Skip to content

Commit

Permalink
feat(region-info): add information for us-gov, us-iso, and us-isob re…
Browse files Browse the repository at this point in the history 
…gions

### Commit Message
feat(region-info): add information for us-gov, us-iso, and us-isob regions (#7876)

`us-gov`, `us-iso`, and `us-isob` regions have additional information and formatting, to include:

* Service Principal names.
* S3 static website endpoints and Route 53 Hosted Zone IDs (when available).
* VPC endpoint service name prefixes.

Fixes #4669
### End Commit Message

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@joel-aws
joel-aws committed May 18, 2020
1 parent 6a6298f commit afe0b00
Show file tree
Hide file tree
Showing 6 changed files with 193 additions and 6 deletions.
4 changes: 4 additions & 0 deletions packages/@aws-cdk/region-info/build-tools/aws-entities.ts
View file
Expand Up @@ -8,6 +8,10 @@ export const AWS_REGIONS = [
'us-east-1',
'us-west-1',
'us-west-2',
'us-gov-east-1',
'us-gov-west-1',
'us-iso-east-1',
'us-isob-east-1',
'ap-east-1',
'ap-south-1',
'ap-northeast-2',
Expand Down
35 changes: 30 additions & 5 deletions packages/@aws-cdk/region-info/build-tools/generate-static-data.ts
View file
Expand Up @@ -38,6 +38,10 @@ async function main(): Promise<void> {
'us-east-1',
'us-west-1',
'us-west-2',
// 'us-gov-east-1',
// 'us-gov-west-1',
// 'us-iso-east-1',
// 'us-isob-east-1',
'ap-south-1',
'ap-east-1',
// 'ap-northeast-3',
Expand Down Expand Up @@ -67,6 +71,8 @@ async function main(): Promise<void> {
'us-east-1': 'Z3AQBSTGFYJSTF',
'us-west-1': 'Z2F56UZL2M1ACD',
'us-west-2': 'Z3BJ6K6RIION7M',
'us-gov-east-1': 'Z2NIFVYYW2VKV1',
'us-gov-west-1': 'Z31GFT0UA1I2HV',
'ap-east-1': 'ZNB98KWMFR0R6',
'ap-south-1': 'Z11RGJOFQNVJUP',
'ap-northeast-3': 'Z2YQB5RD63NC85',
Expand All @@ -84,11 +90,30 @@ async function main(): Promise<void> {
'me-south-1': 'Z1MPMWCPA7YB62',
};

interface IRegion { partition: string, domainSuffix: string }

const PARTITION_MAP: { [region: string]: IRegion } = {
'default': { partition: 'aws', domainSuffix: 'amazonaws.com' },
'cn-': { partition: 'aws-cn', domainSuffix: 'amazonaws.com.cn' },
'us-gov-': { partition: 'aws-us-gov', domainSuffix: 'amazonaws.com' },
'us-iso-': { partition: 'aws-iso', domainSuffix: 'c2s.ic.gov' },
'us-isob-': { partition: 'aws-iso-b', domainSuffix: 'sc2s.sgov.gov' },
};

const defaultMap = 'default';

for (const region of AWS_REGIONS) {
const partition = region.startsWith('cn-') ? 'aws-cn' : 'aws';
registerFact(region, 'PARTITION', partition);
let partition = PARTITION_MAP[defaultMap].partition;
let domainSuffix = PARTITION_MAP[defaultMap].domainSuffix;

for (const key in PARTITION_MAP) {
if (region.startsWith(key)) {
partition = PARTITION_MAP[key].partition;
domainSuffix = PARTITION_MAP[key].domainSuffix;
}
}

const domainSuffix = partition === 'aws' ? 'amazonaws.com' : 'amazonaws.com.cn';
registerFact(region, 'PARTITION', partition);
registerFact(region, 'DOMAIN_SUFFIX', domainSuffix);

registerFact(region, 'CDK_METADATA_RESOURCE_AVAILABLE', AWS_CDK_METADATA.has(region) ? 'YES' : 'NO');
Expand All @@ -99,7 +124,7 @@ async function main(): Promise<void> {

registerFact(region, 'S3_STATIC_WEBSITE_ZONE_53_HOSTED_ZONE_ID', ROUTE_53_BUCKET_WEBSITE_ZONE_IDS[region] || '');

const vpcEndpointServiceNamePrefix = region.startsWith('cn-') ? 'cn.com.amazonaws.vpce' : 'com.amazonaws.vpce';
const vpcEndpointServiceNamePrefix = `${domainSuffix.split('.').reverse().join('.')}.vpce`;
registerFact(region, 'VPC_ENDPOINT_SERVICE_NAME_PREFIX', vpcEndpointServiceNamePrefix);

for (const service of AWS_SERVICES) {
Expand All @@ -108,7 +133,7 @@ async function main(): Promise<void> {
}
lines.push(' }');
lines.push('');
lines.push(' private constructor() {}'),
lines.push(' private constructor() {}');
lines.push('}');

await fs.writeFile(path.resolve(__dirname, '..', 'lib', 'built-ins.generated.ts'), lines.join('\n'));
Expand Down
45 changes: 44 additions & 1 deletion packages/@aws-cdk/region-info/lib/default.ts
View file
Expand Up @@ -21,16 +21,59 @@ export class Default {
* @param urlSuffix the URL suffix for the partition in which the region is located.
*/
public static servicePrincipal(service: string, region: string, urlSuffix: string): string {
const matches = service.match(/^([^.]+)(?:\.amazonaws\.com(?:\.cn)?)?$/);
const matches = service.match(/^([^.]+)(?:(?:\.amazonaws\.com(?:\.cn)?)|(?:\.c2s\.ic\.gov)|(?:\.sc2s\.sgov\.gov))?$/);
if (!matches) {
// Return "service" if it does not look like any of the following:
// - s3
// - s3.amazonaws.com
// - s3.amazonaws.com.cn
// - s3.c2s.ic.gov
// - s3.sc2s.sgov.gov
return service;
}

service = matches[1]; // Simplify the service name down to something like "s3"

// Exceptions for Service Principals in us-iso-*
const US_ISO_EXCEPTIONS = new Set([
'cloudhsm',
'config',
'states',
'workspaces',
]);

// Exceptions for Service Principals in us-isob-*
const US_ISOB_EXCEPTIONS = new Set([
'dms',
'states',
]);

// Account for idiosyncratic Service Principals in `us-iso-*` regions
if (region.startsWith('us-iso-') && US_ISO_EXCEPTIONS.has(service)) {
switch (service) {
// Services with universal principal
case ('states'):
return `${service}.amazonaws.com`;

// Services with a partitional principal
default:
return `${service}.${urlSuffix}`;
}
}

// Account for idiosyncratic Service Principals in `us-isob-*` regions
if (region.startsWith('us-isob-') && US_ISOB_EXCEPTIONS.has(service)) {
switch (service) {
// Services with universal principal
case ('states'):
return `${service}.amazonaws.com`;

// Services with a partitional principal
default:
return `${service}.${urlSuffix}`;
}
}

switch (service) {
// Services with a regional AND partitional principal
case 'codedeploy':
Expand Down
100 changes: 100 additions & 0 deletions packages/@aws-cdk/region-info/test/__snapshots__/region-info.test.js.snap
View file
Expand Up @@ -20,6 +20,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-east-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ap-northeast-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -39,6 +40,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-northeast-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ap-northeast-2": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -58,6 +60,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-northeast-2.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ap-south-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -77,6 +80,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-south-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ap-southeast-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -96,6 +100,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-southeast-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ap-southeast-2": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -115,6 +120,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ap-southeast-2.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"ca-central-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -134,6 +140,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.ca-central-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"cn-north-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -153,6 +160,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.cn-north-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "cn.com.amazonaws.vpce",
},
"cn-northwest-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -172,6 +180,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.cn-northwest-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "cn.com.amazonaws.vpce",
},
"eu-central-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -191,6 +200,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.eu-central-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"eu-north-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -210,6 +220,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.eu-north-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"eu-west-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -229,6 +240,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.eu-west-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"eu-west-2": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -248,6 +260,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.eu-west-2.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"eu-west-3": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -267,6 +280,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.eu-west-3.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"me-south-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -286,6 +300,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.me-south-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"sa-east-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -305,6 +320,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.sa-east-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-east-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -324,6 +340,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.us-east-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-east-2": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -343,6 +360,87 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.us-east-2.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-gov-east-1": Object {
"cdkMetadataResourceAvailable": false,
"domainSuffix": "amazonaws.com",
"partition": "aws-us-gov",
"s3StaticWebsiteEndpoint": "s3-website.us-gov-east-1.amazonaws.com",
"servicePrincipals": Object {
"application-autoscaling": "application-autoscaling.amazonaws.com",
"autoscaling": "autoscaling.amazonaws.com",
"codedeploy": "codedeploy.us-gov-east-1.amazonaws.com",
"ec2": "ec2.amazonaws.com",
"events": "events.amazonaws.com",
"lambda": "lambda.amazonaws.com",
"logs": "logs.us-gov-east-1.amazonaws.com",
"s3": "s3.amazonaws.com",
"sns": "sns.amazonaws.com",
"sqs": "sqs.amazonaws.com",
"states": "states.us-gov-east-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-gov-west-1": Object {
"cdkMetadataResourceAvailable": false,
"domainSuffix": "amazonaws.com",
"partition": "aws-us-gov",
"s3StaticWebsiteEndpoint": "s3-website.us-gov-west-1.amazonaws.com",
"servicePrincipals": Object {
"application-autoscaling": "application-autoscaling.amazonaws.com",
"autoscaling": "autoscaling.amazonaws.com",
"codedeploy": "codedeploy.us-gov-west-1.amazonaws.com",
"ec2": "ec2.amazonaws.com",
"events": "events.amazonaws.com",
"lambda": "lambda.amazonaws.com",
"logs": "logs.us-gov-west-1.amazonaws.com",
"s3": "s3.amazonaws.com",
"sns": "sns.amazonaws.com",
"sqs": "sqs.amazonaws.com",
"states": "states.us-gov-west-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-iso-east-1": Object {
"cdkMetadataResourceAvailable": false,
"domainSuffix": "c2s.ic.gov",
"partition": "aws-iso",
"s3StaticWebsiteEndpoint": "s3-website.us-iso-east-1.c2s.ic.gov",
"servicePrincipals": Object {
"application-autoscaling": "application-autoscaling.amazonaws.com",
"autoscaling": "autoscaling.amazonaws.com",
"codedeploy": "codedeploy.us-iso-east-1.c2s.ic.gov",
"ec2": "ec2.c2s.ic.gov",
"events": "events.amazonaws.com",
"lambda": "lambda.amazonaws.com",
"logs": "logs.us-iso-east-1.c2s.ic.gov",
"s3": "s3.amazonaws.com",
"sns": "sns.amazonaws.com",
"sqs": "sqs.amazonaws.com",
"states": "states.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "gov.ic.c2s.vpce",
},
"us-isob-east-1": Object {
"cdkMetadataResourceAvailable": false,
"domainSuffix": "sc2s.sgov.gov",
"partition": "aws-iso-b",
"s3StaticWebsiteEndpoint": "s3-website.us-isob-east-1.sc2s.sgov.gov",
"servicePrincipals": Object {
"application-autoscaling": "application-autoscaling.amazonaws.com",
"autoscaling": "autoscaling.amazonaws.com",
"codedeploy": "codedeploy.us-isob-east-1.sc2s.sgov.gov",
"ec2": "ec2.sc2s.sgov.gov",
"events": "events.amazonaws.com",
"lambda": "lambda.amazonaws.com",
"logs": "logs.us-isob-east-1.sc2s.sgov.gov",
"s3": "s3.amazonaws.com",
"sns": "sns.amazonaws.com",
"sqs": "sqs.amazonaws.com",
"states": "states.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "gov.sgov.sc2s.vpce",
},
"us-west-1": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -362,6 +460,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.us-west-1.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
"us-west-2": Object {
"cdkMetadataResourceAvailable": true,
Expand All @@ -381,6 +480,7 @@ Object {
"sqs": "sqs.amazonaws.com",
"states": "states.us-west-2.amazonaws.com",
},
"vpcEndPointServiceNamePrefix": "com.amazonaws.vpce",
},
}
`;

0 comments on commit afe0b00

Please sign in to comment.