konokenj.cdk-api-mcp-server 0.32.0__py3-none-any.whl → 0.33.0__py3-none-any.whl

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.invoke-jsonata.ts

@@ -1,112 +1,119 @@
-import * as path from 'path';
-import { IntegTest, ExpectedResult } from '@aws-cdk/integ-tests-alpha';
-import * as cdk from 'aws-cdk-lib';
-import * as apigateway from 'aws-cdk-lib/aws-apigateway';
-import * as events from 'aws-cdk-lib/aws-events';
+import { Code, Function } from 'aws-cdk-lib/aws-lambda';
 import * as sfn from 'aws-cdk-lib/aws-stepfunctions';
-import * as lambda from 'aws-cdk-lib/aws-lambda-nodejs';
-import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks';
-import { password, username } from './my-lambda-handler';
+import * as cdk from 'aws-cdk-lib';
+import { LambdaInvoke } from 'aws-cdk-lib/aws-stepfunctions-tasks';
+import { IntegTest, ExpectedResult } from '@aws-cdk/integ-tests-alpha';
+import { STANDARD_NODEJS_RUNTIME } from '../../../config';
 
 /*
- * Creates an API Gateway instance with a GET method and mock integration,
- * secured with basic auth. It then creates a matching Connection and uses it
- * in a state machine with a task state to invoke the endpoint.
+ * Creates a state machine with a task state to invoke a Lambda function
+ * The state machine creates a couple of Lambdas that pass results forward
+ * and into a Choice state that validates the output.
+ *
+ * Stack verification steps:
+ * The generated State Machine can be executed from the CLI (or Step Functions console)
+ * and runs with an execution status of `Succeeded`.
  *
- * Stack verification steps :
- * * aws stepfunctions start-execution --state-machine-arn <deployed state machine arn> : should return execution arn
- * * aws stepfunctions describe-execution --execution-arn <execution-arn generated before> : should return status as SUCCEEDED
+ * -- aws stepfunctions start-execution --state-machine-arn <state-machine-arn-from-output> provides execution arn
+ * -- aws stepfunctions describe-execution --execution-arn <state-machine-arn-from-output> returns a status of `Succeeded`
  */
 const app = new cdk.App({
   postCliContext: {
     '@aws-cdk/aws-lambda:useCdkManagedLogGroup': false,
   },
 });
-const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-http-invoke-integ');
+const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-lambda-invoke-jsonata-integ');
 
-const authorizerHandler = new lambda.NodejsFunction(stack, 'AuthorizerHandler', {
-  entry: path.resolve(__dirname, 'my-lambda-handler', 'index.ts'),
-  handler: 'handler',
+const submitJobLambda = new Function(stack, 'submitJobLambda', {
+  code: Code.fromInline(`exports.handler = async (event, context) => {
+        return {
+          statusCode: '200',
+          body: 'hello, world!',
+          ...event,
+        };
+      };`),
+  runtime: STANDARD_NODEJS_RUNTIME,
+  handler: 'index.handler',
 });
 
-const authorizer = new apigateway.TokenAuthorizer(stack, 'Authorizer', {
-  handler: authorizerHandler,
-  identitySource: 'method.request.header.Authorization',
-  resultsCacheTtl: cdk.Duration.seconds(0),
-});
-
-const api = new apigateway.RestApi(stack, 'IntegRestApi');
-
-api.root.addResource('test').addMethod(
-  'GET',
-  new apigateway.MockIntegration({
-    integrationResponses: [
-      {
-        statusCode: '200',
-        responseTemplates: {
-          'application/json': JSON.stringify({ message: 'Hello, tester!' }),
-        },
-      },
-    ],
-    passthroughBehavior: apigateway.PassthroughBehavior.NEVER,
-    requestTemplates: {
-      'application/json': '{ "statusCode": 200 }',
-    },
+const submitJob = LambdaInvoke.jsonata(stack, 'Invoke Handler', {
+  lambdaFunction: submitJobLambda,
+  payload: sfn.TaskInput.fromObject({
+    execId: '{% $states.context.Execution.Id %}',
+    execInput: '{% $states.context.Execution.Input %}',
+    execName: '{% $states.context.Execution.Name %}',
+    execRoleArn: '{% $states.context.Execution.RoleArn %}',
+    execStartTime: '{% $states.context.Execution.StartTime %}',
+    stateEnteredTime: '{% $states.context.State.EnteredTime %}',
+    stateName: '{% $states.context.State.Name %}',
+    stateRetryCount: '{% $states.context.State.RetryCount %}',
+    stateMachineId: '{% $states.context.StateMachine.Id %}',
+    stateMachineName: '{% $states.context.StateMachine.Name %}',
   }),
-  {
-    authorizer,
-    methodResponses: [
-      {
-        statusCode: '200',
-      },
-    ],
-  },
-);
+  outputs: '{% $states.result.Payload %}',
+});
 
-const connection = new events.Connection(stack, 'Connection', {
-  authorization: events.Authorization.basic(username, cdk.SecretValue.unsafePlainText(password)),
+const checkJobStateLambda = new Function(stack, 'checkJobStateLambda', {
+  code: Code.fromInline(`exports.handler = async function(event, context) {
+        const expectedFields = [
+          'execId', 'execInput', 'execName', 'execRoleArn',
+          'execStartTime', 'stateEnteredTime', 'stateName',
+          'stateRetryCount', 'stateMachineId', 'stateMachineName',
+        ];
+        const fieldsAreSet = expectedFields.every(field => event[field] !== undefined);
+        return {
+          status: event.statusCode === '200' && fieldsAreSet ? 'SUCCEEDED' : 'FAILED'
+        };
+  };`),
+  runtime: STANDARD_NODEJS_RUNTIME,
+  handler: 'index.handler',
 });
 
-const httpInvokeTask = tasks.HttpInvoke.jsonata(stack, 'Invoke HTTP Endpoint', {
-  apiRoot: api.urlForPath('/'),
-  apiEndpoint: sfn.TaskInput.fromText('{% $states.input.apiEndpoint %}'),
-  connection,
-  method: sfn.TaskInput.fromText('GET'),
+const checkJobState = LambdaInvoke.jsonata(stack, 'Check the job state', {
+  lambdaFunction: checkJobStateLambda,
   outputs: {
-    ResponseBody: '{% $states.result.ResponseBody %}',
+    status: '{% $states.result.Payload.status %}',
   },
 });
 
+const isComplete = sfn.Choice.jsonata(stack, 'Job Complete?');
+const jobFailed = sfn.Fail.jsonata(stack, 'Job Failed', {
+  cause: 'Job Failed',
+  error: 'Received a status that was not 200',
+});
+const finalStatus = sfn.Pass.jsonata(stack, 'Final step');
+
+const chain = sfn.Chain.start(submitJob)
+  .next(checkJobState)
+  .next(
+    isComplete
+      .when(sfn.Condition.jsonata("{% $states.input.status = 'FAILED' %}"), jobFailed)
+      .when(sfn.Condition.jsonata("{% $states.input.status = 'SUCCEEDED' %}"), finalStatus),
+  );
+
 const sm = new sfn.StateMachine(stack, 'StateMachine', {
-  definition: httpInvokeTask,
+  definition: chain,
   timeout: cdk.Duration.seconds(30),
 });
 
-const testCase = new IntegTest(app, 'HttpInvokeTest', {
-  testCases: [stack],
+new cdk.CfnOutput(stack, 'stateMachineArn', {
+  value: sm.stateMachineArn,
 });
 
-// Start an execution
-const start = testCase.assertions.awsApiCall('@aws-sdk/client-sfn', 'StartExecution', {
-  stateMachineArn: sm.stateMachineArn,
-  input: JSON.stringify({
-    apiEndpoint: '/test',
-  }),
+const integ = new IntegTest(app, 'IntegTest', {
+  testCases: [stack],
 });
-
-// describe the results of the execution
-const describe = testCase.assertions.awsApiCall('@aws-sdk/client-sfn', 'DescribeExecution', {
-  executionArn: start.getAttString('executionArn'),
+const res = integ.assertions.awsApiCall('@aws-sdk/client-sfn', 'StartExecution', {
+  stateMachineArn: sm.stateMachineArn,
 });
-
-// assert the results
-describe.expect(ExpectedResult.objectLike({
+const executionArn = res.getAttString('executionArn');
+integ.assertions.awsApiCall('@aws-sdk/client-sfn', 'DescribeExecution', {
+  executionArn,
+}).expect(ExpectedResult.objectLike({
   status: 'SUCCEEDED',
-  output: JSON.stringify({
-    ResponseBody: {
-      message: 'Hello, tester!',
-    },
-  }),
-}));
+})).waitForAssertions({
+  totalTimeout: cdk.Duration.seconds(10),
+  interval: cdk.Duration.seconds(3),
+});
 
 app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.invoke.ts

@@ -1,101 +1,119 @@
-import * as path from 'path';
-import { IntegTest, ExpectedResult } from '@aws-cdk/integ-tests-alpha';
-import * as cdk from 'aws-cdk-lib';
-import * as apigateway from 'aws-cdk-lib/aws-apigateway';
-import * as events from 'aws-cdk-lib/aws-events';
+import { Code, Function } from 'aws-cdk-lib/aws-lambda';
 import * as sfn from 'aws-cdk-lib/aws-stepfunctions';
-import * as lambda from 'aws-cdk-lib/aws-lambda-nodejs';
-import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks';
-import { password, username } from './my-lambda-handler';
+import * as cdk from 'aws-cdk-lib';
+import { LambdaInvoke } from 'aws-cdk-lib/aws-stepfunctions-tasks';
+import { IntegTest, ExpectedResult } from '@aws-cdk/integ-tests-alpha';
+import { STANDARD_NODEJS_RUNTIME } from '../../../config';
 
 /*
- * Creates an API Gateway instance with a GET method and mock integration,
- * secured with basic auth. It then creates a matching Connection and uses it
- * in a state machine with a task state to invoke the endpoint.
+ * Creates a state machine with a task state to invoke a Lambda function
+ * The state machine creates a couple of Lambdas that pass results forward
+ * and into a Choice state that validates the output.
+ *
+ * Stack verification steps:
+ * The generated State Machine can be executed from the CLI (or Step Functions console)
+ * and runs with an execution status of `Succeeded`.
  *
- * Stack verification steps :
- * * aws stepfunctions start-execution --state-machine-arn <deployed state machine arn> : should return execution arn
- * * aws stepfunctions describe-execution --execution-arn <execution-arn generated before> : should return status as SUCCEEDED
+ * -- aws stepfunctions start-execution --state-machine-arn <state-machine-arn-from-output> provides execution arn
+ * -- aws stepfunctions describe-execution --execution-arn <state-machine-arn-from-output> returns a status of `Succeeded`
  */
 const app = new cdk.App({
   postCliContext: {
     '@aws-cdk/aws-lambda:useCdkManagedLogGroup': false,
   },
 });
-const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-http-invoke-integ');
+const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-lambda-invoke-integ');
 
-const authorizerHandler = new lambda.NodejsFunction(stack, 'AuthorizerHandler', {
-  entry: path.resolve(__dirname, 'my-lambda-handler', 'index.ts'),
-  handler: 'handler',
+const submitJobLambda = new Function(stack, 'submitJobLambda', {
+  code: Code.fromInline(`exports.handler = async (event, context) => {
+        return {
+          statusCode: '200',
+          body: 'hello, world!',
+          ...event,
+        };
+      };`),
+  runtime: STANDARD_NODEJS_RUNTIME,
+  handler: 'index.handler',
 });
 
-const authorizer = new apigateway.TokenAuthorizer(stack, 'Authorizer', {
-  handler: authorizerHandler,
-  identitySource: 'method.request.header.Authorization',
-  resultsCacheTtl: cdk.Duration.seconds(0),
+const submitJob = new LambdaInvoke(stack, 'Invoke Handler', {
+  lambdaFunction: submitJobLambda,
+  payload: sfn.TaskInput.fromObject({
+    execId: sfn.JsonPath.executionId,
+    execInput: sfn.JsonPath.executionInput,
+    execName: sfn.JsonPath.executionName,
+    execRoleArn: sfn.JsonPath.executionRoleArn,
+    execStartTime: sfn.JsonPath.executionStartTime,
+    stateEnteredTime: sfn.JsonPath.stateEnteredTime,
+    stateName: sfn.JsonPath.stateName,
+    stateRetryCount: sfn.JsonPath.stateRetryCount,
+    stateMachineId: sfn.JsonPath.stateMachineId,
+    stateMachineName: sfn.JsonPath.stateMachineName,
+  }),
+  outputPath: '$.Payload',
 });
 
-const api = new apigateway.RestApi(stack, 'IntegRestApi');
+const checkJobStateLambda = new Function(stack, 'checkJobStateLambda', {
+  code: Code.fromInline(`exports.handler = async function(event, context) {
+        const expectedFields = [
+          'execId', 'execInput', 'execName', 'execRoleArn',
+          'execStartTime', 'stateEnteredTime', 'stateName',
+          'stateRetryCount', 'stateMachineId', 'stateMachineName',
+        ];
+        const fieldsAreSet = expectedFields.every(field => event[field] !== undefined);
+        return {
+          status: event.statusCode === '200' && fieldsAreSet ? 'SUCCEEDED' : 'FAILED'
+        };
+  };`),
+  runtime: STANDARD_NODEJS_RUNTIME,
+  handler: 'index.handler',
+});
 
-api.root.addResource('test').addMethod(
-  'GET',
-  new apigateway.MockIntegration({
-    integrationResponses: [
-      {
-        statusCode: '200',
-        responseTemplates: {
-          'application/json': JSON.stringify({ message: 'Hello, tester!' }),
-        },
-      },
-    ],
-    passthroughBehavior: apigateway.PassthroughBehavior.NEVER,
-    requestTemplates: {
-      'application/json': '{ "statusCode": 200 }',
-    },
-  }),
-  {
-    authorizer,
-    methodResponses: [
-      {
-        statusCode: '200',
-      },
-    ],
+const checkJobState = new LambdaInvoke(stack, 'Check the job state', {
+  lambdaFunction: checkJobStateLambda,
+  resultSelector: {
+    status: sfn.JsonPath.stringAt('$.Payload.status'),
   },
-);
-
-const connection = new events.Connection(stack, 'Connection', {
-  authorization: events.Authorization.basic(username, cdk.SecretValue.unsafePlainText(password)),
 });
 
-const httpInvokeTask = new tasks.HttpInvoke(stack, 'Invoke HTTP Endpoint', {
-  apiRoot: api.urlForPath('/'),
-  apiEndpoint: sfn.TaskInput.fromText('/test'),
-  connection,
-  method: sfn.TaskInput.fromText('GET'),
+const isComplete = new sfn.Choice(stack, 'Job Complete?');
+const jobFailed = new sfn.Fail(stack, 'Job Failed', {
+  cause: 'Job Failed',
+  error: 'Received a status that was not 200',
 });
+const finalStatus = new sfn.Pass(stack, 'Final step');
+
+const chain = sfn.Chain.start(submitJob)
+  .next(checkJobState)
+  .next(
+    isComplete
+      .when(sfn.Condition.stringEquals('$.status', 'FAILED'), jobFailed)
+      .when(sfn.Condition.stringEquals('$.status', 'SUCCEEDED'), finalStatus),
+  );
 
 const sm = new sfn.StateMachine(stack, 'StateMachine', {
-  definition: httpInvokeTask,
+  definition: chain,
   timeout: cdk.Duration.seconds(30),
 });
 
-const testCase = new IntegTest(app, 'HttpInvokeTest', {
-  testCases: [stack],
+new cdk.CfnOutput(stack, 'stateMachineArn', {
+  value: sm.stateMachineArn,
 });
 
-// Start an execution
-const start = testCase.assertions.awsApiCall('StepFunctions', 'startExecution', {
-  stateMachineArn: sm.stateMachineArn,
+const integ = new IntegTest(app, 'IntegTest', {
+  testCases: [stack],
 });
-
-// describe the results of the execution
-const describe = testCase.assertions.awsApiCall('StepFunctions', 'describeExecution', {
-  executionArn: start.getAttString('executionArn'),
+const res = integ.assertions.awsApiCall('StepFunctions', 'startExecution', {
+  stateMachineArn: sm.stateMachineArn,
 });
-
-// assert the results
-describe.expect(ExpectedResult.objectLike({
+const executionArn = res.getAttString('executionArn');
+integ.assertions.awsApiCall('StepFunctions', 'describeExecution', {
+  executionArn,
+}).expect(ExpectedResult.objectLike({
   status: 'SUCCEEDED',
-}));
+})).waitForAssertions({
+  totalTimeout: cdk.Duration.seconds(10),
+  interval: cdk.Duration.seconds(3),
+});
 
 app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-stepfunctions-tasks/integ.start-job-run.ts

@@ -1,69 +1,122 @@
-import * as path from 'path';
-import * as glue from 'aws-cdk-lib/aws-glue';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as eks from 'aws-cdk-lib/aws-eks';
+import { AwsAuthMapping } from 'aws-cdk-lib/aws-eks';
 import * as iam from 'aws-cdk-lib/aws-iam';
-import * as assets from 'aws-cdk-lib/aws-s3-assets';
 import * as sfn from 'aws-cdk-lib/aws-stepfunctions';
 import * as cdk from 'aws-cdk-lib';
-import { GlueStartJobRun } from 'aws-cdk-lib/aws-stepfunctions-tasks';
-import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+import { Aws } from 'aws-cdk-lib';
+import * as integ from '@aws-cdk/integ-tests-alpha';
+import { KubectlV31Layer } from '@aws-cdk/lambda-layer-kubectl-v31';
+import { EmrContainersStartJobRun, ReleaseLabel, VirtualClusterInput } from 'aws-cdk-lib/aws-stepfunctions-tasks';
+import { EC2_RESTRICT_DEFAULT_SECURITY_GROUP } from 'aws-cdk-lib/cx-api';
 
-/*
+/**
  * Stack verification steps:
- * * aws stepfunctions start-execution --state-machine-arn <deployed state machine arn>
- * * aws stepfunctions describe-execution --execution-arn <execution arn created above>
- * The "describe-execution" call should eventually return status "SUCCEEDED".
- * NOTE: It will take up to 15 minutes for the step function to complete due to the cold start time
- * for AWS Glue, which as of 02/2020, is around 10-15 minutes.
+ * Everything in the link below must be setup before running the state machine.
+ * @see https://docs.aws.amazon.com/emr/latest/EMR-on-EKS-DevelopmentGuide/setting-up-enable-IAM.html
+ * aws stepfunctions start-execution --state-machine-arn <deployed state machine arn> : should return execution arn
+ * aws stepfunctions describe-execution --execution-arn <exection-arn generated before> : should return status as SUCCEEDED
  */
 
-const app = new cdk.App();
-const stack = new cdk.Stack(app, 'aws-stepfunctions-integ');
+const app = new cdk.App({
+  postCliContext: {
+    '@aws-cdk/aws-lambda:useCdkManagedLogGroup': false,
+    '@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy': false,
+  },
+});
+const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-emr-containers-start-job-run');
+stack.node.setContext(EC2_RESTRICT_DEFAULT_SECURITY_GROUP, false);
+
+const eksCluster = new eks.Cluster(stack, 'integration-test-eks-cluster', {
+  version: eks.KubernetesVersion.V1_30,
+  defaultCapacity: 3,
+  defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.XLARGE),
+  kubectlLayer: new KubectlV31Layer(stack, 'KubectlLayer'),
+});
 
-const codeAsset = new assets.Asset(stack, 'Glue Job Script', {
-  path: path.join(__dirname, 'my-glue-script/job.py'),
+const virtualCluster = new cdk.CfnResource(stack, 'Virtual Cluster', {
+  type: 'AWS::EMRContainers::VirtualCluster',
+  properties: {
+    ContainerProvider: {
+      Id: eksCluster.clusterName,
+      Info: {
+        EksInfo: {
+          Namespace: 'default',
+        },
+      },
+      Type: 'EKS',
+    },
+    Name: 'Virtual-Cluster-Name',
+  },
 });
 
-const jobRole = new iam.Role(stack, 'Glue Job Role', {
-  assumedBy: new iam.ServicePrincipal('glue'),
-  managedPolicies: [
-    iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSGlueServiceRole'),
+const emrRole = eksCluster.addManifest('emrRole', {
+  apiVersion: 'rbac.authorization.k8s.io/v1',
+  kind: 'Role',
+  metadata: { name: 'emr-containers', namespace: 'default' },
+  rules: [
+    { apiGroups: [''], resources: ['namespaces'], verbs: ['get'] },
+    { apiGroups: [''], resources: ['serviceaccounts', 'services', 'configmaps', 'events', 'pods', 'pods/log'], verbs: ['get', 'list', 'watch', 'describe', 'create', 'edit', 'delete', 'deletecollection', 'annotate', 'patch', 'label'] },
+    { apiGroups: [''], resources: ['secrets'], verbs: ['create', 'patch', 'delete', 'watch'] },
+    { apiGroups: ['apps'], resources: ['statefulsets', 'deployments'], verbs: ['get', 'list', 'watch', 'describe', 'create', 'edit', 'delete', 'annotate', 'patch', 'label'] },
+    { apiGroups: ['batch'], resources: ['jobs'], verbs: ['get', 'list', 'watch', 'describe', 'create', 'edit', 'delete', 'annotate', 'patch', 'label'] },
+    { apiGroups: ['extensions'], resources: ['ingresses'], verbs: ['get', 'list', 'watch', 'describe', 'create', 'edit', 'delete', 'annotate', 'patch', 'label'] },
+    { apiGroups: ['rbac.authorization.k8s.io'], resources: ['roles', 'rolebindings'], verbs: ['get', 'list', 'watch', 'describe', 'create', 'edit', 'delete', 'deletecollection', 'annotate', 'patch', 'label'] },
   ],
 });
-codeAsset.grantRead(jobRole);
 
-const job = new glue.CfnJob(stack, 'Glue Job', {
-  name: 'My Glue Job',
-  glueVersion: '1.0',
-  command: {
-    name: 'glueetl',
-    pythonVersion: '3',
-    scriptLocation: `s3://${codeAsset.s3BucketName}/${codeAsset.s3ObjectKey}`,
-  },
-  role: jobRole.roleArn,
+const emrRoleBind = eksCluster.addManifest('emrRoleBind', {
+  apiVersion: 'rbac.authorization.k8s.io/v1',
+  kind: 'RoleBinding',
+  metadata: { name: 'emr-containers', namespace: 'default' },
+  subjects: [{ kind: 'User', name: 'emr-containers', apiGroup: 'rbac.authorization.k8s.io' }],
+  roleRef: { kind: 'Role', name: 'emr-containers', apiGroup: 'rbac.authorization.k8s.io' },
 });
 
-const jobTask = new GlueStartJobRun(stack, 'Glue Job Task', {
-  glueJobName: job.name!,
-  integrationPattern: sfn.IntegrationPattern.RUN_JOB,
-  arguments: sfn.TaskInput.fromObject({
-    '--enable-metrics': 'true',
-  }),
+emrRoleBind.node.addDependency(emrRole);
+
+const emrServiceRole = iam.Role.fromRoleArn(stack, 'emrServiceRole', 'arn:aws:iam::'+Aws.ACCOUNT_ID+':role/AWSServiceRoleForAmazonEMRContainers');
+const authMapping: AwsAuthMapping = { groups: [], username: 'emr-containers' };
+eksCluster.awsAuth.addRoleMapping(emrServiceRole, authMapping);
+
+virtualCluster.node.addDependency(emrRoleBind);
+virtualCluster.node.addDependency(eksCluster.awsAuth);
+
+const startJobRunJob = new EmrContainersStartJobRun(stack, 'Start a Job Run', {
+  virtualCluster: VirtualClusterInput.fromVirtualClusterId(virtualCluster.getAtt('Id').toString()),
+  releaseLabel: ReleaseLabel.EMR_6_2_0,
+  jobName: 'EMR-Containers-Job',
+  jobDriver: {
+    sparkSubmitJobDriver: {
+      entryPoint: sfn.TaskInput.fromText('local:///usr/lib/spark/examples/src/main/python/pi.py'),
+      entryPointArguments: sfn.TaskInput.fromObject(['2']),
+      sparkSubmitParameters: '--conf spark.driver.memory=512M --conf spark.kubernetes.driver.request.cores=0.2 --conf spark.kubernetes.executor.request.cores=0.2 --conf spark.sql.shuffle.partitions=60 --conf spark.dynamicAllocation.enabled=false',
+    },
+  },
 });
 
-const startTask = new sfn.Pass(stack, 'Start Task');
-const endTask = new sfn.Pass(stack, 'End Task');
+const chain = sfn.Chain.start(startJobRunJob);
 
-const stateMachine = new sfn.StateMachine(stack, 'State Machine', {
-  definition: sfn.Chain.start(startTask).next(jobTask).next(endTask),
+const sm = new sfn.StateMachine(stack, 'StateMachine', {
+  definition: chain,
+  timeout: cdk.Duration.seconds(1000),
 });
 
-new cdk.CfnOutput(stack, 'State Machine ARN Output', {
-  value: stateMachine.stateMachineArn,
+new cdk.CfnOutput(stack, 'stateMachineArn', {
+  value: sm.stateMachineArn,
 });
 
-new IntegTest(app, 'AwsSfnIntegTest', {
+new integ.IntegTest(app, 'aws-stepfunctions-tasks-emr-containers-start-job-run-integ', {
   testCases: [stack],
-  diffAssets: true,
+  // Test includes assets that are updated weekly. If not disabled, the upgrade PR will fail.
+  diffAssets: false,
+  cdkCommandOptions: {
+    deploy: {
+      args: {
+        rollback: true,
+      },
+    },
+  },
 });
 
 app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/README.md

@@ -87,6 +87,28 @@ const schedule = synthetics.Schedule.cron({
 
 If you want the canary to run just once upon deployment, you can use `Schedule.once()`.
 
+### Automatic Retries
+
+You can configure the canary to automatically retry failed runs by using the `maxRetries` property.
+
+This is only supported on the following runtimes or newer: `Runtime.SYNTHETICS_NODEJS_PUPPETEER_10_0`, `Runtime.SYNTHETICS_NODEJS_PLAYWRIGHT_2_0`, `Runtime.SYNTHETICS_PYTHON_SELENIUM_5_1`.
+
+Max retries can be set between 0 and 2. Canaries which time out after 10 minutes are automatically limited to one retry.
+
+For more information, see [Configuring your canary to retry automatically](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_autoretry.html).
+
+```ts
+const canary = new synthetics.Canary(this, 'MyCanary', {
+  schedule: synthetics.Schedule.rate(Duration.minutes(5)), 
+  test: synthetics.Test.custom({
+    handler: 'canary.handler',
+    code: synthetics.Code.fromAsset(path.join(__dirname, 'canaries')),
+  }),
+  runtime: synthetics.Runtime.SYNTHETICS_PYTHON_SELENIUM_5_1,
+  maxRetries: 2, // The canary run will retry up to 2 times on a failure
+});
+```
+
 ### Active Tracing
 
 You can choose to enable active AWS X-Ray tracing on canaries that use the `syn-nodejs-2.0` or later runtime by setting `activeTracing` to `true`.
@@ -368,3 +390,21 @@ const canary = new synthetics.Canary(this, 'MyCanary', {
 });
 ```
 
+### Tag replication
+
+You can configure a canary to replicate its tags to the underlying Lambda function. This is useful when you want the same tags that are applied to the canary to also be applied to the Lambda function that the canary uses.
+
+```ts
+const canary = new synthetics.Canary(this, 'MyCanary', {
+  schedule: synthetics.Schedule.rate(Duration.minutes(5)),
+  test: synthetics.Test.custom({
+    code: synthetics.Code.fromAsset(path.join(__dirname, 'canary')),
+    handler: 'index.handler',
+  }),
+  runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_7_0,
+  resourcesToReplicateTags: [synthetics.ResourceToReplicateTags.LAMBDA_FUNCTION],
+});
+```
+
+When you specify `ResourceToReplicateTags.LAMBDA_FUNCTION` in the `resourcesToReplicateTags` property, CloudWatch Synthetics will keep the tags of the canary and the Lambda function synchronized. Any future changes you make to the canary's tags will also be applied to the function.
+

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-synthetics/integ.canary-resources-to-replicate-tags.ts

@@ -0,0 +1,36 @@
+import * as path from 'node:path';
+import { App, Duration, Size, Stack, StackProps, Tags } from 'aws-cdk-lib/core';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+import { Construct } from 'constructs';
+import * as synthetics from 'aws-cdk-lib/aws-synthetics';
+
+class TestStack extends Stack {
+  public canary: synthetics.Canary;
+
+  constructor(scope: Construct, id: string, props?: StackProps) {
+    super(scope, id, props);
+
+    this.canary = new synthetics.Canary(this, 'TagReplicationCanary', {
+      canaryName: 'tag-replication',
+      runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_7_0,
+      test: synthetics.Test.custom({
+        handler: 'canary.handler',
+        code: synthetics.Code.fromAsset(path.join(__dirname, 'canaries')),
+      }),
+      memory: Size.mebibytes(1024),
+      timeout: Duration.minutes(3),
+      resourcesToReplicateTags: [synthetics.ResourceToReplicateTags.LAMBDA_FUNCTION],
+    });
+
+    Tags.of(this.canary).add('Environment', 'test');
+    Tags.of(this.canary).add('Owner', 'cdk-team');
+    Tags.of(this.canary).add('Project', 'synthetics-tag-replication');
+  }
+}
+
+const app = new App();
+const testStack = new TestStack(app, 'SyntheticsCanaryResourcesToReplicateTagsStack');
+
+new IntegTest(app, 'SyntheticsCanaryResourcesToReplicateTags', {
+  testCases: [testStack],
+});