot Instances with a defined duration (also known as Spot blocks) are designed not to be interrupted and will run continuously for the duration you select. + * You can use a duration of 1, 2, 3, 4, 5, or 6 hours. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#fixed-duration-spot-instances + * + * @default Requested spot instances do not have a pre-defined duration. + */ + readonly blockDuration?: Duration; + + /** + * The behavior when a Spot Instance is interrupted. + * + * @default Spot instances will terminate when interrupted. + */ + readonly interruptionBehavior?: SpotInstanceInterruption; + + /** + * Maximum hourly price you're willing to pay for each Spot instance. The value is given + * in dollars. ex: 0.01 for 1 cent per hour, or 0.001 for one-tenth of a cent per hour. + * + * @default Maximum hourly price will default to the on-demand price for the instance type. + */ + readonly maxPrice?: number; + + /** + * The Spot Instance request type. + * + * If you are using Spot Instances with an Auto Scaling group, use one-time requests, as the + * Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is + * below its desired capacity. + * + * @default One-time spot request. + */ + readonly requestType?: SpotRequestType; + + /** + * The end date of the request. For a one-time request, the request remains active until all instances + * launch, the request is canceled, or this date is reached. If the request is persistent, it remains + * active until it is canceled or this date and time is reached. + * + * @default The default end date is 7 days from the current date. + */ + readonly validUntil?: Expiration; +}; + +/** + * Properties of a LaunchTemplate. + */ +export interface LaunchTemplateProps { + /** + * Name for this launch template. + * + * @default Automatically generated name + */ + readonly launchTemplateName?: string; + + /** + * Type of instance to launch. + * + * @default - This Launch Template does not specify a default Instance Type. + */ + readonly instanceType?: InstanceType; + + /** + * The AMI that will be used by instances. + * + * @default - This Launch Template does not specify a default AMI. + */ + readonly machineImage?: IMachineImage; + + /** + * The AMI that will be used by instances. + * + * @default - This Launch Template creates a UserData based on the type of provided + * machineImage; no UserData is created if a machineImage is not provided + */ + readonly userData?: UserData; + + /** + * An IAM role to associate with the instance profile that is used by instances. + * + * The role must be assumable by the service principal `ec2.amazonaws.com`: + * + * @example + * const role = new iam.Role(this, 'MyRole', { + * assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com') + * }); + * + * @default - No new role is created. + */ + readonly role?: iam.IRole; + + /** + * Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. + * + * Each instance that is launched has an associated root device volume, + * either an Amazon EBS volume or an instance store volume. + * You can use block device mappings to specify additional EBS volumes or + * instance store volumes to attach to an instance when it is launched. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html + * + * @default - Uses the block device mapping of the AMI + */ + readonly blockDevices?: BlockDevice[]; + + /** + * CPU credit type for burstable EC2 instance types. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html + * + * @default - No credit type is specified in the Launch Template. + */ + readonly cpuCredits?: CpuCredits; + + /** + * If you set this parameter to true, you cannot terminate the instances launched with this launch template + * using the Amazon EC2 console, CLI, or API; otherwise, you can. + * + * @default - The API termination setting is not specified in the Launch Template. + */ + readonly disableApiTermination?: boolean; + + /** + * Indicates whether the instances are optimized for Amazon EBS I/O. This optimization provides dedicated throughput + * to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization + * isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance. + * + * @default - EBS optimization is not specified in the launch template. + */ + readonly ebsOptimized?: boolean; + + /** + * If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves. + * + * @default - Enablement of Nitro enclaves is not specified in the launch template; defaulting to false. + */ + readonly nitroEnclaveEnabled?: boolean; + + /** + * If you set this parameter to true, the instance is enabled for hibernation. + * + * @default - Hibernation configuration is not specified in the launch template; defaulting to false. + */ + readonly hibernationConfigured?: boolean; + + /** + * Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown). + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior + * + * @default - Shutdown behavior is not specified in the launch template; defaults to STOP. + */ + readonly instanceInitiatedShutdownBehavior?: InstanceInitiatedShutdownBehavior; + + /** + * If this property is defined, then the Launch Template's InstanceMarketOptions will be + * set to use Spot instances, and the options for the Spot instances will be as defined. + * + * @default - Instance launched with this template will not be spot instances. + */ + readonly spotOptions?: LaunchTemplateSpotOptions; + + /** + * Name of SSH keypair to grant access to instance + * + * @default - No SSH access will be possible. + */ + readonly keyName?: string; + + /** + * If set to true, then detailed monitoring will be enabled on instances created with this + * launch template. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html + * + * @default False - Detailed monitoring is disabled. + */ + readonly detailedMonitoring?: boolean; + + /** + * Security group to assign to instances created with the launch template. + * + * @default No security group is assigned. + */ + readonly securityGroup?: ISecurityGroup; +} + +/** + * A class that provides convenient access to special version tokens for LaunchTemplate + * versions. + */ +export class LaunchTemplateSpecialVersions { + /** + * The special value that denotes that users of a Launch Template should + * reference the LATEST version of the template. + */ + public static readonly LATEST_VERSION: string = '$Latest'; + + /** + * The special value that denotes that users of a Launch Template should + * reference the DEFAULT version of the template. + */ + public static readonly DEFAULT_VERSION: string = '$Default'; +} + +/** + * Attributes for an imported LaunchTemplate. + */ +export interface LaunchTemplateAttributes { + /** + * The version number of this launch template to use + * + * @default Version: "$Default" + */ + readonly versionNumber?: string; + + /** + * The identifier of the Launch Template + * + * Exactly one of `launchTemplateId` and `launchTemplateName` may be set. + * + * @default None + */ + readonly launchTemplateId?: string; + + /** + * The name of the Launch Template + * + * Exactly one of `launchTemplateId` and `launchTemplateName` may be set. + * + * @default None + */ + readonly launchTemplateName?: string; +} + +/** + * This represents an EC2 LaunchTemplate. + * + * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html + */ +export class LaunchTemplate extends Resource implements ILaunchTemplate, iam.IGrantable, IConnectable { + /** + * Import an existing LaunchTemplate. + */ + public static fromLaunchTemplateAttributes(scope: Construct, id: string, attrs: LaunchTemplateAttributes): ILaunchTemplate { + const haveId = Boolean(attrs.launchTemplateId); + const haveName = Boolean(attrs.launchTemplateName); + if (haveId == haveName) { + throw new Error('LaunchTemplate.fromLaunchTemplateAttributes() requires exactly one of launchTemplateId or launchTemplateName be provided.'); + } + + class Import extends Resource implements ILaunchTemplate { + public readonly versionNumber = attrs.versionNumber ?? LaunchTemplateSpecialVersions.DEFAULT_VERSION; + public readonly launchTemplateId? = attrs.launchTemplateId; + public readonly launchTemplateName? = attrs.launchTemplateName; + } + return new Import(scope, id); + } + + // ============================================ + // Members for ILaunchTemplate interface + + public readonly versionNumber: string; + public readonly launchTemplateId?: string; + public readonly launchTemplateName?: string; + + // ============================================= + // Data members + + /** + * The default version for the launch template. + * + * @attribute + */ + public readonly defaultVersionNumber: string; + + /** + * The latest version of the launch template. + * + * @attribute + */ + public readonly latestVersionNumber: string; + + /** + * The type of OS the instance is running. + * + * @attribute + */ + public readonly osType?: OperatingSystemType; + + /** + * IAM Role assumed by instances that are launched from this template. + * + * @attribute + */ + public readonly role?: iam.IRole; + + /** + * UserData executed by instances that are launched from this template. + * + * @attribute + */ + public readonly userData?: UserData; + + // ============================================= + // Private/protected data members + + /** + * Principal to grant permissions to. + * @internal + */ + protected readonly _grantPrincipal?: iam.IPrincipal; + + /** + * Allows specifying security group connections for the instance. + * @internal + */ + protected readonly _connections?: Connections; + + /** + * TagManager for tagging support. + */ + protected readonly tags: TagManager; + + // ============================================= + + constructor(scope: Construct, id: string, props: LaunchTemplateProps = {}) { + super(scope, id); + + // Basic validation of the provided spot block duration + const spotDuration = props?.spotOptions?.blockDuration?.toHours({ integral: true }); + if (spotDuration !== undefined && (spotDuration < 1 || spotDuration > 6)) { + // See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#fixed-duration-spot-instances + Annotations.of(this).addError('Spot block duration must be exactly 1, 2, 3, 4, 5, or 6 hours.'); + } + + this.role = props.role; + this._grantPrincipal = this.role; + const iamProfile: iam.CfnInstanceProfile | undefined = this.role ? new iam.CfnInstanceProfile(this, 'Profile', { + roles: [this.role!.roleName], + }) : undefined; + + if (props.securityGroup) { + this._connections = new Connections({ securityGroups: [props.securityGroup] }); + } + const securityGroupsToken = Lazy.list({ + produce: () => { + if (this._connections && this._connections.securityGroups.length > 0) { + return this._connections.securityGroups.map(sg => sg.securityGroupId); + } + return undefined; + }, + }); + + if (props.userData) { + this.userData = props.userData; + } + const userDataToken = Lazy.string({ + produce: () => { + if (this.userData) { + return Fn.base64(this.userData.render()); + } + return undefined; + }, + }); + + const imageConfig: MachineImageConfig | undefined = props.machineImage?.getImage(this); + if (imageConfig) { + this.osType = imageConfig.osType; + } + + let marketOptions: any = undefined; + if (props?.spotOptions) { + marketOptions = { + marketType: 'spot', + spotOptions: { + blockDurationMinutes: spotDuration !== undefined ? spotDuration * 60 : undefined, + instanceInterruptionBehavior: props.spotOptions.interruptionBehavior, + maxPrice: props.spotOptions.maxPrice?.toString(), + spotInstanceType: props.spotOptions.requestType, + validUntil: props.spotOptions.validUntil?.date.toUTCString(), + }, + }; + // Remove SpotOptions if there are none. + if (Object.keys(marketOptions.spotOptions).filter(k => marketOptions.spotOptions[k]).length == 0) { + marketOptions.spotOptions = undefined; + } + } + + this.tags = new TagManager(TagType.KEY_VALUE, 'AWS::EC2::LaunchTemplate'); + const tagsToken = Lazy.any({ + produce: () => { + if (this.tags.hasTags()) { + const renderedTags = this.tags.renderTags(); + const lowerCaseRenderedTags = renderedTags.map( (tag: { [key: string]: string}) => { + return { + key: tag.Key, + value: tag.Value, + }; + }); + return [ + { + resourceType: 'instance', + tags: lowerCaseRenderedTags, + }, + { + resourceType: 'volume', + tags: lowerCaseRenderedTags, + }, + ]; + } + return undefined; + }, + }); + + const resource = new CfnLaunchTemplate(this, 'Resource', { + launchTemplateName: props?.launchTemplateName, + launchTemplateData: { + blockDeviceMappings: props?.blockDevices !== undefined ? launchTemplateBlockDeviceMappings(this, props.blockDevices) : undefined, + creditSpecification: props?.cpuCredits !== undefined ? { + cpuCredits: props.cpuCredits, + } : undefined, + disableApiTermination: props?.disableApiTermination, + ebsOptimized: props?.ebsOptimized, + enclaveOptions: props?.nitroEnclaveEnabled !== undefined ? { + enabled: props.nitroEnclaveEnabled, + } : undefined, + hibernationOptions: props?.hibernationConfigured !== undefined ? { + configured: props.hibernationConfigured, + } : undefined, + iamInstanceProfile: iamProfile !== undefined ? { + arn: iamProfile.getAtt('Arn').toString(), + } : undefined, + imageId: imageConfig?.imageId, + instanceType: props?.instanceType?.toString(), + instanceInitiatedShutdownBehavior: props?.instanceInitiatedShutdownBehavior, + instanceMarketOptions: marketOptions, + keyName: props?.keyName, + monitoring: props?.detailedMonitoring !== undefined ? { + enabled: props.detailedMonitoring, + } : undefined, + securityGroupIds: securityGroupsToken, + tagSpecifications: tagsToken, + userData: userDataToken, + + // Fields not yet implemented: + // ========================== + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-capacityreservationspecification.html + // Will require creating an L2 for AWS::EC2::CapacityReservation + // capacityReservationSpecification: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-cpuoptions.html + // cpuOptions: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-elasticgpuspecification.html + // elasticGpuSpecifications: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-elasticinferenceaccelerators + // elasticInferenceAccelerators: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-kernelid + // kernelId: undefined, + // ramDiskId: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-licensespecifications + // Also not implemented in Instance L2 + // licenseSpecifications: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-metadataoptions + // metadataOptions: undefined, + + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications + // Should be implemented via the Tagging aspect in CDK core. Complication will be that this tagging interface is very unique to LaunchTemplates. + // tagSpecification: undefined + + // CDK has no abstraction for Network Interfaces yet. + // networkInterfaces: undefined, + + // CDK has no abstraction for Placement yet. + // placement: undefined, + + }, + }); + + Tags.of(this).add(NAME_TAG, this.node.path); + + this.defaultVersionNumber = resource.attrDefaultVersionNumber; + this.latestVersionNumber = resource.attrLatestVersionNumber; + this.launchTemplateId = resource.ref; + this.versionNumber = Token.asString(resource.getAtt('LatestVersionNumber')); + } + + /** + * Allows specifying security group connections for the instance. + * + * @note Only available if you provide a securityGroup when constructing the LaunchTemplate. + */ + public get connections(): Connections { + if (!this._connections) { + throw new Error('LaunchTemplate can only be used as IConnectable if a securityGroup is provided when contructing it.'); + } + return this._connections; + } + + /** + * Principal to grant permissions to. + * + * @note Only available if you provide a role when constructing the LaunchTemplate. + */ + public get grantPrincipal(): iam.IPrincipal { + if (!this._grantPrincipal) { + throw new Error('LaunchTemplate can only be used as IGrantable if a role is provided when constructing it.'); + } + return this._grantPrincipal; + } +} diff --git a/packages/@aws-cdk/aws-ec2/lib/machine-image.ts b/packages/@aws-cdk/aws-ec2/lib/machine-image.ts index 1871fc1e75ac5..df4a1eece07e0 100644 --- a/packages/@aws-cdk/aws-ec2/lib/machine-image.ts +++ b/packages/@aws-cdk/aws-ec2/lib/machine-image.ts @@ -1,6 +1,6 @@ import * as ssm from '@aws-cdk/aws-ssm'; import * as cxschema from '@aws-cdk/cloud-assembly-schema'; -import { ContextProvider, Stack, Token } from '@aws-cdk/core'; +import { ContextProvider, CfnMapping, Aws, Stack, Token } from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; import { UserData } from './user-data'; import { WindowsVersion } from './windows-versions'; @@ -367,24 +367,33 @@ export interface GenericWindowsImageProps { * manually specify an AMI map. */ export class GenericLinuxImage implements IMachineImage { - constructor(private readonly amiMap: {[region: string]: string}, private readonly props: GenericLinuxImageProps = {}) { + constructor(private readonly amiMap: { [region: string]: string }, private readonly props: GenericLinuxImageProps = {}) { } public getImage(scope: Construct): MachineImageConfig { + const userData = this.props.userData ?? UserData.forLinux(); + const osType = OperatingSystemType.LINUX; const region = Stack.of(scope).region; if (Token.isUnresolved(region)) { - throw new Error('Unable to determine AMI from AMI map since stack is region-agnostic'); + const mapping: { [k1: string]: { [k2: string]: any } } = {}; + for (const [rgn, ami] of Object.entries(this.amiMap)) { + mapping[rgn] = { ami }; + } + const amiMap = new CfnMapping(scope, 'AmiMap', { mapping }); + return { + imageId: amiMap.findInMap(Aws.REGION, 'ami'), + userData, + osType, + }; } - - const ami = region !== 'test-region' ? this.amiMap[region] : 'ami-12345'; - if (!ami) { + const imageId = region !== 'test-region' ? this.amiMap[region] : 'ami-12345'; + if (!imageId) { throw new Error(`Unable to find AMI in AMI map: no AMI specified for region '${region}'`); } - return { - imageId: ami, - userData: this.props.userData ?? UserData.forLinux(), - osType: OperatingSystemType.LINUX, + imageId, + userData, + osType, }; } } @@ -399,20 +408,29 @@ export class GenericWindowsImage implements IMachineImage { } public getImage(scope: Construct): MachineImageConfig { + const userData = this.props.userData ?? UserData.forWindows(); + const osType = OperatingSystemType.WINDOWS; const region = Stack.of(scope).region; if (Token.isUnresolved(region)) { - throw new Error('Unable to determine AMI from AMI map since stack is region-agnostic'); + const mapping: { [k1: string]: { [k2: string]: any } } = {}; + for (const [rgn, ami] of Object.entries(this.amiMap)) { + mapping[rgn] = { ami }; + } + const amiMap = new CfnMapping(scope, 'AmiMap', { mapping }); + return { + imageId: amiMap.findInMap(Aws.REGION, 'ami'), + userData, + osType, + }; } - - const ami = region !== 'test-region' ? this.amiMap[region] : 'ami-12345'; - if (!ami) { + const imageId = region !== 'test-region' ? this.amiMap[region] : 'ami-12345'; + if (!imageId) { throw new Error(`Unable to find AMI in AMI map: no AMI specified for region '${region}'`); } - return { - imageId: ami, - userData: this.props.userData ?? UserData.forWindows(), - osType: OperatingSystemType.WINDOWS, + imageId, + userData, + osType, }; } } diff --git a/packages/@aws-cdk/aws-ec2/lib/network-acl.ts b/packages/@aws-cdk/aws-ec2/lib/network-acl.ts index bea1b030d2c9a..911948e8df39c 100644 --- a/packages/@aws-cdk/aws-ec2/lib/network-acl.ts +++ b/packages/@aws-cdk/aws-ec2/lib/network-acl.ts @@ -277,7 +277,7 @@ export class NetworkAclEntry extends NetworkAclEntryBase { new CfnNetworkAclEntry(this, 'Resource', { networkAclId: this.networkAcl.networkAclId, ruleNumber: props.ruleNumber, - ruleAction: props.ruleAction !== undefined ? props.ruleAction : Action.ALLOW, + ruleAction: props.ruleAction ?? Action.ALLOW, egress: props.direction !== undefined ? props.direction === TrafficDirection.EGRESS : undefined, ...props.traffic.toTrafficConfig(), ...props.cidr.toCidrConfig(), diff --git a/packages/@aws-cdk/aws-ec2/lib/private/ebs-util.ts b/packages/@aws-cdk/aws-ec2/lib/private/ebs-util.ts new file mode 100644 index 0000000000000..dc91f6d795011 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/private/ebs-util.ts @@ -0,0 +1,42 @@ +import { Annotations } from '@aws-cdk/core'; +import { CfnInstance, CfnLaunchTemplate } from '../ec2.generated'; +import { BlockDevice, EbsDeviceVolumeType } from '../volume'; + +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main +// eslint-disable-next-line no-duplicate-imports, import/order +import { Construct } from '@aws-cdk/core'; + +export function instanceBlockDeviceMappings(construct: Construct, blockDevices: BlockDevice[]): CfnInstance.BlockDeviceMappingProperty[] { + return synthesizeBlockDeviceMappings(construct, blockDevices, {}); +} + +export function launchTemplateBlockDeviceMappings(construct: Construct, blockDevices: BlockDevice[]): CfnLaunchTemplate.BlockDeviceMappingProperty[] { + return synthesizeBlockDeviceMappings(construct, blockDevices, ''); +} + +/** + * Synthesize an array of block device mappings from a list of block device + * + * @param construct the instance/asg construct, used to host any warning + * @param blockDevices list of block devices + */ +function synthesizeBlockDeviceMappings(construct: Construct, blockDevices: BlockDevice[], noDeviceValue: NDT): RT[] { + return blockDevices.map(({ deviceName, volume, mappingEnabled }): RT => { + const { virtualName, ebsDevice: ebs } = volume; + + if (ebs) { + const { iops, volumeType } = ebs; + + if (!iops) { + if (volumeType === EbsDeviceVolumeType.IO1) { + throw new Error('iops property is required with volumeType: EbsDeviceVolumeType.IO1'); + } + } else if (volumeType !== EbsDeviceVolumeType.IO1) { + Annotations.of(construct).addWarning('iops will be ignored without volumeType: EbsDeviceVolumeType.IO1'); + } + } + + const noDevice = mappingEnabled === false ? noDeviceValue : undefined; + return { deviceName, ebs, virtualName, noDevice } as any; + }); +} diff --git a/packages/@aws-cdk/aws-ec2/lib/user-data.ts b/packages/@aws-cdk/aws-ec2/lib/user-data.ts index 21727212948c0..20061bd609636 100644 --- a/packages/@aws-cdk/aws-ec2/lib/user-data.ts +++ b/packages/@aws-cdk/aws-ec2/lib/user-data.ts @@ -147,7 +147,7 @@ class LinuxUserData extends UserData { } public render(): string { - const shebang = this.props.shebang !== undefined ? this.props.shebang : '#!/bin/bash'; + const shebang = this.props.shebang ?? '#!/bin/bash'; return [shebang, ...(this.renderOnExitLines()), ...this.lines].join('\n'); } diff --git a/packages/@aws-cdk/aws-ec2/lib/volume.ts b/packages/@aws-cdk/aws-ec2/lib/volume.ts index 65d84b30eed55..a23614b89ed63 100644 --- a/packages/@aws-cdk/aws-ec2/lib/volume.ts +++ b/packages/@aws-cdk/aws-ec2/lib/volume.ts @@ -2,9 +2,9 @@ import * as crypto from 'crypto'; import { AccountRootPrincipal, Grant, IGrantable } from '@aws-cdk/aws-iam'; import { IKey, ViaServicePrincipal } from '@aws-cdk/aws-kms'; -import { Annotations, IResource, Resource, Size, SizeRoundingBehavior, Stack, Token, Tags, Names } from '@aws-cdk/core'; +import { IResource, Resource, Size, SizeRoundingBehavior, Stack, Token, Tags, Names } from '@aws-cdk/core'; import { Construct } from 'constructs'; -import { CfnInstance, CfnVolume } from './ec2.generated'; +import { CfnVolume } from './ec2.generated'; import { IInstance } from './instance'; // v2 - keep this import as a separate section to reduce merge conflict when forward merging with the v2 branch. @@ -164,37 +164,6 @@ export class BlockDeviceVolume { } } -/** - * Synthesize an array of block device mappings from a list of block device - * - * @param construct the instance/asg construct, used to host any warning - * @param blockDevices list of block devices - */ -export function synthesizeBlockDeviceMappings(construct: Construct, blockDevices: BlockDevice[]): CfnInstance.BlockDeviceMappingProperty[] { - return blockDevices.map(({ deviceName, volume, mappingEnabled }) => { - const { virtualName, ebsDevice: ebs } = volume; - - if (ebs) { - const { iops, volumeType } = ebs; - - if (!iops) { - if (volumeType === EbsDeviceVolumeType.IO1) { - throw new Error('iops property is required with volumeType: EbsDeviceVolumeType.IO1'); - } - } else if (volumeType !== EbsDeviceVolumeType.IO1) { - Annotations.of(construct).addWarning('iops will be ignored without volumeType: EbsDeviceVolumeType.IO1'); - } - } - - return { - deviceName, - ebs, - virtualName, - noDevice: mappingEnabled === false ? {} : undefined, - }; - }); -} - /** * Supported EBS volume types for blockDevices */ @@ -371,7 +340,7 @@ export interface VolumeProps { /** * The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. - * See {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html#ebs-volume-characteristics|Volume Characteristics} + * See {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html} * for details on the allowable size for each type of volume. * * @default If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size. @@ -452,13 +421,14 @@ export interface VolumeProps { readonly volumeType?: EbsDeviceVolumeType; /** - * The number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB. - * See {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html#EBSVolumeTypes_piops|Provisioned IOPS SSD (io1) volumes} + * The number of I/O operations per second (IOPS) to provision for the volume. The maximum ratio is 50 IOPS/GiB for PROVISIONED_IOPS_SSD, + * and 500 IOPS/GiB for both PROVISIONED_IOPS_SSD_IO2 and GENERAL_PURPOSE_SSD_GP3. + * See {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html} * for more information. * - * This parameter is valid only for PROVISIONED_IOPS_SSD volumes. + * This parameter is valid only for PROVISIONED_IOPS_SSD, PROVISIONED_IOPS_SSD_IO2 and GENERAL_PURPOSE_SSD_GP3 volumes. * - * @default None -- Required for {@link EbsDeviceVolumeType.PROVISIONED_IOPS_SSD} + * @default None -- Required for io1 and io2 volumes. The default for gp3 volumes is 3,000 IOPS if omitted. */ readonly iops?: number; } @@ -673,34 +643,79 @@ export class Volume extends VolumeBase { throw new Error('`encrypted` must be true when providing an `encryptionKey`.'); } + if ( + props.volumeType && + [ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + ].includes(props.volumeType) && + !props.iops + ) { + throw new Error( + '`iops` must be specified if the `volumeType` is `PROVISIONED_IOPS_SSD` or `PROVISIONED_IOPS_SSD_IO2`.', + ); + } + if (props.iops) { - if (props.volumeType !== EbsDeviceVolumeType.PROVISIONED_IOPS_SSD) { - throw new Error('`iops` may only be specified if the `volumeType` is `PROVISIONED_IOPS_SSD`/`IO1`'); + const volumeType = props.volumeType ?? EbsDeviceVolumeType.GENERAL_PURPOSE_SSD; + if ( + ![ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, + ].includes(volumeType) + ) { + throw new Error( + '`iops` may only be specified if the `volumeType` is `PROVISIONED_IOPS_SSD`, `PROVISIONED_IOPS_SSD_IO2` or `GENERAL_PURPOSE_SSD_GP3`.', + ); } - - if (props.iops < 100 || props.iops > 64000) { - throw new Error('`iops` must be in the range 100 to 64,000, inclusive.'); + // Enforce minimum & maximum IOPS: + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html + const iopsRanges: { [key: string]: { Min: number, Max: number } } = {}; + iopsRanges[EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3] = { Min: 3000, Max: 16000 }; + iopsRanges[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD] = { Min: 100, Max: 64000 }; + iopsRanges[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2] = { Min: 100, Max: 64000 }; + const { Min, Max } = iopsRanges[volumeType]; + if (props.iops < Min || props.iops > Max) { + throw new Error(`\`${volumeType}\` volumes iops must be between ${Min} and ${Max}.`); } - if (props.size && (props.iops > 50 * props.size.toGibibytes({ rounding: SizeRoundingBehavior.FAIL }))) { - throw new Error('`iops` has a maximum ratio of 50 IOPS/GiB.'); + // Enforce maximum ratio of IOPS/GiB: + // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html + const maximumRatios: { [key: string]: number } = {}; + maximumRatios[EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3] = 500; + maximumRatios[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD] = 50; + maximumRatios[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2] = 500; + const maximumRatio = maximumRatios[volumeType]; + if (props.size && (props.iops > maximumRatio * props.size.toGibibytes({ rounding: SizeRoundingBehavior.FAIL }))) { + throw new Error(`\`${volumeType}\` volumes iops has a maximum ratio of ${maximumRatio} IOPS/GiB.`); } } - if (props.enableMultiAttach && props.volumeType !== EbsDeviceVolumeType.PROVISIONED_IOPS_SSD) { - throw new Error('multi-attach is supported exclusively on `PROVISIONED_IOPS_SSD` volumes.'); + if (props.enableMultiAttach) { + const volumeType = props.volumeType ?? EbsDeviceVolumeType.GENERAL_PURPOSE_SSD; + if ( + ![ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + ].includes(volumeType) + ) { + throw new Error('multi-attach is supported exclusively on `PROVISIONED_IOPS_SSD` and `PROVISIONED_IOPS_SSD_IO2` volumes.'); + } } if (props.size) { const size = props.size.toGibibytes({ rounding: SizeRoundingBehavior.FAIL }); - // Enforce maximum volume size: - // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html#ebs-volume-characteristics + // Enforce minimum & maximum volume size: + // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html const sizeRanges: { [key: string]: { Min: number, Max: number } } = {}; - sizeRanges[EbsDeviceVolumeType.GENERAL_PURPOSE_SSD] = { Min: 1, Max: 16000 }; - sizeRanges[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD] = { Min: 4, Max: 16000 }; - sizeRanges[EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD] = { Min: 500, Max: 16000 }; - sizeRanges[EbsDeviceVolumeType.COLD_HDD] = { Min: 500, Max: 16000 }; - sizeRanges[EbsDeviceVolumeType.MAGNETIC] = { Min: 1, Max: 1000 }; + sizeRanges[EbsDeviceVolumeType.GENERAL_PURPOSE_SSD] = { Min: 1, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3] = { Min: 1, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD] = { Min: 4, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2] = { Min: 4, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD] = { Min: 125, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.COLD_HDD] = { Min: 125, Max: 16384 }; + sizeRanges[EbsDeviceVolumeType.MAGNETIC] = { Min: 1, Max: 1024 }; const volumeType = props.volumeType ?? EbsDeviceVolumeType.GENERAL_PURPOSE_SSD; const { Min, Max } = sizeRanges[volumeType]; if (size < Min || size > Max) { diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint-service.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint-service.ts index d17e56aab202c..87f67391f8c9b 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint-service.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint-service.ts @@ -86,8 +86,8 @@ export class VpcEndpointService extends Resource implements IVpcEndpointService } this.vpcEndpointServiceLoadBalancers = props.vpcEndpointServiceLoadBalancers; - this.acceptanceRequired = props.acceptanceRequired !== undefined ? props.acceptanceRequired : true; - this.whitelistedPrincipals = props.whitelistedPrincipals !== undefined ? props.whitelistedPrincipals : []; + this.acceptanceRequired = props.acceptanceRequired ?? true; + this.whitelistedPrincipals = props.whitelistedPrincipals ?? []; this.endpointService = new CfnVPCEndpointService(this, id, { networkLoadBalancerArns: this.vpcEndpointServiceLoadBalancers.map(lb => lb.loadBalancerArn), @@ -98,8 +98,7 @@ export class VpcEndpointService extends Resource implements IVpcEndpointService const { region } = Stack.of(this); const serviceNamePrefix = !Token.isUnresolved(region) ? - RegionInfo.get(region).vpcEndpointServiceNamePrefix ?? - Default.VPC_ENDPOINT_SERVICE_NAME_PREFIX : + (RegionInfo.get(region).vpcEndpointServiceNamePrefix ?? Default.VPC_ENDPOINT_SERVICE_NAME_PREFIX) : Default.VPC_ENDPOINT_SERVICE_NAME_PREFIX; this.vpcEndpointServiceName = Fn.join('.', [serviceNamePrefix, Aws.REGION, this.vpcEndpointServiceId]); diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc.ts b/packages/@aws-cdk/aws-ec2/lib/vpc.ts index d23433b2637d8..2a4e524fc5150 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc.ts @@ -1213,7 +1213,7 @@ export class Vpc extends VpcBase { this.availabilityZones = stack.availabilityZones; - const maxAZs = props.maxAzs !== undefined ? props.maxAzs : 3; + const maxAZs = props.maxAzs ?? 3; this.availabilityZones = this.availabilityZones.slice(0, maxAZs); this.vpcId = this.resource.ref; @@ -1788,7 +1788,7 @@ export class PrivateSubnet extends Subnet implements IPrivateSubnet { } function ifUndefined(value: T | undefined, defaultValue: T): T { - return value !== undefined ? value : defaultValue; + return value ?? defaultValue; } class ImportedVpc extends VpcBase { @@ -1886,6 +1886,7 @@ class LookedUpVpc extends VpcBase { availabilityZone: vpcSubnet.availabilityZone, subnetId: vpcSubnet.subnetId, routeTableId: vpcSubnet.routeTableId, + ipv4CidrBlock: vpcSubnet.cidr, })); } return ret; diff --git a/packages/@aws-cdk/aws-ec2/lib/vpn.ts b/packages/@aws-cdk/aws-ec2/lib/vpn.ts index 4683180d2af84..19fb4f963acd3 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpn.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpn.ts @@ -224,7 +224,7 @@ export class VpnConnection extends Resource implements IVpnConnection { }); } - if (!net.isIPv4(props.ip)) { + if (!Token.isUnresolved(props.ip) && !net.isIPv4(props.ip)) { throw new Error(`The \`ip\` ${props.ip} is not a valid IPv4 address.`); } diff --git a/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts b/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts new file mode 100644 index 0000000000000..882cd69ed282f --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts @@ -0,0 +1,685 @@ +import { + countResources, + expect as expectCDK, + haveResource, + haveResourceLike, + stringLike, +} from '@aws-cdk/assert'; +import { + CfnInstanceProfile, + Role, + ServicePrincipal, +} from '@aws-cdk/aws-iam'; +import { + App, + Duration, + Expiration, + Stack, + Tags, +} from '@aws-cdk/core'; +import { + AmazonLinuxImage, + BlockDevice, + BlockDeviceVolume, + CpuCredits, + EbsDeviceVolumeType, + InstanceInitiatedShutdownBehavior, + InstanceType, + LaunchTemplate, + OperatingSystemType, + SecurityGroup, + SpotInstanceInterruption, + SpotRequestType, + UserData, + Vpc, + WindowsImage, + WindowsVersion, +} from '../lib'; + +/* eslint-disable jest/expect-expect */ + +describe('LaunchTemplate', () => { + let app: App; + let stack: Stack; + + beforeEach(() => { + app = new App(); + stack = new Stack(app); + }); + + test('Empty props', () => { + // WHEN + const template = new LaunchTemplate(stack, 'Template'); + + // THEN + // Note: The following is intentionally a haveResource instead of haveResourceLike + // to ensure that only the bare minimum of properties have values when no properties + // are given to a LaunchTemplate. + expectCDK(stack).to(haveResource('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + TagSpecifications: [ + { + ResourceType: 'instance', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + { + ResourceType: 'volume', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + ], + }, + })); + expectCDK(stack).notTo(haveResource('AWS::IAM::InstanceProfile')); + expect(() => { template.grantPrincipal; }).toThrow(); + expect(() => { template.connections; }).toThrow(); + expect(template.osType).toBeUndefined(); + expect(template.role).toBeUndefined(); + expect(template.userData).toBeUndefined(); + }); + + test('Import from attributes with name', () => { + // WHEN + const template = LaunchTemplate.fromLaunchTemplateAttributes(stack, 'Template', { + launchTemplateName: 'TestName', + versionNumber: 'TestVersion', + }); + + // THEN + expect(template.launchTemplateId).toBeUndefined(); + expect(template.launchTemplateName).toBe('TestName'); + expect(template.versionNumber).toBe('TestVersion'); + }); + + test('Import from attributes with id', () => { + // WHEN + const template = LaunchTemplate.fromLaunchTemplateAttributes(stack, 'Template', { + launchTemplateId: 'TestId', + versionNumber: 'TestVersion', + }); + + // THEN + expect(template.launchTemplateId).toBe('TestId'); + expect(template.launchTemplateName).toBeUndefined(); + expect(template.versionNumber).toBe('TestVersion'); + }); + + test('Import from attributes fails with name and id', () => { + expect(() => { + LaunchTemplate.fromLaunchTemplateAttributes(stack, 'Template', { + launchTemplateName: 'TestName', + launchTemplateId: 'TestId', + versionNumber: 'TestVersion', + }); + }).toThrow(); + }); + + test('Given name', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + launchTemplateName: 'LTName', + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateName: 'LTName', + })); + }); + + test('Given instanceType', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + instanceType: new InstanceType('tt.test'), + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceType: 'tt.test', + }, + })); + }); + + test('Given machineImage (Linux)', () => { + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + machineImage: new AmazonLinuxImage(), + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + ImageId: { + Ref: stringLike('SsmParameterValueawsserviceamiamazonlinuxlatestamznami*Parameter'), + }, + }, + })); + expect(template.osType).toBe(OperatingSystemType.LINUX); + expect(template.userData).toBeUndefined(); + }); + + test('Given machineImage (Windows)', () => { + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + machineImage: new WindowsImage(WindowsVersion.WINDOWS_SERVER_2019_ENGLISH_FULL_BASE), + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + ImageId: { + Ref: stringLike('SsmParameterValueawsserviceamiwindowslatestWindowsServer2019EnglishFullBase*Parameter'), + }, + }, + })); + expect(template.osType).toBe(OperatingSystemType.WINDOWS); + expect(template.userData).toBeUndefined(); + }); + + test('Given userData', () => { + // GIVEN + const userData = UserData.forLinux(); + userData.addCommands('echo Test'); + + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + userData, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + UserData: { + 'Fn::Base64': '#!/bin/bash\necho Test', + }, + }, + })); + expect(template.userData).toBeDefined(); + }); + + test('Given role', () => { + // GIVEN + const role = new Role(stack, 'TestRole', { + assumedBy: new ServicePrincipal('ec2.amazonaws.com'), + }); + + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + role, + }); + + // THEN + expectCDK(stack).to(countResources('AWS::IAM::Role', 1)); + expectCDK(stack).to(haveResourceLike('AWS::IAM::InstanceProfile', { + Roles: [ + { + Ref: 'TestRole6C9272DF', + }, + ], + })); + expectCDK(stack).to(haveResource('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + IamInstanceProfile: { + Arn: stack.resolve((template.node.findChild('Profile') as CfnInstanceProfile).getAtt('Arn')), + }, + TagSpecifications: [ + { + ResourceType: 'instance', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + { + ResourceType: 'volume', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + ], + }, + })); + expect(template.role).toBeDefined(); + expect(template.grantPrincipal).toBeDefined(); + }); + + test('Given blockDeviceMapping', () => { + // GIVEN + const blockDevices: BlockDevice[] = [ + { + deviceName: 'ebs', + mappingEnabled: true, + volume: BlockDeviceVolume.ebs(15, { + deleteOnTermination: true, + encrypted: true, + volumeType: EbsDeviceVolumeType.IO1, + iops: 5000, + }), + }, { + deviceName: 'ebs-snapshot', + mappingEnabled: false, + volume: BlockDeviceVolume.ebsFromSnapshot('snapshot-id', { + volumeSize: 500, + deleteOnTermination: false, + volumeType: EbsDeviceVolumeType.SC1, + }), + }, { + deviceName: 'ephemeral', + volume: BlockDeviceVolume.ephemeral(0), + }, + ]; + + // WHEN + new LaunchTemplate(stack, 'Template', { + blockDevices, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + BlockDeviceMappings: [ + { + DeviceName: 'ebs', + Ebs: { + DeleteOnTermination: true, + Encrypted: true, + Iops: 5000, + VolumeSize: 15, + VolumeType: 'io1', + }, + }, + { + DeviceName: 'ebs-snapshot', + Ebs: { + DeleteOnTermination: false, + SnapshotId: 'snapshot-id', + VolumeSize: 500, + VolumeType: 'sc1', + }, + NoDevice: '', + }, + { + DeviceName: 'ephemeral', + VirtualName: 'ephemeral0', + }, + ], + }, + })); + }); + + test.each([ + [CpuCredits.STANDARD, 'standard'], + [CpuCredits.UNLIMITED, 'unlimited'], + ])('Given cpuCredits %p', (given: CpuCredits, expected: string) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + cpuCredits: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + CreditSpecification: { + CpuCredits: expected, + }, + }, + })); + }); + + test.each([ + [true, true], + [false, false], + ])('Given disableApiTermination %p', (given: boolean, expected: boolean) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + disableApiTermination: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + DisableApiTermination: expected, + }, + })); + }); + + test.each([ + [true, true], + [false, false], + ])('Given ebsOptimized %p', (given: boolean, expected: boolean) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + ebsOptimized: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + EbsOptimized: expected, + }, + })); + }); + + test.each([ + [true, true], + [false, false], + ])('Given nitroEnclaveEnabled %p', (given: boolean, expected: boolean) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + nitroEnclaveEnabled: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + EnclaveOptions: { + Enabled: expected, + }, + }, + })); + }); + + test.each([ + [InstanceInitiatedShutdownBehavior.STOP, 'stop'], + [InstanceInitiatedShutdownBehavior.TERMINATE, 'terminate'], + ])('Given instanceInitiatedShutdownBehavior %p', (given: InstanceInitiatedShutdownBehavior, expected: string) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + instanceInitiatedShutdownBehavior: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceInitiatedShutdownBehavior: expected, + }, + })); + }); + + test('Given keyName', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + keyName: 'TestKeyname', + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + KeyName: 'TestKeyname', + }, + })); + }); + + test.each([ + [true, true], + [false, false], + ])('Given detailedMonitoring %p', (given: boolean, expected: boolean) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + detailedMonitoring: given, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + Monitoring: { + Enabled: expected, + }, + }, + })); + }); + + test('Given securityGroup', () => { + // GIVEN + const vpc = new Vpc(stack, 'VPC'); + const sg = new SecurityGroup(stack, 'SG', { vpc }); + + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + securityGroup: sg, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'SGADB53937', + 'GroupId', + ], + }, + ], + }, + })); + expect(template.connections).toBeDefined(); + expect(template.connections.securityGroups).toHaveLength(1); + expect(template.connections.securityGroups[0]).toBe(sg); + }); + + test('Adding tags', () => { + // GIVEN + const template = new LaunchTemplate(stack, 'Template'); + + // WHEN + Tags.of(template).add('TestKey', 'TestValue'); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + TagSpecifications: [ + { + ResourceType: 'instance', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + { + Key: 'TestKey', + Value: 'TestValue', + }, + ], + }, + { + ResourceType: 'volume', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + { + Key: 'TestKey', + Value: 'TestValue', + }, + ], + }, + ], + }, + })); + }); +}); + +describe('LaunchTemplate marketOptions', () => { + let app: App; + let stack: Stack; + + beforeEach(() => { + app = new App(); + stack = new Stack(app); + }); + + test('given spotOptions', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: {}, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + }, + }, + })); + }); + + test.each([ + [0, 1], + [1, 0], + [6, 0], + [7, 1], + ])('for range duration errors: %p', (duration: number, expectedErrors: number) => { + // WHEN + const template = new LaunchTemplate(stack, 'Template', { + spotOptions: { + blockDuration: Duration.hours(duration), + }, + }); + + // THEN + expect(template.node.metadata).toHaveLength(expectedErrors); + }); + + test('for bad duration', () => { + expect(() => { + new LaunchTemplate(stack, 'Template', { + spotOptions: { + // Duration must be an integral number of hours. + blockDuration: Duration.minutes(61), + }, + }); + }).toThrow(); + }); + + test('given blockDuration', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: { + blockDuration: Duration.hours(1), + }, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + SpotOptions: { + BlockDurationMinutes: 60, + }, + }, + }, + })); + }); + + test.each([ + [SpotInstanceInterruption.STOP, 'stop'], + [SpotInstanceInterruption.TERMINATE, 'terminate'], + [SpotInstanceInterruption.HIBERNATE, 'hibernate'], + ])('given interruptionBehavior %p', (given: SpotInstanceInterruption, expected: string) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: { + interruptionBehavior: given, + }, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + SpotOptions: { + InstanceInterruptionBehavior: expected, + }, + }, + }, + })); + }); + + test.each([ + [0.001, '0.001'], + [1, '1'], + [2.5, '2.5'], + ])('given maxPrice %p', (given: number, expected: string) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: { + maxPrice: given, + }, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + SpotOptions: { + MaxPrice: expected, + }, + }, + }, + })); + }); + + test.each([ + [SpotRequestType.ONE_TIME, 'one-time'], + [SpotRequestType.PERSISTENT, 'persistent'], + ])('given requestType %p', (given: SpotRequestType, expected: string) => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: { + requestType: given, + }, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + SpotOptions: { + SpotInstanceType: expected, + }, + }, + }, + })); + }); + + test('given validUntil', () => { + // WHEN + new LaunchTemplate(stack, 'Template', { + spotOptions: { + validUntil: Expiration.atTimestamp(0), + }, + }); + + // THEN + expectCDK(stack).to(haveResourceLike('AWS::EC2::LaunchTemplate', { + LaunchTemplateData: { + InstanceMarketOptions: { + MarketType: 'spot', + SpotOptions: { + ValidUntil: 'Thu, 01 Jan 1970 00:00:00 GMT', + }, + }, + }, + })); + }); +}); diff --git a/packages/@aws-cdk/aws-ec2/test/machine-image.test.ts b/packages/@aws-cdk/aws-ec2/test/machine-image.test.ts index 2fcf7e2980be9..43e6dbdcd88cf 100644 --- a/packages/@aws-cdk/aws-ec2/test/machine-image.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/machine-image.test.ts @@ -1,3 +1,4 @@ +import { expect as cdkExpect, matchTemplate, MatchStyle } from '@aws-cdk/assert'; import { App, Stack } from '@aws-cdk/core'; import * as ec2 from '../lib'; @@ -11,6 +12,43 @@ beforeEach(() => { }); }); +test('can make and use a Linux image', () => { + // WHEN + const image = new ec2.GenericLinuxImage({ + testregion: 'ami-1234', + }); + + // THEN + const details = image.getImage(stack); + expect(details.imageId).toEqual('ami-1234'); + expect(details.osType).toEqual(ec2.OperatingSystemType.LINUX); +}); + +test('can make and use a Linux image in agnostic stack', () => { + // WHEN + app = new App(); + stack = new Stack(app, 'Stack'); + const image = new ec2.GenericLinuxImage({ + testregion: 'ami-1234', + }); + + // THEN + const details = image.getImage(stack); + const expected = { + Mappings: { + AmiMap: { + testregion: { + ami: 'ami-1234', + }, + }, + }, + }; + + cdkExpect(stack).to(matchTemplate(expected, MatchStyle.EXACT)); + expect(stack.resolve(details.imageId)).toEqual({ 'Fn::FindInMap': ['AmiMap', { Ref: 'AWS::Region' }, 'ami'] }); + expect(details.osType).toEqual(ec2.OperatingSystemType.LINUX); +}); + test('can make and use a Windows image', () => { // WHEN const image = new ec2.GenericWindowsImage({ @@ -23,6 +61,31 @@ test('can make and use a Windows image', () => { expect(details.osType).toEqual(ec2.OperatingSystemType.WINDOWS); }); +test('can make and use a Windows image in agnostic stack', () => { + // WHEN + app = new App(); + stack = new Stack(app, 'Stack'); + const image = new ec2.GenericWindowsImage({ + testregion: 'ami-1234', + }); + + // THEN + const details = image.getImage(stack); + const expected = { + Mappings: { + AmiMap: { + testregion: { + ami: 'ami-1234', + }, + }, + }, + }; + + cdkExpect(stack).to(matchTemplate(expected, MatchStyle.EXACT)); + expect(stack.resolve(details.imageId)).toEqual({ 'Fn::FindInMap': ['AmiMap', { Ref: 'AWS::Region' }, 'ami'] }); + expect(details.osType).toEqual(ec2.OperatingSystemType.WINDOWS); +}); + test('can make and use a Generic SSM image', () => { // WHEN const image = new ec2.GenericSSMParameterImage('testParam', ec2.OperatingSystemType.LINUX); diff --git a/packages/@aws-cdk/aws-ec2/test/volume.test.ts b/packages/@aws-cdk/aws-ec2/test/volume.test.ts index e0d37a232c6d6..23707c01c2340 100644 --- a/packages/@aws-cdk/aws-ec2/test/volume.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/volume.test.ts @@ -328,6 +328,7 @@ nodeunitShim({ availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(500), volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + iops: 300, }); // THEN @@ -338,6 +339,26 @@ nodeunitShim({ test.done(); }, + 'volume: io2'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new Volume(stack, 'Volume', { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + iops: 300, + }); + + // THEN + cdkExpect(stack).to(haveResourceLike('AWS::EC2::Volume', { + VolumeType: 'io2', + }, ResourcePart.Properties)); + + test.done(); + }, + 'volume: gp2'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -357,6 +378,25 @@ nodeunitShim({ test.done(); }, + 'volume: gp3'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new Volume(stack, 'Volume', { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, + }); + + // THEN + cdkExpect(stack).to(haveResourceLike('AWS::EC2::Volume', { + VolumeType: 'gp3', + }, ResourcePart.Properties)); + + test.done(); + }, + 'volume: st1'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -1295,6 +1335,34 @@ nodeunitShim({ // THEN // Test: Type of volume + for (const volumeType of [ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, + ]) { + test.doesNotThrow(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + iops: 3000, + volumeType, + }); + }); + } + + for (const volumeType of [ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + ]) { + test.throws(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + volumeType, + }); + }, /`iops` must be specified if the `volumeType` is/); + } + for (const volumeType of [ EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD, @@ -1308,60 +1376,78 @@ nodeunitShim({ iops: 100, volumeType, }); - }, '`iops` may only be specified if the `volumeType` is `PROVISIONED_IOPS_SSD`/`IO1`'); + }, /`iops` may only be specified if the `volumeType` is/); } // Test: iops in range - test.throws(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(10), - iops: 99, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, - }); - }, '`iops` must be in the range 100 to 64,000, inclusive.'); - test.doesNotThrow(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(10), - iops: 100, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, - }); - }); - test.doesNotThrow(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(1300), - iops: 64000, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + for (const testData of [ + [EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, 3000, 16000], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, 100, 64000], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, 100, 64000], + ]) { + const volumeType = testData[0] as EbsDeviceVolumeType; + const min = testData[1] as number; + const max = testData[2] as number; + test.throws(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.tebibytes(10), + volumeType, + iops: min - 1, + }); + }, /iops must be between/); + test.doesNotThrow(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.tebibytes(10), + volumeType, + iops: min, + }); }); - }); - test.throws(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(1300), - iops: 64001, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + test.doesNotThrow(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.tebibytes(10), + volumeType, + iops: max, + }); }); - }, '`iops` must be in the range 100 to 64,000, inclusive.'); + test.throws(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.tebibytes(10), + volumeType, + iops: max + 1, + }); + }, /iops must be between/); + } // Test: iops ratio - test.doesNotThrow(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(10), - iops: 500, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, - }); - }); - test.throws(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(10), - iops: 501, - volumeType: EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + for (const testData of [ + [EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, 500], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, 50], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, 500], + ]) { + const volumeType = testData[0] as EbsDeviceVolumeType; + const max = testData[1] as number; + const size = 10; + test.doesNotThrow(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(size), + volumeType, + iops: max * size, + }); }); - }, '`iops` has a maximum ratio of 50 IOPS/GiB.'); + test.throws(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(size), + volumeType, + iops: max * size + 1, + }); + }, /iops has a maximum ratio of/); + } test.done(); }, @@ -1374,18 +1460,38 @@ nodeunitShim({ // THEN for (const volumeType of [ EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, + EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD, EbsDeviceVolumeType.COLD_HDD, EbsDeviceVolumeType.MAGNETIC, ]) { - test.throws(() => { - new Volume(stack, `Volume${idx++}`, { - availabilityZone: 'us-east-1a', - size: cdk.Size.gibibytes(500), - enableMultiAttach: true, - volumeType, + if ( + [ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + ].includes(volumeType) + ) { + test.doesNotThrow(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + enableMultiAttach: true, + volumeType, + iops: 100, + }); }); - }, 'multi-attach is supported exclusively on `PROVISIONED_IOPS_SSD` volumes.'); + } else { + test.throws(() => { + new Volume(stack, `Volume${idx++}`, { + availabilityZone: 'us-east-1a', + size: cdk.Size.gibibytes(500), + enableMultiAttach: true, + volumeType, + }); + }, /multi-attach is supported exclusively/); + } } test.done(); @@ -1398,27 +1504,40 @@ nodeunitShim({ // THEN for (const testData of [ - [EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, 1, 16000], - [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, 4, 16000], - [EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD, 500, 16000], - [EbsDeviceVolumeType.COLD_HDD, 500, 16000], - [EbsDeviceVolumeType.MAGNETIC, 1, 1000], + [EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, 1, 16384], + [EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3, 1, 16384], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, 4, 16384], + [EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, 4, 16384], + [EbsDeviceVolumeType.THROUGHPUT_OPTIMIZED_HDD, 125, 16384], + [EbsDeviceVolumeType.COLD_HDD, 125, 16384], + [EbsDeviceVolumeType.MAGNETIC, 1, 1024], ]) { const volumeType = testData[0] as EbsDeviceVolumeType; const min = testData[1] as number; const max = testData[2] as number; + const iops = [ + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD, + EbsDeviceVolumeType.PROVISIONED_IOPS_SSD_IO2, + ].includes(volumeType) ? 100 : null; + test.throws(() => { new Volume(stack, `Volume${idx++}`, { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(min - 1), volumeType, + ...iops + ? { iops } + : {}, }); - }, `\`${volumeType}\` volumes must be between ${min} GiB and ${max} GiB in size.`); + }, /volumes must be between/); test.doesNotThrow(() => { new Volume(stack, `Volume${idx++}`, { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(min), volumeType, + ...iops + ? { iops } + : {}, }); }); test.doesNotThrow(() => { @@ -1426,6 +1545,9 @@ nodeunitShim({ availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(max), volumeType, + ...iops + ? { iops } + : {}, }); }); test.throws(() => { @@ -1433,8 +1555,11 @@ nodeunitShim({ availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(max + 1), volumeType, + ...iops + ? { iops } + : {}, }); - }, `\`${volumeType}\` volumes must be between ${min} GiB and ${max} GiB in size.`); + }, /volumes must be between/); } test.done(); diff --git a/packages/@aws-cdk/aws-ec2/test/vpc.from-lookup.test.ts b/packages/@aws-cdk/aws-ec2/test/vpc.from-lookup.test.ts index 5555dc3fa9ed7..12ed7d05329d5 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc.from-lookup.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/vpc.from-lookup.test.ts @@ -210,6 +210,47 @@ nodeunitShim({ test.done(); }, + 'subnets in imported VPC has all expected attributes'(test: Test) { + const previous = mockVpcContextProviderWith(test, { + vpcId: 'vpc-1234', + subnetGroups: [ + { + name: 'Public', + type: cxapi.VpcSubnetGroupType.PUBLIC, + subnets: [ + { + subnetId: 'pub-sub-in-us-east-1a', + availabilityZone: 'us-east-1a', + routeTableId: 'rt-123', + cidr: '10.100.0.0/24', + }, + ], + }, + ], + }, options => { + test.deepEqual(options.filter, { + isDefault: 'true', + }); + + test.equal(options.subnetGroupNameTag, undefined); + }); + + const stack = new Stack(); + const vpc = Vpc.fromLookup(stack, 'Vpc', { + isDefault: true, + }); + + let subnet = vpc.publicSubnets[0]; + + test.equal(subnet.availabilityZone, 'us-east-1a'); + test.equal(subnet.subnetId, 'pub-sub-in-us-east-1a'); + test.equal(subnet.routeTable.routeTableId, 'rt-123'); + test.equal(subnet.ipv4CidrBlock, '10.100.0.0/24'); + + + restoreContextProvider(previous); + test.done(); + }, }, }); diff --git a/packages/@aws-cdk/aws-ec2/test/vpn.test.ts b/packages/@aws-cdk/aws-ec2/test/vpn.test.ts index 72be541bf45e2..4cf8880c3b0ab 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpn.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/vpn.test.ts @@ -1,5 +1,5 @@ import { expect, haveResource } from '@aws-cdk/assert'; -import { Duration, Stack } from '@aws-cdk/core'; +import { Duration, Stack, Token } from '@aws-cdk/core'; import { nodeunitShim, Test } from 'nodeunit-shim'; import { PublicSubnet, Vpc, VpnConnection } from '../lib'; @@ -322,4 +322,24 @@ nodeunitShim({ })); test.done(); }, + 'can add a vpn connection with a Token as customer gateway ip'(test:Test) { + // GIVEN + const stack = new Stack(); + const token = Token.asAny('192.0.2.1'); + + // WHEN + new Vpc(stack, 'VpcNetwork', { + vpnConnections: { + VpnConnection: { + ip: token as any, + }, + }, + }); + + // THEN + expect(stack).to(haveResource('AWS::EC2::CustomerGateway', { + IpAddress: '192.0.2.1', + })); + test.done(); + }, }); diff --git a/packages/@aws-cdk/aws-ecr/lib/repository.ts b/packages/@aws-cdk/aws-ecr/lib/repository.ts index 36e14cf861adc..83c05ba1ed308 100644 --- a/packages/@aws-cdk/aws-ecr/lib/repository.ts +++ b/packages/@aws-cdk/aws-ecr/lib/repository.ts @@ -202,7 +202,7 @@ export abstract class RepositoryBase extends Resource implements IRepository { detail: { 'repository-name': [this.repositoryName], 'scan-status': ['COMPLETE'], - 'image-tags': options.imageTags ? options.imageTags : undefined, + 'image-tags': options.imageTags ?? undefined, }, }); return rule; @@ -526,7 +526,7 @@ export class Repository extends RepositoryBase { for (const rule of prioritizedRules.concat(autoPrioritizedRules).concat(anyRules)) { ret.push({ ...rule, - rulePriority: rule.rulePriority !== undefined ? rule.rulePriority : autoPrio++, + rulePriority: rule.rulePriority ?? autoPrio++, }); } @@ -557,7 +557,7 @@ function renderLifecycleRule(rule: LifecycleRule) { tagStatus: rule.tagStatus || TagStatus.ANY, tagPrefixList: rule.tagPrefixList, countType: rule.maxImageAge !== undefined ? CountType.SINCE_IMAGE_PUSHED : CountType.IMAGE_COUNT_MORE_THAN, - countNumber: rule.maxImageAge !== undefined ? rule.maxImageAge.toDays() : rule.maxImageCount, + countNumber: rule.maxImageAge?.toDays() ?? rule.maxImageCount, countUnit: rule.maxImageAge !== undefined ? 'days' : undefined, }, action: { diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts index 769756999ad0c..74411bb217558 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts @@ -370,21 +370,19 @@ export abstract class ApplicationLoadBalancedServiceBase extends CoreConstruct { } this.desiredCount = props.desiredCount || 1; - const internetFacing = props.publicLoadBalancer !== undefined ? props.publicLoadBalancer : true; + const internetFacing = props.publicLoadBalancer ?? true; const lbProps = { vpc: this.cluster.vpc, internetFacing, }; - const loadBalancer = props.loadBalancer !== undefined ? props.loadBalancer - : new ApplicationLoadBalancer(this, 'LB', lbProps); + const loadBalancer = props.loadBalancer ?? new ApplicationLoadBalancer(this, 'LB', lbProps); if (props.certificate !== undefined && props.protocol !== undefined && props.protocol !== ApplicationProtocol.HTTPS) { throw new Error('The HTTPS protocol must be used when a certificate is given'); } - const protocol = props.protocol !== undefined ? props.protocol : - (props.certificate ? ApplicationProtocol.HTTPS : ApplicationProtocol.HTTP); + const protocol = props.protocol ?? (props.certificate ? ApplicationProtocol.HTTPS : ApplicationProtocol.HTTP); if (protocol !== ApplicationProtocol.HTTPS && props.redirectHTTP === true) { throw new Error('The HTTPS protocol must be used when redirecting HTTP traffic'); diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts index 67ce9a02e77b6..f3eb132e934ae 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts @@ -478,10 +478,8 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends CoreCon * Create log driver if logging is enabled. */ private createLogDriver(enableLoggingProp?: boolean, logDriverProp?: LogDriver): LogDriver | undefined { - const enableLogging = enableLoggingProp !== undefined ? enableLoggingProp : true; - const logDriver = logDriverProp !== undefined - ? logDriverProp : enableLogging - ? this.createAWSLogDriver(this.node.id) : undefined; + const enableLogging = enableLoggingProp ?? true; + const logDriver = logDriverProp ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); return logDriver; } @@ -522,7 +520,7 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends CoreCon } private createLoadBalancer(name: string, publicLoadBalancer?: boolean): ApplicationLoadBalancer { - const internetFacing = publicLoadBalancer !== undefined ? publicLoadBalancer : true; + const internetFacing = publicLoadBalancer ?? true; const lbProps = { vpc: this.cluster.vpc, internetFacing, @@ -532,7 +530,7 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends CoreCon } private createListenerProtocol(listenerProtocol?: ApplicationProtocol, certificate?: ICertificate): ApplicationProtocol { - return listenerProtocol !== undefined ? listenerProtocol : (certificate ? ApplicationProtocol.HTTPS : ApplicationProtocol.HTTP); + return listenerProtocol ?? (certificate ? ApplicationProtocol.HTTPS : ApplicationProtocol.HTTP); } private createListenerCertificate(listenerName: string, certificate?: ICertificate, domainName?: string, domainZone?: IHostedZone): ICertificate { diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts index ffdcb3b75912a..656cc19d19d43 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts @@ -308,18 +308,15 @@ export abstract class NetworkLoadBalancedServiceBase extends CoreConstruct { } this.desiredCount = props.desiredCount || 1; - const internetFacing = props.publicLoadBalancer !== undefined ? props.publicLoadBalancer : true; + const internetFacing = props.publicLoadBalancer ?? true; const lbProps = { vpc: this.cluster.vpc, internetFacing, }; - const loadBalancer = props.loadBalancer !== undefined ? props.loadBalancer : - new NetworkLoadBalancer(this, 'LB', lbProps); - - const listenerPort = props.listenerPort !== undefined ? props.listenerPort : 80; - + const loadBalancer = props.loadBalancer ?? new NetworkLoadBalancer(this, 'LB', lbProps); + const listenerPort = props.listenerPort ?? 80; const targetProps = { port: 80, }; diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts index d3f74588fd341..d34a6b548076d 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts @@ -384,10 +384,8 @@ export abstract class NetworkMultipleTargetGroupsServiceBase extends CoreConstru * Create log driver if logging is enabled. */ private createLogDriver(enableLoggingProp?: boolean, logDriverProp?: LogDriver): LogDriver | undefined { - const enableLogging = enableLoggingProp !== undefined ? enableLoggingProp : true; - const logDriver = logDriverProp !== undefined - ? logDriverProp : enableLogging - ? this.createAWSLogDriver(this.node.id) : undefined; + const enableLogging = enableLoggingProp ?? true; + const logDriver = logDriverProp ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); return logDriver; } @@ -413,7 +411,7 @@ export abstract class NetworkMultipleTargetGroupsServiceBase extends CoreConstru } private createLoadBalancer(name: string, publicLoadBalancer?: boolean): NetworkLoadBalancer { - const internetFacing = publicLoadBalancer !== undefined ? publicLoadBalancer : true; + const internetFacing = publicLoadBalancer ?? true; const lbProps = { vpc: this.cluster.vpc, internetFacing, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts index 66bdea9619629..3248514931f4d 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts @@ -262,22 +262,18 @@ export abstract class QueueProcessingServiceBase extends CoreConstruct { // Setup autoscaling scaling intervals const defaultScalingSteps = [{ upper: 0, change: -1 }, { lower: 100, change: +1 }, { lower: 500, change: +5 }]; - this.scalingSteps = props.scalingSteps !== undefined ? props.scalingSteps : defaultScalingSteps; + this.scalingSteps = props.scalingSteps ?? defaultScalingSteps; // Create log driver if logging is enabled - const enableLogging = props.enableLogging !== undefined ? props.enableLogging : true; - this.logDriver = props.logDriver !== undefined - ? props.logDriver - : enableLogging - ? this.createAWSLogDriver(this.node.id) - : undefined; + const enableLogging = props.enableLogging ?? true; + this.logDriver = props.logDriver ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); // Add the queue name to environment variables this.environment = { ...(props.environment || {}), QUEUE_NAME: this.sqsQueue.queueName }; this.secrets = props.secrets; // Determine the desired task count (minimum) and maximum scaling capacity - this.desiredCount = props.desiredTaskCount !== undefined ? props.desiredTaskCount : 1; + this.desiredCount = props.desiredTaskCount ?? 1; this.maxCapacity = props.maxScalingCapacity || (2 * this.desiredCount); if (!this.desiredCount && !this.maxCapacity) { diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts index 9cec9e1d9e083..b9bdcf2d100ad 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts @@ -97,12 +97,10 @@ export class ApplicationLoadBalancedEc2Service extends ApplicationLoadBalancedSe }); // Create log driver if logging is enabled - const enableLogging = taskImageOptions.enableLogging !== undefined ? taskImageOptions.enableLogging : true; - const logDriver = taskImageOptions.logDriver !== undefined - ? taskImageOptions.logDriver : enableLogging - ? this.createAWSLogDriver(this.node.id) : undefined; + const enableLogging = taskImageOptions.enableLogging ?? true; + const logDriver = taskImageOptions.logDriver ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, cpu: props.cpu, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts index 4e6fa5c04b6f3..6ed6b6b71802f 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts @@ -94,7 +94,7 @@ export class ApplicationMultipleTargetGroupsEc2Service extends ApplicationMultip taskRole: taskImageOptions.taskRole, }); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, cpu: props.cpu, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts index 2d2c00fcf345e..fae46b68e7380 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts @@ -95,12 +95,10 @@ export class NetworkLoadBalancedEc2Service extends NetworkLoadBalancedServiceBas }); // Create log driver if logging is enabled - const enableLogging = taskImageOptions.enableLogging !== undefined ? taskImageOptions.enableLogging : true; - const logDriver = taskImageOptions.logDriver !== undefined - ? taskImageOptions.logDriver : enableLogging - ? this.createAWSLogDriver(this.node.id) : undefined; + const enableLogging = taskImageOptions.enableLogging ?? true; + const logDriver = taskImageOptions.logDriver ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, cpu: props.cpu, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts index a283c9ab55dec..eb8392d3b2148 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts @@ -93,7 +93,7 @@ export class NetworkMultipleTargetGroupsEc2Service extends NetworkMultipleTarget taskRole: taskImageOptions.taskRole, }); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, cpu: props.cpu, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/scheduled-ecs-task.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/scheduled-ecs-task.ts index 7350ae82bb2cc..7f64a18df9ff8 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/scheduled-ecs-task.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/scheduled-ecs-task.ts @@ -107,7 +107,7 @@ export class ScheduledEc2Task extends ScheduledTaskBase { command: taskImageOptions.command, environment: taskImageOptions.environment, secrets: taskImageOptions.secrets, - logging: taskImageOptions.logDriver !== undefined ? taskImageOptions.logDriver : this.createAWSLogDriver(this.node.id), + logging: taskImageOptions.logDriver ?? this.createAWSLogDriver(this.node.id), }); } else { throw new Error('You must specify a taskDefinition or image'); diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts index 00049e662ee0f..2ae468bcae558 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts @@ -117,7 +117,7 @@ export class ApplicationLoadBalancedFargateService extends ApplicationLoadBalanc constructor(scope: Construct, id: string, props: ApplicationLoadBalancedFargateServiceProps = {}) { super(scope, id, props); - this.assignPublicIp = props.assignPublicIp !== undefined ? props.assignPublicIp : false; + this.assignPublicIp = props.assignPublicIp ?? false; if (props.taskDefinition && props.taskImageOptions) { throw new Error('You must specify either a taskDefinition or an image, not both.'); @@ -134,12 +134,12 @@ export class ApplicationLoadBalancedFargateService extends ApplicationLoadBalanc }); // Create log driver if logging is enabled - const enableLogging = taskImageOptions.enableLogging !== undefined ? taskImageOptions.enableLogging : true; + const enableLogging = taskImageOptions.enableLogging ?? true; const logDriver = taskImageOptions.logDriver !== undefined ? taskImageOptions.logDriver : enableLogging ? this.createAWSLogDriver(this.node.id) : undefined; - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, logging: logDriver, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts index a5840bc2f2e76..495049dfccfa8 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts @@ -113,7 +113,7 @@ export class ApplicationMultipleTargetGroupsFargateService extends ApplicationMu constructor(scope: Construct, id: string, props: ApplicationMultipleTargetGroupsFargateServiceProps = {}) { super(scope, id, props); - this.assignPublicIp = props.assignPublicIp !== undefined ? props.assignPublicIp : false; + this.assignPublicIp = props.assignPublicIp ?? false; if (props.taskDefinition && props.taskImageOptions) { throw new Error('You must specify only one of TaskDefinition or TaskImageOptions.'); @@ -129,7 +129,7 @@ export class ApplicationMultipleTargetGroupsFargateService extends ApplicationMu family: taskImageOptions.family, }); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, logging: this.logDriver, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts index 10dcfebdc2f80..4aad4b31e7efe 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts @@ -106,7 +106,7 @@ export class NetworkLoadBalancedFargateService extends NetworkLoadBalancedServic constructor(scope: Construct, id: string, props: NetworkLoadBalancedFargateServiceProps = {}) { super(scope, id, props); - this.assignPublicIp = props.assignPublicIp !== undefined ? props.assignPublicIp : false; + this.assignPublicIp = props.assignPublicIp ?? false; if (props.taskDefinition && props.taskImageOptions) { throw new Error('You must specify either a taskDefinition or an image, not both.'); @@ -123,12 +123,10 @@ export class NetworkLoadBalancedFargateService extends NetworkLoadBalancedServic }); // Create log driver if logging is enabled - const enableLogging = taskImageOptions.enableLogging !== undefined ? taskImageOptions.enableLogging : true; - const logDriver = taskImageOptions.logDriver !== undefined - ? taskImageOptions.logDriver : enableLogging - ? this.createAWSLogDriver(this.node.id) : undefined; + const enableLogging = taskImageOptions.enableLogging ?? true; + const logDriver = taskImageOptions.logDriver ?? (enableLogging ? this.createAWSLogDriver(this.node.id) : undefined); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, logging: logDriver, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts index 0d97d730daeab..dab033b1938ce 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts @@ -113,7 +113,7 @@ export class NetworkMultipleTargetGroupsFargateService extends NetworkMultipleTa constructor(scope: Construct, id: string, props: NetworkMultipleTargetGroupsFargateServiceProps = {}) { super(scope, id, props); - this.assignPublicIp = props.assignPublicIp !== undefined ? props.assignPublicIp : false; + this.assignPublicIp = props.assignPublicIp ?? false; if (props.taskDefinition && props.taskImageOptions) { throw new Error('You must specify only one of TaskDefinition or TaskImageOptions.'); @@ -129,7 +129,7 @@ export class NetworkMultipleTargetGroupsFargateService extends NetworkMultipleTa family: taskImageOptions.family, }); - const containerName = taskImageOptions.containerName !== undefined ? taskImageOptions.containerName : 'web'; + const containerName = taskImageOptions.containerName ?? 'web'; const container = this.taskDefinition.addContainer(containerName, { image: taskImageOptions.image, logging: this.logDriver, diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/scheduled-fargate-task.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/scheduled-fargate-task.ts index 27b9d8b6ad224..ab46883fa9c90 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/scheduled-fargate-task.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/scheduled-fargate-task.ts @@ -115,7 +115,7 @@ export class ScheduledFargateTask extends ScheduledTaskBase { command: taskImageOptions.command, environment: taskImageOptions.environment, secrets: taskImageOptions.secrets, - logging: taskImageOptions.logDriver !== undefined ? taskImageOptions.logDriver : this.createAWSLogDriver(this.node.id), + logging: taskImageOptions.logDriver ?? this.createAWSLogDriver(this.node.id), }); } else { throw new Error('You must specify one of: taskDefinition or image'); diff --git a/packages/@aws-cdk/aws-ecs/lib/base/base-service.ts b/packages/@aws-cdk/aws-ecs/lib/base/base-service.ts index 6704ab8d79ca9..5c5160a849835 100644 --- a/packages/@aws-cdk/aws-ecs/lib/base/base-service.ts +++ b/packages/@aws-cdk/aws-ecs/lib/base/base-service.ts @@ -234,8 +234,7 @@ class ApplicationListenerConfig extends ListenerConfig { public addTargets(id: string, target: LoadBalancerTargetOptions, service: BaseService) { const props = this.props || {}; const protocol = props.protocol; - const port = props.port !== undefined ? props.port : (protocol === undefined ? 80 : - (protocol === elbv2.ApplicationProtocol.HTTPS ? 443 : 80)); + const port = props.port ?? (protocol === elbv2.ApplicationProtocol.HTTPS ? 443 : 80); this.listener.addTargets(id, { ... props, targets: [ @@ -260,7 +259,7 @@ class NetworkListenerConfig extends ListenerConfig { * Create and attach a target group to listener. */ public addTargets(id: string, target: LoadBalancerTargetOptions, service: BaseService) { - const port = this.props !== undefined ? this.props.port : 80; + const port = this.props?.port ?? 80; this.listener.addTargets(id, { ... this.props, targets: [ @@ -370,7 +369,7 @@ export abstract class BaseService extends Resource } : undefined, }, propagateTags: props.propagateTags === PropagatedTagSource.NONE ? undefined : props.propagateTags, - enableEcsManagedTags: props.enableECSManagedTags === undefined ? false : props.enableECSManagedTags, + enableEcsManagedTags: props.enableECSManagedTags ?? false, deploymentController: props.deploymentController, launchType: props.deploymentController?.type === DeploymentControllerType.EXTERNAL ? undefined : props.launchType, healthCheckGracePeriodSeconds: this.evaluateHealthGracePeriod(props.healthCheckGracePeriod), @@ -525,7 +524,7 @@ export abstract class BaseService extends Resource * @returns The created CloudMap service */ public enableCloudMap(options: CloudMapOptions): cloudmap.Service { - const sdNamespace = options.cloudMapNamespace !== undefined ? options.cloudMapNamespace : this.cluster.defaultCloudMapNamespace; + const sdNamespace = options.cloudMapNamespace ?? this.cluster.defaultCloudMapNamespace; if (sdNamespace === undefined) { throw new Error('Cannot enable service discovery if a Cloudmap Namespace has not been created in the cluster.'); } @@ -739,9 +738,7 @@ export abstract class BaseService extends Resource */ private evaluateHealthGracePeriod(providedHealthCheckGracePeriod?: Duration): IResolvable { return Lazy.any({ - produce: () => providedHealthCheckGracePeriod !== undefined ? providedHealthCheckGracePeriod.toSeconds() : - this.loadBalancers.length > 0 ? 60 : - undefined, + produce: () => providedHealthCheckGracePeriod?.toSeconds() ?? (this.loadBalancers.length > 0 ? 60 : undefined), }); } } diff --git a/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts b/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts index ff27f00cb79a8..f7b0f05c92800 100644 --- a/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts +++ b/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts @@ -284,8 +284,7 @@ export class TaskDefinition extends TaskDefinitionBase { props.volumes.forEach(v => this.addVolume(v)); } - this.networkMode = props.networkMode !== undefined ? props.networkMode : - this.isFargateCompatible ? NetworkMode.AWS_VPC : NetworkMode.BRIDGE; + this.networkMode = props.networkMode ?? (this.isFargateCompatible ? NetworkMode.AWS_VPC : NetworkMode.BRIDGE); if (this.isFargateCompatible && this.networkMode !== NetworkMode.AWS_VPC) { throw new Error(`Fargate tasks can only have AwsVpc network mode, got: ${this.networkMode}`); } diff --git a/packages/@aws-cdk/aws-ecs/lib/cluster.ts b/packages/@aws-cdk/aws-ecs/lib/cluster.ts index fcc28784229e5..ca84679e7b970 100644 --- a/packages/@aws-cdk/aws-ecs/lib/cluster.ts +++ b/packages/@aws-cdk/aws-ecs/lib/cluster.ts @@ -790,7 +790,7 @@ class ImportedCluster extends Resource implements ICluster { this.hasEc2Capacity = props.hasEc2Capacity !== false; this._defaultCloudMapNamespace = props.defaultCloudMapNamespace; - this.clusterArn = props.clusterArn !== undefined ? props.clusterArn : Stack.of(this).formatArn({ + this.clusterArn = props.clusterArn ?? Stack.of(this).formatArn({ service: 'ecs', resource: 'cluster', resourceName: props.clusterName, diff --git a/packages/@aws-cdk/aws-ecs/lib/container-definition.ts b/packages/@aws-cdk/aws-ecs/lib/container-definition.ts index b4d31c56133fc..983489743482f 100644 --- a/packages/@aws-cdk/aws-ecs/lib/container-definition.ts +++ b/packages/@aws-cdk/aws-ecs/lib/container-definition.ts @@ -399,7 +399,7 @@ export class ContainerDefinition extends CoreConstruct { throw new Error('MemoryLimitMiB should not be less than MemoryReservationMiB.'); } } - this.essential = props.essential !== undefined ? props.essential : true; + this.essential = props.essential ?? true; this.taskDefinition = props.taskDefinition; this.memoryLimitSpecified = props.memoryLimitMiB !== undefined || props.memoryReservationMiB !== undefined; this.linuxParameters = props.linuxParameters; @@ -705,10 +705,10 @@ function renderEnvironmentFiles(environmentFiles: EnvironmentFileConfig[]): any[ function renderHealthCheck(hc: HealthCheck): CfnTaskDefinition.HealthCheckProperty { return { command: getHealthCheckCommand(hc), - interval: hc.interval != null ? hc.interval.toSeconds() : 30, - retries: hc.retries !== undefined ? hc.retries : 3, - startPeriod: hc.startPeriod && hc.startPeriod.toSeconds(), - timeout: hc.timeout !== undefined ? hc.timeout.toSeconds() : 5, + interval: hc.interval?.toSeconds() ?? 30, + retries: hc.retries ?? 3, + startPeriod: hc.startPeriod?.toSeconds(), + timeout: hc.timeout?.toSeconds() ?? 5, }; } diff --git a/packages/@aws-cdk/aws-ecs/lib/ec2/ec2-service.ts b/packages/@aws-cdk/aws-ecs/lib/ec2/ec2-service.ts index a119e445e6571..18c6df350fb4e 100644 --- a/packages/@aws-cdk/aws-ecs/lib/ec2/ec2-service.ts +++ b/packages/@aws-cdk/aws-ecs/lib/ec2/ec2-service.ts @@ -181,8 +181,7 @@ export class Ec2Service extends BaseService implements IEc2Service { throw new Error('Only one of SecurityGroup or SecurityGroups can be populated.'); } - const propagateTagsFromSource = props.propagateTaskTagsFrom !== undefined ? props.propagateTaskTagsFrom - : (props.propagateTags !== undefined ? props.propagateTags : PropagatedTagSource.NONE); + const propagateTagsFromSource = props.propagateTaskTagsFrom ?? props.propagateTags ?? PropagatedTagSource.NONE; super(scope, id, { ...props, diff --git a/packages/@aws-cdk/aws-ecs/lib/fargate/fargate-service.ts b/packages/@aws-cdk/aws-ecs/lib/fargate/fargate-service.ts index f70ca796ed3f6..01a9f75665c57 100644 --- a/packages/@aws-cdk/aws-ecs/lib/fargate/fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs/lib/fargate/fargate-service.ts @@ -147,8 +147,7 @@ export class FargateService extends BaseService implements IFargateService { throw new Error(`The task definition of this service uses at least one container that references a secret JSON field. This feature requires platform version ${FargatePlatformVersion.VERSION1_4} or later.`); } - const propagateTagsFromSource = props.propagateTaskTagsFrom !== undefined ? props.propagateTaskTagsFrom - : (props.propagateTags !== undefined ? props.propagateTags : PropagatedTagSource.NONE); + const propagateTagsFromSource = props.propagateTaskTagsFrom ?? props.propagateTags ?? PropagatedTagSource.NONE; super(scope, id, { ...props, diff --git a/packages/@aws-cdk/aws-eks-legacy/lib/cluster.ts b/packages/@aws-cdk/aws-eks-legacy/lib/cluster.ts index a00358d7395ce..1f8c699180aad 100644 --- a/packages/@aws-cdk/aws-eks-legacy/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks-legacy/lib/cluster.ts @@ -382,7 +382,7 @@ export class Cluster extends Resource implements ICluster { }; let resource; - this.kubectlEnabled = props.kubectlEnabled === undefined ? true : props.kubectlEnabled; + this.kubectlEnabled = props.kubectlEnabled ?? true; if (this.kubectlEnabled) { resource = new ClusterResource(this, 'Resource', clusterProps); this._defaultMastersRole = resource.creationRole; @@ -429,13 +429,13 @@ export class Cluster extends Resource implements ICluster { } // allocate default capacity if non-zero (or default). - const desiredCapacity = props.defaultCapacity === undefined ? DEFAULT_CAPACITY_COUNT : props.defaultCapacity; + const desiredCapacity = props.defaultCapacity ?? DEFAULT_CAPACITY_COUNT; if (desiredCapacity > 0) { const instanceType = props.defaultCapacityInstance || DEFAULT_CAPACITY_TYPE; this.defaultCapacity = this.addCapacity('DefaultCapacity', { instanceType, desiredCapacity }); } - const outputConfigCommand = props.outputConfigCommand === undefined ? true : props.outputConfigCommand; + const outputConfigCommand = props.outputConfigCommand ?? true; if (outputConfigCommand) { const postfix = commonCommandOptions.join(' '); new CfnOutput(this, 'ConfigCommand', { value: `${updateConfigCommandPrefix} ${postfix}` }); @@ -512,7 +512,7 @@ export class Cluster extends Resource implements ICluster { autoScalingGroup.connections.allowToAnyIpv4(ec2.Port.allUdp()); autoScalingGroup.connections.allowToAnyIpv4(ec2.Port.allIcmp()); - const bootstrapEnabled = options.bootstrapEnabled !== undefined ? options.bootstrapEnabled : true; + const bootstrapEnabled = options.bootstrapEnabled ?? true; if (options.bootstrapOptions && !bootstrapEnabled) { throw new Error('Cannot specify "bootstrapOptions" if "bootstrapEnabled" is false'); } @@ -537,7 +537,7 @@ export class Cluster extends Resource implements ICluster { // do not attempt to map the role if `kubectl` is not enabled for this // cluster or if `mapRole` is set to false. By default this should happen. - const mapRole = options.mapRole === undefined ? true : options.mapRole; + const mapRole = options.mapRole ?? true; if (mapRole && this.kubectlEnabled) { // see https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html this.awsAuth.addRoleMapping(autoScalingGroup.role, { diff --git a/packages/@aws-cdk/aws-eks-legacy/lib/user-data.ts b/packages/@aws-cdk/aws-eks-legacy/lib/user-data.ts index e889663520f32..75d6e009d657a 100644 --- a/packages/@aws-cdk/aws-eks-legacy/lib/user-data.ts +++ b/packages/@aws-cdk/aws-eks-legacy/lib/user-data.ts @@ -12,7 +12,7 @@ export function renderUserData(clusterName: string, autoScalingGroup: autoscalin const extraArgs = new Array(); - extraArgs.push(`--use-max-pods ${options.useMaxPods === undefined ? true : options.useMaxPods}`); + extraArgs.push(`--use-max-pods ${options.useMaxPods ?? true}`); if (options.awsApiRetryAttempts) { extraArgs.push(`--aws-api-retry-attempts ${options.awsApiRetryAttempts}`); diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 6737ac1c7f604..706a23720c157 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -1105,7 +1105,7 @@ export class Cluster extends ClusterBase { commonCommandOptions.push(`--role-arn ${mastersRole.roleArn}`); // allocate default capacity if non-zero (or default). - const minCapacity = props.defaultCapacity === undefined ? DEFAULT_CAPACITY_COUNT : props.defaultCapacity; + const minCapacity = props.defaultCapacity ?? DEFAULT_CAPACITY_COUNT; if (minCapacity > 0) { const instanceType = props.defaultCapacityInstance || DEFAULT_CAPACITY_TYPE; this.defaultCapacity = props.defaultCapacityType === DefaultCapacityType.EC2 ? @@ -1115,7 +1115,7 @@ export class Cluster extends ClusterBase { this.addNodegroupCapacity('DefaultCapacity', { instanceTypes: [instanceType], minSize: minCapacity }) : undefined; } - const outputConfigCommand = props.outputConfigCommand === undefined ? true : props.outputConfigCommand; + const outputConfigCommand = props.outputConfigCommand ?? true; if (outputConfigCommand) { const postfix = commonCommandOptions.join(' '); new CfnOutput(this, 'ConfigCommand', { value: `${updateConfigCommandPrefix} ${postfix}` }); @@ -1251,7 +1251,7 @@ export class Cluster extends ClusterBase { // allow traffic to/from managed node groups (eks attaches this security group to the managed nodes) autoScalingGroup.addSecurityGroup(this.clusterSecurityGroup); - const bootstrapEnabled = options.bootstrapEnabled !== undefined ? options.bootstrapEnabled : true; + const bootstrapEnabled = options.bootstrapEnabled ?? true; if (options.bootstrapOptions && !bootstrapEnabled) { throw new Error('Cannot specify "bootstrapOptions" if "bootstrapEnabled" is false'); } @@ -1278,7 +1278,7 @@ export class Cluster extends ClusterBase { // do not attempt to map the role if `kubectl` is not enabled for this // cluster or if `mapRole` is set to false. By default this should happen. - const mapRole = options.mapRole === undefined ? true : options.mapRole; + const mapRole = options.mapRole ?? true; if (mapRole) { // see https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html this.awsAuth.addRoleMapping(autoScalingGroup.role, { diff --git a/packages/@aws-cdk/aws-eks/lib/user-data.ts b/packages/@aws-cdk/aws-eks/lib/user-data.ts index cf38cf7ee9761..3b8d997535771 100644 --- a/packages/@aws-cdk/aws-eks/lib/user-data.ts +++ b/packages/@aws-cdk/aws-eks/lib/user-data.ts @@ -13,7 +13,7 @@ export function renderAmazonLinuxUserData(clusterName: string, autoScalingGroup: const extraArgs = new Array(); - extraArgs.push(`--use-max-pods ${options.useMaxPods === undefined ? true : options.useMaxPods}`); + extraArgs.push(`--use-max-pods ${options.useMaxPods ?? true}`); if (options.awsApiRetryAttempts) { extraArgs.push(`--aws-api-retry-attempts ${options.awsApiRetryAttempts}`); diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 55c423f157a55..eaed2daee58d2 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -248,7 +248,7 @@ export class LoadBalancer extends Resource implements IConnectable { listeners: Lazy.any({ produce: () => this.listeners }), scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), - crossZone: (props.crossZone === undefined || props.crossZone) ? true : false, + crossZone: props.crossZone ?? true, }); if (props.internetFacing) { this.elb.node.addDependency(selectedSubnets.internetConnectivityEstablished); diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-listener.ts index 17170f4402b1a..db52671e5a368 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-listener.ts @@ -108,7 +108,7 @@ export abstract class BaseListener extends Resource { const resource = new CfnListener(this, 'Resource', { ...additionalProps, - defaultActions: Lazy.any({ produce: () => this.defaultAction ? this.defaultAction.renderActions() : [] }), + defaultActions: Lazy.any({ produce: () => this.defaultAction?.renderActions() ?? [] }), }); this.listenerArn = resource.ref; diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts index 0ff63805aab90..5e569fd8213ca 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts @@ -246,20 +246,20 @@ export abstract class TargetGroupBase extends CoreConstruct implements ITargetGr vpcId: cdk.Lazy.string({ produce: () => this.vpc && this.targetType !== TargetType.LAMBDA ? this.vpc.vpcId : undefined }), // HEALTH CHECK - healthCheckEnabled: cdk.Lazy.any({ produce: () => this.healthCheck && this.healthCheck.enabled }), + healthCheckEnabled: cdk.Lazy.any({ produce: () => this.healthCheck?.enabled }), healthCheckIntervalSeconds: cdk.Lazy.number({ - produce: () => this.healthCheck && this.healthCheck.interval && this.healthCheck.interval.toSeconds(), + produce: () => this.healthCheck?.interval?.toSeconds(), }), - healthCheckPath: cdk.Lazy.string({ produce: () => this.healthCheck && this.healthCheck.path }), - healthCheckPort: cdk.Lazy.string({ produce: () => this.healthCheck && this.healthCheck.port }), - healthCheckProtocol: cdk.Lazy.string({ produce: () => this.healthCheck && this.healthCheck.protocol }), + healthCheckPath: cdk.Lazy.string({ produce: () => this.healthCheck?.path }), + healthCheckPort: cdk.Lazy.string({ produce: () => this.healthCheck?.port }), + healthCheckProtocol: cdk.Lazy.string({ produce: () => this.healthCheck?.protocol }), healthCheckTimeoutSeconds: cdk.Lazy.number({ - produce: () => this.healthCheck && this.healthCheck.timeout && this.healthCheck.timeout.toSeconds(), + produce: () => this.healthCheck?.timeout?.toSeconds(), }), - healthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck && this.healthCheck.healthyThresholdCount }), - unhealthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck && this.healthCheck.unhealthyThresholdCount }), + healthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck?.healthyThresholdCount }), + unhealthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck?.unhealthyThresholdCount }), matcher: cdk.Lazy.any({ - produce: () => this.healthCheck && this.healthCheck.healthyHttpCodes !== undefined ? { + produce: () => this.healthCheck?.healthyHttpCodes !== undefined ? { httpCode: this.healthCheck.healthyHttpCodes, } : undefined, }), diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/util.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/util.ts index 2ecc35c365694..a6d2692a59e83 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/util.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/util.ts @@ -67,7 +67,7 @@ export function determineProtocolAndPort(protocol: ApplicationProtocol | undefin * Helper function to default undefined input props */ export function ifUndefined(x: T | undefined, def: T) { - return x !== undefined ? x : def; + return x ?? def; } /** diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/security-group.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/security-group.test.ts index e4d45eb609335..67d14cd4f721e 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/security-group.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/security-group.test.ts @@ -272,7 +272,7 @@ class TestFixture { }); this.lb = new elbv2.ApplicationLoadBalancer(this.stack, 'LB', { vpc: this.vpc }); - createListener = createListener === undefined ? true : createListener; + createListener = createListener ?? true; if (createListener) { this._listener = this.lb.addListener('Listener', { port: 80, open: false }); } diff --git a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts index a4b19981dd0b1..baff4c76cde66 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts @@ -115,7 +115,7 @@ export class EcsTask implements events.IRuleTarget { this.cluster = props.cluster; this.taskDefinition = props.taskDefinition; - this.taskCount = props.taskCount !== undefined ? props.taskCount : 1; + this.taskCount = props.taskCount ?? 1; this.platformVersion = props.platformVersion; if (props.role) { diff --git a/packages/@aws-cdk/aws-events/lib/rule.ts b/packages/@aws-cdk/aws-events/lib/rule.ts index 0079954e73558..969965021f75d 100644 --- a/packages/@aws-cdk/aws-events/lib/rule.ts +++ b/packages/@aws-cdk/aws-events/lib/rule.ts @@ -166,7 +166,7 @@ export class Rule extends Resource implements IRule { const targetProps = target.bind(this, autoGeneratedId); const inputProps = targetProps.input && targetProps.input.bind(this); - const roleArn = targetProps.role ? targetProps.role.roleArn : undefined; + const roleArn = targetProps.role?.roleArn; const id = targetProps.id || autoGeneratedId; if (targetProps.targetResource) { @@ -298,7 +298,7 @@ export class Rule extends Resource implements IRule { sqsParameters: targetProps.sqsParameters, input: inputProps && inputProps.input, inputPath: inputProps && inputProps.inputPath, - inputTransformer: inputProps && inputProps.inputTemplate !== undefined ? { + inputTransformer: inputProps?.inputTemplate !== undefined ? { inputTemplate: inputProps.inputTemplate, inputPathsMap: inputProps.inputPathsMap, } : undefined, diff --git a/packages/@aws-cdk/aws-events/lib/schedule.ts b/packages/@aws-cdk/aws-events/lib/schedule.ts index 1e0a391e2b911..8c2c04481c0d2 100644 --- a/packages/@aws-cdk/aws-events/lib/schedule.ts +++ b/packages/@aws-cdk/aws-events/lib/schedule.ts @@ -115,7 +115,7 @@ class LiteralSchedule extends Schedule { } function fallback(x: T | undefined, def: T): T { - return x === undefined ? def : x; + return x ?? def; } /** diff --git a/packages/@aws-cdk/aws-glue/lib/table.ts b/packages/@aws-cdk/aws-glue/lib/table.ts index 859bb0b2ee325..635fe67a68d35 100644 --- a/packages/@aws-cdk/aws-glue/lib/table.ts +++ b/packages/@aws-cdk/aws-glue/lib/table.ts @@ -243,7 +243,7 @@ export class Table extends Resource implements ITable { this.columns = props.columns; this.partitionKeys = props.partitionKeys; - this.compressed = props.compressed === undefined ? false : props.compressed; + this.compressed = props.compressed ?? false; const { bucket, encryption, encryptionKey } = createBucket(this, props); this.bucket = bucket; this.encryption = encryption; @@ -267,7 +267,7 @@ export class Table extends Resource implements ITable { storageDescriptor: { location: `s3://${this.bucket.bucketName}/${this.s3Prefix}`, compressed: this.compressed, - storedAsSubDirectories: props.storedAsSubDirectories === undefined ? false : props.storedAsSubDirectories, + storedAsSubDirectories: props.storedAsSubDirectories ?? false, columns: renderColumns(props.columns), inputFormat: props.dataFormat.inputFormat.className, outputFormat: props.dataFormat.outputFormat.className, diff --git a/packages/@aws-cdk/aws-iam/lib/policy.ts b/packages/@aws-cdk/aws-iam/lib/policy.ts index 795049a1cc163..60862dca07c56 100644 --- a/packages/@aws-cdk/aws-iam/lib/policy.ts +++ b/packages/@aws-cdk/aws-iam/lib/policy.ts @@ -160,7 +160,7 @@ export class Policy extends Resource implements IPolicy { }); this._policyName = this.physicalName!; - this.force = props.force !== undefined ? props.force : false; + this.force = props.force ?? false; if (props.users) { props.users.forEach(u => this.attachToUser(u)); diff --git a/packages/@aws-cdk/aws-kms/lib/key.ts b/packages/@aws-cdk/aws-kms/lib/key.ts index d8de804e61a12..4e18d228fe38e 100644 --- a/packages/@aws-cdk/aws-kms/lib/key.ts +++ b/packages/@aws-cdk/aws-kms/lib/key.ts @@ -156,7 +156,7 @@ abstract class KeyBase extends Resource implements IKey { resourceArns: [this.keyArn], resourceSelfArns: crossEnvironment ? undefined : ['*'], }; - if (this.trustAccountIdentities) { + if (this.trustAccountIdentities && !crossEnvironment) { return iam.Grant.addToPrincipalOrResource(grantOptions); } else { return iam.Grant.addToPrincipalAndResource({ diff --git a/packages/@aws-cdk/aws-kms/test/key.test.ts b/packages/@aws-cdk/aws-kms/test/key.test.ts index 42461faece6f4..b2d37496d00ec 100644 --- a/packages/@aws-cdk/aws-kms/test/key.test.ts +++ b/packages/@aws-cdk/aws-kms/test/key.test.ts @@ -245,6 +245,103 @@ describe('key policies', () => { }); }); + testFutureBehavior('grant for a principal in a different region', flags, cdk.App, (app) => { + const principalStack = new cdk.Stack(app, 'PrincipalStack', { env: { region: 'testregion1' } }); + const principal = new iam.Role(principalStack, 'Role', { + assumedBy: new iam.AnyPrincipal(), + roleName: 'MyRolePhysicalName', + }); + + const keyStack = new cdk.Stack(app, 'KeyStack', { env: { region: 'testregion2' } }); + const key = new kms.Key(keyStack, 'Key'); + + key.grantEncrypt(principal); + + expect(keyStack).toHaveResourceLike('AWS::KMS::Key', { + KeyPolicy: { + Statement: arrayWith( + { + Action: [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + ], + Effect: 'Allow', + Principal: { AWS: { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':iam::', { Ref: 'AWS::AccountId' }, ':role/MyRolePhysicalName']] } }, + Resource: '*', + }, + ), + Version: '2012-10-17', + }, + }); + expect(principalStack).toHaveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + ], + Effect: 'Allow', + Resource: '*', + }, + ], + Version: '2012-10-17', + }, + }); + }); + + testFutureBehavior('grant for a principal in a different account', flags, cdk.App, (app) => { + const principalStack = new cdk.Stack(app, 'PrincipalStack', { env: { account: '0123456789012' } }); + const principal = new iam.Role(principalStack, 'Role', { + assumedBy: new iam.AnyPrincipal(), + roleName: 'MyRolePhysicalName', + }); + + const keyStack = new cdk.Stack(app, 'KeyStack', { env: { account: '111111111111' } }); + const key = new kms.Key(keyStack, 'Key'); + + key.grantEncrypt(principal); + + expect(keyStack).toHaveResourceLike('AWS::KMS::Key', { + KeyPolicy: { + Statement: [ + { + // Default policy, unmodified + }, + { + Action: [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + ], + Effect: 'Allow', + Principal: { AWS: { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':iam::0123456789012:role/MyRolePhysicalName']] } }, + Resource: '*', + }, + ], + Version: '2012-10-17', + }, + }); + expect(principalStack).toHaveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + ], + Effect: 'Allow', + Resource: '*', + }, + ], + Version: '2012-10-17', + }, + }); + }); + testFutureBehavior('additional key admins can be specified (with imported/immutable principal)', flags, cdk.App, (app) => { const stack = new cdk.Stack(app); const adminRole = iam.Role.fromRoleArn(stack, 'Admin', 'arn:aws:iam::123456789012:role/TrustedAdmin'); diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies index bfdb9e093ed4a..536887fd69a9a 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies +++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies @@ -6,6 +6,9 @@ FROM $IMAGE # Ensure rsync is installed RUN yum -q list installed rsync &>/dev/null || yum install -y rsync +# Upgrade pip (required by cryptography v3.4 and above, which is a dependency of poetry) +RUN pip install --upgrade pip + # Install pipenv and poetry so we can create a requirements.txt if we detect pipfile or poetry.lock respectively RUN pip install pipenv poetry diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json index c3adcd34e3e95..3690005685439 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3Bucket035B0B74" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3Bucket414E0E30" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098" } ] } @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerServiceRole77891068", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.6" }, "DependsOn": [ @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3Bucket035B0B74": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3Bucket414E0E30": { "Type": "String", - "Description": "S3 bucket for asset \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "S3 bucket for asset \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" }, - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098": { "Type": "String", - "Description": "S3 key for asset version \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "S3 key for asset version \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" }, - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57ArtifactHash70AD5A1E": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353ArtifactHashECA6C88C": { "Type": "String", - "Description": "Artifact hash for asset \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "Artifact hash for asset \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json index 0c310b5f52e7e..ef1f355e528c3 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D" + "Ref": "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cS3BucketA501FC08" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + "Ref": "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cS3VersionKey1C3AFB39" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + "Ref": "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cS3VersionKey1C3AFB39" } ] } @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerinlineServiceRole10C681F6", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.6" }, "DependsOn": [ @@ -121,7 +121,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8" + "Ref": "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28S3Bucket7DE4D4D5" }, "S3Key": { "Fn::Join": [ @@ -134,7 +134,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + "Ref": "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28S3VersionKeyAEB67E87" } ] } @@ -147,7 +147,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + "Ref": "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28S3VersionKeyAEB67E87" } ] } @@ -157,13 +157,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerpython27ServiceRole2ED49C06", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python2.7" }, "DependsOn": [ @@ -206,7 +206,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813" + "Ref": "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009S3BucketA66E9035" }, "S3Key": { "Fn::Join": [ @@ -219,7 +219,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + "Ref": "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009S3VersionKeyAFEB5FDA" } ] } @@ -232,7 +232,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + "Ref": "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009S3VersionKeyAFEB5FDA" } ] } @@ -242,13 +242,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerpython38ServiceRole2049AFF7", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.8" }, "DependsOn": [ @@ -257,41 +257,41 @@ } }, "Parameters": { - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D": { + "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cS3BucketA501FC08": { "Type": "String", - "Description": "S3 bucket for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "S3 bucket for asset \"94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45c\"" }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0": { + "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cS3VersionKey1C3AFB39": { "Type": "String", - "Description": "S3 key for asset version \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "S3 key for asset version \"94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45c\"" }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bArtifactHashEE8E0CE9": { + "AssetParameters94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45cArtifactHash99DC751A": { "Type": "String", - "Description": "Artifact hash for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "Artifact hash for asset \"94972df8a01484c56b50bec3793ac6c4302bc044db29d3502007bdc0f83db45c\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8": { + "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28S3Bucket7DE4D4D5": { "Type": "String", - "Description": "S3 bucket for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "S3 bucket for asset \"3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C": { + "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28S3VersionKeyAEB67E87": { "Type": "String", - "Description": "S3 key for asset version \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "S3 key for asset version \"3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014ArtifactHash7768674B": { + "AssetParameters3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28ArtifactHashE51CE860": { "Type": "String", - "Description": "Artifact hash for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "Artifact hash for asset \"3b0b0f3cd46ea1490006d6cefca359385ec059bb00a0fbee4de2eecf48038e28\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813": { + "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009S3BucketA66E9035": { "Type": "String", - "Description": "S3 bucket for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "S3 bucket for asset \"876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383": { + "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009S3VersionKeyAFEB5FDA": { "Type": "String", - "Description": "S3 key for asset version \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "S3 key for asset version \"876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aArtifactHash652F614E": { + "AssetParameters876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009ArtifactHashB9A1080D": { "Type": "String", - "Description": "Artifact hash for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "Artifact hash for asset \"876959f777c5a23bf4408991959c55c91810329d159608feb7ede69418b35009\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json index 0c310b5f52e7e..5ea17bca31920 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D" + "Ref": "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efS3BucketD53ED9C5" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + "Ref": "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efS3VersionKey3C218A3E" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + "Ref": "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efS3VersionKey3C218A3E" } ] } @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerinlineServiceRole10C681F6", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.6" }, "DependsOn": [ @@ -121,7 +121,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8" + "Ref": "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dS3BucketFDE171D0" }, "S3Key": { "Fn::Join": [ @@ -134,7 +134,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + "Ref": "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dS3VersionKey6209E240" } ] } @@ -147,7 +147,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + "Ref": "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dS3VersionKey6209E240" } ] } @@ -157,13 +157,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerpython27ServiceRole2ED49C06", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python2.7" }, "DependsOn": [ @@ -206,7 +206,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813" + "Ref": "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68S3BucketA23E6312" }, "S3Key": { "Fn::Join": [ @@ -219,7 +219,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + "Ref": "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68S3VersionKey1E21AF83" } ] } @@ -232,7 +232,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + "Ref": "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68S3VersionKey1E21AF83" } ] } @@ -242,13 +242,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerpython38ServiceRole2049AFF7", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.8" }, "DependsOn": [ @@ -257,41 +257,41 @@ } }, "Parameters": { - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D": { + "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efS3BucketD53ED9C5": { "Type": "String", - "Description": "S3 bucket for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "S3 bucket for asset \"61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175ef\"" }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0": { + "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efS3VersionKey3C218A3E": { "Type": "String", - "Description": "S3 key for asset version \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "S3 key for asset version \"61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175ef\"" }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bArtifactHashEE8E0CE9": { + "AssetParameters61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175efArtifactHash6A1881A8": { "Type": "String", - "Description": "Artifact hash for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + "Description": "Artifact hash for asset \"61d8d26f10d1d73dee2732bec7ed381d2c987fc2912a339f2f119f3b0ea175ef\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8": { + "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dS3BucketFDE171D0": { "Type": "String", - "Description": "S3 bucket for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "S3 bucket for asset \"1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956d\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C": { + "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dS3VersionKey6209E240": { "Type": "String", - "Description": "S3 key for asset version \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "S3 key for asset version \"1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956d\"" }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014ArtifactHash7768674B": { + "AssetParameters1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956dArtifactHash02B929EC": { "Type": "String", - "Description": "Artifact hash for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + "Description": "Artifact hash for asset \"1d66b06c3b3ee86b3126fb58d7a06ff055d366d8aeeb4dfbaf28d40f0930956d\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813": { + "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68S3BucketA23E6312": { "Type": "String", - "Description": "S3 bucket for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "S3 bucket for asset \"96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383": { + "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68S3VersionKey1E21AF83": { "Type": "String", - "Description": "S3 key for asset version \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "S3 key for asset version \"96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68\"" }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aArtifactHash652F614E": { + "AssetParameters96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68ArtifactHash0043D2A0": { "Type": "String", - "Description": "Artifact hash for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + "Description": "Artifact hash for asset \"96a447e468bf9d3b52d13213757160cd43f28737a29b8682c281fde388762e68\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json index 5bc285e5c5769..9a81c901d7451 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json @@ -5,7 +5,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cS3Bucket6D2DF2A1" + "Ref": "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aS3BucketCCD07444" }, "S3Key": { "Fn::Join": [ @@ -18,7 +18,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cS3VersionKey897AD818" + "Ref": "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aS3VersionKeyA8B74284" } ] } @@ -31,7 +31,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cS3VersionKey897AD818" + "Ref": "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aS3VersionKeyA8B74284" } ] } @@ -118,19 +118,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerServiceRole77891068", "Arn" ] }, - "Runtime": "python3.6", + "Handler": "index.handler", "Layers": [ { "Ref": "SharedDACC02AA" } - ] + ], + "Runtime": "python3.6" }, "DependsOn": [ "myhandlerServiceRole77891068" @@ -138,17 +138,17 @@ } }, "Parameters": { - "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cS3Bucket6D2DF2A1": { + "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aS3BucketCCD07444": { "Type": "String", - "Description": "S3 bucket for asset \"314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4c\"" + "Description": "S3 bucket for asset \"6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4a\"" }, - "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cS3VersionKey897AD818": { + "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aS3VersionKeyA8B74284": { "Type": "String", - "Description": "S3 key for asset version \"314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4c\"" + "Description": "S3 key for asset version \"6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4a\"" }, - "AssetParameters314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4cArtifactHashF8341E5E": { + "AssetParameters6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4aArtifactHashB3093591": { "Type": "String", - "Description": "Artifact hash for asset \"314dd9f824ae895011cd7bb81d52a0ba316c902995491d7f4072c5aefccb6e4c\"" + "Description": "Artifact hash for asset \"6a4b9ce26d3228c4effd7b46ed51ab439e79a530934ad9bde7d77d7f6b6ebd4a\"" }, "AssetParameters71de8786d26e9f9205375b6cea9342e92d8a622a97d01d7e7d2f7661f056f218S3Bucket89C9DB12": { "Type": "String", diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json index 2f0a607ecaecb..b5b137205752f 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cS3BucketEEA58FD6" + "Ref": "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adS3BucketA9379638" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cS3VersionKey5B5DB95F" + "Ref": "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adS3VersionKey4376B462" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cS3VersionKey5B5DB95F" + "Ref": "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adS3VersionKey4376B462" } ] } @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerServiceRole77891068", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.8" }, "DependsOn": [ @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cS3BucketEEA58FD6": { + "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adS3BucketA9379638": { "Type": "String", - "Description": "S3 bucket for asset \"428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381c\"" + "Description": "S3 bucket for asset \"1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148ad\"" }, - "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cS3VersionKey5B5DB95F": { + "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adS3VersionKey4376B462": { "Type": "String", - "Description": "S3 key for asset version \"428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381c\"" + "Description": "S3 key for asset version \"1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148ad\"" }, - "AssetParameters428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381cArtifactHash239A9708": { + "AssetParameters1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148adArtifactHashB9B928DC": { "Type": "String", - "Description": "Artifact hash for asset \"428642c68731bb90502dd14a13320f1f31db649ea6f770f56acdc6f4bb1b381c\"" + "Description": "Artifact hash for asset \"1482f01217b8bed41000ca172724dc762f68208d3faa315bd6e8e07bbea148ad\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json index ba8fee87727b4..6b3b8230c2874 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "functionServiceRoleEF216095", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python2.7" }, "DependsOn": [ diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json index 63e6ba74ccfe9..63fad4c61de14 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json @@ -296,7 +296,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3Bucket035B0B74" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3Bucket414E0E30" }, "S3Key": { "Fn::Join": [ @@ -309,7 +309,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098" } ] } @@ -322,7 +322,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F" + "Ref": "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098" } ] } @@ -332,13 +332,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "myhandlerServiceRole77891068", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.6", "VpcConfig": { "SecurityGroupIds": [ @@ -368,17 +368,17 @@ } }, "Parameters": { - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3Bucket035B0B74": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3Bucket414E0E30": { "Type": "String", - "Description": "S3 bucket for asset \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "S3 bucket for asset \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" }, - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57S3VersionKey781CC06F": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353S3VersionKey5ABC9098": { "Type": "String", - "Description": "S3 key for asset version \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "S3 key for asset version \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" }, - "AssetParametersc677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57ArtifactHash70AD5A1E": { + "AssetParameters4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353ArtifactHashECA6C88C": { "Type": "String", - "Description": "Artifact hash for asset \"c677eb7e524b9819a25fefd7267be6618341cd2b2d81f4b4aaa40911d698db57\"" + "Description": "Artifact hash for asset \"4ee6ce8b6ee4bd51743dc0c39d6e52baebaeafff9c9dfea0ff84de98d1dbf353\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda/lib/event-invoke-config.ts b/packages/@aws-cdk/aws-lambda/lib/event-invoke-config.ts index 6c2419c6f8fd5..52e1021cd6878 100644 --- a/packages/@aws-cdk/aws-lambda/lib/event-invoke-config.ts +++ b/packages/@aws-cdk/aws-lambda/lib/event-invoke-config.ts @@ -90,7 +90,7 @@ export class EventInvokeConfig extends Resource { : undefined, functionName: props.function.functionName, maximumEventAgeInSeconds: props.maxEventAge && props.maxEventAge.toSeconds(), - maximumRetryAttempts: props.retryAttempts !== undefined ? props.retryAttempts : undefined, + maximumRetryAttempts: props.retryAttempts ?? undefined, qualifier: props.qualifier || '$LATEST', }); } diff --git a/packages/@aws-cdk/aws-logs/lib/metric-filter.ts b/packages/@aws-cdk/aws-logs/lib/metric-filter.ts index 8dda5f1728fd3..e9b076b55c8a3 100644 --- a/packages/@aws-cdk/aws-logs/lib/metric-filter.ts +++ b/packages/@aws-cdk/aws-logs/lib/metric-filter.ts @@ -42,7 +42,7 @@ export class MetricFilter extends Resource { metricTransformations: [{ metricNamespace: props.metricNamespace, metricName: props.metricName, - metricValue: props.metricValue !== undefined ? props.metricValue : '1', + metricValue: props.metricValue ?? '1', defaultValue: props.defaultValue, }], }); diff --git a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts index 9c2645f64ab43..7e75162761a33 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts @@ -455,6 +455,8 @@ export class AuroraPostgresEngineVersion { public static readonly VER_11_8 = AuroraPostgresEngineVersion.of('11.8', '11', { s3Import: true, s3Export: true }); /** Version "11.9". */ public static readonly VER_11_9 = AuroraPostgresEngineVersion.of('11.9', '11', { s3Import: true, s3Export: true }); + /** Version "12.4". */ + public static readonly VER_12_4 = AuroraPostgresEngineVersion.of('12.4', '12', { s3Import: true, s3Export: true }); /** * Create a new AuroraPostgresEngineVersion with an arbitrary version. diff --git a/packages/@aws-cdk/aws-rds/lib/instance.ts b/packages/@aws-cdk/aws-rds/lib/instance.ts index 74a28666496d2..cb4c3d3487a8c 100644 --- a/packages/@aws-cdk/aws-rds/lib/instance.ts +++ b/packages/@aws-cdk/aws-rds/lib/instance.ts @@ -690,8 +690,8 @@ abstract class DatabaseInstanceNew extends DatabaseInstanceBase implements IData this.newCfnProps = { autoMinorVersionUpgrade: props.autoMinorVersionUpgrade, availabilityZone: props.multiAz ? undefined : props.availabilityZone, - backupRetentionPeriod: props.backupRetention ? props.backupRetention.toDays() : undefined, - copyTagsToSnapshot: props.copyTagsToSnapshot !== undefined ? props.copyTagsToSnapshot : true, + backupRetentionPeriod: props.backupRetention?.toDays(), + copyTagsToSnapshot: props.copyTagsToSnapshot ?? true, dbInstanceClass: Lazy.string({ produce: () => `db.${this.instanceType}` }), dbInstanceIdentifier: props.instanceIdentifier, dbSubnetGroupName: subnetGroup.subnetGroupName, @@ -701,15 +701,15 @@ abstract class DatabaseInstanceNew extends DatabaseInstanceBase implements IData enableIamDatabaseAuthentication: Lazy.any({ produce: () => this.enableIamAuthentication }), enablePerformanceInsights: enablePerformanceInsights || props.enablePerformanceInsights, // fall back to undefined if not set, iops, - monitoringInterval: props.monitoringInterval && props.monitoringInterval.toSeconds(), - monitoringRoleArn: monitoringRole && monitoringRole.roleArn, + monitoringInterval: props.monitoringInterval?.toSeconds(), + monitoringRoleArn: monitoringRole?.roleArn, multiAz: props.multiAz, optionGroupName: props.optionGroup?.optionGroupName, performanceInsightsKmsKeyId: props.performanceInsightEncryptionKey?.keyArn, performanceInsightsRetentionPeriod: enablePerformanceInsights ? (props.performanceInsightRetention || PerformanceInsightRetention.DEFAULT) : undefined, - port: props.port ? props.port.toString() : undefined, + port: props.port?.toString(), preferredBackupWindow: props.preferredBackupWindow, preferredMaintenanceWindow: props.preferredMaintenanceWindow, processorFeatures: props.processorFeatures && renderProcessorFeatures(props.processorFeatures), @@ -849,7 +849,7 @@ abstract class DatabaseInstanceSource extends DatabaseInstanceNew implements IDa ...this.newCfnProps, associatedRoles: instanceAssociatedRoles.length > 0 ? instanceAssociatedRoles : undefined, optionGroupName: engineConfig.optionGroup?.optionGroupName, - allocatedStorage: props.allocatedStorage ? props.allocatedStorage.toString() : '100', + allocatedStorage: props.allocatedStorage?.toString() ?? '100', allowMajorVersionUpgrade: props.allowMajorVersionUpgrade, dbName: props.databaseName, dbParameterGroupName: instanceParameterGroupConfig?.parameterGroupName, @@ -1041,9 +1041,7 @@ export class DatabaseInstanceFromSnapshot extends DatabaseInstanceSource impleme const instance = new CfnDBInstance(this, 'Resource', { ...this.sourceCfnProps, dbSnapshotIdentifier: props.snapshotIdentifier, - masterUserPassword: secret - ? secret.secretValueFromJson('password').toString() - : credentials?.password?.toString(), + masterUserPassword: secret?.secretValueFromJson('password')?.toString() ?? credentials?.password?.toString(), }); this.instanceIdentifier = instance.ref; @@ -1117,7 +1115,7 @@ export class DatabaseInstanceReadReplica extends DatabaseInstanceNew implements ...this.newCfnProps, // this must be ARN, not ID, because of https://github.com/terraform-providers/terraform-provider-aws/issues/528#issuecomment-391169012 sourceDbInstanceIdentifier: props.sourceDatabaseInstance.instanceArn, - kmsKeyId: props.storageEncryptionKey && props.storageEncryptionKey.keyArn, + kmsKeyId: props.storageEncryptionKey?.keyArn, storageEncrypted: props.storageEncryptionKey ? true : props.storageEncrypted, }); diff --git a/packages/@aws-cdk/aws-rds/lib/private/util.ts b/packages/@aws-cdk/aws-rds/lib/private/util.ts index ca5f16d21e038..f97486b5daddf 100644 --- a/packages/@aws-cdk/aws-rds/lib/private/util.ts +++ b/packages/@aws-cdk/aws-rds/lib/private/util.ts @@ -92,9 +92,7 @@ export function applyRemovalPolicy(cfnDatabase: CfnResource, removalPolicy?: Rem * Enable if explicitly provided or if the RemovalPolicy has been set to RETAIN */ export function defaultDeletionProtection(deletionProtection?: boolean, removalPolicy?: RemovalPolicy): boolean | undefined { - return deletionProtection !== undefined - ? deletionProtection - : (removalPolicy === RemovalPolicy.RETAIN ? true : undefined); + return deletionProtection ?? (removalPolicy === RemovalPolicy.RETAIN ? true : undefined); } /** diff --git a/packages/@aws-cdk/aws-redshift/lib/cluster.ts b/packages/@aws-cdk/aws-redshift/lib/cluster.ts index 9126ef4fda737..a94bfa31b7fb5 100644 --- a/packages/@aws-cdk/aws-redshift/lib/cluster.ts +++ b/packages/@aws-cdk/aws-redshift/lib/cluster.ts @@ -40,6 +40,14 @@ export enum NodeType { * dc2.8xlarge */ DC2_8XLARGE = 'dc2.8xlarge', + /** + * ra3.xlplus + */ + RA3_XLPLUS = 'ra3.xlplus', + /** + * ra3.4xlarge + */ + RA3_4XLARGE = 'ra3.4xlarge', /** * ra3.16xlarge */ @@ -406,11 +414,11 @@ export class Cluster extends ClusterBase { super(scope, id); this.vpc = props.vpc; - this.vpcSubnets = props.vpcSubnets ? props.vpcSubnets : { + this.vpcSubnets = props.vpcSubnets ?? { subnetType: ec2.SubnetType.PRIVATE, }; - const removalPolicy = props.removalPolicy ? props.removalPolicy : RemovalPolicy.RETAIN; + const removalPolicy = props.removalPolicy ?? RemovalPolicy.RETAIN; const subnetGroup = props.subnetGroup ?? new ClusterSubnetGroup(this, 'Subnets', { description: `Subnets for ${id} Redshift cluster`, @@ -419,11 +427,10 @@ export class Cluster extends ClusterBase { removalPolicy: removalPolicy, }); - const securityGroups = props.securityGroups !== undefined ? - props.securityGroups : [new ec2.SecurityGroup(this, 'SecurityGroup', { - description: 'Redshift security group', - vpc: this.vpc, - })]; + const securityGroups = props.securityGroups ?? [new ec2.SecurityGroup(this, 'SecurityGroup', { + description: 'Redshift security group', + vpc: this.vpc, + })]; const securityGroupIds = securityGroups.map(sg => sg.securityGroupId); @@ -464,22 +471,20 @@ export class Cluster extends ClusterBase { port: props.port, clusterParameterGroupName: props.parameterGroup && props.parameterGroup.clusterParameterGroupName, // Admin - masterUsername: secret ? secret.secretValueFromJson('username').toString() : props.masterUser.masterUsername, - masterUserPassword: secret - ? secret.secretValueFromJson('password').toString() - : (props.masterUser.masterPassword - ? props.masterUser.masterPassword.toString() - : 'default'), + masterUsername: secret?.secretValueFromJson('username').toString() ?? props.masterUser.masterUsername, + masterUserPassword: secret?.secretValueFromJson('password').toString() + ?? props.masterUser.masterPassword?.toString() + ?? 'default', preferredMaintenanceWindow: props.preferredMaintenanceWindow, nodeType: props.nodeType || NodeType.DC2_LARGE, numberOfNodes: nodeCount, loggingProperties, - iamRoles: props.roles ? props.roles.map(role => role.roleArn) : undefined, + iamRoles: props?.roles?.map(role => role.roleArn), dbName: props.defaultDatabaseName || 'default_db', publiclyAccessible: props.publiclyAccessible || false, // Encryption kmsKeyId: props.encryptionKey && props.encryptionKey.keyArn, - encrypted: props.encrypted !== undefined ? props.encrypted : true, + encrypted: props.encrypted ?? true, }); cluster.applyRemovalPolicy(removalPolicy, { diff --git a/packages/@aws-cdk/aws-s3-assets/README.md b/packages/@aws-cdk/aws-s3-assets/README.md index 3d508070d6a50..aab4c46d9c44d 100644 --- a/packages/@aws-cdk/aws-s3-assets/README.md +++ b/packages/@aws-cdk/aws-s3-assets/README.md @@ -115,6 +115,7 @@ new assets.Asset(this, 'BundledAsset', { }, // Docker bundling fallback image: BundlingDockerImage.fromRegistry('alpine'), + entrypoint: ['/bin/sh', '-c'], command: ['bundle'], }, }); diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts index bbf526b79df86..4ca33864952f3 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts +++ b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts @@ -227,7 +227,7 @@ export class BucketDeployment extends CoreConstruct { Prune: props.prune ?? true, UserMetadata: props.metadata ? mapUserMetadata(props.metadata) : undefined, SystemMetadata: mapSystemMetadata(props), - DistributionId: props.distribution ? props.distribution.distributionId : undefined, + DistributionId: props.distribution?.distributionId, DistributionPaths: props.distributionPaths, }, }); diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index 5c5abfbfec559..525b22f6afd1d 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -413,7 +413,7 @@ abstract class BucketBase extends Resource implements IBucket { detailType: ['AWS API Call via CloudTrail'], detail: { resources: { - ARN: options.paths ? options.paths.map(p => this.arnForObjects(p)) : [this.bucketArn], + ARN: options.paths?.map(p => this.arnForObjects(p)) ?? [this.bucketArn], }, }, }); @@ -1607,13 +1607,13 @@ export class Bucket extends BucketBase { return { rules: this.lifecycleRules.map(parseLifecycleRule) }; function parseLifecycleRule(rule: LifecycleRule): CfnBucket.RuleProperty { - const enabled = rule.enabled !== undefined ? rule.enabled : true; + const enabled = rule.enabled ?? true; const x: CfnBucket.RuleProperty = { // eslint-disable-next-line max-len abortIncompleteMultipartUpload: rule.abortIncompleteMultipartUploadAfter !== undefined ? { daysAfterInitiation: rule.abortIncompleteMultipartUploadAfter.toDays() } : undefined, expirationDate: rule.expirationDate, - expirationInDays: rule.expiration && rule.expiration.toDays(), + expirationInDays: rule.expiration?.toDays(), id: rule.id, noncurrentVersionExpirationInDays: rule.noncurrentVersionExpiration && rule.noncurrentVersionExpiration.toDays(), noncurrentVersionTransitions: mapOrUndefined(rule.noncurrentVersionTransitions, t => ({ diff --git a/packages/@aws-cdk/aws-ses-actions/lib/bounce.ts b/packages/@aws-cdk/aws-ses-actions/lib/bounce.ts index b84c414c5c43e..a1a385651614a 100644 --- a/packages/@aws-cdk/aws-ses-actions/lib/bounce.ts +++ b/packages/@aws-cdk/aws-ses-actions/lib/bounce.ts @@ -100,7 +100,7 @@ export class Bounce implements ses.IReceiptRuleAction { sender: this.props.sender, smtpReplyCode: this.props.template.props.smtpReplyCode, message: this.props.template.props.message, - topicArn: this.props.topic ? this.props.topic.topicArn : undefined, + topicArn: this.props.topic?.topicArn, statusCode: this.props.template.props.statusCode, }, }; diff --git a/packages/@aws-cdk/aws-ses-actions/lib/lambda.ts b/packages/@aws-cdk/aws-ses-actions/lib/lambda.ts index 290211bf1806f..d6be68f92ce24 100644 --- a/packages/@aws-cdk/aws-ses-actions/lib/lambda.ts +++ b/packages/@aws-cdk/aws-ses-actions/lib/lambda.ts @@ -78,7 +78,7 @@ export class Lambda implements ses.IReceiptRuleAction { lambdaAction: { functionArn: this.props.function.functionArn, invocationType: this.props.invocationType, - topicArn: this.props.topic ? this.props.topic.topicArn : undefined, + topicArn: this.props.topic?.topicArn, }, }; } diff --git a/packages/@aws-cdk/aws-ses-actions/lib/s3.ts b/packages/@aws-cdk/aws-ses-actions/lib/s3.ts index 9be2fd8750378..1f288afe2a887 100644 --- a/packages/@aws-cdk/aws-ses-actions/lib/s3.ts +++ b/packages/@aws-cdk/aws-ses-actions/lib/s3.ts @@ -92,9 +92,9 @@ export class S3 implements ses.IReceiptRuleAction { return { s3Action: { bucketName: this.props.bucket.bucketName, - kmsKeyArn: this.props.kmsKey ? this.props.kmsKey.keyArn : undefined, + kmsKeyArn: this.props.kmsKey?.keyArn, objectKeyPrefix: this.props.objectKeyPrefix, - topicArn: this.props.topic ? this.props.topic.topicArn : undefined, + topicArn: this.props.topic?.topicArn, }, }; } diff --git a/packages/@aws-cdk/aws-ses-actions/lib/stop.ts b/packages/@aws-cdk/aws-ses-actions/lib/stop.ts index ab2e9cbb91d1e..f42d206d3d350 100644 --- a/packages/@aws-cdk/aws-ses-actions/lib/stop.ts +++ b/packages/@aws-cdk/aws-ses-actions/lib/stop.ts @@ -23,7 +23,7 @@ export class Stop implements ses.IReceiptRuleAction { return { stopAction: { scope: 'RuleSet', - topicArn: this.props.topic ? this.props.topic.topicArn : undefined, + topicArn: this.props.topic?.topicArn, }, }; } diff --git a/packages/@aws-cdk/aws-ses/lib/receipt-rule-set.ts b/packages/@aws-cdk/aws-ses/lib/receipt-rule-set.ts index c94d4d4edd138..dcb3d011d4251 100644 --- a/packages/@aws-cdk/aws-ses/lib/receipt-rule-set.ts +++ b/packages/@aws-cdk/aws-ses/lib/receipt-rule-set.ts @@ -62,7 +62,7 @@ abstract class ReceiptRuleSetBase extends Resource implements IReceiptRuleSet { */ public addRule(id: string, options?: ReceiptRuleOptions): ReceiptRule { this.lastAddedRule = new ReceiptRule(this, id, { - after: this.lastAddedRule ? this.lastAddedRule : undefined, + after: this.lastAddedRule ?? undefined, ruleSet: this, ...options, }); diff --git a/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts b/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts index 72c056d913693..5b6a276929c8e 100644 --- a/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts +++ b/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts @@ -124,10 +124,10 @@ export class ReceiptRule extends Resource implements IReceiptRule { }); const resource = new CfnReceiptRule(this, 'Resource', { - after: props.after ? props.after.receiptRuleName : undefined, + after: props.after?.receiptRuleName, rule: { actions: Lazy.any({ produce: () => this.renderActions() }), - enabled: props.enabled === undefined ? true : props.enabled, + enabled: props.enabled ?? true, name: this.physicalName, recipients: props.recipients, scanEnabled: props.scanEnabled, diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts index 4b3ecd5ca0013..2e38d60aac150 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts @@ -173,7 +173,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { constructor(scope: Construct, id: string, private readonly props: EmrCreateClusterProps) { super(scope, id, props); - this.visibleToAllUsers = this.props.visibleToAllUsers !== undefined ? this.props.visibleToAllUsers : true; + this.visibleToAllUsers = this.props.visibleToAllUsers ?? true; this.integrationPattern = props.integrationPattern || sfn.IntegrationPattern.RUN_JOB; validatePatternSupported(this.integrationPattern, EmrCreateCluster.SUPPORTED_INTEGRATION_PATTERNS); diff --git a/packages/@aws-cdk/aws-stepfunctions/lib/state-machine.ts b/packages/@aws-cdk/aws-stepfunctions/lib/state-machine.ts index 56b14e69fa5d8..8c7ee585e4b09 100644 --- a/packages/@aws-cdk/aws-stepfunctions/lib/state-machine.ts +++ b/packages/@aws-cdk/aws-stepfunctions/lib/state-machine.ts @@ -380,11 +380,11 @@ export class StateMachine extends StateMachineBase { const graph = new StateGraph(props.definition.startState, `State Machine ${id} definition`); graph.timeout = props.timeout; - this.stateMachineType = props.stateMachineType ? props.stateMachineType : StateMachineType.STANDARD; + this.stateMachineType = props.stateMachineType ?? StateMachineType.STANDARD; const resource = new CfnStateMachine(this, 'Resource', { stateMachineName: this.physicalName, - stateMachineType: props.stateMachineType ? props.stateMachineType : undefined, + stateMachineType: props.stateMachineType ?? undefined, roleArn: this.role.roleArn, definitionString: Stack.of(this).toJsonString(graph.toGraphJson()), loggingConfiguration: props.logs ? this.buildLoggingConfiguration(props.logs) : undefined, diff --git a/packages/@aws-cdk/aws-stepfunctions/lib/states/pass.ts b/packages/@aws-cdk/aws-stepfunctions/lib/states/pass.ts index de9b4d16aab01..fb5e52d2831b2 100644 --- a/packages/@aws-cdk/aws-stepfunctions/lib/states/pass.ts +++ b/packages/@aws-cdk/aws-stepfunctions/lib/states/pass.ts @@ -145,7 +145,7 @@ export class Pass extends State implements INextable { return { Type: StateType.PASS, Comment: this.comment, - Result: this.result ? this.result.value : undefined, + Result: this.result?.value, ResultPath: renderJsonPath(this.resultPath), ...this.renderInputOutput(), ...this.renderParameters(), diff --git a/packages/@aws-cdk/aws-stepfunctions/lib/states/state.ts b/packages/@aws-cdk/aws-stepfunctions/lib/states/state.ts index 02cceb6e64ed2..42a4c8e9bf1b5 100644 --- a/packages/@aws-cdk/aws-stepfunctions/lib/states/state.ts +++ b/packages/@aws-cdk/aws-stepfunctions/lib/states/state.ts @@ -254,7 +254,7 @@ export abstract class State extends CoreConstruct implements IChainable { this.retries.push({ ...props, - errors: props.errors ? props.errors : [Errors.ALL], + errors: props.errors ?? [Errors.ALL], }); } @@ -268,7 +268,7 @@ export abstract class State extends CoreConstruct implements IChainable { this.catches.push({ next: handler, props: { - errors: props.errors ? props.errors : [Errors.ALL], + errors: props.errors ?? [Errors.ALL], resultPath: props.resultPath, }, }); @@ -352,7 +352,7 @@ export abstract class State extends CoreConstruct implements IChainable { protected renderChoices(): any { return { Choices: renderList(this.choices, renderChoice), - Default: this.defaultChoice ? this.defaultChoice.stateId : undefined, + Default: this.defaultChoice?.stateId, }; } diff --git a/packages/@aws-cdk/core/lib/app.ts b/packages/@aws-cdk/core/lib/app.ts index eb095f801ee4f..28e04607a0228 100644 --- a/packages/@aws-cdk/core/lib/app.ts +++ b/packages/@aws-cdk/core/lib/app.ts @@ -116,7 +116,7 @@ export class App extends Stage { this.node.setContext(cxapi.ANALYTICS_REPORTING_ENABLED_CONTEXT, analyticsReporting); } - const autoSynth = props.autoSynth !== undefined ? props.autoSynth : cxapi.OUTDIR_ENV in process.env; + const autoSynth = props.autoSynth ?? cxapi.OUTDIR_ENV in process.env; if (autoSynth) { // synth() guarantuees it will only execute once, so a default of 'true' // doesn't bite manual calling of the function. diff --git a/packages/@aws-cdk/core/lib/arn.ts b/packages/@aws-cdk/core/lib/arn.ts index 2ed3485a6c9b6..1ffcc2da2b33c 100644 --- a/packages/@aws-cdk/core/lib/arn.ts +++ b/packages/@aws-cdk/core/lib/arn.ts @@ -77,10 +77,10 @@ export class Arn { * can be 'undefined'. */ public static format(components: ArnComponents, stack: Stack): string { - const partition = components.partition !== undefined ? components.partition : stack.partition; - const region = components.region !== undefined ? components.region : stack.region; - const account = components.account !== undefined ? components.account : stack.account; - const sep = components.sep !== undefined ? components.sep : '/'; + const partition = components.partition ?? stack.partition; + const region = components.region ?? stack.region; + const account = components.account ?? stack.account; + const sep = components.sep ?? '/'; const values = ['arn', ':', partition, ':', components.service, ':', region, ':', account, ':', components.resource]; diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index c9a9c07e77f34..b1247fd913ea0 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -13,6 +13,17 @@ export interface BundlingOptions { */ readonly image: BundlingDockerImage; + /** + * The entrypoint to run in the Docker container. + * + * @example ['/bin/sh', '-c'] + * + * @see https://docs.docker.com/engine/reference/builder/#entrypoint + * + * @default - run the entrypoint defined in the image + */ + readonly entrypoint?: string[]; + /** * The command to run in the Docker container. * @@ -152,7 +163,15 @@ export class BundlingDockerImage { public run(options: DockerRunOptions = {}) { const volumes = options.volumes || []; const environment = options.environment || {}; - const command = options.command || []; + const entrypoint = options.entrypoint?.[0] || null; + const command = [ + ...options.entrypoint?.[1] + ? [...options.entrypoint.slice(1)] + : [], + ...options.command + ? [...options.command] + : [], + ]; const dockerArgs: string[] = [ 'run', '--rm', @@ -164,6 +183,9 @@ export class BundlingDockerImage { ...options.workingDirectory ? ['-w', options.workingDirectory] : [], + ...entrypoint + ? ['--entrypoint', entrypoint] + : [], this.image, ...command, ]; @@ -238,6 +260,13 @@ export enum DockerVolumeConsistency { * Docker run options */ export interface DockerRunOptions { + /** + * The entrypoint to run in the container. + * + * @default - run the entrypoint defined in the image + */ + readonly entrypoint?: string[]; + /** * The command to run in the container. * diff --git a/packages/@aws-cdk/core/lib/fs/copy.ts b/packages/@aws-cdk/core/lib/fs/copy.ts index b9feb555c8f65..627dc2aa988dc 100644 --- a/packages/@aws-cdk/core/lib/fs/copy.ts +++ b/packages/@aws-cdk/core/lib/fs/copy.ts @@ -5,7 +5,7 @@ import { CopyOptions, SymlinkFollowMode } from './options'; import { shouldFollow } from './utils'; export function copyDirectory(srcDir: string, destDir: string, options: CopyOptions = { }, rootDir?: string) { - const follow = options.follow !== undefined ? options.follow : SymlinkFollowMode.EXTERNAL; + const follow = options.follow ?? SymlinkFollowMode.EXTERNAL; rootDir = rootDir || srcDir; diff --git a/packages/@aws-cdk/core/lib/stack.ts b/packages/@aws-cdk/core/lib/stack.ts index 53e7adfdc206e..2284ddedc203f 100644 --- a/packages/@aws-cdk/core/lib/stack.ts +++ b/packages/@aws-cdk/core/lib/stack.ts @@ -371,7 +371,7 @@ export class Stack extends CoreConstruct implements ITaggable { this.templateOptions.description = props.description; } - this._stackName = props.stackName !== undefined ? props.stackName : this.generateStackName(); + this._stackName = props.stackName ?? this.generateStackName(); this.tags = new TagManager(TagType.KEY_VALUE, 'aws:cdk:stack', props.tags); if (!VALID_STACK_NAME_REGEX.test(this.stackName)) { diff --git a/packages/@aws-cdk/core/lib/tag-aspect.ts b/packages/@aws-cdk/core/lib/tag-aspect.ts index d56c28b551d87..09d79c7ea9799 100644 --- a/packages/@aws-cdk/core/lib/tag-aspect.ts +++ b/packages/@aws-cdk/core/lib/tag-aspect.ts @@ -126,7 +126,7 @@ export class Tag extends TagBase { resource.tags.setTag( this.key, this.value, - this.props.priority !== undefined ? this.props.priority : this.defaultPriority, + this.props.priority ?? this.defaultPriority, this.props.applyToLaunchedInstances !== false, ); } @@ -175,7 +175,7 @@ export class RemoveTag extends TagBase { protected applyTag(resource: ITaggable): void { if (resource.tags.applyTagAspectHere(this.props.includeResourceTypes, this.props.excludeResourceTypes)) { - resource.tags.removeTag(this.key, this.props.priority !== undefined ? this.props.priority : this.defaultPriority); + resource.tags.removeTag(this.key, this.props.priority ?? this.defaultPriority); } } } diff --git a/packages/@aws-cdk/core/lib/token.ts b/packages/@aws-cdk/core/lib/token.ts index 4bbcdb454f9bd..f92a2560cac7c 100644 --- a/packages/@aws-cdk/core/lib/token.ts +++ b/packages/@aws-cdk/core/lib/token.ts @@ -183,7 +183,7 @@ export class Tokenization { return resolve(obj, { scope: options.scope, resolver: options.resolver, - preparing: (options.preparing !== undefined ? options.preparing : false), + preparing: (options.preparing ?? false), }); } diff --git a/packages/@aws-cdk/core/test/bundling.test.ts b/packages/@aws-cdk/core/test/bundling.test.ts index e2b0d6b43b98b..258860d65585c 100644 --- a/packages/@aws-cdk/core/test/bundling.test.ts +++ b/packages/@aws-cdk/core/test/bundling.test.ts @@ -171,6 +171,44 @@ nodeunitShim({ test.done(); }, + 'custom entrypoint is passed through to docker exec'(test: Test) { + const spawnSyncStub = sinon.stub(child_process, 'spawnSync').returns({ + status: 0, + stderr: Buffer.from('stderr'), + stdout: Buffer.from('stdout'), + pid: 123, + output: ['stdout', 'stderr'], + signal: null, + }); + + const image = BundlingDockerImage.fromRegistry('alpine'); + image.run({ + entrypoint: ['/cool/entrypoint', '--cool-entrypoint-arg'], + command: ['cool', 'command'], + environment: { + VAR1: 'value1', + VAR2: 'value2', + }, + volumes: [{ hostPath: '/host-path', containerPath: '/container-path' }], + workingDirectory: '/working-directory', + user: 'user:group', + }); + + test.ok(spawnSyncStub.calledWith('docker', [ + 'run', '--rm', + '-u', 'user:group', + '-v', '/host-path:/container-path:delegated', + '--env', 'VAR1=value1', + '--env', 'VAR2=value2', + '-w', '/working-directory', + '--entrypoint', '/cool/entrypoint', + 'alpine', + '--cool-entrypoint-arg', + 'cool', 'command', + ], { stdio: ['ignore', process.stderr, 'inherit'] })); + test.done(); + }, + 'cp utility copies from an image'(test: Test) { // GIVEN const containerId = '1234567890abcdef1234567890abcdef'; diff --git a/packages/@aws-cdk/core/test/tag-aspect.test.ts b/packages/@aws-cdk/core/test/tag-aspect.test.ts index cb2c5363e2153..b0871e2d13c02 100644 --- a/packages/@aws-cdk/core/test/tag-aspect.test.ts +++ b/packages/@aws-cdk/core/test/tag-aspect.test.ts @@ -6,7 +6,7 @@ class TaggableResource extends CfnResource { public readonly tags: TagManager; constructor(scope: Construct, id: string, props: CfnResourceProps) { super(scope, id, props); - const tags = props.properties === undefined ? undefined : props.properties.tags; + const tags = props.properties?.tags; this.tags = new TagManager(TagType.STANDARD, 'AWS::Fake::Resource', tags); } public testProperties() { @@ -18,7 +18,7 @@ class AsgTaggableResource extends CfnResource { public readonly tags: TagManager; constructor(scope: Construct, id: string, props: CfnResourceProps) { super(scope, id, props); - const tags = props.properties === undefined ? undefined : props.properties.tags; + const tags = props.properties?.tags; this.tags = new TagManager(TagType.AUTOSCALING_GROUP, 'AWS::Fake::Resource', tags); } public testProperties() { @@ -30,7 +30,7 @@ class MapTaggableResource extends CfnResource { public readonly tags: TagManager; constructor(scope: Construct, id: string, props: CfnResourceProps) { super(scope, id, props); - const tags = props.properties === undefined ? undefined : props.properties.tags; + const tags = props.properties?.tags; this.tags = new TagManager(TagType.MAP, 'AWS::Fake::Resource', tags); } public testProperties() { diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index d17a38e62f923..78e2177b186cd 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -285,6 +285,18 @@ When `cdk deploy` is executed, deployment events will include the complete histo The `progress` key can also be specified as a user setting (`~/.cdk.json`) +#### Externally Executable CloudFormation Change Sets + +For more control over when stack changes are deployed, the CDK can generate a +CloudFormation change set but not execute it. The name of the generated +change set is *cdk-deploy-change-set*, and a previous change set with that +name will be overwritten. The change set will always be created, even if it +is empty. + +```console +$ cdk deploy --no-execute +``` + ### `cdk destroy` Deletes a stack from it's environment. This will cause the resources in the stack to be destroyed (unless they were diff --git a/packages/aws-cdk/lib/api/deploy-stack.ts b/packages/aws-cdk/lib/api/deploy-stack.ts index 1b52fb736e946..2dfb2f5119c71 100644 --- a/packages/aws-cdk/lib/api/deploy-stack.ts +++ b/packages/aws-cdk/lib/api/deploy-stack.ts @@ -174,6 +174,7 @@ export interface DeployStackOptions { } const LARGE_TEMPLATE_SIZE_KB = 50; +const CDK_CHANGE_SET_NAME = 'cdk-deploy-change-set'; /** @experimental */ export async function deployStack(options: DeployStackOptions): Promise { @@ -228,14 +229,20 @@ export async function deployStack(options: DeployStackOptions): Promise { executed = true; return {}; }), + deleteChangeSet: jest.fn(), getTemplate: jest.fn(() => { executed = true; return {}; diff --git a/packages/aws-cdk/test/api/deploy-stack.test.ts b/packages/aws-cdk/test/api/deploy-stack.test.ts index 1908b4716aac0..8fffb321ef995 100644 --- a/packages/aws-cdk/test/api/deploy-stack.test.ts +++ b/packages/aws-cdk/test/api/deploy-stack.test.ts @@ -459,6 +459,53 @@ test('not executed and no error if --no-execute is given', async () => { expect(cfnMocks.executeChangeSet).not.toHaveBeenCalled(); }); +test('empty change set is deleted if --execute is given', async () => { + cfnMocks.describeChangeSet?.mockImplementation(() => ({ + Status: 'FAILED', + StatusReason: 'No updates are to be performed.', + })); + + // GIVEN + givenStackExists(); + + // WHEN + await deployStack({ + ...standardDeployStackArguments(), + execute: true, + force: true, // Necessary to bypass "skip deploy" + }); + + // THEN + expect(cfnMocks.createChangeSet).toHaveBeenCalled(); + expect(cfnMocks.executeChangeSet).not.toHaveBeenCalled(); + + //the first deletion is for any existing cdk change sets, the second is for the deleting the new empty change set + expect(cfnMocks.deleteChangeSet).toHaveBeenCalledTimes(2); +}); + +test('empty change set is not deleted if --no-execute is given', async () => { + cfnMocks.describeChangeSet?.mockImplementation(() => ({ + Status: 'FAILED', + StatusReason: 'No updates are to be performed.', + })); + + // GIVEN + givenStackExists(); + + // WHEN + await deployStack({ + ...standardDeployStackArguments(), + execute: false, + }); + + // THEN + expect(cfnMocks.createChangeSet).toHaveBeenCalled(); + expect(cfnMocks.executeChangeSet).not.toHaveBeenCalled(); + + //the first deletion is for any existing cdk change sets + expect(cfnMocks.deleteChangeSet).toHaveBeenCalledTimes(1); +}); + test('use S3 url for stack deployment if present in Stack Artifact', async () => { // WHEN await deployStack({ diff --git a/tools/cfn2ts/lib/codegen.ts b/tools/cfn2ts/lib/codegen.ts index f1e9f184e67af..8d85d05f7ee72 100644 --- a/tools/cfn2ts/lib/codegen.ts +++ b/tools/cfn2ts/lib/codegen.ts @@ -898,7 +898,7 @@ export default class CodeGenerator { this.code.line('/**'); before.forEach(line => this.code.line(` * ${line}`.trimRight())); if (link) { - this.code.line(` * @see ${link}`); + this.code.line(` * @link ${link}`); } this.code.line(' */'); return;