Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(release): 2.26.0 #20525

Merged
merged 38 commits into from
May 27, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
ca71f98
chore(release): 1.157.0
May 20, 2022
ea69ad2
chore(release): 1.157.0 (#20442)
mergify[bot] May 20, 2022
6131079
chore(merge-back): 2.25.0 (#20446)
mergify[bot] May 21, 2022
87dd2a6
chore(merge-back): 1.157.0 (#20447)
mergify[bot] May 21, 2022
0389627
chore(rds): clarify JSDoc of `fromGeneratedPassword()` (#20448)
jogold May 21, 2022
ebeaa71
docs(cfnspec): update CloudFormation documentation (#20459)
aws-cdk-automation May 23, 2022
425f519
chore(deps): Bump awscli from 1.24.0 to 1.24.5 in /packages/@aws-cdk/…
dependabot[bot] May 23, 2022
9b592a4
docs(pipelines): explain how to retain symlinks (#20413)
rix0rrr May 23, 2022
e9cbda3
chore(s3): fix indent in sample code (#20457)
mayforblue May 23, 2022
0f52813
fix(integ-tests): DeployAssert should be private (#20466)
corymhall May 23, 2022
dd4c2b5
chore: fix command to run integ tests (#20414)
rix0rrr May 23, 2022
1037b8c
feat(servicecatalog): ProductStackHistory can retain old ProductStack…
wanjacki May 24, 2022
0a49927
fix(core): NestedStack defaultChild is undefined (#20450)
Jacco May 24, 2022
85f4e29
fix(lambda): Fix typo in public subnet warning (#20470)
snkashis May 24, 2022
de027e2
feat(lambda): validate function description length (#20476)
Gtofig May 24, 2022
f334060
fix(pipelines): too many CodeBuild steps inflate policy size (#20396)
rix0rrr May 24, 2022
23690e4
feat(s3): adds objectSizeGreaterThan property for s3 lifecycle rule (…
daschaa May 25, 2022
5d2501b
docs(cfnspec): update CloudFormation documentation (#20488)
aws-cdk-automation May 25, 2022
75bfce7
fix(iam): Role policies cannot grow beyond 10k (#20400)
rix0rrr May 25, 2022
3e6ec5c
fix(s3-deployment): default role does not get `PutAcl` permissions on…
fouxarn May 25, 2022
5052191
feat(apprunner): VpcConnector construct (#20471)
DDynamic May 25, 2022
4b837df
docs(cfnspec): update CloudFormation documentation (#20500)
aws-cdk-automation May 26, 2022
adc0368
feat(aws-ecr-assets): support the --platform option when building doc…
joeflateau May 26, 2022
7f237a2
chore: remove callout that go is in dev preview (#20507)
MrArnoldPalmer May 26, 2022
7138057
fix(integ-runner): always resynth on deploy (#20508)
corymhall May 26, 2022
cdd41c6
Merge branch 'v2-main' into v2/forward-merge-20220526
madeline-k May 26, 2022
257ecc1
use constructs.Construct
madeline-k May 26, 2022
bff9b4c
iam: use constructs.IConstruct
madeline-k May 26, 2022
294d24a
iam: use constructs.IConstruct
madeline-k May 26, 2022
ca8d091
ecr-assets: fix imports
madeline-k May 26, 2022
a5f0b2f
ecr-assets: fix unit tests
madeline-k May 26, 2022
467bbca
service-catalog: fix Construct import
madeline-k May 26, 2022
f783af0
servicecatalog: fix unit tests - in v2, Names.uniqueId(this) produces…
madeline-k May 27, 2022
9f689f9
chore: forward merge 'master' into 'v2-main' (#20509)
mergify[bot] May 27, 2022
3e6338e
Merge branch 'v2-main' into v2/forward-merge-20220527
madeline-k May 27, 2022
d44a879
chore: commit to trigger pr build again
madeline-k May 27, 2022
670b37e
chore: forward merge 'master' into 'v2-main' (#20516)
mergify[bot] May 27, 2022
d86a4e4
chore(release): 2.26.0
May 27, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,39 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [1.157.0](https://github.com/aws/aws-cdk/compare/v1.156.1...v1.157.0) (2022-05-20)


### Features

* **cfnspec:** cloudformation spec v69.0.0 ([#20240](https://github.com/aws/aws-cdk/issues/20240)) ([e82b63f](https://github.com/aws/aws-cdk/commit/e82b63fc8880ecbd5e29d02e3e623cda3bbce1d6)) and ([#20331](https://github.com/aws/aws-cdk/issues/20331)) ([e9de4e9](https://github.com/aws/aws-cdk/commit/e9de4e9ab6bc44ff691238d91a8945c880a4d97c))
* **cfnspec:** cloudformation spec v72.0.0 ([#20357](https://github.com/aws/aws-cdk/issues/20357)) ([c8fd84c](https://github.com/aws/aws-cdk/commit/c8fd84c12c726e216c10380f9fe7e5d55a892cdf))
* **cli:** make ecr images immutable when created from cdk bootstrap ([#19937](https://github.com/aws/aws-cdk/issues/19937)) ([0ef4bb4](https://github.com/aws/aws-cdk/commit/0ef4bb4bf493a7e3b72b518841f676e91d014ba9)), closes [#18376](https://github.com/aws/aws-cdk/issues/18376)
* **cloud9:** configure Connection Type of Ec2Environment ([#20250](https://github.com/aws/aws-cdk/issues/20250)) ([01708bc](https://github.com/aws/aws-cdk/commit/01708bc7cf842eab7e1d1fc58bf42e4724624c0a)), closes [#17027](https://github.com/aws/aws-cdk/issues/17027)
* **cloudfront:** REST API origin ([#20335](https://github.com/aws/aws-cdk/issues/20335)) ([f7693e3](https://github.com/aws/aws-cdk/commit/f7693e3f981f60886c94fb61876a1e5e0f2c1a02))
* **cognito:** `grant()` for user pool ([#20285](https://github.com/aws/aws-cdk/issues/20285)) ([10d13e4](https://github.com/aws/aws-cdk/commit/10d13e4bc1841721650f9ca9b6b16e18c219ea21))
* **core:** allow disabling of LogicalID Metadata in case of large manifest ([#20433](https://github.com/aws/aws-cdk/pull/20433)) ([88ea829](https://github.com/aws/aws-cdk/commit/88ea829b5d0a64f51848474b6b9f006d1f729fb4)), closes [#20211](https://github.com/aws/aws-cdk/issues/20211)
* **ec2:** more router types ([#20151](https://github.com/aws/aws-cdk/issues/20151)) ([33b983c](https://github.com/aws/aws-cdk/commit/33b983ca76c91f182e60dcab8c6ead6be4d4712d)), closes [#19057](https://github.com/aws/aws-cdk/issues/19057) [/docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html#aws-resource-ec2](https://github.com/aws//docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html/issues/aws-resource-ec2)
* **iam:** validate role path at build time ([#16165](https://github.com/aws/aws-cdk/issues/16165)) ([65a5a46](https://github.com/aws/aws-cdk/commit/65a5a46837c42b2538837a699267ec9cc46ddc51)), closes [#13747](https://github.com/aws/aws-cdk/issues/13747)
* **integ-tests:** enhancements to integ-tests ([#20180](https://github.com/aws/aws-cdk/issues/20180)) ([3ff3fb7](https://github.com/aws/aws-cdk/commit/3ff3fb7c5ec9636022b3046036376c09a3166fb0))
* **logs:** additional log retention periods ([#20347](https://github.com/aws/aws-cdk/issues/20347)) ([734faa5](https://github.com/aws/aws-cdk/commit/734faa5ae7489a511d5a00f255d7afd408db880c)), closes [#20346](https://github.com/aws/aws-cdk/issues/20346)
* **s3:** add `noncurrentVersionsToRetain` property to lifecycle rule ([#20348](https://github.com/aws/aws-cdk/issues/20348)) ([85604d9](https://github.com/aws/aws-cdk/commit/85604d929978aa1c645dba8959d682892278f862)), closes [#19784](https://github.com/aws/aws-cdk/issues/19784)


### Bug Fixes

* **amplify:** custom headers break with tokens ([#20395](https://github.com/aws/aws-cdk/issues/20395)) ([765f441](https://github.com/aws/aws-cdk/commit/765f44177298b645c88a29587b52619e91a8757c))
* **apigateway:** arnForExecuteApi fails on tokenized path ([#20323](https://github.com/aws/aws-cdk/issues/20323)) ([f7732a1](https://github.com/aws/aws-cdk/commit/f7732a1b06927d84e79ea1c9fb671ad184a9efea)), closes [#20252](https://github.com/aws/aws-cdk/issues/20252)
* **assets:** parallel docker image publishing fails on macOS ([#20117](https://github.com/aws/aws-cdk/issues/20117)) ([a58a803](https://github.com/aws/aws-cdk/commit/a58a8037b79636e9f973beff2483baecad73f15d)), closes [#20116](https://github.com/aws/aws-cdk/issues/20116)
* **cfn-include:** allow CFN Functions in Tags ([#19923](https://github.com/aws/aws-cdk/issues/19923)) ([4df9a4f](https://github.com/aws/aws-cdk/commit/4df9a4fa9ef24266b2bcde378ecc112c7dcaf8aa)), closes [#16889](https://github.com/aws/aws-cdk/issues/16889)
* **cli:** allow SSO profiles to be used as source profiles ([#20340](https://github.com/aws/aws-cdk/issues/20340)) ([a0b29e9](https://github.com/aws/aws-cdk/commit/a0b29e9f29775bfd94307a8975f5ba3a8faf05fa)), closes [#19897](https://github.com/aws/aws-cdk/issues/19897)
* **cloudwatch-actions:** stack partition is hardcoded 'aws' in action arn ([#20224](https://github.com/aws/aws-cdk/issues/20224)) ([0eb6c3b](https://github.com/aws/aws-cdk/commit/0eb6c3bb5853194f8727fc2cd3b1c9acb6eea20f)), closes [#19765](https://github.com/aws/aws-cdk/issues/19765)
* **eks:** Cluster.FromClusterAttributes ignores KubectlLambdaRole ([#20373](https://github.com/aws/aws-cdk/issues/20373)) ([7e824ab](https://github.com/aws/aws-cdk/commit/7e824ab40772dc888aec7986e343b12ec1032657)), closes [#20008](https://github.com/aws/aws-cdk/issues/20008)
* **iam:** AccountPrincipal accepts values which aren't account IDs ([#20292](https://github.com/aws/aws-cdk/issues/20292)) ([d0163f8](https://github.com/aws/aws-cdk/commit/d0163f8a3d14e38f67b381c569b5bd3af92c4f51)), closes [#20288](https://github.com/aws/aws-cdk/issues/20288)
* **pipelines:** specifying the Action Role for CodeBuild steps ([#18293](https://github.com/aws/aws-cdk/issues/18293)) ([719edfc](https://github.com/aws/aws-cdk/commit/719edfcb949828a423be2367b5c85b0e9a9c1c12)), closes [#18291](https://github.com/aws/aws-cdk/issues/18291) [#18291](https://github.com/aws/aws-cdk/issues/18291)
* **rds:** tokens should not be lowercased ([#20287](https://github.com/aws/aws-cdk/issues/20287)) ([5429e55](https://github.com/aws/aws-cdk/commit/5429e55126db7556dd2eb2d5e30a50976b5f6ee4)), closes [#18802](https://github.com/aws/aws-cdk/issues/18802)
* **secretsmanager:** automatic rotation cannot be disabled ([#18906](https://github.com/aws/aws-cdk/issues/18906)) ([c50d60c](https://github.com/aws/aws-cdk/commit/c50d60ca9417c771ca31cb330521e0e9f988e3fd)), closes [#18749](https://github.com/aws/aws-cdk/issues/18749)

## [1.156.1](https://github.com/aws/aws-cdk/compare/v1.156.0...v1.156.1) (2022-05-12)

## [1.156.0](https://github.com/aws/aws-cdk/compare/v1.155.0...v1.156.0) (2022-05-11)
Expand Down
13 changes: 13 additions & 0 deletions CHANGELOG.v2.alpha.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,19 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.26.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.25.0-alpha.0...v2.26.0-alpha.0) (2022-05-27)


### Features

* **apprunner:** VpcConnector construct ([#20471](https://github.com/aws/aws-cdk/issues/20471)) ([5052191](https://github.com/aws/aws-cdk/commit/50521911f22f433323d700db77530e883762138a))


### Bug Fixes

* **integ-runner:** always resynth on deploy ([#20508](https://github.com/aws/aws-cdk/issues/20508)) ([7138057](https://github.com/aws/aws-cdk/commit/71380571b878a50fe4b754c7dac78da075a98242))
* **integ-tests:** DeployAssert should be private ([#20466](https://github.com/aws/aws-cdk/issues/20466)) ([0f52813](https://github.com/aws/aws-cdk/commit/0f52813bcf6a48c352f697004a899461dd06935d))

## [2.25.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.24.1-alpha.0...v2.25.0-alpha.0) (2022-05-20)


Expand Down
19 changes: 19 additions & 0 deletions CHANGELOG.v2.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,25 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.26.0](https://github.com/aws/aws-cdk/compare/v2.25.0...v2.26.0) (2022-05-27)


### Features

* **aws-ecr-assets:** support the --platform option when building docker images ([#20439](https://github.com/aws/aws-cdk/issues/20439)) ([adc0368](https://github.com/aws/aws-cdk/commit/adc0368dc1f137aeaa4bd92de77028269e3a48f4)), closes [#12472](https://github.com/aws/aws-cdk/issues/12472) [#16770](https://github.com/aws/aws-cdk/issues/16770) [#16858](https://github.com/aws/aws-cdk/issues/16858)
* **lambda:** validate function description length ([#20476](https://github.com/aws/aws-cdk/issues/20476)) ([de027e2](https://github.com/aws/aws-cdk/commit/de027e28ce5c95e70fed8874e6531eabba24521c)), closes [#20475](https://github.com/aws/aws-cdk/issues/20475)
* **s3:** adds objectSizeGreaterThan property for s3 lifecycle rule ([#20425](https://github.com/aws/aws-cdk/issues/20425)) ([23690e4](https://github.com/aws/aws-cdk/commit/23690e40b1604839f99da8b8f96168dda8679c47)), closes [#20372](https://github.com/aws/aws-cdk/issues/20372)
* **servicecatalog:** ProductStackHistory can retain old ProductStack iterations ([#20244](https://github.com/aws/aws-cdk/issues/20244)) ([1037b8c](https://github.com/aws/aws-cdk/commit/1037b8c7f58ccd162491b49d75954c38d685d67f))


### Bug Fixes

* **core:** NestedStack defaultChild is undefined ([#20450](https://github.com/aws/aws-cdk/issues/20450)) ([0a49927](https://github.com/aws/aws-cdk/commit/0a49927e9e5bc250f339f664fa843fae2fab92ec)), closes [#11221](https://github.com/aws/aws-cdk/issues/11221)
* **iam:** Role policies cannot grow beyond 10k ([#20400](https://github.com/aws/aws-cdk/issues/20400)) ([75bfce7](https://github.com/aws/aws-cdk/commit/75bfce70dbc57fe688c96b3c5cbb67fc4e6fcc56)), closes [#19276](https://github.com/aws/aws-cdk/issues/19276) [#19939](https://github.com/aws/aws-cdk/issues/19939) [#19835](https://github.com/aws/aws-cdk/issues/19835)
* **lambda:** Fix typo in public subnet warning ([#20470](https://github.com/aws/aws-cdk/issues/20470)) ([85f4e29](https://github.com/aws/aws-cdk/commit/85f4e29e0551d71dd5f2f588584785cbc1ae7b72))
* **pipelines:** too many CodeBuild steps inflate policy size ([#20396](https://github.com/aws/aws-cdk/issues/20396)) ([f334060](https://github.com/aws/aws-cdk/commit/f334060fca02e928bc4f5fdcfd45244060731d78)), closes [#20189](https://github.com/aws/aws-cdk/issues/20189) [#19276](https://github.com/aws/aws-cdk/issues/19276) [#19939](https://github.com/aws/aws-cdk/issues/19939) [#19835](https://github.com/aws/aws-cdk/issues/19835)
* **s3-deployment:** default role does not get `PutAcl` permissions on… ([#20492](https://github.com/aws/aws-cdk/issues/20492)) ([3e6ec5c](https://github.com/aws/aws-cdk/commit/3e6ec5c48cff41cec2b32566990046fd704f4ec1))

## [2.25.0](https://github.com/aws/aws-cdk/compare/v2.24.1...v2.25.0) (2022-05-20)


Expand Down
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ The CDK is available in the following languages:
* Java ([Java ≥ 8](https://www.oracle.com/technetwork/java/javase/downloads/index.html) and [Maven ≥ 3.5.4](https://maven.apache.org/download.cgi))
* .NET ([.NET Core ≥ 3.1](https://dotnet.microsoft.com/download))
* Go ([Go ≥ 1.16.4](https://golang.org/))
- Go is currently in developer preview and is not recommended for production use.

\
Jump To:
Expand Down
26 changes: 26 additions & 0 deletions packages/@aws-cdk/aws-apprunner/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -134,3 +134,29 @@ ECR image repositories (but not for ECR Public repositories). If not defined, a
when required.

See [App Runner IAM Roles](https://docs.aws.amazon.com/apprunner/latest/dg/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more details.

## VPC Connector

To associate an App Runner service with a custom VPC, define `vpcConnector` for the service.

```ts
import * as ec2 from '@aws-cdk/aws-ec2';

const vpc = new ec2.Vpc(this, 'Vpc', {
cidr: '10.0.0.0/16',
});

const vpcConnector = new apprunner.VpcConnector(this, 'VpcConnector', {
vpc,
vpcSubnets: vpc.selectSubnets({ subnetType: ec2.SubnetType.PUBLIC }),
vpcConnectorName: 'MyVpcConnector',
});

new apprunner.Service(this, 'Service', {
source: apprunner.Source.fromEcrPublic({
imageConfiguration: { port: 8000 },
imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest',
}),
vpcConnector,
});
```
1 change: 1 addition & 0 deletions packages/@aws-cdk/aws-apprunner/lib/index.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
// AWS::AppRunner CloudFormation Resources:
export * from './apprunner.generated';
export * from './service';
export * from './vpc-connector';
14 changes: 14 additions & 0 deletions packages/@aws-cdk/aws-apprunner/lib/service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import * as iam from '@aws-cdk/aws-iam';
import * as cdk from '@aws-cdk/core';
import { Construct } from 'constructs';
import { CfnService } from './apprunner.generated';
import { IVpcConnector } from './vpc-connector';

/**
* The image repository types
Expand Down Expand Up @@ -524,6 +525,13 @@ export interface ServiceProps {
* @default - auto-generated if undefined.
*/
readonly serviceName?: string;

/**
* Settings for an App Runner VPC connector to associate with the service.
*
* @default - no VPC connector, uses the DEFAULT egress type instead
*/
readonly vpcConnector?: IVpcConnector;
}

/**
Expand Down Expand Up @@ -792,6 +800,12 @@ export class Service extends cdk.Resource {
imageRepository: source.imageRepository ? this.renderImageRepository() : undefined,
codeRepository: source.codeRepository ? this.renderCodeConfiguration() : undefined,
},
networkConfiguration: {
egressConfiguration: {
egressType: this.props.vpcConnector ? 'VPC' : 'DEFAULT',
vpcConnectorArn: this.props.vpcConnector?.vpcConnectorArn,
},
},
});

// grant required privileges for the role
Expand Down
154 changes: 154 additions & 0 deletions packages/@aws-cdk/aws-apprunner/lib/vpc-connector.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
import * as ec2 from '@aws-cdk/aws-ec2';
import { Connections } from '@aws-cdk/aws-ec2';
import * as cdk from '@aws-cdk/core';
import { Construct } from 'constructs';
import { CfnVpcConnector } from './apprunner.generated';

/**
* Properties of the AppRunner VPC Connector
*/
export interface VpcConnectorProps {
/**
* The VPC for the VPC Connector.
*/
readonly vpc: ec2.IVpc;

/**
* Where to place the VPC Connector within the VPC.
*
* @default - Private subnets.
*/
readonly vpcSubnets?: ec2.SubnetSelection;

/**
* A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets.
*
* @default - a new security group will be created in the specified VPC
*/
readonly securityGroups?: ec2.ISecurityGroup[];

/**
* The name for the VpcConnector.
*
* @default - a name generated by CloudFormation
*/
readonly vpcConnectorName?: string;
}

/**
* Attributes for the App Runner VPC Connector
*/
export interface VpcConnectorAttributes {
/**
* The name of the VPC connector.
*/
readonly vpcConnectorName: string;

/**
* The ARN of the VPC connector.
*/
readonly vpcConnectorArn: string;

/**
* The revision of the VPC connector.
*/
readonly vpcConnectorRevision: number;

/**
* The security groups associated with the VPC connector.
*/
readonly securityGroups: ec2.ISecurityGroup[];
}

/**
* Represents the App Runner VPC Connector.
*/
export interface IVpcConnector extends cdk.IResource, ec2.IConnectable {
/**
* The Name of the VPC connector.
* @attribute
*/
readonly vpcConnectorName: string;

/**
* The ARN of the VPC connector.
* @attribute
*/
readonly vpcConnectorArn: string;

/**
* The revision of the VPC connector.
* @attribute
*/
readonly vpcConnectorRevision: number;
}

/**
* The App Runner VPC Connector
*
* @resource AWS::AppRunner::VpcConnector
*/
export class VpcConnector extends cdk.Resource implements IVpcConnector {
/**
* Import from VPC connector attributes.
*/
public static fromVpcConnectorAttributes(scope: Construct, id: string, attrs: VpcConnectorAttributes): IVpcConnector {
const vpcConnectorArn = attrs.vpcConnectorArn;
const vpcConnectorName = attrs.vpcConnectorName;
const vpcConnectorRevision = attrs.vpcConnectorRevision;
const securityGroups = attrs.securityGroups;

class Import extends cdk.Resource {
public readonly vpcConnectorArn = vpcConnectorArn
public readonly vpcConnectorName = vpcConnectorName
public readonly vpcConnectorRevision = vpcConnectorRevision
public readonly connections = new Connections({ securityGroups });
}

return new Import(scope, id);
}

/**
* The ARN of the VPC connector.
* @attribute
*/
readonly vpcConnectorArn: string;

/**
* The revision of the VPC connector.
* @attribute
*/
readonly vpcConnectorRevision: number;

/**
* The name of the VPC connector.
* @attribute
*/
readonly vpcConnectorName: string;

/**
* Allows specifying security group connections for the VPC connector.
*/
public readonly connections: Connections

public constructor(scope: Construct, id: string, props: VpcConnectorProps) {
super(scope, id, {
physicalName: props.vpcConnectorName,
});

const securityGroups = props.securityGroups?.length ?
props.securityGroups
: [new ec2.SecurityGroup(this, 'SecurityGroup', { vpc: props.vpc })];

const resource = new CfnVpcConnector(this, 'Resource', {
subnets: props.vpc.selectSubnets(props.vpcSubnets).subnetIds,
securityGroups: cdk.Lazy.list({ produce: () => this.connections.securityGroups.map(sg => sg.securityGroupId) }),
vpcConnectorName: this.physicalName,
});

this.vpcConnectorArn = resource.attrVpcConnectorArn;
this.vpcConnectorRevision = resource.attrVpcConnectorRevision;
this.vpcConnectorName = resource.ref;
this.connections = new Connections({ securityGroups });
}
}
3 changes: 3 additions & 0 deletions packages/@aws-cdk/aws-apprunner/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@
},
"license": "Apache-2.0",
"devDependencies": {
"@aws-cdk/aws-ec2": "0.0.0",
"@aws-cdk/assertions": "0.0.0",
"@aws-cdk/cdk-build-tools": "0.0.0",
"@aws-cdk/integ-runner": "0.0.0",
Expand All @@ -91,13 +92,15 @@
"@types/jest": "^27.5.0"
},
"dependencies": {
"@aws-cdk/aws-ec2": "0.0.0",
"@aws-cdk/aws-ecr": "0.0.0",
"@aws-cdk/aws-ecr-assets": "0.0.0",
"@aws-cdk/aws-iam": "0.0.0",
"@aws-cdk/core": "0.0.0",
"constructs": "^10.0.0"
},
"peerDependencies": {
"@aws-cdk/aws-ec2": "0.0.0",
"@aws-cdk/aws-ecr": "0.0.0",
"@aws-cdk/aws-ecr-assets": "0.0.0",
"@aws-cdk/aws-iam": "0.0.0",
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
import * as ec2 from '@aws-cdk/aws-ec2';
import * as cdk from '@aws-cdk/core';
import { Service, Source, VpcConnector } from '../lib';


const app = new cdk.App();

const stack = new cdk.Stack(app, 'integ-apprunner');

// Scenario 6: Create the service from ECR public with a VPC Connector
const vpc = new ec2.Vpc(stack, 'Vpc', {
cidr: '10.0.0.0/16',
});

const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', { vpc });

const vpcConnector = new VpcConnector(stack, 'VpcConnector', {
vpc,
vpcSubnets: vpc.selectSubnets({ subnetType: ec2.SubnetType.PUBLIC }),
securityGroups: [securityGroup],
vpcConnectorName: 'MyVpcConnector',
});

const service6 = new Service(stack, 'Service6', {
source: Source.fromEcrPublic({
imageConfiguration: {
port: 8000,
},
imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest',
}),
vpcConnector,
});
new cdk.CfnOutput(stack, 'URL6', { value: `https://${service6.serviceUrl}` });

// Scenario 7: Create the service from ECR public and associate it with an existing VPC Connector

const service7 = new Service(stack, 'Service7', {
source: Source.fromEcrPublic({
imageConfiguration: {
port: 8000,
},
imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest',
}),
vpcConnector: VpcConnector.fromVpcConnectorAttributes(stack, 'ImportedVpcConnector', {
vpcConnectorArn: vpcConnector.vpcConnectorArn,
vpcConnectorName: vpcConnector.vpcConnectorName,
vpcConnectorRevision: vpcConnector.vpcConnectorRevision,
securityGroups: [securityGroup],
}),
});
new cdk.CfnOutput(stack, 'URL7', { value: `https://${service7.serviceUrl}` });
Loading