feat(rds): support certificate autority certificate (#26883)

Exposes the `caCertificateIdentifier` property for an RDS instance to allow specifying a custom CA identifier using the `CertificateIdentifier` enum. Usage: ``` newDatabaseInstance(stack, 'Instance', { engine:DatabaseInstanceEngine.mysql({ version: rds.MysqlEngineVersion.VER_8_0_30 }), instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL), vpc, caCertificate: CaCertificate.RDS_CA_RSA2048_G1, }); ``` Closes #26865. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Aug 28, 2023 · 4fd510e · 4fd510e
1 parent 9329790
commit 4fd510e
Show file tree

Hide file tree

Showing 13 changed files with 1,880 additions and 1 deletion.
diff --git a/...tificate.js.snapshot/InstanceCACertificateTestDefaultTestDeployAssert948327B8.assets.json b/...tificate.js.snapshot/InstanceCACertificateTestDefaultTestDeployAssert948327B8.assets.json
@@ -0,0 +1,19 @@
+{
+  "version": "33.0.0",
+  "files": {
+    "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
+      "source": {
+        "path": "InstanceCACertificateTestDefaultTestDeployAssert948327B8.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}
diff --git a/...ficate.js.snapshot/InstanceCACertificateTestDefaultTestDeployAssert948327B8.template.json b/...ficate.js.snapshot/InstanceCACertificateTestDefaultTestDeployAssert948327B8.template.json
@@ -0,0 +1,36 @@
+{
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}
diff --git a/...teg.instance-ca-certificate.js.snapshot/cdk-integ-rds-instance-ca-certificate.assets.json b/...teg.instance-ca-certificate.js.snapshot/cdk-integ-rds-instance-ca-certificate.assets.json
@@ -0,0 +1,19 @@
+{
+  "version": "33.0.0",
+  "files": {
+    "61808ca58c026d9643317e877071de364c62e20ab5d23ff2e501b45706986ca3": {
+      "source": {
+        "path": "cdk-integ-rds-instance-ca-certificate.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "61808ca58c026d9643317e877071de364c62e20ab5d23ff2e501b45706986ca3.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}