From 957f53197071df89084a38053b5926d27ede39cd Mon Sep 17 00:00:00 2001 From: Mohamed ElAsmar Date: Wed, 26 Jun 2024 06:16:25 -0700 Subject: [PATCH 1/4] fix(aws-s3): allow import S3 bucket with a legacy name --- .../aws-cdk-s3-integ.assets.json | 19 ++ .../aws-cdk-s3-integ.template.json | 102 ++++++++ ...efaultTestDeployAssert9DECDFBF.assets.json | 19 ++ ...aultTestDeployAssert9DECDFBF.template.json | 36 +++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 119 +++++++++ .../tree.json | 233 ++++++++++++++++++ .../aws-s3/test/integ.bucket-legacy-naming.ts | 40 +++ packages/aws-cdk-lib/aws-s3/README.md | 4 + packages/aws-cdk-lib/aws-s3/lib/bucket.ts | 10 +- .../aws-cdk-lib/aws-s3/test/bucket.test.ts | 46 ++++ 12 files changed, 637 insertions(+), 4 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json new file mode 100644 index 0000000000000..1eef02fde9742 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24": { + "source": { + "path": "aws-cdk-s3-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json new file mode 100644 index 0000000000000..4ec4d77afcb46 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json @@ -0,0 +1,102 @@ +{ + "Resources": { + "LegacyBucketRoleFF9F72AB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "LegacyBucketRoleDefaultPolicyA9F22E7C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::my_legacy_bucket2/*", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket1/*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket3/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LegacyBucketRoleDefaultPolicyA9F22E7C", + "Roles": [ + { + "Ref": "LegacyBucketRoleFF9F72AB" + } + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets.json new file mode 100644 index 0000000000000..6be83bd7547da --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json new file mode 100644 index 0000000000000..7453c82b70a06 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "aws-cdk-s3-integ-test/DefaultTest": { + "stacks": [ + "aws-cdk-s3-integ" + ], + "assertionStack": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert", + "assertionStackName": "awscdks3integtestDefaultTestDeployAssert9DECDFBF" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json new file mode 100644 index 0000000000000..410f389492c32 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "36.0.0", + "artifacts": { + "aws-cdk-s3-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-s3-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-s3-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-s3-integ.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-s3-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-s3-integ.assets" + ], + "metadata": { + "/aws-cdk-s3-integ/LegacyBucketRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LegacyBucketRoleFF9F72AB" + } + ], + "/aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LegacyBucketRoleDefaultPolicyA9F22E7C" + } + ], + "/aws-cdk-s3-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-s3-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-s3-integ" + }, + "awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "awscdks3integtestDefaultTestDeployAssert9DECDFBF": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "awscdks3integtestDefaultTestDeployAssert9DECDFBF.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets" + ], + "metadata": { + "/aws-cdk-s3-integ-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-s3-integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json new file mode 100644 index 0000000000000..d64683a95a299 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json @@ -0,0 +1,233 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-s3-integ": { + "id": "aws-cdk-s3-integ", + "path": "aws-cdk-s3-integ", + "children": { + "LegacyBucketFromName": { + "id": "LegacyBucketFromName", + "path": "aws-cdk-s3-integ/LegacyBucketFromName", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0" + } + }, + "LegacyBucketFromArn": { + "id": "LegacyBucketFromArn", + "path": "aws-cdk-s3-integ/LegacyBucketFromArn", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0" + } + }, + "LegacyBucketFromAttributes": { + "id": "LegacyBucketFromAttributes", + "path": "aws-cdk-s3-integ/LegacyBucketFromAttributes", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0" + } + }, + "LegacyBucketRole": { + "id": "LegacyBucketRole", + "path": "aws-cdk-s3-integ/LegacyBucketRole", + "children": { + "ImportLegacyBucketRole": { + "id": "ImportLegacyBucketRole", + "path": "aws-cdk-s3-integ/LegacyBucketRole/ImportLegacyBucketRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-s3-integ/LegacyBucketRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::my_legacy_bucket2/*", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket1/*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket3/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "LegacyBucketRoleDefaultPolicyA9F22E7C", + "roles": [ + { + "Ref": "LegacyBucketRoleFF9F72AB" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-s3-integ/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-s3-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "aws-cdk-s3-integ-test": { + "id": "aws-cdk-s3-integ-test", + "path": "aws-cdk-s3-integ-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "aws-cdk-s3-integ-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-s3-integ-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts new file mode 100644 index 0000000000000..8a4b6b6470a58 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts @@ -0,0 +1,40 @@ +#!/usr/bin/env node +import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as s3 from 'aws-cdk-lib/aws-s3'; +import * as iam from 'aws-cdk-lib/aws-iam'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-cdk-s3-integ'); + +const legacyBucketFromName = s3.Bucket.fromBucketName(stack, 'LegacyBucketFromName', 'my_legacy_bucket1'); + +const legacyBucketFromArn = s3.Bucket.fromBucketArn(stack, 'LegacyBucketFromArn', 'arn:aws:s3:::my_legacy_bucket2'); + +const legacyBucketFromAttributes = s3.Bucket.fromBucketAttributes(stack, 'LegacyBucketFromAttributes', { + bucketName: 'my_legacy_bucket3', +}); + +const role = new iam.Role(stack, 'LegacyBucketRole', { + assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), +}); +role.addToPolicy( + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + actions: ['s3:*'], + resources: [ + `${legacyBucketFromName.bucketArn}/*`, + `${legacyBucketFromArn.bucketArn}/*`, + `${legacyBucketFromAttributes.bucketArn}/*`, + ], + }) +); + +new IntegTest(app, 'aws-cdk-s3-integ-test', { + testCases: [stack], +}); + +// In the synthesized template, verify: +// 1. The bucket names imported using different methods (Bucket.fromBucketName, Bucket.fromBucketArn, Bucket.fromBucketAttributes) are not modified and contain underscores. +// 2. The policy attached to the role includes the correct bucket ARNs with underscores for all three imported buckets. + diff --git a/packages/aws-cdk-lib/aws-s3/README.md b/packages/aws-cdk-lib/aws-s3/README.md index 58b7084e620e2..4f13169aa3906 100644 --- a/packages/aws-cdk-lib/aws-s3/README.md +++ b/packages/aws-cdk-lib/aws-s3/README.md @@ -225,6 +225,10 @@ To import an existing bucket into your CDK application, use the `Bucket.fromBuck factory method. This method accepts `BucketAttributes` which describes the properties of an already existing bucket: +Note that this method allows importing buckets with legacy names containing underscores (`_`), which was +permitted for buckets created before March 1, 2018. For buckets created after this date, underscores +are not allowed in the bucket name. + ```ts declare const myLambda: lambda.Function; const bucket = s3.Bucket.fromBucketAttributes(this, 'ImportedBucket', { diff --git a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts index 5497df55798f2..45fb98de8a2cb 100644 --- a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts +++ b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts @@ -1733,7 +1733,7 @@ export class Bucket extends BucketBase { if (!bucketName) { throw new Error('Bucket name is required'); } - Bucket.validateBucketName(bucketName); + Bucket.validateBucketName(bucketName, true); const oldEndpoint = `s3-website-${region}.${urlSuffix}`; const newEndpoint = `s3-website.${region}.${urlSuffix}`; @@ -1840,8 +1840,9 @@ export class Bucket extends BucketBase { * Thrown an exception if the given bucket name is not valid. * * @param physicalName name of the bucket. + * @param allowLegacyBucketNaming allow legacy bucket naming style, default is false. */ - public static validateBucketName(physicalName: string): void { + public static validateBucketName(physicalName: string, allowLegacyBucketNaming: boolean = false): void { const bucketName = physicalName; if (!bucketName || Token.isUnresolved(bucketName)) { // the name is a late-bound value, not a defined string, @@ -1855,9 +1856,10 @@ export class Bucket extends BucketBase { if (bucketName.length < 3 || bucketName.length > 63) { errors.push('Bucket name must be at least 3 and no more than 63 characters'); } - const charsetMatch = bucketName.match(/[^a-z0-9.-]/); + const charsetRegex = allowLegacyBucketNaming ? /[^a-z0-9._-]/ : /[^a-z0-9.-]/; + const charsetMatch = bucketName.match(charsetRegex); if (charsetMatch) { - errors.push('Bucket name must only contain lowercase characters and the symbols, period (.) and dash (-) ' + errors.push(`Bucket name must only contain lowercase characters and the symbols, period (.)${allowLegacyBucketNaming ? ', underscore (_), ' : ' '}and dash (-) ` + `(offset: ${charsetMatch.index})`); } if (!/[a-z0-9]/.test(bucketName.charAt(0))) { diff --git a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts index 4d97390952ee5..2e048acee3856 100644 --- a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts +++ b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts @@ -150,6 +150,34 @@ describe('bucket', () => { })).not.toThrow(); }); + test('creating bucket with underscore in name throws error', () => { + const stack = new cdk.Stack(); + expect(() => { + new s3.Bucket(stack, 'TestBucket', { bucketName: 'test_bucket_name' }); + }).toThrow(/Bucket name must only contain lowercase characters and the symbols, period \(\.\) and dash \(-\)/); + }); + + test('importing existing bucket with underscore using fromBucketName works with allowLegacyBucketNaming=true', () => { + const stack = new cdk.Stack(); + expect(() => { + s3.Bucket.fromBucketName(stack, 'TestBucket', 'test_bucket_name'); + }).not.toThrow(); + }); + + test('importing existing bucket with underscore using fromBucketAttributes works with allowLegacyBucketNaming=true', () => { + const stack = new cdk.Stack(); + expect(() => { + s3.Bucket.fromBucketAttributes(stack, 'TestBucket', { bucketName: 'test_bucket_name' }); + }).not.toThrow(); + }); + + test('importing existing bucket with underscore using fromBucketArn works with allowLegacyBucketNaming=true', () => { + const stack = new cdk.Stack(); + expect(() => { + s3.Bucket.fromBucketArn(stack, 'TestBucket', 'arn:aws:s3:::test_bucket_name'); + }).not.toThrow(); + }); + test('bucket validation skips tokenized values', () => { const stack = new cdk.Stack(); @@ -175,6 +203,24 @@ describe('bucket', () => { })).toThrow(expectedErrors); }); + test('validateBucketName allows underscore when allowLegacyBucketNaming=true', () => { + expect(() => { + s3.Bucket.validateBucketName('test_bucket_name', true); + }).not.toThrow(); + }); + + test('validateBucketName does not allow underscore when allowLegacyBucketNaming=false', () => { + expect(() => { + s3.Bucket.validateBucketName('test_bucket_name', false); + }).toThrow(/Bucket name must only contain lowercase characters and the symbols, period \(\.\) and dash \(-\)/); + }); + + test('validateBucketName does not allow underscore by default', () => { + expect(() => { + s3.Bucket.validateBucketName('test_bucket_name'); + }).toThrow(/Bucket name must only contain lowercase characters and the symbols, period \(\.\) and dash \(-\)/); + }); + test('fails if bucket name has less than 3 or more than 63 characters', () => { const stack = new cdk.Stack(); From 6425c45f04402b44a7195d509f0d814dbcfb7fa4 Mon Sep 17 00:00:00 2001 From: Mohamed ElAsmar Date: Wed, 26 Jun 2024 07:15:31 -0700 Subject: [PATCH 2/4] rename the stack. --- .../aws-cdk-s3-integ.assets.json | 19 ---- .../aws-cdk-s3-integ.template.json | 102 ------------------ .../integ.json | 2 +- .../manifest.json | 22 ++-- .../tree.json | 26 ++--- .../aws-s3/test/integ.bucket-legacy-naming.ts | 2 +- 6 files changed, 26 insertions(+), 147 deletions(-) delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json deleted file mode 100644 index 1eef02fde9742..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "36.0.0", - "files": { - "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24": { - "source": { - "path": "aws-cdk-s3-integ.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json deleted file mode 100644 index 4ec4d77afcb46..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-integ.template.json +++ /dev/null @@ -1,102 +0,0 @@ -{ - "Resources": { - "LegacyBucketRoleFF9F72AB": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "LegacyBucketRoleDefaultPolicyA9F22E7C": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "s3:*", - "Effect": "Allow", - "Resource": [ - "arn:aws:s3:::my_legacy_bucket2/*", - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":s3:::my_legacy_bucket1/*" - ] - ] - }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":s3:::my_legacy_bucket3/*" - ] - ] - } - ] - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "LegacyBucketRoleDefaultPolicyA9F22E7C", - "Roles": [ - { - "Ref": "LegacyBucketRoleFF9F72AB" - } - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json index 7453c82b70a06..efae270bc704c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/integ.json @@ -3,7 +3,7 @@ "testCases": { "aws-cdk-s3-integ-test/DefaultTest": { "stacks": [ - "aws-cdk-s3-integ" + "aws-cdk-s3-legacy-name-integ" ], "assertionStack": "aws-cdk-s3-integ-test/DefaultTest/DeployAssert", "assertionStackName": "awscdks3integtestDefaultTestDeployAssert9DECDFBF" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json index 410f389492c32..61de53d375dd7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/manifest.json @@ -1,19 +1,19 @@ { "version": "36.0.0", "artifacts": { - "aws-cdk-s3-integ.assets": { + "aws-cdk-s3-legacy-name-integ.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-s3-integ.assets.json", + "file": "aws-cdk-s3-legacy-name-integ.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-s3-integ": { + "aws-cdk-s3-legacy-name-integ": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-s3-integ.template.json", + "templateFile": "aws-cdk-s3-legacy-name-integ.template.json", "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", @@ -22,7 +22,7 @@ "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-s3-integ.assets" + "aws-cdk-s3-legacy-name-integ.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -31,35 +31,35 @@ } }, "dependencies": [ - "aws-cdk-s3-integ.assets" + "aws-cdk-s3-legacy-name-integ.assets" ], "metadata": { - "/aws-cdk-s3-integ/LegacyBucketRole/Resource": [ + "/aws-cdk-s3-legacy-name-integ/LegacyBucketRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "LegacyBucketRoleFF9F72AB" } ], - "/aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy/Resource": [ + "/aws-cdk-s3-legacy-name-integ/LegacyBucketRole/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", "data": "LegacyBucketRoleDefaultPolicyA9F22E7C" } ], - "/aws-cdk-s3-integ/BootstrapVersion": [ + "/aws-cdk-s3-legacy-name-integ/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-s3-integ/CheckBootstrapVersion": [ + "/aws-cdk-s3-legacy-name-integ/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-s3-integ" + "displayName": "aws-cdk-s3-legacy-name-integ" }, "awscdks3integtestDefaultTestDeployAssert9DECDFBF.assets": { "type": "cdk:asset-manifest", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json index d64683a95a299..43458f80f9d51 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/tree.json @@ -4,13 +4,13 @@ "id": "App", "path": "", "children": { - "aws-cdk-s3-integ": { - "id": "aws-cdk-s3-integ", - "path": "aws-cdk-s3-integ", + "aws-cdk-s3-legacy-name-integ": { + "id": "aws-cdk-s3-legacy-name-integ", + "path": "aws-cdk-s3-legacy-name-integ", "children": { "LegacyBucketFromName": { "id": "LegacyBucketFromName", - "path": "aws-cdk-s3-integ/LegacyBucketFromName", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketFromName", "constructInfo": { "fqn": "aws-cdk-lib.aws_s3.BucketBase", "version": "0.0.0" @@ -18,7 +18,7 @@ }, "LegacyBucketFromArn": { "id": "LegacyBucketFromArn", - "path": "aws-cdk-s3-integ/LegacyBucketFromArn", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketFromArn", "constructInfo": { "fqn": "aws-cdk-lib.aws_s3.BucketBase", "version": "0.0.0" @@ -26,7 +26,7 @@ }, "LegacyBucketFromAttributes": { "id": "LegacyBucketFromAttributes", - "path": "aws-cdk-s3-integ/LegacyBucketFromAttributes", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketFromAttributes", "constructInfo": { "fqn": "aws-cdk-lib.aws_s3.BucketBase", "version": "0.0.0" @@ -34,11 +34,11 @@ }, "LegacyBucketRole": { "id": "LegacyBucketRole", - "path": "aws-cdk-s3-integ/LegacyBucketRole", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketRole", "children": { "ImportLegacyBucketRole": { "id": "ImportLegacyBucketRole", - "path": "aws-cdk-s3-integ/LegacyBucketRole/ImportLegacyBucketRole", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketRole/ImportLegacyBucketRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -46,7 +46,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-s3-integ/LegacyBucketRole/Resource", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -71,11 +71,11 @@ }, "DefaultPolicy": { "id": "DefaultPolicy", - "path": "aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketRole/DefaultPolicy", "children": { "Resource": { "id": "Resource", - "path": "aws-cdk-s3-integ/LegacyBucketRole/DefaultPolicy/Resource", + "path": "aws-cdk-s3-legacy-name-integ/LegacyBucketRole/DefaultPolicy/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Policy", "aws:cdk:cloudformation:props": { @@ -142,7 +142,7 @@ }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-s3-integ/BootstrapVersion", + "path": "aws-cdk-s3-legacy-name-integ/BootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" @@ -150,7 +150,7 @@ }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-s3-integ/CheckBootstrapVersion", + "path": "aws-cdk-s3-legacy-name-integ/CheckBootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts index 8a4b6b6470a58..a6967c57a000d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts @@ -5,7 +5,7 @@ import * as s3 from 'aws-cdk-lib/aws-s3'; import * as iam from 'aws-cdk-lib/aws-iam'; const app = new cdk.App(); -const stack = new cdk.Stack(app, 'aws-cdk-s3-integ'); +const stack = new cdk.Stack(app, 'aws-cdk-s3-legacy-name-integ'); const legacyBucketFromName = s3.Bucket.fromBucketName(stack, 'LegacyBucketFromName', 'my_legacy_bucket1'); From 4fef1448cb809df2e6ca2120c36558e54a5d6908 Mon Sep 17 00:00:00 2001 From: Mohamed ElAsmar Date: Wed, 26 Jun 2024 07:43:09 -0700 Subject: [PATCH 3/4] fix build issue. --- .../test/aws-s3/test/integ.bucket-legacy-naming.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts index a6967c57a000d..1bc73452b610d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.ts @@ -27,7 +27,7 @@ role.addToPolicy( `${legacyBucketFromArn.bucketArn}/*`, `${legacyBucketFromAttributes.bucketArn}/*`, ], - }) + }), ); new IntegTest(app, 'aws-cdk-s3-integ-test', { From 05ca86679f38d44346e9f55a30912dd3d7ecac63 Mon Sep 17 00:00:00 2001 From: Mohamed ElAsmar Date: Wed, 26 Jun 2024 10:00:14 -0700 Subject: [PATCH 4/4] adding missing files --- .../aws-cdk-s3-legacy-name-integ.assets.json | 19 ++++ ...aws-cdk-s3-legacy-name-integ.template.json | 102 ++++++++++++++++++ 2 files changed, 121 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.template.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.assets.json new file mode 100644 index 0000000000000..73491dc95a7c1 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24": { + "source": { + "path": "aws-cdk-s3-legacy-name-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "8f6d546b5966575d2c8a9ded4222a8ccfd78518d5f171cc1bb28e98248d31c24.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.template.json new file mode 100644 index 0000000000000..4ec4d77afcb46 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-legacy-naming.js.snapshot/aws-cdk-s3-legacy-name-integ.template.json @@ -0,0 +1,102 @@ +{ + "Resources": { + "LegacyBucketRoleFF9F72AB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "LegacyBucketRoleDefaultPolicyA9F22E7C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::my_legacy_bucket2/*", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket1/*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::my_legacy_bucket3/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LegacyBucketRoleDefaultPolicyA9F22E7C", + "Roles": [ + { + "Ref": "LegacyBucketRoleFF9F72AB" + } + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file