Skip to content

Commit

Permalink
chore(stepfunction-tasks/route53-targets/lambda-events-source): break…
Browse files Browse the repository at this point in the history
… dependencies on experimental modules (aws#14227)

*chore(stepfunction-tasks/route53-targets/lambda-events-source): break dependencies on between stable and experimental modules
NetaNir authored Apr 19, 2021

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 8a949dc commit 12b71cb
Showing 24 changed files with 229 additions and 186 deletions.
13 changes: 13 additions & 0 deletions allowed-breaking-changes.txt
Original file line number Diff line number Diff line change
@@ -61,3 +61,16 @@ weakened:@aws-cdk/cloud-assembly-schema.FileSource
# These are fine, since they shouldn't be widely used.
weakened:@aws-cdk/core.FileAssetLocation
weakened:@aws-cdk/aws-events.RuleTargetConfig

# replace interface with untyped properties to order to break stable to experimental dependencies
removed:@aws-cdk/aws-stepfunctions-tasks.CallApiGatewayHttpApiEndpointProps.api
strengthened:@aws-cdk/aws-stepfunctions-tasks.CallApiGatewayHttpApiEndpointProps
removed:@aws-cdk/aws-route53-targets.ApiGatewayv2Domain
removed:@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps.jobDefinition
removed:@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps.jobDefinition
removed:@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps.jobQueue
removed:@aws-cdk/aws-stepfunctions-tasks.BatchSubmitJobProps.jobQueue
removed:@aws-cdk/aws-stepfunctions-tasks.BatchSubmitJobProps.jobDefinition
strengthened:@aws-cdk/aws-stepfunctions-tasks.BatchSubmitJobProps
removed:@aws-cdk/aws-lambda-event-sources.ManagedKafkaEventSourceProps.cluster
strengthened:@aws-cdk/aws-lambda-event-sources.ManagedKafkaEventSourceProps
40 changes: 30 additions & 10 deletions packages/@aws-cdk/aws-events-targets/lib/batch.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import * as batch from '@aws-cdk/aws-batch';
import * as events from '@aws-cdk/aws-events';
import * as iam from '@aws-cdk/aws-iam';
import { Names } from '@aws-cdk/core';
import { Names, IConstruct } from '@aws-cdk/core';
import { singletonEventRole } from './util';

/**
@@ -44,12 +43,33 @@ export interface BatchJobProps {

/**
* Use an AWS Batch Job / Queue as an event rule target.
* Most likely the code will look something like this:
* `new BatchJob(jobQueue.jobQueueArn, jobQueue, jobDefinition.jobDefinitionArn, jobDefinition)`
*
* In the future this API will be improved to be fully typed
* @experimental
*/
export class BatchJob implements events.IRuleTarget {
constructor(
private readonly jobQueue: batch.IJobQueue,
private readonly jobDefinition: batch.IJobDefinition,
/**
* The JobQueue arn
*/
private readonly jobQueueArn: string,

/**
* The JobQueue Resource
*/
private readonly jobQueueScope: IConstruct,

/**
* The jobDefinition arn
*/
private readonly jobDefinitionArn: string,

/**
* The JobQueue Resource
*/
private readonly jobDefinitionScope: IConstruct,
private readonly props: BatchJobProps = {},
) { }

@@ -59,27 +79,27 @@ export class BatchJob implements events.IRuleTarget {
*/
public bind(rule: events.IRule, _id?: string): events.RuleTargetConfig {
const batchParameters: events.CfnRule.BatchParametersProperty = {
jobDefinition: this.jobDefinition.jobDefinitionArn,
jobDefinition: this.jobDefinitionArn,
jobName: this.props.jobName ?? Names.nodeUniqueId(rule.node),
arrayProperties: this.props.size ? { size: this.props.size } : undefined,
retryStrategy: this.props.attempts ? { attempts: this.props.attempts } : undefined,
};

return {
arn: this.jobQueue.jobQueueArn,
arn: this.jobQueueArn,
// When scoping resource-level access for job submission, you must provide both job queue and job definition resource types.
// https://docs.aws.amazon.com/batch/latest/userguide/ExamplePolicies_BATCH.html#iam-example-restrict-job-def
role: singletonEventRole(this.jobDefinition, [
role: singletonEventRole(this.jobDefinitionScope, [
new iam.PolicyStatement({
actions: ['batch:SubmitJob'],
resources: [
this.jobDefinition.jobDefinitionArn,
this.jobQueue.jobQueueArn,
this.jobDefinitionArn,
this.jobQueueArn,
],
}),
]),
input: this.props.event,
targetResource: this.jobQueue,
targetResource: this.jobQueueScope,
batchParameters,
};
}
3 changes: 1 addition & 2 deletions packages/@aws-cdk/aws-events-targets/package.json
Original file line number Diff line number Diff line change
@@ -73,6 +73,7 @@
"devDependencies": {
"@aws-cdk/aws-codecommit": "0.0.0",
"@aws-cdk/aws-s3": "0.0.0",
"@aws-cdk/aws-batch": "0.0.0",
"aws-sdk": "^2.848.0",
"aws-sdk-mock": "^5.1.0",
"cdk-build-tools": "0.0.0",
@@ -82,7 +83,6 @@
"@aws-cdk/assert-internal": "0.0.0"
},
"dependencies": {
"@aws-cdk/aws-batch": "0.0.0",
"@aws-cdk/aws-codebuild": "0.0.0",
"@aws-cdk/aws-codepipeline": "0.0.0",
"@aws-cdk/aws-ec2": "0.0.0",
@@ -103,7 +103,6 @@
},
"homepage": "https://github.com/aws/aws-cdk",
"peerDependencies": {
"@aws-cdk/aws-batch": "0.0.0",
"@aws-cdk/aws-codebuild": "0.0.0",
"@aws-cdk/aws-codepipeline": "0.0.0",
"@aws-cdk/aws-ec2": "0.0.0",
Original file line number Diff line number Diff line change
@@ -28,7 +28,7 @@ test('use aws batch job as an eventrule target', () => {
});

// WHEN
rule.addTarget(new targets.BatchJob(jobQueue, jobDefinition));
rule.addTarget(new targets.BatchJob(jobQueue.jobQueueArn, jobQueue, jobDefinition.jobDefinitionArn, jobDefinition));

// THEN
expect(stack).to(haveResource('AWS::Events::Rule', {
Original file line number Diff line number Diff line change
@@ -27,11 +27,11 @@ const job = new batch.JobDefinition(stack, 'MyJob', {
const timer = new events.Rule(stack, 'Timer', {
schedule: events.Schedule.rate(cdk.Duration.minutes(1)),
});
timer.addTarget(new targets.BatchJob(queue, job));
timer.addTarget(new targets.BatchJob(queue.jobQueueArn, queue, job.jobDefinitionArn, job));

const timer2 = new events.Rule(stack, 'Timer2', {
schedule: events.Schedule.rate(cdk.Duration.minutes(2)),
});
timer2.addTarget(new targets.BatchJob(queue, job));
timer2.addTarget(new targets.BatchJob(queue.jobQueueArn, queue, job.jobDefinitionArn, job));

app.synth();
7 changes: 3 additions & 4 deletions packages/@aws-cdk/aws-lambda-event-sources/README.md
Original file line number Diff line number Diff line change
@@ -225,9 +225,8 @@ import * as msk from '@aws-cdk/aws-lambda';
import { Secret } from '@aws-cdk/aws-secretmanager';
import { ManagedKafkaEventSource } from '@aws-cdk/aws-lambda-event-sources';

// Your MSK cluster
const cluster = msk.Cluster.fromClusterArn(this, 'Cluster',
'arn:aws:kafka:us-east-1:0123456789019:cluster/SalesCluster/abcd1234-abcd-cafe-abab-9876543210ab-4');
// Your MSK cluster arn
const cluster = 'arn:aws:kafka:us-east-1:0123456789019:cluster/SalesCluster/abcd1234-abcd-cafe-abab-9876543210ab-4';

// The Kafka topic you want to subscribe to
const topic = 'some-cool-topic'
@@ -237,7 +236,7 @@ const topic = 'some-cool-topic'
const secret = new Secret(this, 'Secret', { secretName: 'AmazonMSK_KafkaSecret' });

myFunction.addEventSource(new ManagedKafkaEventSource({
cluster: cluster,
clusterArn,
topic: topic,
secret: secret,
batchSize: 100, // default
9 changes: 4 additions & 5 deletions packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts
Original file line number Diff line number Diff line change
@@ -2,7 +2,6 @@ import * as crypto from 'crypto';
import { ISecurityGroup, IVpc, SubnetSelection } from '@aws-cdk/aws-ec2';
import * as iam from '@aws-cdk/aws-iam';
import * as lambda from '@aws-cdk/aws-lambda';
import * as msk from '@aws-cdk/aws-msk';
import * as secretsmanager from '@aws-cdk/aws-secretsmanager';
import { Stack } from '@aws-cdk/core';
import { StreamEventSource, StreamEventSourceProps } from './stream';
@@ -32,7 +31,7 @@ export interface ManagedKafkaEventSourceProps extends KafkaEventSourceProps {
/**
* an MSK cluster construct
*/
readonly cluster: msk.ICluster
readonly clusterArn: string;
}

/**
@@ -103,9 +102,9 @@ export class ManagedKafkaEventSource extends StreamEventSource {

public bind(target: lambda.IFunction) {
target.addEventSourceMapping(
`KafkaEventSource:${this.innerProps.cluster.clusterArn}${this.innerProps.topic}`,
`KafkaEventSource:${this.innerProps.clusterArn}${this.innerProps.topic}`,
this.enrichMappingOptions({
eventSourceArn: this.innerProps.cluster.clusterArn,
eventSourceArn: this.innerProps.clusterArn,
startingPosition: this.innerProps.startingPosition,
// From https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html#msk-password-limitations, "Amazon MSK only supports SCRAM-SHA-512 authentication."
sourceAccessConfigurations: [{ type: lambda.SourceAccessConfigurationType.SASL_SCRAM_512_AUTH, uri: this.innerProps.secret.secretArn }],
@@ -118,7 +117,7 @@ export class ManagedKafkaEventSource extends StreamEventSource {
target.addToRolePolicy(new iam.PolicyStatement(
{
actions: ['kafka:DescribeCluster', 'kafka:GetBootstrapBrokers', 'kafka:ListScramSecrets'],
resources: [this.innerProps.cluster.clusterArn],
resources: [this.innerProps.clusterArn],
},
));

2 changes: 0 additions & 2 deletions packages/@aws-cdk/aws-lambda-event-sources/package.json
Original file line number Diff line number Diff line change
@@ -77,7 +77,6 @@
"@aws-cdk/aws-iam": "0.0.0",
"@aws-cdk/aws-kinesis": "0.0.0",
"@aws-cdk/aws-lambda": "0.0.0",
"@aws-cdk/aws-msk": "0.0.0",
"@aws-cdk/aws-s3": "0.0.0",
"@aws-cdk/aws-s3-notifications": "0.0.0",
"@aws-cdk/aws-secretsmanager": "0.0.0",
@@ -96,7 +95,6 @@
"@aws-cdk/aws-iam": "0.0.0",
"@aws-cdk/aws-kinesis": "0.0.0",
"@aws-cdk/aws-lambda": "0.0.0",
"@aws-cdk/aws-msk": "0.0.0",
"@aws-cdk/aws-s3": "0.0.0",
"@aws-cdk/aws-s3-notifications": "0.0.0",
"@aws-cdk/aws-secretsmanager": "0.0.0",
9 changes: 4 additions & 5 deletions packages/@aws-cdk/aws-lambda-event-sources/test/test.kafka.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { arrayWith, expect, haveResource } from '@aws-cdk/assert-internal';
import { SecurityGroup, SubnetType, Vpc } from '@aws-cdk/aws-ec2';
import * as lambda from '@aws-cdk/aws-lambda';
import * as msk from '@aws-cdk/aws-msk';
import { Secret } from '@aws-cdk/aws-secretsmanager';
import * as cdk from '@aws-cdk/core';
import { Test } from 'nodeunit';
@@ -14,14 +13,14 @@ export = {
// GIVEN
const stack = new cdk.Stack();
const fn = new TestFunction(stack, 'Fn');
const cluster = msk.Cluster.fromClusterArn(stack, 'Cluster', 'some-arn');
const clusterArn = 'some-arn';
const kafkaTopic = 'some-topic';
const secret = new Secret(stack, 'Secret', { secretName: 'AmazonMSK_KafkaSecret' });

// WHEN
fn.addEventSource(new sources.ManagedKafkaEventSource(
{
cluster: cluster,
clusterArn,
topic: kafkaTopic,
secret: secret,
startingPosition: lambda.StartingPosition.TRIM_HORIZON,
@@ -48,7 +47,7 @@ export = {
'kafka:ListScramSecrets',
],
Effect: 'Allow',
Resource: cluster.clusterArn,
Resource: clusterArn,
},
],
Version: '2012-10-17',
@@ -62,7 +61,7 @@ export = {
}));

expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', {
EventSourceArn: cluster.clusterArn,
EventSourceArn: clusterArn,
FunctionName: {
Ref: 'Fn9270CBC0',
},
3 changes: 2 additions & 1 deletion packages/@aws-cdk/aws-route53-targets/README.md
Original file line number Diff line number Diff line change
@@ -24,9 +24,10 @@ This library contains Route53 Alias Record targets for:
* API Gateway V2 custom domains

```ts

new route53.ARecord(this, 'AliasRecord', {
zone,
target: route53.RecordTarget.fromAlias(new alias.ApiGatewayv2Domain(domainName)),
target: route53.RecordTarget.fromAlias(new alias.ApiGatewayv2DomainProperties(domainName.regionalDomainName, domainName.regionalHostedZoneId)),
});
```

Original file line number Diff line number Diff line change
@@ -1,16 +1,19 @@
import * as apigv2 from '@aws-cdk/aws-apigatewayv2';
import * as route53 from '@aws-cdk/aws-route53';

/**
* Defines an API Gateway V2 domain name as the alias target.
*/
export class ApiGatewayv2Domain implements route53.IAliasRecordTarget {
constructor(private readonly domainName: apigv2.IDomainName) { }
export class ApiGatewayv2DomainProperties implements route53.IAliasRecordTarget {
/**
* @param regionalDomainName the region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint.
* @param regionalHostedZoneId the domain name associated with the regional endpoint for this custom domain name.
*/
constructor(private readonly regionalDomainName: string, private readonly regionalHostedZoneId: string) { }

public bind(_record: route53.IRecordSet): route53.AliasRecordTargetConfig {
return {
dnsName: this.domainName.regionalDomainName,
hostedZoneId: this.domainName.regionalHostedZoneId,
dnsName: this.regionalDomainName,
hostedZoneId: this.regionalHostedZoneId,
};
}
}
}
3 changes: 1 addition & 2 deletions packages/@aws-cdk/aws-route53-targets/package.json
Original file line number Diff line number Diff line change
@@ -64,6 +64,7 @@
"devDependencies": {
"@aws-cdk/aws-certificatemanager": "0.0.0",
"@aws-cdk/aws-lambda": "0.0.0",
"@aws-cdk/aws-apigatewayv2": "0.0.0",
"cdk-build-tools": "0.0.0",
"cdk-integ-tools": "0.0.0",
"cfn2ts": "0.0.0",
@@ -73,7 +74,6 @@
},
"dependencies": {
"@aws-cdk/aws-apigateway": "0.0.0",
"@aws-cdk/aws-apigatewayv2": "0.0.0",
"@aws-cdk/aws-cloudfront": "0.0.0",
"@aws-cdk/aws-cognito": "0.0.0",
"@aws-cdk/aws-ec2": "0.0.0",
@@ -90,7 +90,6 @@
"homepage": "https://github.com/aws/aws-cdk",
"peerDependencies": {
"@aws-cdk/aws-apigateway": "0.0.0",
"@aws-cdk/aws-apigatewayv2": "0.0.0",
"@aws-cdk/aws-cloudfront": "0.0.0",
"@aws-cdk/aws-cognito": "0.0.0",
"@aws-cdk/aws-ec2": "0.0.0",
Original file line number Diff line number Diff line change
@@ -8,10 +8,10 @@ import * as targets from '../lib';
test('targets.ApiGatewayv2Domain can be used to directly reference a domain', () => {
// GIVEN
const stack = new Stack();
const domainName = 'example.com';
const cert = new acm.Certificate(stack, 'cert', { domainName });
const dn = new apigwv2.DomainName(stack, 'DN', {
domainName,
const name = 'example.com';
const cert = new acm.Certificate(stack, 'cert', { domainName: name });
const domainName = new apigwv2.DomainName(stack, 'DN', {
domainName: name,
certificate: cert,
});
const zone = new route53.HostedZone(stack, 'zone', {
@@ -21,7 +21,7 @@ test('targets.ApiGatewayv2Domain can be used to directly reference a domain', ()
// WHEN
new route53.ARecord(stack, 'A', {
zone,
target: route53.RecordTarget.fromAlias(new targets.ApiGatewayv2Domain(dn)),
target: route53.RecordTarget.fromAlias(new targets.ApiGatewayv2DomainProperties(domainName.regionalDomainName, domainName.regionalHostedZoneId)),
});

// THEN
Loading

0 comments on commit 12b71cb

Please sign in to comment.