From 90f1aa9f1c9b1906953209b032e999fe4fe52bd4 Mon Sep 17 00:00:00 2001 From: Razin Idzuddin <44442082+razin99@users.noreply.github.com> Date: Thu, 2 May 2024 08:49:24 +1000 Subject: [PATCH] feat(ec2): add support for environment files and variables in systemd (#29629) ### Reason for this change Allow users to define `Environment` and `EnvironmentFile` in a systemd service file. ### Description of changes Added 2 new properties for `ec2.InitService.systemdConfigFile`: 1. `environmentVariables` which is a string key value pair 2. `environmentFiles` which is a list of file paths ### Description of how you validated changes I have added a unit test. Documentations referred to: - https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#EnvironmentFile= - https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Environment= ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../integ.instance-init.js.snapshot/cdk.out | 2 +- .../integ-init.assets.json | 6 +- .../integ-init.template.json | 132 +++++---- .../integ.json | 2 +- .../manifest.json | 28 +- .../integ.instance-init.js.snapshot/tree.json | 258 ++++++++++-------- .../test/aws-ec2/test/integ.instance-init.ts | 10 + packages/aws-cdk-lib/aws-ec2/README.md | 17 ++ .../aws-ec2/lib/cfn-init-elements.ts | 32 ++- .../aws-ec2/test/cfn-init-element.test.ts | 29 ++ 10 files changed, 327 insertions(+), 189 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/cdk.out index 588d7b269d34f..1f0068d32659a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"20.0.0"} \ No newline at end of file +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.assets.json index b870a8b609d0f..c53efbaabdb00 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "36.0.0", "files": { "f8a1af398dac2fad92eeea4fb7620be1c4f504e23e3bfcd859fbb5744187930b": { "source": { @@ -14,7 +14,7 @@ } } }, - "7a2347ef5db54a3b52f3c186329ae12fa60cac0d2f3df743e42cb9b04d545496": { + "9c8784d47f15e42c89ef49a12c54d18ab7a30bd3d43df229bf8b235d9928374a": { "source": { "path": "integ-init.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7a2347ef5db54a3b52f3c186329ae12fa60cac0d2f3df743e42cb9b04d545496.json", + "objectKey": "9c8784d47f15e42c89ef49a12c54d18ab7a30bd3d43df229bf8b235d9928374a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json index 26b583d04e478..61a83874ac2c8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ-init.template.json @@ -18,9 +18,6 @@ "IntegInitVpcPublicSubnet1Subnet41A6F6D4": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "AvailabilityZone": { "Fn::Select": [ 0, @@ -44,21 +41,24 @@ "Key": "Name", "Value": "integ-init/IntegInitVpc/PublicSubnet1" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPublicSubnet1RouteTable837CD5FB": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "Tags": [ { "Key": "Name", "Value": "integ-init/IntegInitVpc/PublicSubnet1" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPublicSubnet1RouteTableAssociation00D33741": { @@ -75,12 +75,12 @@ "IntegInitVpcPublicSubnet1DefaultRoute5BB90E8C": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "IntegInitVpcPublicSubnet1RouteTable837CD5FB" - }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "RouteTableId": { + "Ref": "IntegInitVpcPublicSubnet1RouteTable837CD5FB" } }, "DependsOn": [ @@ -102,15 +102,15 @@ "IntegInitVpcPublicSubnet1NATGateway46F32F7F": { "Type": "AWS::EC2::NatGateway", "Properties": { - "SubnetId": { - "Ref": "IntegInitVpcPublicSubnet1Subnet41A6F6D4" - }, "AllocationId": { "Fn::GetAtt": [ "IntegInitVpcPublicSubnet1EIP46FCC3D6", "AllocationId" ] }, + "SubnetId": { + "Ref": "IntegInitVpcPublicSubnet1Subnet41A6F6D4" + }, "Tags": [ { "Key": "Name", @@ -126,9 +126,6 @@ "IntegInitVpcPublicSubnet2Subnet9A384F16": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "AvailabilityZone": { "Fn::Select": [ 1, @@ -152,21 +149,24 @@ "Key": "Name", "Value": "integ-init/IntegInitVpc/PublicSubnet2" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPublicSubnet2RouteTableF7E8F920": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "Tags": [ { "Key": "Name", "Value": "integ-init/IntegInitVpc/PublicSubnet2" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPublicSubnet2RouteTableAssociationB816F9F3": { @@ -183,12 +183,12 @@ "IntegInitVpcPublicSubnet2DefaultRoute2393995F": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "IntegInitVpcPublicSubnet2RouteTableF7E8F920" - }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "RouteTableId": { + "Ref": "IntegInitVpcPublicSubnet2RouteTableF7E8F920" } }, "DependsOn": [ @@ -210,15 +210,15 @@ "IntegInitVpcPublicSubnet2NATGateway9CCB4A9C": { "Type": "AWS::EC2::NatGateway", "Properties": { - "SubnetId": { - "Ref": "IntegInitVpcPublicSubnet2Subnet9A384F16" - }, "AllocationId": { "Fn::GetAtt": [ "IntegInitVpcPublicSubnet2EIP553B40DC", "AllocationId" ] }, + "SubnetId": { + "Ref": "IntegInitVpcPublicSubnet2Subnet9A384F16" + }, "Tags": [ { "Key": "Name", @@ -234,9 +234,6 @@ "IntegInitVpcPrivateSubnet1Subnet259B51C1": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "AvailabilityZone": { "Fn::Select": [ 0, @@ -260,21 +257,24 @@ "Key": "Name", "Value": "integ-init/IntegInitVpc/PrivateSubnet1" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPrivateSubnet1RouteTableCB37994B": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "Tags": [ { "Key": "Name", "Value": "integ-init/IntegInitVpc/PrivateSubnet1" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPrivateSubnet1RouteTableAssociation067DEF9D": { @@ -291,21 +291,18 @@ "IntegInitVpcPrivateSubnet1DefaultRoute654ACECF": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "IntegInitVpcPrivateSubnet1RouteTableCB37994B" - }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "IntegInitVpcPublicSubnet1NATGateway46F32F7F" + }, + "RouteTableId": { + "Ref": "IntegInitVpcPrivateSubnet1RouteTableCB37994B" } } }, "IntegInitVpcPrivateSubnet2Subnet1643B059": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "AvailabilityZone": { "Fn::Select": [ 1, @@ -329,21 +326,24 @@ "Key": "Name", "Value": "integ-init/IntegInitVpc/PrivateSubnet2" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPrivateSubnet2RouteTable030EC93B": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "Tags": [ { "Key": "Name", "Value": "integ-init/IntegInitVpc/PrivateSubnet2" } - ] + ], + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "IntegInitVpcPrivateSubnet2RouteTableAssociation6B52BD72": { @@ -360,12 +360,12 @@ "IntegInitVpcPrivateSubnet2DefaultRoute6A10B6EA": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "IntegInitVpcPrivateSubnet2RouteTable030EC93B" - }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "IntegInitVpcPublicSubnet2NATGateway9CCB4A9C" + }, + "RouteTableId": { + "Ref": "IntegInitVpcPrivateSubnet2RouteTable030EC93B" } } }, @@ -383,11 +383,11 @@ "IntegInitVpcVPCGW85EDC292": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { - "VpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "InternetGatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "VpcId": { + "Ref": "IntegInitVpc0D4FCCB3" } } }, @@ -513,7 +513,7 @@ ] } }, - "Instance255F35265a0c5f577d761edb0": { + "Instance255F3526574cbd507dfce8b71": { "Type": "AWS::EC2::Instance", "Properties": { "AvailabilityZone": { @@ -553,7 +553,7 @@ "Fn::Join": [ "", [ - "#!/bin/bash\n# fingerprint: 89cb2e09a1c3d4c8\n(\n set +e\n /opt/aws/bin/cfn-init -v --region ", + "#!/bin/bash\n# fingerprint: 4f2827c68bde31b4\n(\n set +e\n /opt/aws/bin/cfn-init -v --region ", { "Ref": "AWS::Region" }, @@ -561,7 +561,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F35265a0c5f577d761edb0 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", + " --resource Instance255F3526574cbd507dfce8b71 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", { "Ref": "AWS::Region" }, @@ -569,7 +569,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F35265a0c5f577d761edb0\n cat /var/log/cfn-init.log >&2\n)" + " --resource Instance255F3526574cbd507dfce8b71\n cat /var/log/cfn-init.log >&2\n)" ] ] } @@ -641,6 +641,24 @@ "group": "root" } } + }, + "service": { + "files": { + "/myvars.env": { + "content": "OTHER_VAR=\"im from the file :3\"", + "encoding": "plain", + "mode": "000644", + "owner": "root", + "group": "root" + }, + "/etc/systemd/system/myapp.service": { + "content": "[Unit]\nAfter=network.target\n[Service]\nExecStart=/bin/bash -c \"echo HELLO_WORLD=${MY_VAR} | FROM_FILE=${OTHER_VAR}\"\nRestart=always\nEnvironmentFile=/myvars.env\nEnvironment=\"MY_VAR=its me :)\"\n[Install]\nWantedBy=multi-user.target", + "encoding": "plain", + "mode": "000644", + "owner": "root", + "group": "root" + } + } } }, "AWS::CloudFormation::Authentication": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ.json index c9b329f38f134..e6ea8f3290924 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "36.0.0", "testCases": { "integ.instance-init": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/manifest.json index e09b703dba2f8..b0e1d19683224 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "21.0.0", + "version": "36.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "integ-init.assets": { "type": "cdk:asset-manifest", "properties": { @@ -20,10 +14,11 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "integ-init.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7a2347ef5db54a3b52f3c186329ae12fa60cac0d2f3df743e42cb9b04d545496.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9c8784d47f15e42c89ef49a12c54d18ab7a30bd3d43df229bf8b235d9928374a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -204,7 +199,7 @@ "/integ-init/Instance2/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Instance255F35265a0c5f577d761edb0" + "data": "Instance255F3526574cbd507dfce8b71" } ], "/integ-init/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ @@ -224,9 +219,24 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "Instance255F35265a0c5f577d761edb0": [ + { + "type": "aws:cdk:logicalId", + "data": "Instance255F35265a0c5f577d761edb0", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "integ-init" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/tree.json index 756d6cfa7751d..49b19533e3106 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.123" - } - }, "integ-init": { "id": "integ-init", "path": "integ-init", @@ -39,7 +31,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", "version": "0.0.0" } }, @@ -53,9 +45,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "availabilityZone": { "Fn::Select": [ 0, @@ -79,11 +68,14 @@ "key": "Name", "value": "integ-init/IntegInitVpc/PublicSubnet1" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -91,7 +83,7 @@ "id": "Acl", "path": "integ-init/IntegInitVpc/PublicSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -101,19 +93,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "tags": [ { "key": "Name", "value": "integ-init/IntegInitVpc/PublicSubnet1" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -132,7 +124,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -142,17 +134,17 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "IntegInitVpcPublicSubnet1RouteTable837CD5FB" - }, "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "routeTableId": { + "Ref": "IntegInitVpcPublicSubnet1RouteTable837CD5FB" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -172,7 +164,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -182,15 +174,15 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "IntegInitVpcPublicSubnet1Subnet41A6F6D4" - }, "allocationId": { "Fn::GetAtt": [ "IntegInitVpcPublicSubnet1EIP46FCC3D6", "AllocationId" ] }, + "subnetId": { + "Ref": "IntegInitVpcPublicSubnet1Subnet41A6F6D4" + }, "tags": [ { "key": "Name", @@ -200,13 +192,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -220,9 +212,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "availabilityZone": { "Fn::Select": [ 1, @@ -246,11 +235,14 @@ "key": "Name", "value": "integ-init/IntegInitVpc/PublicSubnet2" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -258,7 +250,7 @@ "id": "Acl", "path": "integ-init/IntegInitVpc/PublicSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -268,19 +260,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "tags": [ { "key": "Name", "value": "integ-init/IntegInitVpc/PublicSubnet2" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -299,7 +291,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -309,17 +301,17 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "IntegInitVpcPublicSubnet2RouteTableF7E8F920" - }, "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "routeTableId": { + "Ref": "IntegInitVpcPublicSubnet2RouteTableF7E8F920" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -339,7 +331,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -349,15 +341,15 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "IntegInitVpcPublicSubnet2Subnet9A384F16" - }, "allocationId": { "Fn::GetAtt": [ "IntegInitVpcPublicSubnet2EIP553B40DC", "AllocationId" ] }, + "subnetId": { + "Ref": "IntegInitVpcPublicSubnet2Subnet9A384F16" + }, "tags": [ { "key": "Name", @@ -367,13 +359,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -387,9 +379,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "availabilityZone": { "Fn::Select": [ 0, @@ -413,11 +402,14 @@ "key": "Name", "value": "integ-init/IntegInitVpc/PrivateSubnet1" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -425,7 +417,7 @@ "id": "Acl", "path": "integ-init/IntegInitVpc/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -435,19 +427,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "tags": [ { "key": "Name", "value": "integ-init/IntegInitVpc/PrivateSubnet1" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -466,7 +458,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -476,23 +468,23 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "IntegInitVpcPrivateSubnet1RouteTableCB37994B" - }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { "Ref": "IntegInitVpcPublicSubnet1NATGateway46F32F7F" + }, + "routeTableId": { + "Ref": "IntegInitVpcPrivateSubnet1RouteTableCB37994B" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -506,9 +498,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "availabilityZone": { "Fn::Select": [ 1, @@ -532,11 +521,14 @@ "key": "Name", "value": "integ-init/IntegInitVpc/PrivateSubnet2" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -544,7 +536,7 @@ "id": "Acl", "path": "integ-init/IntegInitVpc/PrivateSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -554,19 +546,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "tags": [ { "key": "Name", "value": "integ-init/IntegInitVpc/PrivateSubnet2" } - ] + ], + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -585,7 +577,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -595,23 +587,23 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "IntegInitVpcPrivateSubnet2RouteTable030EC93B" - }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { "Ref": "IntegInitVpcPublicSubnet2NATGateway9CCB4A9C" + }, + "routeTableId": { + "Ref": "IntegInitVpcPrivateSubnet2RouteTable030EC93B" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -630,7 +622,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", "version": "0.0.0" } }, @@ -640,22 +632,22 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "IntegInitVpc0D4FCCB3" - }, "internetGatewayId": { "Ref": "IntegInitVpcIGWF019AC85" + }, + "vpcId": { + "Ref": "IntegInitVpc0D4FCCB3" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Vpc", + "fqn": "aws-cdk-lib.aws_ec2.Vpc", "version": "0.0.0" } }, @@ -693,13 +685,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, @@ -707,6 +699,14 @@ "id": "InstanceRole", "path": "integ-init/Instance2/InstanceRole", "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "integ-init/Instance2/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "integ-init/Instance2/InstanceRole/Resource", @@ -734,7 +734,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -813,19 +813,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -843,7 +843,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } }, @@ -890,7 +890,7 @@ "Fn::Join": [ "", [ - "#!/bin/bash\n# fingerprint: 89cb2e09a1c3d4c8\n(\n set +e\n /opt/aws/bin/cfn-init -v --region ", + "#!/bin/bash\n# fingerprint: 4f2827c68bde31b4\n(\n set +e\n /opt/aws/bin/cfn-init -v --region ", { "Ref": "AWS::Region" }, @@ -898,7 +898,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F35265a0c5f577d761edb0 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", + " --resource Instance255F3526574cbd507dfce8b71 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", { "Ref": "AWS::Region" }, @@ -906,7 +906,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F35265a0c5f577d761edb0\n cat /var/log/cfn-init.log >&2\n)" + " --resource Instance255F3526574cbd507dfce8b71\n cat /var/log/cfn-init.log >&2\n)" ] ] } @@ -914,13 +914,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInstance", + "fqn": "aws-cdk-lib.aws_ec2.CfnInstance", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Instance", + "fqn": "aws-cdk-lib.aws_ec2.Instance", "version": "0.0.0" } }, @@ -928,7 +928,7 @@ "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", "path": "integ-init/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -936,45 +936,69 @@ "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", "path": "integ-init/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, - "--tmp--sourceDirAsset": { - "id": "--tmp--sourceDirAsset", - "path": "integ-init/--tmp--sourceDirAsset", + "8eb8c649578016a67a91b76e17aad728--tmp--sourceDirAsset": { + "id": "8eb8c649578016a67a91b76e17aad728--tmp--sourceDirAsset", + "path": "integ-init/8eb8c649578016a67a91b76e17aad728--tmp--sourceDirAsset", "children": { "Stage": { "id": "Stage", - "path": "integ-init/--tmp--sourceDirAsset/Stage", + "path": "integ-init/8eb8c649578016a67a91b76e17aad728--tmp--sourceDirAsset/Stage", "constructInfo": { - "fqn": "@aws-cdk/core.AssetStaging", + "fqn": "aws-cdk-lib.AssetStaging", "version": "0.0.0" } }, "AssetBucket": { "id": "AssetBucket", - "path": "integ-init/--tmp--sourceDirAsset/AssetBucket", + "path": "integ-init/8eb8c649578016a67a91b76e17aad728--tmp--sourceDirAsset/AssetBucket", "constructInfo": { - "fqn": "@aws-cdk/aws-s3.BucketBase", + "fqn": "aws-cdk-lib.aws_s3.BucketBase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3-assets.Asset", + "fqn": "aws-cdk-lib.aws_s3_assets.Asset", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-init/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-init/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.ts index f7f40c4a49fe8..15dfc02f434cf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-init.ts @@ -49,6 +49,16 @@ new ec2.Instance(stack, 'Instance2', { ec2.InitUser.fromName('sysuser2'), ec2.InitSource.fromAsset('/tmp/sourceDir', tmpDir), ]), + service: new ec2.InitConfig([ + ec2.InitFile.fromString('/myvars.env', 'OTHER_VAR="im from the file :3"'), + ec2.InitService.systemdConfigFile('myapp', { + command: '/bin/bash -c "echo HELLO_WORLD=${MY_VAR} | FROM_FILE=${OTHER_VAR}"', + environmentVariables: { + MY_VAR: 'its me :)', + }, + environmentFiles: ['/myvars.env'], + }), + ]), }, }), }); diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index 840dd8db632bd..900dddf2f20cb 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -1465,6 +1465,23 @@ ec2.CloudFormationInit.fromElements( ); ``` +You can use the `environmentVariables` or `environmentFiles` parameters to specify environment variables +for your services: + +```ts +new ec2.InitConfig([ + ec2.InitFile.fromString('/myvars.env', 'VAR_FROM_FILE="VAR_FROM_FILE"'), + ec2.InitService.systemdConfigFile('myapp', { + command: '/usr/bin/python3 -m http.server 8080', + cwd: '/var/www/html', + environmentVariables: { + MY_VAR: 'MY_VAR', + }, + environmentFiles: ['/myvars.env'], + }), +]) +``` + ### Bastion Hosts A bastion host functions as an instance used to access servers and resources in a VPC without open up the complete VPC on a network level. diff --git a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts index eefaed69bfbff..f0c970726547e 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts @@ -835,6 +835,10 @@ export class InitService extends InitElement { throw new Error(`SystemD executables must use an absolute path, got '${options.command}'`); } + if (options.environmentFiles?.some(file => !file.startsWith('/'))) { + throw new Error('SystemD environment files must use absolute paths'); + } + const lines = [ '[Unit]', ...(options.description ? [`Description=${options.description}`] : []), @@ -845,6 +849,17 @@ export class InitService extends InitElement { ...(options.user ? [`User=${options.user}`] : []), ...(options.group ? [`Group=${options.user}`] : []), ...(options.keepRunning ?? true ? ['Restart=always'] : []), + ...( + options.environmentFiles + ? options.environmentFiles.map(file => `EnvironmentFile=${file}`) + : [] + ), + ...( + options.environmentVariables + ? Object.entries(options.environmentVariables) + .map(([key, value]) => `Environment="${key}=${value}"`) + : [] + ), '[Install]', 'WantedBy=multi-user.target', ]; @@ -1108,4 +1123,19 @@ export interface SystemdConfigFileOptions { * @default true */ readonly afterNetwork?: boolean; -} \ No newline at end of file + + /** + * Environment variables to load when the process is running. + * + * @default - No environment variables set + */ + readonly environmentVariables?: Record; + + /** + * Loads environment variables from files when the process is running. + * Must use absolute paths. + * + * @default - No environment files + */ + readonly environmentFiles?: string[]; +} diff --git a/packages/aws-cdk-lib/aws-ec2/test/cfn-init-element.test.ts b/packages/aws-cdk-lib/aws-ec2/test/cfn-init-element.test.ts index 2d3656e423322..a2472652c6fac 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/cfn-init-element.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/cfn-init-element.test.ts @@ -727,6 +727,35 @@ describe('InitService', () => { expect(capture).toContain('Group=ec2-user'); expect(capture).toContain('Description=my service'); }); + + test('can create systemd file with environment variables', () => { + // WHEN + const file = ec2.InitService.systemdConfigFile('myserver', { + command: '/start/my/service', + cwd: '/my/dir', + user: 'ec2-user', + group: 'ec2-user', + description: 'my service', + environmentFiles: ['/files/one', '/files/two'], + environmentVariables: { + HELLO: 'WORLD', + }, + }); + + // THEN + const bindOptions = defaultOptions(InitPlatform.LINUX); + const rendered = file._bind(bindOptions).config; + expect(rendered).toEqual({ + '/etc/systemd/system/myserver.service': expect.objectContaining({ + content: expect.any(String), + }), + }); + + const capture = rendered['/etc/systemd/system/myserver.service'].content; + expect(capture).toContain('EnvironmentFile=/files/one'); + expect(capture).toContain('EnvironmentFile=/files/two'); + expect(capture).toContain('Environment="HELLO=WORLD"'); + }); }); describe('InitSource', () => {