From c488035db893532c6aca97c59717a351539fa2ec Mon Sep 17 00:00:00 2001 From: sakurai-ryo <58683719+sakurai-ryo@users.noreply.github.com> Date: Thu, 21 Dec 2023 02:22:13 +0900 Subject: [PATCH] fix(integ-tests): apply correct IAM policy to waiterProvider (#28424) ### Description The following issue describes a bug where the IAM Policy is not correctly set to the calling Lambda when using `invokeFunction` and `waitForAssertions`. Normally, when the `waitForAssertions` method is invoked, the necessary Policy is granted to the `waiterProvider` using the `adPolicyStatementFromSdkCall` method. https://github.com/aws/aws-cdk/blob/52a5579aa52c88bb289a7a9677c35385763c8fff/packages/%40aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts#L136 In the case of a Lambda function call, the API name and the Action name of the Policy are different (invoke => invokeFunction), so the `addPolicyStatementFromSdkCall` method cannot grant the correct Policy. The `LambdaInvokeFunction` is doing the correct Policy assignment to deal with this in the constructor. https://github.com/aws/aws-cdk/blob/52a5579aa52c88bb289a7a9677c35385763c8fff/packages/%40aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts#L247 However, this is not done for the `waiterProvider`, resulting in an access denied error. This PR has been modified so that the correct Policy is granted to `waiterProvider`. fixes #27865 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../integ-tests-alpha/lib/assertions/sdk.ts | 18 +- ...efaultTestDeployAssertDC0672BB.assets.json | 32 ++ ...aultTestDeployAssertDC0672BB.template.json | 452 ++++++++++++++++++ .../InvokeFunctionAssertions.assets.json | 19 + .../InvokeFunctionAssertions.template.json | 98 ++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 204 ++++++++ .../tree.json | 452 ++++++++++++++++++ .../integ.invoke-function-assertions.ts | 31 ++ .../test/assertions/sdk.test.ts | 83 ++++ 11 files changed, 1400 insertions(+), 2 deletions(-) create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts diff --git a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts index 931a91a6f1347..fff9f88cc8f0e 100644 --- a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts +++ b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts @@ -214,7 +214,7 @@ export interface LambdaInvokeFunctionProps { /** * An AWS Lambda Invoke function API call. - * Use this istead of the generic AwsApiCall in order to + * Use this instead of the generic AwsApiCall in order to * invoke a lambda function. This will automatically create * the correct permissions to invoke the function */ @@ -250,6 +250,20 @@ export class LambdaInvokeFunction extends AwsApiCall { arnFormat: ArnFormat.COLON_RESOURCE_NAME, resourceName: props.functionName, })]); + + // If using `waitForAssertions`, do the same for `waiterProvider` as above. + // Aspects are used here because we do not know if the user is using `waitForAssertions` at this point. + Aspects.of(this).add({ + visit(node: IConstruct) { + if (node instanceof AwsApiCall && node.waiterProvider) { + node.waiterProvider.addPolicyStatementFromSdkCall('Lambda', 'invokeFunction', [stack.formatArn({ + service: 'lambda', + resource: 'function', + arnFormat: ArnFormat.COLON_RESOURCE_NAME, + resourceName: props.functionName, + })]); + } + }, + }); } } - diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json new file mode 100644 index 0000000000000..e0e0cca8c4e74 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json @@ -0,0 +1,32 @@ +{ + "version": "35.0.0", + "files": { + "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9": { + "source": { + "path": "asset.df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.bundle", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79": { + "source": { + "path": "AssertionsTestDefaultTestDeployAssertDC0672BB.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json new file mode 100644 index 0000000000000..73745330c312d --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json @@ -0,0 +1,452 @@ +{ + "Resources": { + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "Type": "Custom::DeployAssert@SdkCallLambdainvoke", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "service": "Lambda", + "api": "invoke", + "expected": "{\"$ObjectLike\":{\"StatusCode\":202}}", + "stateMachineArn": { + "Ref": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5" + }, + "parameters": { + "FunctionName": { + "Fn::Join": [ + "", + [ + "\"", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + }, + "\"" + ] + ] + }, + "InvocationType": "\"Event\"", + "Payload": "\"{\\\"days\\\":1}\"" + }, + "flattenResponse": "false", + "salt": "1702960389230" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2InvokeB9825AB9": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + }, + "Principal": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForIsCompleteProviderInvoke77DE6350": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + "Principal": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForTimeoutProviderInvoke0EAE6FD8": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + }, + "Principal": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ] + }, + "Policies": [ + { + "PolicyName": "InlineInvokeFunctions", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + } + ] + } + ] + } + } + ] + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":30,\"MaxAttempts\":180,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + }, + "\"}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + }, + "DependsOn": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7" + ] + }, + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "lambda:Invoke" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + }, + { + "Action": [ + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":lambda:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":function:", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ] + ] + } + ] + }, + { + "Action": [ + "states:StartExecution" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + } + ] + } + } + ] + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "lambda:Invoke" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + }, + { + "Action": [ + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":lambda:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":function:", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ] + ] + } + ] + } + ] + } + } + ] + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.isComplete", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB", + "Arn" + ] + } + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ] + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.onTimeout", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE", + "Arn" + ] + } + } + } + }, + "Outputs": { + "AssertionResultsLambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "Value": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "assertion" + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json new file mode 100644 index 0000000000000..777688fdcdda6 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926": { + "source": { + "path": "InvokeFunctionAssertions.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json new file mode 100644 index 0000000000000..9321a6d5fa7c3 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json @@ -0,0 +1,98 @@ +{ + "Resources": { + "TargetFuncServiceRoleD60C6577": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "TargetFunc08E2AFD9": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "exports.handler = async (event, context) => { return { foo: \"bar\" }; };" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "TargetFuncServiceRoleD60C6577", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "TargetFuncServiceRoleD60C6577" + ] + } + }, + "Outputs": { + "ExportsOutputRefTargetFunc08E2AFD9BD39CDAE": { + "Value": { + "Ref": "TargetFunc08E2AFD9" + }, + "Export": { + "Name": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c5cb2e5de6344 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json new file mode 100644 index 0000000000000..a9ddde45181d9 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "35.0.0", + "testCases": { + "AssertionsTest/DefaultTest": { + "stacks": [ + "InvokeFunctionAssertions" + ], + "assertionStack": "AssertionsTest/DefaultTest/DeployAssert", + "assertionStackName": "AssertionsTestDefaultTestDeployAssertDC0672BB" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json new file mode 100644 index 0000000000000..691477c0def67 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json @@ -0,0 +1,204 @@ +{ + "version": "35.0.0", + "artifacts": { + "InvokeFunctionAssertions.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "InvokeFunctionAssertions.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "InvokeFunctionAssertions": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "InvokeFunctionAssertions.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "InvokeFunctionAssertions.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InvokeFunctionAssertions.assets" + ], + "metadata": { + "/InvokeFunctionAssertions/TargetFunc/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TargetFuncServiceRoleD60C6577" + } + ], + "/InvokeFunctionAssertions/TargetFunc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TargetFunc08E2AFD9" + } + ], + "/InvokeFunctionAssertions/Exports/Output{\"Ref\":\"TargetFunc08E2AFD9\"}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ], + "/InvokeFunctionAssertions/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/InvokeFunctionAssertions/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "InvokeFunctionAssertions" + }, + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "AssertionsTestDefaultTestDeployAssertDC0672BB": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AssertionsTestDefaultTestDeployAssertDC0672BB.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InvokeFunctionAssertions", + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets" + ], + "metadata": { + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2InvokeB9825AB9" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForIsCompleteProviderInvoke77DE6350" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForTimeoutProviderInvoke0EAE6FD8" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/AssertionResults": [ + { + "type": "aws:cdk:logicalId", + "data": "AssertionResultsLambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "AssertionsTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json new file mode 100644 index 0000000000000..2fa4e941f1772 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json @@ -0,0 +1,452 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "InvokeFunctionAssertions": { + "id": "InvokeFunctionAssertions", + "path": "InvokeFunctionAssertions", + "children": { + "TargetFunc": { + "id": "TargetFunc", + "path": "InvokeFunctionAssertions/TargetFunc", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "InvokeFunctionAssertions/TargetFunc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "exports.handler = async (event, context) => { return { foo: \"bar\" }; };" + }, + "handler": "index.handler", + "role": { + "Fn::GetAtt": [ + "TargetFuncServiceRoleD60C6577", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "InvokeFunctionAssertions/Exports", + "children": { + "Output{\"Ref\":\"TargetFunc08E2AFD9\"}": { + "id": "Output{\"Ref\":\"TargetFunc08E2AFD9\"}", + "path": "InvokeFunctionAssertions/Exports/Output{\"Ref\":\"TargetFunc08E2AFD9\"}", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "InvokeFunctionAssertions/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "InvokeFunctionAssertions/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "AssertionsTest": { + "id": "AssertionsTest", + "path": "AssertionsTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "AssertionsTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "AssertionsTest/DefaultTest/DeployAssert", + "children": { + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "id": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "children": { + "SdkProvider": { + "id": "SdkProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/SdkProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/SdkProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default", + "children": { + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default/Default", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResource", + "version": "0.0.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "WaitFor": { + "id": "WaitFor", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor", + "children": { + "IsCompleteProvider": { + "id": "IsCompleteProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "TimeoutProvider": { + "id": "TimeoutProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Resource", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.WaiterStateMachine", + "version": "0.0.0" + } + }, + "AssertionResults": { + "id": "AssertionResults", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/AssertionResults", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.LambdaInvokeFunction", + "version": "0.0.0" + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81": { + "id": "SingletonFunction1488541a7b23466481b69b4408076b81", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925": { + "id": "SingletonFunction76b3e830a873425f8453eddd85c86925", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a": { + "id": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "AssertionsTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "AssertionsTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts new file mode 100644 index 0000000000000..0be06a68d2b26 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts @@ -0,0 +1,31 @@ +import { App, Stack, Duration } from 'aws-cdk-lib'; +import * as lambda from 'aws-cdk-lib/aws-lambda'; +import { ExpectedResult, IntegTest, InvocationType } from '../../../lib'; + +const app = new App(); +const stack = new Stack(app, 'InvokeFunctionAssertions'); + +const targetFunc = new lambda.Function(stack, 'TargetFunc', { + code: lambda.Code.fromInline('exports.handler = async (event, context) => { return { foo: "bar" }; };'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_LATEST, +}); + +const integ = new IntegTest(app, 'AssertionsTest', { + testCases: [stack], +}); + +// In this test, we are verifying that when 'invokeFunction' is used in conjunction with 'waitForAssertions', +// the invocation of the Lambda function is handled by the 'waiterProvider'. +// We are specifically checking that the correct IAM policy is set for the 'waiterProvider' and, +// that the Lambda function can be invoked correctly. +integ.assertions.invokeFunction({ + functionName: targetFunc.functionName, + invocationType: InvocationType.EVENT, + payload: JSON.stringify({ days: 1 }), +}).expect( + ExpectedResult.objectLike({ StatusCode: 202 }), +).waitForAssertions({ + interval: Duration.seconds(30), + totalTimeout: Duration.minutes(90), +}); diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts index 1e97fc3fabf35..2662606178621 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts @@ -479,5 +479,88 @@ describe('AwsApiCall', () => { ], }); }); + + test('invokeFunction with waitForAssertions applies correct IAM policy to waiterProvider', () => { + // GIVEN + const app = new App(); + const deployAssert = new DeployAssert(app); + + // WHEN + deployAssert.invokeFunction({ + functionName: 'my-func', + invocationType: InvocationType.EVENT, + payload: JSON.stringify({ days: 1 }), + }).expect( + ExpectedResult.objectLike({ Key: 'Value' }), + ).waitForAssertions({ + interval: Duration.seconds(30), + totalTimeout: Duration.minutes(90), + }); + + // THEN + const waiterProviderRole = Template.fromStack( + deployAssert.scope, + ).findResources( + 'AWS::IAM::Role', + ).SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB; + expect(waiterProviderRole).toEqual({ + Type: 'AWS::IAM::Role', + Properties: { + AssumeRolePolicyDocument: { + Version: '2012-10-17', + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'lambda.amazonaws.com', + }, + }, + ], + }, + ManagedPolicyArns: [ + { + 'Fn::Sub': 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole', + }, + ], + Policies: expect.arrayContaining([ + { + PolicyName: 'Inline', + PolicyDocument: { + Version: '2012-10-17', + Statement: expect.arrayContaining([ + { + Action: ['lambda:InvokeFunction'], + Effect: 'Allow', + Resource: [ + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':lambda:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':function:my-func', + ], + ], + }, + ], + }, + ]), + }, + }, + ]), + }, + }); + }); }); });