diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.eslintrc.js b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.eslintrc.js deleted file mode 100644 index b284f20df26e9..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.eslintrc.js +++ /dev/null @@ -1,8 +0,0 @@ -const baseConfig = require('@aws-cdk/cdk-build-tools/config/eslintrc'); -baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; - -baseConfig.rules['import/no-extraneous-dependencies'] = ['error', { devDependencies: true, peerDependencies: true } ]; -baseConfig.rules['import/order'] = 'off'; -baseConfig.rules['@aws-cdk/invalid-cfn-imports'] = 'off'; - -module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.gitignore b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.gitignore deleted file mode 100644 index 773e62878183c..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.gitignore +++ /dev/null @@ -1,23 +0,0 @@ -*.d.ts -*.generated.ts -*.js -*.js.map -*.snk -.jsii -.LAST_BUILD -.LAST_PACKAGE -nyc.config.js -.nyc_output -coverage -dist -tsconfig.json -!.eslintrc.js -!jest.config.js - -junit.xml -!**/*.snapshot/**/asset.*/*.js -!**/*.snapshot/**/asset.*/*.d.ts - -!**/*.snapshot/**/asset.*/** - - diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.npmignore b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.npmignore deleted file mode 100644 index 249cfde64bfdf..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/.npmignore +++ /dev/null @@ -1,30 +0,0 @@ -# The basics -*.ts -*.tgz -*.snk -!*.d.ts -!*.js -**/cdk.out - -# Coverage -coverage -.nyc_output -.nycrc - -# Build gear -dist -.LAST_BUILD -.LAST_PACKAGE - -*.tsbuildinfo -tsconfig.json -!.jsii -.eslintrc.js -jest.config.js - -# exclude cdk artifacts -**/cdk.out -junit.xml -test/ -!*.lit.ts -**/*.snapshot diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/LICENSE b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/LICENSE deleted file mode 100644 index 9b722c65c5481..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/NOTICE b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/NOTICE deleted file mode 100644 index a27b7dd317649..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/NOTICE +++ /dev/null @@ -1,2 +0,0 @@ -AWS Cloud Development Kit (AWS CDK) -Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/README.md b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/README.md deleted file mode 100644 index f69eb15db0b5a..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/README.md +++ /dev/null @@ -1,297 +0,0 @@ -# AWS APIGatewayv2 Authorizers - - - ---- - -![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) - -> This API may emit warnings. Backward compatibility is not guaranteed. - ---- - - - -All constructs moved to aws-cdk-lib/aws-apigatewayv2-authorizers. - - -## Table of Contents - -- [Introduction](#introduction) -- [HTTP APIs](#http-apis) - - [Default Authorization](#default-authorization) - - [Route Authorization](#route-authorization) - - [JWT Authorizers](#jwt-authorizers) - - [User Pool Authorizer](#user-pool-authorizer) - - [Lambda Authorizers](#lambda-authorizers) - - [IAM Authorizers](#iam-authorizers) -- [WebSocket APIs](#websocket-apis) - - [Lambda Authorizer](#lambda-authorizer) - - [IAM Authorizers](#iam-authorizer) - -## Introduction - -API Gateway supports multiple mechanisms for controlling and managing access to your HTTP API. They are mainly -classified into Lambda Authorizers, JWT authorizers, and standard AWS IAM roles and policies. More information is -available at [Controlling and managing access to an HTTP -API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-access-control.html). - -## HTTP APIs - -Access control for HTTP APIs is managed by restricting which routes can be invoked via. - -Authorizers and scopes can either be applied to the API, or specifically for each route. - -### Default Authorization - -When using default authorization, all routes of the API will inherit the configuration. - -In the example below, all routes will require the `manage:books` scope present in order to invoke the integration. - -```ts -import { HttpJwtAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; - -const issuer = 'https://test.us.auth0.com'; -const authorizer = new HttpJwtAuthorizer('DefaultAuthorizer', issuer, { - jwtAudience: ['3131231'], -}); - -const api = new apigwv2.HttpApi(this, 'HttpApi', { - defaultAuthorizer: authorizer, - defaultAuthorizationScopes: ['manage:books'], -}); -``` - -### Route Authorization - -Authorization can also be configured for each Route. When a route authorization is configured, it takes precedence over default authorization. - -The example below showcases default authorization, along with route authorization. It also shows how to remove authorization entirely for a route. - -- `GET /books` and `GET /books/{id}` use the default authorizer settings on the api -- `POST /books` will require the `['write:books']` scope -- `POST /login` removes the default authorizer (unauthenticated route) - -```ts -import { HttpJwtAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { HttpUrlIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -const issuer = 'https://test.us.auth0.com'; -const authorizer = new HttpJwtAuthorizer('DefaultAuthorizer', issuer, { - jwtAudience: ['3131231'], -}); - -const api = new apigwv2.HttpApi(this, 'HttpApi', { - defaultAuthorizer: authorizer, - defaultAuthorizationScopes: ['read:books'], -}); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books', - methods: [apigwv2.HttpMethod.GET], -}); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIdIntegration', 'https://get-books-proxy.example.com'), - path: '/books/{id}', - methods: [apigwv2.HttpMethod.GET], -}); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books', - methods: [apigwv2.HttpMethod.POST], - authorizationScopes: ['write:books'] -}); - -api.addRoutes({ - integration: new HttpUrlIntegration('LoginIntegration', 'https://get-books-proxy.example.com'), - path: '/login', - methods: [apigwv2.HttpMethod.POST], - authorizer: new apigwv2.HttpNoneAuthorizer(), -}); -``` - -### JWT Authorizers - -JWT authorizers allow the use of JSON Web Tokens (JWTs) as part of [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) and [OAuth 2.0](https://oauth.net/2/) frameworks to allow and restrict clients from accessing HTTP APIs. - -When configured, API Gateway validates the JWT submitted by the client, and allows or denies access based on its content. - -The location of the token is defined by the `identitySource` which defaults to the HTTP `Authorization` header. However it also -[supports a number of other options](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.identity-sources). -It then decodes the JWT and validates the signature and claims, against the options defined in the authorizer and route (scopes). -For more information check the [JWT Authorizer documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html). - -Clients that fail authorization are presented with either 2 responses: - -- `401 - Unauthorized` - When the JWT validation fails -- `403 - Forbidden` - When the JWT validation is successful but the required scopes are not met - -```ts -import { HttpJwtAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { HttpUrlIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -const issuer = 'https://test.us.auth0.com'; -const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', issuer, { - jwtAudience: ['3131231'], -}); - -const api = new apigwv2.HttpApi(this, 'HttpApi'); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books', - authorizer, -}); -``` - -#### User Pool Authorizer - -User Pool Authorizer is a type of JWT Authorizer that uses a Cognito user pool and app client to control who can access your API. After a successful authorization from the app client, the generated access token will be used as the JWT. - -Clients accessing an API that uses a user pool authorizer must first sign in to a user pool and obtain an identity or access token. -They must then use this token in the specified `identitySource` for the API call. More information is available at [using Amazon Cognito user -pools as authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html). - -```ts -import * as cognito from 'aws-cdk-lib/aws-cognito'; -import { HttpUserPoolAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { HttpUrlIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -const userPool = new cognito.UserPool(this, 'UserPool'); - -const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool); - -const api = new apigwv2.HttpApi(this, 'HttpApi'); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books', - authorizer, -}); -``` - -### Lambda Authorizers - -Lambda authorizers use a Lambda function to control access to your HTTP API. When a client calls your API, API Gateway invokes your Lambda function and uses the response to determine whether the client can access your API. - -Lambda authorizers depending on their response, fall into either two types - Simple or IAM. You can learn about differences [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response). - - -```ts -import { HttpLambdaAuthorizer, HttpLambdaResponseType } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { HttpUrlIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -// This function handles your auth logic -declare const authHandler: lambda.Function; - -const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', authHandler, { - responseTypes: [HttpLambdaResponseType.SIMPLE], // Define if returns simple and/or iam response -}); - -const api = new apigwv2.HttpApi(this, 'HttpApi'); - -api.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books', - authorizer, -}); -``` - -### IAM Authorizers - -API Gateway supports IAM via the included `HttpIamAuthorizer` and grant syntax: - -```ts -import { HttpIamAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { HttpUrlIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -declare const principal: iam.AnyPrincipal; - -const authorizer = new HttpIamAuthorizer(); - -const httpApi = new apigwv2.HttpApi(this, 'HttpApi', { - defaultAuthorizer: authorizer, -}); - -const routes = httpApi.addRoutes({ - integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), - path: '/books/{book}', -}); - -routes[0].grantInvoke(principal); -``` - -## WebSocket APIs - -You can set an authorizer to your WebSocket API's `$connect` route to control access to your API. - -### Lambda Authorizer - -Lambda authorizers use a Lambda function to control access to your WebSocket API. When a client connects to your API, API Gateway invokes your Lambda function and uses the response to determine whether the client can access your API. - -```ts -import { WebSocketLambdaAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -// This function handles your auth logic -declare const authHandler: lambda.Function; - -// This function handles your WebSocket requests -declare const handler: lambda.Function; - -const authorizer = new WebSocketLambdaAuthorizer('Authorizer', authHandler); - -const integration = new WebSocketLambdaIntegration( - 'Integration', - handler, -); - -new apigwv2.WebSocketApi(this, 'WebSocketApi', { - connectRouteOptions: { - integration, - authorizer, - }, -}); -``` - -### IAM Authorizer - -IAM authorizers can be used to allow identity-based access to your WebSocket API. - -```ts -import { WebSocketIamAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers-alpha'; -import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; - -// This function handles your connect route -declare const connectHandler: lambda.Function; - -const webSocketApi = new apigwv2.WebSocketApi(this, 'WebSocketApi'); - -webSocketApi.addRoute('$connect', { - integration: new WebSocketLambdaIntegration('Integration', connectHandler), - authorizer: new WebSocketIamAuthorizer() -}); - -// Create an IAM user (identity) -const user = new iam.User(this, 'User'); - -const webSocketArn = Stack.of(this).formatArn({ - service: 'execute-api', - resource: webSocketApi.apiId, -}); - -// Grant access to the IAM user -user.attachInlinePolicy(new iam.Policy(this, 'AllowInvoke', { - statements: [ - new iam.PolicyStatement({ - actions: ['execute-api:Invoke'], - effect: iam.Effect.ALLOW, - resources: [webSocketArn], - }), - ], -})); - -``` diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/awslint.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/awslint.json deleted file mode 100644 index 218e7dcc5a888..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/awslint.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "exclude": [ - ] -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/jest.config.js b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/jest.config.js deleted file mode 100644 index 9f9ccac177e1b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/jest.config.js +++ /dev/null @@ -1,10 +0,0 @@ -const baseConfig = require('@aws-cdk/cdk-build-tools/config/jest.config'); -module.exports = { - ...baseConfig, - coverageThreshold: { - global: { - ...baseConfig.coverageThreshold.global, - branches: 70, - }, - }, -}; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/iam.ts deleted file mode 100644 index 22c96ddd11a7b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/iam.ts +++ /dev/null @@ -1,17 +0,0 @@ -import { - HttpAuthorizerType, - HttpRouteAuthorizerBindOptions, - HttpRouteAuthorizerConfig, - IHttpRouteAuthorizer, -} from '@aws-cdk/aws-apigatewayv2-alpha'; - -/** - * Authorize HTTP API Routes with IAM - */ -export class HttpIamAuthorizer implements IHttpRouteAuthorizer { - public bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { - return { - authorizationType: HttpAuthorizerType.IAM, - }; - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/index.ts deleted file mode 100644 index ff394e018a14b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/index.ts +++ /dev/null @@ -1,4 +0,0 @@ -export * from './user-pool'; -export * from './jwt'; -export * from './lambda'; -export * from './iam'; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/jwt.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/jwt.ts deleted file mode 100644 index b1472466ce3da..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/jwt.ts +++ /dev/null @@ -1,70 +0,0 @@ -import { - HttpAuthorizer, - HttpAuthorizerType, - HttpRouteAuthorizerBindOptions, - HttpRouteAuthorizerConfig, - IHttpRouteAuthorizer, -} from '@aws-cdk/aws-apigatewayv2-alpha'; - -/** - * Properties to initialize HttpJwtAuthorizer. - */ -export interface HttpJwtAuthorizerProps { - - /** - * The name of the authorizer - * @default - same value as `id` passed in the constructor - */ - readonly authorizerName?: string; - - /** - * The identity source for which authorization is requested. - * - * @default ['$request.header.Authorization'] - */ - readonly identitySource?: string[], - - /** - * A list of the intended recipients of the JWT. - * A valid JWT must provide an aud that matches at least one entry in this list. - */ - readonly jwtAudience: string[] -} - -/** - * Authorize Http Api routes on whether the requester is registered as part of - * an AWS Cognito user pool. - */ -export class HttpJwtAuthorizer implements IHttpRouteAuthorizer { - private authorizer?: HttpAuthorizer; - - /** - * Initialize a JWT authorizer to be bound with HTTP route. - * @param id The id of the underlying construct - * @param jwtIssuer The base domain of the identity provider that issues JWT - * @param props Properties to configure the authorizer - */ - constructor( - private readonly id: string, - private readonly jwtIssuer: string, - private readonly props: HttpJwtAuthorizerProps) { - } - - public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { - if (!this.authorizer) { - this.authorizer = new HttpAuthorizer(options.scope, this.id, { - httpApi: options.route.httpApi, - identitySource: this.props.identitySource ?? ['$request.header.Authorization'], - type: HttpAuthorizerType.JWT, - authorizerName: this.props.authorizerName ?? this.id, - jwtAudience: this.props.jwtAudience, - jwtIssuer: this.jwtIssuer, - }); - } - - return { - authorizerId: this.authorizer.authorizerId, - authorizationType: 'JWT', - }; - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/lambda.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/lambda.ts deleted file mode 100644 index 26ba4f1743499..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/lambda.ts +++ /dev/null @@ -1,129 +0,0 @@ -import { - HttpAuthorizer, - HttpAuthorizerType, - HttpRouteAuthorizerBindOptions, - HttpRouteAuthorizerConfig, - IHttpRouteAuthorizer, - AuthorizerPayloadVersion, - IHttpApi, -} from '@aws-cdk/aws-apigatewayv2-alpha'; -import { ServicePrincipal } from 'aws-cdk-lib/aws-iam'; -import { IFunction } from 'aws-cdk-lib/aws-lambda'; -import { Stack, Duration, Names } from 'aws-cdk-lib/core'; - -/** - * Specifies the type responses the lambda returns - */ -export enum HttpLambdaResponseType { - /** Returns simple boolean response */ - SIMPLE, - - /** Returns an IAM Policy */ - IAM, -} - -/** - * Properties to initialize HttpTokenAuthorizer. - */ -export interface HttpLambdaAuthorizerProps { - - /** - * Friendly authorizer name - * @default - same value as `id` passed in the constructor. - */ - readonly authorizerName?: string; - - /** - * The identity source for which authorization is requested. - * - * @default ['$request.header.Authorization'] - */ - readonly identitySource?: string[]; - - /** - * How long APIGateway should cache the results. Max 1 hour. - * Disable caching by setting this to `Duration.seconds(0)`. - * - * @default Duration.minutes(5) - */ - readonly resultsCacheTtl?: Duration; - - /** - * The types of responses the lambda can return - * - * If HttpLambdaResponseType.SIMPLE is included then - * response format 2.0 will be used. - * - * @see https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response - * - * @default [HttpLambdaResponseType.IAM] - */ - readonly responseTypes?: HttpLambdaResponseType[]; -} - -/** - * Authorize Http Api routes via a lambda function - */ -export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { - private authorizer?: HttpAuthorizer; - private httpApi?: IHttpApi; - - /** - * Initialize a lambda authorizer to be bound with HTTP route. - * @param id The id of the underlying construct - * @param pool The lambda function handler to use for authorization - * @param props Properties to configure the authorizer - */ - constructor( - private readonly id: string, - private readonly handler: IFunction, - private readonly props: HttpLambdaAuthorizerProps = {}) { - } - - public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { - if (this.httpApi && (this.httpApi.apiId !== options.route.httpApi.apiId)) { - throw new Error('Cannot attach the same authorizer to multiple Apis'); - } - - if (!this.authorizer) { - const responseTypes = this.props.responseTypes ?? [HttpLambdaResponseType.IAM]; - const enableSimpleResponses = responseTypes.includes(HttpLambdaResponseType.SIMPLE) || undefined; - - this.httpApi = options.route.httpApi; - this.authorizer = new HttpAuthorizer(options.scope, this.id, { - httpApi: options.route.httpApi, - identitySource: this.props.identitySource ?? [ - '$request.header.Authorization', - ], - type: HttpAuthorizerType.LAMBDA, - authorizerName: this.props.authorizerName ?? this.id, - enableSimpleResponses, - payloadFormatVersion: enableSimpleResponses ? AuthorizerPayloadVersion.VERSION_2_0 : AuthorizerPayloadVersion.VERSION_1_0, - authorizerUri: lambdaAuthorizerArn(this.handler), - resultsCacheTtl: this.props.resultsCacheTtl ?? Duration.minutes(5), - }); - - this.handler.addPermission(`${Names.nodeUniqueId(this.authorizer.node)}-Permission`, { - scope: options.scope, - principal: new ServicePrincipal('apigateway.amazonaws.com'), - sourceArn: Stack.of(options.route).formatArn({ - service: 'execute-api', - resource: options.route.httpApi.apiId, - resourceName: `authorizers/${this.authorizer.authorizerId}`, - }), - }); - } - - return { - authorizerId: this.authorizer.authorizerId, - authorizationType: 'CUSTOM', - }; - } -} - -/** - * constructs the authorizerURIArn. - */ -function lambdaAuthorizerArn(handler: IFunction) { - return `arn:${Stack.of(handler).partition}:apigateway:${Stack.of(handler).region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`; -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/user-pool.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/user-pool.ts deleted file mode 100644 index 7cf9a894ac542..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/http/user-pool.ts +++ /dev/null @@ -1,74 +0,0 @@ -import { HttpAuthorizer, HttpAuthorizerType, HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { IUserPool, IUserPoolClient } from 'aws-cdk-lib/aws-cognito'; -import { Stack } from 'aws-cdk-lib/core'; - -/** - * Properties to initialize HttpUserPoolAuthorizer. - */ -export interface HttpUserPoolAuthorizerProps { - /** - * The user pool clients that should be used to authorize requests with the user pool. - * @default - a new client will be created for the given user pool - */ - readonly userPoolClients?: IUserPoolClient[]; - - /** - * The AWS region in which the user pool is present - * @default - same region as the Route the authorizer is attached to. - */ - readonly userPoolRegion?: string; - - /** - * Friendly name of the authorizer - * @default - same value as `id` passed in the constructor - */ - readonly authorizerName?: string; - - /** - * The identity source for which authorization is requested. - * - * @default ['$request.header.Authorization'] - */ - readonly identitySource?: string[]; -} - -/** - * Authorize Http Api routes on whether the requester is registered as part of - * an AWS Cognito user pool. - */ -export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer { - private authorizer?: HttpAuthorizer; - - /** - * Initialize a Cognito user pool authorizer to be bound with HTTP route. - * @param id The id of the underlying construct - * @param pool The user pool to use for authorization - * @param props Properties to configure the authorizer - */ - constructor( - private readonly id: string, - private readonly pool: IUserPool, - private readonly props: HttpUserPoolAuthorizerProps = {}) { - } - - public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { - if (!this.authorizer) { - const region = this.props.userPoolRegion ?? Stack.of(options.scope).region; - const clients = this.props.userPoolClients ?? [this.pool.addClient('UserPoolAuthorizerClient')]; - - this.authorizer = new HttpAuthorizer(options.scope, this.id, { - httpApi: options.route.httpApi, - identitySource: this.props.identitySource ?? ['$request.header.Authorization'], - type: HttpAuthorizerType.JWT, - authorizerName: this.props.authorizerName ?? this.id, - jwtAudience: clients.map((c) => c.userPoolClientId), - jwtIssuer: `https://cognito-idp.${region}.amazonaws.com/${this.pool.userPoolId}`, - }); - } - - return { - authorizerId: this.authorizer.authorizerId, - authorizationType: 'JWT', - }; - } -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/index.ts deleted file mode 100644 index fd16aff655ff2..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/index.ts +++ /dev/null @@ -1,2 +0,0 @@ -export * from './http'; -export * from './websocket'; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/iam.ts deleted file mode 100644 index d215f64988c66..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/iam.ts +++ /dev/null @@ -1,19 +0,0 @@ -import { - WebSocketAuthorizerType, - WebSocketRouteAuthorizerBindOptions, - WebSocketRouteAuthorizerConfig, - IWebSocketRouteAuthorizer, -} from '@aws-cdk/aws-apigatewayv2-alpha'; - -/** - * Authorize WebSocket API Routes with IAM - */ -export class WebSocketIamAuthorizer implements IWebSocketRouteAuthorizer { - public bind( - _options: WebSocketRouteAuthorizerBindOptions, - ): WebSocketRouteAuthorizerConfig { - return { - authorizationType: WebSocketAuthorizerType.IAM, - }; - } -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/index.ts deleted file mode 100644 index 645c9d0758583..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/index.ts +++ /dev/null @@ -1,2 +0,0 @@ -export * from './lambda'; -export * from './iam'; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/lambda.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/lambda.ts deleted file mode 100644 index b02769d2a40c6..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/lib/websocket/lambda.ts +++ /dev/null @@ -1,90 +0,0 @@ -import { - WebSocketAuthorizer, - WebSocketAuthorizerType, - WebSocketRouteAuthorizerBindOptions, - WebSocketRouteAuthorizerConfig, - IWebSocketRouteAuthorizer, - IWebSocketApi, -} from '@aws-cdk/aws-apigatewayv2-alpha'; -import { ServicePrincipal } from 'aws-cdk-lib/aws-iam'; -import { IFunction } from 'aws-cdk-lib/aws-lambda'; -import { Stack, Names } from 'aws-cdk-lib/core'; -import { Construct } from 'constructs'; - -/** - * Properties to initialize WebSocketTokenAuthorizer. - */ -export interface WebSocketLambdaAuthorizerProps { - - /** - * The name of the authorizer - * @default - same value as `id` passed in the constructor. - */ - readonly authorizerName?: string; - - /** - * The identity source for which authorization is requested. - * - * Request parameter match `'route.request.querystring|header.[a-zA-z0-9._-]+'`. - * Staged variable match `'stageVariables.[a-zA-Z0-9._-]+'`. - * Context parameter match `'context.[a-zA-Z0-9._-]+'`. - * - * @default ['route.request.header.Authorization'] - */ - readonly identitySource?: string[]; -} - -/** - * Authorize WebSocket Api routes via a lambda function - */ -export class WebSocketLambdaAuthorizer implements IWebSocketRouteAuthorizer { - private authorizer?: WebSocketAuthorizer; - private webSocketApi?: IWebSocketApi; - - constructor( - private readonly id: string, - private readonly handler: IFunction, - private readonly props: WebSocketLambdaAuthorizerProps = {}) { - } - - public bind(options: WebSocketRouteAuthorizerBindOptions): WebSocketRouteAuthorizerConfig { - if (this.webSocketApi && (this.webSocketApi.apiId !== options.route.webSocketApi.apiId)) { - throw new Error('Cannot attach the same authorizer to multiple Apis'); - } - - if (!this.authorizer) { - this.webSocketApi = options.route.webSocketApi; - this.authorizer = new WebSocketAuthorizer(options.scope, this.id, { - webSocketApi: options.route.webSocketApi, - identitySource: this.props.identitySource ?? [ - 'route.request.header.Authorization', - ], - type: WebSocketAuthorizerType.LAMBDA, - authorizerName: this.props.authorizerName ?? this.id, - authorizerUri: lambdaAuthorizerArn(this.handler), - }); - - this.handler.addPermission(`${Names.nodeUniqueId(this.authorizer.node)}-Permission`, { - scope: options.scope as Construct, - principal: new ServicePrincipal('apigateway.amazonaws.com'), - sourceArn: Stack.of(options.route).formatArn({ - service: 'execute-api', - resource: options.route.webSocketApi.apiId, - resourceName: `authorizers/${this.authorizer.authorizerId}`, - }), - }); - } - - return { - authorizerId: this.authorizer.authorizerId, - authorizationType: 'CUSTOM', - }; - } -} - -/** - * constructs the authorizerURIArn. - */ -function lambdaAuthorizerArn(handler: IFunction) { - return `arn:${Stack.of(handler).partition}:apigateway:${Stack.of(handler).region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`; -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/package.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/package.json deleted file mode 100644 index 85f0d47762832..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/package.json +++ /dev/null @@ -1,121 +0,0 @@ -{ - "name": "@aws-cdk/aws-apigatewayv2-authorizers-alpha", - "version": "0.0.0", - "description": "This module is deprecated. All constructs are now available under aws-cdk-lib/aws-apigatewayv2-authorizers", - "main": "lib/index.js", - "types": "lib/index.d.ts", - "jsii": { - "outdir": "dist", - "targets": { - "dotnet": { - "namespace": "Amazon.CDK.AWS.Apigatewayv2.Authorizers.Alpha", - "packageId": "Amazon.CDK.AWS.APIGatewayv2.Authorizers.Alpha", - "signAssembly": true, - "assemblyOriginatorKeyFile": "../../key.snk", - "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/main/logo/default-256-dark.png" - }, - "java": { - "package": "software.amazon.awscdk.services.apigatewayv2.authorizers.alpha", - "maven": { - "groupId": "software.amazon.awscdk", - "artifactId": "apigatewayv2-authorizers-alpha" - } - }, - "python": { - "distName": "aws-cdk.aws-apigatewayv2-authorizers-alpha", - "module": "aws_cdk.aws_apigatewayv2_authorizers_alpha", - "classifiers": [ - "Framework :: AWS CDK", - "Framework :: AWS CDK :: 2" - ] - }, - "go": { - "moduleName": "github.com/aws/aws-cdk-go", - "packageName": "awscdkapigatewayv2authorizersalpha" - } - }, - "projectReferences": true, - "metadata": { - "jsii": { - "rosetta": { - "strict": true - } - } - } - }, - "repository": { - "type": "git", - "url": "https://github.com/aws/aws-cdk.git", - "directory": "packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha" - }, - "homepage": "https://github.com/aws/aws-cdk", - "scripts": { - "build": "cdk-build", - "integ": "integ-runner", - "lint": "cdk-lint", - "package": "cdk-package", - "awslint": "cdk-awslint", - "pkglint": "pkglint -f", - "test": "cdk-test", - "watch": "cdk-watch", - "compat": "cdk-compat", - "build+test": "yarn build && yarn test", - "build+test+package": "yarn build+test && yarn package", - "rosetta:extract": "yarn --silent jsii-rosetta extract", - "build+extract": "yarn build && yarn rosetta:extract", - "build+test+extract": "yarn build+test && yarn rosetta:extract" - }, - "cdk-build": { - "env": { - "AWSLINT_BASE_CONSTRUCT": true - } - }, - "keywords": [ - "aws", - "cdk", - "constructs", - "apigateway" - ], - "author": { - "name": "Amazon Web Services", - "url": "https://aws.amazon.com", - "organization": true - }, - "license": "Apache-2.0", - "devDependencies": { - "@aws-cdk/cdk-build-tools": "0.0.0", - "@aws-cdk/integ-runner": "0.0.0", - "@aws-cdk/pkglint": "0.0.0", - "@types/aws-lambda": "^8.10.126", - "@types/jest": "^29.5.8", - "aws-cdk-lib": "0.0.0", - "constructs": "^10.0.0", - "@aws-cdk/aws-apigatewayv2-integrations-alpha": "0.0.0", - "@aws-cdk/integ-tests-alpha": "0.0.0", - "@aws-cdk/aws-apigatewayv2-alpha": "0.0.0" - }, - "dependencies": {}, - "peerDependencies": { - "@aws-cdk/aws-apigatewayv2-alpha": "0.0.0", - "aws-cdk-lib": "^0.0.0", - "constructs": "^10.0.0" - }, - "engines": { - "node": ">= 14.15.0" - }, - "stability": "deprecated", - "maturity": "deprecated", - "awscdkio": { - "announce": false - }, - "publishConfig": { - "tag": "latest" - }, - "private": false, - "pkglint": { - "exclude": [ - "naming/package-matches-directory", - "assert/assert-dependency" - ] - } -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/rosetta/default.ts-fixture deleted file mode 100644 index cfd71b43ab440..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/rosetta/default.ts-fixture +++ /dev/null @@ -1,14 +0,0 @@ -// Fixture with packages imported, but nothing else -import { Construct } from 'constructs'; -import { Duration, Stack } from 'aws-cdk-lib'; -import * as apigwv2 from '@aws-cdk/aws-apigatewayv2-alpha'; -import * as iam from 'aws-cdk-lib/aws-iam'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; - -class Fixture extends Stack { - constructor(scope: Construct, id: string) { - super(scope, id); - - /// here - } -} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/auth-handler/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/auth-handler/index.ts deleted file mode 100644 index f08c1bdb1b42a..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/auth-handler/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: AWSLambda.APIGatewayProxyEventV2) => { - const key = event.headers['x-api-key']; - - return { - isAuthorized: key === '123', - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json deleted file mode 100644 index 74abed7feb6b7..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "31.0.0", - "files": { - "b46d250c47897b59c971b488d6f6bb6f29b101efdb994a0f5e4e547b8dafb886": { - "source": { - "path": "IntegApiGatewayV2Iam.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b46d250c47897b59c971b488d6f6bb6f29b101efdb994a0f5e4e547b8dafb886.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json deleted file mode 100644 index d7c4c472efe1c..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json +++ /dev/null @@ -1,244 +0,0 @@ -{ - "Resources": { - "User00B015A1": { - "Type": "AWS::IAM::User" - }, - "UserDefaultPolicy1F97781E": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "execute-api:Invoke", - "Effect": "Allow", - "Resource": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "HttpApiF5A9A8A7" - }, - "/*/*/books/*" - ] - ] - }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "HttpApiF5A9A8A7" - }, - "/*/*/foo" - ] - ] - } - ] - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "UserDefaultPolicy1F97781E", - "Users": [ - { - "Ref": "User00B015A1" - } - ] - } - }, - "UserAccessEC42ADF7": { - "Type": "AWS::IAM::AccessKey", - "Properties": { - "UserName": { - "Ref": "User00B015A1" - } - } - }, - "HttpApiF5A9A8A7": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "HttpApi", - "ProtocolType": "HTTP" - } - }, - "HttpApiDefaultStage3EEB07D6": { - "Type": "AWS::ApiGatewayV2::Stage", - "Properties": { - "ApiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "StageName": "$default", - "AutoDeploy": true - } - }, - "HttpApiANYfooexamplecom903F7A9F": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "IntegrationType": "HTTP_PROXY", - "IntegrationMethod": "GET", - "IntegrationUri": "https://www.example.com/", - "PayloadFormatVersion": "1.0" - } - }, - "HttpApiANYfooD178456F": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "RouteKey": "ANY /foo", - "AuthorizationType": "AWS_IAM", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "HttpApiANYfooexamplecom903F7A9F" - } - ] - ] - } - } - }, - "HttpApiANYbooksbookexamplecom5C333C98": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "IntegrationType": "HTTP_PROXY", - "IntegrationMethod": "GET", - "IntegrationUri": "https://www.example.com/", - "PayloadFormatVersion": "1.0" - } - }, - "HttpApiANYbooksbook2F78361C": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "RouteKey": "ANY /books/{book}", - "AuthorizationType": "AWS_IAM", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "HttpApiANYbooksbookexamplecom5C333C98" - } - ] - ] - } - } - } - }, - "Outputs": { - "API": { - "Value": { - "Fn::Join": [ - "", - [ - "https://", - { - "Ref": "HttpApiF5A9A8A7" - }, - ".execute-api.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - }, - "/" - ] - ] - } - }, - "TESTACCESSKEYID": { - "Value": { - "Ref": "UserAccessEC42ADF7" - } - }, - "TESTSECRETACCESSKEY": { - "Value": { - "Fn::GetAtt": [ - "UserAccessEC42ADF7", - "SecretAccessKey" - ] - } - }, - "TESTREGION": { - "Value": { - "Ref": "AWS::Region" - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/cdk.out deleted file mode 100644 index 7925065efbcc4..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"31.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/integ.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/integ.json deleted file mode 100644 index 64427a625e094..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/integ.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "version": "31.0.0", - "testCases": { - "integ.iam": { - "stacks": [ - "IntegApiGatewayV2Iam" - ], - "diffAssets": false, - "stackUpdateWorkflow": true - } - }, - "synthContext": {}, - "enableLookups": false -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/manifest.json deleted file mode 100644 index 06badcf08c3d7..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/manifest.json +++ /dev/null @@ -1,136 +0,0 @@ -{ - "version": "31.0.0", - "artifacts": { - "IntegApiGatewayV2Iam.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "IntegApiGatewayV2Iam.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "IntegApiGatewayV2Iam": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "IntegApiGatewayV2Iam.template.json", - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b46d250c47897b59c971b488d6f6bb6f29b101efdb994a0f5e4e547b8dafb886.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "IntegApiGatewayV2Iam.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "IntegApiGatewayV2Iam.assets" - ], - "metadata": { - "/IntegApiGatewayV2Iam/User/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "User00B015A1" - } - ], - "/IntegApiGatewayV2Iam/User/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "UserDefaultPolicy1F97781E" - } - ], - "/IntegApiGatewayV2Iam/UserAccess/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "UserAccessEC42ADF7" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiF5A9A8A7" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/DefaultStage/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiDefaultStage3EEB07D6" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/ANY--foo/examplecom/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiANYfooexamplecom903F7A9F" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/ANY--foo/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiANYfooD178456F" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}/examplecom/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiANYbooksbookexamplecom5C333C98" - } - ], - "/IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "HttpApiANYbooksbook2F78361C" - } - ], - "/IntegApiGatewayV2Iam/API": [ - { - "type": "aws:cdk:logicalId", - "data": "API" - } - ], - "/IntegApiGatewayV2Iam/TESTACCESSKEYID": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTACCESSKEYID" - } - ], - "/IntegApiGatewayV2Iam/TESTSECRETACCESSKEY": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTSECRETACCESSKEY" - } - ], - "/IntegApiGatewayV2Iam/TESTREGION": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTREGION" - } - ], - "/IntegApiGatewayV2Iam/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/IntegApiGatewayV2Iam/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "IntegApiGatewayV2Iam" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/tree.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/tree.json deleted file mode 100644 index de507bb4580eb..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.js.snapshot/tree.json +++ /dev/null @@ -1,406 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "IntegApiGatewayV2Iam": { - "id": "IntegApiGatewayV2Iam", - "path": "IntegApiGatewayV2Iam", - "children": { - "User": { - "id": "User", - "path": "IntegApiGatewayV2Iam/User", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/User/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::User", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnUser", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "IntegApiGatewayV2Iam/User/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/User/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": "execute-api:Invoke", - "Effect": "Allow", - "Resource": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "HttpApiF5A9A8A7" - }, - "/*/*/books/*" - ] - ] - }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "HttpApiF5A9A8A7" - }, - "/*/*/foo" - ] - ] - } - ] - } - ], - "Version": "2012-10-17" - }, - "policyName": "UserDefaultPolicy1F97781E", - "users": [ - { - "Ref": "User00B015A1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.User", - "version": "0.0.0" - } - }, - "UserAccess": { - "id": "UserAccess", - "path": "IntegApiGatewayV2Iam/UserAccess", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/UserAccess/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::AccessKey", - "aws:cdk:cloudformation:props": { - "userName": { - "Ref": "User00B015A1" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnAccessKey", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.AccessKey", - "version": "0.0.0" - } - }, - "HttpApi": { - "id": "HttpApi", - "path": "IntegApiGatewayV2Iam/HttpApi", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "HttpApi", - "protocolType": "HTTP" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "DefaultStage": { - "id": "DefaultStage", - "path": "IntegApiGatewayV2Iam/HttpApi/DefaultStage", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/DefaultStage/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Stage", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "stageName": "$default", - "autoDeploy": true - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnStage", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", - "version": "0.0.0" - } - }, - "ANY--foo": { - "id": "ANY--foo", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--foo", - "children": { - "examplecom": { - "id": "examplecom", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--foo/examplecom", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--foo/examplecom/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "integrationType": "HTTP_PROXY", - "integrationMethod": "GET", - "integrationUri": "https://www.example.com/", - "payloadFormatVersion": "1.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--foo/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "routeKey": "ANY /foo", - "authorizationType": "AWS_IAM", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "HttpApiANYfooexamplecom903F7A9F" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - }, - "ANY--books--{book}": { - "id": "ANY--books--{book}", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}", - "children": { - "examplecom": { - "id": "examplecom", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}/examplecom", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}/examplecom/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "integrationType": "HTTP_PROXY", - "integrationMethod": "GET", - "integrationUri": "https://www.example.com/", - "payloadFormatVersion": "1.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/HttpApi/ANY--books--{book}/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "HttpApiF5A9A8A7" - }, - "routeKey": "ANY /books/{book}", - "authorizationType": "AWS_IAM", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "HttpApiANYbooksbookexamplecom5C333C98" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", - "version": "0.0.0" - } - }, - "API": { - "id": "API", - "path": "IntegApiGatewayV2Iam/API", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "TESTACCESSKEYID": { - "id": "TESTACCESSKEYID", - "path": "IntegApiGatewayV2Iam/TESTACCESSKEYID", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "TESTSECRETACCESSKEY": { - "id": "TESTSECRETACCESSKEY", - "path": "IntegApiGatewayV2Iam/TESTSECRETACCESSKEY", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "TESTREGION": { - "id": "TESTREGION", - "path": "IntegApiGatewayV2Iam/TESTREGION", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "IntegApiGatewayV2Iam/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "IntegApiGatewayV2Iam/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.ts deleted file mode 100644 index e369c5723fd1f..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.iam.ts +++ /dev/null @@ -1,69 +0,0 @@ -import * as apigatewayv2 from '@aws-cdk/aws-apigatewayv2-alpha'; -import * as iam from 'aws-cdk-lib/aws-iam'; -import * as cdk from 'aws-cdk-lib'; -import { HttpIamAuthorizer } from '../../lib'; - -class ExampleComIntegration extends apigatewayv2.HttpRouteIntegration { - public bind(): apigatewayv2.HttpRouteIntegrationConfig { - return { - type: apigatewayv2.HttpIntegrationType.HTTP_PROXY, - payloadFormatVersion: apigatewayv2.PayloadFormatVersion.VERSION_1_0, - method: apigatewayv2.HttpMethod.GET, - uri: 'https://www.example.com/', - }; - } -} - -const app = new cdk.App(); -const stack = new cdk.Stack(app, 'IntegApiGatewayV2Iam'); -const user = new iam.User(stack, 'User'); -const userAccessKey = new iam.AccessKey(stack, 'UserAccess', { - user, -}); - -const httpApi = new apigatewayv2.HttpApi(stack, 'HttpApi', { - defaultAuthorizer: new HttpIamAuthorizer(), -}); - -const [fooRoute] = httpApi.addRoutes({ - integration: new ExampleComIntegration('examplecom'), - path: '/foo', -}); - -fooRoute.grantInvoke(user); - -const [booksRoute] = httpApi.addRoutes({ - integration: new ExampleComIntegration('examplecom'), - path: '/books/{book}', -}); - -booksRoute.grantInvoke(user); - -new cdk.CfnOutput(stack, 'API', { - value: httpApi.url!, -}); - -new cdk.CfnOutput(stack, 'TESTACCESSKEYID', { - value: userAccessKey.accessKeyId, -}); - -new cdk.CfnOutput(stack, 'TESTSECRETACCESSKEY', { - value: userAccessKey.secretAccessKey.unsafeUnwrap(), -}); - -new cdk.CfnOutput(stack, 'TESTREGION', { - value: stack.region, -}); - -/* - * Stack verification steps: - * * Get cURL version 7.75.0 or later so you can use the --aws-sigv4 option - * * Curl /foo without sigv4 and expect a 403 - * * Curl /books/something without sigv4 and expect a 403 - * * Curl /foo with sigv4 from the authorized user and expect 200 - * * Curl /books/something with sigv4 from the authorized user and expect 200 - * - * Reference: - * * Using cURL 7.75.0 or later via the official docker image: docker run --rm curlimages/curl -s -o/dev/null -w"%{http_code}" - * * Args to enable sigv4 with authorized credentials: --user "$TESTACCESSKEYID:$TESTSECRETACCESSKEY" --aws-sigv4 "aws:amz:$TESTREGION:execute-api" - */ diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json deleted file mode 100644 index 08bff1e7a6f72..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json +++ /dev/null @@ -1,45 +0,0 @@ -{ - "version": "34.0.0", - "files": { - "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64": { - "source": { - "path": "asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64", - "packaging": "zip" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - }, - "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8": { - "source": { - "path": "asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler", - "packaging": "zip" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - }, - "1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553": { - "source": { - "path": "AuthorizerInteg.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json deleted file mode 100644 index 002fb57113411..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json +++ /dev/null @@ -1,536 +0,0 @@ -{ - "Resources": { - "authfunctionServiceRoleFCB72198": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "authfunction96361832": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "S3Key": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip" - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "authfunctionServiceRoleFCB72198", - "Arn" - ] - }, - "Runtime": "nodejs18.x" - }, - "DependsOn": [ - "authfunctionServiceRoleFCB72198" - ] - }, - "MyHttpApi8AEAAC21": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "MyHttpApi", - "ProtocolType": "HTTP" - } - }, - "MyHttpApiDefaultStageDCB9BC49": { - "Type": "AWS::ApiGatewayV2::Stage", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AutoDeploy": true, - "StageName": "$default" - } - }, - "MyHttpApiGETRootIntegration5068C5B0": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "IntegrationType": "AWS_PROXY", - "IntegrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "PayloadFormatVersion": "2.0" - } - }, - "MyHttpApiGETRootIntegrationPermission81613491": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/*/*/" - ] - ] - } - } - }, - "MyHttpApiGETE0EFC6F8": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AuthorizationType": "CUSTOM", - "AuthorizerId": { - "Ref": "MyHttpApiLambdaAuthorizerB8A0E2A4" - }, - "RouteKey": "GET /", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "MyHttpApiGETRootIntegration5068C5B0" - } - ] - ] - } - } - }, - "MyHttpApiLambdaAuthorizerB8A0E2A4": { - "Type": "AWS::ApiGatewayV2::Authorizer", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AuthorizerPayloadFormatVersion": "2.0", - "AuthorizerResultTtlInSeconds": 300, - "AuthorizerType": "REQUEST", - "AuthorizerUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - }, - "EnableSimpleResponses": true, - "IdentitySource": [ - "$request.header.X-API-Key" - ], - "Name": "my-simple-authorizer" - } - }, - "MyHttpApiAuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7Permission82260331": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/authorizers/", - { - "Ref": "MyHttpApiLambdaAuthorizerB8A0E2A4" - } - ] - ] - } - } - }, - "MyHttpApiWithDefaultAuthorizerE08800A1": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "MyHttpApiWithDefaultAuthorizer", - "ProtocolType": "HTTP" - } - }, - "MyHttpApiWithDefaultAuthorizerDefaultStage7A9EE9B6": { - "Type": "AWS::ApiGatewayV2::Stage", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AutoDeploy": true, - "StageName": "$default" - } - }, - "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65": { - "Type": "AWS::ApiGatewayV2::Authorizer", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AuthorizerPayloadFormatVersion": "2.0", - "AuthorizerResultTtlInSeconds": 300, - "AuthorizerType": "REQUEST", - "AuthorizerUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - }, - "EnableSimpleResponses": true, - "IdentitySource": [ - "$request.header.X-API-Key" - ], - "Name": "my-simple-authorizer" - } - }, - "MyHttpApiWithDefaultAuthorizerAuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35Permission700DB59D": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/authorizers/", - { - "Ref": "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65" - } - ] - ] - } - } - }, - "lambdaServiceRole494E4CA6": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "lambda8B5974B5": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "S3Key": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip" - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "lambdaServiceRole494E4CA6", - "Arn" - ] - }, - "Runtime": "nodejs18.x" - }, - "DependsOn": [ - "lambdaServiceRole494E4CA6" - ] - }, - "RouteRootIntegration1CF58575": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "IntegrationType": "AWS_PROXY", - "IntegrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "PayloadFormatVersion": "2.0" - } - }, - "RouteRootIntegrationPermissionC2C15701": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/*/*/v1/mything/{proxy+}" - ] - ] - } - } - }, - "RouteA67450D2": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AuthorizationType": "CUSTOM", - "AuthorizerId": { - "Ref": "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65" - }, - "RouteKey": "ANY /v1/mything/{proxy+}", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "RouteRootIntegration1CF58575" - } - ] - ] - } - } - } - }, - "Outputs": { - "URL": { - "Value": { - "Fn::Join": [ - "", - [ - "https://", - { - "Ref": "MyHttpApi8AEAAC21" - }, - ".execute-api.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - }, - "/" - ] - ] - } - }, - "URLWithDefaultAuthorizer": { - "Value": { - "Fn::Join": [ - "", - [ - "https://", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - ".execute-api.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - }, - "/" - ] - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts deleted file mode 100644 index e56796aad72e3..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts +++ /dev/null @@ -1,7 +0,0 @@ -export declare const handler: () => Promise<{ - statusCode: number; - body: string; - headers: { - 'Content-Type': string; - }; -}>; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js deleted file mode 100644 index 7d76216c7ee0a..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js +++ /dev/null @@ -1,14 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async () => { - return { - statusCode: 200, - body: JSON.stringify({ message: 'Hello from authenticated lambda' }), - headers: { - 'Content-Type': 'application/json', - }, - }; -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBTyxNQUFNLE9BQU8sR0FBRyxLQUFLLElBQUksRUFBRTtJQUNoQyxPQUFPO1FBQ0wsVUFBVSxFQUFFLEdBQUc7UUFDZixJQUFJLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLE9BQU8sRUFBRSxpQ0FBaUMsRUFBRSxDQUFDO1FBQ3BFLE9BQU8sRUFBRTtZQUNQLGNBQWMsRUFBRSxrQkFBa0I7U0FDbkM7S0FDRixDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBUlcsUUFBQSxPQUFPLFdBUWxCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoKSA9PiB7XG4gIHJldHVybiB7XG4gICAgc3RhdHVzQ29kZTogMjAwLFxuICAgIGJvZHk6IEpTT04uc3RyaW5naWZ5KHsgbWVzc2FnZTogJ0hlbGxvIGZyb20gYXV0aGVudGljYXRlZCBsYW1iZGEnIH0pLFxuICAgIGhlYWRlcnM6IHtcbiAgICAgICdDb250ZW50LVR5cGUnOiAnYXBwbGljYXRpb24vanNvbicsXG4gICAgfSxcbiAgfTtcbn07Il19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts deleted file mode 100644 index def194e303e1e..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -export const handler = async () => { - return { - statusCode: 200, - body: JSON.stringify({ message: 'Hello from authenticated lambda' }), - headers: { - 'Content-Type': 'application/json', - }, - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts deleted file mode 100644 index 6bd63fa6af1d0..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts +++ /dev/null @@ -1,3 +0,0 @@ -export declare const handler: (event: import("aws-lambda").APIGatewayProxyEventV2) => Promise<{ - isAuthorized: boolean; -}>; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js deleted file mode 100644 index 1ce5c01da6d56..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js +++ /dev/null @@ -1,12 +0,0 @@ -"use strict"; -/* eslint-disable no-console */ -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async (event) => { - const key = event.headers['x-api-key']; - return { - isAuthorized: key === '123', - }; -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsK0JBQStCOzs7QUFFeEIsTUFBTSxPQUFPLEdBQUcsS0FBSyxFQUFFLEtBQXVDLEVBQUUsRUFBRTtJQUN2RSxNQUFNLEdBQUcsR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRXZDLE9BQU87UUFDTCxZQUFZLEVBQUUsR0FBRyxLQUFLLEtBQUs7S0FDNUIsQ0FBQztBQUNKLENBQUMsQ0FBQztBQU5XLFFBQUEsT0FBTyxXQU1sQiIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoZXZlbnQ6IEFXU0xhbWJkYS5BUElHYXRld2F5UHJveHlFdmVudFYyKSA9PiB7XG4gIGNvbnN0IGtleSA9IGV2ZW50LmhlYWRlcnNbJ3gtYXBpLWtleSddO1xuXG4gIHJldHVybiB7XG4gICAgaXNBdXRob3JpemVkOiBrZXkgPT09ICcxMjMnLFxuICB9O1xufTsiXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts deleted file mode 100644 index f08c1bdb1b42a..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: AWSLambda.APIGatewayProxyEventV2) => { - const key = event.headers['x-api-key']; - - return { - isAuthorized: key === '123', - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/cdk.out deleted file mode 100644 index 2313ab5436501..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/integ.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/integ.json deleted file mode 100644 index 14ebc70ec9ca2..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/integ.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "version": "34.0.0", - "testCases": { - "integ.lambda": { - "stacks": [ - "AuthorizerInteg" - ], - "diffAssets": false, - "stackUpdateWorkflow": true - } - }, - "synthContext": {}, - "enableLookups": false -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/manifest.json deleted file mode 100644 index 9636d2c7f226b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/manifest.json +++ /dev/null @@ -1,179 +0,0 @@ -{ - "version": "34.0.0", - "artifacts": { - "AuthorizerInteg.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "AuthorizerInteg.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "AuthorizerInteg": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "AuthorizerInteg.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "AuthorizerInteg.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "AuthorizerInteg.assets" - ], - "metadata": { - "/AuthorizerInteg/auth-function/ServiceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "authfunctionServiceRoleFCB72198" - } - ], - "/AuthorizerInteg/auth-function/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "authfunction96361832" - } - ], - "/AuthorizerInteg/MyHttpApi/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApi8AEAAC21" - } - ], - "/AuthorizerInteg/MyHttpApi/DefaultStage/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiDefaultStageDCB9BC49" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/RootIntegration/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETRootIntegration5068C5B0" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/RootIntegration-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETRootIntegrationPermission81613491" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETE0EFC6F8" - } - ], - "/AuthorizerInteg/MyHttpApi/LambdaAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiLambdaAuthorizerB8A0E2A4" - } - ], - "/AuthorizerInteg/MyHttpApi/AuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiAuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7Permission82260331" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerE08800A1" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerDefaultStage7A9EE9B6" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/LambdaDefaultAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/AuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerAuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35Permission700DB59D" - } - ], - "/AuthorizerInteg/lambda/ServiceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "lambdaServiceRole494E4CA6" - } - ], - "/AuthorizerInteg/lambda/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "lambda8B5974B5" - } - ], - "/AuthorizerInteg/Route/RootIntegration/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteRootIntegration1CF58575" - } - ], - "/AuthorizerInteg/Route/RootIntegration-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteRootIntegrationPermissionC2C15701" - } - ], - "/AuthorizerInteg/Route/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteA67450D2" - } - ], - "/AuthorizerInteg/URL": [ - { - "type": "aws:cdk:logicalId", - "data": "URL" - } - ], - "/AuthorizerInteg/URLWithDefaultAuthorizer": [ - { - "type": "aws:cdk:logicalId", - "data": "URLWithDefaultAuthorizer" - } - ], - "/AuthorizerInteg/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/AuthorizerInteg/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "AuthorizerInteg" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/tree.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/tree.json deleted file mode 100644 index 08ec1606edb94..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.js.snapshot/tree.json +++ /dev/null @@ -1,861 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "AuthorizerInteg": { - "id": "AuthorizerInteg", - "path": "AuthorizerInteg", - "children": { - "auth-function": { - "id": "auth-function", - "path": "AuthorizerInteg/auth-function", - "children": { - "ServiceRole": { - "id": "ServiceRole", - "path": "AuthorizerInteg/auth-function/ServiceRole", - "children": { - "ImportServiceRole": { - "id": "ImportServiceRole", - "path": "AuthorizerInteg/auth-function/ServiceRole/ImportServiceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/auth-function/ServiceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Code": { - "id": "Code", - "path": "AuthorizerInteg/auth-function/Code", - "children": { - "Stage": { - "id": "Stage", - "path": "AuthorizerInteg/auth-function/Code/Stage", - "constructInfo": { - "fqn": "aws-cdk-lib.AssetStaging", - "version": "0.0.0" - } - }, - "AssetBucket": { - "id": "AssetBucket", - "path": "AuthorizerInteg/auth-function/Code/AssetBucket", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3.BucketBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3_assets.Asset", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/auth-function/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Function", - "aws:cdk:cloudformation:props": { - "code": { - "s3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "s3Key": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip" - }, - "handler": "index.handler", - "role": { - "Fn::GetAtt": [ - "authfunctionServiceRoleFCB72198", - "Arn" - ] - }, - "runtime": "nodejs18.x" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.Function", - "version": "0.0.0" - } - }, - "MyHttpApi": { - "id": "MyHttpApi", - "path": "AuthorizerInteg/MyHttpApi", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "MyHttpApi", - "protocolType": "HTTP" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "DefaultStage": { - "id": "DefaultStage", - "path": "AuthorizerInteg/MyHttpApi/DefaultStage", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/DefaultStage/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Stage", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "autoDeploy": true, - "stageName": "$default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnStage", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", - "version": "0.0.0" - } - }, - "GET--": { - "id": "GET--", - "path": "AuthorizerInteg/MyHttpApi/GET--", - "children": { - "RootIntegration": { - "id": "RootIntegration", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegration", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegration/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "integrationType": "AWS_PROXY", - "integrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "payloadFormatVersion": "2.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "RootIntegration-Permission": { - "id": "RootIntegration-Permission", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegration-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/*/*/" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/GET--/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "authorizationType": "CUSTOM", - "authorizerId": { - "Ref": "MyHttpApiLambdaAuthorizerB8A0E2A4" - }, - "routeKey": "GET /", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "MyHttpApiGETRootIntegration5068C5B0" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - }, - "LambdaAuthorizer": { - "id": "LambdaAuthorizer", - "path": "AuthorizerInteg/MyHttpApi/LambdaAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/LambdaAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Authorizer", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "authorizerPayloadFormatVersion": "2.0", - "authorizerResultTtlInSeconds": 300, - "authorizerType": "REQUEST", - "authorizerUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - }, - "enableSimpleResponses": true, - "identitySource": [ - "$request.header.X-API-Key" - ], - "name": "my-simple-authorizer" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", - "version": "0.0.0" - } - }, - "AuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7-Permission": { - "id": "AuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7-Permission", - "path": "AuthorizerInteg/MyHttpApi/AuthorizerIntegMyHttpApiLambdaAuthorizerB89228D7-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/authorizers/", - { - "Ref": "MyHttpApiLambdaAuthorizerB8A0E2A4" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", - "version": "0.0.0" - } - }, - "MyHttpApiWithDefaultAuthorizer": { - "id": "MyHttpApiWithDefaultAuthorizer", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "MyHttpApiWithDefaultAuthorizer", - "protocolType": "HTTP" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "DefaultStage": { - "id": "DefaultStage", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Stage", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "autoDeploy": true, - "stageName": "$default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnStage", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", - "version": "0.0.0" - } - }, - "LambdaDefaultAuthorizer": { - "id": "LambdaDefaultAuthorizer", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/LambdaDefaultAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/LambdaDefaultAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Authorizer", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "authorizerPayloadFormatVersion": "2.0", - "authorizerResultTtlInSeconds": 300, - "authorizerType": "REQUEST", - "authorizerUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - }, - "enableSimpleResponses": true, - "identitySource": [ - "$request.header.X-API-Key" - ], - "name": "my-simple-authorizer" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", - "version": "0.0.0" - } - }, - "AuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35-Permission": { - "id": "AuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35-Permission", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/AuthorizerIntegMyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer1BC6EA35-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/authorizers/", - { - "Ref": "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", - "version": "0.0.0" - } - }, - "lambda": { - "id": "lambda", - "path": "AuthorizerInteg/lambda", - "children": { - "ServiceRole": { - "id": "ServiceRole", - "path": "AuthorizerInteg/lambda/ServiceRole", - "children": { - "ImportServiceRole": { - "id": "ImportServiceRole", - "path": "AuthorizerInteg/lambda/ServiceRole/ImportServiceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/lambda/ServiceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Code": { - "id": "Code", - "path": "AuthorizerInteg/lambda/Code", - "children": { - "Stage": { - "id": "Stage", - "path": "AuthorizerInteg/lambda/Code/Stage", - "constructInfo": { - "fqn": "aws-cdk-lib.AssetStaging", - "version": "0.0.0" - } - }, - "AssetBucket": { - "id": "AssetBucket", - "path": "AuthorizerInteg/lambda/Code/AssetBucket", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3.BucketBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3_assets.Asset", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/lambda/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Function", - "aws:cdk:cloudformation:props": { - "code": { - "s3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "s3Key": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip" - }, - "handler": "index.handler", - "role": { - "Fn::GetAtt": [ - "lambdaServiceRole494E4CA6", - "Arn" - ] - }, - "runtime": "nodejs18.x" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.Function", - "version": "0.0.0" - } - }, - "Route": { - "id": "Route", - "path": "AuthorizerInteg/Route", - "children": { - "RootIntegration": { - "id": "RootIntegration", - "path": "AuthorizerInteg/Route/RootIntegration", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/Route/RootIntegration/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "integrationType": "AWS_PROXY", - "integrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "payloadFormatVersion": "2.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "RootIntegration-Permission": { - "id": "RootIntegration-Permission", - "path": "AuthorizerInteg/Route/RootIntegration-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/*/*/v1/mything/{proxy+}" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/Route/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "authorizationType": "CUSTOM", - "authorizerId": { - "Ref": "MyHttpApiWithDefaultAuthorizerLambdaDefaultAuthorizer9D407E65" - }, - "routeKey": "ANY /v1/mything/{proxy+}", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "RouteRootIntegration1CF58575" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - }, - "URL": { - "id": "URL", - "path": "AuthorizerInteg/URL", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "URLWithDefaultAuthorizer": { - "id": "URLWithDefaultAuthorizer", - "path": "AuthorizerInteg/URLWithDefaultAuthorizer", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "AuthorizerInteg/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "AuthorizerInteg/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.ts deleted file mode 100644 index 3b6da9a8ee8e4..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.lambda.ts +++ /dev/null @@ -1,65 +0,0 @@ -import * as path from 'path'; -import { HttpApi, HttpMethod, HttpRoute, HttpRouteKey } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { HttpLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { App, Stack, CfnOutput } from 'aws-cdk-lib'; -import { HttpLambdaAuthorizer, HttpLambdaResponseType } from '../../lib'; - -/* - * Stack verification steps: - * * `curl -H 'X-API-Key: 123' ` should return 200 - * * `curl ` should return 401 - * * `curl -H 'X-API-Key: 1234' ` should return 403 - */ - -const app = new App(); -const stack = new Stack(app, 'AuthorizerInteg'); - -const authHandler = new lambda.Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_18_X, - handler: 'index.handler', - code: lambda.Code.fromAsset(path.join(__dirname, '../auth-handler')), -}); - -const authorizer = new HttpLambdaAuthorizer('LambdaAuthorizer', authHandler, { - authorizerName: 'my-simple-authorizer', - identitySource: ['$request.header.X-API-Key'], - responseTypes: [HttpLambdaResponseType.SIMPLE], -}); - -const defaultAuthorizer = new HttpLambdaAuthorizer('LambdaDefaultAuthorizer', authHandler, { - authorizerName: 'my-simple-authorizer', - identitySource: ['$request.header.X-API-Key'], - responseTypes: [HttpLambdaResponseType.SIMPLE], -}); - -const httpApi = new HttpApi(stack, 'MyHttpApi'); -const httpApiWithDefaultAuthorizer = new HttpApi(stack, 'MyHttpApiWithDefaultAuthorizer', { - defaultAuthorizer, -}); - -const handler = new lambda.Function(stack, 'lambda', { - runtime: lambda.Runtime.NODEJS_18_X, - handler: 'index.handler', - code: lambda.AssetCode.fromAsset(path.join(__dirname, '../integ.lambda.handler')), -}); - -httpApi.addRoutes({ - path: '/', - methods: [HttpMethod.GET], - integration: new HttpLambdaIntegration('RootIntegration', handler), - authorizer, -}); - -new HttpRoute(stack, 'Route', { - httpApi: httpApiWithDefaultAuthorizer, - routeKey: HttpRouteKey.with('/v1/mything/{proxy+}', HttpMethod.ANY), - integration: new HttpLambdaIntegration('RootIntegration', handler), -}); - -new CfnOutput(stack, 'URL', { - value: httpApi.url!, -}); -new CfnOutput(stack, 'URLWithDefaultAuthorizer', { - value: httpApiWithDefaultAuthorizer.url!, -}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json deleted file mode 100644 index 523c011b3c99d..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "version": "34.0.0", - "files": { - "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc": { - "source": { - "path": "asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler", - "packaging": "zip" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - }, - "8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978": { - "source": { - "path": "AuthorizerInteg.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json deleted file mode 100644 index e3d22ec70cf41..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json +++ /dev/null @@ -1,467 +0,0 @@ -{ - "Resources": { - "userpool0AC4AA96": { - "Type": "AWS::Cognito::UserPool", - "Properties": { - "AccountRecoverySetting": { - "RecoveryMechanisms": [ - { - "Name": "verified_phone_number", - "Priority": 1 - }, - { - "Name": "verified_email", - "Priority": 2 - } - ] - }, - "AdminCreateUserConfig": { - "AllowAdminCreateUserOnly": true - }, - "EmailVerificationMessage": "The verification code to your new account is {####}", - "EmailVerificationSubject": "Verify your new account", - "SmsVerificationMessage": "The verification code to your new account is {####}", - "VerificationMessageTemplate": { - "DefaultEmailOption": "CONFIRM_WITH_CODE", - "EmailMessage": "The verification code to your new account is {####}", - "EmailSubject": "Verify your new account", - "SmsMessage": "The verification code to your new account is {####}" - } - }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "userpoolUserPoolAuthorizerClient6A7486E8": { - "Type": "AWS::Cognito::UserPoolClient", - "Properties": { - "AllowedOAuthFlows": [ - "implicit", - "code" - ], - "AllowedOAuthFlowsUserPoolClient": true, - "AllowedOAuthScopes": [ - "profile", - "phone", - "email", - "openid", - "aws.cognito.signin.user.admin" - ], - "CallbackURLs": [ - "https://example.com" - ], - "SupportedIdentityProviders": [ - "COGNITO" - ], - "UserPoolId": { - "Ref": "userpool0AC4AA96" - } - } - }, - "userpoolForDefaultAuthorizerDFBE8E74": { - "Type": "AWS::Cognito::UserPool", - "Properties": { - "AccountRecoverySetting": { - "RecoveryMechanisms": [ - { - "Name": "verified_phone_number", - "Priority": 1 - }, - { - "Name": "verified_email", - "Priority": 2 - } - ] - }, - "AdminCreateUserConfig": { - "AllowAdminCreateUserOnly": true - }, - "EmailVerificationMessage": "The verification code to your new account is {####}", - "EmailVerificationSubject": "Verify your new account", - "SmsVerificationMessage": "The verification code to your new account is {####}", - "VerificationMessageTemplate": { - "DefaultEmailOption": "CONFIRM_WITH_CODE", - "EmailMessage": "The verification code to your new account is {####}", - "EmailSubject": "Verify your new account", - "SmsMessage": "The verification code to your new account is {####}" - } - }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "userpoolForDefaultAuthorizerUserPoolAuthorizerClient3AA110E7": { - "Type": "AWS::Cognito::UserPoolClient", - "Properties": { - "AllowedOAuthFlows": [ - "implicit", - "code" - ], - "AllowedOAuthFlowsUserPoolClient": true, - "AllowedOAuthScopes": [ - "profile", - "phone", - "email", - "openid", - "aws.cognito.signin.user.admin" - ], - "CallbackURLs": [ - "https://example.com" - ], - "SupportedIdentityProviders": [ - "COGNITO" - ], - "UserPoolId": { - "Ref": "userpoolForDefaultAuthorizerDFBE8E74" - } - } - }, - "MyHttpApi8AEAAC21": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "MyHttpApi", - "ProtocolType": "HTTP" - } - }, - "MyHttpApiDefaultStageDCB9BC49": { - "Type": "AWS::ApiGatewayV2::Stage", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AutoDeploy": true, - "StageName": "$default" - } - }, - "MyHttpApiGETRootIntegratin93150A89": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "IntegrationType": "AWS_PROXY", - "IntegrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "PayloadFormatVersion": "2.0" - } - }, - "MyHttpApiGETRootIntegratinPermissionCEEEB498": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/*/*/" - ] - ] - } - } - }, - "MyHttpApiGETE0EFC6F8": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AuthorizationType": "JWT", - "AuthorizerId": { - "Ref": "MyHttpApiUserPoolAuthorizer8754262B" - }, - "RouteKey": "GET /", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "MyHttpApiGETRootIntegratin93150A89" - } - ] - ] - } - } - }, - "MyHttpApiUserPoolAuthorizer8754262B": { - "Type": "AWS::ApiGatewayV2::Authorizer", - "Properties": { - "ApiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "AuthorizerType": "JWT", - "IdentitySource": [ - "$request.header.Authorization" - ], - "JwtConfiguration": { - "Audience": [ - { - "Ref": "userpoolUserPoolAuthorizerClient6A7486E8" - } - ], - "Issuer": { - "Fn::Join": [ - "", - [ - "https://cognito-idp.", - { - "Ref": "AWS::Region" - }, - ".amazonaws.com/", - { - "Ref": "userpool0AC4AA96" - } - ] - ] - } - }, - "Name": "UserPoolAuthorizer" - } - }, - "MyHttpApiWithDefaultAuthorizerE08800A1": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "MyHttpApiWithDefaultAuthorizer", - "ProtocolType": "HTTP" - } - }, - "MyHttpApiWithDefaultAuthorizerDefaultStage7A9EE9B6": { - "Type": "AWS::ApiGatewayV2::Stage", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AutoDeploy": true, - "StageName": "$default" - } - }, - "MyHttpApiWithDefaultAuthorizerUserPoolDefaultAuthorizerF10D4FFF": { - "Type": "AWS::ApiGatewayV2::Authorizer", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AuthorizerType": "JWT", - "IdentitySource": [ - "$request.header.Authorization" - ], - "JwtConfiguration": { - "Audience": [ - { - "Ref": "userpoolForDefaultAuthorizerUserPoolAuthorizerClient3AA110E7" - } - ], - "Issuer": { - "Fn::Join": [ - "", - [ - "https://cognito-idp.", - { - "Ref": "AWS::Region" - }, - ".amazonaws.com/", - { - "Ref": "userpoolForDefaultAuthorizerDFBE8E74" - } - ] - ] - } - }, - "Name": "UserPoolDefaultAuthorizer" - } - }, - "lambdaServiceRole494E4CA6": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "lambda8B5974B5": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "S3Key": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip" - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "lambdaServiceRole494E4CA6", - "Arn" - ] - }, - "Runtime": "nodejs18.x" - }, - "DependsOn": [ - "lambdaServiceRole494E4CA6" - ] - }, - "RouteRootIntegration1CF58575": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "IntegrationType": "AWS_PROXY", - "IntegrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "PayloadFormatVersion": "2.0" - } - }, - "RouteRootIntegrationPermissionC2C15701": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/*/*/v1/mything/{proxy+}" - ] - ] - } - } - }, - "RouteA67450D2": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "AuthorizationScopes": [ - "scope1", - "scope2" - ], - "AuthorizationType": "JWT", - "AuthorizerId": { - "Ref": "MyHttpApiWithDefaultAuthorizerUserPoolDefaultAuthorizerF10D4FFF" - }, - "RouteKey": "ANY /v1/mything/{proxy+}", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "RouteRootIntegration1CF58575" - } - ] - ] - } - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts deleted file mode 100644 index 8795919cf34fc..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare const handler: (event: any, _context?: any) => Promise; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js deleted file mode 100644 index 556121224d713..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js +++ /dev/null @@ -1,28 +0,0 @@ -"use strict"; -/* eslint-disable no-console */ -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async (event, _context = {}) => { - const authToken = event.authorizationToken; - console.log(`event.authorizationToken = ${authToken}`); - if (authToken === 'allow' || authToken === 'deny') { - return { - principalId: 'user', - policyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: authToken, - Resource: event.methodArn, - }, - ], - }, - }; - } - else { - throw new Error('Unauthorized'); - } -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsK0JBQStCOzs7QUFFeEIsTUFBTSxPQUFPLEdBQUcsS0FBSyxFQUFFLEtBQVUsRUFBRSxXQUFnQixFQUFFLEVBQWdCLEVBQUU7SUFDNUUsTUFBTSxTQUFTLEdBQVcsS0FBSyxDQUFDLGtCQUFrQixDQUFDO0lBQ25ELE9BQU8sQ0FBQyxHQUFHLENBQUMsOEJBQThCLFNBQVMsRUFBRSxDQUFDLENBQUM7SUFDdkQsSUFBSSxTQUFTLEtBQUssT0FBTyxJQUFJLFNBQVMsS0FBSyxNQUFNLEVBQUU7UUFDakQsT0FBTztZQUNMLFdBQVcsRUFBRSxNQUFNO1lBQ25CLGNBQWMsRUFBRTtnQkFDZCxPQUFPLEVBQUUsWUFBWTtnQkFDckIsU0FBUyxFQUFFO29CQUNUO3dCQUNFLE1BQU0sRUFBRSxvQkFBb0I7d0JBQzVCLE1BQU0sRUFBRSxTQUFTO3dCQUNqQixRQUFRLEVBQUUsS0FBSyxDQUFDLFNBQVM7cUJBQzFCO2lCQUNGO2FBQ0Y7U0FDRixDQUFDO0tBQ0g7U0FBTTtRQUNMLE1BQU0sSUFBSSxLQUFLLENBQUMsY0FBYyxDQUFDLENBQUM7S0FDakM7QUFDSCxDQUFDLENBQUM7QUFwQlcsUUFBQSxPQUFPLFdBb0JsQiIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoZXZlbnQ6IGFueSwgX2NvbnRleHQ6IGFueSA9IHt9KTogUHJvbWlzZTxhbnk+ID0+IHtcbiAgY29uc3QgYXV0aFRva2VuOiBzdHJpbmcgPSBldmVudC5hdXRob3JpemF0aW9uVG9rZW47XG4gIGNvbnNvbGUubG9nKGBldmVudC5hdXRob3JpemF0aW9uVG9rZW4gPSAke2F1dGhUb2tlbn1gKTtcbiAgaWYgKGF1dGhUb2tlbiA9PT0gJ2FsbG93JyB8fCBhdXRoVG9rZW4gPT09ICdkZW55Jykge1xuICAgIHJldHVybiB7XG4gICAgICBwcmluY2lwYWxJZDogJ3VzZXInLFxuICAgICAgcG9saWN5RG9jdW1lbnQ6IHtcbiAgICAgICAgVmVyc2lvbjogJzIwMTItMTAtMTcnLFxuICAgICAgICBTdGF0ZW1lbnQ6IFtcbiAgICAgICAgICB7XG4gICAgICAgICAgICBBY3Rpb246ICdleGVjdXRlLWFwaTpJbnZva2UnLFxuICAgICAgICAgICAgRWZmZWN0OiBhdXRoVG9rZW4sXG4gICAgICAgICAgICBSZXNvdXJjZTogZXZlbnQubWV0aG9kQXJuLFxuICAgICAgICAgIH0sXG4gICAgICAgIF0sXG4gICAgICB9LFxuICAgIH07XG4gIH0gZWxzZSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdVbmF1dGhvcml6ZWQnKTtcbiAgfVxufTsiXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts deleted file mode 100644 index afedb7efe3311..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: any, _context: any = {}): Promise => { - const authToken: string = event.authorizationToken; - console.log(`event.authorizationToken = ${authToken}`); - if (authToken === 'allow' || authToken === 'deny') { - return { - principalId: 'user', - policyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: authToken, - Resource: event.methodArn, - }, - ], - }, - }; - } else { - throw new Error('Unauthorized'); - } -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/cdk.out deleted file mode 100644 index 2313ab5436501..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/integ.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/integ.json deleted file mode 100644 index 8ee9159e80ace..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/integ.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "version": "34.0.0", - "testCases": { - "integ.user-pool": { - "stacks": [ - "AuthorizerInteg" - ], - "diffAssets": false, - "stackUpdateWorkflow": true - } - }, - "synthContext": {}, - "enableLookups": false -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/manifest.json deleted file mode 100644 index 85761c96e101e..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/manifest.json +++ /dev/null @@ -1,167 +0,0 @@ -{ - "version": "34.0.0", - "artifacts": { - "AuthorizerInteg.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "AuthorizerInteg.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "AuthorizerInteg": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "AuthorizerInteg.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "AuthorizerInteg.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "AuthorizerInteg.assets" - ], - "metadata": { - "/AuthorizerInteg/userpool/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "userpool0AC4AA96" - } - ], - "/AuthorizerInteg/userpool/UserPoolAuthorizerClient/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "userpoolUserPoolAuthorizerClient6A7486E8" - } - ], - "/AuthorizerInteg/userpoolForDefaultAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "userpoolForDefaultAuthorizerDFBE8E74" - } - ], - "/AuthorizerInteg/userpoolForDefaultAuthorizer/UserPoolAuthorizerClient/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "userpoolForDefaultAuthorizerUserPoolAuthorizerClient3AA110E7" - } - ], - "/AuthorizerInteg/MyHttpApi/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApi8AEAAC21" - } - ], - "/AuthorizerInteg/MyHttpApi/DefaultStage/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiDefaultStageDCB9BC49" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/RootIntegratin/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETRootIntegratin93150A89" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/RootIntegratin-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETRootIntegratinPermissionCEEEB498" - } - ], - "/AuthorizerInteg/MyHttpApi/GET--/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiGETE0EFC6F8" - } - ], - "/AuthorizerInteg/MyHttpApi/UserPoolAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiUserPoolAuthorizer8754262B" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerE08800A1" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerDefaultStage7A9EE9B6" - } - ], - "/AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/UserPoolDefaultAuthorizer/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "MyHttpApiWithDefaultAuthorizerUserPoolDefaultAuthorizerF10D4FFF" - } - ], - "/AuthorizerInteg/lambda/ServiceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "lambdaServiceRole494E4CA6" - } - ], - "/AuthorizerInteg/lambda/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "lambda8B5974B5" - } - ], - "/AuthorizerInteg/Route/RootIntegration/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteRootIntegration1CF58575" - } - ], - "/AuthorizerInteg/Route/RootIntegration-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteRootIntegrationPermissionC2C15701" - } - ], - "/AuthorizerInteg/Route/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "RouteA67450D2" - } - ], - "/AuthorizerInteg/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/AuthorizerInteg/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "AuthorizerInteg" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/tree.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/tree.json deleted file mode 100644 index 23f942bfe3fdc..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.js.snapshot/tree.json +++ /dev/null @@ -1,807 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "AuthorizerInteg": { - "id": "AuthorizerInteg", - "path": "AuthorizerInteg", - "children": { - "userpool": { - "id": "userpool", - "path": "AuthorizerInteg/userpool", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/userpool/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Cognito::UserPool", - "aws:cdk:cloudformation:props": { - "accountRecoverySetting": { - "recoveryMechanisms": [ - { - "name": "verified_phone_number", - "priority": 1 - }, - { - "name": "verified_email", - "priority": 2 - } - ] - }, - "adminCreateUserConfig": { - "allowAdminCreateUserOnly": true - }, - "emailVerificationMessage": "The verification code to your new account is {####}", - "emailVerificationSubject": "Verify your new account", - "smsVerificationMessage": "The verification code to your new account is {####}", - "verificationMessageTemplate": { - "defaultEmailOption": "CONFIRM_WITH_CODE", - "emailMessage": "The verification code to your new account is {####}", - "emailSubject": "Verify your new account", - "smsMessage": "The verification code to your new account is {####}" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.CfnUserPool", - "version": "0.0.0" - } - }, - "UserPoolAuthorizerClient": { - "id": "UserPoolAuthorizerClient", - "path": "AuthorizerInteg/userpool/UserPoolAuthorizerClient", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/userpool/UserPoolAuthorizerClient/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Cognito::UserPoolClient", - "aws:cdk:cloudformation:props": { - "allowedOAuthFlows": [ - "implicit", - "code" - ], - "allowedOAuthFlowsUserPoolClient": true, - "allowedOAuthScopes": [ - "profile", - "phone", - "email", - "openid", - "aws.cognito.signin.user.admin" - ], - "callbackUrLs": [ - "https://example.com" - ], - "supportedIdentityProviders": [ - "COGNITO" - ], - "userPoolId": { - "Ref": "userpool0AC4AA96" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.CfnUserPoolClient", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.UserPoolClient", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.UserPool", - "version": "0.0.0" - } - }, - "userpoolForDefaultAuthorizer": { - "id": "userpoolForDefaultAuthorizer", - "path": "AuthorizerInteg/userpoolForDefaultAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/userpoolForDefaultAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Cognito::UserPool", - "aws:cdk:cloudformation:props": { - "accountRecoverySetting": { - "recoveryMechanisms": [ - { - "name": "verified_phone_number", - "priority": 1 - }, - { - "name": "verified_email", - "priority": 2 - } - ] - }, - "adminCreateUserConfig": { - "allowAdminCreateUserOnly": true - }, - "emailVerificationMessage": "The verification code to your new account is {####}", - "emailVerificationSubject": "Verify your new account", - "smsVerificationMessage": "The verification code to your new account is {####}", - "verificationMessageTemplate": { - "defaultEmailOption": "CONFIRM_WITH_CODE", - "emailMessage": "The verification code to your new account is {####}", - "emailSubject": "Verify your new account", - "smsMessage": "The verification code to your new account is {####}" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.CfnUserPool", - "version": "0.0.0" - } - }, - "UserPoolAuthorizerClient": { - "id": "UserPoolAuthorizerClient", - "path": "AuthorizerInteg/userpoolForDefaultAuthorizer/UserPoolAuthorizerClient", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/userpoolForDefaultAuthorizer/UserPoolAuthorizerClient/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Cognito::UserPoolClient", - "aws:cdk:cloudformation:props": { - "allowedOAuthFlows": [ - "implicit", - "code" - ], - "allowedOAuthFlowsUserPoolClient": true, - "allowedOAuthScopes": [ - "profile", - "phone", - "email", - "openid", - "aws.cognito.signin.user.admin" - ], - "callbackUrLs": [ - "https://example.com" - ], - "supportedIdentityProviders": [ - "COGNITO" - ], - "userPoolId": { - "Ref": "userpoolForDefaultAuthorizerDFBE8E74" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.CfnUserPoolClient", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.UserPoolClient", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_cognito.UserPool", - "version": "0.0.0" - } - }, - "MyHttpApi": { - "id": "MyHttpApi", - "path": "AuthorizerInteg/MyHttpApi", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "MyHttpApi", - "protocolType": "HTTP" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "DefaultStage": { - "id": "DefaultStage", - "path": "AuthorizerInteg/MyHttpApi/DefaultStage", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/DefaultStage/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Stage", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "autoDeploy": true, - "stageName": "$default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnStage", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", - "version": "0.0.0" - } - }, - "GET--": { - "id": "GET--", - "path": "AuthorizerInteg/MyHttpApi/GET--", - "children": { - "RootIntegratin": { - "id": "RootIntegratin", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegratin", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegratin/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "integrationType": "AWS_PROXY", - "integrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "payloadFormatVersion": "2.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "RootIntegratin-Permission": { - "id": "RootIntegratin-Permission", - "path": "AuthorizerInteg/MyHttpApi/GET--/RootIntegratin-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApi8AEAAC21" - }, - "/*/*/" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/GET--/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "authorizationType": "JWT", - "authorizerId": { - "Ref": "MyHttpApiUserPoolAuthorizer8754262B" - }, - "routeKey": "GET /", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "MyHttpApiGETRootIntegratin93150A89" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - }, - "UserPoolAuthorizer": { - "id": "UserPoolAuthorizer", - "path": "AuthorizerInteg/MyHttpApi/UserPoolAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApi/UserPoolAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Authorizer", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApi8AEAAC21" - }, - "authorizerType": "JWT", - "identitySource": [ - "$request.header.Authorization" - ], - "jwtConfiguration": { - "audience": [ - { - "Ref": "userpoolUserPoolAuthorizerClient6A7486E8" - } - ], - "issuer": { - "Fn::Join": [ - "", - [ - "https://cognito-idp.", - { - "Ref": "AWS::Region" - }, - ".amazonaws.com/", - { - "Ref": "userpool0AC4AA96" - } - ] - ] - } - }, - "name": "UserPoolAuthorizer" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", - "version": "0.0.0" - } - }, - "MyHttpApiWithDefaultAuthorizer": { - "id": "MyHttpApiWithDefaultAuthorizer", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "MyHttpApiWithDefaultAuthorizer", - "protocolType": "HTTP" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "DefaultStage": { - "id": "DefaultStage", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/DefaultStage/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Stage", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "autoDeploy": true, - "stageName": "$default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnStage", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", - "version": "0.0.0" - } - }, - "UserPoolDefaultAuthorizer": { - "id": "UserPoolDefaultAuthorizer", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/UserPoolDefaultAuthorizer", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/MyHttpApiWithDefaultAuthorizer/UserPoolDefaultAuthorizer/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Authorizer", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "authorizerType": "JWT", - "identitySource": [ - "$request.header.Authorization" - ], - "jwtConfiguration": { - "audience": [ - { - "Ref": "userpoolForDefaultAuthorizerUserPoolAuthorizerClient3AA110E7" - } - ], - "issuer": { - "Fn::Join": [ - "", - [ - "https://cognito-idp.", - { - "Ref": "AWS::Region" - }, - ".amazonaws.com/", - { - "Ref": "userpoolForDefaultAuthorizerDFBE8E74" - } - ] - ] - } - }, - "name": "UserPoolDefaultAuthorizer" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", - "version": "0.0.0" - } - }, - "lambda": { - "id": "lambda", - "path": "AuthorizerInteg/lambda", - "children": { - "ServiceRole": { - "id": "ServiceRole", - "path": "AuthorizerInteg/lambda/ServiceRole", - "children": { - "ImportServiceRole": { - "id": "ImportServiceRole", - "path": "AuthorizerInteg/lambda/ServiceRole/ImportServiceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/lambda/ServiceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Code": { - "id": "Code", - "path": "AuthorizerInteg/lambda/Code", - "children": { - "Stage": { - "id": "Stage", - "path": "AuthorizerInteg/lambda/Code/Stage", - "constructInfo": { - "fqn": "aws-cdk-lib.AssetStaging", - "version": "0.0.0" - } - }, - "AssetBucket": { - "id": "AssetBucket", - "path": "AuthorizerInteg/lambda/Code/AssetBucket", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3.BucketBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_s3_assets.Asset", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/lambda/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Function", - "aws:cdk:cloudformation:props": { - "code": { - "s3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "s3Key": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip" - }, - "handler": "index.handler", - "role": { - "Fn::GetAtt": [ - "lambdaServiceRole494E4CA6", - "Arn" - ] - }, - "runtime": "nodejs18.x" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.Function", - "version": "0.0.0" - } - }, - "Route": { - "id": "Route", - "path": "AuthorizerInteg/Route", - "children": { - "RootIntegration": { - "id": "RootIntegration", - "path": "AuthorizerInteg/Route/RootIntegration", - "children": { - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/Route/RootIntegration/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "integrationType": "AWS_PROXY", - "integrationUri": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "payloadFormatVersion": "2.0" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", - "version": "0.0.0" - } - }, - "RootIntegration-Permission": { - "id": "RootIntegration-Permission", - "path": "AuthorizerInteg/Route/RootIntegration-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "lambda8B5974B5", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "/*/*/v1/mything/{proxy+}" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "AuthorizerInteg/Route/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "MyHttpApiWithDefaultAuthorizerE08800A1" - }, - "authorizationScopes": [ - "scope1", - "scope2" - ], - "authorizationType": "JWT", - "authorizerId": { - "Ref": "MyHttpApiWithDefaultAuthorizerUserPoolDefaultAuthorizerF10D4FFF" - }, - "routeKey": "ANY /v1/mything/{proxy+}", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "RouteRootIntegration1CF58575" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "AuthorizerInteg/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "AuthorizerInteg/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.ts deleted file mode 100644 index c1ad9bed4c523..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integ.user-pool.ts +++ /dev/null @@ -1,48 +0,0 @@ -import * as path from 'path'; -import { HttpApi, HttpMethod, HttpRoute, HttpRouteKey } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { HttpLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; -import * as cognito from 'aws-cdk-lib/aws-cognito'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { App, Stack } from 'aws-cdk-lib'; -import { HttpUserPoolAuthorizer } from '../../lib'; - -/* - * Stack verification steps: - * * `curl -s -o /dev/null -w "%{http_code}" ` should return 401 - * * `curl -s -o /dev/null -w "%{http_code}" -H 'Authorization: deny' ` should return 403 - * * `curl -s -o /dev/null -w "%{http_code}" -H 'Authorization: allow' ` should return 200 - */ - -const app = new App(); -const stack = new Stack(app, 'AuthorizerInteg'); - -const userPool = new cognito.UserPool(stack, 'userpool'); -const userPoolForDefaultAuthorizer = new cognito.UserPool(stack, 'userpoolForDefaultAuthorizer'); - -const authorizer = new HttpUserPoolAuthorizer('UserPoolAuthorizer', userPool); -const defaultAuthorizer = new HttpUserPoolAuthorizer('UserPoolDefaultAuthorizer', userPoolForDefaultAuthorizer); - -const httpApi = new HttpApi(stack, 'MyHttpApi'); -const httpApiWithDefaultAuthorizer = new HttpApi(stack, 'MyHttpApiWithDefaultAuthorizer', { - defaultAuthorizer, - defaultAuthorizationScopes: ['scope1', 'scope2'], -}); - -const handler = new lambda.Function(stack, 'lambda', { - runtime: lambda.Runtime.NODEJS_18_X, - handler: 'index.handler', - code: lambda.AssetCode.fromAsset(path.join(__dirname, '../integ.user-pool.handler')), -}); - -httpApi.addRoutes({ - path: '/', - methods: [HttpMethod.GET], - integration: new HttpLambdaIntegration('RootIntegratin', handler), - authorizer, -}); - -new HttpRoute(stack, 'Route', { - httpApi: httpApiWithDefaultAuthorizer, - routeKey: HttpRouteKey.with('/v1/mything/{proxy+}', HttpMethod.ANY), - integration: new HttpLambdaIntegration('RootIntegration', handler), -}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integration.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integration.ts deleted file mode 100644 index eb260beeb4a62..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/integration.ts +++ /dev/null @@ -1,15 +0,0 @@ -import { HttpIntegrationType, HttpRouteIntegration, HttpRouteIntegrationBindOptions, PayloadFormatVersion } from '@aws-cdk/aws-apigatewayv2-alpha'; - -export class DummyRouteIntegration extends HttpRouteIntegration { - constructor() { - super('DummyRouteIntegration'); - } - - public bind(_: HttpRouteIntegrationBindOptions) { - return { - payloadFormatVersion: PayloadFormatVersion.VERSION_2_0, - type: HttpIntegrationType.HTTP_PROXY, - uri: 'some-uri', - }; - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/jwt.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/jwt.test.ts deleted file mode 100644 index f93d6a3a533aa..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/jwt.test.ts +++ /dev/null @@ -1,60 +0,0 @@ -import { Template } from 'aws-cdk-lib/assertions'; -import { HttpApi } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { Stack } from 'aws-cdk-lib'; -import { DummyRouteIntegration } from './integration'; -import { HttpJwtAuthorizer } from '../../lib'; - -describe('HttpJwtAuthorizer', () => { - test('default', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', 'https://test.us.auth0.com', { - jwtAudience: ['3131231'], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerType: 'JWT', - IdentitySource: ['$request.header.Authorization'], - JwtConfiguration: { - Audience: ['3131231'], - Issuer: 'https://test.us.auth0.com', - }, - Name: 'BooksAuthorizer', - }); - }); - - test('same authorizer is used when bound to multiple routes', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', 'https://test.us.auth0.com', { - jwtAudience: ['3131231'], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/pets', - authorizer, - }); - - // THEN - Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Authorizer', 1); - }); -}); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/lambda.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/lambda.test.ts deleted file mode 100644 index bc02f4f30781b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/lambda.test.ts +++ /dev/null @@ -1,161 +0,0 @@ -import { Match, Template } from 'aws-cdk-lib/assertions'; -import { HttpApi } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { Code, Function } from 'aws-cdk-lib/aws-lambda'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { Duration, Stack } from 'aws-cdk-lib'; -import { DummyRouteIntegration } from './integration'; -import { HttpLambdaAuthorizer, HttpLambdaResponseType } from '../../lib'; - -describe('HttpLambdaAuthorizer', () => { - - test('default', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - - const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - Name: 'BooksAuthorizer', - AuthorizerType: 'REQUEST', - AuthorizerResultTtlInSeconds: 300, - AuthorizerPayloadFormatVersion: '1.0', - IdentitySource: [ - '$request.header.Authorization', - ], - }); - - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Route', { - AuthorizationType: 'CUSTOM', - }); - }); - - test('should use format 2.0 and simple responses when simple response type is requested', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - - const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler, { - responseTypes: [HttpLambdaResponseType.SIMPLE], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerPayloadFormatVersion: '2.0', - EnableSimpleResponses: true, - }); - }); - - test('should use format 1.0 when only IAM response type is requested', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - - const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler, { - responseTypes: [HttpLambdaResponseType.IAM], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerPayloadFormatVersion: '1.0', - EnableSimpleResponses: Match.absent(), - }); - }); - - test('should use format 2.0 and simple responses when both response types are requested', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - - const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler, { - responseTypes: [HttpLambdaResponseType.IAM, HttpLambdaResponseType.SIMPLE], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerPayloadFormatVersion: '2.0', - EnableSimpleResponses: true, - }); - }); - - test('can override cache ttl', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - - const handler = new Function(stack, 'auth-functon', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - - const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler, { - resultsCacheTtl: Duration.minutes(10), - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerResultTtlInSeconds: 600, - }); - }); -}); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/user-pool.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/user-pool.test.ts deleted file mode 100644 index da2a56b3b0477..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/http/user-pool.test.ts +++ /dev/null @@ -1,106 +0,0 @@ -import { Template } from 'aws-cdk-lib/assertions'; -import { HttpApi } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { UserPool } from 'aws-cdk-lib/aws-cognito'; -import { Stack } from 'aws-cdk-lib'; -import { DummyRouteIntegration } from './integration'; -import { HttpUserPoolAuthorizer } from '../../lib'; - -describe('HttpUserPoolAuthorizer', () => { - test('default', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - const userPool = new UserPool(stack, 'UserPool'); - const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerType: 'JWT', - IdentitySource: ['$request.header.Authorization'], - JwtConfiguration: { - Audience: [{ Ref: 'UserPoolUserPoolAuthorizerClient680A88B6' }], - Issuer: { - 'Fn::Join': [ - '', - [ - 'https://cognito-idp.', - { Ref: 'AWS::Region' }, - '.amazonaws.com/', - stack.resolve(userPool.userPoolId), - ], - ], - }, - }, - Name: 'BooksAuthorizer', - }); - }); - - test('same authorizer is used when bound to multiple routes', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - const userPool = new UserPool(stack, 'UserPool'); - const authorizer = new HttpUserPoolAuthorizer('UserPoolAuthorizer', userPool); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/pets', - authorizer, - }); - - // THEN - Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Authorizer', 1); - }); - - test('multiple userPoolClients are attached', () => { - // GIVEN - const stack = new Stack(); - const api = new HttpApi(stack, 'HttpApi'); - const userPool = new UserPool(stack, 'UserPool'); - const userPoolClient1 = userPool.addClient('UserPoolClient1'); - const userPoolClient2 = userPool.addClient('UserPoolClient2'); - const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool, { - userPoolClients: [userPoolClient1, userPoolClient2], - }); - - // WHEN - api.addRoutes({ - integration: new DummyRouteIntegration(), - path: '/books', - authorizer, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - AuthorizerType: 'JWT', - IdentitySource: ['$request.header.Authorization'], - JwtConfiguration: { - Audience: [stack.resolve(userPoolClient1.userPoolClientId), stack.resolve(userPoolClient2.userPoolClientId)], - Issuer: { - 'Fn::Join': [ - '', - [ - 'https://cognito-idp.', - { Ref: 'AWS::Region' }, - '.amazonaws.com/', - stack.resolve(userPool.userPoolId), - ], - ], - }, - }, - }); - }); -}); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.lambda.handler/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.lambda.handler/index.ts deleted file mode 100644 index def194e303e1e..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.lambda.handler/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -export const handler = async () => { - return { - statusCode: 200, - body: JSON.stringify({ message: 'Hello from authenticated lambda' }), - headers: { - 'Content-Type': 'application/json', - }, - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.user-pool.handler/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.user-pool.handler/index.ts deleted file mode 100644 index afedb7efe3311..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/integ.user-pool.handler/index.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: any, _context: any = {}): Promise => { - const authToken: string = event.authorizationToken; - console.log(`event.authorizationToken = ${authToken}`); - if (authToken === 'allow' || authToken === 'deny') { - return { - principalId: 'user', - policyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: authToken, - Resource: event.methodArn, - }, - ], - }, - }; - } else { - throw new Error('Unauthorized'); - } -}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/iam.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/iam.test.ts deleted file mode 100644 index ed58870bf5961..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/iam.test.ts +++ /dev/null @@ -1,37 +0,0 @@ -import { Template } from 'aws-cdk-lib/assertions'; -import { WebSocketApi } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; -import { Code, Function } from 'aws-cdk-lib/aws-lambda'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { Stack } from 'aws-cdk-lib'; -import { WebSocketIamAuthorizer } from '../../lib'; - -describe('WebSocketLambdaAuthorizer', () => { - test('default', () => { - const stack = new Stack(); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - const integration = new WebSocketLambdaIntegration('Integration', handler); - - const authorizer = new WebSocketIamAuthorizer(); - - new WebSocketApi(stack, 'WebSocketApi', { - connectRouteOptions: { - integration, - authorizer, - }, - }); - - Template.fromStack(stack).hasResourceProperties( - 'AWS::ApiGatewayV2::Route', - { - RouteKey: '$connect', - AuthorizationType: 'AWS_IAM', - }, - ); - }); -}); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets.json deleted file mode 100644 index da80c5727e260..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "34.0.0", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "source": { - "path": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json deleted file mode 100644 index 4ab5619801629..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "34.0.0", - "files": { - "0fecdddcc93cb59f37820c43eaa8030e35f0be824e2f8e7b63bde0bb0b24e264": { - "source": { - "path": "IntegApiGatewayV2Iam.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0fecdddcc93cb59f37820c43eaa8030e35f0be824e2f8e7b63bde0bb0b24e264.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json deleted file mode 100644 index 5e3e47d97b6cf..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/IntegApiGatewayV2Iam.template.json +++ /dev/null @@ -1,260 +0,0 @@ -{ - "Resources": { - "User00B015A1": { - "Type": "AWS::IAM::User" - }, - "UserAccessEC42ADF7": { - "Type": "AWS::IAM::AccessKey", - "Properties": { - "UserName": { - "Ref": "User00B015A1" - } - } - }, - "authfunctionServiceRoleFCB72198": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "authfunction96361832": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "ZipFile": "exports.handler = () => {return true}" - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "authfunctionServiceRoleFCB72198", - "Arn" - ] - }, - "Runtime": "nodejs18.x" - }, - "DependsOn": [ - "authfunctionServiceRoleFCB72198" - ] - }, - "WebSocketApi34BCF99B": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "WebSocketApi", - "ProtocolType": "WEBSOCKET", - "RouteSelectionExpression": "$request.body.action" - } - }, - "WebSocketApiconnectRouteWebSocketLambdaIntegrationPermission76CD86C6": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "Principal": "apigateway.amazonaws.com", - "SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "WebSocketApi34BCF99B" - }, - "/*$connect" - ] - ] - } - } - }, - "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD": { - "Type": "AWS::ApiGatewayV2::Integration", - "Properties": { - "ApiId": { - "Ref": "WebSocketApi34BCF99B" - }, - "IntegrationType": "AWS_PROXY", - "IntegrationUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - } - } - }, - "WebSocketApiconnectRoute846149DD": { - "Type": "AWS::ApiGatewayV2::Route", - "Properties": { - "ApiId": { - "Ref": "WebSocketApi34BCF99B" - }, - "AuthorizationType": "AWS_IAM", - "RouteKey": "$connect", - "Target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" - } - ] - ] - } - } - }, - "AllowInvoke767865EA": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "execute-api:Invoke", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "WebSocketApi34BCF99B" - } - ] - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "AllowInvoke767865EA", - "Users": [ - { - "Ref": "User00B015A1" - } - ] - } - } - }, - "Outputs": { - "TESTACCESSKEYID": { - "Value": { - "Ref": "UserAccessEC42ADF7" - } - }, - "TESTSECRETACCESSKEY": { - "Value": { - "Fn::GetAtt": [ - "UserAccessEC42ADF7", - "SecretAccessKey" - ] - } - }, - "TESTREGION": { - "Value": { - "Ref": "AWS::Region" - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/cdk.out deleted file mode 100644 index 2313ab5436501..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/integ.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/integ.json deleted file mode 100644 index 560d7746cc7b2..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/integ.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "version": "34.0.0", - "testCases": { - "ApiGatewayV2WebSocketIamTest/DefaultTest": { - "stacks": [ - "IntegApiGatewayV2Iam" - ], - "assertionStack": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert", - "assertionStackName": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/manifest.json deleted file mode 100644 index 5cd819d527b7b..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/manifest.json +++ /dev/null @@ -1,182 +0,0 @@ -{ - "version": "34.0.0", - "artifacts": { - "IntegApiGatewayV2Iam.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "IntegApiGatewayV2Iam.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "IntegApiGatewayV2Iam": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "IntegApiGatewayV2Iam.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0fecdddcc93cb59f37820c43eaa8030e35f0be824e2f8e7b63bde0bb0b24e264.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "IntegApiGatewayV2Iam.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "IntegApiGatewayV2Iam.assets" - ], - "metadata": { - "/IntegApiGatewayV2Iam/User/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "User00B015A1" - } - ], - "/IntegApiGatewayV2Iam/UserAccess/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "UserAccessEC42ADF7" - } - ], - "/IntegApiGatewayV2Iam/auth-function/ServiceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "authfunctionServiceRoleFCB72198" - } - ], - "/IntegApiGatewayV2Iam/auth-function/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "authfunction96361832" - } - ], - "/IntegApiGatewayV2Iam/WebSocketApi/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "WebSocketApi34BCF99B" - } - ], - "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration-Permission": [ - { - "type": "aws:cdk:logicalId", - "data": "WebSocketApiconnectRouteWebSocketLambdaIntegrationPermission76CD86C6", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] - } - ], - "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" - } - ], - "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "WebSocketApiconnectRoute846149DD" - } - ], - "/IntegApiGatewayV2Iam/AllowInvoke/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "AllowInvoke767865EA" - } - ], - "/IntegApiGatewayV2Iam/TESTACCESSKEYID": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTACCESSKEYID" - } - ], - "/IntegApiGatewayV2Iam/TESTSECRETACCESSKEY": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTSECRETACCESSKEY" - } - ], - "/IntegApiGatewayV2Iam/TESTREGION": [ - { - "type": "aws:cdk:logicalId", - "data": "TESTREGION" - } - ], - "/IntegApiGatewayV2Iam/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/IntegApiGatewayV2Iam/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "IntegApiGatewayV2Iam" - }, - "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.assets" - ], - "metadata": { - "/ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/tree.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/tree.json deleted file mode 100644 index 2192187ed14af..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.js.snapshot/tree.json +++ /dev/null @@ -1,485 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "IntegApiGatewayV2Iam": { - "id": "IntegApiGatewayV2Iam", - "path": "IntegApiGatewayV2Iam", - "children": { - "User": { - "id": "User", - "path": "IntegApiGatewayV2Iam/User", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/User/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::User", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnUser", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.User", - "version": "0.0.0" - } - }, - "UserAccess": { - "id": "UserAccess", - "path": "IntegApiGatewayV2Iam/UserAccess", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/UserAccess/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::AccessKey", - "aws:cdk:cloudformation:props": { - "userName": { - "Ref": "User00B015A1" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnAccessKey", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.AccessKey", - "version": "0.0.0" - } - }, - "auth-function": { - "id": "auth-function", - "path": "IntegApiGatewayV2Iam/auth-function", - "children": { - "ServiceRole": { - "id": "ServiceRole", - "path": "IntegApiGatewayV2Iam/auth-function/ServiceRole", - "children": { - "ImportServiceRole": { - "id": "ImportServiceRole", - "path": "IntegApiGatewayV2Iam/auth-function/ServiceRole/ImportServiceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/auth-function/ServiceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/auth-function/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Function", - "aws:cdk:cloudformation:props": { - "code": { - "zipFile": "exports.handler = () => {return true}" - }, - "handler": "index.handler", - "role": { - "Fn::GetAtt": [ - "authfunctionServiceRoleFCB72198", - "Arn" - ] - }, - "runtime": "nodejs18.x" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.Function", - "version": "0.0.0" - } - }, - "WebSocketApi": { - "id": "WebSocketApi", - "path": "IntegApiGatewayV2Iam/WebSocketApi", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/WebSocketApi/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", - "aws:cdk:cloudformation:props": { - "name": "WebSocketApi", - "protocolType": "WEBSOCKET", - "routeSelectionExpression": "$request.body.action" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnApi", - "version": "0.0.0" - } - }, - "$connect-Route": { - "id": "$connect-Route", - "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route", - "children": { - "WebSocketLambdaIntegration-Permission": { - "id": "WebSocketLambdaIntegration-Permission", - "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration-Permission", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "principal": "apigateway.amazonaws.com", - "sourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "WebSocketApi34BCF99B" - }, - "/*$connect" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "WebSocketLambdaIntegration": { - "id": "WebSocketLambdaIntegration", - "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "WebSocketApi34BCF99B" - }, - "integrationType": "AWS_PROXY", - "integrationUri": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":apigateway:", - { - "Ref": "AWS::Region" - }, - ":lambda:path/2015-03-31/functions/", - { - "Fn::GetAtt": [ - "authfunction96361832", - "Arn" - ] - }, - "/invocations" - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnIntegration", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.WebSocketIntegration", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", - "aws:cdk:cloudformation:props": { - "apiId": { - "Ref": "WebSocketApi34BCF99B" - }, - "authorizationType": "AWS_IAM", - "routeKey": "$connect", - "target": { - "Fn::Join": [ - "", - [ - "integrations/", - { - "Ref": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_apigatewayv2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.WebSocketRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.WebSocketApi", - "version": "0.0.0" - } - }, - "AllowInvoke": { - "id": "AllowInvoke", - "path": "IntegApiGatewayV2Iam/AllowInvoke", - "children": { - "Resource": { - "id": "Resource", - "path": "IntegApiGatewayV2Iam/AllowInvoke/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": "execute-api:Invoke", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":execute-api:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":", - { - "Ref": "WebSocketApi34BCF99B" - } - ] - ] - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "AllowInvoke767865EA", - "users": [ - { - "Ref": "User00B015A1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Policy", - "version": "0.0.0" - } - }, - "TESTACCESSKEYID": { - "id": "TESTACCESSKEYID", - "path": "IntegApiGatewayV2Iam/TESTACCESSKEYID", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "TESTSECRETACCESSKEY": { - "id": "TESTSECRETACCESSKEY", - "path": "IntegApiGatewayV2Iam/TESTSECRETACCESSKEY", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "TESTREGION": { - "id": "TESTREGION", - "path": "IntegApiGatewayV2Iam/TESTREGION", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnOutput", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "IntegApiGatewayV2Iam/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "IntegApiGatewayV2Iam/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "ApiGatewayV2WebSocketIamTest": { - "id": "ApiGatewayV2WebSocketIamTest", - "path": "ApiGatewayV2WebSocketIamTest", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "ApiGatewayV2WebSocketIamTest/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert", - "children": { - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.ts deleted file mode 100644 index 72ab3e8024588..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/integ.iam.ts +++ /dev/null @@ -1,61 +0,0 @@ -import * as apigatewayv2 from '@aws-cdk/aws-apigatewayv2-alpha'; -import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; -import * as iam from 'aws-cdk-lib/aws-iam'; -import { Code, Function, Runtime } from 'aws-cdk-lib/aws-lambda'; -import * as cdk from 'aws-cdk-lib'; -import { Stack } from 'aws-cdk-lib'; -import * as integ from '@aws-cdk/integ-tests-alpha'; -import { WebSocketIamAuthorizer } from '../../lib'; - -const app = new cdk.App(); -const stack = new cdk.Stack(app, 'IntegApiGatewayV2Iam'); -const user = new iam.User(stack, 'User'); -const userAccessKey = new iam.AccessKey(stack, 'UserAccess', { - user, -}); - -const handler = new Function(stack, 'auth-function', { - runtime: Runtime.NODEJS_18_X, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', -}); - -const webSocketApi = new apigatewayv2.WebSocketApi(stack, 'WebSocketApi', { - connectRouteOptions: { - integration: new WebSocketLambdaIntegration('WebSocketLambdaIntegration', handler), - authorizer: new WebSocketIamAuthorizer(), - }, -}); - -const arn = Stack.of(stack).formatArn({ - service: 'execute-api', - resource: webSocketApi.apiId, -}); - -user.attachInlinePolicy(new iam.Policy(stack, 'AllowInvoke', { - statements: [ - new iam.PolicyStatement({ - actions: ['execute-api:Invoke'], - effect: iam.Effect.ALLOW, - resources: [arn], - }), - ], -})); - -new integ.IntegTest(app, 'ApiGatewayV2WebSocketIamTest', { - testCases: [stack], -}); - -new cdk.CfnOutput(stack, 'TESTACCESSKEYID', { - value: userAccessKey.accessKeyId, -}); - -new cdk.CfnOutput(stack, 'TESTSECRETACCESSKEY', { - value: userAccessKey.secretAccessKey.unsafeUnwrap(), -}); - -new cdk.CfnOutput(stack, 'TESTREGION', { - value: stack.region, -}); - -app.synth(); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/lambda.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/lambda.test.ts deleted file mode 100644 index 8a8993f190188..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers-alpha/test/websocket/lambda.test.ts +++ /dev/null @@ -1,47 +0,0 @@ -import { Template } from 'aws-cdk-lib/assertions'; -import { WebSocketApi } from '@aws-cdk/aws-apigatewayv2-alpha'; -import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; -import { Code, Function } from 'aws-cdk-lib/aws-lambda'; -import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { Stack } from 'aws-cdk-lib'; -import { WebSocketLambdaAuthorizer } from '../../lib'; - -describe('WebSocketLambdaAuthorizer', () => { - test('default', () => { - // GIVEN - const stack = new Stack(); - - const handler = new Function(stack, 'auth-function', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: Code.fromInline('exports.handler = () => {return true}'), - handler: 'index.handler', - }); - const integration = new WebSocketLambdaIntegration( - 'Integration', - handler, - ); - - const authorizer = new WebSocketLambdaAuthorizer('default-authorizer', handler); - - // WHEN - new WebSocketApi(stack, 'WebSocketApi', { - connectRouteOptions: { - integration, - authorizer, - }, - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { - Name: 'default-authorizer', - AuthorizerType: 'REQUEST', - IdentitySource: [ - 'route.request.header.Authorization', - ], - }); - - Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Route', { - AuthorizationType: 'CUSTOM', - }); - }); -});