konokenj.cdk-api-mcp-server 0.31.0__py3-none-any.whl → 0.57.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- cdk_api_mcp_server/__about__.py +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-amplify-alpha/README.md +12 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-bedrock-agentcore-alpha/README.md +1979 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-bedrock-alpha/README.md +946 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-eks-v2-alpha/README.md +160 -75
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-elasticache-alpha/README.md +421 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-glue-alpha/README.md +39 -9
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-imagebuilder-alpha/README.md +656 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-iot-alpha/README.md +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-lambda-go-alpha/README.md +102 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-lambda-python-alpha/README.md +6 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-msk-alpha/README.md +38 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-s3tables-alpha/README.md +82 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-sagemaker-alpha/README.md +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/mixins-preview/README.md +182 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/README.md/README.md +367 -17
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/README.md +34 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.api-with-authorizer-and-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.lambda-api.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.lambda-permission-consolidation.ts +55 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.spec-restapi.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/README.md +224 -60
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.api-dualstack.ts +3 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.api.ts +5 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.stage.ts +10 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.usage-plan.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.iam.ts +34 -38
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.lambda.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.user-pool.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/README.md +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.add-subroute-integration.ts +7 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.http-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-connect-disconnect-trigger.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-permission-consolidation.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-proxy.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda.ts +4 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.sqs.ts +58 -71
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.graphql-lambda-permission.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.js-resolver.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-autoscaling/README.md +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-autoscaling/integ.asg-lt.ts +7 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/README.md +49 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/integ.ecs-exec-batch-job.ts +148 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-batch/integ.managed-compute-environment-default-instance-class.ts +20 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-certificatemanager/README.md +11 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-node-18.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-service-timeout.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront/README.md +292 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/README.md +83 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.function-url-origin-ip-address-type.ts +84 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.http-origin.ts +5 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.origin-response-completion-timeout.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudtrail/integ.cloudtrail-data-events-only.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/README.md +104 -12
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.alarm-and-dashboard.ts +12 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.anomaly-detection-alarm.ts +44 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.dashboard-with-graphwidget-with-labels-visible.ts +92 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.dashboard-with-metric-id-and-visible.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.search-expression.ts +51 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/README.md +143 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-docker-server.ts +44 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-attribute-based-compute.ts +59 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-custom-instance-type.ts +130 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-fleet-overflow-behavior.ts +61 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-s3-cache.ts +71 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codebuild/integ.project-windows-image.ts +1 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codepipeline-actions/integ.pipeline-elastic-beanstalk-deploy.ts +26 -17
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/README.md +13 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/integ.user-pool-client-explicit-props.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-docdb/README.md +24 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-docdb/integ.cluster-serverless.ts +34 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/README.md +225 -15
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/TABLE_V1_API.md +45 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb-v2.cci.ts +49 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.add-to-resource-policy.ts +97 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.cci.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.compound.ts +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.contirubtor-insights-for-gsi.ts +6 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.policy.ts +21 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2-global.ts +9 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2-mrsc.ts +31 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.table-v2.compound.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/README.md +28 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.client-vpn-endpoint-disconnect-on-session-timeout.ts +65 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.vpc-endpoint.lit.ts +6 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.vpc-flow-logs.ts +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/integ.tag-mutability-exclusion.ts +30 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr-assets/README.md +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr-assets/integ.assets-docker.ts +6 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/README.md +189 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.availability-zone-rebalancing.ts +14 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.blue-green-deployment-strategy.ts +147 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.cluster-windows-server-ami.ts +5 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.ebs-volume-initialization-rate.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.enable-execute-command.ts +35 -29
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.exec-command.ts +16 -22
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.lb-awsvpc-nw.ts +26 -16
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-capacity-provider.ts +114 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-no-default-capacity-provider.ts +107 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.placement-strategies.ts +32 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.pseudo-terminal.ts +18 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/README.md +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/integ.alb-fargate-service-public-private-switch.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/integ.alb-fargate-service-smart-defaults.ts +143 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/README.md +103 -83
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-al2023-nodegroup.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-cluster-removal-policy.ts +31 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.fargate-cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +55 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb-lambda-multi-value-headers.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb-target-group-attributes.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb.oidc.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.nlb-target-group-attributes.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.nlb.security-group.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2-actions/integ.cognito.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.api-destination.ts +42 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.archive-customer-managed-key.ts +23 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.eventbus.ts +13 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/README.md +93 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/integ.firehose-delivery-stream.ts +51 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.custom-permissions-boundary-aspect.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.managed-policy.ts +9 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-iam/integ.policy.ts +9 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/README.md +42 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/integ.stream-shard-level-monitoring.ts +47 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/README.md +159 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.cloudwatch-logs-processors.ts +45 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.record-format-conversion-schema.ts +154 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.record-format-conversion.ts +178 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesisfirehose/integ.s3-bucket.lit.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/README.md +41 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.binary-payload.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.lambda-policy-with-token-resolution.ts +46 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.logging-config.ts +8 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.multi-tenancy.ts +24 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.params-and-secrets.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime-management.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime.fromasset.ts +19 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda/integ.runtime.inlinecode.ts +11 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/README.md +3 -3
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.dependencies-bun-lock.ts +50 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.dependencies-pnpm.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.function-exclude-smithy-models.ts +2 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-lambda-nodejs/integ.nodejs.build.images.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/README.md +69 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.loggroup-transformer.ts +37 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.metricfilter-apply-on-transformed-logs.ts +29 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.save-logs-insights-query-definition.ts +7 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.subscriptionfilter.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.transformer.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-opensearchservice/integ.opensearch.ebs.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-opensearchservice/integ.opensearch.min.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/README.md +72 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-cloudwatch-logs-exports.ts +56 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-data-api-to-imported-cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-data-api.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster-lookup.ts +100 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.cluster.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.instance-database-insights.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.instance-lookup.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/integ.proxy-endpoint.ts +36 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/README.md +68 -31
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.delete-existing-record-set.ts +0 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.private-hosted-zone-from-attributes.ts +41 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.route53.ts +51 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53/integ.zone-delegation-iam-stack.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53-targets/integ.cloudfront-alias-target.ts +16 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-route53-targets/integ.elastic-beanstalk-hostedzoneid.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3/integ.bucket.notifications-scoped-permissions.ts +71 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-assets/integ.assets.bundling.docker-opts.ts +4 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/README.md +83 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-big-response.ts +17 -6
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cloudfront.ts +20 -18
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-nested-stack-source.ts +64 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-stack-source.ts +53 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-cross-stack-ssm-source.ts +97 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-data.ts +99 -59
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-deployed-bucket.ts +10 -4
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-large-file.ts +23 -12
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-loggroup.ts +7 -2
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-efs.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-empty.ts +69 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-multiple.ts +89 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-security-groups-single.ts +77 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-signcontent.ts +11 -7
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution-with-destination-key.ts +15 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution-with-role.ts +29 -14
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-substitution.ts +16 -8
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-basic.ts +65 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-config.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-custom-subnets.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-efs.ts +66 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-security-groups.ts +72 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-vpc-subnet-selection.ts +70 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment.ts +47 -69
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-notifications/integ.bucket-notifications.ts +80 -42
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-secretsmanager/integ.secret.dynamic-reference-key.ts +38 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-signer/integ.signing-profile.ts +5 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns/README.md +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns-subscriptions/integ.sns-sqs-subscription-filter.ts +75 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-sns-subscriptions/integ.sns-sqs.ts +21 -40
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.distributed-map-parallel.ts +82 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.distributed-map-redrive.ts +130 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.map-with-catch.ts +1 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions/integ.sm-jsonpath-with-distributed-map-jsonata.ts +105 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/README.md +75 -5
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.call-aws-service-cross-region-lambda.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.emr-create-cluster-with-ebs.ts +126 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-arm64.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-default.ts +25 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-mixed-arch.ts +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-nodejs22.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.evaluate-expression-x86.ts +27 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.invoke-json-path.ts +102 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/README.md +84 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-browser-type.ts +35 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-resources-to-replicate-tags.ts +36 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-retry.ts +32 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-runtime-validation.ts +43 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary.ts +2 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cloudformation-include/integ.novalue-nonstring.ts +25 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/core/README.md +2 -1870
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/README.md +59 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.aws-custom-resource.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.custom-resource-config-lambda-node-runtime.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.external-id.ts +80 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/custom-resources/integ.invoke-function-payload.ts +1 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cx-api/FEATURE_FLAGS.md +152 -10
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/cx-api/README.md +55 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/interfaces/README.md +33 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/README.md +4 -0
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/integ.newpipeline-reduce-stagerole-scope.ts +4 -1
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/pipelines/integ.pipeline-with-customsynthesizer.ts +105 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/METADATA +2 -2
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/RECORD +240 -151
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events-targets/integ.kinesis-firehose-stream.ts +0 -33
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-logs/integ.expose-metric-with-dimensions.ts +0 -47
- cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-s3-deployment/integ.bucket-deployment-signcontent.d.ts +0 -1
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/WHEEL +0 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/entry_points.txt +0 -0
- {konokenj_cdk_api_mcp_server-0.31.0.dist-info → konokenj_cdk_api_mcp_server-0.57.0.dist-info}/licenses/LICENSE.txt +0 -0
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import { ExpectedResult, IntegTest, Match } from '@aws-cdk/integ-tests-alpha';
|
|
2
|
+
import { Stack, aws_ec2 as ec2, aws_elasticloadbalancingv2 as elbv2, App } from 'aws-cdk-lib';
|
|
3
|
+
|
|
4
|
+
const app = new App();
|
|
5
|
+
const stack = new Stack(app, 'alb-target-group-attributes');
|
|
6
|
+
|
|
7
|
+
const vpc = new ec2.Vpc(stack, 'Stack');
|
|
8
|
+
|
|
9
|
+
const targetGroup = new elbv2.ApplicationTargetGroup(stack, 'TargetGroup', {
|
|
10
|
+
vpc,
|
|
11
|
+
port: 80,
|
|
12
|
+
targetGroupHealth: {
|
|
13
|
+
dnsMinimumHealthyTargetCount: 3,
|
|
14
|
+
dnsMinimumHealthyTargetPercentage: 70,
|
|
15
|
+
routingMinimumHealthyTargetCount: 2,
|
|
16
|
+
routingMinimumHealthyTargetPercentage: 50,
|
|
17
|
+
},
|
|
18
|
+
});
|
|
19
|
+
|
|
20
|
+
const integTest = new IntegTest(app, 'alb-target-group-attributes-test', {
|
|
21
|
+
testCases: [stack],
|
|
22
|
+
});
|
|
23
|
+
|
|
24
|
+
integTest.assertions.awsApiCall('elbv2', 'describeTargetGroupAttributes', {
|
|
25
|
+
TargetGroupArn: targetGroup.targetGroupArn,
|
|
26
|
+
}).expect(ExpectedResult.objectLike({
|
|
27
|
+
Attributes: Match.arrayWith([
|
|
28
|
+
{
|
|
29
|
+
Key: 'target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage',
|
|
30
|
+
Value: '50',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
Key: 'target_group_health.dns_failover.minimum_healthy_targets.percentage',
|
|
34
|
+
Value: '70',
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
Key: 'target_group_health.unhealthy_state_routing.minimum_healthy_targets.count',
|
|
38
|
+
Value: '2',
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
Key: 'target_group_health.dns_failover.minimum_healthy_targets.count',
|
|
42
|
+
Value: '3',
|
|
43
|
+
},
|
|
44
|
+
]),
|
|
45
|
+
}));
|
|
@@ -186,7 +186,7 @@ const signinFunction = new lambda.Function(testCase, 'Signin', {
|
|
|
186
186
|
functionName: 'cdk-integ-alb-oidc-signin-handler',
|
|
187
187
|
code: lambda.Code.fromAsset('alb-oidc-signin-handler', { exclude: ['*.ts'] }),
|
|
188
188
|
handler: 'index.handler',
|
|
189
|
-
runtime: lambda.Runtime.
|
|
189
|
+
runtime: lambda.Runtime.NODEJS_20_X,
|
|
190
190
|
environment: {
|
|
191
191
|
TEST_USERNAME: testUser.username,
|
|
192
192
|
TEST_PASSWORD: testUser.password,
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import { ExpectedResult, IntegTest, Match } from '@aws-cdk/integ-tests-alpha';
|
|
2
|
+
import { Stack, aws_ec2 as ec2, aws_elasticloadbalancingv2 as elbv2, App } from 'aws-cdk-lib';
|
|
3
|
+
|
|
4
|
+
const app = new App();
|
|
5
|
+
const stack = new Stack(app, 'nlb-target-group-attributes');
|
|
6
|
+
|
|
7
|
+
const vpc = new ec2.Vpc(stack, 'Stack');
|
|
8
|
+
|
|
9
|
+
const targetGroup = new elbv2.NetworkTargetGroup(stack, 'TargetGroup', {
|
|
10
|
+
vpc,
|
|
11
|
+
port: 80,
|
|
12
|
+
targetGroupHealth: {
|
|
13
|
+
dnsMinimumHealthyTargetCount: 3,
|
|
14
|
+
dnsMinimumHealthyTargetPercentage: 70,
|
|
15
|
+
routingMinimumHealthyTargetCount: 2,
|
|
16
|
+
routingMinimumHealthyTargetPercentage: 50,
|
|
17
|
+
},
|
|
18
|
+
});
|
|
19
|
+
|
|
20
|
+
const integTest = new IntegTest(app, 'nlb-target-group-attributes-test', {
|
|
21
|
+
testCases: [stack],
|
|
22
|
+
});
|
|
23
|
+
|
|
24
|
+
integTest.assertions.awsApiCall('elbv2', 'describeTargetGroupAttributes', {
|
|
25
|
+
TargetGroupArn: targetGroup.targetGroupArn,
|
|
26
|
+
}).expect(ExpectedResult.objectLike({
|
|
27
|
+
Attributes: Match.arrayWith([
|
|
28
|
+
{
|
|
29
|
+
Key: 'target_group_health.unhealthy_state_routing.minimum_healthy_targets.count',
|
|
30
|
+
Value: '2',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
Key: 'target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage',
|
|
34
|
+
Value: '50',
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
Key: 'target_group_health.dns_failover.minimum_healthy_targets.count',
|
|
38
|
+
Value: '3',
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
Key: 'target_group_health.dns_failover.minimum_healthy_targets.percentage',
|
|
42
|
+
Value: '70',
|
|
43
|
+
},
|
|
44
|
+
]),
|
|
45
|
+
}));
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
import { ExpectedResult, IntegTest, Match } from '@aws-cdk/integ-tests-alpha';
|
|
2
|
+
import { Stack, aws_ec2 as ec2, aws_elasticloadbalancingv2 as elbv2, App } from 'aws-cdk-lib';
|
|
3
|
+
import { Construct } from 'constructs';
|
|
4
|
+
|
|
5
|
+
class TestStack extends Stack {
|
|
6
|
+
public readonly lbWithSg: elbv2.NetworkLoadBalancer;
|
|
7
|
+
public readonly lbWithSg2: elbv2.NetworkLoadBalancer;
|
|
8
|
+
public readonly lbWithoutSg: elbv2.NetworkLoadBalancer;
|
|
9
|
+
|
|
10
|
+
constructor(scope: Construct, id: string) {
|
|
11
|
+
super(scope, id);
|
|
12
|
+
|
|
13
|
+
const vpc = new ec2.Vpc(this, 'Stack', {
|
|
14
|
+
maxAzs: 1,
|
|
15
|
+
natGateways: 0,
|
|
16
|
+
});
|
|
17
|
+
|
|
18
|
+
this.lbWithSg = new elbv2.NetworkLoadBalancer(this, 'NlbWithSecurityGroup', {
|
|
19
|
+
vpc,
|
|
20
|
+
});
|
|
21
|
+
this.lbWithSg2 = new elbv2.NetworkLoadBalancer(this, 'NlbWithSecurityGroup2', {
|
|
22
|
+
vpc,
|
|
23
|
+
securityGroups: [new ec2.SecurityGroup(this, 'SecurityGroup', {
|
|
24
|
+
vpc,
|
|
25
|
+
allowAllOutbound: true,
|
|
26
|
+
})],
|
|
27
|
+
});
|
|
28
|
+
this.lbWithSg.connections.allowTo(this.lbWithSg2, ec2.Port.tcp(1229));
|
|
29
|
+
this.lbWithoutSg = new elbv2.NetworkLoadBalancer(this, 'NlbWithoutSecurityGroup', {
|
|
30
|
+
vpc,
|
|
31
|
+
disableSecurityGroups: true,
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
const app = new App({
|
|
37
|
+
postCliContext: {
|
|
38
|
+
'@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault': true,
|
|
39
|
+
},
|
|
40
|
+
});
|
|
41
|
+
const stack = new TestStack(app, 'NlbSecurityGroupStack');
|
|
42
|
+
const integ = new IntegTest(app, 'NlbSecurityGroupInteg', {
|
|
43
|
+
testCases: [stack],
|
|
44
|
+
});
|
|
45
|
+
integ.assertions.awsApiCall('elastic-load-balancing-v2', 'describeLoadBalancers', {
|
|
46
|
+
LoadBalancerArns: [
|
|
47
|
+
stack.lbWithSg.loadBalancerArn,
|
|
48
|
+
stack.lbWithSg2.loadBalancerArn,
|
|
49
|
+
stack.lbWithoutSg.loadBalancerArn,
|
|
50
|
+
],
|
|
51
|
+
}).expect(ExpectedResult.objectLike({
|
|
52
|
+
LoadBalancers: [
|
|
53
|
+
Match.objectLike({
|
|
54
|
+
LoadBalancerArn: stack.lbWithSg.loadBalancerArn,
|
|
55
|
+
SecurityGroups: Match.arrayWith([
|
|
56
|
+
Match.stringLikeRegexp('sg-[0-9a-f]{8,17}'),
|
|
57
|
+
]),
|
|
58
|
+
}),
|
|
59
|
+
Match.objectLike({
|
|
60
|
+
LoadBalancerArn: stack.lbWithSg2.loadBalancerArn,
|
|
61
|
+
SecurityGroups: Match.arrayWith([
|
|
62
|
+
Match.stringLikeRegexp('sg-[0-9a-f]{8,17}'),
|
|
63
|
+
]),
|
|
64
|
+
}),
|
|
65
|
+
Match.objectLike({
|
|
66
|
+
LoadBalancerArn: stack.lbWithoutSg.loadBalancerArn,
|
|
67
|
+
SecurityGroups: undefined,
|
|
68
|
+
}),
|
|
69
|
+
],
|
|
70
|
+
}));
|
|
@@ -206,7 +206,7 @@ const signinFunction = new lambda.Function(testCase, 'Signin', {
|
|
|
206
206
|
functionName: 'cdk-integ-alb-cognito-signin-handler',
|
|
207
207
|
code: lambda.Code.fromAsset('alb-cognito-signin-handler', { exclude: ['*.ts'] }),
|
|
208
208
|
handler: 'index.handler',
|
|
209
|
-
runtime: lambda.Runtime.
|
|
209
|
+
runtime: lambda.Runtime.NODEJS_20_X,
|
|
210
210
|
environment: {
|
|
211
211
|
TEST_USERNAME: testUser.username,
|
|
212
212
|
TEST_PASSWORD: testUser.password,
|
|
@@ -332,6 +332,45 @@ new events.EventBus(this, 'Bus', {
|
|
|
332
332
|
});
|
|
333
333
|
```
|
|
334
334
|
|
|
335
|
-
|
|
336
|
-
|
|
335
|
+
To use a customer managed key for an archive, use the `kmsKey` attribute.
|
|
336
|
+
|
|
337
|
+
Note: When you attach a customer managed key to either an EventBus or an Archive, a policy that allows EventBridge to interact with your resource will be added.
|
|
338
|
+
|
|
339
|
+
```ts
|
|
340
|
+
import * as kms from 'aws-cdk-lib/aws-kms';
|
|
341
|
+
import { Archive, EventBus } from 'aws-cdk-lib/aws-events';
|
|
342
|
+
|
|
343
|
+
const stack = new Stack();
|
|
344
|
+
|
|
345
|
+
declare const kmsKey: kms.IKey;
|
|
346
|
+
|
|
347
|
+
const eventBus = new EventBus(stack, 'Bus');
|
|
348
|
+
|
|
349
|
+
const archive = new Archive(stack, 'Archive', {
|
|
350
|
+
kmsKey: kmsKey,
|
|
351
|
+
sourceEventBus: eventBus,
|
|
352
|
+
eventPattern: {
|
|
353
|
+
source: ['aws.ec2']
|
|
354
|
+
},
|
|
355
|
+
});
|
|
356
|
+
```
|
|
357
|
+
|
|
358
|
+
To enable archives or schema discovery on an event bus, customers has the choice of using either an AWS owned key or a customer managed key.
|
|
337
359
|
For more information, see [KMS key options for event bus encryption](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-at-rest-key-options.html).
|
|
360
|
+
|
|
361
|
+
## Configuring logging
|
|
362
|
+
|
|
363
|
+
To configure logging for an Event Bus, leverage the LogConfig property. It allows different level of logging (NONE, INFO, TRACE, ERROR) and wether to include details or not.
|
|
364
|
+
|
|
365
|
+
```ts
|
|
366
|
+
import { EventBus, IncludeDetail, Level } from 'aws-cdk-lib/aws-events';
|
|
367
|
+
|
|
368
|
+
const bus = new EventBus(this, 'Bus', {
|
|
369
|
+
logConfig: {
|
|
370
|
+
includeDetail: IncludeDetail.FULL,
|
|
371
|
+
level: Level.TRACE,
|
|
372
|
+
},
|
|
373
|
+
});
|
|
374
|
+
```
|
|
375
|
+
|
|
376
|
+
See more [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level)
|
cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-events/integ.api-destination.ts
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import { App, CfnOutput, SecretValue, Stack } from 'aws-cdk-lib';
|
|
2
|
+
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
3
|
+
import * as events from 'aws-cdk-lib/aws-events';
|
|
4
|
+
import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
|
|
5
|
+
|
|
6
|
+
const app = new App();
|
|
7
|
+
|
|
8
|
+
const stack = new Stack(app, 'events-api-destination-stack');
|
|
9
|
+
|
|
10
|
+
const secret = new secretsmanager.Secret(stack, 'Secret', {
|
|
11
|
+
secretStringValue: SecretValue.unsafePlainText('abc123'),
|
|
12
|
+
});
|
|
13
|
+
|
|
14
|
+
const connection = new events.Connection(stack, 'Connection', {
|
|
15
|
+
authorization: events.Authorization.apiKey('x-api-key', secret.secretValue),
|
|
16
|
+
description: 'Connection with API Key x-api-key',
|
|
17
|
+
connectionName: 'MyConnection',
|
|
18
|
+
});
|
|
19
|
+
|
|
20
|
+
const destination = new events.ApiDestination(stack, 'Destination', {
|
|
21
|
+
connection,
|
|
22
|
+
endpoint: 'https://httpbin.org/headers',
|
|
23
|
+
httpMethod: events.HttpMethod.GET,
|
|
24
|
+
apiDestinationName: 'MyDestination',
|
|
25
|
+
rateLimitPerSecond: 1,
|
|
26
|
+
description: 'Calling example.com with API key x-api-key',
|
|
27
|
+
});
|
|
28
|
+
|
|
29
|
+
// arn:aws:events:{region}:{account}:api-destination/{destination-name}/11111111-1111-1111-1111-111111111111
|
|
30
|
+
new CfnOutput(stack, 'DestinationArn', {
|
|
31
|
+
value: destination.apiDestinationArn,
|
|
32
|
+
description: 'The ARN of the API destination',
|
|
33
|
+
});
|
|
34
|
+
// arn:aws:events:{region}:{account}:api-destination/{destination-name}
|
|
35
|
+
new CfnOutput(stack, 'DestinationArnForPolicy', {
|
|
36
|
+
value: destination.apiDestinationArnForPolicy || '',
|
|
37
|
+
description: 'The ARN of the API destination in resource format',
|
|
38
|
+
});
|
|
39
|
+
|
|
40
|
+
new IntegTest(app, 'events-api-destination-integ', {
|
|
41
|
+
testCases: [stack],
|
|
42
|
+
});
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import * as kms from 'aws-cdk-lib/aws-kms';
|
|
2
|
+
import { App, RemovalPolicy, Stack } from 'aws-cdk-lib';
|
|
3
|
+
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
4
|
+
import { Archive, EventBus } from 'aws-cdk-lib/aws-events';
|
|
5
|
+
|
|
6
|
+
const app = new App();
|
|
7
|
+
const stack = new Stack(app, 'archive-customer-managed-key');
|
|
8
|
+
|
|
9
|
+
const kmsKey = new kms.Key(stack, 'KmsKey', {
|
|
10
|
+
removalPolicy: RemovalPolicy.DESTROY,
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
new Archive(stack, 'Archive', {
|
|
14
|
+
kmsKey: kmsKey,
|
|
15
|
+
sourceEventBus: EventBus.fromEventBusName(stack, 'DefaultEventBus', 'default'),
|
|
16
|
+
eventPattern: {
|
|
17
|
+
source: ['test'],
|
|
18
|
+
},
|
|
19
|
+
});
|
|
20
|
+
|
|
21
|
+
new IntegTest(app, 'archive-customer-managed-key-test', {
|
|
22
|
+
testCases: [stack],
|
|
23
|
+
});
|
|
@@ -2,21 +2,31 @@ import * as iam from 'aws-cdk-lib/aws-iam';
|
|
|
2
2
|
import * as sqs from 'aws-cdk-lib/aws-sqs';
|
|
3
3
|
import { App, Stack } from 'aws-cdk-lib';
|
|
4
4
|
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
5
|
-
import { EventBus } from 'aws-cdk-lib/aws-events';
|
|
5
|
+
import { EventBus, IncludeDetail, Level } from 'aws-cdk-lib/aws-events';
|
|
6
6
|
|
|
7
7
|
const app = new App();
|
|
8
8
|
const stack = new Stack(app, 'Stack');
|
|
9
9
|
|
|
10
10
|
const dlq = new sqs.Queue(stack, 'DLQ');
|
|
11
11
|
|
|
12
|
+
const eventBusRole = new iam.Role(stack, 'EventBusRole', {
|
|
13
|
+
assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'),
|
|
14
|
+
description: 'Role for accessing EventBus',
|
|
15
|
+
roleName: 'EventBusAccessRole',
|
|
16
|
+
});
|
|
17
|
+
|
|
12
18
|
const bus = new EventBus(stack, 'Bus', {
|
|
13
19
|
deadLetterQueue: dlq,
|
|
14
20
|
description: 'myEventBus',
|
|
21
|
+
logConfig: {
|
|
22
|
+
includeDetail: IncludeDetail.FULL,
|
|
23
|
+
level: Level.ERROR,
|
|
24
|
+
},
|
|
15
25
|
});
|
|
16
26
|
|
|
17
27
|
bus.addToResourcePolicy(new iam.PolicyStatement({
|
|
18
28
|
effect: iam.Effect.ALLOW,
|
|
19
|
-
principals: [
|
|
29
|
+
principals: [eventBusRole],
|
|
20
30
|
actions: ['events:PutEvents'],
|
|
21
31
|
sid: 'Statement1',
|
|
22
32
|
resources: [bus.eventBusArn],
|
|
@@ -24,7 +34,7 @@ bus.addToResourcePolicy(new iam.PolicyStatement({
|
|
|
24
34
|
|
|
25
35
|
bus.addToResourcePolicy(new iam.PolicyStatement({
|
|
26
36
|
effect: iam.Effect.ALLOW,
|
|
27
|
-
principals: [
|
|
37
|
+
principals: [eventBusRole],
|
|
28
38
|
actions: ['events:PutRule'],
|
|
29
39
|
sid: 'Statement2',
|
|
30
40
|
resources: [bus.eventBusArn],
|
|
@@ -15,9 +15,11 @@ Currently supported are:
|
|
|
15
15
|
- [Start a StepFunctions state machine](#start-a-stepfunctions-state-machine)
|
|
16
16
|
- [Queue a Batch job](#queue-a-batch-job)
|
|
17
17
|
- [Invoke an API Gateway REST API](#invoke-an-api-gateway-rest-api)
|
|
18
|
+
- [Invoke an AWS API](#invoke-an-aws-api)
|
|
18
19
|
- [Invoke an API Destination](#invoke-an-api-destination)
|
|
19
20
|
- [Invoke an AppSync GraphQL API](#invoke-an-appsync-graphql-api)
|
|
20
21
|
- [Put an event on an EventBridge bus](#put-an-event-on-an-eventbridge-bus)
|
|
22
|
+
- [Put an event on a Firehose delivery stream](#put-an-event-on-a-firehose-delivery-stream)
|
|
21
23
|
- [Run an ECS Task](#run-an-ecs-task)
|
|
22
24
|
- [Tagging Tasks](#tagging-tasks)
|
|
23
25
|
- [Launch type for ECS Task](#launch-type-for-ecs-task)
|
|
@@ -333,6 +335,67 @@ declare const rule: events.Rule;
|
|
|
333
335
|
rule.addTarget(new targets.ApiGatewayV2(httpApi));
|
|
334
336
|
```
|
|
335
337
|
|
|
338
|
+
## Invoke an AWS API
|
|
339
|
+
|
|
340
|
+
Use the `AwsApi` target to make direct AWS API calls from EventBridge rules. This is useful for invoking AWS services that don't have a dedicated EventBridge target.
|
|
341
|
+
|
|
342
|
+
### Basic Usage
|
|
343
|
+
|
|
344
|
+
The following example shows how to update an ECS service when a rule is triggered:
|
|
345
|
+
|
|
346
|
+
```ts
|
|
347
|
+
const rule = new events.Rule(this, 'Rule', {
|
|
348
|
+
schedule: events.Schedule.rate(Duration.hours(1)),
|
|
349
|
+
});
|
|
350
|
+
|
|
351
|
+
rule.addTarget(new targets.AwsApi({
|
|
352
|
+
service: 'ECS',
|
|
353
|
+
action: 'updateService',
|
|
354
|
+
parameters: {
|
|
355
|
+
service: 'my-service',
|
|
356
|
+
forceNewDeployment: true,
|
|
357
|
+
},
|
|
358
|
+
}));
|
|
359
|
+
```
|
|
360
|
+
|
|
361
|
+
### IAM Permissions
|
|
362
|
+
|
|
363
|
+
By default, the AwsApi target automatically creates the necessary IAM permissions based on the service and action you specify. The permission format follows the pattern: `service:Action`.
|
|
364
|
+
|
|
365
|
+
For example:
|
|
366
|
+
|
|
367
|
+
- `ECS` service with `updateService` action → `ecs:UpdateService` permission
|
|
368
|
+
- `RDS` service with `createDBSnapshot` action → `rds:CreateDBSnapshot` permission
|
|
369
|
+
|
|
370
|
+
### Custom IAM Policy
|
|
371
|
+
|
|
372
|
+
In some cases, you may need to provide a custom IAM policy statement, especially when:
|
|
373
|
+
|
|
374
|
+
- You need to restrict permissions to specific resources (instead of `*`)
|
|
375
|
+
- The service requires additional permissions beyond the main action
|
|
376
|
+
- You want more granular control over the permissions
|
|
377
|
+
|
|
378
|
+
```ts
|
|
379
|
+
import * as iam from 'aws-cdk-lib/aws-iam';
|
|
380
|
+
import * as s3 from 'aws-cdk-lib/aws-s3';
|
|
381
|
+
|
|
382
|
+
declare const rule: events.Rule;
|
|
383
|
+
declare const bucket: s3.Bucket;
|
|
384
|
+
|
|
385
|
+
rule.addTarget(new targets.AwsApi({
|
|
386
|
+
service: 's3',
|
|
387
|
+
action: 'GetBucketEncryption',
|
|
388
|
+
parameters: {
|
|
389
|
+
Bucket: bucket.bucketName,
|
|
390
|
+
},
|
|
391
|
+
policyStatement: new iam.PolicyStatement({
|
|
392
|
+
effect: iam.Effect.ALLOW,
|
|
393
|
+
actions: ['s3:GetEncryptionConfiguration'],
|
|
394
|
+
resources: [bucket.bucketArn],
|
|
395
|
+
}),
|
|
396
|
+
}));
|
|
397
|
+
```
|
|
398
|
+
|
|
336
399
|
## Invoke an API Destination
|
|
337
400
|
|
|
338
401
|
Use the `targets.ApiDestination` target to trigger an external API. You need to
|
|
@@ -369,11 +432,16 @@ const connection = events.Connection.fromEventBusArn(
|
|
|
369
432
|
'arn:aws:secretsmanager:us-east-1:123456789012:secret:SecretName-f3gDy9',
|
|
370
433
|
);
|
|
371
434
|
|
|
372
|
-
const apiDestinationArn = 'arn:aws:events:us-east-1:123456789012:api-destination/DestinationName';
|
|
435
|
+
const apiDestinationArn = 'arn:aws:events:us-east-1:123456789012:api-destination/DestinationName/11111111-1111-1111-1111-111111111111';
|
|
436
|
+
const apiDestinationArnForPolicy = 'arn:aws:events:us-east-1:123456789012:api-destination/DestinationName';
|
|
373
437
|
const destination = events.ApiDestination.fromApiDestinationAttributes(
|
|
374
438
|
this,
|
|
375
439
|
'Destination',
|
|
376
|
-
{
|
|
440
|
+
{
|
|
441
|
+
apiDestinationArn,
|
|
442
|
+
connection,
|
|
443
|
+
apiDestinationArnForPolicy // optional
|
|
444
|
+
},
|
|
377
445
|
);
|
|
378
446
|
|
|
379
447
|
const rule = new events.Rule(this, 'OtherRule', {
|
|
@@ -461,6 +529,27 @@ rule.addTarget(new targets.EventBus(
|
|
|
461
529
|
));
|
|
462
530
|
```
|
|
463
531
|
|
|
532
|
+
## Put an event on a Firehose delivery stream
|
|
533
|
+
|
|
534
|
+
Use the `FirehoseDeliveryStream` target to put event to an Amazon Data Firehose delivery stream.
|
|
535
|
+
|
|
536
|
+
The code snippet below creates the scheduled event rule that put events to an Amazon Data Firehose delivery stream.
|
|
537
|
+
|
|
538
|
+
```ts
|
|
539
|
+
import * as firehose from 'aws-cdk-lib/aws-kinesisfirehose';
|
|
540
|
+
import * as s3 from 'aws-cdk-lib/aws-s3';
|
|
541
|
+
|
|
542
|
+
declare const bucket: s3.Bucket;
|
|
543
|
+
const stream = new firehose.DeliveryStream(this, 'DeliveryStream', {
|
|
544
|
+
destination: new firehose.S3Bucket(bucket),
|
|
545
|
+
});
|
|
546
|
+
|
|
547
|
+
const rule = new events.Rule(this, 'Rule', {
|
|
548
|
+
schedule: events.Schedule.expression('rate(1 minute)'),
|
|
549
|
+
});
|
|
550
|
+
rule.addTarget(new targets.FirehoseDeliveryStream(stream));
|
|
551
|
+
```
|
|
552
|
+
|
|
464
553
|
## Run an ECS Task
|
|
465
554
|
|
|
466
555
|
Use the `EcsTask` target to run an ECS Task.
|
|
@@ -631,7 +720,7 @@ rule.addTarget(new targets.RedshiftQuery(workgroup.attrWorkgroupWorkgroupArn, {
|
|
|
631
720
|
|
|
632
721
|
## Publish to an SNS Topic
|
|
633
722
|
|
|
634
|
-
Use the `SnsTopic` target to publish to an SNS Topic.
|
|
723
|
+
Use the `SnsTopic` target to publish to an SNS Topic.
|
|
635
724
|
|
|
636
725
|
The code snippet below creates the scheduled event rule that publishes to an SNS Topic using a resource policy.
|
|
637
726
|
|
|
@@ -659,4 +748,4 @@ const rule = new events.Rule(this, 'Rule', {
|
|
|
659
748
|
});
|
|
660
749
|
|
|
661
750
|
rule.addTarget(new targets.SnsTopic(topic, { authorizeUsingRole: true }));
|
|
662
|
-
```
|
|
751
|
+
```
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import * as events from 'aws-cdk-lib/aws-events';
|
|
2
|
+
import * as firehose from 'aws-cdk-lib/aws-kinesisfirehose';
|
|
3
|
+
import * as s3 from 'aws-cdk-lib/aws-s3';
|
|
4
|
+
import * as cdk from 'aws-cdk-lib';
|
|
5
|
+
import * as targets from 'aws-cdk-lib/aws-events-targets';
|
|
6
|
+
import { IntegTest, ExpectedResult, AwsApiCall } from '@aws-cdk/integ-tests-alpha';
|
|
7
|
+
|
|
8
|
+
// ---------------------------------
|
|
9
|
+
// Define a rule that triggers a put to a Firehose delivery stream every 1min.
|
|
10
|
+
|
|
11
|
+
const app = new cdk.App();
|
|
12
|
+
|
|
13
|
+
const stack = new cdk.Stack(app, 'aws-cdk-firehose-event-target');
|
|
14
|
+
|
|
15
|
+
const bucket = new s3.Bucket(stack, 'firehose-bucket', {
|
|
16
|
+
autoDeleteObjects: true,
|
|
17
|
+
removalPolicy: cdk.RemovalPolicy.DESTROY,
|
|
18
|
+
});
|
|
19
|
+
const deliveryStream = new firehose.DeliveryStream(stack, 'MyDeliveryStream', {
|
|
20
|
+
destination: new firehose.S3Bucket(bucket, {
|
|
21
|
+
bufferingInterval: cdk.Duration.seconds(30),
|
|
22
|
+
}),
|
|
23
|
+
});
|
|
24
|
+
|
|
25
|
+
const event = new events.Rule(stack, 'EveryMinute', {
|
|
26
|
+
schedule: events.Schedule.rate(cdk.Duration.minutes(1)),
|
|
27
|
+
});
|
|
28
|
+
|
|
29
|
+
event.addTarget(new targets.FirehoseDeliveryStream(deliveryStream));
|
|
30
|
+
|
|
31
|
+
const testCase = new IntegTest(app, 'firehose-event-target-integ', {
|
|
32
|
+
testCases: [stack],
|
|
33
|
+
});
|
|
34
|
+
|
|
35
|
+
const s3ApiCall = testCase.assertions.awsApiCall('S3', 'listObjectsV2', {
|
|
36
|
+
Bucket: bucket.bucketName,
|
|
37
|
+
MaxKeys: 1,
|
|
38
|
+
}).expect(ExpectedResult.objectLike({
|
|
39
|
+
KeyCount: 1,
|
|
40
|
+
})).waitForAssertions({
|
|
41
|
+
interval: cdk.Duration.seconds(30),
|
|
42
|
+
totalTimeout: cdk.Duration.minutes(10),
|
|
43
|
+
});
|
|
44
|
+
|
|
45
|
+
if (s3ApiCall instanceof AwsApiCall) {
|
|
46
|
+
s3ApiCall.waiterProvider?.addToRolePolicy({
|
|
47
|
+
Effect: 'Allow',
|
|
48
|
+
Action: ['s3:GetObject', 's3:ListBucket'],
|
|
49
|
+
Resource: ['*'],
|
|
50
|
+
});
|
|
51
|
+
}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This integration test tests the case of a customer setting a permissions boundary using a custom aspect,
|
|
3
|
+
* then trying to override at a more specific level using the PermissionsBoundary.of() API.
|
|
4
|
+
*
|
|
5
|
+
* Overriding should work.
|
|
6
|
+
*/
|
|
7
|
+
import { App, Stack, IAspect, Aspects } from 'aws-cdk-lib';
|
|
8
|
+
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
9
|
+
import { CfnRole, ManagedPolicy, PermissionsBoundary, Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam';
|
|
10
|
+
import { IConstruct } from 'constructs';
|
|
11
|
+
|
|
12
|
+
class CustomAspect implements IAspect {
|
|
13
|
+
public visit(node: IConstruct): void {
|
|
14
|
+
if (node instanceof CfnRole) {
|
|
15
|
+
node.addPropertyOverride('PermissionsBoundary', 'arn:aws:iam::aws:policy/ReadOnlyAccess');
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
const app = new App({
|
|
21
|
+
postCliContext: {
|
|
22
|
+
// Force the intended behavior, from before we found this bug
|
|
23
|
+
'@aws-cdk/core:aspectPrioritiesMutating': false,
|
|
24
|
+
},
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
const stack = new Stack(app, 'integ-permissions-boundary', {
|
|
28
|
+
env: {
|
|
29
|
+
account: process.env.CDK_INTEG_ACCOUNT ?? process.env.CDK_DEFAULT_ACCOUNT,
|
|
30
|
+
region: process.env.CDK_INTEG_REGION ?? process.env.CDK_DEFAULT_REGION,
|
|
31
|
+
},
|
|
32
|
+
});
|
|
33
|
+
|
|
34
|
+
Aspects.of(stack).add(new CustomAspect());
|
|
35
|
+
|
|
36
|
+
new Role(stack, 'NormalRole', {
|
|
37
|
+
assumedBy: new ServicePrincipal('sqs.amazonaws.com'),
|
|
38
|
+
});
|
|
39
|
+
|
|
40
|
+
const powerRole = new Role(stack, 'PowerRole', {
|
|
41
|
+
assumedBy: new ServicePrincipal('sqs.amazonaws.com'),
|
|
42
|
+
});
|
|
43
|
+
|
|
44
|
+
PermissionsBoundary.of(powerRole).apply(ManagedPolicy.fromAwsManagedPolicyName('AdministratorAccess'));
|
|
45
|
+
|
|
46
|
+
new IntegTest(app, 'integ-test', {
|
|
47
|
+
testCases: [stack],
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
app.synth();
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { App, Stack } from 'aws-cdk-lib';
|
|
2
2
|
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
3
3
|
import { AccountRootPrincipal, Grant, ManagedPolicy, PolicyStatement, Role, User } from 'aws-cdk-lib/aws-iam';
|
|
4
|
+
import * as lambda from 'aws-cdk-lib/aws-lambda';
|
|
4
5
|
|
|
5
6
|
const app = new App();
|
|
6
7
|
|
|
@@ -34,6 +35,14 @@ policy.attachToRole(role);
|
|
|
34
35
|
const importedRole = Role.fromRoleArn(stack, 'ImportedRole', role.roleArn);
|
|
35
36
|
policy.attachToRole(importedRole);
|
|
36
37
|
|
|
38
|
+
// Can be passed to grantInvoke, see https://github.com/aws/aws-cdk/issues/32980
|
|
39
|
+
const func = new lambda.Function(stack, 'Function', {
|
|
40
|
+
runtime: lambda.Runtime.NODEJS_LATEST,
|
|
41
|
+
handler: 'index.handler',
|
|
42
|
+
code: lambda.Code.fromInline('export const handler = async () => null'),
|
|
43
|
+
});
|
|
44
|
+
func.grantInvoke(policy);
|
|
45
|
+
|
|
37
46
|
new IntegTest(app, 'ManagedPolicyInteg', {
|
|
38
47
|
testCases: [stack],
|
|
39
48
|
});
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { App, Stack } from 'aws-cdk-lib';
|
|
2
2
|
import { IntegTest } from '@aws-cdk/integ-tests-alpha';
|
|
3
3
|
import { AccountRootPrincipal, Grant, Policy, PolicyStatement, Role, User } from 'aws-cdk-lib/aws-iam';
|
|
4
|
+
import * as lambda from 'aws-cdk-lib/aws-lambda';
|
|
4
5
|
|
|
5
6
|
const app = new App();
|
|
6
7
|
|
|
@@ -21,6 +22,14 @@ role.grantAssumeRole(user);
|
|
|
21
22
|
|
|
22
23
|
Grant.addToPrincipal({ actions: ['iam:*'], resourceArns: [role.roleArn], grantee: policy2 });
|
|
23
24
|
|
|
25
|
+
// Can be passed to grantInvoke, see https://github.com/aws/aws-cdk/issues/32980
|
|
26
|
+
const func = new lambda.Function(stack, 'Function', {
|
|
27
|
+
runtime: lambda.Runtime.NODEJS_LATEST,
|
|
28
|
+
handler: 'index.handler',
|
|
29
|
+
code: lambda.Code.fromInline('export const handler = async () => null'),
|
|
30
|
+
});
|
|
31
|
+
func.grantInvoke(policy);
|
|
32
|
+
|
|
24
33
|
new IntegTest(app, 'PolicyInteg', {
|
|
25
34
|
testCases: [stack],
|
|
26
35
|
});
|