diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts index d43f9f9aac26c..bd321879ec686 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts @@ -1,7 +1,7 @@ import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; -import { IResource, PhysicalName, RemovalPolicy, Resource, FeatureFlags, Stack } from '@aws-cdk/core'; +import { IResource, PhysicalName, RemovalPolicy, Resource, FeatureFlags, Stack, CfnResource } from '@aws-cdk/core'; import { S3_CREATE_DEFAULT_LOGGING_POLICY } from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { CfnFlowLog } from './ec2.generated'; @@ -252,7 +252,6 @@ class S3Destination extends FlowLogDestination { encryption: s3.BucketEncryption.UNENCRYPTED, removalPolicy: RemovalPolicy.RETAIN, }); - } else { s3Bucket = this.props.s3Bucket; } @@ -690,6 +689,18 @@ export class FlowLog extends FlowLogBase { logDestination, }); + // VPC service implicitly tries to create a bucket policy when adding a vpc flow log. + // To avoid the race condition, we add an explicit dependency here. + if (this.bucket?.policy?.node.defaultChild instanceof CfnResource) { + flowLog.addDependency(this.bucket?.policy.node.defaultChild); + } + + // we must remove a flow log configuration first before deleting objects. + const deleteObjects = this.bucket?.node.tryFindChild('AutoDeleteObjectsCustomResource')?.node.defaultChild; + if (deleteObjects instanceof CfnResource) { + flowLog.addDependency(deleteObjects); + } + this.flowLogId = flowLog.ref; this.node.defaultChild = flowLog; } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json index 820b972b6971b..10ff80cacfe2d 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.assets.json index b090021c9a53e..15b308bbdda19 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c": { "source": { @@ -14,7 +14,7 @@ } } }, - "9dcef326beebc49accefb3f0f234ec72b4de2a2aa5f1dc4ed26408fcc22c1dd7": { + "8161ff5519d2aef653bfa7866cd056f5a3feaccfbd55708667998493d1311898": { "source": { "path": "FlowLogsTestStack.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "9dcef326beebc49accefb3f0f234ec72b4de2a2aa5f1dc4ed26408fcc22c1dd7.json", + "objectKey": "8161ff5519d2aef653bfa7866cd056f5a3feaccfbd55708667998493d1311898.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.template.json index 5eeef70163df5..922ba74cab1b4 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/FlowLogsTestStack.template.json @@ -421,7 +421,11 @@ } ], "TrafficType": "ALL" - } + }, + "DependsOn": [ + "BucketAutoDeleteObjectsCustomResourceBAFD23C2", + "BucketPolicyE9A3008A" + ] }, "FlowLogsCWIAMRole017AD736": { "Type": "AWS::IAM::Role", diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/cdk.out index 8ecc185e9dbee..d8b441d447f8a 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"21.0.0"} \ No newline at end of file +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/integ.json index c3f1db8c091b3..3db89322112ef 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "testCases": { "FlowLogs/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/manifest.json index 886ae2e5cb656..eebf5e3bf474a 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "artifacts": { "FlowLogsTestStack.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9dcef326beebc49accefb3f0f234ec72b4de2a2aa5f1dc4ed26408fcc22c1dd7.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8161ff5519d2aef653bfa7866cd056f5a3feaccfbd55708667998493d1311898.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/tree.json index 00fa3be742732..b8b86efef83a8 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-customformat.js.snapshot/tree.json @@ -691,7 +691,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", + "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } } @@ -709,6 +709,14 @@ "id": "IAMRole", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole", "children": { + "ImportIAMRole": { + "id": "ImportIAMRole", + "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/ImportIAMRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/Resource", @@ -853,7 +861,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", + "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } }, @@ -1142,7 +1150,7 @@ "path": "FlowLogs/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.154" + "version": "10.1.216" } }, "DeployAssert": { @@ -1188,7 +1196,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.154" + "version": "10.1.216" } } }, diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json index 820b972b6971b..10ff80cacfe2d 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.assets.json deleted file mode 100644 index 3b7c213d079a4..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "21.0.0", - "files": { - "69731f7ae982e377a617d06d1920c7fbeb360543d6b5f3da47406c123317a645": { - "source": { - "path": "FlowLogsFeatureFlag.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "69731f7ae982e377a617d06d1920c7fbeb360543d6b5f3da47406c123317a645.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.template.json deleted file mode 100644 index ca4a236760509..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsFeatureFlag.template.json +++ /dev/null @@ -1,865 +0,0 @@ -{ - "Resources": { - "VPCB9E5F0B4": { - "Type": "AWS::EC2::VPC", - "Properties": { - "CidrBlock": "10.0.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - } - }, - "VPCPublicSubnet1SubnetB4246D30": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.0.0/18", - "MapPublicIpOnLaunch": true, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Public" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Public" - }, - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet1" - } - ] - } - }, - "VPCPublicSubnet1RouteTableFEE4B781": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet1" - } - ] - } - }, - "VPCPublicSubnet1RouteTableAssociation0B0896DC": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "SubnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - } - } - }, - "VPCPublicSubnet1DefaultRoute91CEF279": { - "Type": "AWS::EC2::Route", - "Properties": { - "RouteTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Ref": "VPCIGWB7E252D3" - } - }, - "DependsOn": [ - "VPCVPCGW99B986DC" - ] - }, - "VPCPublicSubnet1EIP6AD938E8": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet1" - } - ] - } - }, - "VPCPublicSubnet1NATGatewayE0556630": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "SubnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - "AllocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet1EIP6AD938E8", - "AllocationId" - ] - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet1" - } - ] - }, - "DependsOn": [ - "VPCPublicSubnet1DefaultRoute91CEF279", - "VPCPublicSubnet1RouteTableAssociation0B0896DC" - ] - }, - "VPCPublicSubnet2Subnet74179F39": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "AvailabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.64.0/18", - "MapPublicIpOnLaunch": true, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Public" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Public" - }, - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2RouteTable6F1A15F1": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2RouteTableAssociation5A808732": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - } - }, - "VPCPublicSubnet2DefaultRouteB7481BBA": { - "Type": "AWS::EC2::Route", - "Properties": { - "RouteTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Ref": "VPCIGWB7E252D3" - } - }, - "DependsOn": [ - "VPCVPCGW99B986DC" - ] - }, - "VPCPublicSubnet2EIP4947BC00": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2NATGateway3C070193": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "AllocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - }, - "DependsOn": [ - "VPCPublicSubnet2DefaultRouteB7481BBA", - "VPCPublicSubnet2RouteTableAssociation5A808732" - ] - }, - "VPCPrivateSubnet1Subnet8BCA10E0": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.128.0/18", - "MapPublicIpOnLaunch": false, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Private" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Private" - }, - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PrivateSubnet1" - } - ] - } - }, - "VPCPrivateSubnet1RouteTableBE8A6027": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PrivateSubnet1" - } - ] - } - }, - "VPCPrivateSubnet1RouteTableAssociation347902D1": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "SubnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - } - } - }, - "VPCPrivateSubnet1DefaultRouteAE1D6490": { - "Type": "AWS::EC2::Route", - "Properties": { - "RouteTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "DestinationCidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Ref": "VPCPublicSubnet1NATGatewayE0556630" - } - } - }, - "VPCPrivateSubnet2SubnetCFCDAA7A": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "AvailabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.192.0/18", - "MapPublicIpOnLaunch": false, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Private" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Private" - }, - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PrivateSubnet2" - } - ] - } - }, - "VPCPrivateSubnet2RouteTable0A19E10E": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PrivateSubnet2" - } - ] - } - }, - "VPCPrivateSubnet2RouteTableAssociation0C73D413": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "SubnetId": { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - } - }, - "VPCPrivateSubnet2DefaultRouteF4F5CFD2": { - "Type": "AWS::EC2::Route", - "Properties": { - "RouteTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "DestinationCidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" - } - } - }, - "VPCIGWB7E252D3": { - "Type": "AWS::EC2::InternetGateway", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - } - }, - "VPCVPCGW99B986DC": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "VpcId": { - "Ref": "VPCB9E5F0B4" - }, - "InternetGatewayId": { - "Ref": "VPCIGWB7E252D3" - } - } - }, - "VPCFlowLogsS3BucketFB7DC2BE": { - "Type": "AWS::S3::Bucket", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "VPCFlowLogsS3BucketPolicyB2C2A045": { - "Type": "AWS::S3::BucketPolicy", - "Properties": { - "Bucket": { - "Ref": "VPCFlowLogsS3BucketFB7DC2BE" - }, - "PolicyDocument": { - "Statement": [ - { - "Action": "s3:PutObject", - "Condition": { - "StringEquals": { - "s3:x-amz-acl": "bucket-owner-full-control", - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "VPCFlowLogsS3BucketFB7DC2BE", - "Arn" - ] - }, - "/AWSLogs/", - { - "Ref": "AWS::AccountId" - }, - "/*" - ] - ] - } - }, - { - "Action": [ - "s3:GetBucketAcl", - "s3:ListBucket" - ], - "Condition": { - "StringEquals": { - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::GetAtt": [ - "VPCFlowLogsS3BucketFB7DC2BE", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "VPCFlowLogsS3FlowLogB5256CFF": { - "Type": "AWS::EC2::FlowLog", - "Properties": { - "ResourceId": { - "Ref": "VPCB9E5F0B4" - }, - "ResourceType": "VPC", - "TrafficType": "ALL", - "LogDestination": { - "Fn::GetAtt": [ - "VPCFlowLogsS3BucketFB7DC2BE", - "Arn" - ] - }, - "LogDestinationType": "s3", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - } - }, - "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456": { - "Type": "AWS::S3::Bucket", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "VPCFlowLogsS3WithDestinationOptionsBucketPolicy35257B71": { - "Type": "AWS::S3::BucketPolicy", - "Properties": { - "Bucket": { - "Ref": "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456" - }, - "PolicyDocument": { - "Statement": [ - { - "Action": "s3:PutObject", - "Condition": { - "StringEquals": { - "s3:x-amz-acl": "bucket-owner-full-control", - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456", - "Arn" - ] - }, - "/AWSLogs/aws-account-id=", - { - "Ref": "AWS::AccountId" - }, - "/*" - ] - ] - } - }, - { - "Action": [ - "s3:GetBucketAcl", - "s3:ListBucket" - ], - "Condition": { - "StringEquals": { - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::GetAtt": [ - "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "VPCFlowLogsS3WithDestinationOptionsFlowLog030C15B2": { - "Type": "AWS::EC2::FlowLog", - "Properties": { - "ResourceId": { - "Ref": "VPCB9E5F0B4" - }, - "ResourceType": "VPC", - "TrafficType": "ALL", - "DestinationOptions": { - "fileFormat": "plain-text", - "perHourPartition": false, - "hiveCompatiblePartitions": true - }, - "LogDestination": { - "Fn::GetAtt": [ - "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456", - "Arn" - ] - }, - "LogDestinationType": "s3", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC" - } - ] - } - }, - "FlowLogsInstanceInstanceSecurityGroupF61782E0": { - "Type": "AWS::EC2::SecurityGroup", - "Properties": { - "GroupDescription": "FlowLogsFeatureFlag/FlowLogsInstance/InstanceSecurityGroup", - "SecurityGroupEgress": [ - { - "CidrIp": "0.0.0.0/0", - "Description": "Allow all outbound traffic by default", - "IpProtocol": "-1" - } - ], - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/FlowLogsInstance" - } - ], - "VpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "FlowLogsInstanceInstanceRole1E8242D9": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": { - "Fn::Join": [ - "", - [ - "ec2.", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - } - } - } - ], - "Version": "2012-10-17" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/FlowLogsInstance" - } - ] - } - }, - "FlowLogsInstanceInstanceProfile5CDC5493": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "FlowLogsInstanceInstanceRole1E8242D9" - } - ] - } - }, - "FlowLogsInstanceB14CA11F": { - "Type": "AWS::EC2::Instance", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "IamInstanceProfile": { - "Ref": "FlowLogsInstanceInstanceProfile5CDC5493" - }, - "ImageId": { - "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" - }, - "InstanceType": "t3.small", - "SecurityGroupIds": [ - { - "Fn::GetAtt": [ - "FlowLogsInstanceInstanceSecurityGroupF61782E0", - "GroupId" - ] - } - ], - "SubnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/FlowLogsInstance" - } - ], - "UserData": { - "Fn::Base64": "#!/bin/bash" - } - }, - "DependsOn": [ - "FlowLogsInstanceInstanceRole1E8242D9" - ] - } - }, - "Outputs": { - "ExportsOutputFnGetAttVPCFlowLogsS3BucketFB7DC2BEArn0818560B": { - "Value": { - "Fn::GetAtt": [ - "VPCFlowLogsS3BucketFB7DC2BE", - "Arn" - ] - }, - "Export": { - "Name": "FlowLogsFeatureFlag:ExportsOutputFnGetAttVPCFlowLogsS3BucketFB7DC2BEArn0818560B" - } - }, - "ExportsOutputRefVPCFlowLogsS3BucketFB7DC2BE6C269563": { - "Value": { - "Ref": "VPCFlowLogsS3BucketFB7DC2BE" - }, - "Export": { - "Name": "FlowLogsFeatureFlag:ExportsOutputRefVPCFlowLogsS3BucketFB7DC2BE6C269563" - } - } - }, - "Parameters": { - "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" - }, - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.assets.json index 2a018bb7dcf03..b7ede9083ccff 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { - "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26": { + "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c": { "source": { - "path": "asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "path": "asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26.zip", + "objectKey": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "96d9c05ccd40ed1b767705d5c5db20f22695b36afcaf5a53a7da8a9b887ae780": { + "2b30860fcf01164c1692c6942e20759e18cc978571b0c43274edb2b09a88fc4b": { "source": { "path": "FlowLogsTestStack.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "96d9c05ccd40ed1b767705d5c5db20f22695b36afcaf5a53a7da8a9b887ae780.json", + "objectKey": "2b30860fcf01164c1692c6942e20759e18cc978571b0c43274edb2b09a88fc4b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.template.json index cadcadc6193f0..bc7e3b561a129 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/FlowLogsTestStack.template.json @@ -524,7 +524,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -538,8 +537,12 @@ "Key": "Name", "Value": "FlowLogsTestStack/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "VPCFlowLogsS3BucketPolicyB2C2A045" + ] }, "VPCFlowLogsS3KeyPrefixFlowLogB57F1746": { "Type": "AWS::EC2::FlowLog", @@ -548,7 +551,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::Join": [ "", @@ -569,8 +571,13 @@ "Key": "Name", "Value": "FlowLogsTestStack/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "BucketAutoDeleteObjectsCustomResourceBAFD23C2", + "BucketPolicyE9A3008A" + ] }, "FlowLogsCWIAMRole017AD736": { "Type": "AWS::IAM::Role", @@ -644,7 +651,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "FlowLogsCWIAMRole017AD736", @@ -655,7 +661,8 @@ "LogGroupName": { "Ref": "FlowLogsCWLogGroup0398E8F8" }, - "MaxAggregationInterval": 600 + "MaxAggregationInterval": 600, + "TrafficType": "ALL" } }, "Bucket83908E77": { @@ -890,7 +897,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26.zip" + "S3Key": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip" }, "Timeout": 900, "MemorySize": 128, diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/__entrypoint__.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/__entrypoint__.js similarity index 100% rename from packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/__entrypoint__.js rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/__entrypoint__.js diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/index.js similarity index 100% rename from packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/index.js diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js deleted file mode 100644 index 9df94382cc74e..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js +++ /dev/null @@ -1,118 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = exports.external = void 0; -const https = require("https"); -const url = require("url"); -// for unit tests -exports.external = { - sendHttpRequest: defaultSendHttpRequest, - log: defaultLog, - includeStackTraces: true, - userHandlerIndex: './index', -}; -const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; -const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; -async function handler(event, context) { - const sanitizedEvent = { ...event, ResponseURL: '...' }; - exports.external.log(JSON.stringify(sanitizedEvent, undefined, 2)); - // ignore DELETE event when the physical resource ID is the marker that - // indicates that this DELETE is a subsequent DELETE to a failed CREATE - // operation. - if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { - exports.external.log('ignoring DELETE event caused by a failed CREATE event'); - await submitResponse('SUCCESS', event); - return; - } - try { - // invoke the user handler. this is intentionally inside the try-catch to - // ensure that if there is an error it's reported as a failure to - // cloudformation (otherwise cfn waits). - // eslint-disable-next-line @typescript-eslint/no-require-imports - const userHandler = require(exports.external.userHandlerIndex).handler; - const result = await userHandler(sanitizedEvent, context); - // validate user response and create the combined event - const responseEvent = renderResponse(event, result); - // submit to cfn as success - await submitResponse('SUCCESS', responseEvent); - } - catch (e) { - const resp = { - ...event, - Reason: exports.external.includeStackTraces ? e.stack : e.message, - }; - if (!resp.PhysicalResourceId) { - // special case: if CREATE fails, which usually implies, we usually don't - // have a physical resource id. in this case, the subsequent DELETE - // operation does not have any meaning, and will likely fail as well. to - // address this, we use a marker so the provider framework can simply - // ignore the subsequent DELETE. - if (event.RequestType === 'Create') { - exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); - resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; - } - else { - // otherwise, if PhysicalResourceId is not specified, something is - // terribly wrong because all other events should have an ID. - exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); - } - } - // this is an actual error, fail the activity altogether and exist. - await submitResponse('FAILED', resp); - } -} -exports.handler = handler; -function renderResponse(cfnRequest, handlerResponse = {}) { - // if physical ID is not returned, we have some defaults for you based - // on the request type. - const physicalResourceId = handlerResponse.PhysicalResourceId ?? cfnRequest.PhysicalResourceId ?? cfnRequest.RequestId; - // if we are in DELETE and physical ID was changed, it's an error. - if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { - throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); - } - // merge request event and result event (result prevails). - return { - ...cfnRequest, - ...handlerResponse, - PhysicalResourceId: physicalResourceId, - }; -} -async function submitResponse(status, event) { - const json = { - Status: status, - Reason: event.Reason ?? status, - StackId: event.StackId, - RequestId: event.RequestId, - PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, - LogicalResourceId: event.LogicalResourceId, - NoEcho: event.NoEcho, - Data: event.Data, - }; - exports.external.log('submit response to cloudformation', json); - const responseBody = JSON.stringify(json); - const parsedUrl = url.parse(event.ResponseURL); - const req = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: 'PUT', - headers: { 'content-type': '', 'content-length': responseBody.length }, - }; - await exports.external.sendHttpRequest(req, responseBody); -} -async function defaultSendHttpRequest(options, responseBody) { - return new Promise((resolve, reject) => { - try { - const request = https.request(options, _ => resolve()); - request.on('error', reject); - request.write(responseBody); - request.end(); - } - catch (e) { - reject(e); - } - }); -} -function defaultLog(fmt, ...params) { - // eslint-disable-next-line no-console - console.log(fmt, ...params); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsTUFBTSxjQUFjLEdBQUcsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUM7SUFDeEQsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFM0QsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFMUQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbkRELDBCQW1EQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRztJQUU3QyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsZUFBZSxDQUFDLGtCQUFrQixJQUFJLFVBQVUsQ0FBQyxrQkFBa0IsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7SUFDekUsTUFBTSxJQUFJLEdBQW1EO1FBQzNELE1BQU0sRUFBRSxNQUFNO1FBQ2QsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLElBQUksTUFBTTtRQUM5QixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87UUFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1FBQzFCLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSwwQkFBMEI7UUFDMUUsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtRQUMxQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07UUFDcEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO0tBQ2pCLENBQUM7SUFFRixnQkFBUSxDQUFDLEdBQUcsQ0FBQyxtQ0FBbUMsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUV4RCxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzFDLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLE1BQU0sR0FBRyxHQUFHO1FBQ1YsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1FBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtRQUNwQixNQUFNLEVBQUUsS0FBSztRQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtLQUN2RSxDQUFDO0lBRUYsTUFBTSxnQkFBUSxDQUFDLGVBQWUsQ0FBQyxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDcEQsQ0FBQztBQUVELEtBQUssVUFBVSxzQkFBc0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ3ZGLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RCxPQUFPLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztZQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxHQUFHLEVBQUUsQ0FBQztTQUNmO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDWDtJQUNILENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELFNBQVMsVUFBVSxDQUFDLEdBQVcsRUFBRSxHQUFHLE1BQWE7SUFDL0Msc0NBQXNDO0lBQ3RDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEdBQUcsTUFBTSxDQUFDLENBQUM7QUFDOUIsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGh0dHBzIGZyb20gJ2h0dHBzJztcbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuXG4vLyBmb3IgdW5pdCB0ZXN0c1xuZXhwb3J0IGNvbnN0IGV4dGVybmFsID0ge1xuICBzZW5kSHR0cFJlcXVlc3Q6IGRlZmF1bHRTZW5kSHR0cFJlcXVlc3QsXG4gIGxvZzogZGVmYXVsdExvZyxcbiAgaW5jbHVkZVN0YWNrVHJhY2VzOiB0cnVlLFxuICB1c2VySGFuZGxlckluZGV4OiAnLi9pbmRleCcsXG59O1xuXG5jb25zdCBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6OkNSRUFURV9GQUlMRUQnO1xuY29uc3QgTUlTU0lOR19QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpNSVNTSU5HX1BIWVNJQ0FMX0lEJztcblxuZXhwb3J0IHR5cGUgUmVzcG9uc2UgPSBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgSGFuZGxlclJlc3BvbnNlO1xuZXhwb3J0IHR5cGUgSGFuZGxlciA9IChldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpID0+IFByb21pc2U8SGFuZGxlclJlc3BvbnNlIHwgdm9pZD47XG5leHBvcnQgdHlwZSBIYW5kbGVyUmVzcG9uc2UgPSB1bmRlZmluZWQgfCB7XG4gIERhdGE/OiBhbnk7XG4gIFBoeXNpY2FsUmVzb3VyY2VJZD86IHN0cmluZztcbiAgUmVhc29uPzogc3RyaW5nO1xuICBOb0VjaG8/OiBib29sZWFuO1xufTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIGNvbnN0IHNhbml0aXplZEV2ZW50ID0geyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH07XG4gIGV4dGVybmFsLmxvZyhKU09OLnN0cmluZ2lmeShzYW5pdGl6ZWRFdmVudCwgdW5kZWZpbmVkLCAyKSk7XG5cbiAgLy8gaWdub3JlIERFTEVURSBldmVudCB3aGVuIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBpcyB0aGUgbWFya2VyIHRoYXRcbiAgLy8gaW5kaWNhdGVzIHRoYXQgdGhpcyBERUxFVEUgaXMgYSBzdWJzZXF1ZW50IERFTEVURSB0byBhIGZhaWxlZCBDUkVBVEVcbiAgLy8gb3BlcmF0aW9uLlxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9PT0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIpIHtcbiAgICBleHRlcm5hbC5sb2coJ2lnbm9yaW5nIERFTEVURSBldmVudCBjYXVzZWQgYnkgYSBmYWlsZWQgQ1JFQVRFIGV2ZW50Jyk7XG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgcmV0dXJuO1xuICB9XG5cbiAgdHJ5IHtcbiAgICAvLyBpbnZva2UgdGhlIHVzZXIgaGFuZGxlci4gdGhpcyBpcyBpbnRlbnRpb25hbGx5IGluc2lkZSB0aGUgdHJ5LWNhdGNoIHRvXG4gICAgLy8gZW5zdXJlIHRoYXQgaWYgdGhlcmUgaXMgYW4gZXJyb3IgaXQncyByZXBvcnRlZCBhcyBhIGZhaWx1cmUgdG9cbiAgICAvLyBjbG91ZGZvcm1hdGlvbiAob3RoZXJ3aXNlIGNmbiB3YWl0cykuXG4gICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICBjb25zdCB1c2VySGFuZGxlcjogSGFuZGxlciA9IHJlcXVpcmUoZXh0ZXJuYWwudXNlckhhbmRsZXJJbmRleCkuaGFuZGxlcjtcbiAgICBjb25zdCByZXN1bHQgPSBhd2FpdCB1c2VySGFuZGxlcihzYW5pdGl6ZWRFdmVudCwgY29udGV4dCk7XG5cbiAgICAvLyB2YWxpZGF0ZSB1c2VyIHJlc3BvbnNlIGFuZCBjcmVhdGUgdGhlIGNvbWJpbmVkIGV2ZW50XG4gICAgY29uc3QgcmVzcG9uc2VFdmVudCA9IHJlbmRlclJlc3BvbnNlKGV2ZW50LCByZXN1bHQpO1xuXG4gICAgLy8gc3VibWl0IHRvIGNmbiBhcyBzdWNjZXNzXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCByZXNwb25zZUV2ZW50KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGNvbnN0IHJlc3A6IFJlc3BvbnNlID0ge1xuICAgICAgLi4uZXZlbnQsXG4gICAgICBSZWFzb246IGV4dGVybmFsLmluY2x1ZGVTdGFja1RyYWNlcyA/IGUuc3RhY2sgOiBlLm1lc3NhZ2UsXG4gICAgfTtcblxuICAgIGlmICghcmVzcC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICAgIC8vIHNwZWNpYWwgY2FzZTogaWYgQ1JFQVRFIGZhaWxzLCB3aGljaCB1c3VhbGx5IGltcGxpZXMsIHdlIHVzdWFsbHkgZG9uJ3RcbiAgICAgIC8vIGhhdmUgYSBwaHlzaWNhbCByZXNvdXJjZSBpZC4gaW4gdGhpcyBjYXNlLCB0aGUgc3Vic2VxdWVudCBERUxFVEVcbiAgICAgIC8vIG9wZXJhdGlvbiBkb2VzIG5vdCBoYXZlIGFueSBtZWFuaW5nLCBhbmQgd2lsbCBsaWtlbHkgZmFpbCBhcyB3ZWxsLiB0b1xuICAgICAgLy8gYWRkcmVzcyB0aGlzLCB3ZSB1c2UgYSBtYXJrZXIgc28gdGhlIHByb3ZpZGVyIGZyYW1ld29yayBjYW4gc2ltcGx5XG4gICAgICAvLyBpZ25vcmUgdGhlIHN1YnNlcXVlbnQgREVMRVRFLlxuICAgICAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgICAgICBleHRlcm5hbC5sb2coJ0NSRUFURSBmYWlsZWQsIHJlc3BvbmRpbmcgd2l0aCBhIG1hcmtlciBwaHlzaWNhbCByZXNvdXJjZSBpZCBzbyB0aGF0IHRoZSBzdWJzZXF1ZW50IERFTEVURSB3aWxsIGJlIGlnbm9yZWQnKTtcbiAgICAgICAgcmVzcC5QaHlzaWNhbFJlc291cmNlSWQgPSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUjtcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIC8vIG90aGVyd2lzZSwgaWYgUGh5c2ljYWxSZXNvdXJjZUlkIGlzIG5vdCBzcGVjaWZpZWQsIHNvbWV0aGluZyBpc1xuICAgICAgICAvLyB0ZXJyaWJseSB3cm9uZyBiZWNhdXNlIGFsbCBvdGhlciBldmVudHMgc2hvdWxkIGhhdmUgYW4gSUQuXG4gICAgICAgIGV4dGVybmFsLmxvZyhgRVJST1I6IE1hbGZvcm1lZCBldmVudC4gXCJQaHlzaWNhbFJlc291cmNlSWRcIiBpcyByZXF1aXJlZDogJHtKU09OLnN0cmluZ2lmeShldmVudCl9YCk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgLy8gdGhpcyBpcyBhbiBhY3R1YWwgZXJyb3IsIGZhaWwgdGhlIGFjdGl2aXR5IGFsdG9nZXRoZXIgYW5kIGV4aXN0LlxuICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdGQUlMRUQnLCByZXNwKTtcbiAgfVxufVxuXG5mdW5jdGlvbiByZW5kZXJSZXNwb25zZShcbiAgY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCAmIHsgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nIH0sXG4gIGhhbmRsZXJSZXNwb25zZTogdm9pZCB8IEhhbmRsZXJSZXNwb25zZSA9IHsgfSk6IFJlc3BvbnNlIHtcblxuICAvLyBpZiBwaHlzaWNhbCBJRCBpcyBub3QgcmV0dXJuZWQsIHdlIGhhdmUgc29tZSBkZWZhdWx0cyBmb3IgeW91IGJhc2VkXG4gIC8vIG9uIHRoZSByZXF1ZXN0IHR5cGUuXG4gIGNvbnN0IHBoeXNpY2FsUmVzb3VyY2VJZCA9IGhhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5SZXF1ZXN0SWQ7XG5cbiAgLy8gaWYgd2UgYXJlIGluIERFTEVURSBhbmQgcGh5c2ljYWwgSUQgd2FzIGNoYW5nZWQsIGl0J3MgYW4gZXJyb3IuXG4gIGlmIChjZm5SZXF1ZXN0LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJyAmJiBwaHlzaWNhbFJlc291cmNlSWQgIT09IGNmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBERUxFVEU6IGNhbm5vdCBjaGFuZ2UgdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGZyb20gXCIke2NmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIHRvIFwiJHtoYW5kbGVyUmVzcG9uc2UuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIGR1cmluZyBkZWxldGlvbmApO1xuICB9XG5cbiAgLy8gbWVyZ2UgcmVxdWVzdCBldmVudCBhbmQgcmVzdWx0IGV2ZW50IChyZXN1bHQgcHJldmFpbHMpLlxuICByZXR1cm4ge1xuICAgIC4uLmNmblJlcXVlc3QsXG4gICAgLi4uaGFuZGxlclJlc3BvbnNlLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG5hc3luYyBmdW5jdGlvbiBzdWJtaXRSZXNwb25zZShzdGF0dXM6ICdTVUNDRVNTJyB8ICdGQUlMRUQnLCBldmVudDogUmVzcG9uc2UpIHtcbiAgY29uc3QganNvbjogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VSZXNwb25zZSA9IHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IGV2ZW50LlJlYXNvbiA/PyBzdGF0dXMsXG4gICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICBSZXF1ZXN0SWQ6IGV2ZW50LlJlcXVlc3RJZCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUixcbiAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgTm9FY2hvOiBldmVudC5Ob0VjaG8sXG4gICAgRGF0YTogZXZlbnQuRGF0YSxcbiAgfTtcblxuICBleHRlcm5hbC5sb2coJ3N1Ym1pdCByZXNwb25zZSB0byBjbG91ZGZvcm1hdGlvbicsIGpzb24pO1xuXG4gIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KGpzb24pO1xuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBjb25zdCByZXEgPSB7XG4gICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICBtZXRob2Q6ICdQVVQnLFxuICAgIGhlYWRlcnM6IHsgJ2NvbnRlbnQtdHlwZSc6ICcnLCAnY29udGVudC1sZW5ndGgnOiByZXNwb25zZUJvZHkubGVuZ3RoIH0sXG4gIH07XG5cbiAgYXdhaXQgZXh0ZXJuYWwuc2VuZEh0dHBSZXF1ZXN0KHJlcSwgcmVzcG9uc2VCb2R5KTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdFNlbmRIdHRwUmVxdWVzdChvcHRpb25zOiBodHRwcy5SZXF1ZXN0T3B0aW9ucywgcmVzcG9uc2VCb2R5OiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgcmV0dXJuIG5ldyBQcm9taXNlKChyZXNvbHZlLCByZWplY3QpID0+IHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgcmVxdWVzdCA9IGh0dHBzLnJlcXVlc3Qob3B0aW9ucywgXyA9PiByZXNvbHZlKCkpO1xuICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxuZnVuY3Rpb24gZGVmYXVsdExvZyhmbXQ6IHN0cmluZywgLi4ucGFyYW1zOiBhbnlbXSkge1xuICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgbm8tY29uc29sZVxuICBjb25zb2xlLmxvZyhmbXQsIC4uLnBhcmFtcyk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts deleted file mode 100644 index 3554dc94d4617..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise; diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts deleted file mode 100644 index 2459d44ab1d18..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts +++ /dev/null @@ -1,82 +0,0 @@ -// eslint-disable-next-line import/no-extraneous-dependencies -import { S3 } from 'aws-sdk'; - -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; - -const s3 = new S3(); - -export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} - -async function onUpdate(event: AWSLambda.CloudFormationCustomResourceEvent) { - const updateEvent = event as AWSLambda.CloudFormationCustomResourceUpdateEvent; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} - -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName: string) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - - const records = contents.map((record: any) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} - -async function onDelete(bucketName?: string) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} - -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName: string) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js deleted file mode 100644 index ba956d47f51fe..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js +++ /dev/null @@ -1,612 +0,0 @@ -"use strict"; -var __create = Object.create; -var __defProp = Object.defineProperty; -var __getOwnPropDesc = Object.getOwnPropertyDescriptor; -var __getOwnPropNames = Object.getOwnPropertyNames; -var __getProtoOf = Object.getPrototypeOf; -var __hasOwnProp = Object.prototype.hasOwnProperty; -var __export = (target, all) => { - for (var name in all) - __defProp(target, name, { get: all[name], enumerable: true }); -}; -var __copyProps = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames(from)) - if (!__hasOwnProp.call(to, key) && key !== except) - __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); - } - return to; -}; -var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( - isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, - mod -)); -var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); - -// lib/assertions/providers/lambda-handler/index.ts -var lambda_handler_exports = {}; -__export(lambda_handler_exports, { - handler: () => handler -}); -module.exports = __toCommonJS(lambda_handler_exports); - -// ../assertions/lib/matcher.ts -var Matcher = class { - static isMatcher(x) { - return x && x instanceof Matcher; - } -}; -var MatchResult = class { - constructor(target) { - this.failures = []; - this.captures = /* @__PURE__ */ new Map(); - this.finalized = false; - this.target = target; - } - push(matcher, path, message) { - return this.recordFailure({ matcher, path, message }); - } - recordFailure(failure) { - this.failures.push(failure); - return this; - } - hasFailed() { - return this.failures.length !== 0; - } - get failCount() { - return this.failures.length; - } - compose(id, inner) { - const innerF = inner.failures; - this.failures.push(...innerF.map((f) => { - return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; - })); - inner.captures.forEach((vals, capture) => { - vals.forEach((value) => this.recordCapture({ capture, value })); - }); - return this; - } - finished() { - if (this.finalized) { - return this; - } - if (this.failCount === 0) { - this.captures.forEach((vals, cap) => cap._captured.push(...vals)); - } - this.finalized = true; - return this; - } - toHumanStrings() { - return this.failures.map((r) => { - const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; - return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; - }); - } - recordCapture(options) { - let values = this.captures.get(options.capture); - if (values === void 0) { - values = []; - } - values.push(options.value); - this.captures.set(options.capture, values); - } -}; - -// ../assertions/lib/private/matchers/absent.ts -var AbsentMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual !== void 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Received ${actual}, but key should be absent` - }); - } - return result; - } -}; - -// ../assertions/lib/private/type.ts -function getType(obj) { - return Array.isArray(obj) ? "array" : typeof obj; -} - -// ../assertions/lib/match.ts -var Match = class { - static absent() { - return new AbsentMatch("absent"); - } - static arrayWith(pattern) { - return new ArrayMatch("arrayWith", pattern); - } - static arrayEquals(pattern) { - return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); - } - static exact(pattern) { - return new LiteralMatch("exact", pattern, { partialObjects: false }); - } - static objectLike(pattern) { - return new ObjectMatch("objectLike", pattern); - } - static objectEquals(pattern) { - return new ObjectMatch("objectEquals", pattern, { partial: false }); - } - static not(pattern) { - return new NotMatch("not", pattern); - } - static serializedJson(pattern) { - return new SerializedJson("serializedJson", pattern); - } - static anyValue() { - return new AnyMatch("anyValue"); - } - static stringLikeRegexp(pattern) { - return new StringLikeRegexpMatch("stringLikeRegexp", pattern); - } -}; -var LiteralMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partialObjects = options.partialObjects ?? false; - if (Matcher.isMatcher(this.pattern)) { - throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); - } - } - test(actual) { - if (Array.isArray(this.pattern)) { - return new ArrayMatch(this.name, this.pattern, { subsequence: false, partialObjects: this.partialObjects }).test(actual); - } - if (typeof this.pattern === "object") { - return new ObjectMatch(this.name, this.pattern, { partial: this.partialObjects }).test(actual); - } - const result = new MatchResult(actual); - if (typeof this.pattern !== typeof actual) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected type ${typeof this.pattern} but received ${getType(actual)}` - }); - return result; - } - if (actual !== this.pattern) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected ${this.pattern} but received ${actual}` - }); - } - return result; - } -}; -var ArrayMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.subsequence = options.subsequence ?? true; - this.partialObjects = options.partialObjects ?? false; - } - test(actual) { - if (!Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type array but received ${getType(actual)}` - }); - } - if (!this.subsequence && this.pattern.length !== actual.length) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected array of length ${this.pattern.length} but received ${actual.length}` - }); - } - let patternIdx = 0; - let actualIdx = 0; - const result = new MatchResult(actual); - while (patternIdx < this.pattern.length && actualIdx < actual.length) { - const patternElement = this.pattern[patternIdx]; - const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); - const matcherName = matcher.name; - if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { - throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); - } - const innerResult = matcher.test(actual[actualIdx]); - if (!this.subsequence || !innerResult.hasFailed()) { - result.compose(`[${actualIdx}]`, innerResult); - patternIdx++; - actualIdx++; - } else { - actualIdx++; - } - } - for (; patternIdx < this.pattern.length; patternIdx++) { - const pattern = this.pattern[patternIdx]; - const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; - result.recordFailure({ - matcher: this, - path: [], - message: `Missing element${element}at pattern index ${patternIdx}` - }); - } - return result; - } -}; -var ObjectMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partial = options.partial ?? true; - } - test(actual) { - if (typeof actual !== "object" || Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type object but received ${getType(actual)}` - }); - } - const result = new MatchResult(actual); - if (!this.partial) { - for (const a of Object.keys(actual)) { - if (!(a in this.pattern)) { - result.recordFailure({ - matcher: this, - path: [`/${a}`], - message: "Unexpected key" - }); - } - } - } - for (const [patternKey, patternVal] of Object.entries(this.pattern)) { - if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { - result.recordFailure({ - matcher: this, - path: [`/${patternKey}`], - message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` - }); - continue; - } - const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); - const inner = matcher.test(actual[patternKey]); - result.compose(`/${patternKey}`, inner); - } - return result; - } -}; -var SerializedJson = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - if (getType(actual) !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected JSON as a string but found ${getType(actual)}` - }); - return result; - } - let parsed; - try { - parsed = JSON.parse(actual); - } catch (err) { - if (err instanceof SyntaxError) { - result.recordFailure({ - matcher: this, - path: [], - message: `Invalid JSON string: ${actual}` - }); - return result; - } else { - throw err; - } - } - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(parsed); - result.compose(`(${this.name})`, innerResult); - return result; - } -}; -var NotMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(actual); - const result = new MatchResult(actual); - if (innerResult.failCount === 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Found unexpected match: ${JSON.stringify(actual, void 0, 2)}` - }); - } - return result; - } -}; -var AnyMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual == null) { - result.recordFailure({ - matcher: this, - path: [], - message: "Expected a value but found none" - }); - } - return result; - } -}; -var StringLikeRegexpMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - const regex = new RegExp(this.pattern, "gm"); - if (typeof actual !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected a string, but got '${typeof actual}'` - }); - } - if (!regex.test(actual)) { - result.recordFailure({ - matcher: this, - path: [], - message: `String '${actual}' did not match pattern '${this.pattern}'` - }); - } - return result; - } -}; - -// lib/assertions/providers/lambda-handler/base.ts -var https = __toESM(require("https")); -var url = __toESM(require("url")); -var CustomResourceHandler = class { - constructor(event, context) { - this.event = event; - this.context = context; - this.timedOut = false; - this.timeout = setTimeout(async () => { - await this.respond({ - status: "FAILED", - reason: "Lambda Function Timeout", - data: this.context.logStreamName - }); - this.timedOut = true; - }, context.getRemainingTimeInMillis() - 1200); - this.event = event; - this.physicalResourceId = extractPhysicalResourceId(event); - } - async handle() { - try { - console.log(`Event: ${JSON.stringify({ ...this.event, ResponseURL: "..." })}`); - const response = await this.processEvent(this.event.ResourceProperties); - console.log(`Event output : ${JSON.stringify(response)}`); - await this.respond({ - status: "SUCCESS", - reason: "OK", - data: response - }); - } catch (e) { - console.log(e); - await this.respond({ - status: "FAILED", - reason: e.message ?? "Internal Error" - }); - } finally { - clearTimeout(this.timeout); - } - } - respond(response) { - if (this.timedOut) { - return; - } - const cfResponse = { - Status: response.status, - Reason: response.reason, - PhysicalResourceId: this.physicalResourceId, - StackId: this.event.StackId, - RequestId: this.event.RequestId, - LogicalResourceId: this.event.LogicalResourceId, - NoEcho: false, - Data: response.data - }; - const responseBody = JSON.stringify(cfResponse); - console.log("Responding to CloudFormation", responseBody); - const parsedUrl = url.parse(this.event.ResponseURL); - const requestOptions = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: "PUT", - headers: { "content-type": "", "content-length": responseBody.length } - }; - return new Promise((resolve, reject) => { - try { - const request2 = https.request(requestOptions, resolve); - request2.on("error", reject); - request2.write(responseBody); - request2.end(); - } catch (e) { - reject(e); - } - }); - } -}; -function extractPhysicalResourceId(event) { - switch (event.RequestType) { - case "Create": - return event.LogicalResourceId; - case "Update": - case "Delete": - return event.PhysicalResourceId; - } -} - -// lib/assertions/providers/lambda-handler/assertion.ts -var AssertionHandler = class extends CustomResourceHandler { - async processEvent(request2) { - let actual = decodeCall(request2.actual); - const expected = decodeCall(request2.expected); - let result; - const matcher = new MatchCreator(expected).getMatcher(); - console.log(`Testing equality between ${JSON.stringify(request2.actual)} and ${JSON.stringify(request2.expected)}`); - const matchResult = matcher.test(actual); - matchResult.finished(); - if (matchResult.hasFailed()) { - result = { - data: JSON.stringify({ - status: "fail", - message: [ - ...matchResult.toHumanStrings(), - JSON.stringify(matchResult.target, void 0, 2) - ].join("\n") - }) - }; - if (request2.failDeployment) { - throw new Error(result.data); - } - } else { - result = { - data: JSON.stringify({ - status: "success" - }) - }; - } - return result; - } -}; -var MatchCreator = class { - constructor(obj) { - this.parsedObj = { - matcher: obj - }; - } - getMatcher() { - try { - const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { - const nested = Object.keys(v)[0]; - switch (nested) { - case "$ArrayWith": - return Match.arrayWith(v[nested]); - case "$ObjectLike": - return Match.objectLike(v[nested]); - case "$StringLike": - return Match.stringLikeRegexp(v[nested]); - default: - return v; - } - }); - if (Matcher.isMatcher(final.matcher)) { - return final.matcher; - } - return Match.exact(final.matcher); - } catch { - return Match.exact(this.parsedObj.matcher); - } - } -}; -function decodeCall(call) { - if (!call) { - return void 0; - } - try { - const parsed = JSON.parse(call); - return parsed; - } catch (e) { - return call; - } -} - -// lib/assertions/providers/lambda-handler/utils.ts -function decode(object) { - return JSON.parse(JSON.stringify(object), (_k, v) => { - switch (v) { - case "TRUE:BOOLEAN": - return true; - case "FALSE:BOOLEAN": - return false; - default: - return v; - } - }); -} - -// lib/assertions/providers/lambda-handler/sdk.ts -function flatten(object) { - return Object.assign( - {}, - ...function _flatten(child, path = []) { - return [].concat(...Object.keys(child).map((key) => { - const childKey = Buffer.isBuffer(child[key]) ? child[key].toString("utf8") : child[key]; - return typeof childKey === "object" && childKey !== null ? _flatten(childKey, path.concat([key])) : { [path.concat([key]).join(".")]: childKey }; - })); - }(object) - ); -} -var AwsApiCallHandler = class extends CustomResourceHandler { - async processEvent(request2) { - const AWS = require("aws-sdk"); - console.log(`AWS SDK VERSION: ${AWS.VERSION}`); - const service = new AWS[request2.service](); - const response = await service[request2.api](request2.parameters && decode(request2.parameters)).promise(); - console.log(`SDK response received ${JSON.stringify(response)}`); - delete response.ResponseMetadata; - const respond = { - apiCallResponse: response - }; - const flatData = { - ...flatten(respond) - }; - return request2.flattenResponse === "true" ? flatData : respond; - } -}; - -// lib/assertions/providers/lambda-handler/types.ts -var ASSERT_RESOURCE_TYPE = "Custom::DeployAssert@AssertEquals"; -var SDK_RESOURCE_TYPE_PREFIX = "Custom::DeployAssert@SdkCall"; - -// lib/assertions/providers/lambda-handler/index.ts -async function handler(event, context) { - const provider = createResourceHandler(event, context); - await provider.handle(); -} -function createResourceHandler(event, context) { - if (event.ResourceType.startsWith(SDK_RESOURCE_TYPE_PREFIX)) { - return new AwsApiCallHandler(event, context); - } - switch (event.ResourceType) { - case ASSERT_RESOURCE_TYPE: - return new AssertionHandler(event, context); - default: - throw new Error(`Unsupported resource type "${event.ResourceType}`); - } -} -// Annotate the CommonJS export names for ESM import in node: -0 && (module.exports = { - handler -}); diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/cdk.out index 8ecc185e9dbee..d8b441d447f8a 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"21.0.0"} \ No newline at end of file +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/integ.json index c3f1db8c091b3..3db89322112ef 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "29.0.0", "testCases": { "FlowLogs/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/manifest.json index 0fa583620de5c..da2d38e4fcc28 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "21.0.0", + "version": "29.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "FlowLogsTestStack.assets": { "type": "cdk:asset-manifest", "properties": { @@ -23,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/96d9c05ccd40ed1b767705d5c5db20f22695b36afcaf5a53a7da8a9b887ae780.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2b30860fcf01164c1692c6942e20759e18cc978571b0c43274edb2b09a88fc4b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -316,6 +310,12 @@ ] }, "displayName": "FlowLogs/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/tree.json index 3553bde00b781..408ee6daa0537 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs-interval.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.102" - } - }, "FlowLogsTestStack": { "id": "FlowLogsTestStack", "path": "FlowLogsTestStack", @@ -827,7 +819,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "logDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -841,7 +832,8 @@ "key": "Name", "value": "FlowLogsTestStack/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -851,7 +843,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", + "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } }, @@ -869,7 +861,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "logDestination": { "Fn::Join": [ "", @@ -890,7 +881,8 @@ "key": "Name", "value": "FlowLogsTestStack/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -900,7 +892,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", + "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } } @@ -918,6 +910,14 @@ "id": "IAMRole", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole", "children": { + "ImportIAMRole": { + "id": "ImportIAMRole", + "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/ImportIAMRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/Resource", @@ -1041,7 +1041,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "deliverLogsPermissionArn": { "Fn::GetAtt": [ "FlowLogsCWIAMRole017AD736", @@ -1052,7 +1051,8 @@ "logGroupName": { "Ref": "FlowLogsCWLogGroup0398E8F8" }, - "maxAggregationInterval": 600 + "maxAggregationInterval": 600, + "trafficType": "ALL" } }, "constructInfo": { @@ -1062,7 +1062,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", + "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } }, @@ -1335,6 +1335,22 @@ "fqn": "@aws-cdk/core.CustomResourceProvider", "version": "0.0.0" } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlowLogsTestStack/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlowLogsTestStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } } }, "constructInfo": { @@ -1355,12 +1371,30 @@ "path": "FlowLogs/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.102" + "version": "10.1.216" } }, "DeployAssert": { "id": "DeployAssert", "path": "FlowLogs/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlowLogs/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlowLogs/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, "constructInfo": { "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" @@ -1377,6 +1411,14 @@ "fqn": "@aws-cdk/integ-tests.IntegTest", "version": "0.0.0" } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.assets.json similarity index 61% rename from packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.assets.json rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.assets.json index dca00b94057cc..55e9ccf1f996a 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.assets.json @@ -1,28 +1,28 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { - "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d": { + "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c": { "source": { - "path": "asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d", + "path": "asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d.zip", + "objectKey": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "387f458284bcd5d8ead2ee20bd530cc89df674d509fe19ff6bffce83e4a6e8f5": { + "59a368fd46c5addcdf9c6b0c83d0842a14c9fab63d5c1081758dd6e246bd88a9": { "source": { - "path": "FlowLogsTestStack.template.json", + "path": "DependencyTestStack.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "387f458284bcd5d8ead2ee20bd530cc89df674d509fe19ff6bffce83e4a6e8f5.json", + "objectKey": "59a368fd46c5addcdf9c6b0c83d0842a14c9fab63d5c1081758dd6e246bd88a9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.template.json similarity index 78% rename from packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.template.json rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.template.json index 94b20b17b1289..5a79776a01496 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsTestStack.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/DependencyTestStack.template.json @@ -10,7 +10,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC" + "Value": "DependencyTestStack/VPC" } ] } @@ -42,7 +42,7 @@ }, { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet1" + "Value": "DependencyTestStack/VPC/PublicSubnet1" } ] } @@ -56,7 +56,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet1" + "Value": "DependencyTestStack/VPC/PublicSubnet1" } ] } @@ -94,7 +94,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet1" + "Value": "DependencyTestStack/VPC/PublicSubnet1" } ] } @@ -114,7 +114,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet1" + "Value": "DependencyTestStack/VPC/PublicSubnet1" } ] }, @@ -150,7 +150,7 @@ }, { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" + "Value": "DependencyTestStack/VPC/PublicSubnet2" } ] } @@ -164,7 +164,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" + "Value": "DependencyTestStack/VPC/PublicSubnet2" } ] } @@ -195,42 +195,6 @@ "VPCVPCGW99B986DC" ] }, - "VPCPublicSubnet2EIP4947BC00": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2NATGateway3C070193": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "AllocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - }, - "DependsOn": [ - "VPCPublicSubnet2DefaultRouteB7481BBA", - "VPCPublicSubnet2RouteTableAssociation5A808732" - ] - }, "VPCPrivateSubnet1Subnet8BCA10E0": { "Type": "AWS::EC2::Subnet", "Properties": { @@ -258,7 +222,7 @@ }, { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PrivateSubnet1" + "Value": "DependencyTestStack/VPC/PrivateSubnet1" } ] } @@ -272,7 +236,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PrivateSubnet1" + "Value": "DependencyTestStack/VPC/PrivateSubnet1" } ] } @@ -327,7 +291,7 @@ }, { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PrivateSubnet2" + "Value": "DependencyTestStack/VPC/PrivateSubnet2" } ] } @@ -341,7 +305,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PrivateSubnet2" + "Value": "DependencyTestStack/VPC/PrivateSubnet2" } ] } @@ -365,7 +329,7 @@ }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" + "Ref": "VPCPublicSubnet1NATGatewayE0556630" } } }, @@ -375,7 +339,7 @@ "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC" + "Value": "DependencyTestStack/VPC" } ] } @@ -391,14 +355,13 @@ } } }, - "VPCFlowLogsS3FlowLogB5256CFF": { + "VPCFlowLogS3FlowLog14B02CD7": { "Type": "AWS::EC2::FlowLog", "Properties": { "ResourceId": { "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::Join": [ "", @@ -409,105 +372,23 @@ "Arn" ] }, - "/prefix/" + "/vpcFlowLog" ] ] }, "LogDestinationType": "s3", - "LogFormat": "${dstport} ${srcport}", "Tags": [ { "Key": "Name", - "Value": "FlowLogsTestStack/VPC" - } - ] - } - }, - "FlowLogsCWIAMRole017AD736": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "vpc-flow-logs.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "FlowLogsCWIAMRoleDefaultPolicy943C8A20": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "logs:CreateLogStream", - "logs:DescribeLogStreams", - "logs:PutLogEvents" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "FlowLogsCWLogGroup0398E8F8", - "Arn" - ] - } - }, - { - "Action": "iam:PassRole", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "FlowLogsCWIAMRole017AD736", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "FlowLogsCWIAMRoleDefaultPolicy943C8A20", - "Roles": [ - { - "Ref": "FlowLogsCWIAMRole017AD736" + "Value": "DependencyTestStack/VPC" } - ] - } - }, - "FlowLogsCWLogGroup0398E8F8": { - "Type": "AWS::Logs::LogGroup", - "Properties": { - "RetentionInDays": 731 + ], + "TrafficType": "ALL" }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "FlowLogsCWFlowLog9CED86DA": { - "Type": "AWS::EC2::FlowLog", - "Properties": { - "ResourceId": { - "Ref": "VPCB9E5F0B4" - }, - "ResourceType": "VPC", - "TrafficType": "ALL", - "DeliverLogsPermissionArn": { - "Fn::GetAtt": [ - "FlowLogsCWIAMRole017AD736", - "Arn" - ] - }, - "LogDestinationType": "cloud-watch-logs", - "LogFormat": "${srcport}", - "LogGroupName": { - "Ref": "FlowLogsCWLogGroup0398E8F8" - } - } + "DependsOn": [ + "BucketAutoDeleteObjectsCustomResourceBAFD23C2", + "BucketPolicyE9A3008A" + ] }, "Bucket83908E77": { "Type": "AWS::S3::Bucket", @@ -614,7 +495,7 @@ "Arn" ] }, - "/prefix/AWSLogs/", + "/vpcFlowLog/AWSLogs/", { "Ref": "AWS::AccountId" }, @@ -721,7 +602,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d.zip" + "S3Key": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip" }, "Timeout": 900, "MemorySize": 128, diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json index 297a68239d9a3..a940f30783074 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { - "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b": { + "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28": { "source": { - "path": "asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle", + "path": "asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip", + "objectKey": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "1dcf759cd2c8928f5b1acfbf439f1751e25367a5ac61ba5e640ff8b78fdf89f7": { + "e89b8c2ecfd39e5b9ead8ac43c0543eb9c075374e030da72cf274908c87ac5f1": { "source": { "path": "FlowLogsDefaultTestDeployAssert6AFD1854.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1dcf759cd2c8928f5b1acfbf439f1751e25367a5ac61ba5e640ff8b78fdf89f7.json", + "objectKey": "e89b8c2ecfd39e5b9ead8ac43c0543eb9c075374e030da72cf274908c87ac5f1.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json index e8cb5fe5ffe8f..0d5d964974199 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json @@ -31,7 +31,7 @@ } }, "flattenResponse": "false", - "salt": "1666810703150" + "salt": "1675123853737" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -115,7 +115,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip" + "S3Key": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip" }, "Timeout": 120, "Handler": "index.handler", diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.assets.json index fa5105def2d15..a02307790bf3d 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.assets.json @@ -1,7 +1,7 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { - "2db53e096625b4b167fb15dd7bdc246692b381f45e28c509614fef7d41c20bc9": { + "4bdd03a7c8781568c1d29f2674ca4144f0edd176baa84942492304dbc3da8c8a": { "source": { "path": "FlowLogsFeatureFlag.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2db53e096625b4b167fb15dd7bdc246692b381f45e28c509614fef7d41c20bc9.json", + "objectKey": "4bdd03a7c8781568c1d29f2674ca4144f0edd176baa84942492304dbc3da8c8a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.template.json index 0c55b91df3207..7866f5277fa71 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsFeatureFlag.template.json @@ -195,42 +195,6 @@ "VPCVPCGW99B986DC" ] }, - "VPCPublicSubnet2EIP4947BC00": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2NATGateway3C070193": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "AllocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - }, - "DependsOn": [ - "VPCPublicSubnet2DefaultRouteB7481BBA", - "VPCPublicSubnet2RouteTableAssociation5A808732" - ] - }, "VPCPrivateSubnet1Subnet8BCA10E0": { "Type": "AWS::EC2::Subnet", "Properties": { @@ -365,7 +329,7 @@ }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" + "Ref": "VPCPublicSubnet1NATGatewayE0556630" } } }, @@ -524,7 +488,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -537,8 +500,12 @@ "Key": "Name", "Value": "FlowLogsFeatureFlag/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "VPCFlowLogsS3BucketPolicyB2C2A045" + ] }, "VPCFlowLogsS3WithDestinationOptionsBucket1B7AC456": { "Type": "AWS::S3::Bucket", @@ -673,7 +640,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "DestinationOptions": { "fileFormat": "plain-text", "perHourPartition": false, @@ -691,8 +657,12 @@ "Key": "Name", "Value": "FlowLogsFeatureFlag/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "VPCFlowLogsS3WithDestinationOptionsBucketPolicy35257B71" + ] }, "FlowLogsInstanceInstanceSecurityGroupF61782E0": { "Type": "AWS::EC2::SecurityGroup", diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.assets.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.assets.json index 310bb5c387339..d96f9edeb70e3 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.assets.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "29.0.0", "files": { - "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d": { + "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c": { "source": { - "path": "asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d", + "path": "asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d.zip", + "objectKey": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "2090a74d484bc155b48d7511b99e4921b8f55e488c3fe1500cffede0cdfd33b7": { + "f0aebf5349574f7c15c78e892f1004063a937aaa0320e3113d4ce3bf6c7c9de4": { "source": { "path": "FlowLogsTestStack.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2090a74d484bc155b48d7511b99e4921b8f55e488c3fe1500cffede0cdfd33b7.json", + "objectKey": "f0aebf5349574f7c15c78e892f1004063a937aaa0320e3113d4ce3bf6c7c9de4.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.template.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.template.json index 43b56bfee9517..a64a54ee6a73c 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.template.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/FlowLogsTestStack.template.json @@ -195,42 +195,6 @@ "VPCVPCGW99B986DC" ] }, - "VPCPublicSubnet2EIP4947BC00": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "VPCPublicSubnet2NATGateway3C070193": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "AllocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "Tags": [ - { - "Key": "Name", - "Value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - }, - "DependsOn": [ - "VPCPublicSubnet2DefaultRouteB7481BBA", - "VPCPublicSubnet2RouteTableAssociation5A808732" - ] - }, "VPCPrivateSubnet1Subnet8BCA10E0": { "Type": "AWS::EC2::Subnet", "Properties": { @@ -365,7 +329,7 @@ }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" + "Ref": "VPCPublicSubnet1NATGatewayE0556630" } } }, @@ -524,7 +488,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -537,8 +500,12 @@ "Key": "Name", "Value": "FlowLogsTestStack/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "VPCFlowLogsS3BucketPolicyB2C2A045" + ] }, "VPCFlowLogsS3KeyPrefixFlowLogB57F1746": { "Type": "AWS::EC2::FlowLog", @@ -547,7 +514,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "LogDestination": { "Fn::Join": [ "", @@ -568,8 +534,13 @@ "Key": "Name", "Value": "FlowLogsTestStack/VPC" } - ] - } + ], + "TrafficType": "ALL" + }, + "DependsOn": [ + "BucketAutoDeleteObjectsCustomResourceBAFD23C2", + "BucketPolicyE9A3008A" + ] }, "FlowLogsCWIAMRole017AD736": { "Type": "AWS::IAM::Role", @@ -643,7 +614,6 @@ "Ref": "VPCB9E5F0B4" }, "ResourceType": "VPC", - "TrafficType": "ALL", "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "FlowLogsCWIAMRole017AD736", @@ -653,7 +623,8 @@ "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "FlowLogsCWLogGroup0398E8F8" - } + }, + "TrafficType": "ALL" } }, "Bucket83908E77": { @@ -888,7 +859,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d.zip" + "S3Key": "33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c.zip" }, "Timeout": 900, "MemorySize": 128, diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js similarity index 59% rename from packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js index 2d6c2f0e85497..4264087b9aab2 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js @@ -1,4 +1,3 @@ -"use strict"; var __create = Object.create; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; @@ -18,6 +17,10 @@ var __copyProps = (to, from, except, desc) => { return to; }; var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( + // If the importer is in node compatibility mode or this is not an ESM + // file that has been converted to a CommonJS file using a Babel- + // compatible transform (i.e. "__esModule" has not been set), then set + // "default" to the CommonJS "module.exports" for node compatibility. isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, mod )); @@ -34,40 +37,83 @@ module.exports = __toCommonJS(lambda_handler_exports); // ../assertions/lib/matcher.ts var Matcher = class { + /** + * Check whether the provided object is a subtype of the `IMatcher`. + */ static isMatcher(x) { return x && x instanceof Matcher; } }; var MatchResult = class { constructor(target) { - this.failures = []; + this.failuresHere = /* @__PURE__ */ new Map(); this.captures = /* @__PURE__ */ new Map(); this.finalized = false; + this.innerMatchFailures = /* @__PURE__ */ new Map(); + this._hasFailed = false; + this._failCount = 0; + this._cost = 0; this.target = target; } + /** + * DEPRECATED + * @deprecated use recordFailure() + */ push(matcher, path, message) { return this.recordFailure({ matcher, path, message }); } + /** + * Record a new failure into this result at a specific path. + */ recordFailure(failure) { - this.failures.push(failure); + const failKey = failure.path.join("."); + let list = this.failuresHere.get(failKey); + if (!list) { + list = []; + this.failuresHere.set(failKey, list); + } + this._failCount += 1; + this._cost += failure.cost ?? 1; + list.push(failure); + this._hasFailed = true; return this; } + /** Whether the match is a success */ + get isSuccess() { + return !this._hasFailed; + } + /** Does the result contain any failures. If not, the result is a success */ hasFailed() { - return this.failures.length !== 0; + return this._hasFailed; } + /** The number of failures */ get failCount() { - return this.failures.length; + return this._failCount; } + /** The cost of the failures so far */ + get failCost() { + return this._cost; + } + /** + * Compose the results of a previous match as a subtree. + * @param id the id of the parent tree. + */ compose(id, inner) { - const innerF = inner.failures; - this.failures.push(...innerF.map((f) => { - return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; - })); + if (inner.hasFailed()) { + this._hasFailed = true; + this._failCount += inner.failCount; + this._cost += inner._cost; + this.innerMatchFailures.set(id, inner); + } inner.captures.forEach((vals, capture) => { vals.forEach((value) => this.recordCapture({ capture, value })); }); return this; } + /** + * Prepare the result to be analyzed. + * This API *must* be called prior to analyzing these results. + */ finished() { if (this.finalized) { return this; @@ -78,12 +124,169 @@ var MatchResult = class { this.finalized = true; return this; } + /** + * Render the failed match in a presentable way + * + * Prefer using `renderMismatch` over this method. It is left for backwards + * compatibility for test suites that expect it, but `renderMismatch()` will + * produce better output. + */ toHumanStrings() { - return this.failures.map((r) => { - const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; + const failures = new Array(); + debugger; + recurse(this, []); + return failures.map((r) => { + const loc = r.path.length === 0 ? "" : ` at /${r.path.join("/")}`; return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; }); + function recurse(x, prefix) { + for (const fail of Array.from(x.failuresHere.values()).flat()) { + failures.push({ + matcher: fail.matcher, + message: fail.message, + path: [...prefix, ...fail.path] + }); + } + for (const [key, inner] of x.innerMatchFailures.entries()) { + recurse(inner, [...prefix, key]); + } + } } + /** + * Do a deep render of the match result, showing the structure mismatches in context + */ + renderMismatch() { + if (!this.hasFailed()) { + return ""; + } + const parts = new Array(); + const indents = new Array(); + emitFailures(this, ""); + recurse(this); + return moveMarkersToFront(parts.join("").trimEnd()); + function emit(x) { + if (x === void 0) { + debugger; + } + parts.push(x.replace(/\n/g, ` +${indents.join("")}`)); + } + function emitFailures(r, path, scrapSet) { + for (const fail of r.failuresHere.get(path) ?? []) { + emit(`!! ${fail.message} +`); + } + scrapSet == null ? void 0 : scrapSet.delete(path); + } + function recurse(r) { + const remainingFailures = new Set(Array.from(r.failuresHere.keys()).filter((x) => x !== "")); + if (Array.isArray(r.target)) { + indents.push(" "); + emit("[\n"); + for (const [first, i] of enumFirst(range(r.target.length))) { + if (!first) { + emit(",\n"); + } + emitFailures(r, `${i}`, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(`${i}`); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + recurseComparingValues(innerMatcher, r.target[i]); + } else { + emit(renderAbridged(r.target[i])); + } + } + emitRemaining(); + indents.pop(); + emit("\n]"); + return; + } + if (r.target && typeof r.target === "object") { + indents.push(" "); + emit("{\n"); + const keys = Array.from(/* @__PURE__ */ new Set([ + ...Object.keys(r.target), + ...Array.from(remainingFailures) + ])).sort(); + for (const [first, key] of enumFirst(keys)) { + if (!first) { + emit(",\n"); + } + emitFailures(r, key, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(key); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + emit(`${jsonify(key)}: `); + recurseComparingValues(innerMatcher, r.target[key]); + } else { + emit(`${jsonify(key)}: `); + emit(renderAbridged(r.target[key])); + } + } + emitRemaining(); + indents.pop(); + emit("\n}"); + return; + } + emitRemaining(); + emit(jsonify(r.target)); + function emitRemaining() { + if (remainingFailures.size > 0) { + emit("\n"); + } + for (const key of remainingFailures) { + emitFailures(r, key); + } + } + } + function recurseComparingValues(inner, actualValue) { + if (inner.target === actualValue) { + return recurse(inner); + } + emit(renderAbridged(actualValue)); + emit(" <*> "); + recurse(inner); + } + function renderAbridged(x) { + if (Array.isArray(x)) { + switch (x.length) { + case 0: + return "[]"; + case 1: + return `[ ${renderAbridged(x[0])} ]`; + case 2: + if (x.every((e) => ["number", "boolean", "string"].includes(typeof e))) { + return `[ ${x.map(renderAbridged).join(", ")} ]`; + } + return "[ ... ]"; + default: + return "[ ... ]"; + } + } + if (x && typeof x === "object") { + const keys = Object.keys(x); + switch (keys.length) { + case 0: + return "{}"; + case 1: + return `{ ${JSON.stringify(keys[0])}: ${renderAbridged(x[keys[0]])} }`; + default: + return "{ ... }"; + } + } + return jsonify(x); + } + function jsonify(x) { + return JSON.stringify(x) ?? "undefined"; + } + function moveMarkersToFront(x) { + const re = /^(\s+)!!/gm; + return x.replace(re, (_, spaces) => `!!${spaces.substring(0, spaces.length - 2)}`); + } + } + /** + * Record a capture against in this match result. + */ recordCapture(options) { let values = this.captures.get(options.capture); if (values === void 0) { @@ -93,6 +296,18 @@ var MatchResult = class { this.captures.set(options.capture, values); } }; +function* range(n) { + for (let i = 0; i < n; i++) { + yield i; + } +} +function* enumFirst(xs) { + let first = true; + for (const x of xs) { + yield [first, x]; + first = false; + } +} // ../assertions/lib/private/matchers/absent.ts var AbsentMatch = class extends Matcher { @@ -113,6 +328,51 @@ var AbsentMatch = class extends Matcher { } }; +// ../assertions/lib/private/sorting.ts +function sortKeyComparator(keyFn) { + return (a, b) => { + const ak = keyFn(a); + const bk = keyFn(b); + for (let i = 0; i < ak.length && i < bk.length; i++) { + const av = ak[i]; + const bv = bk[i]; + let diff = 0; + if (typeof av === "number" && typeof bv === "number") { + diff = av - bv; + } else if (typeof av === "string" && typeof bv === "string") { + diff = av.localeCompare(bv); + } + if (diff !== 0) { + return diff; + } + } + return bk.length - ak.length; + }; +} + +// ../assertions/lib/private/sparse-matrix.ts +var SparseMatrix = class { + constructor() { + this.matrix = /* @__PURE__ */ new Map(); + } + get(row, col) { + var _a; + return (_a = this.matrix.get(row)) == null ? void 0 : _a.get(col); + } + row(row) { + var _a; + return Array.from(((_a = this.matrix.get(row)) == null ? void 0 : _a.entries()) ?? []); + } + set(row, col, value) { + let r = this.matrix.get(row); + if (!r) { + r = /* @__PURE__ */ new Map(); + this.matrix.set(row, r); + } + r.set(col, value); + } +}; + // ../assertions/lib/private/type.ts function getType(obj) { return Array.isArray(obj) ? "array" : typeof obj; @@ -120,33 +380,74 @@ function getType(obj) { // ../assertions/lib/match.ts var Match = class { + /** + * Use this matcher in the place of a field's value, if the field must not be present. + */ static absent() { return new AbsentMatch("absent"); } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must be in the same order as would be found. + * @param pattern the pattern to match + */ static arrayWith(pattern) { return new ArrayMatch("arrayWith", pattern); } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must match exactly and in order. + * @param pattern the pattern to match + */ static arrayEquals(pattern) { return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); } + /** + * Deep exact matching of the specified pattern to the target. + * @param pattern the pattern to match + */ static exact(pattern) { return new LiteralMatch("exact", pattern, { partialObjects: false }); } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must be present in the target but the target can be a superset. + * @param pattern the pattern to match + */ static objectLike(pattern) { return new ObjectMatch("objectLike", pattern); } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must match exactly with the target. + * @param pattern the pattern to match + */ static objectEquals(pattern) { return new ObjectMatch("objectEquals", pattern, { partial: false }); } + /** + * Matches any target which does NOT follow the specified pattern. + * @param pattern the pattern to NOT match + */ static not(pattern) { return new NotMatch("not", pattern); } + /** + * Matches any string-encoded JSON and applies the specified pattern after parsing it. + * @param pattern the pattern to match after parsing the encoded JSON. + */ static serializedJson(pattern) { return new SerializedJson("serializedJson", pattern); } + /** + * Matches any non-null value at the target. + */ static anyValue() { return new AnyMatch("anyValue"); } + /** + * Matches targets according to a regular expression + */ static stringLikeRegexp(pattern) { return new StringLikeRegexpMatch("stringLikeRegexp", pattern); } @@ -203,40 +504,87 @@ var ArrayMatch = class extends Matcher { message: `Expected type array but received ${getType(actual)}` }); } - if (!this.subsequence && this.pattern.length !== actual.length) { - return new MatchResult(actual).recordFailure({ + return this.subsequence ? this.testSubsequence(actual) : this.testFullArray(actual); + } + testFullArray(actual) { + const result = new MatchResult(actual); + let i = 0; + for (; i < this.pattern.length && i < actual.length; i++) { + const patternElement = this.pattern[i]; + const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); + const innerResult = matcher.test(actual[i]); + result.compose(`${i}`, innerResult); + } + if (i < this.pattern.length) { + result.recordFailure({ matcher: this, - path: [], - message: `Expected array of length ${this.pattern.length} but received ${actual.length}` + message: `Not enough elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] + }); + } + if (i < actual.length) { + result.recordFailure({ + matcher: this, + message: `Too many elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] }); } + return result; + } + testSubsequence(actual) { + const result = new MatchResult(actual); let patternIdx = 0; let actualIdx = 0; - const result = new MatchResult(actual); + const matches = new SparseMatrix(); while (patternIdx < this.pattern.length && actualIdx < actual.length) { const patternElement = this.pattern[patternIdx]; const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); const matcherName = matcher.name; - if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { + if (matcherName == "absent" || matcherName == "anyValue") { throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); } const innerResult = matcher.test(actual[actualIdx]); - if (!this.subsequence || !innerResult.hasFailed()) { - result.compose(`[${actualIdx}]`, innerResult); + matches.set(patternIdx, actualIdx, innerResult); + actualIdx++; + if (innerResult.isSuccess) { + result.compose(`${actualIdx}`, innerResult); patternIdx++; - actualIdx++; - } else { - actualIdx++; } } - for (; patternIdx < this.pattern.length; patternIdx++) { - const pattern = this.pattern[patternIdx]; - const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; - result.recordFailure({ - matcher: this, - path: [], - message: `Missing element${element}at pattern index ${patternIdx}` - }); + if (patternIdx < this.pattern.length) { + for (let spi = 0; spi < patternIdx; spi++) { + const foundMatch = matches.row(spi).find(([, r]) => r.isSuccess); + if (!foundMatch) { + continue; + } + const [index] = foundMatch; + result.compose(`${index}`, new MatchResult(actual[index]).recordFailure({ + matcher: this, + message: `arrayWith pattern ${spi} matched here`, + path: [], + cost: 0 + // This is an informational message so it would be unfair to assign it cost + })); + } + const failedMatches = matches.row(patternIdx); + failedMatches.sort(sortKeyComparator(([i, r]) => [r.failCost, i])); + if (failedMatches.length > 0) { + const [index, innerResult] = failedMatches[0]; + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. This is the closest match`, + path: [`${index}`], + cost: 0 + // Informational message + }); + result.compose(`${index}`, innerResult); + } else { + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. No more elements to try`, + path: [`${actual.length}`] + }); + } } return result; } @@ -262,8 +610,8 @@ var ObjectMatch = class extends Matcher { if (!(a in this.pattern)) { result.recordFailure({ matcher: this, - path: [`/${a}`], - message: "Unexpected key" + path: [a], + message: `Unexpected key ${a}` }); } } @@ -272,14 +620,14 @@ var ObjectMatch = class extends Matcher { if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { result.recordFailure({ matcher: this, - path: [`/${patternKey}`], - message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` + path: [patternKey], + message: `Missing key '${patternKey}'` }); continue; } const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); const inner = matcher.test(actual[patternKey]); - result.compose(`/${patternKey}`, inner); + result.compose(patternKey, inner); } return result; } @@ -291,34 +639,37 @@ var SerializedJson = class extends Matcher { this.pattern = pattern; } test(actual) { - const result = new MatchResult(actual); if (getType(actual) !== "string") { - result.recordFailure({ + return new MatchResult(actual).recordFailure({ matcher: this, path: [], message: `Expected JSON as a string but found ${getType(actual)}` }); - return result; } let parsed; try { parsed = JSON.parse(actual); } catch (err) { if (err instanceof SyntaxError) { - result.recordFailure({ + return new MatchResult(actual).recordFailure({ matcher: this, path: [], message: `Invalid JSON string: ${actual}` }); - return result; } else { throw err; } } const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); const innerResult = matcher.test(parsed); - result.compose(`(${this.name})`, innerResult); - return result; + if (innerResult.hasFailed()) { + innerResult.recordFailure({ + matcher: this, + path: [], + message: "Encoded JSON value does not match" + }); + } + return innerResult; } }; var NotMatch = class extends Matcher { @@ -405,6 +756,10 @@ var CustomResourceHandler = class { this.event = event; this.physicalResourceId = extractPhysicalResourceId(event); } + /** + * Handles executing the custom resource event. If `stateMachineArn` is present + * in the props then trigger the waiter statemachine + */ async handle() { try { if ("stateMachineArn" in this.event.ResourceProperties) { @@ -426,6 +781,9 @@ var CustomResourceHandler = class { clearTimeout(this.timeout); } } + /** + * Handle async requests from the waiter state machine + */ async handleIsComplete() { try { const result = await this.processEvent(this.event.ResourceProperties); @@ -437,6 +795,10 @@ var CustomResourceHandler = class { clearTimeout(this.timeout); } } + /** + * Start a step function state machine which will wait for the request + * to be successful. + */ async startExecution(req) { try { const sfn = new AWS.StepFunctions(); @@ -507,10 +869,7 @@ var AssertionHandler = class extends CustomResourceHandler { failed: true, assertion: JSON.stringify({ status: "fail", - message: [ - ...matchResult.toHumanStrings(), - JSON.stringify(matchResult.target, void 0, 2) - ].join("\n") + message: matchResult.renderMismatch() }) }; if (request2.failDeployment) { @@ -532,6 +891,65 @@ var MatchCreator = class { matcher: obj }; } + /** + * Return a Matcher that can be tested against the actual results. + * This will convert the encoded matchers into their corresponding + * assertions matcher. + * + * For example: + * + * ExpectedResult.objectLike({ + * Messages: [{ + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * }], + * }); + * + * Will be encoded as: + * { + * $ObjectLike: { + * Messages: [{ + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * }], + * }, + * } + * + * Which can then be parsed by this function. For each key (recursively) + * the parser will check if the value has one of the encoded matchers as a key + * and if so, it will set the value as the Matcher. So, + * + * { + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * } + * + * Will be converted to + * { + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * } + */ getMatcher() { try { const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { @@ -543,6 +961,8 @@ var MatchCreator = class { return Match.objectLike(v[nested]); case "$StringLike": return Match.stringLikeRegexp(v[nested]); + case "$SerializedJson": + return Match.serializedJson(v[nested]); default: return v; } @@ -614,11 +1034,26 @@ var AwsApiCallHandler = class extends CustomResourceHandler { const flatData = { ...flatten(respond) }; - const resp = request2.flattenResponse === "true" ? flatData : respond; + let resp = respond; + if (request2.outputPaths) { + resp = filterKeys(flatData, request2.outputPaths); + } else if (request2.flattenResponse === "true") { + resp = flatData; + } console.log(`Returning result ${JSON.stringify(resp)}`); return resp; } }; +function filterKeys(object, searchStrings) { + return Object.entries(object).reduce((filteredObject, [key, value]) => { + for (const searchString of searchStrings) { + if (key.startsWith(`apiCallResponse.${searchString}`)) { + filteredObject[key] = value; + } + } + return filteredObject; + }, {}); +} function isJsonString(value) { try { return JSON.parse(value); @@ -664,6 +1099,7 @@ async function handler(event, context) { await provider.respond({ status: "SUCCESS", reason: "OK", + // return both the result of the API call _and_ the assertion results data: { ...assertionResult, ...result diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/__entrypoint__.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/__entrypoint__.js similarity index 100% rename from packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/__entrypoint__.js rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/__entrypoint__.js diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/index.js similarity index 100% rename from packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js rename to packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.33e2651435a0d472a75c1e033c9832b21321d9e56711926b04c5705e5f63874c/index.js diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js deleted file mode 100644 index 9df94382cc74e..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js +++ /dev/null @@ -1,118 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = exports.external = void 0; -const https = require("https"); -const url = require("url"); -// for unit tests -exports.external = { - sendHttpRequest: defaultSendHttpRequest, - log: defaultLog, - includeStackTraces: true, - userHandlerIndex: './index', -}; -const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; -const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; -async function handler(event, context) { - const sanitizedEvent = { ...event, ResponseURL: '...' }; - exports.external.log(JSON.stringify(sanitizedEvent, undefined, 2)); - // ignore DELETE event when the physical resource ID is the marker that - // indicates that this DELETE is a subsequent DELETE to a failed CREATE - // operation. - if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { - exports.external.log('ignoring DELETE event caused by a failed CREATE event'); - await submitResponse('SUCCESS', event); - return; - } - try { - // invoke the user handler. this is intentionally inside the try-catch to - // ensure that if there is an error it's reported as a failure to - // cloudformation (otherwise cfn waits). - // eslint-disable-next-line @typescript-eslint/no-require-imports - const userHandler = require(exports.external.userHandlerIndex).handler; - const result = await userHandler(sanitizedEvent, context); - // validate user response and create the combined event - const responseEvent = renderResponse(event, result); - // submit to cfn as success - await submitResponse('SUCCESS', responseEvent); - } - catch (e) { - const resp = { - ...event, - Reason: exports.external.includeStackTraces ? e.stack : e.message, - }; - if (!resp.PhysicalResourceId) { - // special case: if CREATE fails, which usually implies, we usually don't - // have a physical resource id. in this case, the subsequent DELETE - // operation does not have any meaning, and will likely fail as well. to - // address this, we use a marker so the provider framework can simply - // ignore the subsequent DELETE. - if (event.RequestType === 'Create') { - exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); - resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; - } - else { - // otherwise, if PhysicalResourceId is not specified, something is - // terribly wrong because all other events should have an ID. - exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); - } - } - // this is an actual error, fail the activity altogether and exist. - await submitResponse('FAILED', resp); - } -} -exports.handler = handler; -function renderResponse(cfnRequest, handlerResponse = {}) { - // if physical ID is not returned, we have some defaults for you based - // on the request type. - const physicalResourceId = handlerResponse.PhysicalResourceId ?? cfnRequest.PhysicalResourceId ?? cfnRequest.RequestId; - // if we are in DELETE and physical ID was changed, it's an error. - if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { - throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); - } - // merge request event and result event (result prevails). - return { - ...cfnRequest, - ...handlerResponse, - PhysicalResourceId: physicalResourceId, - }; -} -async function submitResponse(status, event) { - const json = { - Status: status, - Reason: event.Reason ?? status, - StackId: event.StackId, - RequestId: event.RequestId, - PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, - LogicalResourceId: event.LogicalResourceId, - NoEcho: event.NoEcho, - Data: event.Data, - }; - exports.external.log('submit response to cloudformation', json); - const responseBody = JSON.stringify(json); - const parsedUrl = url.parse(event.ResponseURL); - const req = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: 'PUT', - headers: { 'content-type': '', 'content-length': responseBody.length }, - }; - await exports.external.sendHttpRequest(req, responseBody); -} -async function defaultSendHttpRequest(options, responseBody) { - return new Promise((resolve, reject) => { - try { - const request = https.request(options, _ => resolve()); - request.on('error', reject); - request.write(responseBody); - request.end(); - } - catch (e) { - reject(e); - } - }); -} -function defaultLog(fmt, ...params) { - // eslint-disable-next-line no-console - console.log(fmt, ...params); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsTUFBTSxjQUFjLEdBQUcsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUM7SUFDeEQsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFM0QsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFMUQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbkRELDBCQW1EQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRztJQUU3QyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsZUFBZSxDQUFDLGtCQUFrQixJQUFJLFVBQVUsQ0FBQyxrQkFBa0IsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7SUFDekUsTUFBTSxJQUFJLEdBQW1EO1FBQzNELE1BQU0sRUFBRSxNQUFNO1FBQ2QsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLElBQUksTUFBTTtRQUM5QixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87UUFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1FBQzFCLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSwwQkFBMEI7UUFDMUUsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtRQUMxQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07UUFDcEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO0tBQ2pCLENBQUM7SUFFRixnQkFBUSxDQUFDLEdBQUcsQ0FBQyxtQ0FBbUMsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUV4RCxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzFDLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLE1BQU0sR0FBRyxHQUFHO1FBQ1YsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1FBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtRQUNwQixNQUFNLEVBQUUsS0FBSztRQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtLQUN2RSxDQUFDO0lBRUYsTUFBTSxnQkFBUSxDQUFDLGVBQWUsQ0FBQyxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDcEQsQ0FBQztBQUVELEtBQUssVUFBVSxzQkFBc0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ3ZGLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RCxPQUFPLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztZQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxHQUFHLEVBQUUsQ0FBQztTQUNmO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDWDtJQUNILENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELFNBQVMsVUFBVSxDQUFDLEdBQVcsRUFBRSxHQUFHLE1BQWE7SUFDL0Msc0NBQXNDO0lBQ3RDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEdBQUcsTUFBTSxDQUFDLENBQUM7QUFDOUIsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGh0dHBzIGZyb20gJ2h0dHBzJztcbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuXG4vLyBmb3IgdW5pdCB0ZXN0c1xuZXhwb3J0IGNvbnN0IGV4dGVybmFsID0ge1xuICBzZW5kSHR0cFJlcXVlc3Q6IGRlZmF1bHRTZW5kSHR0cFJlcXVlc3QsXG4gIGxvZzogZGVmYXVsdExvZyxcbiAgaW5jbHVkZVN0YWNrVHJhY2VzOiB0cnVlLFxuICB1c2VySGFuZGxlckluZGV4OiAnLi9pbmRleCcsXG59O1xuXG5jb25zdCBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6OkNSRUFURV9GQUlMRUQnO1xuY29uc3QgTUlTU0lOR19QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpNSVNTSU5HX1BIWVNJQ0FMX0lEJztcblxuZXhwb3J0IHR5cGUgUmVzcG9uc2UgPSBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgSGFuZGxlclJlc3BvbnNlO1xuZXhwb3J0IHR5cGUgSGFuZGxlciA9IChldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpID0+IFByb21pc2U8SGFuZGxlclJlc3BvbnNlIHwgdm9pZD47XG5leHBvcnQgdHlwZSBIYW5kbGVyUmVzcG9uc2UgPSB1bmRlZmluZWQgfCB7XG4gIERhdGE/OiBhbnk7XG4gIFBoeXNpY2FsUmVzb3VyY2VJZD86IHN0cmluZztcbiAgUmVhc29uPzogc3RyaW5nO1xuICBOb0VjaG8/OiBib29sZWFuO1xufTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIGNvbnN0IHNhbml0aXplZEV2ZW50ID0geyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH07XG4gIGV4dGVybmFsLmxvZyhKU09OLnN0cmluZ2lmeShzYW5pdGl6ZWRFdmVudCwgdW5kZWZpbmVkLCAyKSk7XG5cbiAgLy8gaWdub3JlIERFTEVURSBldmVudCB3aGVuIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBpcyB0aGUgbWFya2VyIHRoYXRcbiAgLy8gaW5kaWNhdGVzIHRoYXQgdGhpcyBERUxFVEUgaXMgYSBzdWJzZXF1ZW50IERFTEVURSB0byBhIGZhaWxlZCBDUkVBVEVcbiAgLy8gb3BlcmF0aW9uLlxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9PT0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIpIHtcbiAgICBleHRlcm5hbC5sb2coJ2lnbm9yaW5nIERFTEVURSBldmVudCBjYXVzZWQgYnkgYSBmYWlsZWQgQ1JFQVRFIGV2ZW50Jyk7XG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgcmV0dXJuO1xuICB9XG5cbiAgdHJ5IHtcbiAgICAvLyBpbnZva2UgdGhlIHVzZXIgaGFuZGxlci4gdGhpcyBpcyBpbnRlbnRpb25hbGx5IGluc2lkZSB0aGUgdHJ5LWNhdGNoIHRvXG4gICAgLy8gZW5zdXJlIHRoYXQgaWYgdGhlcmUgaXMgYW4gZXJyb3IgaXQncyByZXBvcnRlZCBhcyBhIGZhaWx1cmUgdG9cbiAgICAvLyBjbG91ZGZvcm1hdGlvbiAob3RoZXJ3aXNlIGNmbiB3YWl0cykuXG4gICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICBjb25zdCB1c2VySGFuZGxlcjogSGFuZGxlciA9IHJlcXVpcmUoZXh0ZXJuYWwudXNlckhhbmRsZXJJbmRleCkuaGFuZGxlcjtcbiAgICBjb25zdCByZXN1bHQgPSBhd2FpdCB1c2VySGFuZGxlcihzYW5pdGl6ZWRFdmVudCwgY29udGV4dCk7XG5cbiAgICAvLyB2YWxpZGF0ZSB1c2VyIHJlc3BvbnNlIGFuZCBjcmVhdGUgdGhlIGNvbWJpbmVkIGV2ZW50XG4gICAgY29uc3QgcmVzcG9uc2VFdmVudCA9IHJlbmRlclJlc3BvbnNlKGV2ZW50LCByZXN1bHQpO1xuXG4gICAgLy8gc3VibWl0IHRvIGNmbiBhcyBzdWNjZXNzXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCByZXNwb25zZUV2ZW50KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGNvbnN0IHJlc3A6IFJlc3BvbnNlID0ge1xuICAgICAgLi4uZXZlbnQsXG4gICAgICBSZWFzb246IGV4dGVybmFsLmluY2x1ZGVTdGFja1RyYWNlcyA/IGUuc3RhY2sgOiBlLm1lc3NhZ2UsXG4gICAgfTtcblxuICAgIGlmICghcmVzcC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICAgIC8vIHNwZWNpYWwgY2FzZTogaWYgQ1JFQVRFIGZhaWxzLCB3aGljaCB1c3VhbGx5IGltcGxpZXMsIHdlIHVzdWFsbHkgZG9uJ3RcbiAgICAgIC8vIGhhdmUgYSBwaHlzaWNhbCByZXNvdXJjZSBpZC4gaW4gdGhpcyBjYXNlLCB0aGUgc3Vic2VxdWVudCBERUxFVEVcbiAgICAgIC8vIG9wZXJhdGlvbiBkb2VzIG5vdCBoYXZlIGFueSBtZWFuaW5nLCBhbmQgd2lsbCBsaWtlbHkgZmFpbCBhcyB3ZWxsLiB0b1xuICAgICAgLy8gYWRkcmVzcyB0aGlzLCB3ZSB1c2UgYSBtYXJrZXIgc28gdGhlIHByb3ZpZGVyIGZyYW1ld29yayBjYW4gc2ltcGx5XG4gICAgICAvLyBpZ25vcmUgdGhlIHN1YnNlcXVlbnQgREVMRVRFLlxuICAgICAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgICAgICBleHRlcm5hbC5sb2coJ0NSRUFURSBmYWlsZWQsIHJlc3BvbmRpbmcgd2l0aCBhIG1hcmtlciBwaHlzaWNhbCByZXNvdXJjZSBpZCBzbyB0aGF0IHRoZSBzdWJzZXF1ZW50IERFTEVURSB3aWxsIGJlIGlnbm9yZWQnKTtcbiAgICAgICAgcmVzcC5QaHlzaWNhbFJlc291cmNlSWQgPSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUjtcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIC8vIG90aGVyd2lzZSwgaWYgUGh5c2ljYWxSZXNvdXJjZUlkIGlzIG5vdCBzcGVjaWZpZWQsIHNvbWV0aGluZyBpc1xuICAgICAgICAvLyB0ZXJyaWJseSB3cm9uZyBiZWNhdXNlIGFsbCBvdGhlciBldmVudHMgc2hvdWxkIGhhdmUgYW4gSUQuXG4gICAgICAgIGV4dGVybmFsLmxvZyhgRVJST1I6IE1hbGZvcm1lZCBldmVudC4gXCJQaHlzaWNhbFJlc291cmNlSWRcIiBpcyByZXF1aXJlZDogJHtKU09OLnN0cmluZ2lmeShldmVudCl9YCk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgLy8gdGhpcyBpcyBhbiBhY3R1YWwgZXJyb3IsIGZhaWwgdGhlIGFjdGl2aXR5IGFsdG9nZXRoZXIgYW5kIGV4aXN0LlxuICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdGQUlMRUQnLCByZXNwKTtcbiAgfVxufVxuXG5mdW5jdGlvbiByZW5kZXJSZXNwb25zZShcbiAgY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCAmIHsgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nIH0sXG4gIGhhbmRsZXJSZXNwb25zZTogdm9pZCB8IEhhbmRsZXJSZXNwb25zZSA9IHsgfSk6IFJlc3BvbnNlIHtcblxuICAvLyBpZiBwaHlzaWNhbCBJRCBpcyBub3QgcmV0dXJuZWQsIHdlIGhhdmUgc29tZSBkZWZhdWx0cyBmb3IgeW91IGJhc2VkXG4gIC8vIG9uIHRoZSByZXF1ZXN0IHR5cGUuXG4gIGNvbnN0IHBoeXNpY2FsUmVzb3VyY2VJZCA9IGhhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5SZXF1ZXN0SWQ7XG5cbiAgLy8gaWYgd2UgYXJlIGluIERFTEVURSBhbmQgcGh5c2ljYWwgSUQgd2FzIGNoYW5nZWQsIGl0J3MgYW4gZXJyb3IuXG4gIGlmIChjZm5SZXF1ZXN0LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJyAmJiBwaHlzaWNhbFJlc291cmNlSWQgIT09IGNmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBERUxFVEU6IGNhbm5vdCBjaGFuZ2UgdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGZyb20gXCIke2NmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIHRvIFwiJHtoYW5kbGVyUmVzcG9uc2UuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIGR1cmluZyBkZWxldGlvbmApO1xuICB9XG5cbiAgLy8gbWVyZ2UgcmVxdWVzdCBldmVudCBhbmQgcmVzdWx0IGV2ZW50IChyZXN1bHQgcHJldmFpbHMpLlxuICByZXR1cm4ge1xuICAgIC4uLmNmblJlcXVlc3QsXG4gICAgLi4uaGFuZGxlclJlc3BvbnNlLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG5hc3luYyBmdW5jdGlvbiBzdWJtaXRSZXNwb25zZShzdGF0dXM6ICdTVUNDRVNTJyB8ICdGQUlMRUQnLCBldmVudDogUmVzcG9uc2UpIHtcbiAgY29uc3QganNvbjogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VSZXNwb25zZSA9IHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IGV2ZW50LlJlYXNvbiA/PyBzdGF0dXMsXG4gICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICBSZXF1ZXN0SWQ6IGV2ZW50LlJlcXVlc3RJZCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUixcbiAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgTm9FY2hvOiBldmVudC5Ob0VjaG8sXG4gICAgRGF0YTogZXZlbnQuRGF0YSxcbiAgfTtcblxuICBleHRlcm5hbC5sb2coJ3N1Ym1pdCByZXNwb25zZSB0byBjbG91ZGZvcm1hdGlvbicsIGpzb24pO1xuXG4gIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KGpzb24pO1xuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBjb25zdCByZXEgPSB7XG4gICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICBtZXRob2Q6ICdQVVQnLFxuICAgIGhlYWRlcnM6IHsgJ2NvbnRlbnQtdHlwZSc6ICcnLCAnY29udGVudC1sZW5ndGgnOiByZXNwb25zZUJvZHkubGVuZ3RoIH0sXG4gIH07XG5cbiAgYXdhaXQgZXh0ZXJuYWwuc2VuZEh0dHBSZXF1ZXN0KHJlcSwgcmVzcG9uc2VCb2R5KTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdFNlbmRIdHRwUmVxdWVzdChvcHRpb25zOiBodHRwcy5SZXF1ZXN0T3B0aW9ucywgcmVzcG9uc2VCb2R5OiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgcmV0dXJuIG5ldyBQcm9taXNlKChyZXNvbHZlLCByZWplY3QpID0+IHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgcmVxdWVzdCA9IGh0dHBzLnJlcXVlc3Qob3B0aW9ucywgXyA9PiByZXNvbHZlKCkpO1xuICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxuZnVuY3Rpb24gZGVmYXVsdExvZyhmbXQ6IHN0cmluZywgLi4ucGFyYW1zOiBhbnlbXSkge1xuICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgbm8tY29uc29sZVxuICBjb25zb2xlLmxvZyhmbXQsIC4uLnBhcmFtcyk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts deleted file mode 100644 index 3554dc94d4617..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise; diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts deleted file mode 100644 index 2459d44ab1d18..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts +++ /dev/null @@ -1,82 +0,0 @@ -// eslint-disable-next-line import/no-extraneous-dependencies -import { S3 } from 'aws-sdk'; - -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; - -const s3 = new S3(); - -export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} - -async function onUpdate(event: AWSLambda.CloudFormationCustomResourceEvent) { - const updateEvent = event as AWSLambda.CloudFormationCustomResourceUpdateEvent; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} - -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName: string) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - - const records = contents.map((record: any) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} - -async function onDelete(bucketName?: string) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} - -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName: string) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js deleted file mode 100644 index ba956d47f51fe..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/asset.84802aa01d2d2c9e7d8d69705ee832c97f1ebad2d73c72be5c32d53f16cf90a7.bundle/index.js +++ /dev/null @@ -1,612 +0,0 @@ -"use strict"; -var __create = Object.create; -var __defProp = Object.defineProperty; -var __getOwnPropDesc = Object.getOwnPropertyDescriptor; -var __getOwnPropNames = Object.getOwnPropertyNames; -var __getProtoOf = Object.getPrototypeOf; -var __hasOwnProp = Object.prototype.hasOwnProperty; -var __export = (target, all) => { - for (var name in all) - __defProp(target, name, { get: all[name], enumerable: true }); -}; -var __copyProps = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames(from)) - if (!__hasOwnProp.call(to, key) && key !== except) - __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); - } - return to; -}; -var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( - isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, - mod -)); -var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); - -// lib/assertions/providers/lambda-handler/index.ts -var lambda_handler_exports = {}; -__export(lambda_handler_exports, { - handler: () => handler -}); -module.exports = __toCommonJS(lambda_handler_exports); - -// ../assertions/lib/matcher.ts -var Matcher = class { - static isMatcher(x) { - return x && x instanceof Matcher; - } -}; -var MatchResult = class { - constructor(target) { - this.failures = []; - this.captures = /* @__PURE__ */ new Map(); - this.finalized = false; - this.target = target; - } - push(matcher, path, message) { - return this.recordFailure({ matcher, path, message }); - } - recordFailure(failure) { - this.failures.push(failure); - return this; - } - hasFailed() { - return this.failures.length !== 0; - } - get failCount() { - return this.failures.length; - } - compose(id, inner) { - const innerF = inner.failures; - this.failures.push(...innerF.map((f) => { - return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; - })); - inner.captures.forEach((vals, capture) => { - vals.forEach((value) => this.recordCapture({ capture, value })); - }); - return this; - } - finished() { - if (this.finalized) { - return this; - } - if (this.failCount === 0) { - this.captures.forEach((vals, cap) => cap._captured.push(...vals)); - } - this.finalized = true; - return this; - } - toHumanStrings() { - return this.failures.map((r) => { - const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; - return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; - }); - } - recordCapture(options) { - let values = this.captures.get(options.capture); - if (values === void 0) { - values = []; - } - values.push(options.value); - this.captures.set(options.capture, values); - } -}; - -// ../assertions/lib/private/matchers/absent.ts -var AbsentMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual !== void 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Received ${actual}, but key should be absent` - }); - } - return result; - } -}; - -// ../assertions/lib/private/type.ts -function getType(obj) { - return Array.isArray(obj) ? "array" : typeof obj; -} - -// ../assertions/lib/match.ts -var Match = class { - static absent() { - return new AbsentMatch("absent"); - } - static arrayWith(pattern) { - return new ArrayMatch("arrayWith", pattern); - } - static arrayEquals(pattern) { - return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); - } - static exact(pattern) { - return new LiteralMatch("exact", pattern, { partialObjects: false }); - } - static objectLike(pattern) { - return new ObjectMatch("objectLike", pattern); - } - static objectEquals(pattern) { - return new ObjectMatch("objectEquals", pattern, { partial: false }); - } - static not(pattern) { - return new NotMatch("not", pattern); - } - static serializedJson(pattern) { - return new SerializedJson("serializedJson", pattern); - } - static anyValue() { - return new AnyMatch("anyValue"); - } - static stringLikeRegexp(pattern) { - return new StringLikeRegexpMatch("stringLikeRegexp", pattern); - } -}; -var LiteralMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partialObjects = options.partialObjects ?? false; - if (Matcher.isMatcher(this.pattern)) { - throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); - } - } - test(actual) { - if (Array.isArray(this.pattern)) { - return new ArrayMatch(this.name, this.pattern, { subsequence: false, partialObjects: this.partialObjects }).test(actual); - } - if (typeof this.pattern === "object") { - return new ObjectMatch(this.name, this.pattern, { partial: this.partialObjects }).test(actual); - } - const result = new MatchResult(actual); - if (typeof this.pattern !== typeof actual) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected type ${typeof this.pattern} but received ${getType(actual)}` - }); - return result; - } - if (actual !== this.pattern) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected ${this.pattern} but received ${actual}` - }); - } - return result; - } -}; -var ArrayMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.subsequence = options.subsequence ?? true; - this.partialObjects = options.partialObjects ?? false; - } - test(actual) { - if (!Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type array but received ${getType(actual)}` - }); - } - if (!this.subsequence && this.pattern.length !== actual.length) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected array of length ${this.pattern.length} but received ${actual.length}` - }); - } - let patternIdx = 0; - let actualIdx = 0; - const result = new MatchResult(actual); - while (patternIdx < this.pattern.length && actualIdx < actual.length) { - const patternElement = this.pattern[patternIdx]; - const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); - const matcherName = matcher.name; - if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { - throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); - } - const innerResult = matcher.test(actual[actualIdx]); - if (!this.subsequence || !innerResult.hasFailed()) { - result.compose(`[${actualIdx}]`, innerResult); - patternIdx++; - actualIdx++; - } else { - actualIdx++; - } - } - for (; patternIdx < this.pattern.length; patternIdx++) { - const pattern = this.pattern[patternIdx]; - const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; - result.recordFailure({ - matcher: this, - path: [], - message: `Missing element${element}at pattern index ${patternIdx}` - }); - } - return result; - } -}; -var ObjectMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partial = options.partial ?? true; - } - test(actual) { - if (typeof actual !== "object" || Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type object but received ${getType(actual)}` - }); - } - const result = new MatchResult(actual); - if (!this.partial) { - for (const a of Object.keys(actual)) { - if (!(a in this.pattern)) { - result.recordFailure({ - matcher: this, - path: [`/${a}`], - message: "Unexpected key" - }); - } - } - } - for (const [patternKey, patternVal] of Object.entries(this.pattern)) { - if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { - result.recordFailure({ - matcher: this, - path: [`/${patternKey}`], - message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` - }); - continue; - } - const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); - const inner = matcher.test(actual[patternKey]); - result.compose(`/${patternKey}`, inner); - } - return result; - } -}; -var SerializedJson = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - if (getType(actual) !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected JSON as a string but found ${getType(actual)}` - }); - return result; - } - let parsed; - try { - parsed = JSON.parse(actual); - } catch (err) { - if (err instanceof SyntaxError) { - result.recordFailure({ - matcher: this, - path: [], - message: `Invalid JSON string: ${actual}` - }); - return result; - } else { - throw err; - } - } - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(parsed); - result.compose(`(${this.name})`, innerResult); - return result; - } -}; -var NotMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(actual); - const result = new MatchResult(actual); - if (innerResult.failCount === 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Found unexpected match: ${JSON.stringify(actual, void 0, 2)}` - }); - } - return result; - } -}; -var AnyMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual == null) { - result.recordFailure({ - matcher: this, - path: [], - message: "Expected a value but found none" - }); - } - return result; - } -}; -var StringLikeRegexpMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - const regex = new RegExp(this.pattern, "gm"); - if (typeof actual !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected a string, but got '${typeof actual}'` - }); - } - if (!regex.test(actual)) { - result.recordFailure({ - matcher: this, - path: [], - message: `String '${actual}' did not match pattern '${this.pattern}'` - }); - } - return result; - } -}; - -// lib/assertions/providers/lambda-handler/base.ts -var https = __toESM(require("https")); -var url = __toESM(require("url")); -var CustomResourceHandler = class { - constructor(event, context) { - this.event = event; - this.context = context; - this.timedOut = false; - this.timeout = setTimeout(async () => { - await this.respond({ - status: "FAILED", - reason: "Lambda Function Timeout", - data: this.context.logStreamName - }); - this.timedOut = true; - }, context.getRemainingTimeInMillis() - 1200); - this.event = event; - this.physicalResourceId = extractPhysicalResourceId(event); - } - async handle() { - try { - console.log(`Event: ${JSON.stringify({ ...this.event, ResponseURL: "..." })}`); - const response = await this.processEvent(this.event.ResourceProperties); - console.log(`Event output : ${JSON.stringify(response)}`); - await this.respond({ - status: "SUCCESS", - reason: "OK", - data: response - }); - } catch (e) { - console.log(e); - await this.respond({ - status: "FAILED", - reason: e.message ?? "Internal Error" - }); - } finally { - clearTimeout(this.timeout); - } - } - respond(response) { - if (this.timedOut) { - return; - } - const cfResponse = { - Status: response.status, - Reason: response.reason, - PhysicalResourceId: this.physicalResourceId, - StackId: this.event.StackId, - RequestId: this.event.RequestId, - LogicalResourceId: this.event.LogicalResourceId, - NoEcho: false, - Data: response.data - }; - const responseBody = JSON.stringify(cfResponse); - console.log("Responding to CloudFormation", responseBody); - const parsedUrl = url.parse(this.event.ResponseURL); - const requestOptions = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: "PUT", - headers: { "content-type": "", "content-length": responseBody.length } - }; - return new Promise((resolve, reject) => { - try { - const request2 = https.request(requestOptions, resolve); - request2.on("error", reject); - request2.write(responseBody); - request2.end(); - } catch (e) { - reject(e); - } - }); - } -}; -function extractPhysicalResourceId(event) { - switch (event.RequestType) { - case "Create": - return event.LogicalResourceId; - case "Update": - case "Delete": - return event.PhysicalResourceId; - } -} - -// lib/assertions/providers/lambda-handler/assertion.ts -var AssertionHandler = class extends CustomResourceHandler { - async processEvent(request2) { - let actual = decodeCall(request2.actual); - const expected = decodeCall(request2.expected); - let result; - const matcher = new MatchCreator(expected).getMatcher(); - console.log(`Testing equality between ${JSON.stringify(request2.actual)} and ${JSON.stringify(request2.expected)}`); - const matchResult = matcher.test(actual); - matchResult.finished(); - if (matchResult.hasFailed()) { - result = { - data: JSON.stringify({ - status: "fail", - message: [ - ...matchResult.toHumanStrings(), - JSON.stringify(matchResult.target, void 0, 2) - ].join("\n") - }) - }; - if (request2.failDeployment) { - throw new Error(result.data); - } - } else { - result = { - data: JSON.stringify({ - status: "success" - }) - }; - } - return result; - } -}; -var MatchCreator = class { - constructor(obj) { - this.parsedObj = { - matcher: obj - }; - } - getMatcher() { - try { - const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { - const nested = Object.keys(v)[0]; - switch (nested) { - case "$ArrayWith": - return Match.arrayWith(v[nested]); - case "$ObjectLike": - return Match.objectLike(v[nested]); - case "$StringLike": - return Match.stringLikeRegexp(v[nested]); - default: - return v; - } - }); - if (Matcher.isMatcher(final.matcher)) { - return final.matcher; - } - return Match.exact(final.matcher); - } catch { - return Match.exact(this.parsedObj.matcher); - } - } -}; -function decodeCall(call) { - if (!call) { - return void 0; - } - try { - const parsed = JSON.parse(call); - return parsed; - } catch (e) { - return call; - } -} - -// lib/assertions/providers/lambda-handler/utils.ts -function decode(object) { - return JSON.parse(JSON.stringify(object), (_k, v) => { - switch (v) { - case "TRUE:BOOLEAN": - return true; - case "FALSE:BOOLEAN": - return false; - default: - return v; - } - }); -} - -// lib/assertions/providers/lambda-handler/sdk.ts -function flatten(object) { - return Object.assign( - {}, - ...function _flatten(child, path = []) { - return [].concat(...Object.keys(child).map((key) => { - const childKey = Buffer.isBuffer(child[key]) ? child[key].toString("utf8") : child[key]; - return typeof childKey === "object" && childKey !== null ? _flatten(childKey, path.concat([key])) : { [path.concat([key]).join(".")]: childKey }; - })); - }(object) - ); -} -var AwsApiCallHandler = class extends CustomResourceHandler { - async processEvent(request2) { - const AWS = require("aws-sdk"); - console.log(`AWS SDK VERSION: ${AWS.VERSION}`); - const service = new AWS[request2.service](); - const response = await service[request2.api](request2.parameters && decode(request2.parameters)).promise(); - console.log(`SDK response received ${JSON.stringify(response)}`); - delete response.ResponseMetadata; - const respond = { - apiCallResponse: response - }; - const flatData = { - ...flatten(respond) - }; - return request2.flattenResponse === "true" ? flatData : respond; - } -}; - -// lib/assertions/providers/lambda-handler/types.ts -var ASSERT_RESOURCE_TYPE = "Custom::DeployAssert@AssertEquals"; -var SDK_RESOURCE_TYPE_PREFIX = "Custom::DeployAssert@SdkCall"; - -// lib/assertions/providers/lambda-handler/index.ts -async function handler(event, context) { - const provider = createResourceHandler(event, context); - await provider.handle(); -} -function createResourceHandler(event, context) { - if (event.ResourceType.startsWith(SDK_RESOURCE_TYPE_PREFIX)) { - return new AwsApiCallHandler(event, context); - } - switch (event.ResourceType) { - case ASSERT_RESOURCE_TYPE: - return new AssertionHandler(event, context); - default: - throw new Error(`Unsupported resource type "${event.ResourceType}`); - } -} -// Annotate the CommonJS export names for ESM import in node: -0 && (module.exports = { - handler -}); diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/cdk.out index 8ecc185e9dbee..d8b441d447f8a 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"21.0.0"} \ No newline at end of file +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/integ.json index 9bd00780726f5..7d702c4553dd3 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/integ.json @@ -1,10 +1,11 @@ { - "version": "21.0.0", + "version": "29.0.0", "testCases": { "FlowLogs/DefaultTest": { "stacks": [ "FlowLogsTestStack", - "FlowLogsFeatureFlag" + "FlowLogsFeatureFlag", + "DependencyTestStack" ], "assertionStack": "FlowLogs/DefaultTest/DeployAssert", "assertionStackName": "FlowLogsDefaultTestDeployAssert6AFD1854" diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/manifest.json index a114baf10c235..da0571d6143ac 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "21.0.0", + "version": "29.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "FlowLogsFeatureFlag.assets": { "type": "cdk:asset-manifest", "properties": { @@ -23,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2db53e096625b4b167fb15dd7bdc246692b381f45e28c509614fef7d41c20bc9.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4bdd03a7c8781568c1d29f2674ca4144f0edd176baa84942492304dbc3da8c8a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -105,18 +99,6 @@ "data": "VPCPublicSubnet2DefaultRouteB7481BBA" } ], - "/FlowLogsFeatureFlag/VPC/PublicSubnet2/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2EIP4947BC00" - } - ], - "/FlowLogsFeatureFlag/VPC/PublicSubnet2/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2NATGateway3C070193" - } - ], "/FlowLogsFeatureFlag/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -286,7 +268,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2090a74d484bc155b48d7511b99e4921b8f55e488c3fe1500cffede0cdfd33b7.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/f0aebf5349574f7c15c78e892f1004063a937aaa0320e3113d4ce3bf6c7c9de4.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -368,18 +350,6 @@ "data": "VPCPublicSubnet2DefaultRouteB7481BBA" } ], - "/FlowLogsTestStack/VPC/PublicSubnet2/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2EIP4947BC00" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2NATGateway3C070193" - } - ], "/FlowLogsTestStack/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -533,6 +503,215 @@ }, "displayName": "FlowLogsTestStack" }, + "DependencyTestStack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "DependencyTestStack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "DependencyTestStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "DependencyTestStack.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/59a368fd46c5addcdf9c6b0c83d0842a14c9fab63d5c1081758dd6e246bd88a9.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "DependencyTestStack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "DependencyTestStack.assets" + ], + "metadata": { + "/DependencyTestStack/VPC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCB9E5F0B4" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1SubnetB4246D30" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableFEE4B781" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute91CEF279" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1EIP6AD938E8" + } + ], + "/DependencyTestStack/VPC/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1NATGatewayE0556630" + } + ], + "/DependencyTestStack/VPC/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2Subnet74179F39" + } + ], + "/DependencyTestStack/VPC/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTable6F1A15F1" + } + ], + "/DependencyTestStack/VPC/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTableAssociation5A808732" + } + ], + "/DependencyTestStack/VPC/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2DefaultRouteB7481BBA" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableBE8A6027" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTable0A19E10E" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTableAssociation0C73D413" + } + ], + "/DependencyTestStack/VPC/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2DefaultRouteF4F5CFD2" + } + ], + "/DependencyTestStack/VPC/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIGWB7E252D3" + } + ], + "/DependencyTestStack/VPC/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCVPCGW99B986DC" + } + ], + "/DependencyTestStack/VPC/FlowLogS3/FlowLog": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCFlowLogS3FlowLog14B02CD7" + } + ], + "/DependencyTestStack/Bucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Bucket83908E77" + } + ], + "/DependencyTestStack/Bucket/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "BucketPolicyE9A3008A" + } + ], + "/DependencyTestStack/Bucket/AutoDeleteObjectsCustomResource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "BucketAutoDeleteObjectsCustomResourceBAFD23C2" + } + ], + "/DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + } + ], + "/DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" + } + ], + "/DependencyTestStack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/DependencyTestStack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "DependencyTestStack" + }, "FlowLogsDefaultTestDeployAssert6AFD1854.assets": { "type": "cdk:asset-manifest", "properties": { @@ -549,7 +728,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1dcf759cd2c8928f5b1acfbf439f1751e25367a5ac61ba5e640ff8b78fdf89f7.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e89b8c2ecfd39e5b9ead8ac43c0543eb9c075374e030da72cf274908c87ac5f1.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -604,6 +783,12 @@ ] }, "displayName": "FlowLogs/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/tree.json index 9a0ff6b79a4b7..4ab7a4a052db7 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" - } - }, "FlowLogsFeatureFlag": { "id": "FlowLogsFeatureFlag", "path": "FlowLogsFeatureFlag", @@ -322,54 +314,6 @@ "fqn": "@aws-cdk/aws-ec2.CfnRoute", "version": "0.0.0" } - }, - "EIP": { - "id": "EIP", - "path": "FlowLogsFeatureFlag/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "FlowLogsFeatureFlag/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsFeatureFlag/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", - "version": "0.0.0" - } } }, "constructInfo": { @@ -600,7 +544,7 @@ }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" + "Ref": "VPCPublicSubnet1NATGatewayE0556630" } } }, @@ -827,7 +771,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "logDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -840,7 +783,8 @@ "key": "Name", "value": "FlowLogsFeatureFlag/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -1028,7 +972,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "destinationOptions": { "fileFormat": "plain-text", "perHourPartition": false, @@ -1046,7 +989,8 @@ "key": "Name", "value": "FlowLogsFeatureFlag/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -1089,7 +1033,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.123" + "version": "10.1.216" } }, "FlowLogsInstance": { @@ -1140,6 +1084,14 @@ "id": "InstanceRole", "path": "FlowLogsFeatureFlag/FlowLogsInstance/InstanceRole", "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "FlowLogsFeatureFlag/FlowLogsInstance/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "FlowLogsFeatureFlag/FlowLogsInstance/InstanceRole/Resource", @@ -1264,6 +1216,22 @@ "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlowLogsFeatureFlag/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlowLogsFeatureFlag/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } } }, "constructInfo": { @@ -1581,54 +1549,6 @@ "fqn": "@aws-cdk/aws-ec2.CfnRoute", "version": "0.0.0" } - }, - "EIP": { - "id": "EIP", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", - "version": "0.0.0" - } } }, "constructInfo": { @@ -1859,7 +1779,7 @@ }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" + "Ref": "VPCPublicSubnet1NATGatewayE0556630" } } }, @@ -2086,7 +2006,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "logDestination": { "Fn::GetAtt": [ "VPCFlowLogsS3BucketFB7DC2BE", @@ -2099,7 +2018,8 @@ "key": "Name", "value": "FlowLogsTestStack/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -2127,7 +2047,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "logDestination": { "Fn::Join": [ "", @@ -2148,7 +2067,8 @@ "key": "Name", "value": "FlowLogsTestStack/VPC" } - ] + ], + "trafficType": "ALL" } }, "constructInfo": { @@ -2176,6 +2096,14 @@ "id": "IAMRole", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole", "children": { + "ImportIAMRole": { + "id": "ImportIAMRole", + "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/ImportIAMRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/Resource", @@ -2299,7 +2227,6 @@ "Ref": "VPCB9E5F0B4" }, "resourceType": "VPC", - "trafficType": "ALL", "deliverLogsPermissionArn": { "Fn::GetAtt": [ "FlowLogsCWIAMRole017AD736", @@ -2309,7 +2236,8 @@ "logDestinationType": "cloud-watch-logs", "logGroupName": { "Ref": "FlowLogsCWLogGroup0398E8F8" - } + }, + "trafficType": "ALL" } }, "constructInfo": { @@ -2592,6 +2520,22 @@ "fqn": "@aws-cdk/core.CustomResourceProvider", "version": "0.0.0" } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlowLogsTestStack/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlowLogsTestStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } } }, "constructInfo": { @@ -2599,91 +2543,1011 @@ "version": "0.0.0" } }, - "FlowLogs": { - "id": "FlowLogs", - "path": "FlowLogs", + "DependencyTestStack": { + "id": "DependencyTestStack", + "path": "DependencyTestStack", "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "FlowLogs/DefaultTest", + "VPC": { + "id": "VPC", + "path": "DependencyTestStack/VPC", "children": { - "Default": { - "id": "Default", - "path": "FlowLogs/DefaultTest/Default", + "Resource": { + "id": "Resource", + "path": "DependencyTestStack/VPC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC" + } + ] + } + }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" } }, - "DeployAssert": { - "id": "DeployAssert", - "path": "FlowLogs/DefaultTest/DeployAssert", + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "DependencyTestStack/VPC/PublicSubnet1", "children": { - "AwsApiCallS3listObjectsV2": { - "id": "AwsApiCallS3listObjectsV2", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2", - "children": { - "SdkProvider": { - "id": "SdkProvider", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/SdkProvider", - "children": { - "AssertionsProvider": { - "id": "AssertionsProvider", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/SdkProvider/AssertionsProvider", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" - } - } + "Subnet": { + "id": "Subnet", + "path": "DependencyTestStack/VPC/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests.AssertionsProvider", - "version": "0.0.0" - } - }, - "Default": { - "id": "Default", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/Default", - "children": { - "Default": { - "id": "Default", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/Default/Default", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" } - } + ] }, - "constructInfo": { - "fqn": "@aws-cdk/core.CustomResource", - "version": "0.0.0" - } - }, - "AssertionResults": { - "id": "AssertionResults", - "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/AssertionResults", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnOutput", - "version": "0.0.0" - } + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet1" + } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.AwsApiCall", + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", "version": "0.0.0" } }, - "SingletonFunction1488541a7b23466481b69b4408076b81": { - "id": "SingletonFunction1488541a7b23466481b69b4408076b81", - "path": "FlowLogs/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", - "children": { - "Staging": { - "id": "Staging", - "path": "FlowLogs/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", - "constructInfo": { - "fqn": "@aws-cdk/core.AssetStaging", - "version": "0.0.0" - } + "Acl": { + "id": "Acl", + "path": "DependencyTestStack/VPC/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "DependencyTestStack/VPC/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "DependencyTestStack/VPC/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "DependencyTestStack/VPC/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "DependencyTestStack/VPC/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "DependencyTestStack/VPC/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "DependencyTestStack/VPC/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "DependencyTestStack/VPC/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "DependencyTestStack/VPC/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "DependencyTestStack/VPC/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "DependencyTestStack/VPC/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "DependencyTestStack/VPC/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "DependencyTestStack/VPC/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "DependencyTestStack/VPC/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "DependencyTestStack/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "DependencyTestStack/VPC/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "DependencyTestStack/VPC/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "DependencyTestStack/VPC/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "DependencyTestStack/VPC/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "DependencyTestStack/VPC/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "DependencyTestStack/VPC/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "DependencyTestStack/VPC/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "DependencyTestStack/VPC/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "DependencyTestStack/VPC/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "DependencyTestStack/VPC/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "DependencyTestStack/VPC/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "DependencyTestStack/VPC/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "DependencyTestStack/VPC/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "internetGatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + }, + "FlowLogS3": { + "id": "FlowLogS3", + "path": "DependencyTestStack/VPC/FlowLogS3", + "children": { + "FlowLog": { + "id": "FlowLog", + "path": "DependencyTestStack/VPC/FlowLogS3/FlowLog", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::FlowLog", + "aws:cdk:cloudformation:props": { + "resourceId": { + "Ref": "VPCB9E5F0B4" + }, + "resourceType": "VPC", + "logDestination": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "Bucket83908E77", + "Arn" + ] + }, + "/vpcFlowLog" + ] + ] + }, + "logDestinationType": "s3", + "tags": [ + { + "key": "Name", + "value": "DependencyTestStack/VPC" + } + ], + "trafficType": "ALL" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnFlowLog", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.FlowLog", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Bucket": { + "id": "Bucket", + "path": "DependencyTestStack/Bucket", + "children": { + "Resource": { + "id": "Resource", + "path": "DependencyTestStack/Bucket/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "aws-cdk:auto-delete-objects", + "value": "true" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.CfnBucket", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "DependencyTestStack/Bucket/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "DependencyTestStack/Bucket/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy", + "aws:cdk:cloudformation:props": { + "bucket": { + "Ref": "Bucket83908E77" + }, + "policyDocument": { + "Statement": [ + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "Bucket83908E77", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "Bucket83908E77", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": "s3:PutObject", + "Condition": { + "StringEquals": { + "s3:x-amz-acl": "bucket-owner-full-control", + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + } + }, + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":*" + ] + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com" + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "Bucket83908E77", + "Arn" + ] + }, + "/vpcFlowLog/AWSLogs/", + { + "Ref": "AWS::AccountId" + }, + "/*" + ] + ] + } + }, + { + "Action": [ + "s3:GetBucketAcl", + "s3:ListBucket" + ], + "Condition": { + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + } + }, + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":*" + ] + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "Bucket83908E77", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.CfnBucketPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketPolicy", + "version": "0.0.0" + } + }, + "AutoDeleteObjectsCustomResource": { + "id": "AutoDeleteObjectsCustomResource", + "path": "DependencyTestStack/Bucket/AutoDeleteObjectsCustomResource", + "children": { + "Default": { + "id": "Default", + "path": "DependencyTestStack/Bucket/AutoDeleteObjectsCustomResource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.Bucket", + "version": "0.0.0" + } + }, + "Custom::S3AutoDeleteObjectsCustomResourceProvider": { + "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider", + "path": "DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider", + "children": { + "Staging": { + "id": "Staging", + "path": "DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "DependencyTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResourceProvider", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "DependencyTestStack/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "DependencyTestStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "FlowLogs": { + "id": "FlowLogs", + "path": "FlowLogs", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "FlowLogs/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "FlowLogs/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "FlowLogs/DefaultTest/DeployAssert", + "children": { + "AwsApiCallS3listObjectsV2": { + "id": "AwsApiCallS3listObjectsV2", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2", + "children": { + "SdkProvider": { + "id": "SdkProvider", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/SdkProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/SdkProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/Default", + "children": { + "Default": { + "id": "Default", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/Default/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, + "AssertionResults": { + "id": "AssertionResults", + "path": "FlowLogs/DefaultTest/DeployAssert/AwsApiCallS3listObjectsV2/AssertionResults", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AwsApiCall", + "version": "0.0.0" + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81": { + "id": "SingletonFunction1488541a7b23466481b69b4408076b81", + "path": "FlowLogs/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", + "children": { + "Staging": { + "id": "Staging", + "path": "FlowLogs/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } }, "Role": { "id": "Role", @@ -2704,7 +3568,23 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.123" + "version": "10.1.216" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlowLogs/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlowLogs/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" } } }, @@ -2724,6 +3604,14 @@ "fqn": "@aws-cdk/integ-tests.IntegTest", "version": "0.0.0" } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.ts b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.ts index c6a46a157c30d..35d4c569aa736 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.ts +++ b/packages/@aws-cdk/aws-ec2/test/integ.vpc-flow-logs.ts @@ -12,7 +12,7 @@ class FeatureFlagStack extends Stack { constructor(scope: App, id: string, props?: StackProps) { super(scope, id, props); - const vpc = new Vpc(this, 'VPC'); + const vpc = new Vpc(this, 'VPC', { natGateways: 1 }); const flowLog = vpc.addFlowLog('FlowLogsS3', { destination: FlowLogDestination.toS3(), @@ -36,11 +36,28 @@ class FeatureFlagStack extends Stack { } } +class DependencyTestStack extends Stack { + constructor(scope: App, id: string, props?: StackProps) { + super(scope, id, props); + + const vpc = new Vpc(this, 'VPC', { natGateways: 1 }); + + const bucket = new s3.Bucket(this, 'Bucket', { + autoDeleteObjects: true, + removalPolicy: RemovalPolicy.DESTROY, + }); + + vpc.addFlowLog('FlowLogS3', { + destination: FlowLogDestination.toS3(bucket, 'vpcFlowLog'), + }); + } +} + class TestStack extends Stack { constructor(scope: App, id: string, props?: StackProps) { super(scope, id, props); - const vpc = new Vpc(this, 'VPC'); + const vpc = new Vpc(this, 'VPC', { natGateways: 1 }); new FlowLog(this, 'FlowLogsCW', { resourceType: FlowLogResourceType.fromVpc(vpc), @@ -102,10 +119,10 @@ const integ = new IntegTest(app, 'FlowLogs', { testCases: [ new TestStack(app, 'FlowLogsTestStack'), featureFlagTest, + new DependencyTestStack(app, 'DependencyTestStack'), ], }); - const objects = integ.assertions.awsApiCall('S3', 'listObjectsV2', { Bucket: featureFlagTest.bucket.bucketName, MaxKeys: 1, diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json deleted file mode 100644 index 820b972b6971b..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "21.0.0", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "source": { - "path": "FlowLogsDefaultTestDeployAssert6AFD1854.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/FlowLogsDefaultTestDeployAssert6AFD1854.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts deleted file mode 100644 index 3554dc94d4617..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise; diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js deleted file mode 100644 index 7ce4156d4ba41..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js +++ /dev/null @@ -1,78 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -// eslint-disable-next-line import/no-extraneous-dependencies -const aws_sdk_1 = require("aws-sdk"); -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; -const s3 = new aws_sdk_1.S3(); -async function handler(event) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} -exports.handler = handler; -async function onUpdate(event) { - const updateEvent = event; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - const records = contents.map((record) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} -async function onDelete(bucketName) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } - catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2REFBNkQ7QUFDN0QscUNBQTZCO0FBRTdCLE1BQU0sdUJBQXVCLEdBQUcsNkJBQTZCLENBQUM7QUFFOUQsTUFBTSxFQUFFLEdBQUcsSUFBSSxZQUFFLEVBQUUsQ0FBQztBQUViLEtBQUssVUFBVSxPQUFPLENBQUMsS0FBa0Q7SUFDOUUsUUFBUSxLQUFLLENBQUMsV0FBVyxFQUFFO1FBQ3pCLEtBQUssUUFBUTtZQUNYLE9BQU87UUFDVCxLQUFLLFFBQVE7WUFDWCxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUN6QixLQUFLLFFBQVE7WUFDWCxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLEVBQUUsVUFBVSxDQUFDLENBQUM7S0FDekQ7QUFDSCxDQUFDO0FBVEQsMEJBU0M7QUFFRCxLQUFLLFVBQVUsUUFBUSxDQUFDLEtBQWtEO0lBQ3hFLE1BQU0sV0FBVyxHQUFHLEtBQTBELENBQUM7SUFDL0UsTUFBTSxhQUFhLEdBQUcsV0FBVyxDQUFDLHFCQUFxQixFQUFFLFVBQVUsQ0FBQztJQUNwRSxNQUFNLGFBQWEsR0FBRyxXQUFXLENBQUMsa0JBQWtCLEVBQUUsVUFBVSxDQUFDO0lBQ2pFLE1BQU0sb0JBQW9CLEdBQUcsYUFBYSxJQUFJLElBQUksSUFBSSxhQUFhLElBQUksSUFBSSxJQUFJLGFBQWEsS0FBSyxhQUFhLENBQUM7SUFFL0c7O3NEQUVrRDtJQUNsRCxJQUFJLG9CQUFvQixFQUFFO1FBQ3hCLE9BQU8sUUFBUSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0tBQ2hDO0FBQ0gsQ0FBQztBQUVEOzs7O0dBSUc7QUFDSCxLQUFLLFVBQVUsV0FBVyxDQUFDLFVBQWtCO0lBQzNDLE1BQU0sYUFBYSxHQUFHLE1BQU0sRUFBRSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDcEYsTUFBTSxRQUFRLEdBQUcsQ0FBQyxHQUFHLGFBQWEsQ0FBQyxRQUFRLElBQUksRUFBRSxFQUFFLEdBQUcsYUFBYSxDQUFDLGFBQWEsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUN6RixJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFO1FBQ3pCLE9BQU87S0FDUjtJQUVELE1BQU0sT0FBTyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFXLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxHQUFHLEVBQUUsTUFBTSxDQUFDLEdBQUcsRUFBRSxTQUFTLEVBQUUsTUFBTSxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUNsRyxNQUFNLEVBQUUsQ0FBQyxhQUFhLENBQUMsRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxFQUFFLE9BQU8sRUFBRSxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFFdkYsSUFBSSxhQUFhLEVBQUUsV0FBVyxFQUFFO1FBQzlCLE1BQU0sV0FBVyxDQUFDLFVBQVUsQ0FBQyxDQUFDO0tBQy9CO0FBQ0gsQ0FBQztBQUVELEtBQUssVUFBVSxRQUFRLENBQUMsVUFBbUI7SUFDekMsSUFBSSxDQUFDLFVBQVUsRUFBRTtRQUNmLE1BQU0sSUFBSSxLQUFLLENBQUMsNkJBQTZCLENBQUMsQ0FBQztLQUNoRDtJQUNELElBQUksQ0FBQyxNQUFNLHlCQUF5QixDQUFDLFVBQVUsQ0FBQyxFQUFFO1FBQ2hELE9BQU8sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHlCQUF5Qix1QkFBdUIsNkJBQTZCLENBQUMsQ0FBQztRQUNwRyxPQUFPO0tBQ1I7SUFDRCxJQUFJO1FBQ0YsTUFBTSxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUM7S0FDL0I7SUFBQyxPQUFPLENBQUMsRUFBRTtRQUNWLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxjQUFjLEVBQUU7WUFDN0IsTUFBTSxDQUFDLENBQUM7U0FDVDtRQUNELGlDQUFpQztLQUNsQztBQUNILENBQUM7QUFFRDs7Ozs7OztHQU9HO0FBQ0gsS0FBSyxVQUFVLHlCQUF5QixDQUFDLFVBQWtCO0lBQ3pELE1BQU0sUUFBUSxHQUFHLE1BQU0sRUFBRSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDN0UsT0FBTyxRQUFRLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEtBQUssdUJBQXVCLElBQUksR0FBRyxDQUFDLEtBQUssS0FBSyxNQUFNLENBQUMsQ0FBQztBQUNsRyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0IHsgUzMgfSBmcm9tICdhd3Mtc2RrJztcblxuY29uc3QgQVVUT19ERUxFVEVfT0JKRUNUU19UQUcgPSAnYXdzLWNkazphdXRvLWRlbGV0ZS1vYmplY3RzJztcblxuY29uc3QgczMgPSBuZXcgUzMoKTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgc3dpdGNoIChldmVudC5SZXF1ZXN0VHlwZSkge1xuICAgIGNhc2UgJ0NyZWF0ZSc6XG4gICAgICByZXR1cm47XG4gICAgY2FzZSAnVXBkYXRlJzpcbiAgICAgIHJldHVybiBvblVwZGF0ZShldmVudCk7XG4gICAgY2FzZSAnRGVsZXRlJzpcbiAgICAgIHJldHVybiBvbkRlbGV0ZShldmVudC5SZXNvdXJjZVByb3BlcnRpZXM/LkJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIG9uVXBkYXRlKGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KSB7XG4gIGNvbnN0IHVwZGF0ZUV2ZW50ID0gZXZlbnQgYXMgQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VVcGRhdGVFdmVudDtcbiAgY29uc3Qgb2xkQnVja2V0TmFtZSA9IHVwZGF0ZUV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcz8uQnVja2V0TmFtZTtcbiAgY29uc3QgbmV3QnVja2V0TmFtZSA9IHVwZGF0ZUV2ZW50LlJlc291cmNlUHJvcGVydGllcz8uQnVja2V0TmFtZTtcbiAgY29uc3QgYnVja2V0TmFtZUhhc0NoYW5nZWQgPSBuZXdCdWNrZXROYW1lICE9IG51bGwgJiYgb2xkQnVja2V0TmFtZSAhPSBudWxsICYmIG5ld0J1Y2tldE5hbWUgIT09IG9sZEJ1Y2tldE5hbWU7XG5cbiAgLyogSWYgdGhlIG5hbWUgb2YgdGhlIGJ1Y2tldCBoYXMgY2hhbmdlZCwgQ2xvdWRGb3JtYXRpb24gd2lsbCB0cnkgdG8gZGVsZXRlIHRoZSBidWNrZXRcbiAgICAgYW5kIGNyZWF0ZSBhIG5ldyBvbmUgd2l0aCB0aGUgbmV3IG5hbWUuIFNvIHdlIGhhdmUgdG8gZGVsZXRlIHRoZSBjb250ZW50cyBvZiB0aGVcbiAgICAgYnVja2V0IHNvIHRoYXQgdGhpcyBvcGVyYXRpb24gZG9lcyBub3QgZmFpbC4gKi9cbiAgaWYgKGJ1Y2tldE5hbWVIYXNDaGFuZ2VkKSB7XG4gICAgcmV0dXJuIG9uRGVsZXRlKG9sZEJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbi8qKlxuICogUmVjdXJzaXZlbHkgZGVsZXRlIGFsbCBpdGVtcyBpbiB0aGUgYnVja2V0XG4gKlxuICogQHBhcmFtIGJ1Y2tldE5hbWUgdGhlIGJ1Y2tldCBuYW1lXG4gKi9cbmFzeW5jIGZ1bmN0aW9uIGVtcHR5QnVja2V0KGJ1Y2tldE5hbWU6IHN0cmluZykge1xuICBjb25zdCBsaXN0ZWRPYmplY3RzID0gYXdhaXQgczMubGlzdE9iamVjdFZlcnNpb25zKHsgQnVja2V0OiBidWNrZXROYW1lIH0pLnByb21pc2UoKTtcbiAgY29uc3QgY29udGVudHMgPSBbLi4ubGlzdGVkT2JqZWN0cy5WZXJzaW9ucyA/PyBbXSwgLi4ubGlzdGVkT2JqZWN0cy5EZWxldGVNYXJrZXJzID8/IFtdXTtcbiAgaWYgKGNvbnRlbnRzLmxlbmd0aCA9PT0gMCkge1xuICAgIHJldHVybjtcbiAgfVxuXG4gIGNvbnN0IHJlY29yZHMgPSBjb250ZW50cy5tYXAoKHJlY29yZDogYW55KSA9PiAoeyBLZXk6IHJlY29yZC5LZXksIFZlcnNpb25JZDogcmVjb3JkLlZlcnNpb25JZCB9KSk7XG4gIGF3YWl0IHMzLmRlbGV0ZU9iamVjdHMoeyBCdWNrZXQ6IGJ1Y2tldE5hbWUsIERlbGV0ZTogeyBPYmplY3RzOiByZWNvcmRzIH0gfSkucHJvbWlzZSgpO1xuXG4gIGlmIChsaXN0ZWRPYmplY3RzPy5Jc1RydW5jYXRlZCkge1xuICAgIGF3YWl0IGVtcHR5QnVja2V0KGJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIG9uRGVsZXRlKGJ1Y2tldE5hbWU/OiBzdHJpbmcpIHtcbiAgaWYgKCFidWNrZXROYW1lKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdObyBCdWNrZXROYW1lIHdhcyBwcm92aWRlZC4nKTtcbiAgfVxuICBpZiAoIWF3YWl0IGlzQnVja2V0VGFnZ2VkRm9yRGVsZXRpb24oYnVja2V0TmFtZSkpIHtcbiAgICBwcm9jZXNzLnN0ZG91dC53cml0ZShgQnVja2V0IGRvZXMgbm90IGhhdmUgJyR7QVVUT19ERUxFVEVfT0JKRUNUU19UQUd9JyB0YWcsIHNraXBwaW5nIGNsZWFuaW5nLlxcbmApO1xuICAgIHJldHVybjtcbiAgfVxuICB0cnkge1xuICAgIGF3YWl0IGVtcHR5QnVja2V0KGJ1Y2tldE5hbWUpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgaWYgKGUuY29kZSAhPT0gJ05vU3VjaEJ1Y2tldCcpIHtcbiAgICAgIHRocm93IGU7XG4gICAgfVxuICAgIC8vIEJ1Y2tldCBkb2Vzbid0IGV4aXN0LiBJZ25vcmluZ1xuICB9XG59XG5cbi8qKlxuICogVGhlIGJ1Y2tldCB3aWxsIG9ubHkgYmUgdGFnZ2VkIGZvciBkZWxldGlvbiBpZiBpdCdzIGJlaW5nIGRlbGV0ZWQgaW4gdGhlIHNhbWVcbiAqIGRlcGxveW1lbnQgYXMgdGhpcyBDdXN0b20gUmVzb3VyY2UuXG4gKlxuICogSWYgdGhlIEN1c3RvbSBSZXNvdXJjZSBpcyBldmVyeSBkZWxldGVkIGJlZm9yZSB0aGUgYnVja2V0LCBpdCBtdXN0IGJlIGJlY2F1c2VcbiAqIGBhdXRvRGVsZXRlT2JqZWN0c2AgaGFzIGJlZW4gc3dpdGNoZWQgdG8gZmFsc2UsIGluIHdoaWNoIGNhc2UgdGhlIHRhZyB3b3VsZCBoYXZlXG4gKiBiZWVuIHJlbW92ZWQgYmVmb3JlIHdlIGdldCB0byB0aGlzIERlbGV0ZSBldmVudC5cbiAqL1xuYXN5bmMgZnVuY3Rpb24gaXNCdWNrZXRUYWdnZWRGb3JEZWxldGlvbihidWNrZXROYW1lOiBzdHJpbmcpIHtcbiAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBzMy5nZXRCdWNrZXRUYWdnaW5nKHsgQnVja2V0OiBidWNrZXROYW1lIH0pLnByb21pc2UoKTtcbiAgcmV0dXJuIHJlc3BvbnNlLlRhZ1NldC5zb21lKHRhZyA9PiB0YWcuS2V5ID09PSBBVVRPX0RFTEVURV9PQkpFQ1RTX1RBRyAmJiB0YWcuVmFsdWUgPT09ICd0cnVlJyk7XG59Il19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts deleted file mode 100644 index 2459d44ab1d18..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts +++ /dev/null @@ -1,82 +0,0 @@ -// eslint-disable-next-line import/no-extraneous-dependencies -import { S3 } from 'aws-sdk'; - -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; - -const s3 = new S3(); - -export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} - -async function onUpdate(event: AWSLambda.CloudFormationCustomResourceEvent) { - const updateEvent = event as AWSLambda.CloudFormationCustomResourceUpdateEvent; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} - -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName: string) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - - const records = contents.map((record: any) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} - -async function onDelete(bucketName?: string) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} - -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName: string) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/cdk.out deleted file mode 100644 index 8ecc185e9dbee..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"21.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/integ.json deleted file mode 100644 index c3f1db8c091b3..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/integ.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "version": "21.0.0", - "testCases": { - "FlowLogs/DefaultTest": { - "stacks": [ - "FlowLogsTestStack" - ], - "assertionStack": "FlowLogs/DefaultTest/DeployAssert", - "assertionStackName": "FlowLogsDefaultTestDeployAssert6AFD1854" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/manifest.json deleted file mode 100644 index b66ff29de81df..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/manifest.json +++ /dev/null @@ -1,303 +0,0 @@ -{ - "version": "21.0.0", - "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, - "FlowLogsTestStack.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "FlowLogsTestStack.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "FlowLogsTestStack": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "FlowLogsTestStack.template.json", - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/387f458284bcd5d8ead2ee20bd530cc89df674d509fe19ff6bffce83e4a6e8f5.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "FlowLogsTestStack.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "FlowLogsTestStack.assets" - ], - "metadata": { - "/FlowLogsTestStack/VPC/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCB9E5F0B4" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1SubnetB4246D30" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1RouteTableFEE4B781" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1DefaultRoute91CEF279" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1EIP6AD938E8" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet1/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1NATGatewayE0556630" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2Subnet74179F39" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2RouteTable6F1A15F1" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2RouteTableAssociation5A808732" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2DefaultRouteB7481BBA" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2EIP4947BC00" - } - ], - "/FlowLogsTestStack/VPC/PublicSubnet2/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2NATGateway3C070193" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet1/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet1Subnet8BCA10E0" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet1/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet1RouteTableBE8A6027" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet1/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet1/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet2/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet2/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet2RouteTable0A19E10E" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet2/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet2RouteTableAssociation0C73D413" - } - ], - "/FlowLogsTestStack/VPC/PrivateSubnet2/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCPrivateSubnet2DefaultRouteF4F5CFD2" - } - ], - "/FlowLogsTestStack/VPC/IGW": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCIGWB7E252D3" - } - ], - "/FlowLogsTestStack/VPC/VPCGW": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCVPCGW99B986DC" - } - ], - "/FlowLogsTestStack/VPC/FlowLogsS3/FlowLog": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCFlowLogsS3FlowLogB5256CFF" - } - ], - "/FlowLogsTestStack/FlowLogsCW/IAMRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "FlowLogsCWIAMRole017AD736" - } - ], - "/FlowLogsTestStack/FlowLogsCW/IAMRole/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "FlowLogsCWIAMRoleDefaultPolicy943C8A20" - } - ], - "/FlowLogsTestStack/FlowLogsCW/LogGroup/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "FlowLogsCWLogGroup0398E8F8" - } - ], - "/FlowLogsTestStack/FlowLogsCW/FlowLog": [ - { - "type": "aws:cdk:logicalId", - "data": "FlowLogsCWFlowLog9CED86DA" - } - ], - "/FlowLogsTestStack/Bucket/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Bucket83908E77" - } - ], - "/FlowLogsTestStack/Bucket/Policy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "BucketPolicyE9A3008A" - } - ], - "/FlowLogsTestStack/Bucket/AutoDeleteObjectsCustomResource/Default": [ - { - "type": "aws:cdk:logicalId", - "data": "BucketAutoDeleteObjectsCustomResourceBAFD23C2" - } - ], - "/FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ - { - "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" - } - ], - "/FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ - { - "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" - } - ], - "/FlowLogsTestStack/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/FlowLogsTestStack/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "FlowLogsTestStack" - }, - "FlowLogsDefaultTestDeployAssert6AFD1854.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "FlowLogsDefaultTestDeployAssert6AFD1854.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "FlowLogsDefaultTestDeployAssert6AFD1854": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "FlowLogsDefaultTestDeployAssert6AFD1854.template.json", - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "FlowLogsDefaultTestDeployAssert6AFD1854.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "FlowLogsDefaultTestDeployAssert6AFD1854.assets" - ], - "metadata": { - "/FlowLogs/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/FlowLogs/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "FlowLogs/DefaultTest/DeployAssert" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/tree.json deleted file mode 100644 index 33d8a012465c2..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs-customformat.integ.snapshot/tree.json +++ /dev/null @@ -1,1166 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" - } - }, - "FlowLogsTestStack": { - "id": "FlowLogsTestStack", - "path": "FlowLogsTestStack", - "children": { - "VPC": { - "id": "VPC", - "path": "FlowLogsTestStack/VPC", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/VPC/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPC", - "version": "0.0.0" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "FlowLogsTestStack/VPC/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "FlowLogsTestStack/VPC/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet1EIP6AD938E8", - "AllocationId" - ] - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "FlowLogsTestStack/VPC/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "FlowLogsTestStack/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PrivateSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PrivateSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "FlowLogsTestStack/VPC/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet1NATGatewayE0556630" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PrivateSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC/PrivateSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "FlowLogsTestStack/VPC/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "IGW": { - "id": "IGW", - "path": "FlowLogsTestStack/VPC/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", - "version": "0.0.0" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "FlowLogsTestStack/VPC/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "VPCB9E5F0B4" - }, - "internetGatewayId": { - "Ref": "VPCIGWB7E252D3" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - }, - "FlowLogsS3": { - "id": "FlowLogsS3", - "path": "FlowLogsTestStack/VPC/FlowLogsS3", - "children": { - "FlowLog": { - "id": "FlowLog", - "path": "FlowLogsTestStack/VPC/FlowLogsS3/FlowLog", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::FlowLog", - "aws:cdk:cloudformation:props": { - "resourceId": { - "Ref": "VPCB9E5F0B4" - }, - "resourceType": "VPC", - "trafficType": "ALL", - "logDestination": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "Bucket83908E77", - "Arn" - ] - }, - "/prefix/" - ] - ] - }, - "logDestinationType": "s3", - "logFormat": "${dstport} ${srcport}", - "tags": [ - { - "key": "Name", - "value": "FlowLogsTestStack/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnFlowLog", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Vpc", - "version": "0.0.0" - } - }, - "FlowLogsCW": { - "id": "FlowLogsCW", - "path": "FlowLogsTestStack/FlowLogsCW", - "children": { - "IAMRole": { - "id": "IAMRole", - "path": "FlowLogsTestStack/FlowLogsCW/IAMRole", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "vpc-flow-logs.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/FlowLogsCW/IAMRole/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": [ - "logs:CreateLogStream", - "logs:DescribeLogStreams", - "logs:PutLogEvents" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "FlowLogsCWLogGroup0398E8F8", - "Arn" - ] - } - }, - { - "Action": "iam:PassRole", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "FlowLogsCWIAMRole017AD736", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "FlowLogsCWIAMRoleDefaultPolicy943C8A20", - "roles": [ - { - "Ref": "FlowLogsCWIAMRole017AD736" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", - "version": "0.0.0" - } - }, - "LogGroup": { - "id": "LogGroup", - "path": "FlowLogsTestStack/FlowLogsCW/LogGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/FlowLogsCW/LogGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", - "aws:cdk:cloudformation:props": { - "retentionInDays": 731 - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-logs.CfnLogGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-logs.LogGroup", - "version": "0.0.0" - } - }, - "FlowLog": { - "id": "FlowLog", - "path": "FlowLogsTestStack/FlowLogsCW/FlowLog", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::FlowLog", - "aws:cdk:cloudformation:props": { - "resourceId": { - "Ref": "VPCB9E5F0B4" - }, - "resourceType": "VPC", - "trafficType": "ALL", - "deliverLogsPermissionArn": { - "Fn::GetAtt": [ - "FlowLogsCWIAMRole017AD736", - "Arn" - ] - }, - "logDestinationType": "cloud-watch-logs", - "logFormat": "${srcport}", - "logGroupName": { - "Ref": "FlowLogsCWLogGroup0398E8F8" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnFlowLog", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.FlowLog", - "version": "0.0.0" - } - }, - "Bucket": { - "id": "Bucket", - "path": "FlowLogsTestStack/Bucket", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/Bucket/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::S3::Bucket", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "aws-cdk:auto-delete-objects", - "value": "true" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-s3.CfnBucket", - "version": "0.0.0" - } - }, - "Policy": { - "id": "Policy", - "path": "FlowLogsTestStack/Bucket/Policy", - "children": { - "Resource": { - "id": "Resource", - "path": "FlowLogsTestStack/Bucket/Policy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy", - "aws:cdk:cloudformation:props": { - "bucket": { - "Ref": "Bucket83908E77" - }, - "policyDocument": { - "Statement": [ - { - "Action": [ - "s3:DeleteObject*", - "s3:GetBucket*", - "s3:List*" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - } - }, - "Resource": [ - { - "Fn::GetAtt": [ - "Bucket83908E77", - "Arn" - ] - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "Bucket83908E77", - "Arn" - ] - }, - "/*" - ] - ] - } - ] - }, - { - "Action": "s3:PutObject", - "Condition": { - "StringEquals": { - "s3:x-amz-acl": "bucket-owner-full-control", - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "Bucket83908E77", - "Arn" - ] - }, - "/prefix/AWSLogs/", - { - "Ref": "AWS::AccountId" - }, - "/*" - ] - ] - } - }, - { - "Action": [ - "s3:GetBucketAcl", - "s3:ListBucket" - ], - "Condition": { - "StringEquals": { - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::GetAtt": [ - "Bucket83908E77", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-s3.CfnBucketPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-s3.BucketPolicy", - "version": "0.0.0" - } - }, - "AutoDeleteObjectsCustomResource": { - "id": "AutoDeleteObjectsCustomResource", - "path": "FlowLogsTestStack/Bucket/AutoDeleteObjectsCustomResource", - "children": { - "Default": { - "id": "Default", - "path": "FlowLogsTestStack/Bucket/AutoDeleteObjectsCustomResource/Default", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.CustomResource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-s3.Bucket", - "version": "0.0.0" - } - }, - "Custom::S3AutoDeleteObjectsCustomResourceProvider": { - "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider", - "path": "FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider", - "children": { - "Staging": { - "id": "Staging", - "path": "FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging", - "constructInfo": { - "fqn": "@aws-cdk/core.AssetStaging", - "version": "0.0.0" - } - }, - "Role": { - "id": "Role", - "path": "FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" - } - }, - "Handler": { - "id": "Handler", - "path": "FlowLogsTestStack/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.CustomResourceProvider", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.Stack", - "version": "0.0.0" - } - }, - "FlowLogs": { - "id": "FlowLogs", - "path": "FlowLogs", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "FlowLogs/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "FlowLogs/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "FlowLogs/DefaultTest/DeployAssert", - "constructInfo": { - "fqn": "@aws-cdk/core.Stack", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts deleted file mode 100644 index 3554dc94d4617..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise; diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js deleted file mode 100644 index 7ce4156d4ba41..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.js +++ /dev/null @@ -1,78 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -// eslint-disable-next-line import/no-extraneous-dependencies -const aws_sdk_1 = require("aws-sdk"); -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; -const s3 = new aws_sdk_1.S3(); -async function handler(event) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} -exports.handler = handler; -async function onUpdate(event) { - const updateEvent = event; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - const records = contents.map((record) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} -async function onDelete(bucketName) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } - catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2REFBNkQ7QUFDN0QscUNBQTZCO0FBRTdCLE1BQU0sdUJBQXVCLEdBQUcsNkJBQTZCLENBQUM7QUFFOUQsTUFBTSxFQUFFLEdBQUcsSUFBSSxZQUFFLEVBQUUsQ0FBQztBQUViLEtBQUssVUFBVSxPQUFPLENBQUMsS0FBa0Q7SUFDOUUsUUFBUSxLQUFLLENBQUMsV0FBVyxFQUFFO1FBQ3pCLEtBQUssUUFBUTtZQUNYLE9BQU87UUFDVCxLQUFLLFFBQVE7WUFDWCxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUN6QixLQUFLLFFBQVE7WUFDWCxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLEVBQUUsVUFBVSxDQUFDLENBQUM7S0FDekQ7QUFDSCxDQUFDO0FBVEQsMEJBU0M7QUFFRCxLQUFLLFVBQVUsUUFBUSxDQUFDLEtBQWtEO0lBQ3hFLE1BQU0sV0FBVyxHQUFHLEtBQTBELENBQUM7SUFDL0UsTUFBTSxhQUFhLEdBQUcsV0FBVyxDQUFDLHFCQUFxQixFQUFFLFVBQVUsQ0FBQztJQUNwRSxNQUFNLGFBQWEsR0FBRyxXQUFXLENBQUMsa0JBQWtCLEVBQUUsVUFBVSxDQUFDO0lBQ2pFLE1BQU0sb0JBQW9CLEdBQUcsYUFBYSxJQUFJLElBQUksSUFBSSxhQUFhLElBQUksSUFBSSxJQUFJLGFBQWEsS0FBSyxhQUFhLENBQUM7SUFFL0c7O3NEQUVrRDtJQUNsRCxJQUFJLG9CQUFvQixFQUFFO1FBQ3hCLE9BQU8sUUFBUSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0tBQ2hDO0FBQ0gsQ0FBQztBQUVEOzs7O0dBSUc7QUFDSCxLQUFLLFVBQVUsV0FBVyxDQUFDLFVBQWtCO0lBQzNDLE1BQU0sYUFBYSxHQUFHLE1BQU0sRUFBRSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDcEYsTUFBTSxRQUFRLEdBQUcsQ0FBQyxHQUFHLGFBQWEsQ0FBQyxRQUFRLElBQUksRUFBRSxFQUFFLEdBQUcsYUFBYSxDQUFDLGFBQWEsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUN6RixJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFO1FBQ3pCLE9BQU87S0FDUjtJQUVELE1BQU0sT0FBTyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFXLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxHQUFHLEVBQUUsTUFBTSxDQUFDLEdBQUcsRUFBRSxTQUFTLEVBQUUsTUFBTSxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUNsRyxNQUFNLEVBQUUsQ0FBQyxhQUFhLENBQUMsRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxFQUFFLE9BQU8sRUFBRSxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFFdkYsSUFBSSxhQUFhLEVBQUUsV0FBVyxFQUFFO1FBQzlCLE1BQU0sV0FBVyxDQUFDLFVBQVUsQ0FBQyxDQUFDO0tBQy9CO0FBQ0gsQ0FBQztBQUVELEtBQUssVUFBVSxRQUFRLENBQUMsVUFBbUI7SUFDekMsSUFBSSxDQUFDLFVBQVUsRUFBRTtRQUNmLE1BQU0sSUFBSSxLQUFLLENBQUMsNkJBQTZCLENBQUMsQ0FBQztLQUNoRDtJQUNELElBQUksQ0FBQyxNQUFNLHlCQUF5QixDQUFDLFVBQVUsQ0FBQyxFQUFFO1FBQ2hELE9BQU8sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHlCQUF5Qix1QkFBdUIsNkJBQTZCLENBQUMsQ0FBQztRQUNwRyxPQUFPO0tBQ1I7SUFDRCxJQUFJO1FBQ0YsTUFBTSxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUM7S0FDL0I7SUFBQyxPQUFPLENBQUMsRUFBRTtRQUNWLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxjQUFjLEVBQUU7WUFDN0IsTUFBTSxDQUFDLENBQUM7U0FDVDtRQUNELGlDQUFpQztLQUNsQztBQUNILENBQUM7QUFFRDs7Ozs7OztHQU9HO0FBQ0gsS0FBSyxVQUFVLHlCQUF5QixDQUFDLFVBQWtCO0lBQ3pELE1BQU0sUUFBUSxHQUFHLE1BQU0sRUFBRSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDN0UsT0FBTyxRQUFRLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEtBQUssdUJBQXVCLElBQUksR0FBRyxDQUFDLEtBQUssS0FBSyxNQUFNLENBQUMsQ0FBQztBQUNsRyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0IHsgUzMgfSBmcm9tICdhd3Mtc2RrJztcblxuY29uc3QgQVVUT19ERUxFVEVfT0JKRUNUU19UQUcgPSAnYXdzLWNkazphdXRvLWRlbGV0ZS1vYmplY3RzJztcblxuY29uc3QgczMgPSBuZXcgUzMoKTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgc3dpdGNoIChldmVudC5SZXF1ZXN0VHlwZSkge1xuICAgIGNhc2UgJ0NyZWF0ZSc6XG4gICAgICByZXR1cm47XG4gICAgY2FzZSAnVXBkYXRlJzpcbiAgICAgIHJldHVybiBvblVwZGF0ZShldmVudCk7XG4gICAgY2FzZSAnRGVsZXRlJzpcbiAgICAgIHJldHVybiBvbkRlbGV0ZShldmVudC5SZXNvdXJjZVByb3BlcnRpZXM/LkJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIG9uVXBkYXRlKGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KSB7XG4gIGNvbnN0IHVwZGF0ZUV2ZW50ID0gZXZlbnQgYXMgQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VVcGRhdGVFdmVudDtcbiAgY29uc3Qgb2xkQnVja2V0TmFtZSA9IHVwZGF0ZUV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcz8uQnVja2V0TmFtZTtcbiAgY29uc3QgbmV3QnVja2V0TmFtZSA9IHVwZGF0ZUV2ZW50LlJlc291cmNlUHJvcGVydGllcz8uQnVja2V0TmFtZTtcbiAgY29uc3QgYnVja2V0TmFtZUhhc0NoYW5nZWQgPSBuZXdCdWNrZXROYW1lICE9IG51bGwgJiYgb2xkQnVja2V0TmFtZSAhPSBudWxsICYmIG5ld0J1Y2tldE5hbWUgIT09IG9sZEJ1Y2tldE5hbWU7XG5cbiAgLyogSWYgdGhlIG5hbWUgb2YgdGhlIGJ1Y2tldCBoYXMgY2hhbmdlZCwgQ2xvdWRGb3JtYXRpb24gd2lsbCB0cnkgdG8gZGVsZXRlIHRoZSBidWNrZXRcbiAgICAgYW5kIGNyZWF0ZSBhIG5ldyBvbmUgd2l0aCB0aGUgbmV3IG5hbWUuIFNvIHdlIGhhdmUgdG8gZGVsZXRlIHRoZSBjb250ZW50cyBvZiB0aGVcbiAgICAgYnVja2V0IHNvIHRoYXQgdGhpcyBvcGVyYXRpb24gZG9lcyBub3QgZmFpbC4gKi9cbiAgaWYgKGJ1Y2tldE5hbWVIYXNDaGFuZ2VkKSB7XG4gICAgcmV0dXJuIG9uRGVsZXRlKG9sZEJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbi8qKlxuICogUmVjdXJzaXZlbHkgZGVsZXRlIGFsbCBpdGVtcyBpbiB0aGUgYnVja2V0XG4gKlxuICogQHBhcmFtIGJ1Y2tldE5hbWUgdGhlIGJ1Y2tldCBuYW1lXG4gKi9cbmFzeW5jIGZ1bmN0aW9uIGVtcHR5QnVja2V0KGJ1Y2tldE5hbWU6IHN0cmluZykge1xuICBjb25zdCBsaXN0ZWRPYmplY3RzID0gYXdhaXQgczMubGlzdE9iamVjdFZlcnNpb25zKHsgQnVja2V0OiBidWNrZXROYW1lIH0pLnByb21pc2UoKTtcbiAgY29uc3QgY29udGVudHMgPSBbLi4ubGlzdGVkT2JqZWN0cy5WZXJzaW9ucyA/PyBbXSwgLi4ubGlzdGVkT2JqZWN0cy5EZWxldGVNYXJrZXJzID8/IFtdXTtcbiAgaWYgKGNvbnRlbnRzLmxlbmd0aCA9PT0gMCkge1xuICAgIHJldHVybjtcbiAgfVxuXG4gIGNvbnN0IHJlY29yZHMgPSBjb250ZW50cy5tYXAoKHJlY29yZDogYW55KSA9PiAoeyBLZXk6IHJlY29yZC5LZXksIFZlcnNpb25JZDogcmVjb3JkLlZlcnNpb25JZCB9KSk7XG4gIGF3YWl0IHMzLmRlbGV0ZU9iamVjdHMoeyBCdWNrZXQ6IGJ1Y2tldE5hbWUsIERlbGV0ZTogeyBPYmplY3RzOiByZWNvcmRzIH0gfSkucHJvbWlzZSgpO1xuXG4gIGlmIChsaXN0ZWRPYmplY3RzPy5Jc1RydW5jYXRlZCkge1xuICAgIGF3YWl0IGVtcHR5QnVja2V0KGJ1Y2tldE5hbWUpO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIG9uRGVsZXRlKGJ1Y2tldE5hbWU/OiBzdHJpbmcpIHtcbiAgaWYgKCFidWNrZXROYW1lKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdObyBCdWNrZXROYW1lIHdhcyBwcm92aWRlZC4nKTtcbiAgfVxuICBpZiAoIWF3YWl0IGlzQnVja2V0VGFnZ2VkRm9yRGVsZXRpb24oYnVja2V0TmFtZSkpIHtcbiAgICBwcm9jZXNzLnN0ZG91dC53cml0ZShgQnVja2V0IGRvZXMgbm90IGhhdmUgJyR7QVVUT19ERUxFVEVfT0JKRUNUU19UQUd9JyB0YWcsIHNraXBwaW5nIGNsZWFuaW5nLlxcbmApO1xuICAgIHJldHVybjtcbiAgfVxuICB0cnkge1xuICAgIGF3YWl0IGVtcHR5QnVja2V0KGJ1Y2tldE5hbWUpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgaWYgKGUuY29kZSAhPT0gJ05vU3VjaEJ1Y2tldCcpIHtcbiAgICAgIHRocm93IGU7XG4gICAgfVxuICAgIC8vIEJ1Y2tldCBkb2Vzbid0IGV4aXN0LiBJZ25vcmluZ1xuICB9XG59XG5cbi8qKlxuICogVGhlIGJ1Y2tldCB3aWxsIG9ubHkgYmUgdGFnZ2VkIGZvciBkZWxldGlvbiBpZiBpdCdzIGJlaW5nIGRlbGV0ZWQgaW4gdGhlIHNhbWVcbiAqIGRlcGxveW1lbnQgYXMgdGhpcyBDdXN0b20gUmVzb3VyY2UuXG4gKlxuICogSWYgdGhlIEN1c3RvbSBSZXNvdXJjZSBpcyBldmVyeSBkZWxldGVkIGJlZm9yZSB0aGUgYnVja2V0LCBpdCBtdXN0IGJlIGJlY2F1c2VcbiAqIGBhdXRvRGVsZXRlT2JqZWN0c2AgaGFzIGJlZW4gc3dpdGNoZWQgdG8gZmFsc2UsIGluIHdoaWNoIGNhc2UgdGhlIHRhZyB3b3VsZCBoYXZlXG4gKiBiZWVuIHJlbW92ZWQgYmVmb3JlIHdlIGdldCB0byB0aGlzIERlbGV0ZSBldmVudC5cbiAqL1xuYXN5bmMgZnVuY3Rpb24gaXNCdWNrZXRUYWdnZWRGb3JEZWxldGlvbihidWNrZXROYW1lOiBzdHJpbmcpIHtcbiAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBzMy5nZXRCdWNrZXRUYWdnaW5nKHsgQnVja2V0OiBidWNrZXROYW1lIH0pLnByb21pc2UoKTtcbiAgcmV0dXJuIHJlc3BvbnNlLlRhZ1NldC5zb21lKHRhZyA9PiB0YWcuS2V5ID09PSBBVVRPX0RFTEVURV9PQkpFQ1RTX1RBRyAmJiB0YWcuVmFsdWUgPT09ICd0cnVlJyk7XG59Il19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts deleted file mode 100644 index 2459d44ab1d18..0000000000000 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.integ.snapshot/asset.bb426cfb5fed5237e5928f871893b243ddf86a591a592b558bd29f60e28bad9d/index.ts +++ /dev/null @@ -1,82 +0,0 @@ -// eslint-disable-next-line import/no-extraneous-dependencies -import { S3 } from 'aws-sdk'; - -const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; - -const s3 = new S3(); - -export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { - switch (event.RequestType) { - case 'Create': - return; - case 'Update': - return onUpdate(event); - case 'Delete': - return onDelete(event.ResourceProperties?.BucketName); - } -} - -async function onUpdate(event: AWSLambda.CloudFormationCustomResourceEvent) { - const updateEvent = event as AWSLambda.CloudFormationCustomResourceUpdateEvent; - const oldBucketName = updateEvent.OldResourceProperties?.BucketName; - const newBucketName = updateEvent.ResourceProperties?.BucketName; - const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; - - /* If the name of the bucket has changed, CloudFormation will try to delete the bucket - and create a new one with the new name. So we have to delete the contents of the - bucket so that this operation does not fail. */ - if (bucketNameHasChanged) { - return onDelete(oldBucketName); - } -} - -/** - * Recursively delete all items in the bucket - * - * @param bucketName the bucket name - */ -async function emptyBucket(bucketName: string) { - const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); - const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; - if (contents.length === 0) { - return; - } - - const records = contents.map((record: any) => ({ Key: record.Key, VersionId: record.VersionId })); - await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); - - if (listedObjects?.IsTruncated) { - await emptyBucket(bucketName); - } -} - -async function onDelete(bucketName?: string) { - if (!bucketName) { - throw new Error('No BucketName was provided.'); - } - if (!await isBucketTaggedForDeletion(bucketName)) { - process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); - return; - } - try { - await emptyBucket(bucketName); - } catch (e) { - if (e.code !== 'NoSuchBucket') { - throw e; - } - // Bucket doesn't exist. Ignoring - } -} - -/** - * The bucket will only be tagged for deletion if it's being deleted in the same - * deployment as this Custom Resource. - * - * If the Custom Resource is every deleted before the bucket, it must be because - * `autoDeleteObjects` has been switched to false, in which case the tag would have - * been removed before we get to this Delete event. - */ -async function isBucketTaggedForDeletion(bucketName: string) { - const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); - return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts index 5b16d80caf50d..92eeebe7d6571 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts @@ -2,7 +2,7 @@ import { Template, Match } from '@aws-cdk/assertions'; import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; -import { Stack } from '@aws-cdk/core'; +import { RemovalPolicy, Stack } from '@aws-cdk/core'; import { FlowLog, FlowLogDestination, FlowLogResourceType, FlowLogMaxAggregationInterval, LogFormat, Vpc } from '../lib'; describe('vpc flow logs', () => { @@ -344,6 +344,28 @@ describe('vpc flow logs', () => { }); }); + test('adds necessary dependencies', () => { + const stack = new Stack(); + stack.node.setContext('@aws-cdk/aws-s3:createDefaultLoggingPolicy', true); + const bucket = new s3.Bucket(stack, 'Bucket', { + removalPolicy: RemovalPolicy.DESTROY, + autoDeleteObjects: true, + }); + new FlowLog(stack, 'FlowLogs', { + resourceType: FlowLogResourceType.fromNetworkInterfaceId('eni-123456'), + destination: FlowLogDestination.toS3(bucket), + }); + + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::FlowLog', { + Properties: Match.anyValue(), + DependsOn: [ + 'BucketAutoDeleteObjectsCustomResourceBAFD23C2', + 'BucketPolicyE9A3008A', + ], + }); + }); + test('without future flag, does not create default bucket policy', () => { const stack = new Stack(); new FlowLog(stack, 'FlowLogs', {