PyPI - konokenj.cdk-api-mcp-server - Versions diffs - 0.48.0__py3-none-any.whl → 0.50.0__py3-none-any.whl - Mend

konokenj.cdk-api-mcp-server 0.48.0py3-none-any.whl → 0.50.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of konokenj.cdk-api-mcp-server might be problematic. Click here for more details.

Files changed (79) hide show

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/README.md CHANGED Viewed

@@ -479,7 +479,7 @@ const metric = new cloudwatch.Metric({
   namespace: 'AWS/EC2',
   metricName: 'CPUUtilization',
   statistic: 'Average',
-  period: Duration.minutes(5),
+  period: Duration.hours(1), // Alarm will use the metric's period
 });
 // Create an anomaly detection alarm

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudwatch/integ.anomaly-detection-alarm.ts CHANGED Viewed

@@ -5,12 +5,19 @@ import { Metric, ComparisonOperator, AnomalyDetectionAlarm, Alarm } from 'aws-cd
 const app = new App();
 const stack = new Stack(app, 'AnomalyDetectionAlarmTestStack');
-// Create the test metric
+// Create the test metric. Period will default to 300 seconds.
 const metric = new Metric({
   namespace: 'AWS/EC2',
   metricName: 'CPUUtilization',
   statistic: 'Average',
-  period: Duration.minutes(5),
+});
+// Create test metric with custom period
+const customPeriodMetric = new Metric({
+  namespace: 'AWS/EC2',
+  metricName: 'CPUUtilization',
+  statistic: 'Average',
+  period: Duration.days(1),
 });
 // Create an anomaly detection alarm with default operator
@@ -40,6 +47,14 @@ const descriptiveAlarm = Metric.anomalyDetectionFor({
   comparisonOperator: ComparisonOperator.GREATER_THAN_UPPER_THRESHOLD,
 });
+// Create an anomaly detection alarm with custom period
+const customPeriodAlarm = new AnomalyDetectionAlarm(stack, 'CustomPeriodAnomalyAlarm', {
+  metric: customPeriodMetric,
+  stdDevs: 2,
+  evaluationPeriods: 1,
+  comparisonOperator: ComparisonOperator.LESS_THAN_LOWER_OR_GREATER_THAN_UPPER_THRESHOLD,
+});
 // Create the integration test
 const integ = new IntegTest(app, 'AnomalyDetectionAlarmIntegTest', {
   testCases: [stack],
@@ -122,3 +137,30 @@ integ.assertions
       }),
     ]),
   }));
+integ.assertions
+  .awsApiCall('CloudWatch', 'describeAlarms', {
+    AlarmNames: [customPeriodAlarm.alarmName],
+  })
+  .expect(ExpectedResult.objectLike({
+    MetricAlarms: Match.arrayWith([
+      Match.objectLike({
+        ComparisonOperator: 'LessThanLowerOrGreaterThanUpperThreshold',
+        EvaluationPeriods: 1,
+        ThresholdMetricId: 'expr_1',
+        Metrics: Match.arrayWith([
+          Match.objectLike({
+            Expression: 'ANOMALY_DETECTION_BAND(m0, 2)',
+            Id: 'expr_1',
+            ReturnData: true,
+          }),
+          Match.objectLike({
+            Id: 'm0',
+            MetricStat: Match.objectLike({
+              Period: 86400, // 1 day in seconds, orignal metric period got overriden
+            }),
+          }),
+        ]),
+      }),
+    ]),
+  }));

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/README.md CHANGED Viewed

@@ -1306,6 +1306,21 @@ const endpoint = vpc.addClientVpnEndpoint('Endpoint', {
 });
 ```
+To control whether clients are automatically disconnected when the maximum session duration is reached, use the `disconnectOnSessionTimeout` prop.
+By default (`true`), clients are disconnected and must manually reconnect.
+Set to `false` to allow automatic reconnection attempts:
+```ts fixture=client-vpn
+const endpoint = vpc.addClientVpnEndpoint('Endpoint', {
+  cidr: '10.100.0.0/16',
+  serverCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id',
+  clientCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/client-certificate-id',
+  disconnectOnSessionTimeout: false, // Allow automatic reconnection attempts
+});
+```
+Detail information about maximum VPN session duration timeout can be found in the [AWS documentation](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-max-duration.html).
 ## Instances
 You can use the `Instance` class to start up a single EC2 instance. For production setups, we recommend

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/integ.client-vpn-endpoint-disconnect-on-session-timeout.ts ADDED Viewed

@@ -0,0 +1,65 @@
+import { App, RemovalPolicy, Stack, StackProps, UnscopedValidationError } from 'aws-cdk-lib';
+import * as acm from 'aws-cdk-lib/aws-certificatemanager';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as logs from 'aws-cdk-lib/aws-logs';
+import * as route53 from 'aws-cdk-lib/aws-route53';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+import { Construct } from 'constructs';
+/**
+ * In order to test this you need to have a valid public hosted zone that you can use
+ * to validate the domain identity.
+ */
+const hostedZoneId = process.env.CDK_INTEG_HOSTED_ZONE_ID ?? process.env.HOSTED_ZONE_ID;
+if (!hostedZoneId) throw new UnscopedValidationError('For this test you must provide your own HostedZoneId as an env var "HOSTED_ZONE_ID". See framework-integ/README.md for details.');
+const hostedZoneName = process.env.CDK_INTEG_HOSTED_ZONE_NAME ?? process.env.HOSTED_ZONE_NAME;
+if (!hostedZoneName) throw new UnscopedValidationError('For this test you must provide your own HostedZoneName as an env var "HOSTED_ZONE_NAME". See framework-integ/README.md for details.');
+interface TestStackProps extends StackProps {
+  hostedZoneId: string;
+  hostedZoneName: string;
+}
+class TestStack extends Stack {
+  constructor(scope: Construct, id: string, props: TestStackProps) {
+    super(scope, id, props);
+    const hostedZone = route53.PublicHostedZone.fromHostedZoneAttributes(this, 'HostedZone', {
+      hostedZoneId: props.hostedZoneId,
+      zoneName: props.hostedZoneName,
+    });
+    const serverCertificate = new acm.Certificate(this, 'Certificate', {
+      domainName: `server.${props.hostedZoneName}`,
+      validation: acm.CertificateValidation.fromDns(hostedZone),
+    });
+    const clientCertificate = new acm.Certificate(this, 'ClientCertificate', {
+      domainName: `client.${props.hostedZoneName}`,
+      validation: acm.CertificateValidation.fromDns(hostedZone),
+    });
+    const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 2, natGateways: 0 });
+    const logGroup = new logs.LogGroup(this, 'LogGroup', {
+      removalPolicy: RemovalPolicy.DESTROY,
+    });
+    vpc.addClientVpnEndpoint('Endpoint', {
+      cidr: '10.100.0.0/16',
+      serverCertificateArn: serverCertificate.certificateArn,
+      clientCertificateArn: clientCertificate.certificateArn,
+      logGroup,
+      disconnectOnSessionTimeout: false,
+    });
+  }
+}
+const app = new App();
+new IntegTest(app, 'client-vpn-endpoint-integ', {
+  testCases: [
+    new TestStack(app, 'client-vpn-endpoint-stack', {
+      hostedZoneId,
+      hostedZoneName,
+    }),
+  ],
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/README.md CHANGED Viewed

@@ -121,12 +121,51 @@ By using these methods, you can grant specific operational permissions on the EC
 ### Image tag immutability
-You can set tag immutability on images in our repository using the `imageTagMutability` construct prop.
+You can set tag immutability on images in your repository using the `imageTagMutability` construct prop.
 ```ts
 new ecr.Repository(this, 'Repo', { imageTagMutability: ecr.TagMutability.IMMUTABLE });
 ```
+#### Image tag mutability with exclusion filters
+ECR supports more granular control over image tag mutability by allowing you to specify exclusion filters. This enables you to make your repository immutable while allowing specific tag patterns to remain mutable (or vice versa).
+There are two new mutability options that work with exclusion filters:
+- `MUTABLE_WITH_EXCLUSION`: Tags are mutable by default, except those matching the exclusion filters
+- `IMMUTABLE_WITH_EXCLUSION`: Tags are immutable by default, except those matching the exclusion filters
+Use `ImageTagMutabilityExclusionFilter.wildcard()` to create filters with wildcard patterns:
+```ts
+// Make all tags immutable except for those starting with 'dev-' or 'test-'
+new ecr.Repository(this, 'Repo', {
+  imageTagMutability: ecr.TagMutability.IMMUTABLE_WITH_EXCLUSION,
+  imageTagMutabilityExclusionFilters: [
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('dev-*'),
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('test-*'),
+  ],
+});
+```
+```ts
+// Make all tags mutable except for production releases
+new ecr.Repository(this, 'Repo', {
+  imageTagMutability: ecr.TagMutability.MUTABLE_WITH_EXCLUSION,
+  imageTagMutabilityExclusionFilters: [
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('prod-*'),
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('release-v*'),
+  ],
+});
+```
+##### Exclusion filter pattern rules
+- Patterns can contain alphanumeric characters, dots (.), underscores (_), hyphens (-), and asterisks (*) as wildcards
+- Maximum pattern length is 128 characters
+- You can specify up to 5 exclusion filters per repository
 ### Encryption
 By default, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. For more control over the encryption for your Amazon ECR repositories, you can use server-side encryption with KMS keys stored in AWS Key Management Service (AWS KMS). Read more about this feature in the [ECR Developer Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html).

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/integ.tag-mutability-exclusion.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import * as cdk from 'aws-cdk-lib';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+import * as ecr from 'aws-cdk-lib/aws-ecr';
+const app = new cdk.App();
+const stack = new cdk.Stack(app, 'aws-ecr-tag-mutability-exclusion-stack');
+new ecr.Repository(stack, 'ImmutableRepoWithExclusions', {
+  imageTagMutability: ecr.TagMutability.IMMUTABLE_WITH_EXCLUSION,
+  imageTagMutabilityExclusionFilters: [
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('dev-*'),
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('test-*'),
+  ],
+  removalPolicy: cdk.RemovalPolicy.DESTROY,
+  emptyOnDelete: true,
+});
+new ecr.Repository(stack, 'MutableRepoWithExclusions', {
+  imageTagMutability: ecr.TagMutability.MUTABLE_WITH_EXCLUSION,
+  imageTagMutabilityExclusionFilters: [
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('prod-*'),
+    ecr.ImageTagMutabilityExclusionFilter.wildcard('release-v*'),
+  ],
+  removalPolicy: cdk.RemovalPolicy.DESTROY,
+  emptyOnDelete: true,
+});
+new IntegTest(app, 'cdk-ecr-tag-mutability-exclusion-test', {
+  testCases: [stack],
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/README.md CHANGED Viewed

@@ -1687,6 +1687,9 @@ const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(this, 'MICap
   propagateTags: ecs.PropagateManagedInstancesTags.CAPACITY_PROVIDER,
 });
+// Optionally configure security group rules using IConnectable interface
+miCapacityProvider.connections.allowFrom(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Port.tcp(80));
 // Add the capacity provider to the cluster
 cluster.addManagedInstancesCapacityProvider(miCapacityProvider);

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-capacity-provider.ts CHANGED Viewed

@@ -24,7 +24,7 @@ const infrastructureRole = new iam.Role(stack, 'InfrastructureRole', {
   roleName: 'AmazonECSInfrastructureRoleForOmakase',
   assumedBy: new iam.ServicePrincipal('ecs.amazonaws.com'),
   managedPolicies: [
-    iam.ManagedPolicy.fromAwsManagedPolicyName('AdministratorAccess'),
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInfrastructureRolePolicyForManagedInstances'),
   ],
 });
@@ -32,7 +32,7 @@ const instanceRole = new iam.Role(stack, 'InstanceRole', {
   roleName: 'AmazonECSInstanceRoleForOmakase',
   assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),
   managedPolicies: [
-    iam.ManagedPolicy.fromAwsManagedPolicyName('AdministratorAccess'),
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInstanceRolePolicyForManagedInstances'),
   ],
 });
@@ -63,6 +63,9 @@ const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(stack, 'Mana
   },
 });
+// Configure security group rules using IConnectable interface
+miCapacityProvider.connections.allowFrom(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Port.tcp(80));
 // Add FMI capacity provider to cluster
 cluster.addManagedInstancesCapacityProvider(miCapacityProvider);
 cluster.addDefaultCapacityProviderStrategy([
@@ -106,7 +109,6 @@ new ecs.FargateService(stack, 'ManagedInstancesService', {
 new integ.IntegTest(app, 'ManagedInstancesCapacityProviders', {
   testCases: [stack],
-  regions: ['us-west-2'],
 });
 app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/integ.managedinstances-no-default-capacity-provider.ts ADDED Viewed

@@ -0,0 +1,107 @@
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as iam from 'aws-cdk-lib/aws-iam';
+import * as cdk from 'aws-cdk-lib';
+import * as ecs from 'aws-cdk-lib/aws-ecs';
+import * as integ from '@aws-cdk/integ-tests-alpha';
+const app = new cdk.App({
+  postCliContext: {
+    '@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm': true,
+    '@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature': false,
+    '@aws-cdk/aws-ecs:disableEcsImdsBlocking': false,
+  },
+});
+const stack = new cdk.Stack(app, 'integ-managedinstances-no-default-capacity-provider');
+const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false });
+const cluster = new ecs.Cluster(stack, 'ManagedInstancesCluster', {
+  vpc,
+});
+// Create IAM roles required for FMI following Omakase specifications
+const infrastructureRole = new iam.Role(stack, 'InfrastructureRole', {
+  roleName: 'InfrastructureRole',
+  assumedBy: new iam.ServicePrincipal('ecs.amazonaws.com'),
+  managedPolicies: [
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInfrastructureRolePolicyForManagedInstances'),
+  ],
+});
+const instanceRole = new iam.Role(stack, 'InstanceRole', {
+  roleName: 'InstanceRole',
+  assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),
+  managedPolicies: [
+    iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInstanceRolePolicyForManagedInstances'),
+  ],
+});
+infrastructureRole.grantPassRole(instanceRole);
+const instanceProfile = new iam.InstanceProfile(stack, 'InstanceProfile', {
+  instanceProfileName: 'InstanceProfile',
+  role: instanceRole,
+});
+// Create a security group for FMI instances
+const fmiSecurityGroup = new ec2.SecurityGroup(stack, 'ManagedInstancesSecurityGroup', {
+  vpc,
+  description: 'Security group for ManagedInstances capacity provider instances',
+  allowAllOutbound: true,
+});
+// Create MI Capacity Provider
+const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(stack, 'ManagedInstancesCapacityProvider', {
+  infrastructureRole: infrastructureRole,
+  ec2InstanceProfile: instanceProfile,
+  subnets: vpc.privateSubnets,
+  securityGroups: [fmiSecurityGroup],
+  propagateTags: ecs.PropagateManagedInstancesTags.CAPACITY_PROVIDER,
+  instanceRequirements: {
+    vCpuCountMin: 1,
+    memoryMin: cdk.Size.gibibytes(2),
+    cpuManufacturers: [ec2.CpuManufacturer.INTEL],
+    acceleratorManufacturers: [ec2.AcceleratorManufacturer.NVIDIA],
+  },
+});
+// Add FMI capacity provider to cluster
+cluster.addManagedInstancesCapacityProvider(miCapacityProvider);
+// Create a task definition compatible with Managed Instances and Fargate
+const taskDefinition = new ecs.TaskDefinition(stack, 'TaskDef', {
+  compatibility: ecs.Compatibility.FARGATE_AND_MANAGED_INSTANCES,
+  cpu: '256',
+  memoryMiB: '512',
+  networkMode: ecs.NetworkMode.AWS_VPC,
+});
+taskDefinition.addContainer('web', {
+  image: ecs.ContainerImage.fromRegistry('public.ecr.aws/docker/library/httpd:2.4'),
+  memoryLimitMiB: 512,
+  portMappings: [
+    {
+      containerPort: 80,
+      protocol: ecs.Protocol.TCP,
+    },
+  ],
+});
+// Create a service using the MI capacity provider
+new ecs.FargateService(stack, 'ManagedInstancesService', {
+  cluster,
+  taskDefinition,
+  capacityProviderStrategies: [
+    {
+      capacityProvider: miCapacityProvider.capacityProviderName,
+      weight: 1,
+    },
+  ],
+  desiredCount: 1,
+});
+new integ.IntegTest(app, 'ManagedInstancesCapacityProviders', {
+  testCases: [stack],
+  regions: ['us-west-2'],
+});
+app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs-patterns/integ.alb-fargate-service-public-private-switch.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as ecs from 'aws-cdk-lib/aws-ecs';
+import * as cdk from 'aws-cdk-lib';
+import * as integ from '@aws-cdk/integ-tests-alpha';
+import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns';
+const app = new cdk.App();
+const stack = new cdk.Stack(app, 'aws-ecs-integ-alb-fargate-public-private-switch');
+const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false });
+const cluster = new ecs.Cluster(stack, 'FargateCluster', { vpc });
+// Test private load balancer (the problematic case from the issue)
+new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PrivateALBFargateService', {
+  cluster,
+  memoryLimitMiB: 1024,
+  cpu: 512,
+  publicLoadBalancer: false, // This should create ECSPrivate target group
+  taskImageOptions: {
+    image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
+  },
+});
+// Test public load balancer for comparison
+new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PublicALBFargateService', {
+  cluster,
+  memoryLimitMiB: 1024,
+  cpu: 512,
+  publicLoadBalancer: true, // This should create ECS target group
+  taskImageOptions: {
+    image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
+  },
+});
+new integ.IntegTest(app, 'ALBFargatePublicPrivateSwitchTest', {
+  testCases: [stack],
+  allowDestroy: [
+    'PrivateALBFargateServiceLB3F43693F',
+    'PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B',
+    'PublicALBFargateServiceLBBDD839E7',
+    'PublicALBFargateServiceLBPublicListenerECSGroupD991EA00',
+  ],
+});
+app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/README.md CHANGED Viewed

@@ -147,6 +147,26 @@ new eks.Cluster(this, 'HelloEKS', {
 });
 ```
+You can control what happens to the resources created by the cluster construct when they are no longer managed by CloudFormation by specifying a `removalPolicy`.
+This can happen in one of three situations:
+- The resource is removed from the template, so CloudFormation stops managing it;
+- A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it;
+- The stack is deleted, so CloudFormation stops managing all resources in it.
+This affects the EKS cluster itself, the custom resource that created the cluster, associated IAM roles, node groups, security groups, VPC and any other CloudFormation resources managed by this construct.
+```ts
+import { KubectlV33Layer } from '@aws-cdk/lambda-layer-kubectl-v33';
+import * as core from 'aws-cdk-lib/core';
+new eks.Cluster(this, 'HelloEKS', {
+  version: eks.KubernetesVersion.V1_33,
+  kubectlLayer: new KubectlV33Layer(this, 'kubectl'),
+  removalPolicy: core.RemovalPolicy.RETAIN, // Keep all resources created by the construct.
+});
+```
 You can also use `FargateCluster` to provision a cluster that uses only fargate workers.
 ```ts

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-eks/integ.eks-cluster-removal-policy.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/// !cdk-integ pragma:disable-update-workflow
+import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib';
+import * as integ from '@aws-cdk/integ-tests-alpha';
+import { getClusterVersionConfig } from './integ-tests-kubernetes-version';
+import * as eks from 'aws-cdk-lib/aws-eks';
+/**
+ * This test just checks that all resources can be deployed with a removal policy.
+ * We use the DESTROY policy here to avoid leaving orphaned resources behind, but if it works for DESTROY, it should work for other values as well.
+ */
+class EksClusterRemovalPolicyStack extends Stack {
+  constructor(scope: App, id: string, props?: StackProps) {
+    super(scope, id, props);
+    new eks.Cluster(this, 'Cluster', {
+      ...getClusterVersionConfig(this, eks.KubernetesVersion.V1_32),
+      removalPolicy: RemovalPolicy.DESTROY,
+    });
+  }
+}
+const app = new App();
+const stack = new EksClusterRemovalPolicyStack(app, 'EksClusterRemovalPolicyStack');
+new integ.IntegTest(app, 'eks-cluster-removal-policy-integ', {
+  testCases: [stack],
+  diffAssets: false,
+});
+app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb-lambda-multi-value-headers.ts CHANGED Viewed

@@ -19,7 +19,7 @@ const vpc = new ec2.Vpc(stack, 'VPC', {
 });
 const fn = new lambda.Function(stack, 'Function', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: lambda.Code.fromInline(`
     exports.handler = async (event) => {

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2/integ.alb.oidc.ts CHANGED Viewed

@@ -186,7 +186,7 @@ const signinFunction = new lambda.Function(testCase, 'Signin', {
   functionName: 'cdk-integ-alb-oidc-signin-handler',
   code: lambda.Code.fromAsset('alb-oidc-signin-handler', { exclude: ['*.ts'] }),
   handler: 'index.handler',
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   environment: {
     TEST_USERNAME: testUser.username,
     TEST_PASSWORD: testUser.password,

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-elasticloadbalancingv2-actions/integ.cognito.ts CHANGED Viewed

@@ -206,7 +206,7 @@ const signinFunction = new lambda.Function(testCase, 'Signin', {
   functionName: 'cdk-integ-alb-cognito-signin-handler',
   code: lambda.Code.fromAsset('alb-cognito-signin-handler', { exclude: ['*.ts'] }),
   handler: 'index.handler',
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   environment: {
     TEST_USERNAME: testUser.username,
     TEST_PASSWORD: testUser.password,

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/README.md CHANGED Viewed

@@ -15,6 +15,7 @@ intake and aggregation.
     - [Write Permissions](#write-permissions)
     - [Custom Permissions](#custom-permissions)
   - [Metrics](#metrics)
+    - [Shard-level Metrics](#shard-level-metrics)
 - [Stream Consumers](#stream-consumers)
   - [Read Permissions](#read-permissions-1)
 - [Resource Policy](#resource-policy)
@@ -191,6 +192,47 @@ stream.metricGetRecordsSuccess();
 stream.metricGetRecordsSuccess({ statistic: 'Maximum' });
 ```
+#### Shard-level Metrics
+You can enable enhanced shard-level metrics for your Kinesis stream to get detailed monitoring of individual shards. Shard-level metrics provide more granular insights into the performance and health of your stream.
+```ts
+const stream = new kinesis.Stream(this, 'MyStream', {
+  shardLevelMetrics: [kinesis.ShardLevelMetrics.ALL],
+});
+```
+You can also specify individual metrics that you want to monitor:
+```ts
+const stream = new kinesis.Stream(this, 'MyStream', {
+  shardLevelMetrics: [
+    kinesis.ShardLevelMetrics.INCOMING_BYTES,
+    kinesis.ShardLevelMetrics.INCOMING_RECORDS,
+    kinesis.ShardLevelMetrics.ITERATOR_AGE_MILLISECONDS,
+    kinesis.ShardLevelMetrics.OUTGOING_BYTES,
+    kinesis.ShardLevelMetrics.OUTGOING_RECORDS,
+    kinesis.ShardLevelMetrics.READ_PROVISIONED_THROUGHPUT_EXCEEDED,
+    kinesis.ShardLevelMetrics.WRITE_PROVISIONED_THROUGHPUT_EXCEEDED,
+  ],
+});
+```
+Available shard-level metrics include:
+- `INCOMING_BYTES` - The number of bytes successfully put to the shard
+- `INCOMING_RECORDS` - The number of records successfully put to the shard
+- `ITERATOR_AGE_MILLISECONDS` - The age of the last record in all GetRecords calls made against a shard
+- `OUTGOING_BYTES` - The number of bytes retrieved from the shard
+- `OUTGOING_RECORDS` - The number of records retrieved from the shard
+- `READ_PROVISIONED_THROUGHPUT_EXCEEDED` - The number of GetRecords calls throttled for the shard
+- `WRITE_PROVISIONED_THROUGHPUT_EXCEEDED` - The number of records rejected due to throttling for the shard
+- `ALL` - All available metrics
+Note: You cannot specify `ALL` together with other individual metrics. If you want all metrics, use `ALL` alone.
+For more information about shard-level metrics, see [Monitoring the Amazon Kinesis Data Streams Service with Amazon CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html#kinesis-metrics-shard).
 ## Stream Consumers
 Creating stream consumers allow consumers to receive data from the stream using enhanced fan-out at a rate of up to 2 MiB per second for every shard.

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-kinesis/integ.stream-shard-level-monitoring.ts ADDED Viewed

@@ -0,0 +1,47 @@
+import { App, Stack, RemovalPolicies } from 'aws-cdk-lib';
+import * as kinesis from 'aws-cdk-lib/aws-kinesis';
+import { ExpectedResult, IntegTest } from '@aws-cdk/integ-tests-alpha';
+const app = new App();
+const stack = new Stack(app, 'kinesis-stream-shard-level-monitoring-stack');
+const explicitStream = new kinesis.Stream(stack, 'ExplicitStream', {
+  shardLevelMetrics: [
+    kinesis.ShardLevelMetrics.INCOMING_BYTES,
+    kinesis.ShardLevelMetrics.INCOMING_RECORDS,
+    kinesis.ShardLevelMetrics.ITERATOR_AGE_MILLISECONDS,
+    kinesis.ShardLevelMetrics.OUTGOING_BYTES,
+    kinesis.ShardLevelMetrics.OUTGOING_RECORDS,
+    kinesis.ShardLevelMetrics.WRITE_PROVISIONED_THROUGHPUT_EXCEEDED,
+    kinesis.ShardLevelMetrics.READ_PROVISIONED_THROUGHPUT_EXCEEDED,
+  ],
+});
+const allStream = new kinesis.Stream(stack, 'AllStream', {
+  shardLevelMetrics: [kinesis.ShardLevelMetrics.ALL],
+});
+RemovalPolicies.of(stack).destroy();
+const integ = new IntegTest(app, 'integ-kinesis-stream-consumer', {
+  testCases: [stack],
+});
+const streams = [explicitStream, allStream];
+streams.forEach((stream) => {
+  integ.assertions.awsApiCall('Kinesis', 'describeStream', {
+    StreamName: stream.streamName,
+  }).expect(ExpectedResult.objectLike({
+    StreamDescription: {
+      ShardLevelMetrics: [
+        'IncomingBytes',
+        'IncomingRecords',
+        'IteratorAgeMilliseconds',
+        'OutgoingBytes',
+        'OutgoingRecords',
+        'WriteProvisionedThroughputExceeded',
+        'ReadProvisionedThroughputExceeded',
+      ],
+    },
+  }));
+});

konokenj.cdk-api-mcp-server 0.48.0__py3-none-any.whl → 0.50.0__py3-none-any.whl

Potentially problematic release.

konokenj.cdk-api-mcp-server 0.48.0py3-none-any.whl → 0.50.0py3-none-any.whl