From 4a87d39cafc64bc038d75db71673f22bc75eac04 Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Thu, 2 Jun 2022 10:10:06 +0200 Subject: [PATCH] fix(rds): clusters created from snapshots generate incorrect passwords (#20504) Deprecate `credentials` and explain how it is broken. Replace it with `snapshotCredentials` that offer the expected behavior. Fixes #20434 Closes #20473 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/lib/cluster.ts | 54 +- packages/@aws-cdk/aws-rds/package.json | 1 + .../index.d.ts | 3 + .../index.js | 60 + .../index.ts | 63 + .../cfn-response.js | 83 + .../consts.js | 10 + .../framework.js | 164 + .../outbound.js | 45 + .../util.js | 17 + .../cdk-integ-cluster-snapshot.template.json | 1942 +++++++++++ .../cluster-snapshot.integ.snapshot/cdk.out | 1 + .../integ.json | 14 + .../manifest.json | 462 +++ .../cluster-snapshot.integ.snapshot/tree.json | 2882 +++++++++++++++++ .../@aws-cdk/aws-rds/test/cluster.test.ts | 107 +- .../aws-rds/test/integ.cluster-snapshot.ts | 109 + .../aws-rds/test/snapshot-handler/index.ts | 63 + 18 files changed, 6075 insertions(+), 5 deletions(-) create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.d.ts create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.ts create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/cfn-response.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/consts.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/framework.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/outbound.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/util.js create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk-integ-cluster-snapshot.template.json create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-rds/test/integ.cluster-snapshot.ts create mode 100644 packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts index a5087e7447609..ef0963fe5f6be 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster.ts @@ -9,10 +9,11 @@ import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { IClusterEngine } from './cluster-engine'; import { DatabaseClusterAttributes, IDatabaseCluster } from './cluster-ref'; +import { DatabaseSecret } from './database-secret'; import { Endpoint } from './endpoint'; import { IParameterGroup, ParameterGroup } from './parameter-group'; import { applyDefaultRotationOptions, defaultDeletionProtection, renderCredentials, setupS3ImportExport, helperRemovalPolicy, renderUnless } from './private/util'; -import { BackupProps, Credentials, InstanceProps, PerformanceInsightRetention, RotationSingleUserOptions, RotationMultiUserOptions } from './props'; +import { BackupProps, Credentials, InstanceProps, PerformanceInsightRetention, RotationSingleUserOptions, RotationMultiUserOptions, SnapshotCredentials } from './props'; import { DatabaseProxy, DatabaseProxyOptions, ProxyTarget } from './proxy'; import { CfnDBCluster, CfnDBClusterProps, CfnDBInstance } from './rds.generated'; import { ISubnetGroup, SubnetGroup } from './subnet-group'; @@ -661,9 +662,27 @@ export interface DatabaseClusterFromSnapshotProps extends DatabaseClusterBasePro /** * Credentials for the administrative user * + * Note - using this prop only works with `Credentials.fromPassword()` with the + * username of the snapshot, `Credentials.fromUsername()` with the username and + * password of the snapshot or `Credentials.fromSecret()` with a secret containing + * the username and password of the snapshot. + * * @default - A username of 'admin' (or 'postgres' for PostgreSQL) and SecretsManager-generated password + * that **will not be applied** to the cluster, use `snapshotCredentials` for the correct behavior. + * + * @deprecated use `snapshotCredentials` which allows to generate a new password */ readonly credentials?: Credentials; + + /** + * Master user credentials. + * + * Note - It is not possible to change the master username for a snapshot; + * however, it is possible to provide (or generate) a new password. + * + * @default - The existing username and password from the snapshot will be used. + */ + readonly snapshotCredentials?: SnapshotCredentials; } /** @@ -687,12 +706,34 @@ export class DatabaseClusterFromSnapshot extends DatabaseClusterNew { constructor(scope: Construct, id: string, props: DatabaseClusterFromSnapshotProps) { super(scope, id, props); - const credentials = renderCredentials(this, props.engine, props.credentials); - const secret = credentials.secret; + if (props.credentials && !props.credentials.password && !props.credentials.secret) { + Annotations.of(this).addWarning('Use `snapshotCredentials` to modify password of a cluster created from a snapshot.'); + } + if (!props.credentials && !props.snapshotCredentials) { + Annotations.of(this).addWarning('Generated credentials will not be applied to cluster. Use `snapshotCredentials` instead. `addRotationSingleUser()` and `addRotationMultiUser()` cannot be used on tbis cluster.'); + } + const deprecatedCredentials = renderCredentials(this, props.engine, props.credentials); + + let credentials = props.snapshotCredentials; + let secret = credentials?.secret; + if (!secret && credentials?.generatePassword) { + if (!credentials.username) { + throw new Error('`snapshotCredentials` `username` must be specified when `generatePassword` is set to true'); + } + + secret = new DatabaseSecret(this, 'SnapshotSecret', { + username: credentials.username, + encryptionKey: credentials.encryptionKey, + excludeCharacters: credentials.excludeCharacters, + replaceOnPasswordCriteriaChanges: credentials.replaceOnPasswordCriteriaChanges, + replicaRegions: credentials.replicaRegions, + }); + } const cluster = new CfnDBCluster(this, 'Resource', { ...this.newCfnProps, snapshotIdentifier: props.snapshotIdentifier, + masterUserPassword: secret?.secretValueFromJson('password')?.unsafeUnwrap() ?? credentials?.password?.unsafeUnwrap(), // Safe usage }); this.clusterIdentifier = cluster.ref; @@ -701,6 +742,13 @@ export class DatabaseClusterFromSnapshot extends DatabaseClusterNew { this.secret = secret.attach(this); } + if (deprecatedCredentials.secret) { + const deprecatedSecret = deprecatedCredentials.secret.attach(this); + if (!this.secret) { + this.secret = deprecatedSecret; + } + } + // create a number token that represents the port of the cluster const portAttribute = Token.asNumber(cluster.attrEndpointPort); this.clusterEndpoint = new Endpoint(cluster.attrEndpointAddress, portAttribute); diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index 5b218155eb9b0..5bb662bd7a39e 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -84,6 +84,7 @@ "@aws-cdk/aws-events-targets": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", + "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/cx-api": "0.0.0", diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.d.ts b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.d.ts new file mode 100644 index 0000000000000..a64fd5d9eb2dc --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.d.ts @@ -0,0 +1,3 @@ +import type { IsCompleteRequest, IsCompleteResponse, OnEventRequest, OnEventResponse } from '@aws-cdk/custom-resources/lib/provider-framework/types'; +export declare function onEventHandler(event: OnEventRequest): Promise; +export declare function isCompleteHandler(event: IsCompleteRequest): Promise; diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.js new file mode 100644 index 0000000000000..de753f1849b44 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.js @@ -0,0 +1,60 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.isCompleteHandler = exports.onEventHandler = void 0; +const aws_sdk_1 = require("aws-sdk"); // eslint-disable-line import/no-extraneous-dependencies +async function onEventHandler(event) { + var _a; + console.log('Event: %j', event); + const rds = new aws_sdk_1.RDS(); + const physicalResourceId = `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`; + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + const data = await rds.createDBClusterSnapshot({ + DBClusterIdentifier: event.ResourceProperties.DBClusterIdentifier, + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + return { + PhysicalResourceId: physicalResourceId, + Data: { + DBClusterSnapshotArn: (_a = data.DBClusterSnapshot) === null || _a === void 0 ? void 0 : _a.DBClusterSnapshotArn, + }, + }; + } + if (event.RequestType === 'Delete') { + await rds.deleteDBClusterSnapshot({ + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + } + return { + PhysicalResourceId: `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`, + }; +} +exports.onEventHandler = onEventHandler; +async function isCompleteHandler(event) { + console.log('Event: %j', event); + const snapshotStatus = await tryGetClusterSnapshotStatus(event.ResourceProperties.DBClusterSnapshotIdentifier); + switch (event.RequestType) { + case 'Create': + case 'Update': + return { IsComplete: snapshotStatus === 'available' }; + case 'Delete': + return { IsComplete: snapshotStatus === undefined }; + } +} +exports.isCompleteHandler = isCompleteHandler; +async function tryGetClusterSnapshotStatus(identifier) { + var _a; + try { + const rds = new aws_sdk_1.RDS(); + const data = await rds.describeDBClusterSnapshots({ + DBClusterSnapshotIdentifier: identifier, + }).promise(); + return (_a = data.DBClusterSnapshots) === null || _a === void 0 ? void 0 : _a[0].Status; + } + catch (err) { + if (err.code === 'DBClusterSnapshotNotFoundFault') { + return undefined; + } + throw err; + } +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSxxQ0FBOEIsQ0FBQyx3REFBd0Q7QUFFaEYsS0FBSyxVQUFVLGNBQWMsQ0FBQyxLQUFxQjs7SUFDeEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFFaEMsTUFBTSxHQUFHLEdBQUcsSUFBSSxhQUFHLEVBQUUsQ0FBQztJQUV0QixNQUFNLGtCQUFrQixHQUFHLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLG1CQUFtQixJQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO0lBRTdILElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDcEUsTUFBTSxJQUFJLEdBQUcsTUFBTSxHQUFHLENBQUMsdUJBQXVCLENBQUM7WUFDN0MsbUJBQW1CLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixDQUFDLG1CQUFtQjtZQUNqRSwyQkFBMkIsRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsMkJBQTJCO1NBQ2xGLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNiLE9BQU87WUFDTCxrQkFBa0IsRUFBRSxrQkFBa0I7WUFDdEMsSUFBSSxFQUFFO2dCQUNKLG9CQUFvQixRQUFFLElBQUksQ0FBQyxpQkFBaUIsMENBQUUsb0JBQW9CO2FBQ25FO1NBQ0YsQ0FBQztLQUNIO0lBRUQsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUNsQyxNQUFNLEdBQUcsQ0FBQyx1QkFBdUIsQ0FBQztZQUNoQywyQkFBMkIsRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsMkJBQTJCO1NBQ2xGLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztLQUNkO0lBRUQsT0FBTztRQUNMLGtCQUFrQixFQUFFLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLG1CQUFtQixJQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsRUFBRTtLQUN0SCxDQUFDO0FBQ0osQ0FBQztBQTdCRCx3Q0E2QkM7QUFFTSxLQUFLLFVBQVUsaUJBQWlCLENBQUMsS0FBd0I7SUFDOUQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFFaEMsTUFBTSxjQUFjLEdBQUcsTUFBTSwyQkFBMkIsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQUMsMkJBQTJCLENBQUMsQ0FBQztJQUUvRyxRQUFRLEtBQUssQ0FBQyxXQUFXLEVBQUU7UUFDekIsS0FBSyxRQUFRLENBQUM7UUFDZCxLQUFLLFFBQVE7WUFDWCxPQUFPLEVBQUUsVUFBVSxFQUFFLGNBQWMsS0FBSyxXQUFXLEVBQUUsQ0FBQztRQUN4RCxLQUFLLFFBQVE7WUFDWCxPQUFPLEVBQUUsVUFBVSxFQUFFLGNBQWMsS0FBSyxTQUFTLEVBQUUsQ0FBQztLQUN2RDtBQUNILENBQUM7QUFaRCw4Q0FZQztBQUVELEtBQUssVUFBVSwyQkFBMkIsQ0FBQyxVQUFrQjs7SUFDM0QsSUFBSTtRQUNGLE1BQU0sR0FBRyxHQUFHLElBQUksYUFBRyxFQUFFLENBQUM7UUFDdEIsTUFBTSxJQUFJLEdBQUcsTUFBTSxHQUFHLENBQUMsMEJBQTBCLENBQUM7WUFDaEQsMkJBQTJCLEVBQUUsVUFBVTtTQUN4QyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7UUFDYixhQUFPLElBQUksQ0FBQyxrQkFBa0IsMENBQUcsQ0FBQyxFQUFFLE1BQU0sQ0FBQztLQUM1QztJQUFDLE9BQU8sR0FBRyxFQUFFO1FBQ1osSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLGdDQUFnQyxFQUFFO1lBQ2pELE9BQU8sU0FBUyxDQUFDO1NBQ2xCO1FBQ0QsTUFBTSxHQUFHLENBQUM7S0FDWDtBQUNILENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBuby1jb25zb2xlICovXG5pbXBvcnQgdHlwZSB7IElzQ29tcGxldGVSZXF1ZXN0LCBJc0NvbXBsZXRlUmVzcG9uc2UsIE9uRXZlbnRSZXF1ZXN0LCBPbkV2ZW50UmVzcG9uc2UgfSBmcm9tICdAYXdzLWNkay9jdXN0b20tcmVzb3VyY2VzL2xpYi9wcm92aWRlci1mcmFtZXdvcmsvdHlwZXMnO1xuaW1wb3J0IHsgUkRTIH0gZnJvbSAnYXdzLXNkayc7IC8vIGVzbGludC1kaXNhYmxlLWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzXG5cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBvbkV2ZW50SGFuZGxlcihldmVudDogT25FdmVudFJlcXVlc3QpOiBQcm9taXNlPE9uRXZlbnRSZXNwb25zZT4ge1xuICBjb25zb2xlLmxvZygnRXZlbnQ6ICVqJywgZXZlbnQpO1xuXG4gIGNvbnN0IHJkcyA9IG5ldyBSRFMoKTtcblxuICBjb25zdCBwaHlzaWNhbFJlc291cmNlSWQgPSBgJHtldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuREJDbHVzdGVySWRlbnRpZmllcn0tJHtldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuREJDbHVzdGVySWRlbnRpZmllcn1gO1xuXG4gIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0NyZWF0ZScgfHwgZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdVcGRhdGUnKSB7XG4gICAgY29uc3QgZGF0YSA9IGF3YWl0IHJkcy5jcmVhdGVEQkNsdXN0ZXJTbmFwc2hvdCh7XG4gICAgICBEQkNsdXN0ZXJJZGVudGlmaWVyOiBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuREJDbHVzdGVySWRlbnRpZmllcixcbiAgICAgIERCQ2x1c3RlclNuYXBzaG90SWRlbnRpZmllcjogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkRCQ2x1c3RlclNuYXBzaG90SWRlbnRpZmllcixcbiAgICB9KS5wcm9taXNlKCk7XG4gICAgcmV0dXJuIHtcbiAgICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICAgICAgRGF0YToge1xuICAgICAgICBEQkNsdXN0ZXJTbmFwc2hvdEFybjogZGF0YS5EQkNsdXN0ZXJTbmFwc2hvdD8uREJDbHVzdGVyU25hcHNob3RBcm4sXG4gICAgICB9LFxuICAgIH07XG4gIH1cblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgcmRzLmRlbGV0ZURCQ2x1c3RlclNuYXBzaG90KHtcbiAgICAgIERCQ2x1c3RlclNuYXBzaG90SWRlbnRpZmllcjogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkRCQ2x1c3RlclNuYXBzaG90SWRlbnRpZmllcixcbiAgICB9KS5wcm9taXNlKCk7XG4gIH1cblxuICByZXR1cm4ge1xuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogYCR7ZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkRCQ2x1c3RlcklkZW50aWZpZXJ9LSR7ZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkRCQ2x1c3RlcklkZW50aWZpZXJ9YCxcbiAgfTtcbn1cblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGlzQ29tcGxldGVIYW5kbGVyKGV2ZW50OiBJc0NvbXBsZXRlUmVxdWVzdCk6IFByb21pc2U8SXNDb21wbGV0ZVJlc3BvbnNlPiB7XG4gIGNvbnNvbGUubG9nKCdFdmVudDogJWonLCBldmVudCk7XG5cbiAgY29uc3Qgc25hcHNob3RTdGF0dXMgPSBhd2FpdCB0cnlHZXRDbHVzdGVyU25hcHNob3RTdGF0dXMoZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkRCQ2x1c3RlclNuYXBzaG90SWRlbnRpZmllcik7XG5cbiAgc3dpdGNoIChldmVudC5SZXF1ZXN0VHlwZSkge1xuICAgIGNhc2UgJ0NyZWF0ZSc6XG4gICAgY2FzZSAnVXBkYXRlJzpcbiAgICAgIHJldHVybiB7IElzQ29tcGxldGU6IHNuYXBzaG90U3RhdHVzID09PSAnYXZhaWxhYmxlJyB9O1xuICAgIGNhc2UgJ0RlbGV0ZSc6XG4gICAgICByZXR1cm4geyBJc0NvbXBsZXRlOiBzbmFwc2hvdFN0YXR1cyA9PT0gdW5kZWZpbmVkIH07XG4gIH1cbn1cblxuYXN5bmMgZnVuY3Rpb24gdHJ5R2V0Q2x1c3RlclNuYXBzaG90U3RhdHVzKGlkZW50aWZpZXI6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nIHwgdW5kZWZpbmVkPiB7XG4gIHRyeSB7XG4gICAgY29uc3QgcmRzID0gbmV3IFJEUygpO1xuICAgIGNvbnN0IGRhdGEgPSBhd2FpdCByZHMuZGVzY3JpYmVEQkNsdXN0ZXJTbmFwc2hvdHMoe1xuICAgICAgREJDbHVzdGVyU25hcHNob3RJZGVudGlmaWVyOiBpZGVudGlmaWVyLFxuICAgIH0pLnByb21pc2UoKTtcbiAgICByZXR1cm4gZGF0YS5EQkNsdXN0ZXJTbmFwc2hvdHM/LlswXS5TdGF0dXM7XG4gIH0gY2F0Y2ggKGVycikge1xuICAgIGlmIChlcnIuY29kZSA9PT0gJ0RCQ2x1c3RlclNuYXBzaG90Tm90Rm91bmRGYXVsdCcpIHtcbiAgICAgIHJldHVybiB1bmRlZmluZWQ7XG4gICAgfVxuICAgIHRocm93IGVycjtcbiAgfVxufVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.ts b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.ts new file mode 100644 index 0000000000000..6d5a3c23336cd --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/index.ts @@ -0,0 +1,63 @@ +/* eslint-disable no-console */ +import type { IsCompleteRequest, IsCompleteResponse, OnEventRequest, OnEventResponse } from '@aws-cdk/custom-resources/lib/provider-framework/types'; +import { RDS } from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies + +export async function onEventHandler(event: OnEventRequest): Promise { + console.log('Event: %j', event); + + const rds = new RDS(); + + const physicalResourceId = `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`; + + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + const data = await rds.createDBClusterSnapshot({ + DBClusterIdentifier: event.ResourceProperties.DBClusterIdentifier, + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + return { + PhysicalResourceId: physicalResourceId, + Data: { + DBClusterSnapshotArn: data.DBClusterSnapshot?.DBClusterSnapshotArn, + }, + }; + } + + if (event.RequestType === 'Delete') { + await rds.deleteDBClusterSnapshot({ + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + } + + return { + PhysicalResourceId: `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`, + }; +} + +export async function isCompleteHandler(event: IsCompleteRequest): Promise { + console.log('Event: %j', event); + + const snapshotStatus = await tryGetClusterSnapshotStatus(event.ResourceProperties.DBClusterSnapshotIdentifier); + + switch (event.RequestType) { + case 'Create': + case 'Update': + return { IsComplete: snapshotStatus === 'available' }; + case 'Delete': + return { IsComplete: snapshotStatus === undefined }; + } +} + +async function tryGetClusterSnapshotStatus(identifier: string): Promise { + try { + const rds = new RDS(); + const data = await rds.describeDBClusterSnapshots({ + DBClusterSnapshotIdentifier: identifier, + }).promise(); + return data.DBClusterSnapshots?.[0].Status; + } catch (err) { + if (err.code === 'DBClusterSnapshotNotFoundFault') { + return undefined; + } + throw err; + } +} diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/cfn-response.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/cfn-response.js new file mode 100644 index 0000000000000..63bdaab149314 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/cfn-response.js @@ -0,0 +1,83 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.Retry = exports.safeHandler = exports.includeStackTraces = exports.submitResponse = exports.MISSING_PHYSICAL_ID_MARKER = exports.CREATE_FAILED_PHYSICAL_ID_MARKER = void 0; +/* eslint-disable max-len */ +/* eslint-disable no-console */ +const url = require("url"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +exports.CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; +exports.MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; +async function submitResponse(status, event, options = {}) { + const json = { + Status: status, + Reason: options.reason || status, + StackId: event.StackId, + RequestId: event.RequestId, + PhysicalResourceId: event.PhysicalResourceId || exports.MISSING_PHYSICAL_ID_MARKER, + LogicalResourceId: event.LogicalResourceId, + NoEcho: options.noEcho, + Data: event.Data, + }; + util_1.log('submit response to cloudformation', json); + const responseBody = JSON.stringify(json); + const parsedUrl = url.parse(event.ResponseURL); + await outbound_1.httpRequest({ + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { + 'content-type': '', + 'content-length': responseBody.length, + }, + }, responseBody); +} +exports.submitResponse = submitResponse; +exports.includeStackTraces = true; // for unit tests +function safeHandler(block) { + return async (event) => { + // ignore DELETE event when the physical resource ID is the marker that + // indicates that this DELETE is a subsequent DELETE to a failed CREATE + // operation. + if (event.RequestType === 'Delete' && event.PhysicalResourceId === exports.CREATE_FAILED_PHYSICAL_ID_MARKER) { + util_1.log('ignoring DELETE event caused by a failed CREATE event'); + await submitResponse('SUCCESS', event); + return; + } + try { + await block(event); + } + catch (e) { + // tell waiter state machine to retry + if (e instanceof Retry) { + util_1.log('retry requested by handler'); + throw e; + } + if (!event.PhysicalResourceId) { + // special case: if CREATE fails, which usually implies, we usually don't + // have a physical resource id. in this case, the subsequent DELETE + // operation does not have any meaning, and will likely fail as well. to + // address this, we use a marker so the provider framework can simply + // ignore the subsequent DELETE. + if (event.RequestType === 'Create') { + util_1.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); + event.PhysicalResourceId = exports.CREATE_FAILED_PHYSICAL_ID_MARKER; + } + else { + // otherwise, if PhysicalResourceId is not specified, something is + // terribly wrong because all other events should have an ID. + util_1.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); + } + } + // this is an actual error, fail the activity altogether and exist. + await submitResponse('FAILED', event, { + reason: exports.includeStackTraces ? e.stack : e.message, + }); + } + }; +} +exports.safeHandler = safeHandler; +class Retry extends Error { +} +exports.Retry = Retry; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2ZuLXJlc3BvbnNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY2ZuLXJlc3BvbnNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDRCQUE0QjtBQUM1QiwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBQzNCLHlDQUF5QztBQUN6QyxpQ0FBNkI7QUFFaEIsUUFBQSxnQ0FBZ0MsR0FBRyx3REFBd0QsQ0FBQztBQUM1RixRQUFBLDBCQUEwQixHQUFHLDhEQUE4RCxDQUFDO0FBZ0JsRyxLQUFLLFVBQVUsY0FBYyxDQUFDLE1BQTRCLEVBQUUsS0FBaUMsRUFBRSxVQUF5QyxFQUFHO0lBQ2hKLE1BQU0sSUFBSSxHQUFtRDtRQUMzRCxNQUFNLEVBQUUsTUFBTTtRQUNkLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxJQUFJLE1BQU07UUFDaEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1FBQ3RCLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztRQUMxQixrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLElBQUksa0NBQTBCO1FBQzFFLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7UUFDMUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxNQUFNO1FBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtLQUNqQixDQUFDO0lBRUYsVUFBRyxDQUFDLG1DQUFtQyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBRS9DLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0MsTUFBTSxzQkFBVyxDQUFDO1FBQ2hCLFFBQVEsRUFBRSxTQUFTLENBQUMsUUFBUTtRQUM1QixJQUFJLEVBQUUsU0FBUyxDQUFDLElBQUk7UUFDcEIsTUFBTSxFQUFFLEtBQUs7UUFDYixPQUFPLEVBQUU7WUFDUCxjQUFjLEVBQUUsRUFBRTtZQUNsQixnQkFBZ0IsRUFBRSxZQUFZLENBQUMsTUFBTTtTQUN0QztLQUNGLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDbkIsQ0FBQztBQTFCRCx3Q0EwQkM7QUFFVSxRQUFBLGtCQUFrQixHQUFHLElBQUksQ0FBQyxDQUFDLGlCQUFpQjtBQUV2RCxTQUFnQixXQUFXLENBQUMsS0FBb0M7SUFDOUQsT0FBTyxLQUFLLEVBQUUsS0FBVSxFQUFFLEVBQUU7UUFFMUIsdUVBQXVFO1FBQ3ZFLHVFQUF1RTtRQUN2RSxhQUFhO1FBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssd0NBQWdDLEVBQUU7WUFDbkcsVUFBRyxDQUFDLHVEQUF1RCxDQUFDLENBQUM7WUFDN0QsTUFBTSxjQUFjLENBQUMsU0FBUyxFQUFFLEtBQUssQ0FBQyxDQUFDO1lBQ3ZDLE9BQU87U0FDUjtRQUVELElBQUk7WUFDRixNQUFNLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztTQUNwQjtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YscUNBQXFDO1lBQ3JDLElBQUksQ0FBQyxZQUFZLEtBQUssRUFBRTtnQkFDdEIsVUFBRyxDQUFDLDRCQUE0QixDQUFDLENBQUM7Z0JBQ2xDLE1BQU0sQ0FBQyxDQUFDO2FBQ1Q7WUFFRCxJQUFJLENBQUMsS0FBSyxDQUFDLGtCQUFrQixFQUFFO2dCQUM3Qix5RUFBeUU7Z0JBQ3pFLG1FQUFtRTtnQkFDbkUsd0VBQXdFO2dCQUN4RSxxRUFBcUU7Z0JBQ3JFLGdDQUFnQztnQkFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtvQkFDbEMsVUFBRyxDQUFDLDRHQUE0RyxDQUFDLENBQUM7b0JBQ2xILEtBQUssQ0FBQyxrQkFBa0IsR0FBRyx3Q0FBZ0MsQ0FBQztpQkFDN0Q7cUJBQU07b0JBQ0wsa0VBQWtFO29CQUNsRSw2REFBNkQ7b0JBQzdELFVBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7aUJBQzNGO2FBQ0Y7WUFFRCxtRUFBbUU7WUFDbkUsTUFBTSxjQUFjLENBQUMsUUFBUSxFQUFFLEtBQUssRUFBRTtnQkFDcEMsTUFBTSxFQUFFLDBCQUFrQixDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTzthQUNqRCxDQUFDLENBQUM7U0FDSjtJQUNILENBQUMsQ0FBQztBQUNKLENBQUM7QUEzQ0Qsa0NBMkNDO0FBRUQsTUFBYSxLQUFNLFNBQVEsS0FBSztDQUFJO0FBQXBDLHNCQUFvQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG1heC1sZW4gKi9cbi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuaW1wb3J0IHsgaHR0cFJlcXVlc3QgfSBmcm9tICcuL291dGJvdW5kJztcbmltcG9ydCB7IGxvZyB9IGZyb20gJy4vdXRpbCc7XG5cbmV4cG9ydCBjb25zdCBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6OkNSRUFURV9GQUlMRUQnO1xuZXhwb3J0IGNvbnN0IE1JU1NJTkdfUEhZU0lDQUxfSURfTUFSS0VSID0gJ0FXU0NESzo6Q3VzdG9tUmVzb3VyY2VQcm92aWRlckZyYW1ld29yazo6TUlTU0lOR19QSFlTSUNBTF9JRCc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2xvdWRGb3JtYXRpb25SZXNwb25zZU9wdGlvbnMge1xuICByZWFkb25seSByZWFzb24/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IG5vRWNobz86IGJvb2xlYW47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2xvdWRGb3JtYXRpb25FdmVudENvbnRleHQge1xuICBTdGFja0lkOiBzdHJpbmc7XG4gIFJlcXVlc3RJZDogc3RyaW5nO1xuICBQaHlzaWNhbFJlc291cmNlSWQ/OiBzdHJpbmc7XG4gIExvZ2ljYWxSZXNvdXJjZUlkOiBzdHJpbmc7XG4gIFJlc3BvbnNlVVJMOiBzdHJpbmc7XG4gIERhdGE/OiBhbnlcbn1cblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIHN1Ym1pdFJlc3BvbnNlKHN0YXR1czogJ1NVQ0NFU1MnIHwgJ0ZBSUxFRCcsIGV2ZW50OiBDbG91ZEZvcm1hdGlvbkV2ZW50Q29udGV4dCwgb3B0aW9uczogQ2xvdWRGb3JtYXRpb25SZXNwb25zZU9wdGlvbnMgPSB7IH0pIHtcbiAgY29uc3QganNvbjogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VSZXNwb25zZSA9IHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IG9wdGlvbnMucmVhc29uIHx8IHN0YXR1cyxcbiAgICBTdGFja0lkOiBldmVudC5TdGFja0lkLFxuICAgIFJlcXVlc3RJZDogZXZlbnQuUmVxdWVzdElkLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkIHx8IE1JU1NJTkdfUEhZU0lDQUxfSURfTUFSS0VSLFxuICAgIExvZ2ljYWxSZXNvdXJjZUlkOiBldmVudC5Mb2dpY2FsUmVzb3VyY2VJZCxcbiAgICBOb0VjaG86IG9wdGlvbnMubm9FY2hvLFxuICAgIERhdGE6IGV2ZW50LkRhdGEsXG4gIH07XG5cbiAgbG9nKCdzdWJtaXQgcmVzcG9uc2UgdG8gY2xvdWRmb3JtYXRpb24nLCBqc29uKTtcblxuICBjb25zdCByZXNwb25zZUJvZHkgPSBKU09OLnN0cmluZ2lmeShqc29uKTtcblxuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBhd2FpdCBodHRwUmVxdWVzdCh7XG4gICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICBtZXRob2Q6ICdQVVQnLFxuICAgIGhlYWRlcnM6IHtcbiAgICAgICdjb250ZW50LXR5cGUnOiAnJyxcbiAgICAgICdjb250ZW50LWxlbmd0aCc6IHJlc3BvbnNlQm9keS5sZW5ndGgsXG4gICAgfSxcbiAgfSwgcmVzcG9uc2VCb2R5KTtcbn1cblxuZXhwb3J0IGxldCBpbmNsdWRlU3RhY2tUcmFjZXMgPSB0cnVlOyAvLyBmb3IgdW5pdCB0ZXN0c1xuXG5leHBvcnQgZnVuY3Rpb24gc2FmZUhhbmRsZXIoYmxvY2s6IChldmVudDogYW55KSA9PiBQcm9taXNlPHZvaWQ+KSB7XG4gIHJldHVybiBhc3luYyAoZXZlbnQ6IGFueSkgPT4ge1xuXG4gICAgLy8gaWdub3JlIERFTEVURSBldmVudCB3aGVuIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBpcyB0aGUgbWFya2VyIHRoYXRcbiAgICAvLyBpbmRpY2F0ZXMgdGhhdCB0aGlzIERFTEVURSBpcyBhIHN1YnNlcXVlbnQgREVMRVRFIHRvIGEgZmFpbGVkIENSRUFURVxuICAgIC8vIG9wZXJhdGlvbi5cbiAgICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9PT0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIpIHtcbiAgICAgIGxvZygnaWdub3JpbmcgREVMRVRFIGV2ZW50IGNhdXNlZCBieSBhIGZhaWxlZCBDUkVBVEUgZXZlbnQnKTtcbiAgICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgZXZlbnQpO1xuICAgICAgcmV0dXJuO1xuICAgIH1cblxuICAgIHRyeSB7XG4gICAgICBhd2FpdCBibG9jayhldmVudCk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgLy8gdGVsbCB3YWl0ZXIgc3RhdGUgbWFjaGluZSB0byByZXRyeVxuICAgICAgaWYgKGUgaW5zdGFuY2VvZiBSZXRyeSkge1xuICAgICAgICBsb2coJ3JldHJ5IHJlcXVlc3RlZCBieSBoYW5kbGVyJyk7XG4gICAgICAgIHRocm93IGU7XG4gICAgICB9XG5cbiAgICAgIGlmICghZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgICAgIC8vIHNwZWNpYWwgY2FzZTogaWYgQ1JFQVRFIGZhaWxzLCB3aGljaCB1c3VhbGx5IGltcGxpZXMsIHdlIHVzdWFsbHkgZG9uJ3RcbiAgICAgICAgLy8gaGF2ZSBhIHBoeXNpY2FsIHJlc291cmNlIGlkLiBpbiB0aGlzIGNhc2UsIHRoZSBzdWJzZXF1ZW50IERFTEVURVxuICAgICAgICAvLyBvcGVyYXRpb24gZG9lcyBub3QgaGF2ZSBhbnkgbWVhbmluZywgYW5kIHdpbGwgbGlrZWx5IGZhaWwgYXMgd2VsbC4gdG9cbiAgICAgICAgLy8gYWRkcmVzcyB0aGlzLCB3ZSB1c2UgYSBtYXJrZXIgc28gdGhlIHByb3ZpZGVyIGZyYW1ld29yayBjYW4gc2ltcGx5XG4gICAgICAgIC8vIGlnbm9yZSB0aGUgc3Vic2VxdWVudCBERUxFVEUuXG4gICAgICAgIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0NyZWF0ZScpIHtcbiAgICAgICAgICBsb2coJ0NSRUFURSBmYWlsZWQsIHJlc3BvbmRpbmcgd2l0aCBhIG1hcmtlciBwaHlzaWNhbCByZXNvdXJjZSBpZCBzbyB0aGF0IHRoZSBzdWJzZXF1ZW50IERFTEVURSB3aWxsIGJlIGlnbm9yZWQnKTtcbiAgICAgICAgICBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgPSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUjtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAvLyBvdGhlcndpc2UsIGlmIFBoeXNpY2FsUmVzb3VyY2VJZCBpcyBub3Qgc3BlY2lmaWVkLCBzb21ldGhpbmcgaXNcbiAgICAgICAgICAvLyB0ZXJyaWJseSB3cm9uZyBiZWNhdXNlIGFsbCBvdGhlciBldmVudHMgc2hvdWxkIGhhdmUgYW4gSUQuXG4gICAgICAgICAgbG9nKGBFUlJPUjogTWFsZm9ybWVkIGV2ZW50LiBcIlBoeXNpY2FsUmVzb3VyY2VJZFwiIGlzIHJlcXVpcmVkOiAke0pTT04uc3RyaW5naWZ5KGV2ZW50KX1gKTtcbiAgICAgICAgfVxuICAgICAgfVxuXG4gICAgICAvLyB0aGlzIGlzIGFuIGFjdHVhbCBlcnJvciwgZmFpbCB0aGUgYWN0aXZpdHkgYWx0b2dldGhlciBhbmQgZXhpc3QuXG4gICAgICBhd2FpdCBzdWJtaXRSZXNwb25zZSgnRkFJTEVEJywgZXZlbnQsIHtcbiAgICAgICAgcmVhc29uOiBpbmNsdWRlU3RhY2tUcmFjZXMgPyBlLnN0YWNrIDogZS5tZXNzYWdlLFxuICAgICAgfSk7XG4gICAgfVxuICB9O1xufVxuXG5leHBvcnQgY2xhc3MgUmV0cnkgZXh0ZW5kcyBFcnJvciB7IH1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/consts.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/consts.js new file mode 100644 index 0000000000000..31faa077ae313 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/consts.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = exports.WAITER_STATE_MACHINE_ARN_ENV = exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = exports.USER_ON_EVENT_FUNCTION_ARN_ENV = void 0; +exports.USER_ON_EVENT_FUNCTION_ARN_ENV = 'USER_ON_EVENT_FUNCTION_ARN'; +exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = 'USER_IS_COMPLETE_FUNCTION_ARN'; +exports.WAITER_STATE_MACHINE_ARN_ENV = 'WAITER_STATE_MACHINE_ARN'; +exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = 'onEvent'; +exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = 'isComplete'; +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = 'onTimeout'; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY29uc3RzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFhLFFBQUEsOEJBQThCLEdBQUcsNEJBQTRCLENBQUM7QUFDOUQsUUFBQSxpQ0FBaUMsR0FBRywrQkFBK0IsQ0FBQztBQUNwRSxRQUFBLDRCQUE0QixHQUFHLDBCQUEwQixDQUFDO0FBRTFELFFBQUEsK0JBQStCLEdBQUcsU0FBUyxDQUFDO0FBQzVDLFFBQUEsa0NBQWtDLEdBQUcsWUFBWSxDQUFDO0FBQ2xELFFBQUEsaUNBQWlDLEdBQUcsV0FBVyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGNvbnN0IFVTRVJfT05fRVZFTlRfRlVOQ1RJT05fQVJOX0VOViA9ICdVU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTic7XG5leHBvcnQgY29uc3QgVVNFUl9JU19DT01QTEVURV9GVU5DVElPTl9BUk5fRU5WID0gJ1VTRVJfSVNfQ09NUExFVEVfRlVOQ1RJT05fQVJOJztcbmV4cG9ydCBjb25zdCBXQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WID0gJ1dBSVRFUl9TVEFURV9NQUNISU5FX0FSTic7XG5cbmV4cG9ydCBjb25zdCBGUkFNRVdPUktfT05fRVZFTlRfSEFORExFUl9OQU1FID0gJ29uRXZlbnQnO1xuZXhwb3J0IGNvbnN0IEZSQU1FV09SS19JU19DT01QTEVURV9IQU5ETEVSX05BTUUgPSAnaXNDb21wbGV0ZSc7XG5leHBvcnQgY29uc3QgRlJBTUVXT1JLX09OX1RJTUVPVVRfSEFORExFUl9OQU1FID0gJ29uVGltZW91dCc7XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/framework.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/framework.js new file mode 100644 index 0000000000000..3f09fbdde6480 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/framework.js @@ -0,0 +1,164 @@ +"use strict"; +const cfnResponse = require("./cfn-response"); +const consts = require("./consts"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +/** + * The main runtime entrypoint of the async custom resource lambda function. + * + * Any lifecycle event changes to the custom resources will invoke this handler, which will, in turn, + * interact with the user-defined `onEvent` and `isComplete` handlers. + * + * This function will always succeed. If an error occurs + * + * @param cfnRequest The cloudformation custom resource event. + */ +async function onEvent(cfnRequest) { + util_1.log('onEventHandler', cfnRequest); + cfnRequest.ResourceProperties = cfnRequest.ResourceProperties || {}; + const onEventResult = await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV, cfnRequest); + util_1.log('onEvent returned:', onEventResult); + // merge the request and the result from onEvent to form the complete resource event + // this also performs validation. + const resourceEvent = createResponseEvent(cfnRequest, onEventResult); + util_1.log('event:', onEventResult); + // determine if this is an async provider based on whether we have an isComplete handler defined. + // if it is not defined, then we are basically ready to return a positive response. + if (!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV]) { + return cfnResponse.submitResponse('SUCCESS', resourceEvent, { noEcho: resourceEvent.NoEcho }); + } + // ok, we are not complete, so kick off the waiter workflow + const waiter = { + stateMachineArn: util_1.getEnv(consts.WAITER_STATE_MACHINE_ARN_ENV), + name: resourceEvent.RequestId, + input: JSON.stringify(resourceEvent), + }; + util_1.log('starting waiter', waiter); + // kick off waiter state machine + await outbound_1.startExecution(waiter); +} +// invoked a few times until `complete` is true or until it times out. +async function isComplete(event) { + util_1.log('isComplete', event); + const isCompleteResult = await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV, event); + util_1.log('user isComplete returned:', isCompleteResult); + // if we are not complete, return false, and don't send a response back. + if (!isCompleteResult.IsComplete) { + if (isCompleteResult.Data && Object.keys(isCompleteResult.Data).length > 0) { + throw new Error('"Data" is not allowed if "IsComplete" is "False"'); + } + throw new cfnResponse.Retry(JSON.stringify(event)); + } + const response = { + ...event, + ...isCompleteResult, + Data: { + ...event.Data, + ...isCompleteResult.Data, + }, + }; + await cfnResponse.submitResponse('SUCCESS', response, { noEcho: event.NoEcho }); +} +// invoked when completion retries are exhaused. +async function onTimeout(timeoutEvent) { + util_1.log('timeoutHandler', timeoutEvent); + const isCompleteRequest = JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage); + await cfnResponse.submitResponse('FAILED', isCompleteRequest, { + reason: 'Operation timed out', + }); +} +async function invokeUserFunction(functionArnEnv, payload) { + const functionArn = util_1.getEnv(functionArnEnv); + util_1.log(`executing user function ${functionArn} with payload`, payload); + // transient errors such as timeouts, throttling errors (429), and other + // errors that aren't caused by a bad request (500 series) are retried + // automatically by the JavaScript SDK. + const resp = await outbound_1.invokeFunction({ + FunctionName: functionArn, + Payload: JSON.stringify(payload), + }); + util_1.log('user function response:', resp, typeof (resp)); + const jsonPayload = parseJsonPayload(resp.Payload); + if (resp.FunctionError) { + util_1.log('user function threw an error:', resp.FunctionError); + const errorMessage = jsonPayload.errorMessage || 'error'; + // parse function name from arn + // arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName} + const arn = functionArn.split(':'); + const functionName = arn[arn.length - 1]; + // append a reference to the log group. + const message = [ + errorMessage, + '', + `Logs: /aws/lambda/${functionName}`, + '', + ].join('\n'); + const e = new Error(message); + // the output that goes to CFN is what's in `stack`, not the error message. + // if we have a remote trace, construct a nice message with log group information + if (jsonPayload.trace) { + // skip first trace line because it's the message + e.stack = [message, ...jsonPayload.trace.slice(1)].join('\n'); + } + throw e; + } + return jsonPayload; +} +function parseJsonPayload(payload) { + if (!payload) { + return {}; + } + const text = payload.toString(); + try { + return JSON.parse(text); + } + catch (e) { + throw new Error(`return values from user-handlers must be JSON objects. got: "${text}"`); + } +} +function createResponseEvent(cfnRequest, onEventResult) { + // + // validate that onEventResult always includes a PhysicalResourceId + onEventResult = onEventResult || {}; + // if physical ID is not returned, we have some defaults for you based + // on the request type. + const physicalResourceId = onEventResult.PhysicalResourceId || defaultPhysicalResourceId(cfnRequest); + // if we are in DELETE and physical ID was changed, it's an error. + if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`); + } + // if we are in UPDATE and physical ID was changed, it's a replacement (just log) + if (cfnRequest.RequestType === 'Update' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + util_1.log(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`); + } + // merge request event and result event (result prevails). + return { + ...cfnRequest, + ...onEventResult, + PhysicalResourceId: physicalResourceId, + }; +} +/** + * Calculates the default physical resource ID based in case user handler did + * not return a PhysicalResourceId. + * + * For "CREATE", it uses the RequestId. + * For "UPDATE" and "DELETE" and returns the current PhysicalResourceId (the one provided in `event`). + */ +function defaultPhysicalResourceId(req) { + switch (req.RequestType) { + case 'Create': + return req.RequestId; + case 'Update': + case 'Delete': + return req.PhysicalResourceId; + default: + throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`); + } +} +module.exports = { + [consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]: cfnResponse.safeHandler(onEvent), + [consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]: cfnResponse.safeHandler(isComplete), + [consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]: onTimeout, +}; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnJhbWV3b3JrLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZnJhbWV3b3JrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFHQSw4Q0FBOEM7QUFDOUMsbUNBQW1DO0FBQ25DLHlDQUE0RDtBQUM1RCxpQ0FBcUM7QUFTckM7Ozs7Ozs7OztHQVNHO0FBQ0gsS0FBSyxVQUFVLE9BQU8sQ0FBQyxVQUF1RDtJQUM1RSxVQUFHLENBQUMsZ0JBQWdCLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFFbEMsVUFBVSxDQUFDLGtCQUFrQixHQUFHLFVBQVUsQ0FBQyxrQkFBa0IsSUFBSSxFQUFHLENBQUM7SUFFckUsTUFBTSxhQUFhLEdBQUcsTUFBTSxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsOEJBQThCLEVBQUUsVUFBVSxDQUFvQixDQUFDO0lBQ3JILFVBQUcsQ0FBQyxtQkFBbUIsRUFBRSxhQUFhLENBQUMsQ0FBQztJQUV4QyxvRkFBb0Y7SUFDcEYsaUNBQWlDO0lBQ2pDLE1BQU0sYUFBYSxHQUFHLG1CQUFtQixDQUFDLFVBQVUsRUFBRSxhQUFhLENBQUMsQ0FBQztJQUNyRSxVQUFHLENBQUMsUUFBUSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBRTdCLGlHQUFpRztJQUNqRyxtRkFBbUY7SUFDbkYsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLGlDQUFpQyxDQUFDLEVBQUU7UUFDMUQsT0FBTyxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLEVBQUUsRUFBRSxNQUFNLEVBQUUsYUFBYSxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7S0FDL0Y7SUFFRCwyREFBMkQ7SUFDM0QsTUFBTSxNQUFNLEdBQUc7UUFDYixlQUFlLEVBQUUsYUFBTSxDQUFDLE1BQU0sQ0FBQyw0QkFBNEIsQ0FBQztRQUM1RCxJQUFJLEVBQUUsYUFBYSxDQUFDLFNBQVM7UUFDN0IsS0FBSyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDO0tBQ3JDLENBQUM7SUFFRixVQUFHLENBQUMsaUJBQWlCLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFFL0IsZ0NBQWdDO0lBQ2hDLE1BQU0seUJBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztBQUMvQixDQUFDO0FBRUQsc0VBQXNFO0FBQ3RFLEtBQUssVUFBVSxVQUFVLENBQUMsS0FBa0Q7SUFDMUUsVUFBRyxDQUFDLFlBQVksRUFBRSxLQUFLLENBQUMsQ0FBQztJQUV6QixNQUFNLGdCQUFnQixHQUFHLE1BQU0sa0JBQWtCLENBQUMsTUFBTSxDQUFDLGlDQUFpQyxFQUFFLEtBQUssQ0FBdUIsQ0FBQztJQUN6SCxVQUFHLENBQUMsMkJBQTJCLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUVuRCx3RUFBd0U7SUFDeEUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFVBQVUsRUFBRTtRQUNoQyxJQUFJLGdCQUFnQixDQUFDLElBQUksSUFBSSxNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUU7WUFDMUUsTUFBTSxJQUFJLEtBQUssQ0FBQyxrREFBa0QsQ0FBQyxDQUFDO1NBQ3JFO1FBRUQsTUFBTSxJQUFJLFdBQVcsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO0tBQ3BEO0lBRUQsTUFBTSxRQUFRLEdBQUc7UUFDZixHQUFHLEtBQUs7UUFDUixHQUFHLGdCQUFnQjtRQUNuQixJQUFJLEVBQUU7WUFDSixHQUFHLEtBQUssQ0FBQyxJQUFJO1lBQ2IsR0FBRyxnQkFBZ0IsQ0FBQyxJQUFJO1NBQ3pCO0tBQ0YsQ0FBQztJQUVGLE1BQU0sV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLEVBQUUsUUFBUSxFQUFFLEVBQUUsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO0FBQ2xGLENBQUM7QUFFRCxnREFBZ0Q7QUFDaEQsS0FBSyxVQUFVLFNBQVMsQ0FBQyxZQUFpQjtJQUN4QyxVQUFHLENBQUMsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLENBQUM7SUFFcEMsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxDQUFDLFlBQVksQ0FBZ0QsQ0FBQztJQUNqSSxNQUFNLFdBQVcsQ0FBQyxjQUFjLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFO1FBQzVELE1BQU0sRUFBRSxxQkFBcUI7S0FDOUIsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELEtBQUssVUFBVSxrQkFBa0IsQ0FBQyxjQUFzQixFQUFFLE9BQVk7SUFDcEUsTUFBTSxXQUFXLEdBQUcsYUFBTSxDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQzNDLFVBQUcsQ0FBQywyQkFBMkIsV0FBVyxlQUFlLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFFcEUsd0VBQXdFO0lBQ3hFLHNFQUFzRTtJQUN0RSx1Q0FBdUM7SUFDdkMsTUFBTSxJQUFJLEdBQUcsTUFBTSx5QkFBYyxDQUFDO1FBQ2hDLFlBQVksRUFBRSxXQUFXO1FBQ3pCLE9BQU8sRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQztLQUNqQyxDQUFDLENBQUM7SUFFSCxVQUFHLENBQUMseUJBQXlCLEVBQUUsSUFBSSxFQUFFLE9BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBRW5ELE1BQU0sV0FBVyxHQUFHLGdCQUFnQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNuRCxJQUFJLElBQUksQ0FBQyxhQUFhLEVBQUU7UUFDdEIsVUFBRyxDQUFDLCtCQUErQixFQUFFLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUV6RCxNQUFNLFlBQVksR0FBRyxXQUFXLENBQUMsWUFBWSxJQUFJLE9BQU8sQ0FBQztRQUV6RCwrQkFBK0I7UUFDL0Isd0VBQXdFO1FBQ3hFLE1BQU0sR0FBRyxHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDbkMsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEdBQUcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFFekMsdUNBQXVDO1FBQ3ZDLE1BQU0sT0FBTyxHQUFHO1lBQ2QsWUFBWTtZQUNaLEVBQUU7WUFDRixxQkFBcUIsWUFBWSxFQUFFO1lBQ25DLEVBQUU7U0FDSCxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUViLE1BQU0sQ0FBQyxHQUFHLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRTdCLDJFQUEyRTtRQUMzRSxpRkFBaUY7UUFDakYsSUFBSSxXQUFXLENBQUMsS0FBSyxFQUFFO1lBQ3JCLGlEQUFpRDtZQUNqRCxDQUFDLENBQUMsS0FBSyxHQUFHLENBQUMsT0FBTyxFQUFFLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7U0FDL0Q7UUFFRCxNQUFNLENBQUMsQ0FBQztLQUNUO0lBRUQsT0FBTyxXQUFXLENBQUM7QUFDckIsQ0FBQztBQUVELFNBQVMsZ0JBQWdCLENBQUMsT0FBWTtJQUNwQyxJQUFJLENBQUMsT0FBTyxFQUFFO1FBQUUsT0FBTyxFQUFHLENBQUM7S0FBRTtJQUM3QixNQUFNLElBQUksR0FBRyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7SUFDaEMsSUFBSTtRQUNGLE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztLQUN6QjtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEtBQUssQ0FBQyxnRUFBZ0UsSUFBSSxHQUFHLENBQUMsQ0FBQztLQUMxRjtBQUNILENBQUM7QUFFRCxTQUFTLG1CQUFtQixDQUFDLFVBQXVELEVBQUUsYUFBOEI7SUFDbEgsRUFBRTtJQUNGLG1FQUFtRTtJQUVuRSxhQUFhLEdBQUcsYUFBYSxJQUFJLEVBQUcsQ0FBQztJQUVyQyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsYUFBYSxDQUFDLGtCQUFrQixJQUFJLHlCQUF5QixDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBRXJHLGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsYUFBYSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3BLO0lBRUQsaUZBQWlGO0lBQ2pGLElBQUksVUFBVSxDQUFDLFdBQVcsS0FBSyxRQUFRLElBQUksa0JBQWtCLEtBQUssVUFBVSxDQUFDLGtCQUFrQixFQUFFO1FBQy9GLFVBQUcsQ0FBQywrQ0FBK0MsVUFBVSxDQUFDLGtCQUFrQixTQUFTLGFBQWEsQ0FBQyxrQkFBa0IsR0FBRyxDQUFDLENBQUM7S0FDL0g7SUFFRCwwREFBMEQ7SUFDMUQsT0FBTztRQUNMLEdBQUcsVUFBVTtRQUNiLEdBQUcsYUFBYTtRQUNoQixrQkFBa0IsRUFBRSxrQkFBa0I7S0FDdkMsQ0FBQztBQUNKLENBQUM7QUFFRDs7Ozs7O0dBTUc7QUFDSCxTQUFTLHlCQUF5QixDQUFDLEdBQWdEO0lBQ2pGLFFBQVEsR0FBRyxDQUFDLFdBQVcsRUFBRTtRQUN2QixLQUFLLFFBQVE7WUFDWCxPQUFPLEdBQUcsQ0FBQyxTQUFTLENBQUM7UUFFdkIsS0FBSyxRQUFRLENBQUM7UUFDZCxLQUFLLFFBQVE7WUFDWCxPQUFPLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQztRQUVoQztZQUNFLE1BQU0sSUFBSSxLQUFLLENBQUMscUNBQXFDLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0tBQ2hGO0FBQ0gsQ0FBQztBQS9MRCxpQkFBUztJQUNQLENBQUMsTUFBTSxDQUFDLCtCQUErQixDQUFDLEVBQUUsV0FBVyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUM7SUFDMUUsQ0FBQyxNQUFNLENBQUMsa0NBQWtDLENBQUMsRUFBRSxXQUFXLENBQUMsV0FBVyxDQUFDLFVBQVUsQ0FBQztJQUNoRixDQUFDLE1BQU0sQ0FBQyxpQ0FBaUMsQ0FBQyxFQUFFLFNBQVM7Q0FDdEQsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG1heC1sZW4gKi9cbi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cbmltcG9ydCB7IElzQ29tcGxldGVSZXNwb25zZSwgT25FdmVudFJlc3BvbnNlIH0gZnJvbSAnLi4vdHlwZXMnO1xuaW1wb3J0ICogYXMgY2ZuUmVzcG9uc2UgZnJvbSAnLi9jZm4tcmVzcG9uc2UnO1xuaW1wb3J0ICogYXMgY29uc3RzIGZyb20gJy4vY29uc3RzJztcbmltcG9ydCB7IGludm9rZUZ1bmN0aW9uLCBzdGFydEV4ZWN1dGlvbiB9IGZyb20gJy4vb3V0Ym91bmQnO1xuaW1wb3J0IHsgZ2V0RW52LCBsb2cgfSBmcm9tICcuL3V0aWwnO1xuXG4vLyB1c2UgY29uc3RzIGZvciBoYW5kbGVyIG5hbWVzIHRvIGNvbXBpbGVyLWVuZm9yY2UgdGhlIGNvdXBsaW5nIHdpdGggY29uc3RydWN0aW9uIGNvZGUuXG5leHBvcnQgPSB7XG4gIFtjb25zdHMuRlJBTUVXT1JLX09OX0VWRU5UX0hBTkRMRVJfTkFNRV06IGNmblJlc3BvbnNlLnNhZmVIYW5kbGVyKG9uRXZlbnQpLFxuICBbY29uc3RzLkZSQU1FV09SS19JU19DT01QTEVURV9IQU5ETEVSX05BTUVdOiBjZm5SZXNwb25zZS5zYWZlSGFuZGxlcihpc0NvbXBsZXRlKSxcbiAgW2NvbnN0cy5GUkFNRVdPUktfT05fVElNRU9VVF9IQU5ETEVSX05BTUVdOiBvblRpbWVvdXQsXG59O1xuXG4vKipcbiAqIFRoZSBtYWluIHJ1bnRpbWUgZW50cnlwb2ludCBvZiB0aGUgYXN5bmMgY3VzdG9tIHJlc291cmNlIGxhbWJkYSBmdW5jdGlvbi5cbiAqXG4gKiBBbnkgbGlmZWN5Y2xlIGV2ZW50IGNoYW5nZXMgdG8gdGhlIGN1c3RvbSByZXNvdXJjZXMgd2lsbCBpbnZva2UgdGhpcyBoYW5kbGVyLCB3aGljaCB3aWxsLCBpbiB0dXJuLFxuICogaW50ZXJhY3Qgd2l0aCB0aGUgdXNlci1kZWZpbmVkIGBvbkV2ZW50YCBhbmQgYGlzQ29tcGxldGVgIGhhbmRsZXJzLlxuICpcbiAqIFRoaXMgZnVuY3Rpb24gd2lsbCBhbHdheXMgc3VjY2VlZC4gSWYgYW4gZXJyb3Igb2NjdXJzXG4gKlxuICogQHBhcmFtIGNmblJlcXVlc3QgVGhlIGNsb3VkZm9ybWF0aW9uIGN1c3RvbSByZXNvdXJjZSBldmVudC5cbiAqL1xuYXN5bmMgZnVuY3Rpb24gb25FdmVudChjZm5SZXF1ZXN0OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KSB7XG4gIGxvZygnb25FdmVudEhhbmRsZXInLCBjZm5SZXF1ZXN0KTtcblxuICBjZm5SZXF1ZXN0LlJlc291cmNlUHJvcGVydGllcyA9IGNmblJlcXVlc3QuUmVzb3VyY2VQcm9wZXJ0aWVzIHx8IHsgfTtcblxuICBjb25zdCBvbkV2ZW50UmVzdWx0ID0gYXdhaXQgaW52b2tlVXNlckZ1bmN0aW9uKGNvbnN0cy5VU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTl9FTlYsIGNmblJlcXVlc3QpIGFzIE9uRXZlbnRSZXNwb25zZTtcbiAgbG9nKCdvbkV2ZW50IHJldHVybmVkOicsIG9uRXZlbnRSZXN1bHQpO1xuXG4gIC8vIG1lcmdlIHRoZSByZXF1ZXN0IGFuZCB0aGUgcmVzdWx0IGZyb20gb25FdmVudCB0byBmb3JtIHRoZSBjb21wbGV0ZSByZXNvdXJjZSBldmVudFxuICAvLyB0aGlzIGFsc28gcGVyZm9ybXMgdmFsaWRhdGlvbi5cbiAgY29uc3QgcmVzb3VyY2VFdmVudCA9IGNyZWF0ZVJlc3BvbnNlRXZlbnQoY2ZuUmVxdWVzdCwgb25FdmVudFJlc3VsdCk7XG4gIGxvZygnZXZlbnQ6Jywgb25FdmVudFJlc3VsdCk7XG5cbiAgLy8gZGV0ZXJtaW5lIGlmIHRoaXMgaXMgYW4gYXN5bmMgcHJvdmlkZXIgYmFzZWQgb24gd2hldGhlciB3ZSBoYXZlIGFuIGlzQ29tcGxldGUgaGFuZGxlciBkZWZpbmVkLlxuICAvLyBpZiBpdCBpcyBub3QgZGVmaW5lZCwgdGhlbiB3ZSBhcmUgYmFzaWNhbGx5IHJlYWR5IHRvIHJldHVybiBhIHBvc2l0aXZlIHJlc3BvbnNlLlxuICBpZiAoIXByb2Nlc3MuZW52W2NvbnN0cy5VU0VSX0lTX0NPTVBMRVRFX0ZVTkNUSU9OX0FSTl9FTlZdKSB7XG4gICAgcmV0dXJuIGNmblJlc3BvbnNlLnN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgcmVzb3VyY2VFdmVudCwgeyBub0VjaG86IHJlc291cmNlRXZlbnQuTm9FY2hvIH0pO1xuICB9XG5cbiAgLy8gb2ssIHdlIGFyZSBub3QgY29tcGxldGUsIHNvIGtpY2sgb2ZmIHRoZSB3YWl0ZXIgd29ya2Zsb3dcbiAgY29uc3Qgd2FpdGVyID0ge1xuICAgIHN0YXRlTWFjaGluZUFybjogZ2V0RW52KGNvbnN0cy5XQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WKSxcbiAgICBuYW1lOiByZXNvdXJjZUV2ZW50LlJlcXVlc3RJZCxcbiAgICBpbnB1dDogSlNPTi5zdHJpbmdpZnkocmVzb3VyY2VFdmVudCksXG4gIH07XG5cbiAgbG9nKCdzdGFydGluZyB3YWl0ZXInLCB3YWl0ZXIpO1xuXG4gIC8vIGtpY2sgb2ZmIHdhaXRlciBzdGF0ZSBtYWNoaW5lXG4gIGF3YWl0IHN0YXJ0RXhlY3V0aW9uKHdhaXRlcik7XG59XG5cbi8vIGludm9rZWQgYSBmZXcgdGltZXMgdW50aWwgYGNvbXBsZXRlYCBpcyB0cnVlIG9yIHVudGlsIGl0IHRpbWVzIG91dC5cbmFzeW5jIGZ1bmN0aW9uIGlzQ29tcGxldGUoZXZlbnQ6IEFXU0NES0FzeW5jQ3VzdG9tUmVzb3VyY2UuSXNDb21wbGV0ZVJlcXVlc3QpIHtcbiAgbG9nKCdpc0NvbXBsZXRlJywgZXZlbnQpO1xuXG4gIGNvbnN0IGlzQ29tcGxldGVSZXN1bHQgPSBhd2FpdCBpbnZva2VVc2VyRnVuY3Rpb24oY29uc3RzLlVTRVJfSVNfQ09NUExFVEVfRlVOQ1RJT05fQVJOX0VOViwgZXZlbnQpIGFzIElzQ29tcGxldGVSZXNwb25zZTtcbiAgbG9nKCd1c2VyIGlzQ29tcGxldGUgcmV0dXJuZWQ6JywgaXNDb21wbGV0ZVJlc3VsdCk7XG5cbiAgLy8gaWYgd2UgYXJlIG5vdCBjb21wbGV0ZSwgcmV0dXJuIGZhbHNlLCBhbmQgZG9uJ3Qgc2VuZCBhIHJlc3BvbnNlIGJhY2suXG4gIGlmICghaXNDb21wbGV0ZVJlc3VsdC5Jc0NvbXBsZXRlKSB7XG4gICAgaWYgKGlzQ29tcGxldGVSZXN1bHQuRGF0YSAmJiBPYmplY3Qua2V5cyhpc0NvbXBsZXRlUmVzdWx0LkRhdGEpLmxlbmd0aCA+IDApIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignXCJEYXRhXCIgaXMgbm90IGFsbG93ZWQgaWYgXCJJc0NvbXBsZXRlXCIgaXMgXCJGYWxzZVwiJyk7XG4gICAgfVxuXG4gICAgdGhyb3cgbmV3IGNmblJlc3BvbnNlLlJldHJ5KEpTT04uc3RyaW5naWZ5KGV2ZW50KSk7XG4gIH1cblxuICBjb25zdCByZXNwb25zZSA9IHtcbiAgICAuLi5ldmVudCxcbiAgICAuLi5pc0NvbXBsZXRlUmVzdWx0LFxuICAgIERhdGE6IHtcbiAgICAgIC4uLmV2ZW50LkRhdGEsXG4gICAgICAuLi5pc0NvbXBsZXRlUmVzdWx0LkRhdGEsXG4gICAgfSxcbiAgfTtcblxuICBhd2FpdCBjZm5SZXNwb25zZS5zdWJtaXRSZXNwb25zZSgnU1VDQ0VTUycsIHJlc3BvbnNlLCB7IG5vRWNobzogZXZlbnQuTm9FY2hvIH0pO1xufVxuXG4vLyBpbnZva2VkIHdoZW4gY29tcGxldGlvbiByZXRyaWVzIGFyZSBleGhhdXNlZC5cbmFzeW5jIGZ1bmN0aW9uIG9uVGltZW91dCh0aW1lb3V0RXZlbnQ6IGFueSkge1xuICBsb2coJ3RpbWVvdXRIYW5kbGVyJywgdGltZW91dEV2ZW50KTtcblxuICBjb25zdCBpc0NvbXBsZXRlUmVxdWVzdCA9IEpTT04ucGFyc2UoSlNPTi5wYXJzZSh0aW1lb3V0RXZlbnQuQ2F1c2UpLmVycm9yTWVzc2FnZSkgYXMgQVdTQ0RLQXN5bmNDdXN0b21SZXNvdXJjZS5Jc0NvbXBsZXRlUmVxdWVzdDtcbiAgYXdhaXQgY2ZuUmVzcG9uc2Uuc3VibWl0UmVzcG9uc2UoJ0ZBSUxFRCcsIGlzQ29tcGxldGVSZXF1ZXN0LCB7XG4gICAgcmVhc29uOiAnT3BlcmF0aW9uIHRpbWVkIG91dCcsXG4gIH0pO1xufVxuXG5hc3luYyBmdW5jdGlvbiBpbnZva2VVc2VyRnVuY3Rpb24oZnVuY3Rpb25Bcm5FbnY6IHN0cmluZywgcGF5bG9hZDogYW55KSB7XG4gIGNvbnN0IGZ1bmN0aW9uQXJuID0gZ2V0RW52KGZ1bmN0aW9uQXJuRW52KTtcbiAgbG9nKGBleGVjdXRpbmcgdXNlciBmdW5jdGlvbiAke2Z1bmN0aW9uQXJufSB3aXRoIHBheWxvYWRgLCBwYXlsb2FkKTtcblxuICAvLyB0cmFuc2llbnQgZXJyb3JzIHN1Y2ggYXMgdGltZW91dHMsIHRocm90dGxpbmcgZXJyb3JzICg0MjkpLCBhbmQgb3RoZXJcbiAgLy8gZXJyb3JzIHRoYXQgYXJlbid0IGNhdXNlZCBieSBhIGJhZCByZXF1ZXN0ICg1MDAgc2VyaWVzKSBhcmUgcmV0cmllZFxuICAvLyBhdXRvbWF0aWNhbGx5IGJ5IHRoZSBKYXZhU2NyaXB0IFNESy5cbiAgY29uc3QgcmVzcCA9IGF3YWl0IGludm9rZUZ1bmN0aW9uKHtcbiAgICBGdW5jdGlvbk5hbWU6IGZ1bmN0aW9uQXJuLFxuICAgIFBheWxvYWQ6IEpTT04uc3RyaW5naWZ5KHBheWxvYWQpLFxuICB9KTtcblxuICBsb2coJ3VzZXIgZnVuY3Rpb24gcmVzcG9uc2U6JywgcmVzcCwgdHlwZW9mKHJlc3ApKTtcblxuICBjb25zdCBqc29uUGF5bG9hZCA9IHBhcnNlSnNvblBheWxvYWQocmVzcC5QYXlsb2FkKTtcbiAgaWYgKHJlc3AuRnVuY3Rpb25FcnJvcikge1xuICAgIGxvZygndXNlciBmdW5jdGlvbiB0aHJldyBhbiBlcnJvcjonLCByZXNwLkZ1bmN0aW9uRXJyb3IpO1xuXG4gICAgY29uc3QgZXJyb3JNZXNzYWdlID0ganNvblBheWxvYWQuZXJyb3JNZXNzYWdlIHx8ICdlcnJvcic7XG5cbiAgICAvLyBwYXJzZSBmdW5jdGlvbiBuYW1lIGZyb20gYXJuXG4gICAgLy8gYXJuOiR7UGFydGl0aW9ufTpsYW1iZGE6JHtSZWdpb259OiR7QWNjb3VudH06ZnVuY3Rpb246JHtGdW5jdGlvbk5hbWV9XG4gICAgY29uc3QgYXJuID0gZnVuY3Rpb25Bcm4uc3BsaXQoJzonKTtcbiAgICBjb25zdCBmdW5jdGlvbk5hbWUgPSBhcm5bYXJuLmxlbmd0aCAtIDFdO1xuXG4gICAgLy8gYXBwZW5kIGEgcmVmZXJlbmNlIHRvIHRoZSBsb2cgZ3JvdXAuXG4gICAgY29uc3QgbWVzc2FnZSA9IFtcbiAgICAgIGVycm9yTWVzc2FnZSxcbiAgICAgICcnLFxuICAgICAgYExvZ3M6IC9hd3MvbGFtYmRhLyR7ZnVuY3Rpb25OYW1lfWAsIC8vIGNsb3Vkd2F0Y2ggbG9nIGdyb3VwXG4gICAgICAnJyxcbiAgICBdLmpvaW4oJ1xcbicpO1xuXG4gICAgY29uc3QgZSA9IG5ldyBFcnJvcihtZXNzYWdlKTtcblxuICAgIC8vIHRoZSBvdXRwdXQgdGhhdCBnb2VzIHRvIENGTiBpcyB3aGF0J3MgaW4gYHN0YWNrYCwgbm90IHRoZSBlcnJvciBtZXNzYWdlLlxuICAgIC8vIGlmIHdlIGhhdmUgYSByZW1vdGUgdHJhY2UsIGNvbnN0cnVjdCBhIG5pY2UgbWVzc2FnZSB3aXRoIGxvZyBncm91cCBpbmZvcm1hdGlvblxuICAgIGlmIChqc29uUGF5bG9hZC50cmFjZSkge1xuICAgICAgLy8gc2tpcCBmaXJzdCB0cmFjZSBsaW5lIGJlY2F1c2UgaXQncyB0aGUgbWVzc2FnZVxuICAgICAgZS5zdGFjayA9IFttZXNzYWdlLCAuLi5qc29uUGF5bG9hZC50cmFjZS5zbGljZSgxKV0uam9pbignXFxuJyk7XG4gICAgfVxuXG4gICAgdGhyb3cgZTtcbiAgfVxuXG4gIHJldHVybiBqc29uUGF5bG9hZDtcbn1cblxuZnVuY3Rpb24gcGFyc2VKc29uUGF5bG9hZChwYXlsb2FkOiBhbnkpOiBhbnkge1xuICBpZiAoIXBheWxvYWQpIHsgcmV0dXJuIHsgfTsgfVxuICBjb25zdCB0ZXh0ID0gcGF5bG9hZC50b1N0cmluZygpO1xuICB0cnkge1xuICAgIHJldHVybiBKU09OLnBhcnNlKHRleHQpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGByZXR1cm4gdmFsdWVzIGZyb20gdXNlci1oYW5kbGVycyBtdXN0IGJlIEpTT04gb2JqZWN0cy4gZ290OiBcIiR7dGV4dH1cImApO1xuICB9XG59XG5cbmZ1bmN0aW9uIGNyZWF0ZVJlc3BvbnNlRXZlbnQoY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgb25FdmVudFJlc3VsdDogT25FdmVudFJlc3BvbnNlKTogQVdTQ0RLQXN5bmNDdXN0b21SZXNvdXJjZS5Jc0NvbXBsZXRlUmVxdWVzdCB7XG4gIC8vXG4gIC8vIHZhbGlkYXRlIHRoYXQgb25FdmVudFJlc3VsdCBhbHdheXMgaW5jbHVkZXMgYSBQaHlzaWNhbFJlc291cmNlSWRcblxuICBvbkV2ZW50UmVzdWx0ID0gb25FdmVudFJlc3VsdCB8fCB7IH07XG5cbiAgLy8gaWYgcGh5c2ljYWwgSUQgaXMgbm90IHJldHVybmVkLCB3ZSBoYXZlIHNvbWUgZGVmYXVsdHMgZm9yIHlvdSBiYXNlZFxuICAvLyBvbiB0aGUgcmVxdWVzdCB0eXBlLlxuICBjb25zdCBwaHlzaWNhbFJlc291cmNlSWQgPSBvbkV2ZW50UmVzdWx0LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBkZWZhdWx0UGh5c2ljYWxSZXNvdXJjZUlkKGNmblJlcXVlc3QpO1xuXG4gIC8vIGlmIHdlIGFyZSBpbiBERUxFVEUgYW5kIHBoeXNpY2FsIElEIHdhcyBjaGFuZ2VkLCBpdCdzIGFuIGVycm9yLlxuICBpZiAoY2ZuUmVxdWVzdC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgcGh5c2ljYWxSZXNvdXJjZUlkICE9PSBjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZCkge1xuICAgIHRocm93IG5ldyBFcnJvcihgREVMRVRFOiBjYW5ub3QgY2hhbmdlIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBmcm9tIFwiJHtjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZH1cIiB0byBcIiR7b25FdmVudFJlc3VsdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgZHVyaW5nIGRlbGV0aW9uYCk7XG4gIH1cblxuICAvLyBpZiB3ZSBhcmUgaW4gVVBEQVRFIGFuZCBwaHlzaWNhbCBJRCB3YXMgY2hhbmdlZCwgaXQncyBhIHJlcGxhY2VtZW50IChqdXN0IGxvZylcbiAgaWYgKGNmblJlcXVlc3QuUmVxdWVzdFR5cGUgPT09ICdVcGRhdGUnICYmIHBoeXNpY2FsUmVzb3VyY2VJZCAhPT0gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICBsb2coYFVQREFURTogY2hhbmdpbmcgcGh5c2ljYWwgcmVzb3VyY2UgSUQgZnJvbSBcIiR7Y2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgdG8gXCIke29uRXZlbnRSZXN1bHQuUGh5c2ljYWxSZXNvdXJjZUlkfVwiYCk7XG4gIH1cblxuICAvLyBtZXJnZSByZXF1ZXN0IGV2ZW50IGFuZCByZXN1bHQgZXZlbnQgKHJlc3VsdCBwcmV2YWlscykuXG4gIHJldHVybiB7XG4gICAgLi4uY2ZuUmVxdWVzdCxcbiAgICAuLi5vbkV2ZW50UmVzdWx0LFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG4vKipcbiAqIENhbGN1bGF0ZXMgdGhlIGRlZmF1bHQgcGh5c2ljYWwgcmVzb3VyY2UgSUQgYmFzZWQgaW4gY2FzZSB1c2VyIGhhbmRsZXIgZGlkXG4gKiBub3QgcmV0dXJuIGEgUGh5c2ljYWxSZXNvdXJjZUlkLlxuICpcbiAqIEZvciBcIkNSRUFURVwiLCBpdCB1c2VzIHRoZSBSZXF1ZXN0SWQuXG4gKiBGb3IgXCJVUERBVEVcIiBhbmQgXCJERUxFVEVcIiBhbmQgcmV0dXJucyB0aGUgY3VycmVudCBQaHlzaWNhbFJlc291cmNlSWQgKHRoZSBvbmUgcHJvdmlkZWQgaW4gYGV2ZW50YCkuXG4gKi9cbmZ1bmN0aW9uIGRlZmF1bHRQaHlzaWNhbFJlc291cmNlSWQocmVxOiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KTogc3RyaW5nIHtcbiAgc3dpdGNoIChyZXEuUmVxdWVzdFR5cGUpIHtcbiAgICBjYXNlICdDcmVhdGUnOlxuICAgICAgcmV0dXJuIHJlcS5SZXF1ZXN0SWQ7XG5cbiAgICBjYXNlICdVcGRhdGUnOlxuICAgIGNhc2UgJ0RlbGV0ZSc6XG4gICAgICByZXR1cm4gcmVxLlBoeXNpY2FsUmVzb3VyY2VJZDtcblxuICAgIGRlZmF1bHQ6XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoYEludmFsaWQgXCJSZXF1ZXN0VHlwZVwiIGluIHJlcXVlc3QgXCIke0pTT04uc3RyaW5naWZ5KHJlcSl9XCJgKTtcbiAgfVxufVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/outbound.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/outbound.js new file mode 100644 index 0000000000000..70203dcc42f3f --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/outbound.js @@ -0,0 +1,45 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.httpRequest = exports.invokeFunction = exports.startExecution = void 0; +/* istanbul ignore file */ +const https = require("https"); +// eslint-disable-next-line import/no-extraneous-dependencies +const AWS = require("aws-sdk"); +const FRAMEWORK_HANDLER_TIMEOUT = 900000; // 15 minutes +// In order to honor the overall maximum timeout set for the target process, +// the default 2 minutes from AWS SDK has to be overriden: +// https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Config.html#httpOptions-property +const awsSdkConfig = { + httpOptions: { timeout: FRAMEWORK_HANDLER_TIMEOUT }, +}; +async function defaultHttpRequest(options, responseBody) { + return new Promise((resolve, reject) => { + try { + const request = https.request(options, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); +} +let sfn; +let lambda; +async function defaultStartExecution(req) { + if (!sfn) { + sfn = new AWS.StepFunctions(awsSdkConfig); + } + return sfn.startExecution(req).promise(); +} +async function defaultInvokeFunction(req) { + if (!lambda) { + lambda = new AWS.Lambda(awsSdkConfig); + } + return lambda.invoke(req).promise(); +} +exports.startExecution = defaultStartExecution; +exports.invokeFunction = defaultInvokeFunction; +exports.httpRequest = defaultHttpRequest; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3V0Ym91bmQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJvdXRib3VuZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwwQkFBMEI7QUFDMUIsK0JBQStCO0FBQy9CLDZEQUE2RDtBQUM3RCwrQkFBK0I7QUFJL0IsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLENBQUMsQ0FBQyxhQUFhO0FBRXZELDRFQUE0RTtBQUM1RSwwREFBMEQ7QUFDMUQsMkZBQTJGO0FBQzNGLE1BQU0sWUFBWSxHQUF5QjtJQUN6QyxXQUFXLEVBQUUsRUFBRSxPQUFPLEVBQUUseUJBQXlCLEVBQUU7Q0FDcEQsQ0FBQztBQUVGLEtBQUssVUFBVSxrQkFBa0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ25GLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQ2hELE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDNUIsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1NBQ2Y7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUNYO0lBQ0gsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsSUFBSSxHQUFzQixDQUFDO0FBQzNCLElBQUksTUFBa0IsQ0FBQztBQUV2QixLQUFLLFVBQVUscUJBQXFCLENBQUMsR0FBMEM7SUFDN0UsSUFBSSxDQUFDLEdBQUcsRUFBRTtRQUNSLEdBQUcsR0FBRyxJQUFJLEdBQUcsQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7S0FDM0M7SUFFRCxPQUFPLEdBQUcsQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7QUFDM0MsQ0FBQztBQUVELEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxHQUFpQztJQUNwRSxJQUFJLENBQUMsTUFBTSxFQUFFO1FBQ1gsTUFBTSxHQUFHLElBQUksR0FBRyxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztLQUN2QztJQUVELE9BQU8sTUFBTSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztBQUN0QyxDQUFDO0FBRVUsUUFBQSxjQUFjLEdBQUcscUJBQXFCLENBQUM7QUFDdkMsUUFBQSxjQUFjLEdBQUcscUJBQXFCLENBQUM7QUFDdkMsUUFBQSxXQUFXLEdBQUcsa0JBQWtCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBpc3RhbmJ1bCBpZ25vcmUgZmlsZSAqL1xuaW1wb3J0ICogYXMgaHR0cHMgZnJvbSAnaHR0cHMnO1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0ICogYXMgQVdTIGZyb20gJ2F3cy1zZGsnO1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0IHR5cGUgeyBDb25maWd1cmF0aW9uT3B0aW9ucyB9IGZyb20gJ2F3cy1zZGsvbGliL2NvbmZpZy1iYXNlJztcblxuY29uc3QgRlJBTUVXT1JLX0hBTkRMRVJfVElNRU9VVCA9IDkwMDAwMDsgLy8gMTUgbWludXRlc1xuXG4vLyBJbiBvcmRlciB0byBob25vciB0aGUgb3ZlcmFsbCBtYXhpbXVtIHRpbWVvdXQgc2V0IGZvciB0aGUgdGFyZ2V0IHByb2Nlc3MsXG4vLyB0aGUgZGVmYXVsdCAyIG1pbnV0ZXMgZnJvbSBBV1MgU0RLIGhhcyB0byBiZSBvdmVycmlkZW46XG4vLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL0NvbmZpZy5odG1sI2h0dHBPcHRpb25zLXByb3BlcnR5XG5jb25zdCBhd3NTZGtDb25maWc6IENvbmZpZ3VyYXRpb25PcHRpb25zID0ge1xuICBodHRwT3B0aW9uczogeyB0aW1lb3V0OiBGUkFNRVdPUktfSEFORExFUl9USU1FT1VUIH0sXG59O1xuXG5hc3luYyBmdW5jdGlvbiBkZWZhdWx0SHR0cFJlcXVlc3Qob3B0aW9uczogaHR0cHMuUmVxdWVzdE9wdGlvbnMsIHJlc3BvbnNlQm9keTogc3RyaW5nKSB7XG4gIHJldHVybiBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IHJlcXVlc3QgPSBodHRwcy5yZXF1ZXN0KG9wdGlvbnMsIHJlc29sdmUpO1xuICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxubGV0IHNmbjogQVdTLlN0ZXBGdW5jdGlvbnM7XG5sZXQgbGFtYmRhOiBBV1MuTGFtYmRhO1xuXG5hc3luYyBmdW5jdGlvbiBkZWZhdWx0U3RhcnRFeGVjdXRpb24ocmVxOiBBV1MuU3RlcEZ1bmN0aW9ucy5TdGFydEV4ZWN1dGlvbklucHV0KTogUHJvbWlzZTxBV1MuU3RlcEZ1bmN0aW9ucy5TdGFydEV4ZWN1dGlvbk91dHB1dD4ge1xuICBpZiAoIXNmbikge1xuICAgIHNmbiA9IG5ldyBBV1MuU3RlcEZ1bmN0aW9ucyhhd3NTZGtDb25maWcpO1xuICB9XG5cbiAgcmV0dXJuIHNmbi5zdGFydEV4ZWN1dGlvbihyZXEpLnByb21pc2UoKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdEludm9rZUZ1bmN0aW9uKHJlcTogQVdTLkxhbWJkYS5JbnZvY2F0aW9uUmVxdWVzdCk6IFByb21pc2U8QVdTLkxhbWJkYS5JbnZvY2F0aW9uUmVzcG9uc2U+IHtcbiAgaWYgKCFsYW1iZGEpIHtcbiAgICBsYW1iZGEgPSBuZXcgQVdTLkxhbWJkYShhd3NTZGtDb25maWcpO1xuICB9XG5cbiAgcmV0dXJuIGxhbWJkYS5pbnZva2UocmVxKS5wcm9taXNlKCk7XG59XG5cbmV4cG9ydCBsZXQgc3RhcnRFeGVjdXRpb24gPSBkZWZhdWx0U3RhcnRFeGVjdXRpb247XG5leHBvcnQgbGV0IGludm9rZUZ1bmN0aW9uID0gZGVmYXVsdEludm9rZUZ1bmN0aW9uO1xuZXhwb3J0IGxldCBodHRwUmVxdWVzdCA9IGRlZmF1bHRIdHRwUmVxdWVzdDtcbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/util.js b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/util.js new file mode 100644 index 0000000000000..ee4c6e9c9ddeb --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/util.js @@ -0,0 +1,17 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.log = exports.getEnv = void 0; +function getEnv(name) { + const value = process.env[name]; + if (!value) { + throw new Error(`The environment variable "${name}" is not defined`); + } + return value; +} +exports.getEnv = getEnv; +function log(title, ...args) { + console.log('[provider-framework]', title, ...args.map(x => typeof (x) === 'object' ? JSON.stringify(x, undefined, 2) : x)); +} +exports.log = log; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLCtCQUErQjs7O0FBRS9CLFNBQWdCLE1BQU0sQ0FBQyxJQUFZO0lBQ2pDLE1BQU0sS0FBSyxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDaEMsSUFBSSxDQUFDLEtBQUssRUFBRTtRQUNWLE1BQU0sSUFBSSxLQUFLLENBQUMsNkJBQTZCLElBQUksa0JBQWtCLENBQUMsQ0FBQztLQUN0RTtJQUNELE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQztBQU5ELHdCQU1DO0FBRUQsU0FBZ0IsR0FBRyxDQUFDLEtBQVUsRUFBRSxHQUFHLElBQVc7SUFDNUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxzQkFBc0IsRUFBRSxLQUFLLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQzdILENBQUM7QUFGRCxrQkFFQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGZ1bmN0aW9uIGdldEVudihuYW1lOiBzdHJpbmcpOiBzdHJpbmcge1xuICBjb25zdCB2YWx1ZSA9IHByb2Nlc3MuZW52W25hbWVdO1xuICBpZiAoIXZhbHVlKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBUaGUgZW52aXJvbm1lbnQgdmFyaWFibGUgXCIke25hbWV9XCIgaXMgbm90IGRlZmluZWRgKTtcbiAgfVxuICByZXR1cm4gdmFsdWU7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBsb2codGl0bGU6IGFueSwgLi4uYXJnczogYW55W10pIHtcbiAgY29uc29sZS5sb2coJ1twcm92aWRlci1mcmFtZXdvcmtdJywgdGl0bGUsIC4uLmFyZ3MubWFwKHggPT4gdHlwZW9mKHgpID09PSAnb2JqZWN0JyA/IEpTT04uc3RyaW5naWZ5KHgsIHVuZGVmaW5lZCwgMikgOiB4KSk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk-integ-cluster-snapshot.template.json b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk-integ-cluster-snapshot.template.json new file mode 100644 index 0000000000000..14b204f542f15 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk-integ-cluster-snapshot.template.json @@ -0,0 +1,1942 @@ +{ + "Transform": "AWS::Serverless-2016-10-31", + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-cluster-snapshot/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterSubnetsDCFA5CB7": { + "Type": "AWS::RDS::DBSubnetGroup", + "Properties": { + "DBSubnetGroupDescription": "Subnets for Cluster database", + "SubnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "ClusterSecurityGroup0921994B": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "RDS security group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ClusterSecret6368BD0F": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "Description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "GenerateSecretString": { + "ExcludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\", + "GenerateStringKey": "password", + "PasswordLength": 30, + "SecretStringTemplate": "{\"username\":\"admin\"}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterSecretAttachment769E6258": { + "Type": "AWS::SecretsManager::SecretTargetAttachment", + "Properties": { + "SecretId": { + "Ref": "ClusterSecret6368BD0F" + }, + "TargetId": { + "Ref": "ClusterEB0386A7" + }, + "TargetType": "AWS::RDS::DBCluster" + } + }, + "ClusterEB0386A7": { + "Type": "AWS::RDS::DBCluster", + "Properties": { + "Engine": "aurora-mysql", + "CopyTagsToSnapshot": true, + "DBClusterParameterGroupName": "default.aurora-mysql5.7", + "DBSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "EngineVersion": "5.7.mysql_aurora.2.10.2", + "MasterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:username::}}" + ] + ] + }, + "MasterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:password::}}" + ] + ] + }, + "VpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "ClusterSecurityGroup0921994B", + "GroupId" + ] + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterInstance1448F06E4": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBInstanceClass": "db.t3.small", + "DBClusterIdentifier": { + "Ref": "ClusterEB0386A7" + }, + "DBSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "Engine": "aurora-mysql", + "EngineVersion": "5.7.mysql_aurora.2.10.2" + }, + "DependsOn": [ + "VpcPrivateSubnet1DefaultRouteBE02A9ED", + "VpcPrivateSubnet2DefaultRoute060D2087" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterInstance2C3E0561B": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBInstanceClass": "db.t3.small", + "DBClusterIdentifier": { + "Ref": "ClusterEB0386A7" + }, + "DBSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "Engine": "aurora-mysql", + "EngineVersion": "5.7.mysql_aurora.2.10.2" + }, + "DependsOn": [ + "VpcPrivateSubnet1DefaultRouteBE02A9ED", + "VpcPrivateSubnet2DefaultRoute060D2087" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "SnapshoterOnEventHandlerServiceRole7F84B26D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "SnapshoterOnEventHandlerServiceRoleDefaultPolicyAF0DFD57": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBClusterSnapshot" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster-snapshot:cdk-integ-cluster-snapshot" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster:", + { + "Ref": "ClusterEB0386A7" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterOnEventHandlerServiceRoleDefaultPolicyAF0DFD57", + "Roles": [ + { + "Ref": "SnapshoterOnEventHandlerServiceRole7F84B26D" + } + ] + } + }, + "SnapshoterOnEventHandlerDF82DF85": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerServiceRole7F84B26D", + "Arn" + ] + }, + "Handler": "index.onEventHandler", + "Runtime": "nodejs16.x" + }, + "DependsOn": [ + "SnapshoterOnEventHandlerServiceRoleDefaultPolicyAF0DFD57", + "SnapshoterOnEventHandlerServiceRole7F84B26D" + ] + }, + "SnapshoterIsCompleteHandlerServiceRole40F5F1A8": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "SnapshoterIsCompleteHandlerServiceRoleDefaultPolicyA43EB222": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "rds:DescribeDBClusterSnapshots", + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster-snapshot:cdk-integ-cluster-snapshot" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster:", + { + "Ref": "ClusterEB0386A7" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterIsCompleteHandlerServiceRoleDefaultPolicyA43EB222", + "Roles": [ + { + "Ref": "SnapshoterIsCompleteHandlerServiceRole40F5F1A8" + } + ] + } + }, + "SnapshoterIsCompleteHandler93DE2591": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandlerServiceRole40F5F1A8", + "Arn" + ] + }, + "Handler": "index.isCompleteHandler", + "Runtime": "nodejs16.x" + }, + "DependsOn": [ + "SnapshoterIsCompleteHandlerServiceRoleDefaultPolicyA43EB222", + "SnapshoterIsCompleteHandlerServiceRole40F5F1A8" + ] + }, + "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkonEventServiceRoleDefaultPolicy21CE9686": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": "states:StartExecution", + "Effect": "Allow", + "Resource": { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterSnapshotProviderframeworkonEventServiceRoleDefaultPolicy21CE9686", + "Roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76" + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkonEventF0C0D052": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76", + "Arn" + ] + }, + "Description": "AWS CDK resource provider framework - onEvent (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + "WAITER_STATE_MACHINE_ARN": { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F" + } + } + }, + "Handler": "framework.onEvent", + "Runtime": "nodejs12.x", + "Timeout": 900 + }, + "DependsOn": [ + "SnapshoterSnapshotProviderframeworkonEventServiceRoleDefaultPolicy21CE9686", + "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76" + ] + }, + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleDefaultPolicyF410E478": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleDefaultPolicyF410E478", + "Roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB" + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB", + "Arn" + ] + }, + "Description": "AWS CDK resource provider framework - isComplete (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + } + } + }, + "Handler": "framework.isComplete", + "Runtime": "nodejs12.x", + "Timeout": 900 + }, + "DependsOn": [ + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleDefaultPolicyF410E478", + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB" + ] + }, + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRoleDefaultPolicy05DF1C30": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRoleDefaultPolicy05DF1C30", + "Roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD" + } + ] + } + }, + "SnapshoterSnapshotProviderframeworkonTimeout04342B00": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD", + "Arn" + ] + }, + "Description": "AWS CDK resource provider framework - onTimeout (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + } + } + }, + "Handler": "framework.onTimeout", + "Runtime": "nodejs12.x", + "Timeout": 900 + }, + "DependsOn": [ + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRoleDefaultPolicy05DF1C30", + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD" + ] + }, + "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::FindInMap": [ + "ServiceprincipalMap", + { + "Ref": "AWS::Region" + }, + "states" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "SnapshoterSnapshotProviderwaiterstatemachineRoleDefaultPolicyCF7716B2": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeout04342B00", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeout04342B00", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SnapshoterSnapshotProviderwaiterstatemachineRoleDefaultPolicyCF7716B2", + "Roles": [ + { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5" + } + ] + } + }, + "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":5,\"MaxAttempts\":360,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B", + "Arn" + ] + }, + "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeout04342B00", + "Arn" + ] + }, + "\"}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5", + "Arn" + ] + } + }, + "DependsOn": [ + "SnapshoterSnapshotProviderwaiterstatemachineRoleDefaultPolicyCF7716B2", + "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5" + ] + }, + "SnapshoterSnapshotAA1755BE": { + "Type": "Custom::Snapshoter", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonEventF0C0D052", + "Arn" + ] + }, + "DBClusterIdentifier": { + "Ref": "ClusterEB0386A7" + }, + "DBClusterSnapshotIdentifier": "cdk-integ-cluster-snapshot" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotSubnets9ED4B8EE": { + "Type": "AWS::RDS::DBSubnetGroup", + "Properties": { + "DBSubnetGroupDescription": "Subnets for FromSnapshot database", + "SubnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "FromSnapshotSecurityGroup72F11E81": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "RDS security group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "FromSnapshotSecurityGroupfromcdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219IndirectPort7C6DDFDF": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}", + "FromPort": { + "Fn::GetAtt": [ + "FromSnapshotEE0682C5", + "Endpoint.Port" + ] + }, + "GroupId": { + "Fn::GetAtt": [ + "FromSnapshotSecurityGroup72F11E81", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserSecurityGroupF78A9956", + "GroupId" + ] + }, + "ToPort": { + "Fn::GetAtt": [ + "FromSnapshotEE0682C5", + "Endpoint.Port" + ] + } + } + }, + "FromSnapshotSecret9100F61C": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "Description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "GenerateSecretString": { + "ExcludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\", + "GenerateStringKey": "password", + "PasswordLength": 30, + "SecretStringTemplate": "{\"username\":\"admin\"}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotSecretAttachmentB62DA1C6": { + "Type": "AWS::SecretsManager::SecretTargetAttachment", + "Properties": { + "SecretId": { + "Ref": "FromSnapshotSecret9100F61C" + }, + "TargetId": { + "Ref": "FromSnapshotEE0682C5" + }, + "TargetType": "AWS::RDS::DBCluster" + } + }, + "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "Description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "GenerateSecretString": { + "ExcludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\", + "GenerateStringKey": "password", + "PasswordLength": 30, + "SecretStringTemplate": "{\"username\":\"admin\"}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotSnapshotSecretAttachmentA3F619B8": { + "Type": "AWS::SecretsManager::SecretTargetAttachment", + "Properties": { + "SecretId": { + "Ref": "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb" + }, + "TargetId": { + "Ref": "FromSnapshotEE0682C5" + }, + "TargetType": "AWS::RDS::DBCluster" + } + }, + "FromSnapshotSnapshotSecretAttachmentRotationSchedule102BDEB3": { + "Type": "AWS::SecretsManager::RotationSchedule", + "Properties": { + "SecretId": { + "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" + }, + "RotationLambdaARN": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserEBCAA50C", + "Outputs.RotationLambdaARN" + ] + }, + "RotationRules": { + "AutomaticallyAfterDays": 30 + } + } + }, + "FromSnapshotSnapshotSecretAttachmentPolicy3136FEC0": { + "Type": "AWS::SecretsManager::ResourcePolicy", + "Properties": { + "ResourcePolicy": { + "Statement": [ + { + "Action": "secretsmanager:DeleteSecret", + "Effect": "Deny", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "SecretId": { + "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" + } + } + }, + "FromSnapshotEE0682C5": { + "Type": "AWS::RDS::DBCluster", + "Properties": { + "Engine": "aurora-mysql", + "CopyTagsToSnapshot": true, + "DBClusterParameterGroupName": "default.aurora-mysql5.7", + "DBSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "EngineVersion": "5.7.mysql_aurora.2.10.2", + "MasterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb" + }, + ":SecretString:password::}}" + ] + ] + }, + "SnapshotIdentifier": { + "Fn::GetAtt": [ + "SnapshoterSnapshotAA1755BE", + "DBClusterSnapshotArn" + ] + }, + "VpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "FromSnapshotSecurityGroup72F11E81", + "GroupId" + ] + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotInstance167EFB569": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBInstanceClass": "db.t3.small", + "DBClusterIdentifier": { + "Ref": "FromSnapshotEE0682C5" + }, + "DBSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "Engine": "aurora-mysql", + "EngineVersion": "5.7.mysql_aurora.2.10.2" + }, + "DependsOn": [ + "VpcPrivateSubnet1DefaultRouteBE02A9ED", + "VpcPrivateSubnet2DefaultRoute060D2087" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotInstance2CD342D07": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBInstanceClass": "db.t3.small", + "DBClusterIdentifier": { + "Ref": "FromSnapshotEE0682C5" + }, + "DBSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "Engine": "aurora-mysql", + "EngineVersion": "5.7.mysql_aurora.2.10.2" + }, + "DependsOn": [ + "VpcPrivateSubnet1DefaultRouteBE02A9ED", + "VpcPrivateSubnet2DefaultRoute060D2087" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "FromSnapshotRotationSingleUserSecurityGroupF78A9956": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "FromSnapshotRotationSingleUserEBCAA50C": { + "Type": "AWS::Serverless::Application", + "Properties": { + "Location": { + "ApplicationId": { + "Fn::FindInMap": [ + "FromSnapshotRotationSingleUserSARMapping4464D796", + { + "Ref": "AWS::Partition" + }, + "applicationId" + ] + }, + "SemanticVersion": { + "Fn::FindInMap": [ + "FromSnapshotRotationSingleUserSARMapping4464D796", + { + "Ref": "AWS::Partition" + }, + "semanticVersion" + ] + } + }, + "Parameters": { + "endpoint": { + "Fn::Join": [ + "", + [ + "https://secretsmanager.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + }, + "functionName": "cdkintegclustersnapshotFromSnapshotRotationSingleUserAE675488", + "vpcSubnetIds": { + "Fn::Join": [ + "", + [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + ",", + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + ] + }, + "vpcSecurityGroupIds": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserSecurityGroupF78A9956", + "GroupId" + ] + }, + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + } + }, + "Parameters": { + "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC": { + "Type": "String", + "Description": "S3 bucket for asset \"1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e\"" + }, + "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D": { + "Type": "String", + "Description": "S3 key for asset version \"1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e\"" + }, + "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eArtifactHash725480C4": { + "Type": "String", + "Description": "Artifact hash for asset \"1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e\"" + }, + "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90": { + "Type": "String", + "Description": "S3 bucket for asset \"8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9\"" + }, + "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212": { + "Type": "String", + "Description": "S3 key for asset version \"8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9\"" + }, + "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9ArtifactHash26B5BCAA": { + "Type": "String", + "Description": "Artifact hash for asset \"8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9\"" + } + }, + "Mappings": { + "FromSnapshotRotationSingleUserSARMapping4464D796": { + "aws": { + "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSMySQLRotationSingleUser", + "semanticVersion": "1.1.225" + }, + "aws-cn": { + "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSMySQLRotationSingleUser", + "semanticVersion": "1.1.37" + }, + "aws-us-gov": { + "applicationId": "arn:aws-us-gov:serverlessrepo:us-gov-west-1:023102451235:applications/SecretsManagerRDSMySQLRotationSingleUser", + "semanticVersion": "1.1.93" + } + }, + "ServiceprincipalMap": { + "af-south-1": { + "states": "states.af-south-1.amazonaws.com" + }, + "ap-east-1": { + "states": "states.ap-east-1.amazonaws.com" + }, + "ap-northeast-1": { + "states": "states.ap-northeast-1.amazonaws.com" + }, + "ap-northeast-2": { + "states": "states.ap-northeast-2.amazonaws.com" + }, + "ap-northeast-3": { + "states": "states.ap-northeast-3.amazonaws.com" + }, + "ap-south-1": { + "states": "states.ap-south-1.amazonaws.com" + }, + "ap-southeast-1": { + "states": "states.ap-southeast-1.amazonaws.com" + }, + "ap-southeast-2": { + "states": "states.ap-southeast-2.amazonaws.com" + }, + "ap-southeast-3": { + "states": "states.ap-southeast-3.amazonaws.com" + }, + "ca-central-1": { + "states": "states.ca-central-1.amazonaws.com" + }, + "cn-north-1": { + "states": "states.cn-north-1.amazonaws.com" + }, + "cn-northwest-1": { + "states": "states.cn-northwest-1.amazonaws.com" + }, + "eu-central-1": { + "states": "states.eu-central-1.amazonaws.com" + }, + "eu-north-1": { + "states": "states.eu-north-1.amazonaws.com" + }, + "eu-south-1": { + "states": "states.eu-south-1.amazonaws.com" + }, + "eu-south-2": { + "states": "states.eu-south-2.amazonaws.com" + }, + "eu-west-1": { + "states": "states.eu-west-1.amazonaws.com" + }, + "eu-west-2": { + "states": "states.eu-west-2.amazonaws.com" + }, + "eu-west-3": { + "states": "states.eu-west-3.amazonaws.com" + }, + "me-south-1": { + "states": "states.me-south-1.amazonaws.com" + }, + "sa-east-1": { + "states": "states.sa-east-1.amazonaws.com" + }, + "us-east-1": { + "states": "states.us-east-1.amazonaws.com" + }, + "us-east-2": { + "states": "states.us-east-2.amazonaws.com" + }, + "us-gov-east-1": { + "states": "states.us-gov-east-1.amazonaws.com" + }, + "us-gov-west-1": { + "states": "states.us-gov-west-1.amazonaws.com" + }, + "us-iso-east-1": { + "states": "states.amazonaws.com" + }, + "us-iso-west-1": { + "states": "states.amazonaws.com" + }, + "us-isob-east-1": { + "states": "states.amazonaws.com" + }, + "us-west-1": { + "states": "states.us-west-1.amazonaws.com" + }, + "us-west-2": { + "states": "states.us-west-2.amazonaws.com" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..ccdfc1ff96a9d --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"19.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/integ.json b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/integ.json new file mode 100644 index 0000000000000..525fce2c049db --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/integ.json @@ -0,0 +1,14 @@ +{ + "version": "19.0.0", + "testCases": { + "integ.cluster-snapshot": { + "stacks": [ + "cdk-integ-cluster-snapshot" + ], + "diffAssets": false, + "stackUpdateWorkflow": true + } + }, + "synthContext": {}, + "enableLookups": false +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..58b102fdee216 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/manifest.json @@ -0,0 +1,462 @@ +{ + "version": "19.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "cdk-integ-cluster-snapshot": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-cluster-snapshot.template.json", + "validateOnSynth": false + }, + "metadata": { + "/cdk-integ-cluster-snapshot": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e", + "id": "1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e", + "packaging": "zip", + "sourceHash": "1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e", + "s3BucketParameter": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC", + "s3KeyParameter": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D", + "artifactHashParameter": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eArtifactHash725480C4" + } + }, + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9", + "id": "8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9", + "packaging": "zip", + "sourceHash": "8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9", + "s3BucketParameter": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90", + "s3KeyParameter": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212", + "artifactHashParameter": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9ArtifactHash26B5BCAA" + } + } + ], + "/cdk-integ-cluster-snapshot/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/cdk-integ-cluster-snapshot/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Subnets/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSubnetsDCFA5CB7" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecurityGroup0921994B" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecret6368BD0F" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Secret/Attachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecretAttachment769E6258" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Instance1": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterInstance1448F06E4" + } + ], + "/cdk-integ-cluster-snapshot/Cluster/Instance2": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterInstance2C3E0561B" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterOnEventHandlerServiceRole7F84B26D" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterOnEventHandlerServiceRoleDefaultPolicyAF0DFD57" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterOnEventHandlerDF82DF85" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterIsCompleteHandlerServiceRole40F5F1A8" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterIsCompleteHandlerServiceRoleDefaultPolicyA43EB222" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterIsCompleteHandler93DE2591" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonEventServiceRoleDefaultPolicy21CE9686" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonEventF0C0D052" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleDefaultPolicyF410E478" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkisComplete803B4F1B" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRoleDefaultPolicy05DF1C30" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderframeworkonTimeout04342B00" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderwaiterstatemachineRoleDefaultPolicyCF7716B2" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F" + } + ], + "/cdk-integ-cluster-snapshot/Snapshoter/Snapshot/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "SnapshoterSnapshotAA1755BE" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eArtifactHash725480C4" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ], + "/cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9ArtifactHash26B5BCAA" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Subnets/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSubnets9ED4B8EE" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSecurityGroup72F11E81" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SecurityGroup/from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSecurityGroupfromcdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219IndirectPort7C6DDFDF" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSecret9100F61C" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Secret/Attachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSecretAttachmentB62DA1C6" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSnapshotSecretAttachmentA3F619B8" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/RotationSchedule/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSnapshotSecretAttachmentRotationSchedule102BDEB3" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotSnapshotSecretAttachmentPolicy3136FEC0" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotEE0682C5" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Instance1": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotInstance167EFB569" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/Instance2": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotInstance2CD342D07" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotRotationSingleUserSecurityGroupF78A9956" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SARMapping": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotRotationSingleUserSARMapping4464D796" + } + ], + "/cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FromSnapshotRotationSingleUserEBCAA50C" + } + ], + "/cdk-integ-cluster-snapshot/Service-principalMap": [ + { + "type": "aws:cdk:logicalId", + "data": "ServiceprincipalMap" + } + ] + }, + "displayName": "cdk-integ-cluster-snapshot" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/tree.json b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/tree.json new file mode 100644 index 0000000000000..11f7609386391 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/cluster-snapshot.integ.snapshot/tree.json @@ -0,0 +1,2882 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + }, + "cdk-integ-cluster-snapshot": { + "id": "cdk-integ-cluster-snapshot", + "path": "cdk-integ-cluster-snapshot", + "children": { + "Vpc": { + "id": "Vpc", + "path": "cdk-integ-cluster-snapshot/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "cdk-integ-cluster-snapshot/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "cdk-integ-cluster-snapshot/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "cdk-integ-cluster-snapshot/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "cdk-integ-cluster-snapshot/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "cdk-integ-cluster-snapshot/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "cdk-integ-cluster-snapshot/Cluster", + "children": { + "Subnets": { + "id": "Subnets", + "path": "cdk-integ-cluster-snapshot/Cluster/Subnets", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-cluster-snapshot/Cluster/Subnets/Default", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", + "aws:cdk:cloudformation:props": { + "dbSubnetGroupDescription": "Subnets for Cluster database", + "subnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBSubnetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.SubnetGroup", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "cdk-integ-cluster-snapshot/Cluster/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Cluster/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "RDS security group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup": { + "id": "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", + "path": "cdk-integ-cluster-snapshot/Cluster/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Secret": { + "id": "Secret", + "path": "cdk-integ-cluster-snapshot/Cluster/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Cluster/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "generateSecretString": { + "passwordLength": 30, + "secretStringTemplate": "{\"username\":\"admin\"}", + "generateStringKey": "password", + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + }, + "Attachment": { + "id": "Attachment", + "path": "cdk-integ-cluster-snapshot/Cluster/Secret/Attachment", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Cluster/Secret/Attachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "ClusterSecret6368BD0F" + }, + "targetId": { + "Ref": "ClusterEB0386A7" + }, + "targetType": "AWS::RDS::DBCluster" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.DatabaseSecret", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", + "aws:cdk:cloudformation:props": { + "engine": "aurora-mysql", + "copyTagsToSnapshot": true, + "dbClusterParameterGroupName": "default.aurora-mysql5.7", + "dbSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "engineVersion": "5.7.mysql_aurora.2.10.2", + "masterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:username::}}" + ] + ] + }, + "masterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:password::}}" + ] + ] + }, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "ClusterSecurityGroup0921994B", + "GroupId" + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBCluster", + "version": "0.0.0" + } + }, + "Instance1": { + "id": "Instance1", + "path": "cdk-integ-cluster-snapshot/Cluster/Instance1", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbInstanceClass": "db.t3.small", + "dbClusterIdentifier": { + "Ref": "ClusterEB0386A7" + }, + "dbSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "engine": "aurora-mysql", + "engineVersion": "5.7.mysql_aurora.2.10.2" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "version": "0.0.0" + } + }, + "Instance2": { + "id": "Instance2", + "path": "cdk-integ-cluster-snapshot/Cluster/Instance2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbInstanceClass": "db.t3.small", + "dbClusterIdentifier": { + "Ref": "ClusterEB0386A7" + }, + "dbSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "engine": "aurora-mysql", + "engineVersion": "5.7.mysql_aurora.2.10.2" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.DatabaseCluster", + "version": "0.0.0" + } + }, + "Snapshoter": { + "id": "Snapshoter", + "path": "cdk-integ-cluster-snapshot/Snapshoter", + "children": { + "OnEventHandler": { + "id": "OnEventHandler", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBClusterSnapshot" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster-snapshot:cdk-integ-cluster-snapshot" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster:", + { + "Ref": "ClusterEB0386A7" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterOnEventHandlerServiceRoleDefaultPolicyAF0DFD57", + "roles": [ + { + "Ref": "SnapshoterOnEventHandlerServiceRole7F84B26D" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/OnEventHandler/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerServiceRole7F84B26D", + "Arn" + ] + }, + "handler": "index.onEventHandler", + "runtime": "nodejs16.x" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "IsCompleteHandler": { + "id": "IsCompleteHandler", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "rds:DescribeDBClusterSnapshots", + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster-snapshot:cdk-integ-cluster-snapshot" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rds:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster:", + { + "Ref": "ClusterEB0386A7" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterIsCompleteHandlerServiceRoleDefaultPolicyA43EB222", + "roles": [ + { + "Ref": "SnapshoterIsCompleteHandlerServiceRole40F5F1A8" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/IsCompleteHandler/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3BucketB5E782AC" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2eS3VersionKey5DD1F95D" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandlerServiceRole40F5F1A8", + "Arn" + ] + }, + "handler": "index.isCompleteHandler", + "runtime": "nodejs16.x" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "SnapshotProvider": { + "id": "SnapshotProvider", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider", + "children": { + "framework-onEvent": { + "id": "framework-onEvent", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": "states:StartExecution", + "Effect": "Allow", + "Resource": { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterSnapshotProviderframeworkonEventServiceRoleDefaultPolicy21CE9686", + "roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onEvent/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonEventServiceRole29C21F76", + "Arn" + ] + }, + "description": "AWS CDK resource provider framework - onEvent (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + "WAITER_STATE_MACHINE_ARN": { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineE1F05D1F" + } + } + }, + "handler": "framework.onEvent", + "runtime": "nodejs12.x", + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "framework-isComplete": { + "id": "framework-isComplete", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleDefaultPolicyF410E478", + "roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-isComplete/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisCompleteServiceRoleFAA9C6CB", + "Arn" + ] + }, + "description": "AWS CDK resource provider framework - isComplete (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + } + } + }, + "handler": "framework.isComplete", + "runtime": "nodejs12.x", + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "framework-onTimeout": { + "id": "framework-onTimeout", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRoleDefaultPolicy05DF1C30", + "roles": [ + { + "Ref": "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/framework-onTimeout/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3Bucket40DFAF90" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9S3VersionKey36104212" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeoutServiceRole0B00A1BD", + "Arn" + ] + }, + "description": "AWS CDK resource provider framework - onTimeout (cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterOnEventHandlerDF82DF85", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "SnapshoterIsCompleteHandler93DE2591", + "Arn" + ] + } + } + }, + "handler": "framework.onTimeout", + "runtime": "nodejs12.x", + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "waiter-state-machine": { + "id": "waiter-state-machine", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine", + "children": { + "Role": { + "id": "Role", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::FindInMap": [ + "ServiceprincipalMap", + { + "Ref": "AWS::Region" + }, + "states" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeout04342B00", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkisComplete803B4F1B", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "SnapshoterSnapshotProviderframeworkonTimeout04342B00", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "SnapshoterSnapshotProviderwaiterstatemachineRoleDefaultPolicyCF7716B2", + "roles": [ + { + "Ref": "SnapshoterSnapshotProviderwaiterstatemachineRole76E414C5" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/Snapshoter/SnapshotProvider/waiter-state-machine/Resource", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/custom-resources.Provider", + "version": "0.0.0" + } + }, + "Snapshot": { + "id": "Snapshot", + "path": "cdk-integ-cluster-snapshot/Snapshoter/Snapshot", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-cluster-snapshot/Snapshoter/Snapshot/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "cdk-integ-cluster-snapshot/AssetParameters", + "children": { + "1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e": { + "id": "1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e", + "path": "cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "cdk-integ-cluster-snapshot/AssetParameters/1e025324752b3133dc230c4b8b8752f666b63c09cd4aa605ec2b322cc40def2e/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + }, + "8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9": { + "id": "8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9", + "path": "cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "cdk-integ-cluster-snapshot/AssetParameters/8dd02cc4ac473ca5b08800e92edaa31a1a7db4005928021d029c5363584f11b9/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Construct", + "version": "0.0.0" + } + }, + "FromSnapshot": { + "id": "FromSnapshot", + "path": "cdk-integ-cluster-snapshot/FromSnapshot", + "children": { + "Subnets": { + "id": "Subnets", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Subnets", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Subnets/Default", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", + "aws:cdk:cloudformation:props": { + "dbSubnetGroupDescription": "Subnets for FromSnapshot database", + "subnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBSubnetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.SubnetGroup", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "RDS security group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}": { + "id": "from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SecurityGroup/from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from cdkintegclustersnapshotFromSnapshotRotationSingleUserSecurityGroup8B231219:{IndirectPort}", + "fromPort": { + "Fn::GetAtt": [ + "FromSnapshotEE0682C5", + "Endpoint.Port" + ] + }, + "groupId": { + "Fn::GetAtt": [ + "FromSnapshotSecurityGroup72F11E81", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserSecurityGroupF78A9956", + "GroupId" + ] + }, + "toPort": { + "Fn::GetAtt": [ + "FromSnapshotEE0682C5", + "Endpoint.Port" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup": { + "id": "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Secret": { + "id": "Secret", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "generateSecretString": { + "passwordLength": 30, + "secretStringTemplate": "{\"username\":\"admin\"}", + "generateStringKey": "password", + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + }, + "Attachment": { + "id": "Attachment", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Secret/Attachment", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Secret/Attachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "FromSnapshotSecret9100F61C" + }, + "targetId": { + "Ref": "FromSnapshotEE0682C5" + }, + "targetType": "AWS::RDS::DBCluster" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.DatabaseSecret", + "version": "0.0.0" + } + }, + "SnapshotSecret": { + "id": "SnapshotSecret", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "generateSecretString": { + "passwordLength": 30, + "secretStringTemplate": "{\"username\":\"admin\"}", + "generateStringKey": "password", + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + }, + "Attachment": { + "id": "Attachment", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb" + }, + "targetId": { + "Ref": "FromSnapshotEE0682C5" + }, + "targetType": "AWS::RDS::DBCluster" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "version": "0.0.0" + } + }, + "RotationSchedule": { + "id": "RotationSchedule", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/RotationSchedule", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/RotationSchedule/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::RotationSchedule", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" + }, + "rotationLambdaArn": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserEBCAA50C", + "Outputs.RotationLambdaARN" + ] + }, + "rotationRules": { + "automaticallyAfterDays": 30 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnRotationSchedule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.RotationSchedule", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/SnapshotSecret/Attachment/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy", + "aws:cdk:cloudformation:props": { + "resourcePolicy": { + "Statement": [ + { + "Action": "secretsmanager:DeleteSecret", + "Effect": "Deny", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "secretId": { + "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnResourcePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.ResourcePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.DatabaseSecret", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", + "aws:cdk:cloudformation:props": { + "engine": "aurora-mysql", + "copyTagsToSnapshot": true, + "dbClusterParameterGroupName": "default.aurora-mysql5.7", + "dbSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "engineVersion": "5.7.mysql_aurora.2.10.2", + "masterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "cdkintegclustersnapshotFromSnapshotSnapshotSecretD93327943fdaad7efa858a3daf9490cf0a702aeb" + }, + ":SecretString:password::}}" + ] + ] + }, + "snapshotIdentifier": { + "Fn::GetAtt": [ + "SnapshoterSnapshotAA1755BE", + "DBClusterSnapshotArn" + ] + }, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "FromSnapshotSecurityGroup72F11E81", + "GroupId" + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBCluster", + "version": "0.0.0" + } + }, + "Instance1": { + "id": "Instance1", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Instance1", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbInstanceClass": "db.t3.small", + "dbClusterIdentifier": { + "Ref": "FromSnapshotEE0682C5" + }, + "dbSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "engine": "aurora-mysql", + "engineVersion": "5.7.mysql_aurora.2.10.2" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "version": "0.0.0" + } + }, + "Instance2": { + "id": "Instance2", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/Instance2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbInstanceClass": "db.t3.small", + "dbClusterIdentifier": { + "Ref": "FromSnapshotEE0682C5" + }, + "dbSubnetGroupName": { + "Ref": "FromSnapshotSubnets9ED4B8EE" + }, + "engine": "aurora-mysql", + "engineVersion": "5.7.mysql_aurora.2.10.2" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "version": "0.0.0" + } + }, + "RotationSingleUser": { + "id": "RotationSingleUser", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser", + "children": { + "SecurityGroup": { + "id": "SecurityGroup", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "SARMapping": { + "id": "SARMapping", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/SARMapping", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnMapping", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Serverless::Application", + "aws:cdk:cloudformation:props": { + "location": { + "applicationId": { + "Fn::FindInMap": [ + "FromSnapshotRotationSingleUserSARMapping4464D796", + { + "Ref": "AWS::Partition" + }, + "applicationId" + ] + }, + "semanticVersion": { + "Fn::FindInMap": [ + "FromSnapshotRotationSingleUserSARMapping4464D796", + { + "Ref": "AWS::Partition" + }, + "semanticVersion" + ] + } + }, + "parameters": { + "endpoint": { + "Fn::Join": [ + "", + [ + "https://secretsmanager.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + }, + "functionName": "cdkintegclustersnapshotFromSnapshotRotationSingleUserAE675488", + "vpcSubnetIds": { + "Fn::Join": [ + "", + [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + ",", + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + ] + }, + "vpcSecurityGroupIds": { + "Fn::GetAtt": [ + "FromSnapshotRotationSingleUserSecurityGroupF78A9956", + "GroupId" + ] + }, + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sam.CfnApplication", + "version": "0.0.0" + } + }, + "RotationLambda": { + "id": "RotationLambda", + "path": "cdk-integ-cluster-snapshot/FromSnapshot/RotationSingleUser/RotationLambda", + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.FunctionBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.SecretRotation", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rds.DatabaseClusterFromSnapshot", + "version": "0.0.0" + } + }, + "Service-principalMap": { + "id": "Service-principalMap", + "path": "cdk-integ-cluster-snapshot/Service-principalMap", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnMapping", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/cluster.test.ts b/packages/@aws-cdk/aws-rds/test/cluster.test.ts index 718951a81580d..a9ccf4b374182 100644 --- a/packages/@aws-cdk/aws-rds/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/cluster.test.ts @@ -1,4 +1,4 @@ -import { Match, Template } from '@aws-cdk/assertions'; +import { Annotations, Match, Template } from '@aws-cdk/assertions'; import * as ec2 from '@aws-cdk/aws-ec2'; import { ManagedPolicy, Role, ServicePrincipal } from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; @@ -10,7 +10,7 @@ import * as cxapi from '@aws-cdk/cx-api'; import { AuroraEngineVersion, AuroraMysqlEngineVersion, AuroraPostgresEngineVersion, CfnDBCluster, Credentials, DatabaseCluster, DatabaseClusterEngine, DatabaseClusterFromSnapshot, ParameterGroup, PerformanceInsightRetention, SubnetGroup, DatabaseSecret, - DatabaseInstanceEngine, SqlServerEngineVersion, + DatabaseInstanceEngine, SqlServerEngineVersion, SnapshotCredentials, } from '../lib'; describe('cluster', () => { @@ -2026,6 +2026,109 @@ describe('cluster', () => { ]], }, }); + + Annotations.fromStack(stack).hasWarning('/Default/Database', Match.stringLikeRegexp('Generated credentials will not be applied to cluster')); + }); + + test('can generate a new snapshot password', () => { + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + new DatabaseClusterFromSnapshot(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + instanceProps: { + vpc, + }, + snapshotIdentifier: 'mySnapshot', + snapshotCredentials: SnapshotCredentials.fromGeneratedSecret('admin', { + excludeCharacters: '"@/\\', + }), + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::DBCluster', { + MasterUsername: Match.absent(), + MasterUserPassword: { + 'Fn::Join': ['', [ + '{{resolve:secretsmanager:', + { Ref: 'DatabaseSnapshotSecret2B5748BB8ee0a797cad8a68dbeb85f8698cdb5bb' }, + ':SecretString:password::}}', + ]], + }, + }); + Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::Secret', { + Description: { + 'Fn::Join': ['', ['Generated by the CDK for stack: ', { Ref: 'AWS::StackName' }]], + }, + GenerateSecretString: { + ExcludeCharacters: '\"@/\\', + GenerateStringKey: 'password', + PasswordLength: 30, + SecretStringTemplate: '{"username":"admin"}', + }, + }); + }); + + test('fromGeneratedSecret with replica regions', () => { + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + new DatabaseClusterFromSnapshot(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + instanceProps: { + vpc, + }, + snapshotIdentifier: 'mySnapshot', + snapshotCredentials: SnapshotCredentials.fromGeneratedSecret('admin', { + replicaRegions: [{ region: 'eu-west-1' }], + }), + }); + + Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::Secret', { + ReplicaRegions: [ + { + Region: 'eu-west-1', + }, + ], + }); + }); + + test('throws if generating a new password without a username', () => { + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + expect(() => new DatabaseClusterFromSnapshot(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + instanceProps: { + vpc, + }, + snapshotIdentifier: 'mySnapshot', + snapshotCredentials: { generatePassword: true }, + })).toThrow(/`snapshotCredentials` `username` must be specified when `generatePassword` is set to true/); + }); + + test('can set a new snapshot password from an existing Secret', () => { + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + const secret = new DatabaseSecret(stack, 'DBSecret', { + username: 'admin', + encryptionKey: new kms.Key(stack, 'PasswordKey'), + }); + new DatabaseClusterFromSnapshot(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + instanceProps: { + vpc, + }, + snapshotIdentifier: 'mySnapshot', + snapshotCredentials: SnapshotCredentials.fromSecret(secret), + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::DBCluster', { + MasterUsername: Match.absent(), + MasterUserPassword: { + 'Fn::Join': ['', ['{{resolve:secretsmanager:', { Ref: 'DBSecretD58955BC' }, ':SecretString:password::}}']], + }, + }); }); test('create a cluster from a snapshot with encrypted storage', () => { diff --git a/packages/@aws-cdk/aws-rds/test/integ.cluster-snapshot.ts b/packages/@aws-cdk/aws-rds/test/integ.cluster-snapshot.ts new file mode 100644 index 0000000000000..771bf19532f96 --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/integ.cluster-snapshot.ts @@ -0,0 +1,109 @@ +import * as path from 'path'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; +import { App, ArnFormat, CustomResource, RemovalPolicy, Stack, StackProps } from '@aws-cdk/core'; +import * as cr from '@aws-cdk/custom-resources'; +import { Construct } from 'constructs'; +import * as rds from '../lib'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 2, natGateways: 1 }); + + const cluster = new rds.DatabaseCluster(this, 'Cluster', { + engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_2_10_2 }), + instanceProps: { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL), + vpc, + }, + removalPolicy: RemovalPolicy.DESTROY, + }); + + const snapshoter = new Snapshoter(this, 'Snapshoter', { + cluster, + snapshotIdentifier: 'cdk-integ-cluster-snapshot', + }); + + const fromSnapshot = new rds.DatabaseClusterFromSnapshot(this, 'FromSnapshot', { + snapshotIdentifier: snapshoter.snapshotArn, + snapshotCredentials: rds.SnapshotCredentials.fromGeneratedSecret('admin'), + engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_2_10_2 }), + instanceProps: { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL), + vpc, + }, + removalPolicy: RemovalPolicy.DESTROY, + }); + fromSnapshot.addRotationSingleUser(); + } +} + +interface SnapshoterProps { + readonly cluster: rds.IDatabaseCluster; + readonly snapshotIdentifier: string; +} + +class Snapshoter extends Construct { + public readonly snapshotArn: string; + + constructor(scope: Construct, id: string, props: SnapshoterProps) { + super(scope, id); + + const clusterArn = Stack.of(this).formatArn({ + service: 'rds', + resource: 'cluster', + resourceName: props.cluster.clusterIdentifier, + arnFormat: ArnFormat.COLON_RESOURCE_NAME, + }); + + const snapshotArn = Stack.of(this).formatArn({ + service: 'rds', + resource: 'cluster-snapshot', + resourceName: props.snapshotIdentifier, + arnFormat: ArnFormat.COLON_RESOURCE_NAME, + }); + + const code = lambda.Code.fromAsset(path.join(__dirname, 'snapshot-handler')); + const onEventHandler = new lambda.Function(this, 'OnEventHandler', { + code, + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.onEventHandler', + }); + onEventHandler.addToRolePolicy(new iam.PolicyStatement({ + actions: ['rds:CreateDBClusterSnapshot', 'rds:DeleteDBClusterSnapshot'], + resources: [clusterArn, snapshotArn], + })); + + const isCompleteHandler = new lambda.Function(this, 'IsCompleteHandler', { + code, + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.isCompleteHandler', + }); + isCompleteHandler.addToRolePolicy(new iam.PolicyStatement({ + actions: ['rds:DescribeDBClusterSnapshots'], + resources: [clusterArn, snapshotArn], + })); + + const provider = new cr.Provider(this, 'SnapshotProvider', { + onEventHandler, + isCompleteHandler, + }); + + const customResource = new CustomResource(this, 'Snapshot', { + resourceType: 'Custom::Snapshoter', + serviceToken: provider.serviceToken, + properties: { + DBClusterIdentifier: props.cluster.clusterIdentifier, + DBClusterSnapshotIdentifier: props.snapshotIdentifier, + }, + }); + this.snapshotArn = customResource.getAttString('DBClusterSnapshotArn'); + } +} + +const app = new App(); +new TestStack(app, 'cdk-integ-cluster-snapshot'); +app.synth(); diff --git a/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts b/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts new file mode 100644 index 0000000000000..6d5a3c23336cd --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts @@ -0,0 +1,63 @@ +/* eslint-disable no-console */ +import type { IsCompleteRequest, IsCompleteResponse, OnEventRequest, OnEventResponse } from '@aws-cdk/custom-resources/lib/provider-framework/types'; +import { RDS } from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies + +export async function onEventHandler(event: OnEventRequest): Promise { + console.log('Event: %j', event); + + const rds = new RDS(); + + const physicalResourceId = `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`; + + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + const data = await rds.createDBClusterSnapshot({ + DBClusterIdentifier: event.ResourceProperties.DBClusterIdentifier, + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + return { + PhysicalResourceId: physicalResourceId, + Data: { + DBClusterSnapshotArn: data.DBClusterSnapshot?.DBClusterSnapshotArn, + }, + }; + } + + if (event.RequestType === 'Delete') { + await rds.deleteDBClusterSnapshot({ + DBClusterSnapshotIdentifier: event.ResourceProperties.DBClusterSnapshotIdentifier, + }).promise(); + } + + return { + PhysicalResourceId: `${event.ResourceProperties.DBClusterIdentifier}-${event.ResourceProperties.DBClusterIdentifier}`, + }; +} + +export async function isCompleteHandler(event: IsCompleteRequest): Promise { + console.log('Event: %j', event); + + const snapshotStatus = await tryGetClusterSnapshotStatus(event.ResourceProperties.DBClusterSnapshotIdentifier); + + switch (event.RequestType) { + case 'Create': + case 'Update': + return { IsComplete: snapshotStatus === 'available' }; + case 'Delete': + return { IsComplete: snapshotStatus === undefined }; + } +} + +async function tryGetClusterSnapshotStatus(identifier: string): Promise { + try { + const rds = new RDS(); + const data = await rds.describeDBClusterSnapshots({ + DBClusterSnapshotIdentifier: identifier, + }).promise(); + return data.DBClusterSnapshots?.[0].Status; + } catch (err) { + if (err.code === 'DBClusterSnapshotNotFoundFault') { + return undefined; + } + throw err; + } +}