Skip to content

Commit

Permalink
feat(apigateway): set RestApi CloudWatchRole and Account retention po…
Browse files Browse the repository at this point in the history 
…licy (#26836)

Adds a `cloudWatchRoleRemovalPolicy` property to `RestApiBaseProps` that allows to specify a custom retention policy for CloudWatchRole and Account.
Defaults to `RemovalPolicy.RETAIN`.

Closes #26827.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@lpizzinidev
lpizzinidev committed Aug 23, 2023
1 parent dd912da commit 7af20ba
Show file tree
Hide file tree
Showing 12 changed files with 813 additions and 14 deletions.
19 changes: 19 additions & 0 deletions ...pshot/apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"version": "33.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
"path": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
}
},
"dockerImages": {}
}
36 changes: 36 additions & 0 deletions ...hot/apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{
"Parameters": {
"BootstrapVersion": {
"Type": "AWS::SSM::Parameter::Value<String>",
"Default": "/cdk-bootstrap/hnb659fds/version",
"Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
}
},
"Rules": {
"CheckBootstrapVersion": {
"Assertions": [
{
"Assert": {
"Fn::Not": [
{
"Fn::Contains": [
[
"1",
"2",
"3",
"4",
"5"
],
{
"Ref": "BootstrapVersion"
}
]
}
]
},
"AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
]
}
}
}
1 change: 1 addition & 0 deletions ...nteg/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/cdk.out
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"version":"33.0.0"}
12 changes: 12 additions & 0 deletions ...g/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/integ.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{
"version": "33.0.0",
"testCases": {
"apigateway-restapi-cloudwatch-removal-policy/DefaultTest": {
"stacks": [
"test-apigateway-restapi-cloudwatch-removal-policy"
],
"assertionStack": "apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert",
"assertionStackName": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A"
}
}
}
147 changes: 147 additions & 0 deletions ...est/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/manifest.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
{
"version": "33.0.0",
"artifacts": {
"test-apigateway-restapi-cloudwatch-removal-policy.assets": {
"type": "cdk:asset-manifest",
"properties": {
"file": "test-apigateway-restapi-cloudwatch-removal-policy.assets.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
}
},
"test-apigateway-restapi-cloudwatch-removal-policy": {
"type": "aws:cloudformation:stack",
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "test-apigateway-restapi-cloudwatch-removal-policy.template.json",
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
"test-apigateway-restapi-cloudwatch-removal-policy.assets"
],
"lookupRole": {
"arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
"requiresBootstrapStackVersion": 8,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
}
},
"dependencies": [
"test-apigateway-restapi-cloudwatch-removal-policy.assets"
],
"metadata": {
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "myapi4C7BF186"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/CloudWatchRole/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "myapiCloudWatchRole095452E5"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Account": [
{
"type": "aws:cdk:logicalId",
"data": "myapiAccountEC421A0A"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Deployment/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "myapiDeployment92F2CB4972a890db5063ec679071ba7eefc76f2a"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/DeploymentStage.prod/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "myapiDeploymentStageprod298F01AF"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Endpoint": [
{
"type": "aws:cdk:logicalId",
"data": "myapiEndpoint3628AFE3"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Default/GET/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "myapiGETF990CE3C"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/BootstrapVersion": [
{
"type": "aws:cdk:logicalId",
"data": "BootstrapVersion"
}
],
"/test-apigateway-restapi-cloudwatch-removal-policy/CheckBootstrapVersion": [
{
"type": "aws:cdk:logicalId",
"data": "CheckBootstrapVersion"
}
]
},
"displayName": "test-apigateway-restapi-cloudwatch-removal-policy"
},
"apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets": {
"type": "cdk:asset-manifest",
"properties": {
"file": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
}
},
"apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A": {
"type": "aws:cloudformation:stack",
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json",
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
"apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets"
],
"lookupRole": {
"arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
"requiresBootstrapStackVersion": 8,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
}
},
"dependencies": [
"apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets"
],
"metadata": {
"/apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert/BootstrapVersion": [
{
"type": "aws:cdk:logicalId",
"data": "BootstrapVersion"
}
],
"/apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert/CheckBootstrapVersion": [
{
"type": "aws:cdk:logicalId",
"data": "CheckBootstrapVersion"
}
]
},
"displayName": "apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert"
},
"Tree": {
"type": "cdk:tree",
"properties": {
"file": "tree.json"
}
}
}
}
19 changes: 19 additions & 0 deletions ...-removal-policy.js.snapshot/test-apigateway-restapi-cloudwatch-removal-policy.assets.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"version": "33.0.0",
"files": {
"ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489": {
"source": {
"path": "test-apigateway-restapi-cloudwatch-removal-policy.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
}
},
"dockerImages": {}
}

0 comments on commit 7af20ba

Please sign in to comment.