From aa881db0c3cccc9cbcbd3e1c8be39ac093ebf2c5 Mon Sep 17 00:00:00 2001 From: mickychetta <45010053+mickychetta@users.noreply.github.com> Date: Tue, 12 Oct 2021 10:10:22 -0700 Subject: [PATCH 1/2] feat(aws-cloudfront-apigateway): added cloudfrontLoggingBucketProps to cloudfront-apigateway (#444) * added cloudfrontLoggingBucketProps to cloudfront-apigateway * fixed typo in prop name * fixed overrideProps with user provided cloudfront logging bucket props --- .../aws-cloudfront-apigateway/README.md | 4 +- .../aws-cloudfront-apigateway/lib/index.ts | 8 +- ...ustomCloudfrontLoggingBucket.expected.json | 859 ++++++++++++++++++ .../integ.customCloudfrontLoggingBucket.ts | 64 ++ .../test/test.cloudfront-apigateway.test.ts | 75 ++ .../lib/cloudfront-distribution-helper.ts | 22 +- 6 files changed, 1025 insertions(+), 7 deletions(-) create mode 100644 source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.expected.json create mode 100644 source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md index 930706a64..d7382f76b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md @@ -74,8 +74,10 @@ _Parameters_ | **Name** | **Type** | **Description** | |:-------------|:----------------|-----------------| |existingApiGatewayObj|[`api.RestApi`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-apigateway.RestApi.html)|The regional API Gateway that will be fronted with the CloudFront| -|cloudFrontDistributionProps?|[`cloudfront.DistributionProps | any`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cloudfront.DistributionProps.html)|Optional user provided props to override the default props for CloudFront Distribution| +|cloudFrontDistributionProps?|[`cloudfront.DistributionProps \| any`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cloudfront.DistributionProps.html)|Optional user provided props to override the default props for CloudFront Distribution| |insertHttpSecurityHeaders?|`boolean`|Optional user provided props to turn on/off the automatic injection of best practice HTTP security headers in all responses from CloudFront| +|cloudFrontLoggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html)|Optional user provided props to override the default props for the CloudFront Logging Bucket.| + ## Pattern Properties | **Name** | **Type** | **Description** | diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/lib/index.ts index e2468feef..bae337ef6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/lib/index.ts @@ -41,6 +41,12 @@ export interface CloudFrontToApiGatewayProps { * @default - true */ readonly insertHttpSecurityHeaders?: boolean; + /** + * Optional user provided props to override the default props for the CloudFront Logging Bucket. + * + * @default - Default props are used + */ + readonly cloudFrontLoggingBucketProps?: s3.BucketProps } export class CloudFrontToApiGateway extends Construct { @@ -65,6 +71,6 @@ export class CloudFrontToApiGateway extends Construct { [this.cloudFrontWebDistribution, this.cloudFrontFunction, this.cloudFrontLoggingBucket] = defaults.CloudFrontDistributionForApiGateway(this, props.existingApiGatewayObj, - props.cloudFrontDistributionProps, props.insertHttpSecurityHeaders); + props.cloudFrontDistributionProps, props.insertHttpSecurityHeaders, props.cloudFrontLoggingBucketProps); } } diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.expected.json new file mode 100644 index 000000000..6ab4f740f --- /dev/null +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.expected.json @@ -0,0 +1,859 @@ +{ + "Description": "Integration Test for aws-cloudfront-apigateway custom Cloudfront Logging Bucket", + "Resources": { + "LambdaFunctionServiceRole0C4CDE0B": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/lambda/*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LambdaFunctionServiceRolePolicy" + } + ] + } + }, + "LambdaFunctionServiceRoleDefaultPolicy126C8897": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "xray:PutTraceSegments", + "xray:PutTelemetryRecords" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LambdaFunctionServiceRoleDefaultPolicy126C8897", + "Roles": [ + { + "Ref": "LambdaFunctionServiceRole0C4CDE0B" + } + ] + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W12", + "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC." + } + ] + } + } + }, + "LambdaFunctionBF21E41F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "76457685de34c4b8447dc527f32d442291b2efeb05bcfcba793036ac6c94d9a2.zip" + }, + "Role": { + "Fn::GetAtt": [ + "LambdaFunctionServiceRole0C4CDE0B", + "Arn" + ] + }, + "Environment": { + "Variables": { + "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" + } + }, + "Handler": "index.handler", + "Runtime": "nodejs10.x", + "TracingConfig": { + "Mode": "Active" + } + }, + "DependsOn": [ + "LambdaFunctionServiceRoleDefaultPolicy126C8897", + "LambdaFunctionServiceRole0C4CDE0B" + ], + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W58", + "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions." + }, + { + "id": "W89", + "reason": "This is not a rule for the general case, just for specific use cases/industries" + }, + { + "id": "W92", + "reason": "Impossible for us to define the correct concurrency for clients" + } + ] + } + } + }, + "ApiAccessLogGroupCEA70788": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain", + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W86", + "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely" + }, + { + "id": "W84", + "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)" + } + ] + } + } + }, + "LambdaRestApi95870433": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + }, + "Name": "LambdaRestApi" + } + }, + "LambdaRestApiDeploymentBA640578812946cff1910fe2b8b339ee3a8d51c7": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "RestApiId": { + "Ref": "LambdaRestApi95870433" + }, + "Description": "Automatically created by the RestApi construct" + }, + "DependsOn": [ + "LambdaRestApiproxyANY93D43CC0", + "LambdaRestApiproxy9F99E187", + "LambdaRestApiANYA831AD87" + ], + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W45", + "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checkes for it in AWS::ApiGateway::Deployment resource" + } + ] + } + } + }, + "LambdaRestApiDeploymentStageprodB1F3862A": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "RestApiId": { + "Ref": "LambdaRestApi95870433" + }, + "AccessLogSetting": { + "DestinationArn": { + "Fn::GetAtt": [ + "ApiAccessLogGroupCEA70788", + "Arn" + ] + }, + "Format": "{\"requestId\":\"$context.requestId\",\"ip\":\"$context.identity.sourceIp\",\"user\":\"$context.identity.user\",\"caller\":\"$context.identity.caller\",\"requestTime\":\"$context.requestTime\",\"httpMethod\":\"$context.httpMethod\",\"resourcePath\":\"$context.resourcePath\",\"status\":\"$context.status\",\"protocol\":\"$context.protocol\",\"responseLength\":\"$context.responseLength\"}" + }, + "DeploymentId": { + "Ref": "LambdaRestApiDeploymentBA640578812946cff1910fe2b8b339ee3a8d51c7" + }, + "MethodSettings": [ + { + "DataTraceEnabled": false, + "HttpMethod": "*", + "LoggingLevel": "INFO", + "ResourcePath": "/*" + } + ], + "StageName": "prod", + "TracingEnabled": true + } + }, + "LambdaRestApiproxy9F99E187": { + "Type": "AWS::ApiGateway::Resource", + "Properties": { + "ParentId": { + "Fn::GetAtt": [ + "LambdaRestApi95870433", + "RootResourceId" + ] + }, + "PathPart": "{proxy+}", + "RestApiId": { + "Ref": "LambdaRestApi95870433" + } + } + }, + "LambdaRestApiproxyANYApiPermissioncustomCloudfrontLoggingBucketLambdaRestApiB3C97BC3ANYproxyB2970EF0": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "Principal": "apigateway.amazonaws.com", + "SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "LambdaRestApi95870433" + }, + "/", + { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + }, + "/*/*" + ] + ] + } + } + }, + "LambdaRestApiproxyANYApiPermissionTestcustomCloudfrontLoggingBucketLambdaRestApiB3C97BC3ANYproxyB96C3608": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "Principal": "apigateway.amazonaws.com", + "SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "LambdaRestApi95870433" + }, + "/test-invoke-stage/*/*" + ] + ] + } + } + }, + "LambdaRestApiproxyANY93D43CC0": { + "Type": "AWS::ApiGateway::Method", + "Properties": { + "HttpMethod": "ANY", + "ResourceId": { + "Ref": "LambdaRestApiproxy9F99E187" + }, + "RestApiId": { + "Ref": "LambdaRestApi95870433" + }, + "AuthorizationType": "NONE", + "Integration": { + "IntegrationHttpMethod": "POST", + "Type": "AWS_PROXY", + "Uri": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":apigateway:", + { + "Ref": "AWS::Region" + }, + ":lambda:path/2015-03-31/functions/", + { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "/invocations" + ] + ] + } + } + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W59", + "reason": "AWS::ApiGateway::Method AuthorizationType is set to 'NONE' because API Gateway behind CloudFront does not support AWS_IAM authentication" + } + ] + } + } + }, + "LambdaRestApiANYApiPermissioncustomCloudfrontLoggingBucketLambdaRestApiB3C97BC3ANY61586206": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "Principal": "apigateway.amazonaws.com", + "SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "LambdaRestApi95870433" + }, + "/", + { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + }, + "/*/" + ] + ] + } + } + }, + "LambdaRestApiANYApiPermissionTestcustomCloudfrontLoggingBucketLambdaRestApiB3C97BC3ANYBE8D9316": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "Principal": "apigateway.amazonaws.com", + "SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "LambdaRestApi95870433" + }, + "/test-invoke-stage/*/" + ] + ] + } + } + }, + "LambdaRestApiANYA831AD87": { + "Type": "AWS::ApiGateway::Method", + "Properties": { + "HttpMethod": "ANY", + "ResourceId": { + "Fn::GetAtt": [ + "LambdaRestApi95870433", + "RootResourceId" + ] + }, + "RestApiId": { + "Ref": "LambdaRestApi95870433" + }, + "AuthorizationType": "NONE", + "Integration": { + "IntegrationHttpMethod": "POST", + "Type": "AWS_PROXY", + "Uri": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":apigateway:", + { + "Ref": "AWS::Region" + }, + ":lambda:path/2015-03-31/functions/", + { + "Fn::GetAtt": [ + "LambdaFunctionBF21E41F", + "Arn" + ] + }, + "/invocations" + ] + ] + } + } + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W59", + "reason": "AWS::ApiGateway::Method AuthorizationType is set to 'NONE' because API Gateway behind CloudFront does not support AWS_IAM authentication" + } + ] + } + } + }, + "LambdaRestApiUsagePlanB4DF55D0": { + "Type": "AWS::ApiGateway::UsagePlan", + "Properties": { + "ApiStages": [ + { + "ApiId": { + "Ref": "LambdaRestApi95870433" + }, + "Stage": { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + }, + "Throttle": {} + } + ] + } + }, + "LambdaRestApiCloudWatchRoleF339D4E6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "apigateway.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:GetLogEvents", + "logs:FilterLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LambdaRestApiCloudWatchRolePolicy" + } + ] + } + }, + "LambdaRestApiAccount": { + "Type": "AWS::ApiGateway::Account", + "Properties": { + "CloudWatchRoleArn": { + "Fn::GetAtt": [ + "LambdaRestApiCloudWatchRoleF339D4E6", + "Arn" + ] + } + }, + "DependsOn": [ + "LambdaRestApi95870433" + ] + }, + "cfapigwSetHttpSecurityHeaders07A0F0C0": { + "Type": "AWS::CloudFront::Function", + "Properties": { + "Name": "SetHttpSecurityHeadersc8fc067b45a5c199a519a90c3b5f02d380f1625f1d", + "AutoPublish": true, + "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }", + "FunctionConfig": { + "Comment": "SetHttpSecurityHeadersc8fc067b45a5c199a519a90c3b5f02d380f1625f1d", + "Runtime": "cloudfront-js-1.0" + } + } + }, + "cfapigwCloudfrontLoggingBucket79FE4195": { + "Type": "AWS::S3::Bucket", + "Properties": { + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true + }, + "VersioningConfiguration": { + "Status": "Enabled" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete", + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W35", + "reason": "This S3 bucket is used as the access logging bucket for CloudFront Distribution" + } + ] + } + } + }, + "cfapigwCloudfrontLoggingBucketPolicyF5181F4F": { + "Type": "AWS::S3::BucketPolicy", + "Properties": { + "Bucket": { + "Ref": "cfapigwCloudfrontLoggingBucket79FE4195" + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "cfapigwCloudfrontLoggingBucket79FE4195", + "Arn" + ] + }, + "/*" + ] + ] + }, + { + "Fn::GetAtt": [ + "cfapigwCloudfrontLoggingBucket79FE4195", + "Arn" + ] + } + ], + "Sid": "HttpsOnly" + } + ], + "Version": "2012-10-17" + } + } + }, + "cfapigwCloudFrontDistribution2DD013DF": { + "Type": "AWS::CloudFront::Distribution", + "Properties": { + "DistributionConfig": { + "DefaultCacheBehavior": { + "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "Compress": true, + "FunctionAssociations": [ + { + "EventType": "viewer-response", + "FunctionARN": { + "Fn::GetAtt": [ + "cfapigwSetHttpSecurityHeaders07A0F0C0", + "FunctionARN" + ] + } + } + ], + "TargetOriginId": "customCloudfrontLoggingBucketcfapigwCloudFrontDistributionOrigin1D25D62E1", + "ViewerProtocolPolicy": "redirect-to-https" + }, + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "cfapigwCloudfrontLoggingBucket79FE4195", + "RegionalDomainName" + ] + } + }, + "Origins": [ + { + "CustomOriginConfig": { + "OriginProtocolPolicy": "https-only", + "OriginSSLProtocols": [ + "TLSv1.2" + ] + }, + "DomainName": { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "/", + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "://", + { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "LambdaRestApi95870433" + }, + ".execute-api.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/", + { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + }, + "/" + ] + ] + } + ] + } + ] + } + ] + } + ] + }, + "Id": "customCloudfrontLoggingBucketcfapigwCloudFrontDistributionOrigin1D25D62E1", + "OriginPath": { + "Fn::Join": [ + "", + [ + "/", + { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + } + ] + ] + } + } + ] + } + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W70", + "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion" + } + ] + } + } + } + }, + "Outputs": { + "LambdaRestApiEndpointCCECE4C1": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "LambdaRestApi95870433" + }, + ".execute-api.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/", + { + "Ref": "LambdaRestApiDeploymentStageprodB1F3862A" + }, + "/" + ] + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.ts new file mode 100644 index 000000000..7c39bda19 --- /dev/null +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.customCloudfrontLoggingBucket.ts @@ -0,0 +1,64 @@ +/** + * Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance + * with the License. A copy of the License is located at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES + * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions + * and limitations under the License. + */ + +/// !cdk-integ * +import { App, Stack, RemovalPolicy } from "@aws-cdk/core"; +import { CloudFrontToApiGateway } from "../lib"; +import { BucketEncryption } from "@aws-cdk/aws-s3"; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as defaults from '@aws-solutions-constructs/core'; +import * as api from '@aws-cdk/aws-apigateway'; +import { generateIntegStackName } from '@aws-solutions-constructs/core'; + +// Setup +const app = new App(); +const stack = new Stack(app, generateIntegStackName(__filename)); +stack.templateOptions.description = 'Integration Test for aws-cloudfront-apigateway custom Cloudfront Logging Bucket'; + +const inProps: lambda.FunctionProps = { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler' +}; + +const func = defaults.deployLambdaFunction(stack, inProps); + +const [_api] = defaults.RegionalLambdaRestApi(stack, func); + +_api.methods.forEach((apiMethod) => { + // Override the API Gateway Authorization Type from AWS_IAM to NONE + const child = apiMethod.node.findChild('Resource') as api.CfnMethod; + if (child.authorizationType === 'AWS_IAM') { + child.addPropertyOverride('AuthorizationType', 'NONE'); + + defaults.addCfnSuppressRules(apiMethod, [ + { + id: "W59", + reason: `AWS::ApiGateway::Method AuthorizationType is set to 'NONE' because API Gateway behind CloudFront does not support AWS_IAM authentication`, + }, + ]); + + } +}); + +new CloudFrontToApiGateway(stack, 'cf-apigw', { + existingApiGatewayObj: _api, + cloudFrontLoggingBucketProps: { + removalPolicy: RemovalPolicy.DESTROY, + encryption: BucketEncryption.S3_MANAGED, + versioned: true + } +}); + +// Synth +app.synth(); diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts index d36ff34f9..9ba2c2346 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts @@ -14,6 +14,7 @@ import { ResourcePart } from '@aws-cdk/assert'; import { CloudFrontToApiGateway } from "../lib"; import * as cdk from "@aws-cdk/core"; +import * as s3 from "@aws-cdk/aws-s3"; import * as defaults from '@aws-solutions-constructs/core'; import * as lambda from '@aws-cdk/aws-lambda'; import '@aws-cdk/assert/jest'; @@ -158,3 +159,77 @@ test('test api gateway lambda service role', () => { ] }); }); + +// -------------------------------------------------------------- +// Cloudfront logging bucket with destroy removal policy and auto delete objects +// -------------------------------------------------------------- +test('Cloudfront logging bucket with destroy removal policy and auto delete objects', () => { + const stack = new cdk.Stack(); + + const inProps: lambda.FunctionProps = { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler' + }; + + const func = defaults.deployLambdaFunction(stack, inProps); + + const [_api] = defaults.RegionalLambdaRestApi(stack, func); + + new CloudFrontToApiGateway(stack, 'cloudfront-s3', { + existingApiGatewayObj: _api, + cloudFrontLoggingBucketProps: { + removalPolicy: cdk.RemovalPolicy.DESTROY, + autoDeleteObjects: true + } + }); + + expect(stack).toHaveResource("AWS::S3::Bucket", { + AccessControl: "LogDeliveryWrite" + }); + + expect(stack).toHaveResource("Custom::S3AutoDeleteObjects", { + ServiceToken: { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", + "Arn" + ] + }, + BucketName: { + Ref: "cloudfronts3CloudfrontLoggingBucket5B845143" + } + }); +}); + +// -------------------------------------------------------------- +// Cloudfront logging bucket error providing existing log bucket and logBuckerProps +// -------------------------------------------------------------- +test('Cloudfront logging bucket error when providing existing log bucket and logBuckerProps', () => { + const stack = new cdk.Stack(); + + const inProps: lambda.FunctionProps = { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler' + }; + + const func = defaults.deployLambdaFunction(stack, inProps); + + const [_api] = defaults.RegionalLambdaRestApi(stack, func); + + const logBucket = new s3.Bucket(stack, 'cloudfront-log-bucket', {}); + + const app = () => { new CloudFrontToApiGateway(stack, 'cloudfront-s3', { + existingApiGatewayObj: _api, + cloudFrontDistributionProps: { + logBucket + }, + cloudFrontLoggingBucketProps: { + removalPolicy: cdk.RemovalPolicy.DESTROY, + autoDeleteObjects: true + } + }); + }; + + expect(app).toThrowError(); +}); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts index 7c50b262e..28c63fd9b 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts @@ -65,12 +65,13 @@ function defaultCloudfrontFunction(scope: Construct): cloudfront.Function { export function CloudFrontDistributionForApiGateway(scope: Construct, apiEndPoint: api.RestApi, cloudFrontDistributionProps?: cloudfront.DistributionProps | any, - httpSecurityHeaders: boolean = true): [cloudfront.Distribution, - cloudfront.Function?, s3.Bucket?] { + httpSecurityHeaders: boolean = true, + cloudFrontLoggingBucketProps?: s3.BucketProps +): [cloudfront.Distribution, cloudfront.Function?, s3.Bucket?] { const cloudfrontFunction = getCloudfrontFunction(httpSecurityHeaders, scope); - const loggingBucket = getLoggingBucket(cloudFrontDistributionProps, scope); + const loggingBucket = getLoggingBucket(cloudFrontDistributionProps, scope, cloudFrontLoggingBucketProps); const defaultprops = DefaultCloudFrontWebDistributionForApiGatewayProps(apiEndPoint, loggingBucket, httpSecurityHeaders, cloudfrontFunction); @@ -183,12 +184,23 @@ export function CloudFrontOriginAccessIdentity(scope: Construct, comment?: strin }); } -function getLoggingBucket(cloudFrontDistributionProps: cloudfront.DistributionProps | any, scope: Construct): s3.Bucket | undefined { +function getLoggingBucket( + cloudFrontDistributionProps: cloudfront.DistributionProps | any, scope: Construct, + cloudFrontLoggingBucketProps?: s3.BucketProps +): s3.Bucket | undefined { const isLoggingDisabled = cloudFrontDistributionProps?.enableLogging === false; const userSuppliedLogBucket = cloudFrontDistributionProps?.logBucket; + + if (userSuppliedLogBucket && cloudFrontLoggingBucketProps) { + throw Error('Either cloudFrontDistributionProps.logBucket or cloudFrontLoggingBucketProps can be set.'); + } + return isLoggingDisabled ? undefined - : userSuppliedLogBucket ?? createLoggingBucket(scope, 'CloudfrontLoggingBucket', DefaultS3Props()); + : userSuppliedLogBucket ?? createLoggingBucket( + scope, + 'CloudfrontLoggingBucket', + cloudFrontLoggingBucketProps ? overrideProps(DefaultS3Props(), cloudFrontLoggingBucketProps) : DefaultS3Props()); } function getCloudfrontFunction(httpSecurityHeaders: boolean, scope: Construct) { From e10394dedb6b92ba137c7ea068911f5ae7823067 Mon Sep 17 00:00:00 2001 From: mickychetta <45010053+mickychetta@users.noreply.github.com> Date: Tue, 12 Oct 2021 10:23:07 -0700 Subject: [PATCH 2/2] updated file name for shorter stack name to satisfy 64 character constraint (#447) --- ...existing-bus.expected.json => integ.exist-bus.expected.json} | 2 +- .../test/{integ.eb-existing-bus.ts => integ.exist-bus.ts} | 0 ...teg.eb-new-bus.expected.json => integ.new-bus.expected.json} | 2 +- .../test/{integ.eb-new-bus.ts => integ.new-bus.ts} | 0 ...ntbridge-no-arg.expected.json => integ.no-arg.expected.json} | 0 .../test/{integ.eventbridge-no-arg.ts => integ.no-arg.ts} | 0 ...ing-eventbus.expected.json => integ.exist-bus.expected.json} | 2 +- ...nteg.eventbridge-existing-eventbus.ts => integ.exist-bus.ts} | 0 ...ting-queue.expected.json => integ.exist-queue.expected.json} | 0 ...integ.eventbridge-existing-queue.ts => integ.exist-queue.ts} | 0 ...e-new-eventbus.expected.json => integ.new-bus.expected.json} | 2 +- .../{integ.eventbridge-new-eventbus.ts => integ.new-bus.ts} | 0 ...ge-no-arguments.expected.json => integ.no-arg.expected.json} | 0 .../test/{integ.eventbridge-no-arguments.ts => integ.no-arg.ts} | 0 ...existing-bus.expected.json => integ.exist-bus.expected.json} | 2 +- .../test/{integ.existing-bus.ts => integ.exist-bus.ts} | 0 ...nts-rule-no-arg.expected.json => integ.no-arg.expected.json} | 0 .../test/{integ.events-rule-no-arg.ts => integ.no-arg.ts} | 0 ...existing-bus.expected.json => integ.exist-bus.expected.json} | 2 +- .../{integ.events-rule-existing-bus.ts => integ.exist-bus.ts} | 0 ...ting-queue.expected.json => integ.exist-queue.expected.json} | 0 ...integ.events-rule-existing-queue.ts => integ.exist-queue.ts} | 0 ...s-rule-new-bus.expected.json => integ.new-bus.expected.json} | 2 +- .../test/{integ.events-rule-new-bus.ts => integ.new-bus.ts} | 0 ...nts-rule-no-arg.expected.json => integ.no-arg.expected.json} | 0 .../test/{integ.events-rule-no-arg.ts => integ.no-arg.ts} | 0 26 files changed, 7 insertions(+), 7 deletions(-) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eb-existing-bus.expected.json => integ.exist-bus.expected.json} (99%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eb-existing-bus.ts => integ.exist-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eb-new-bus.expected.json => integ.new-bus.expected.json} (98%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eb-new-bus.ts => integ.new-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eventbridge-no-arg.expected.json => integ.no-arg.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/{integ.eventbridge-no-arg.ts => integ.no-arg.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-existing-eventbus.expected.json => integ.exist-bus.expected.json} (98%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-existing-eventbus.ts => integ.exist-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-existing-queue.expected.json => integ.exist-queue.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-existing-queue.ts => integ.exist-queue.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-new-eventbus.expected.json => integ.new-bus.expected.json} (99%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-new-eventbus.ts => integ.new-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-no-arguments.expected.json => integ.no-arg.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/{integ.eventbridge-no-arguments.ts => integ.no-arg.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/{integ.existing-bus.expected.json => integ.exist-bus.expected.json} (99%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/{integ.existing-bus.ts => integ.exist-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/{integ.events-rule-no-arg.expected.json => integ.no-arg.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/{integ.events-rule-no-arg.ts => integ.no-arg.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-existing-bus.expected.json => integ.exist-bus.expected.json} (98%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-existing-bus.ts => integ.exist-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-existing-queue.expected.json => integ.exist-queue.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-existing-queue.ts => integ.exist-queue.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-new-bus.expected.json => integ.new-bus.expected.json} (99%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-new-bus.ts => integ.new-bus.ts} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-no-arg.expected.json => integ.no-arg.expected.json} (100%) rename source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/{integ.events-rule-no-arg.ts => integ.no-arg.ts} (100%) diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-existing-bus.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.exist-bus.expected.json similarity index 99% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-existing-bus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.exist-bus.expected.json index 9efdd95bf..dd2d0fa67 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-existing-bus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.exist-bus.expected.json @@ -3,7 +3,7 @@ "existingeventbusA5B80487": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "ebexistingbusexistingeventbusFB0366AD" + "Name": "existbusexistingeventbus2F3AAC82" } }, "testconstructEncryptionKey6153B053": { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-existing-bus.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.exist-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-existing-bus.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.exist-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-new-bus.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.new-bus.expected.json similarity index 98% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-new-bus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.new-bus.expected.json index e89375af4..2e03a11c5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-new-bus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.new-bus.expected.json @@ -158,7 +158,7 @@ "testconstructCustomEventBusFBDE2130": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "ebnewbustestconstructCustomEventBusEF296666" + "Name": "newbustestconstructCustomEventBus62B63ED1" } }, "testconstructEventsRule145DBA20": { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-new-bus.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.new-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eb-new-bus.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.new-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eventbridge-no-arg.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.no-arg.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eventbridge-no-arg.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.no-arg.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eventbridge-no-arg.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.no-arg.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.eventbridge-no-arg.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/integ.no-arg.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-eventbus.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-bus.expected.json similarity index 98% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-eventbus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-bus.expected.json index 3843613d4..bebc8e2a5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-eventbus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-bus.expected.json @@ -97,7 +97,7 @@ "existingeventbusA5B80487": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "eventbridgeexistingeventbusexistingeventbus41AE8F43" + "Name": "existbusexistingeventbus2F3AAC82" } }, "constructEventsRule43880ADB": { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-eventbus.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-eventbus.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-queue.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-queue.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-queue.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-queue.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-queue.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-queue.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-existing-queue.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.exist-queue.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-new-eventbus.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.new-bus.expected.json similarity index 99% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-new-eventbus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.new-bus.expected.json index da6b38cb9..b32e17be7 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-new-eventbus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.new-bus.expected.json @@ -241,7 +241,7 @@ "constructCustomEventBusA674C94A": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "eventbridgeneweventbusconstructCustomEventBusB03DAAB5" + "Name": "newbusconstructCustomEventBus7B12A72E" } }, "constructEventsRule43880ADB": { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-new-eventbus.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.new-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-new-eventbus.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.new-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.no-arg.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-no-arguments.expected.json rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.no-arg.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.no-arg.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.eventbridge-no-arguments.ts rename to source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/integ.no-arg.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.existing-bus.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.exist-bus.expected.json similarity index 99% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.existing-bus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.exist-bus.expected.json index 392c61106..288a2e913 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.existing-bus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.exist-bus.expected.json @@ -3,7 +3,7 @@ "eventbus7CF8FDD5": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "existingbuseventbus9E470DE7" + "Name": "existbuseventbus683F9152" } }, "testtestWEncryptionKeyC6B126B6": { diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.existing-bus.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.exist-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.existing-bus.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.exist-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.events-rule-no-arg.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.no-arg.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.events-rule-no-arg.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.no-arg.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.events-rule-no-arg.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.no-arg.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.events-rule-no-arg.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sns/test/integ.no-arg.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-bus.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-bus.expected.json similarity index 98% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-bus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-bus.expected.json index 68273ed4a..87e6d5923 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-bus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-bus.expected.json @@ -97,7 +97,7 @@ "existingeventbusA5B80487": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "eventsruleexistingbusexistingeventbusE1A2652B" + "Name": "existbusexistingeventbus2F3AAC82" } }, "constructconstructWEventsRule8EB974AE": { diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-bus.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-bus.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-queue.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-queue.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-queue.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-queue.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-queue.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-queue.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-existing-queue.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.exist-queue.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-new-bus.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.new-bus.expected.json similarity index 99% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-new-bus.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.new-bus.expected.json index f4bd531e1..3284fc7ad 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-new-bus.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.new-bus.expected.json @@ -241,7 +241,7 @@ "ersqsersqsWCustomEventBus3249194C": { "Type": "AWS::Events::EventBus", "Properties": { - "Name": "eventsrulenewbusersqsersqsWCustomEventBusA92E8C83" + "Name": "newbusersqsersqsWCustomEventBusADE03031" } }, "ersqsersqsWEventsRule017C5D22": { diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-new-bus.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.new-bus.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-new-bus.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.new-bus.ts diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-no-arg.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.no-arg.expected.json similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-no-arg.expected.json rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.no-arg.expected.json diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-no-arg.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.no-arg.ts similarity index 100% rename from source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.events-rule-no-arg.ts rename to source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/test/integ.no-arg.ts