konokenj.cdk-api-mcp-server 0.31.0__py3-none-any.whl → 0.57.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- cdk_api_mcp_server/__about__.py +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-amplify-alpha/README.md +12 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-bedrock-agentcore-alpha/README.md +1979 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-bedrock-alpha/README.md +946 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-eks-v2-alpha/README.md +160 -75
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-elasticache-alpha/README.md +421 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-glue-alpha/README.md +39 -9
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-imagebuilder-alpha/README.md +656 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-iot-alpha/README.md +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-lambda-go-alpha/README.md +102 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-lambda-python-alpha/README.md +6 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-msk-alpha/README.md +38 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-s3tables-alpha/README.md +82 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-sagemaker-alpha/README.md +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/mixins-preview/README.md +182 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/README.md/README.md +367 -17
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/README.md +34 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.api-with-authorizer-and-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.lambda-api.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.lambda-permission-consolidation.ts +55 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.spec-restapi.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/README.md +224 -60
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.api-dualstack.ts +3 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.api.ts +5 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.stage.ts +10 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.usage-plan.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.iam.ts +34 -38
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.lambda.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.user-pool.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/README.md +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.add-subroute-integration.ts +7 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.http-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-connect-disconnect-trigger.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-permission-consolidation.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda.ts +4 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.sqs.ts +58 -71
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.graphql-lambda-permission.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.js-resolver.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-autoscaling/README.md +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-autoscaling/integ.asg-lt.ts +7 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/README.md +49 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/integ.ecs-exec-batch-job.ts +148 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/integ.managed-compute-environment-default-instance-class.ts +20 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-certificatemanager/README.md +11 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-node-18.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-service-timeout.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront/README.md +292 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/README.md +83 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.function-url-origin-ip-address-type.ts +84 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.http-origin.ts +5 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.origin-response-completion-timeout.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudtrail/integ.cloudtrail-data-events-only.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/README.md +104 -12
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.alarm-and-dashboard.ts +12 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.anomaly-detection-alarm.ts +44 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.dashboard-with-graphwidget-with-labels-visible.ts +92 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.dashboard-with-metric-id-and-visible.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.search-expression.ts +51 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/README.md +143 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-docker-server.ts +44 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-attribute-based-compute.ts +59 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-custom-instance-type.ts +130 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-overflow-behavior.ts +61 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-s3-cache.ts +71 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-windows-image.ts +1 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codepipeline-actions/integ.pipeline-elastic-beanstalk-deploy.ts +26 -17
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/README.md +13 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/integ.user-pool-client-explicit-props.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-docdb/README.md +24 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-docdb/integ.cluster-serverless.ts +34 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/README.md +225 -15
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/TABLE_V1_API.md +45 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb-v2.cci.ts +49 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.add-to-resource-policy.ts +97 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.cci.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.compound.ts +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.contirubtor-insights-for-gsi.ts +6 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.policy.ts +21 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2-global.ts +9 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2-mrsc.ts +31 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2.compound.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/README.md +28 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.client-vpn-endpoint-disconnect-on-session-timeout.ts +65 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.vpc-endpoint.lit.ts +6 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.vpc-flow-logs.ts +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/integ.tag-mutability-exclusion.ts +30 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr-assets/README.md +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr-assets/integ.assets-docker.ts +6 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/README.md +189 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.availability-zone-rebalancing.ts +14 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.blue-green-deployment-strategy.ts +147 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.cluster-windows-server-ami.ts +5 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.ebs-volume-initialization-rate.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.enable-execute-command.ts +35 -29
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.exec-command.ts +16 -22
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.lb-awsvpc-nw.ts +26 -16
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-capacity-provider.ts +114 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-no-default-capacity-provider.ts +107 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.placement-strategies.ts +32 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.pseudo-terminal.ts +18 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/README.md +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/integ.alb-fargate-service-public-private-switch.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/integ.alb-fargate-service-smart-defaults.ts +143 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/README.md +103 -83
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-al2023-nodegroup.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-cluster-removal-policy.ts +31 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.fargate-cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +55 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb-lambda-multi-value-headers.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb-target-group-attributes.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb.oidc.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.nlb-target-group-attributes.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.nlb.security-group.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2-actions/integ.cognito.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.api-destination.ts +42 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.archive-customer-managed-key.ts +23 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.eventbus.ts +13 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/README.md +93 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/integ.firehose-delivery-stream.ts +51 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.custom-permissions-boundary-aspect.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.managed-policy.ts +9 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.policy.ts +9 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/README.md +42 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/integ.stream-shard-level-monitoring.ts +47 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/README.md +159 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.cloudwatch-logs-processors.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.record-format-conversion-schema.ts +154 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.record-format-conversion.ts +178 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.s3-bucket.lit.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.binary-payload.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.lambda-policy-with-token-resolution.ts +46 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.logging-config.ts +8 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.multi-tenancy.ts +24 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.params-and-secrets.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime-management.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime.fromasset.ts +19 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime.inlinecode.ts +11 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/README.md +3 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.dependencies-bun-lock.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.dependencies-pnpm.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.function-exclude-smithy-models.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.nodejs.build.images.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/README.md +69 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.loggroup-transformer.ts +37 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.metricfilter-apply-on-transformed-logs.ts +29 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.save-logs-insights-query-definition.ts +7 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.subscriptionfilter.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.transformer.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-opensearchservice/integ.opensearch.ebs.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-opensearchservice/integ.opensearch.min.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/README.md +72 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-cloudwatch-logs-exports.ts +56 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-data-api-to-imported-cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-data-api.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-lookup.ts +100 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.instance-database-insights.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.instance-lookup.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.proxy-endpoint.ts +36 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/README.md +68 -31
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.delete-existing-record-set.ts +0 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.private-hosted-zone-from-attributes.ts +41 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.route53.ts +51 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.zone-delegation-iam-stack.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53-targets/integ.cloudfront-alias-target.ts +16 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53-targets/integ.elastic-beanstalk-hostedzoneid.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3/integ.bucket.notifications-scoped-permissions.ts +71 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-assets/integ.assets.bundling.docker-opts.ts +4 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/README.md +83 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-big-response.ts +17 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cloudfront.ts +20 -18
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-nested-stack-source.ts +64 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-stack-source.ts +53 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-stack-ssm-source.ts +97 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-data.ts +99 -59
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-deployed-bucket.ts +10 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-large-file.ts +23 -12
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-loggroup.ts +7 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-efs.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-empty.ts +69 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-multiple.ts +89 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-single.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-signcontent.ts +11 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution-with-destination-key.ts +15 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution-with-role.ts +29 -14
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution.ts +16 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-basic.ts +65 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-config.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-custom-subnets.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-efs.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-security-groups.ts +72 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-subnet-selection.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment.ts +47 -69
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-notifications/integ.bucket-notifications.ts +80 -42
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-secretsmanager/integ.secret.dynamic-reference-key.ts +38 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-signer/integ.signing-profile.ts +5 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns/README.md +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns-subscriptions/integ.sns-sqs-subscription-filter.ts +75 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns-subscriptions/integ.sns-sqs.ts +21 -40
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.distributed-map-parallel.ts +82 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.distributed-map-redrive.ts +130 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.map-with-catch.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.sm-jsonpath-with-distributed-map-jsonata.ts +105 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/README.md +75 -5
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.call-aws-service-cross-region-lambda.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.emr-create-cluster-with-ebs.ts +126 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-arm64.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-default.ts +25 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-mixed-arch.ts +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-nodejs22.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-x86.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.invoke-json-path.ts +102 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/README.md +84 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-browser-type.ts +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-resources-to-replicate-tags.ts +36 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-retry.ts +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-runtime-validation.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary.ts +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cloudformation-include/integ.novalue-nonstring.ts +25 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/core/README.md +2 -1870
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/README.md +59 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.aws-custom-resource.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.custom-resource-config-lambda-node-runtime.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.external-id.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.invoke-function-payload.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cx-api/FEATURE_FLAGS.md +152 -10
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cx-api/README.md +55 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/interfaces/README.md +33 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/README.md +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/integ.newpipeline-reduce-stagerole-scope.ts +4 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/integ.pipeline-with-customsynthesizer.ts +105 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/METADATA +2 -2
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/RECORD +240 -151
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/integ.kinesis-firehose-stream.ts +0 -33
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.expose-metric-with-dimensions.ts +0 -47
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-signcontent.d.ts +0 -1
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/WHEEL +0 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/entry_points.txt +0 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/licenses/LICENSE.txt +0 -0
|
@@ -69,12 +69,12 @@ This example defines an Amazon EKS cluster with the following configuration:
|
|
|
69
69
|
* A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image.
|
|
70
70
|
|
|
71
71
|
```ts
|
|
72
|
-
import {
|
|
72
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
73
73
|
|
|
74
74
|
// provisioning a cluster
|
|
75
75
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
76
|
-
version: eks.KubernetesVersion.
|
|
77
|
-
kubectlLayer: new
|
|
76
|
+
version: eks.KubernetesVersion.V1_34,
|
|
77
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
78
78
|
});
|
|
79
79
|
|
|
80
80
|
// apply a kubernetes manifest to the cluster
|
|
@@ -139,22 +139,42 @@ A more detailed breakdown of each is provided further down this README.
|
|
|
139
139
|
Creating a new cluster is done using the `Cluster` or `FargateCluster` constructs. The only required properties are the kubernetes `version` and `kubectlLayer`.
|
|
140
140
|
|
|
141
141
|
```ts
|
|
142
|
-
import {
|
|
142
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
143
143
|
|
|
144
144
|
new eks.Cluster(this, 'HelloEKS', {
|
|
145
|
-
version: eks.KubernetesVersion.
|
|
146
|
-
kubectlLayer: new
|
|
145
|
+
version: eks.KubernetesVersion.V1_34,
|
|
146
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
147
|
+
});
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
You can control what happens to the resources created by the cluster construct when they are no longer managed by CloudFormation by specifying a `removalPolicy`.
|
|
151
|
+
|
|
152
|
+
This can happen in one of three situations:
|
|
153
|
+
- The resource is removed from the template, so CloudFormation stops managing it;
|
|
154
|
+
- A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it;
|
|
155
|
+
- The stack is deleted, so CloudFormation stops managing all resources in it.
|
|
156
|
+
|
|
157
|
+
This affects the EKS cluster itself, the custom resource that created the cluster, associated IAM roles, node groups, security groups, VPC and any other CloudFormation resources managed by this construct.
|
|
158
|
+
|
|
159
|
+
```ts
|
|
160
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
161
|
+
import * as core from 'aws-cdk-lib/core';
|
|
162
|
+
|
|
163
|
+
new eks.Cluster(this, 'HelloEKS', {
|
|
164
|
+
version: eks.KubernetesVersion.V1_34,
|
|
165
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
166
|
+
removalPolicy: core.RemovalPolicy.RETAIN, // Keep all resources created by the construct.
|
|
147
167
|
});
|
|
148
168
|
```
|
|
149
169
|
|
|
150
170
|
You can also use `FargateCluster` to provision a cluster that uses only fargate workers.
|
|
151
171
|
|
|
152
172
|
```ts
|
|
153
|
-
import {
|
|
173
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
154
174
|
|
|
155
175
|
new eks.FargateCluster(this, 'HelloEKS', {
|
|
156
|
-
version: eks.KubernetesVersion.
|
|
157
|
-
kubectlLayer: new
|
|
176
|
+
version: eks.KubernetesVersion.V1_34,
|
|
177
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
158
178
|
});
|
|
159
179
|
```
|
|
160
180
|
|
|
@@ -177,13 +197,13 @@ By default, this library will allocate a managed node group with 2 *m5.large* in
|
|
|
177
197
|
At cluster instantiation time, you can customize the number of instances and their type:
|
|
178
198
|
|
|
179
199
|
```ts
|
|
180
|
-
import {
|
|
200
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
181
201
|
|
|
182
202
|
new eks.Cluster(this, 'HelloEKS', {
|
|
183
|
-
version: eks.KubernetesVersion.
|
|
203
|
+
version: eks.KubernetesVersion.V1_34,
|
|
184
204
|
defaultCapacity: 5,
|
|
185
205
|
defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL),
|
|
186
|
-
kubectlLayer: new
|
|
206
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
187
207
|
});
|
|
188
208
|
```
|
|
189
209
|
|
|
@@ -192,12 +212,12 @@ To access the node group that was created on your behalf, you can use `cluster.d
|
|
|
192
212
|
Additional customizations are available post instantiation. To apply them, set the default capacity to 0, and use the `cluster.addNodegroupCapacity` method:
|
|
193
213
|
|
|
194
214
|
```ts
|
|
195
|
-
import {
|
|
215
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
196
216
|
|
|
197
217
|
const cluster = new eks.Cluster(this, 'HelloEKS', {
|
|
198
|
-
version: eks.KubernetesVersion.
|
|
218
|
+
version: eks.KubernetesVersion.V1_34,
|
|
199
219
|
defaultCapacity: 0,
|
|
200
|
-
kubectlLayer: new
|
|
220
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
201
221
|
});
|
|
202
222
|
|
|
203
223
|
cluster.addNodegroupCapacity('custom-node-group', {
|
|
@@ -273,7 +293,7 @@ Node groups are available with IPv6 configured networks. For custom roles assig
|
|
|
273
293
|
> For more details visit [Configuring the Amazon VPC CNI plugin for Kubernetes to use IAM roles for service accounts](https://docs.aws.amazon.com/eks/latest/userguide/cni-iam-role.html#cni-iam-role-create-role)
|
|
274
294
|
|
|
275
295
|
```ts
|
|
276
|
-
import {
|
|
296
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
277
297
|
|
|
278
298
|
const ipv6Management = new iam.PolicyDocument({
|
|
279
299
|
statements: [new iam.PolicyStatement({
|
|
@@ -299,9 +319,9 @@ const eksClusterNodeGroupRole = new iam.Role(this, 'eksClusterNodeGroupRole', {
|
|
|
299
319
|
});
|
|
300
320
|
|
|
301
321
|
const cluster = new eks.Cluster(this, 'HelloEKS', {
|
|
302
|
-
version: eks.KubernetesVersion.
|
|
322
|
+
version: eks.KubernetesVersion.V1_34,
|
|
303
323
|
defaultCapacity: 0,
|
|
304
|
-
kubectlLayer: new
|
|
324
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
305
325
|
});
|
|
306
326
|
|
|
307
327
|
cluster.addNodegroupCapacity('custom-node-group', {
|
|
@@ -413,12 +433,12 @@ has been changed. As a workaround, you need to add a temporary policy to the clu
|
|
|
413
433
|
successful replacement. Consider this example if you are renaming the cluster from `foo` to `bar`:
|
|
414
434
|
|
|
415
435
|
```ts
|
|
416
|
-
import {
|
|
436
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
417
437
|
|
|
418
438
|
const cluster = new eks.Cluster(this, 'cluster-to-rename', {
|
|
419
439
|
clusterName: 'foo', // rename this to 'bar'
|
|
420
|
-
kubectlLayer: new
|
|
421
|
-
version: eks.KubernetesVersion.
|
|
440
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
441
|
+
version: eks.KubernetesVersion.V1_34,
|
|
422
442
|
});
|
|
423
443
|
|
|
424
444
|
// allow the cluster admin role to delete the cluster 'foo'
|
|
@@ -471,11 +491,11 @@ To create an EKS cluster that **only** uses Fargate capacity, you can use `Farga
|
|
|
471
491
|
The following code defines an Amazon EKS cluster with a default Fargate Profile that matches all pods from the "kube-system" and "default" namespaces. It is also configured to [run CoreDNS on Fargate](https://docs.aws.amazon.com/eks/latest/userguide/fargate-getting-started.html#fargate-gs-coredns).
|
|
472
492
|
|
|
473
493
|
```ts
|
|
474
|
-
import {
|
|
494
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
475
495
|
|
|
476
496
|
const cluster = new eks.FargateCluster(this, 'MyCluster', {
|
|
477
|
-
version: eks.KubernetesVersion.
|
|
478
|
-
kubectlLayer: new
|
|
497
|
+
version: eks.KubernetesVersion.V1_34,
|
|
498
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
479
499
|
});
|
|
480
500
|
```
|
|
481
501
|
|
|
@@ -551,12 +571,12 @@ To disable bootstrapping altogether (i.e. to fully customize user-data), set `bo
|
|
|
551
571
|
You can also configure the cluster to use an auto-scaling group as the default capacity:
|
|
552
572
|
|
|
553
573
|
```ts
|
|
554
|
-
import {
|
|
574
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
555
575
|
|
|
556
576
|
const cluster = new eks.Cluster(this, 'HelloEKS', {
|
|
557
|
-
version: eks.KubernetesVersion.
|
|
577
|
+
version: eks.KubernetesVersion.V1_34,
|
|
558
578
|
defaultCapacityType: eks.DefaultCapacityType.EC2,
|
|
559
|
-
kubectlLayer: new
|
|
579
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
560
580
|
});
|
|
561
581
|
```
|
|
562
582
|
|
|
@@ -658,12 +678,12 @@ AWS Identity and Access Management (IAM) and native Kubernetes [Role Based Acces
|
|
|
658
678
|
You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) by using the `endpointAccess` property:
|
|
659
679
|
|
|
660
680
|
```ts
|
|
661
|
-
import {
|
|
681
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
662
682
|
|
|
663
683
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
664
|
-
version: eks.KubernetesVersion.
|
|
684
|
+
version: eks.KubernetesVersion.V1_34,
|
|
665
685
|
endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC.
|
|
666
|
-
kubectlLayer: new
|
|
686
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
667
687
|
});
|
|
668
688
|
```
|
|
669
689
|
|
|
@@ -683,31 +703,31 @@ From the docs:
|
|
|
683
703
|
To deploy the controller on your EKS cluster, configure the `albController` property:
|
|
684
704
|
|
|
685
705
|
```ts
|
|
686
|
-
import {
|
|
706
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
687
707
|
|
|
688
708
|
new eks.Cluster(this, 'HelloEKS', {
|
|
689
|
-
version: eks.KubernetesVersion.
|
|
709
|
+
version: eks.KubernetesVersion.V1_34,
|
|
690
710
|
albController: {
|
|
691
711
|
version: eks.AlbControllerVersion.V2_8_2,
|
|
692
712
|
},
|
|
693
|
-
kubectlLayer: new
|
|
713
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
694
714
|
});
|
|
695
715
|
```
|
|
696
716
|
|
|
697
717
|
To provide additional Helm chart values supported by `albController` in CDK, use the `additionalHelmChartValues` property. For example, the following code snippet shows how to set the `enableWafV2` flag:
|
|
698
718
|
|
|
699
719
|
```ts
|
|
700
|
-
import {
|
|
720
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
701
721
|
|
|
702
722
|
new eks.Cluster(this, 'HelloEKS', {
|
|
703
|
-
version: eks.KubernetesVersion.
|
|
723
|
+
version: eks.KubernetesVersion.V1_34,
|
|
704
724
|
albController: {
|
|
705
725
|
version: eks.AlbControllerVersion.V2_8_2,
|
|
706
726
|
additionalHelmChartValues: {
|
|
707
727
|
enableWafv2: false
|
|
708
728
|
}
|
|
709
729
|
},
|
|
710
|
-
kubectlLayer: new
|
|
730
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
711
731
|
});
|
|
712
732
|
```
|
|
713
733
|
|
|
@@ -744,15 +764,15 @@ if (cluster.albController) {
|
|
|
744
764
|
You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properties:
|
|
745
765
|
|
|
746
766
|
```ts
|
|
747
|
-
import {
|
|
767
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
748
768
|
|
|
749
769
|
declare const vpc: ec2.Vpc;
|
|
750
770
|
|
|
751
771
|
new eks.Cluster(this, 'HelloEKS', {
|
|
752
|
-
version: eks.KubernetesVersion.
|
|
772
|
+
version: eks.KubernetesVersion.V1_34,
|
|
753
773
|
vpc,
|
|
754
774
|
vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS }],
|
|
755
|
-
kubectlLayer: new
|
|
775
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
756
776
|
});
|
|
757
777
|
```
|
|
758
778
|
|
|
@@ -795,11 +815,11 @@ The `ClusterHandler` is a set of Lambda functions (`onEventHandler`, `isComplete
|
|
|
795
815
|
You can configure the environment of the Cluster Handler functions by specifying it at cluster instantiation. For example, this can be useful in order to configure an http proxy:
|
|
796
816
|
|
|
797
817
|
```ts
|
|
798
|
-
import {
|
|
818
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
799
819
|
|
|
800
820
|
declare const proxyInstanceSecurityGroup: ec2.SecurityGroup;
|
|
801
821
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
802
|
-
version: eks.KubernetesVersion.
|
|
822
|
+
version: eks.KubernetesVersion.V1_34,
|
|
803
823
|
clusterHandlerEnvironment: {
|
|
804
824
|
https_proxy: 'http://proxy.myproxy.com',
|
|
805
825
|
},
|
|
@@ -808,7 +828,7 @@ const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
|
808
828
|
* Cluster Handler Lambdas so that it can reach the proxy.
|
|
809
829
|
*/
|
|
810
830
|
clusterHandlerSecurityGroup: proxyInstanceSecurityGroup,
|
|
811
|
-
kubectlLayer: new
|
|
831
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
812
832
|
});
|
|
813
833
|
```
|
|
814
834
|
|
|
@@ -817,7 +837,7 @@ const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
|
817
837
|
You can optionally choose to configure your cluster to use IPv6 using the [`ipFamily`](https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-ipFamily) definition for your cluster. Note that this will require the underlying subnets to have an associated IPv6 CIDR.
|
|
818
838
|
|
|
819
839
|
```ts
|
|
820
|
-
import {
|
|
840
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
821
841
|
declare const vpc: ec2.Vpc;
|
|
822
842
|
|
|
823
843
|
function associateSubnetWithV6Cidr(vpc: ec2.Vpc, count: number, subnet: ec2.ISubnet) {
|
|
@@ -843,11 +863,11 @@ for (let subnet of subnets) {
|
|
|
843
863
|
}
|
|
844
864
|
|
|
845
865
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
846
|
-
version: eks.KubernetesVersion.
|
|
866
|
+
version: eks.KubernetesVersion.V1_34,
|
|
847
867
|
vpc: vpc,
|
|
848
868
|
ipFamily: eks.IpFamily.IP_V6,
|
|
849
869
|
vpcSubnets: [{ subnets: vpc.publicSubnets }],
|
|
850
|
-
kubectlLayer: new
|
|
870
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
851
871
|
});
|
|
852
872
|
```
|
|
853
873
|
|
|
@@ -878,14 +898,14 @@ const cluster = eks.Cluster.fromClusterAttributes(this, 'Cluster', {
|
|
|
878
898
|
You can configure the environment of this function by specifying it at cluster instantiation. For example, this can be useful in order to configure an http proxy:
|
|
879
899
|
|
|
880
900
|
```ts
|
|
881
|
-
import {
|
|
901
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
882
902
|
|
|
883
903
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
884
|
-
version: eks.KubernetesVersion.
|
|
904
|
+
version: eks.KubernetesVersion.V1_34,
|
|
885
905
|
kubectlEnvironment: {
|
|
886
906
|
'http_proxy': 'http://proxy.myproxy.com',
|
|
887
907
|
},
|
|
888
|
-
kubectlLayer: new
|
|
908
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
889
909
|
});
|
|
890
910
|
```
|
|
891
911
|
|
|
@@ -902,11 +922,11 @@ Depending on which version of kubernetes you're targeting, you will need to use
|
|
|
902
922
|
the `@aws-cdk/lambda-layer-kubectl-vXY` packages.
|
|
903
923
|
|
|
904
924
|
```ts
|
|
905
|
-
import {
|
|
925
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
906
926
|
|
|
907
927
|
const cluster = new eks.Cluster(this, 'hello-eks', {
|
|
908
|
-
version: eks.KubernetesVersion.
|
|
909
|
-
kubectlLayer: new
|
|
928
|
+
version: eks.KubernetesVersion.V1_34,
|
|
929
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
910
930
|
});
|
|
911
931
|
```
|
|
912
932
|
|
|
@@ -941,7 +961,7 @@ const cluster1 = new eks.Cluster(this, 'MyCluster', {
|
|
|
941
961
|
kubectlLayer: layer,
|
|
942
962
|
vpc,
|
|
943
963
|
clusterName: 'cluster-name',
|
|
944
|
-
version: eks.KubernetesVersion.
|
|
964
|
+
version: eks.KubernetesVersion.V1_34,
|
|
945
965
|
});
|
|
946
966
|
|
|
947
967
|
// or
|
|
@@ -957,12 +977,12 @@ const cluster2 = eks.Cluster.fromClusterAttributes(this, 'MyCluster', {
|
|
|
957
977
|
By default, the kubectl provider is configured with 1024MiB of memory. You can use the `kubectlMemory` option to specify the memory size for the AWS Lambda function:
|
|
958
978
|
|
|
959
979
|
```ts
|
|
960
|
-
import {
|
|
980
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
961
981
|
|
|
962
982
|
new eks.Cluster(this, 'MyCluster', {
|
|
963
983
|
kubectlMemory: Size.gibibytes(4),
|
|
964
|
-
version: eks.KubernetesVersion.
|
|
965
|
-
kubectlLayer: new
|
|
984
|
+
version: eks.KubernetesVersion.V1_34,
|
|
985
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
966
986
|
});
|
|
967
987
|
|
|
968
988
|
// or
|
|
@@ -999,13 +1019,13 @@ cluster.addAutoScalingGroupCapacity('self-ng-arm', {
|
|
|
999
1019
|
When you create a cluster, you can specify a `mastersRole`. The `Cluster` construct will associate this role with the `system:masters` [RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) group, giving it super-user access to the cluster.
|
|
1000
1020
|
|
|
1001
1021
|
```ts
|
|
1002
|
-
import {
|
|
1022
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1003
1023
|
|
|
1004
1024
|
declare const role: iam.Role;
|
|
1005
1025
|
new eks.Cluster(this, 'HelloEKS', {
|
|
1006
|
-
version: eks.KubernetesVersion.
|
|
1026
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1007
1027
|
mastersRole: role,
|
|
1008
|
-
kubectlLayer: new
|
|
1028
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
1009
1029
|
});
|
|
1010
1030
|
```
|
|
1011
1031
|
|
|
@@ -1051,26 +1071,26 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u
|
|
|
1051
1071
|
> This setting can only be specified when the cluster is created and cannot be updated.
|
|
1052
1072
|
|
|
1053
1073
|
```ts
|
|
1054
|
-
import {
|
|
1074
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1055
1075
|
|
|
1056
1076
|
const secretsKey = new kms.Key(this, 'SecretsKey');
|
|
1057
1077
|
const cluster = new eks.Cluster(this, 'MyCluster', {
|
|
1058
1078
|
secretsEncryptionKey: secretsKey,
|
|
1059
|
-
version: eks.KubernetesVersion.
|
|
1060
|
-
kubectlLayer: new
|
|
1079
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1080
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
1061
1081
|
});
|
|
1062
1082
|
```
|
|
1063
1083
|
|
|
1064
1084
|
You can also use a similar configuration for running a cluster built using the FargateCluster construct.
|
|
1065
1085
|
|
|
1066
1086
|
```ts
|
|
1067
|
-
import {
|
|
1087
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1068
1088
|
|
|
1069
1089
|
const secretsKey = new kms.Key(this, 'SecretsKey');
|
|
1070
1090
|
const cluster = new eks.FargateCluster(this, 'MyFargateCluster', {
|
|
1071
1091
|
secretsEncryptionKey: secretsKey,
|
|
1072
|
-
version: eks.KubernetesVersion.
|
|
1073
|
-
kubectlLayer: new
|
|
1092
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1093
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
1074
1094
|
});
|
|
1075
1095
|
```
|
|
1076
1096
|
|
|
@@ -1088,11 +1108,11 @@ When you create an Amazon EKS cluster, you can configure it to leverage the [EKS
|
|
|
1088
1108
|
Once you have identified the on-premises node and pod (optional) CIDRs you will use for your hybrid nodes and the workloads running on them, you can specify them during cluster creation using the `remoteNodeNetworks` and `remotePodNetworks` (optional) properties:
|
|
1089
1109
|
|
|
1090
1110
|
```ts
|
|
1091
|
-
import {
|
|
1111
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1092
1112
|
|
|
1093
1113
|
new eks.Cluster(this, 'Cluster', {
|
|
1094
|
-
version: eks.KubernetesVersion.
|
|
1095
|
-
kubectlLayer: new
|
|
1114
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1115
|
+
kubectlLayer: new KubectlV34Layer(this, 'KubectlLayer'),
|
|
1096
1116
|
remoteNodeNetworks: [
|
|
1097
1117
|
{
|
|
1098
1118
|
cidrs: ['10.0.0.0/16'],
|
|
@@ -1145,7 +1165,7 @@ To access the Kubernetes resources from the console, make sure your viewing prin
|
|
|
1145
1165
|
in the `aws-auth` ConfigMap. Some options to consider:
|
|
1146
1166
|
|
|
1147
1167
|
```ts
|
|
1148
|
-
import {
|
|
1168
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1149
1169
|
declare const cluster: eks.Cluster;
|
|
1150
1170
|
declare const your_current_role: iam.Role;
|
|
1151
1171
|
declare const vpc: ec2.Vpc;
|
|
@@ -1165,7 +1185,7 @@ your_current_role.addToPolicy(new iam.PolicyStatement({
|
|
|
1165
1185
|
|
|
1166
1186
|
```ts
|
|
1167
1187
|
// Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console.
|
|
1168
|
-
import {
|
|
1188
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1169
1189
|
declare const vpc: ec2.Vpc;
|
|
1170
1190
|
|
|
1171
1191
|
|
|
@@ -1175,8 +1195,8 @@ const mastersRole = new iam.Role(this, 'MastersRole', {
|
|
|
1175
1195
|
|
|
1176
1196
|
const cluster = new eks.Cluster(this, 'EksCluster', {
|
|
1177
1197
|
vpc,
|
|
1178
|
-
version: eks.KubernetesVersion.
|
|
1179
|
-
kubectlLayer: new
|
|
1198
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1199
|
+
kubectlLayer: new KubectlV34Layer(this, 'KubectlLayer'),
|
|
1180
1200
|
mastersRole,
|
|
1181
1201
|
});
|
|
1182
1202
|
|
|
@@ -1220,13 +1240,13 @@ AWS IAM principals from both Amazon EKS access entry APIs and the aws-auth confi
|
|
|
1220
1240
|
To specify the `authenticationMode`:
|
|
1221
1241
|
|
|
1222
1242
|
```ts
|
|
1223
|
-
import {
|
|
1243
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1224
1244
|
declare const vpc: ec2.Vpc;
|
|
1225
1245
|
|
|
1226
1246
|
new eks.Cluster(this, 'Cluster', {
|
|
1227
1247
|
vpc,
|
|
1228
|
-
version: eks.KubernetesVersion.
|
|
1229
|
-
kubectlLayer: new
|
|
1248
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1249
|
+
kubectlLayer: new KubectlV34Layer(this, 'KubectlLayer'),
|
|
1230
1250
|
authenticationMode: eks.AuthenticationMode.API_AND_CONFIG_MAP,
|
|
1231
1251
|
});
|
|
1232
1252
|
```
|
|
@@ -1271,7 +1291,7 @@ eks.AccessPolicy.fromAccessPolicyName('AmazonEKSAdminPolicy', {
|
|
|
1271
1291
|
Use `grantAccess()` to grant the AccessPolicy to an IAM principal:
|
|
1272
1292
|
|
|
1273
1293
|
```ts
|
|
1274
|
-
import {
|
|
1294
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1275
1295
|
declare const vpc: ec2.Vpc;
|
|
1276
1296
|
|
|
1277
1297
|
const clusterAdminRole = new iam.Role(this, 'ClusterAdminRole', {
|
|
@@ -1289,8 +1309,8 @@ const eksAdminViewRole = new iam.Role(this, 'EKSAdminViewRole', {
|
|
|
1289
1309
|
const cluster = new eks.Cluster(this, 'Cluster', {
|
|
1290
1310
|
vpc,
|
|
1291
1311
|
mastersRole: clusterAdminRole,
|
|
1292
|
-
version: eks.KubernetesVersion.
|
|
1293
|
-
kubectlLayer: new
|
|
1312
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1313
|
+
kubectlLayer: new KubectlV34Layer(this, 'KubectlLayer'),
|
|
1294
1314
|
authenticationMode: eks.AuthenticationMode.API_AND_CONFIG_MAP,
|
|
1295
1315
|
});
|
|
1296
1316
|
|
|
@@ -1622,12 +1642,12 @@ Pruning is enabled by default but can be disabled through the `prune` option
|
|
|
1622
1642
|
when a cluster is defined:
|
|
1623
1643
|
|
|
1624
1644
|
```ts
|
|
1625
|
-
import {
|
|
1645
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
1626
1646
|
|
|
1627
1647
|
new eks.Cluster(this, 'MyCluster', {
|
|
1628
|
-
version: eks.KubernetesVersion.
|
|
1648
|
+
version: eks.KubernetesVersion.V1_34,
|
|
1629
1649
|
prune: false,
|
|
1630
|
-
kubectlLayer: new
|
|
1650
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
1631
1651
|
});
|
|
1632
1652
|
```
|
|
1633
1653
|
|
|
@@ -2030,17 +2050,17 @@ You can enable logging for each one separately using the `clusterLogging`
|
|
|
2030
2050
|
property. For example:
|
|
2031
2051
|
|
|
2032
2052
|
```ts
|
|
2033
|
-
import {
|
|
2053
|
+
import { KubectlV34Layer } from '@aws-cdk/lambda-layer-kubectl-v34';
|
|
2034
2054
|
|
|
2035
2055
|
const cluster = new eks.Cluster(this, 'Cluster', {
|
|
2036
2056
|
// ...
|
|
2037
|
-
version: eks.KubernetesVersion.
|
|
2057
|
+
version: eks.KubernetesVersion.V1_34,
|
|
2038
2058
|
clusterLogging: [
|
|
2039
2059
|
eks.ClusterLoggingTypes.API,
|
|
2040
2060
|
eks.ClusterLoggingTypes.AUTHENTICATOR,
|
|
2041
2061
|
eks.ClusterLoggingTypes.SCHEDULER,
|
|
2042
2062
|
],
|
|
2043
|
-
kubectlLayer: new
|
|
2063
|
+
kubectlLayer: new KubectlV34Layer(this, 'kubectl'),
|
|
2044
2064
|
});
|
|
2045
2065
|
```
|
|
2046
2066
|
|
cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-al2023-nodegroup.ts
CHANGED
|
@@ -27,7 +27,7 @@ class EksClusterStack extends Stack {
|
|
|
27
27
|
vpc: this.vpc,
|
|
28
28
|
mastersRole,
|
|
29
29
|
defaultCapacity: 0,
|
|
30
|
-
...getClusterVersionConfig(this, eks.KubernetesVersion.
|
|
30
|
+
...getClusterVersionConfig(this, eks.KubernetesVersion.V1_34),
|
|
31
31
|
});
|
|
32
32
|
|
|
33
33
|
// create nodegroup with AL2023_X86_64_STANDARD
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/// !cdk-integ pragma:disable-update-workflow
|
|
2
|
+
import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib';
|
|
3
|
+
import * as integ from '@aws-cdk/integ-tests-alpha';
|
|
4
|
+
import { getClusterVersionConfig } from './integ-tests-kubernetes-version';
|
|
5
|
+
import * as eks from 'aws-cdk-lib/aws-eks';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* This test just checks that all resources can be deployed with a removal policy.
|
|
9
|
+
* We use the DESTROY policy here to avoid leaving orphaned resources behind, but if it works for DESTROY, it should work for other values as well.
|
|
10
|
+
*/
|
|
11
|
+
class EksClusterRemovalPolicyStack extends Stack {
|
|
12
|
+
constructor(scope: App, id: string, props?: StackProps) {
|
|
13
|
+
super(scope, id, props);
|
|
14
|
+
|
|
15
|
+
new eks.Cluster(this, 'Cluster', {
|
|
16
|
+
...getClusterVersionConfig(this, eks.KubernetesVersion.V1_32),
|
|
17
|
+
removalPolicy: RemovalPolicy.DESTROY,
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
const app = new App();
|
|
23
|
+
|
|
24
|
+
const stack = new EksClusterRemovalPolicyStack(app, 'EksClusterRemovalPolicyStack');
|
|
25
|
+
|
|
26
|
+
new integ.IntegTest(app, 'eks-cluster-removal-policy-integ', {
|
|
27
|
+
testCases: [stack],
|
|
28
|
+
diffAssets: false,
|
|
29
|
+
});
|
|
30
|
+
|
|
31
|
+
app.synth();
|
cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.fargate-cluster.ts
CHANGED
|
@@ -17,7 +17,7 @@ class EksFargateClusterStack extends Stack {
|
|
|
17
17
|
this.node.setContext(EC2_RESTRICT_DEFAULT_SECURITY_GROUP, false);
|
|
18
18
|
this.vpc = props?.vpc ?? this.createDummyVpc();
|
|
19
19
|
new eks.FargateCluster(this, 'FargateCluster', {
|
|
20
|
-
...getClusterVersionConfig(this, eks.KubernetesVersion.
|
|
20
|
+
...getClusterVersionConfig(this, eks.KubernetesVersion.V1_34),
|
|
21
21
|
prune: false,
|
|
22
22
|
authenticationMode: props?.authMode,
|
|
23
23
|
vpc: this.vpc,
|
cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/README.md
CHANGED
|
@@ -338,17 +338,13 @@ Balancers:
|
|
|
338
338
|
```ts
|
|
339
339
|
declare const vpc: ec2.Vpc;
|
|
340
340
|
declare const asg: autoscaling.AutoScalingGroup;
|
|
341
|
-
declare const sg1: ec2.ISecurityGroup;
|
|
342
|
-
declare const sg2: ec2.ISecurityGroup;
|
|
343
341
|
|
|
344
342
|
// Create the load balancer in a VPC. 'internetFacing' is 'false'
|
|
345
343
|
// by default, which creates an internal load balancer.
|
|
346
344
|
const lb = new elbv2.NetworkLoadBalancer(this, 'LB', {
|
|
347
345
|
vpc,
|
|
348
346
|
internetFacing: true,
|
|
349
|
-
securityGroups: [sg1],
|
|
350
347
|
});
|
|
351
|
-
lb.addSecurityGroup(sg2);
|
|
352
348
|
|
|
353
349
|
// Add a listener on a particular port.
|
|
354
350
|
const listener = lb.addListener('Listener', {
|
|
@@ -362,6 +358,40 @@ listener.addTargets('AppFleet', {
|
|
|
362
358
|
});
|
|
363
359
|
```
|
|
364
360
|
|
|
361
|
+
### Security Groups for Network Load Balancer
|
|
362
|
+
|
|
363
|
+
By default, Network Load Balancers (NLB) have a security group associated with them.
|
|
364
|
+
This is controlled by the feature flag `@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault`.
|
|
365
|
+
When this flag is enabled (the default for new projects), a security group will be automatically created and attached to the NLB unless you explicitly provide your own security groups via the `securityGroups` property.
|
|
366
|
+
|
|
367
|
+
If you wish to create an NLB without any security groups, you can set the `disableSecurityGroups` property to `true`. When this property is set, no security group will be associated with the NLB, regardless of the feature flag.
|
|
368
|
+
|
|
369
|
+
```ts
|
|
370
|
+
declare const vpc: ec2.IVpc;
|
|
371
|
+
|
|
372
|
+
const nlb = new elbv2.NetworkLoadBalancer(this, 'LB', {
|
|
373
|
+
vpc,
|
|
374
|
+
// To disable security groups for this NLB
|
|
375
|
+
disableSecurityGroups: true,
|
|
376
|
+
});
|
|
377
|
+
```
|
|
378
|
+
|
|
379
|
+
If you want to use your own security groups, provide them via the `securityGroups` property:
|
|
380
|
+
|
|
381
|
+
```ts
|
|
382
|
+
declare const vpc: ec2.IVpc;
|
|
383
|
+
declare const sg1: ec2.ISecurityGroup;
|
|
384
|
+
declare const sg2: ec2.ISecurityGroup;
|
|
385
|
+
|
|
386
|
+
const nlb = new elbv2.NetworkLoadBalancer(this, 'LB', {
|
|
387
|
+
vpc,
|
|
388
|
+
// Provide your own security groups
|
|
389
|
+
securityGroups: [sg1],
|
|
390
|
+
});
|
|
391
|
+
// Add another security group to the NLB
|
|
392
|
+
nlb.addSecurityGroup(sg2);
|
|
393
|
+
```
|
|
394
|
+
|
|
365
395
|
### Enforce security group inbound rules on PrivateLink traffic for a Network Load Balancer
|
|
366
396
|
|
|
367
397
|
You can indicate whether to evaluate inbound security group rules for traffic
|
|
@@ -746,6 +776,27 @@ const ipv6NetworkTargetGroup = new elbv2.NetworkTargetGroup(this, 'Ipv6NetworkTa
|
|
|
746
776
|
});
|
|
747
777
|
```
|
|
748
778
|
|
|
779
|
+
### Target Group level health setting for Application Load Balancers and Network Load Balancers
|
|
780
|
+
|
|
781
|
+
You can set target group health setting at target group level by setting `targetGroupHealth` property.
|
|
782
|
+
|
|
783
|
+
For more information, see [How Elastic Load Balancing works](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes).
|
|
784
|
+
|
|
785
|
+
```ts
|
|
786
|
+
declare const vpc: ec2.Vpc;
|
|
787
|
+
|
|
788
|
+
const targetGroup = new elbv2.ApplicationTargetGroup(this, 'TargetGroup', {
|
|
789
|
+
vpc,
|
|
790
|
+
port: 80,
|
|
791
|
+
targetGroupHealth: {
|
|
792
|
+
dnsMinimumHealthyTargetCount: 3,
|
|
793
|
+
dnsMinimumHealthyTargetPercentage: 70,
|
|
794
|
+
routingMinimumHealthyTargetCount: 2,
|
|
795
|
+
routingMinimumHealthyTargetPercentage: 50,
|
|
796
|
+
},
|
|
797
|
+
});
|
|
798
|
+
```
|
|
799
|
+
|
|
749
800
|
## Using Lambda Targets
|
|
750
801
|
|
|
751
802
|
To use a Lambda Function as a target, use the integration class in the
|
|
@@ -19,7 +19,7 @@ const vpc = new ec2.Vpc(stack, 'VPC', {
|
|
|
19
19
|
});
|
|
20
20
|
|
|
21
21
|
const fn = new lambda.Function(stack, 'Function', {
|
|
22
|
-
runtime: lambda.Runtime.
|
|
22
|
+
runtime: lambda.Runtime.NODEJS_20_X,
|
|
23
23
|
handler: 'index.handler',
|
|
24
24
|
code: lambda.Code.fromInline(`
|
|
25
25
|
exports.handler = async (event) => {
|