PyPI - konokenj.cdk-api-mcp-server - Versions diffs - 0.49.0__py3-none-any.whl → 0.51.0__py3-none-any.whl - Mend

konokenj.cdk-api-mcp-server 0.49.0py3-none-any.whl → 0.51.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of konokenj.cdk-api-mcp-server might be problematic. Click here for more details.

Files changed (68) hide show

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-eks-v2-alpha/README.md CHANGED Viewed

@@ -3,13 +3,13 @@
 ---
-![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge)
+![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge)
-> The APIs of higher level constructs in this module are experimental and under active development.
-> They are subject to non-backward compatible changes or removal in any future version. These are
-> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be
-> announced in the release notes. This means that while you may use them, you may need to update
-> your source code when upgrading to a newer version of this package.
+> The APIs of higher level constructs in this module are in **developer preview** before they
+> become stable. We will only make breaking changes to address unforeseen API issues. Therefore,
+> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes
+> will be announced in release notes. This means that while you may use them, you may need to
+> update your source code when upgrading to a newer version of this package.
 ---
@@ -39,33 +39,88 @@ const cluster = new eks.Cluster(this, 'hello-eks', {
 ## Architecture
-```text
- +-----------------------------------------------+
- | EKS Cluster      | kubectl |  |
- | -----------------|<--------+| Kubectl Handler |
- | AWS::EKS::Cluster             (Optional)      |
- | +--------------------+    +-----------------+ |
- | |                    |    |                 | |
- | | Managed Node Group |    | Fargate Profile | |
- | |                    |    |                 | |
- | +--------------------+    +-----------------+ |
- +-----------------------------------------------+
-    ^
-    | connect self managed capacity
-    +
- +--------------------+
- | Auto Scaling Group |
- +--------------------+
+```text                                             +-----------------+
+                                         kubectl    |                 |
+                                      +------------>| Kubectl Handler |
+                                      |             |   (Optional)    |
+                                      |             +-----------------+
++-------------------------------------+-------------------------------------+
+|                        EKS Cluster (Auto Mode)                            |
+|                          AWS::EKS::Cluster                                |
+|                                                                           |
+|  +---------------------------------------------------------------------+  |
+|  |           Auto Mode Compute (Managed by EKS) (Default)              |  |
+|  |                                                                     |  |
+|  |  - Automatically provisions EC2 instances                           |  |
+|  |  - Auto scaling based on pod requirements                           |  |
+|  |  - No manual node group configuration needed                        |  |
+|  |                                                                     |  |
+|  +---------------------------------------------------------------------+  |
+|                                                                           |
++---------------------------------------------------------------------------+
 ```
 In a nutshell:
-- EKS Cluster - The cluster endpoint created by EKS.
-- Managed Node Group - EC2 worker nodes managed by EKS.
-- Fargate Profile - Fargate worker nodes managed by EKS.
-- Auto Scaling Group - EC2 worker nodes managed by the user.
-- Kubectl Handler (Optional) - Custom resource (i.e Lambda Function) for invoking kubectl commands on the
-  cluster - created by CDK
+- **[Auto Mode](#eks-auto-mode)** (Default) – The fully managed capacity mode in EKS.
+  EKS automatically provisions and scales  EC2 capacity based on pod requirements.
+  It manages internal *system* and *general-purpose* NodePools, handles networking and storage setup, and removes the need for user-managed node groups or Auto Scaling Groups.
+  ```ts
+  const cluster = new eks.Cluster(this, 'AutoModeCluster', {
+    version: eks.KubernetesVersion.V1_33,
+    // Auto Mode is enabled by default
+  });
+  ```
+- **[Managed Node Groups](#managed-node-groups)** – The semi-managed capacity mode.
+  EKS provisions and manages EC2 nodes on your behalf but you configure the instance types, scaling ranges, and update strategy.
+  AWS handles node health, draining, and rolling updates while you retain control over scaling and cost optimization.
+  You can also define *Fargate Profiles* that determine which pods or namespaces run on Fargate infrastructure.
+  ```ts
+  const cluster = new eks.Cluster(this, 'ManagedNodeCluster', {
+    version: eks.KubernetesVersion.V1_33,
+    defaultCapacityType: eks.DefaultCapacityType.NODEGROUP,
+  });
+  // Add a Fargate Profile for specific workloads (e.g., default namespace)
+  cluster.addFargateProfile('FargateProfile', {
+    selectors: [
+      { namespace: 'default' }, // Run pods in 'default' on Fargate
+  ],
+  });
+  ```
+- **[Fargate Mode](#fargate-profiles)** – The Fargate capacity mode.
+  EKS runs your pods directly on AWS Fargate without provisioning EC2 nodes.
+  ```ts
+  const cluster = new eks.FargateCluster(this, 'FargateCluster', {
+    version: eks.KubernetesVersion.V1_33,
+  });
+  ```
+- **[Self-Managed Nodes](#self-managed-capacity)** – The fully manual capacity mode.
+  You create and manage EC2 instances (via an Auto Scaling Group) and connect them to the cluster manually.
+  This provides maximum flexibility for custom AMIs or configurations but also the highest operational overhead.
+  ```ts
+  const cluster = new eks.Cluster(this, 'SelfManagedCluster', {
+    version: eks.KubernetesVersion.V1_33,
+  });
+  // Add self-managed Auto Scaling Group
+  cluster.addAutoScalingGroupCapacity('self-managed-asg', {
+    instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MEDIUM),
+    minCapacity: 1,
+    maxCapacity: 5,
+  });
+  ```
+- **[Kubectl Handler](#kubectl-support) (Optional)** – A Lambda-backed custom resource created by the AWS CDK to execute `kubectl` commands (like `apply` or `patch`) during deployment.
+  Regardless of the capacity mode, this handler may still be created to apply Kubernetes manifests as part of CDK provisioning.
 ## Provisioning cluster
@@ -327,6 +382,38 @@ pods running on Fargate. For ingress, we recommend that you use the [ALB Ingress
 Controller](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html)
 on Amazon EKS (minimum version v1.1.4).
+### Self-managed capacity
+Self-managed capacity gives you the most control over your worker nodes by allowing you to create and manage your own EC2 Auto Scaling Groups. This approach provides maximum flexibility for custom AMIs, instance configurations, and scaling policies, but requires more operational overhead.
+You can add self-managed capacity to any cluster using the `addAutoScalingGroupCapacity` method:
+```ts
+const cluster = new eks.Cluster(this, 'Cluster', {
+  version: eks.KubernetesVersion.V1_33,
+});
+cluster.addAutoScalingGroupCapacity('self-managed-nodes', {
+  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MEDIUM),
+  minCapacity: 1,
+  maxCapacity: 10,
+  desiredCapacity: 3,
+});
+```
+You can specify custom subnets for the Auto Scaling Group:
+```ts
+declare const vpc: ec2.Vpc;
+declare const cluster: eks.Cluster;
+cluster.addAutoScalingGroupCapacity('custom-subnet-nodes', {
+  vpcSubnets: { subnets: vpc.privateSubnets },
+  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MEDIUM),
+  minCapacity: 2,
+});
+```
 ### Endpoint Access
 When you create a new cluster, Amazon EKS creates an endpoint for the managed Kubernetes API server that you use to communicate with your cluster (using Kubernetes management tools such as `kubectl`)

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-msk-alpha/README.md CHANGED Viewed

@@ -23,7 +23,7 @@ The following example creates an MSK Cluster.
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'Cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
 });
 ```
@@ -36,7 +36,7 @@ To control who can access the Cluster, use the `.connections` attribute. For a l
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'Cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
 });
@@ -88,7 +88,7 @@ import * as acmpca from 'aws-cdk-lib/aws-acmpca';
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'Cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   encryptionInTransit: {
     clientBroker: msk.ClientBrokerEncryption.TLS,
@@ -113,7 +113,7 @@ Enable client authentication with [SASL/SCRAM](https://docs.aws.amazon.com/msk/l
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   encryptionInTransit: {
     clientBroker: msk.ClientBrokerEncryption.TLS,
@@ -132,7 +132,7 @@ Enable client authentication with [IAM](https://docs.aws.amazon.com/msk/latest/d
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   encryptionInTransit: {
     clientBroker: msk.ClientBrokerEncryption.TLS,
@@ -155,7 +155,7 @@ import * as acmpca from 'aws-cdk-lib/aws-acmpca';
 declare const vpc: ec2.Vpc;
 const cluster = new msk.Cluster(this, 'Cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   encryptionInTransit: {
     clientBroker: msk.ClientBrokerEncryption.TLS,
@@ -186,7 +186,7 @@ declare const vpc: ec2.Vpc;
 declare const bucket: s3.IBucket;
 const cluster = new msk.Cluster(this, 'cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   logging: {
     s3: {
@@ -226,12 +226,42 @@ declare const bucket: s3.IBucket;
 const cluster = new msk.Cluster(this, 'cluster', {
   clusterName: 'myCluster',
-  kafkaVersion: msk.KafkaVersion.V4_0_X_KRAFT,
+  kafkaVersion: msk.KafkaVersion.V4_1_X_KRAFT,
   vpc,
   storageMode: msk.StorageMode.TIERED,
 });
 ```
+## MSK Express Brokers
+You can create an MSK cluster with Express Brokers by setting the `brokerType` property to `BrokerType.EXPRESS`. Express Brokers are a low-cost option for development, testing, and workloads that don't require the high availability guarantees of standard MSK cluster.
+For more information, see [Amazon MSK Express Brokers](https://docs.aws.amazon.com/msk/latest/developerguide/msk-broker-types-express.html).
+**Note:** When using Express Brokers, the following constraints apply:
+- Apache Kafka version must be 3.6.x or 3.8.x
+- You must specify the `instanceType`
+- The VPC must have at least 3 subnets (across 3 AZs)
+- `ebsStorageInfo` is not supported
+- `storageMode` is not supported
+- `logging` is not supported
+- Supported broker sizes: `m7g.xlarge`, `m7g.2xlarge`, `m7g.4xlarge`, `m7g.8xlarge`, `m7g.12xlarge`, `m7g.16xlarge`
+```ts
+declare const vpc: ec2.Vpc;
+const expressCluster = new msk.Cluster(this, 'ExpressCluster', {
+  clusterName: 'MyExpressCluster',
+  kafkaVersion: msk.KafkaVersion.V3_8_X,
+  vpc,
+  brokerType: msk.BrokerType.EXPRESS,
+  instanceType: ec2.InstanceType.of(
+    ec2.InstanceClass.M7G,
+    ec2.InstanceSize.XLARGE,
+  ),
+});
+```
 ## MSK Serverless
 You can also use MSK Serverless by using `ServerlessCluster` class.

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/mixins-preview/README.md ADDED Viewed

@@ -0,0 +1,16 @@
+# CDK Mixins: Composable Abstractions for AWS Resources
+<!--BEGIN STABILITY BANNER-->
+---
+![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge)
+> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
+---
+<!--END STABILITY BANNER-->
+Implementation of the CDK Mixins proposal.
+See <https://github.com/aws/aws-cdk-rfcs/pull/824> for details.

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.api-with-authorizer-and-proxy.ts CHANGED Viewed

@@ -42,7 +42,7 @@ const sendResource = root.addResource('InitiateAction');
 const myfunc = new lambda.Function(stack, 'lambda-s3', {
   code: lambda.AssetCode.fromAsset(path.join(__dirname, 'assets')),
   handler: 'index.handler',
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
 });
 const sendLambdaIntegration = new agw.LambdaIntegration(myfunc);

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigateway/integ.lambda-api.ts CHANGED Viewed

@@ -19,7 +19,7 @@ class LambdaApiIntegrationOptionsStack extends Stack {
           headers: { 'Content-Type': '*/*' }
         };
       }`),
-      runtime: Runtime.NODEJS_18_X,
+      runtime: Runtime.NODEJS_20_X,
       handler: 'index.handler',
     });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.iam.ts CHANGED Viewed

@@ -19,7 +19,7 @@ const userAccessKey = new iam.AccessKey(stack, 'UserAccess', {
 });
 const handler = new Function(stack, 'auth-function', {
-  runtime: Runtime.NODEJS_18_X,
+  runtime: Runtime.NODEJS_20_X,
   code: Code.fromInline('exports.handler = () => {return true}'),
   handler: 'index.handler',
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.lambda.ts CHANGED Viewed

@@ -20,7 +20,7 @@ const app = new App({
 const stack = new Stack(app, 'AuthorizerInteg');
 const authHandler = new lambda.Function(stack, 'auth-function', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: lambda.Code.fromAsset(path.join(__dirname, '..', 'auth-handler'), { exclude: ['*.ts'] }),
 });
@@ -43,7 +43,7 @@ const httpApiWithDefaultAuthorizer = new HttpApi(stack, 'MyHttpApiWithDefaultAut
 });
 const handler = new lambda.Function(stack, 'lambda', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: lambda.AssetCode.fromAsset(path.join(__dirname, '..', 'integ.lambda.handler'), { exclude: ['*.ts'] }),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.user-pool.ts CHANGED Viewed

@@ -33,7 +33,7 @@ const httpApiWithDefaultAuthorizer = new HttpApi(stack, 'MyHttpApiWithDefaultAut
 });
 const handler = new lambda.Function(stack, 'lambda', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: lambda.AssetCode.fromAsset(path.join(__dirname, '..', 'integ.user-pool.handler'), { exclude: ['*.ts'] }),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.add-subroute-integration.ts CHANGED Viewed

@@ -15,7 +15,7 @@ const httpApi = new HttpApi(stack, 'test-apigwv2-add-subroute-integration');
 // Regular Lambda Function
 const lambdaHandler = new lambda.Function(stack, 'first-lambda-function', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { return { statusCode: 200, body: \'success-hit-first-lambda\' }; };'),
 });
@@ -23,7 +23,7 @@ const lambdaHandlerIntegration = new HttpLambdaIntegration('my-lambda-integratio
 // Lambda created with Function.fromFunctionAttributes()
 const secondLambdaHandler = new lambda.Function(stack, 'second-lambda-function', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { return { statusCode: 200, body: \'success-hit-second-lambda\' }; };'),
 });
@@ -35,8 +35,8 @@ const lambdaFromFunctionAttributesIntegration = new HttpLambdaIntegration('my-re
 // Lambda created with Function.fromFunctionName()
 const thirdLambdaName = 'third-lambda-function';
-new lambda.Function(stack, thirdLambdaName, {
-  runtime: lambda.Runtime.NODEJS_18_X,
+const thirdLambdaFunction = new lambda.Function(stack, thirdLambdaName, {
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { return { statusCode: 200, body: \'success-hit-third-lambda\' }; };'),
   functionName: thirdLambdaName,
@@ -83,6 +83,9 @@ httpApi.addRoutes({
   integration: lambdaFromFunctionNameIntegration,
 });
+httpApi.node.addDependency(secondLambdaHandler);
+httpApi.node.addDependency(thirdLambdaFunction);
 // Integ Test Assertions
 const integ = new IntegTest(app, 'Integ', { testCases: [stack] });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.http-proxy.ts CHANGED Viewed

@@ -29,7 +29,7 @@ new CfnOutput(stack, 'Endpoint', {
 function lambdaProxyEndpoint(s: Stack): HttpApi {
   const handler = new lambda.Function(s, 'AlwaysSuccess', {
-    runtime: lambda.Runtime.NODEJS_18_X,
+    runtime: lambda.Runtime.NODEJS_20_X,
     handler: 'index.handler',
     code: new lambda.InlineCode('exports.handler = async function(event, context) { return { statusCode: 200, body: "success" }; };'),
   });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-proxy.ts CHANGED Viewed

@@ -17,7 +17,7 @@ const app = new App({
 const stack = new Stack(app, 'integ-lambda-proxy');
 const handler = new lambda.Function(stack, 'AlwaysSuccess', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { return { statusCode: 200, body: "success" }; };'),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda.ts CHANGED Viewed

@@ -19,25 +19,25 @@ const app = new App({
 const stack = new Stack(app, 'WebSocketApiInteg');
 const connectHandler = new lambda.Function(stack, 'ConnectHandler', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { console.log(event); return { statusCode: 200, body: "connected" }; };'),
 });
 const disconnetHandler = new lambda.Function(stack, 'DisconnectHandler', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { console.log(event); return { statusCode: 200, body: "disconnected" }; };'),
 });
 const defaultHandler = new lambda.Function(stack, 'DefaultHandler', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { console.log(event); return { statusCode: 200, body: "default" }; };'),
 });
 const messageHandler = new lambda.Function(stack, 'MessageHandler', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: new lambda.InlineCode('exports.handler = async function(event, context) { console.log(event); return { statusCode: 200, body: "received" }; };'),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.graphql-lambda-permission.ts CHANGED Viewed

@@ -16,7 +16,7 @@ const app = new cdk.App({
 const stack = new cdk.Stack(app, 'aws-graphql-lambda-permissions');
 const authorizer = new lambda.Function(stack, 'AuthorizerFunction', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   code: lambda.Code.fromInline(`
         exports.handler = async (event) => {
           console.log("Authorization event:", JSON.stringify(event));

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-appsync/integ.js-resolver.ts CHANGED Viewed

@@ -64,7 +64,7 @@ const integ = new IntegTest(app, 'JsResolverIntegTest', { testCases: [stack] });
 const invoke = new lambda.Function(stack, 'InvokeApi', {
   code: lambda.Code.fromAsset(path.join(__dirname, 'integ-assets', 'js-resolver-assertion')),
   handler: 'index.handler',
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
 });
 const addTestInvoke = integ.assertions.invokeFunction({

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-node-18.ts CHANGED Viewed

@@ -21,7 +21,7 @@ class TestStack extends Stack {
     const serviceToken = CustomResourceProvider.getOrCreate(this, resourceType, {
       codeDirectory: `${__dirname}/core-custom-resource-provider-fixture`,
-      runtime: CustomResourceProviderRuntime.NODEJS_18_X,
+      runtime: CustomResourceProviderRuntime.NODEJS_20_X,
       description: 'veni vidi vici',
     });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudformation/integ.core-custom-resources-service-timeout.ts CHANGED Viewed

@@ -16,7 +16,7 @@ class TestStack extends Stack {
     const serviceToken = CustomResourceProvider.getOrCreate(this, resourceType, {
       codeDirectory: `${__dirname}/core-custom-resource-provider-fixture`,
-      runtime: CustomResourceProviderRuntime.NODEJS_18_X,
+      runtime: CustomResourceProviderRuntime.NODEJS_20_X,
       description: 'veni vidi vici',
     });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudfront-origins/integ.origin-response-completion-timeout.ts CHANGED Viewed

@@ -13,7 +13,7 @@ const httpOrigin = new origins.HttpOrigin('example.com', {
 });
 const fn = new lambda.Function(stack, 'Function', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'index.handler',
   code: lambda.Code.fromInline('exports.handler = async () => ({ statusCode: 200, body: "Hello from Lambda!" });'),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cloudtrail/integ.cloudtrail-data-events-only.ts CHANGED Viewed

@@ -13,7 +13,7 @@ const stack = new cdk.Stack(app, 'integ-cloudtrail-data-events');
 const bucket = new s3.Bucket(stack, 'Bucket', { removalPolicy: cdk.RemovalPolicy.DESTROY });
 const lambdaFunction = new lambda.Function(stack, 'LambdaFunction', {
-  runtime: lambda.Runtime.NODEJS_18_X,
+  runtime: lambda.Runtime.NODEJS_20_X,
   handler: 'hello.handler',
   code: lambda.Code.fromInline('exports.handler = {}'),
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codepipeline-actions/integ.pipeline-elastic-beanstalk-deploy.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import * as iam from 'aws-cdk-lib/aws-iam';
 import { IManagedPolicy, ManagedPolicyReference } from 'aws-cdk-lib/aws-iam';
 import * as s3 from 'aws-cdk-lib/aws-s3';
 import * as deploy from 'aws-cdk-lib/aws-s3-deployment';
-import { App, Fn, RemovalPolicy, Stack, UnscopedValidationError } from 'aws-cdk-lib';
+import { App, Fn, RemovalPolicy, ResourceEnvironment, Stack, UnscopedValidationError } from 'aws-cdk-lib';
 import * as integ from '@aws-cdk/integ-tests-alpha';
 import * as cpactions from 'aws-cdk-lib/aws-codepipeline-actions';
 import { Node } from 'constructs';
@@ -56,6 +56,9 @@ function makePolicy(arn: string): IManagedPolicy {
     get node(): Node {
       throw new UnscopedValidationError('The result of fromAwsManagedPolicyName can not be used in this API');
     },
+    get env(): ResourceEnvironment {
+      throw new UnscopedValidationError('The result of fromAwsManagedPolicyName can not be used in this API');
+    },
   };
 }

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/README.md CHANGED Viewed

@@ -816,6 +816,59 @@ Using `resourcePolicy` you can add a [resource policy](https://docs.aws.amazon.c
     });
 ```
+### Adding Resource Policy Statements Dynamically
+You can also add resource policy statements to a table after it's created using the `addToResourcePolicy` method. Following the same pattern as KMS, resource policies use wildcard resources to avoid circular dependencies:
+```ts
+const table = new dynamodb.TableV2(this, 'Table', {
+  partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
+});
+// Standard resource policy (recommended approach)
+table.addToResourcePolicy(new iam.PolicyStatement({
+  actions: ['dynamodb:GetItem', 'dynamodb:PutItem', 'dynamodb:Query'],
+  principals: [new iam.AccountRootPrincipal()],
+  resources: ['*'], // Wildcard avoids circular dependency - same pattern as KMS
+}));
+// Allow specific service access
+table.addToResourcePolicy(new iam.PolicyStatement({
+  actions: ['dynamodb:Query'],
+  principals: [new iam.ServicePrincipal('lambda.amazonaws.com')],
+  resources: ['*'],
+}));
+```
+#### Scoped Resource Policies (Advanced)
+For scoped resource policies that reference specific table ARNs, you must specify an explicit table name:
+```ts
+import { Fn } from 'aws-cdk-lib';
+// Table with explicit name enables scoped resource policies
+const table = new dynamodb.TableV2(this, 'Table', {
+  tableName: 'my-explicit-table-name', // Required for scoped resources
+  partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
+});
+// Now you can use scoped resources
+table.addToResourcePolicy(new iam.PolicyStatement({
+  actions: ['dynamodb:GetItem'],
+  principals: [new iam.AccountRootPrincipal()],
+  resources: [
+    Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/my-explicit-table-name'),
+    Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/my-explicit-table-name/index/*'),
+  ],
+}));
+```
+**Important Limitations:**
+- **Auto-generated table names**: Must use `resources: ['*']` to avoid circular dependencies
+- **Explicit table names**: Enable scoped resources but lose CDK's automatic naming benefits
+- **CloudFormation constraint**: Resource policies cannot reference the resource they're attached to during creation
 TableV2 doesn’t support creating a replica and adding a resource-based policy to that replica in the same stack update in Regions other than the Region where you deploy the stack update.
 To incorporate a resource-based policy into a replica, you'll need to initially deploy the replica without the policy, followed by a subsequent update to include the desired policy.

konokenj.cdk-api-mcp-server 0.49.0__py3-none-any.whl → 0.51.0__py3-none-any.whl

Potentially problematic release.

konokenj.cdk-api-mcp-server 0.49.0py3-none-any.whl → 0.51.0py3-none-any.whl