From a4295435e1cfd3ab58ccf662079ea86234e37905 Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Mon, 18 Dec 2023 11:45:04 +0900 Subject: [PATCH 1/6] tmp --- .../integ-tests-alpha/lib/assertions/sdk.ts | 16 ++++- .../test/assertions/sdk.test.ts | 69 +++++++++++++++++++ 2 files changed, 84 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts index 931a91a6f1347..cf2f19bb71b51 100644 --- a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts +++ b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts @@ -250,6 +250,20 @@ export class LambdaInvokeFunction extends AwsApiCall { arnFormat: ArnFormat.COLON_RESOURCE_NAME, resourceName: props.functionName, })]); + + Aspects.of(this).add({ + visit(node: IConstruct) { + if (node instanceof AwsApiCall) { + if (node.waiterProvider) { + node.waiterProvider.addPolicyStatementFromSdkCall('Lambda', 'invokeFunction', [stack.formatArn({ + service: 'lambda', + resource: 'function', + arnFormat: ArnFormat.COLON_RESOURCE_NAME, + resourceName: props.functionName, + })]); + } + } + }, + }); } } - diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts index 1e97fc3fabf35..534bd8b5072d7 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts @@ -266,6 +266,75 @@ describe('AwsApiCall', () => { }); }); + test('waitFor with invokeFunction', () => { + // GIVEN + const app = new App(); + const deplossert = new DeployAssert(app); + + // WHEN + deplossert.invokeFunction({ + functionName: 'my-func', + invocationType: InvocationType.EVENT, + payload: JSON.stringify({ days: 1 }), + }).expect( + ExpectedResult.objectLike({ Key: 'Value' }), + ).waitForAssertions({ + interval: Duration.seconds(30), + totalTimeout: Duration.minutes(90), + }); + + // THEN + const lambdaRole = Template.fromStack( + deplossert.scope, + ).findResources( + 'AWS::IAM::Role', + ).SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB; + expect(lambdaRole).toEqual({ + Type: 'AWS::IAM::Role', + Properties: { + AssumeRolePolicyDocument: expect.any(Object), + ManagedPolicyArns: expect.any(Array), + Policies: expect.arrayContaining([ + { + PolicyName: 'Inline', + PolicyDocument: { + Version: '2012-10-17', + Statement: expect.arrayContaining([ + { + Action: ['lambda:InvokeFunction'], + Effect: 'Allow', + Resource: [ + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':lambda:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':function:my-func', + ], + ], + }, + ], + }, + ]), + }, + }, + ]), + }, + }); + //TODO: check lambda invoke permission + }); + describe('get attribute', () => { test('getAttString', () => { // GIVEN From deaa5e195684d016b9b56abafc47cb33cba08c85 Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Mon, 18 Dec 2023 13:25:13 +0900 Subject: [PATCH 2/6] fix: add test --- .../integ-tests-alpha/lib/assertions/sdk.ts | 3 +- ...efaultTestDeployAssertDC0672BB.assets.json | 32 ++ ...aultTestDeployAssertDC0672BB.template.json | 452 ++++++++++++++++++ .../InvokeFunctionAssertions.assets.json | 19 + .../InvokeFunctionAssertions.template.json | 98 ++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 204 ++++++++ .../tree.json | 452 ++++++++++++++++++ .../integ.invoke-function-assertions.ts | 27 ++ .../test/assertions/sdk.test.ts | 19 +- 11 files changed, 1316 insertions(+), 3 deletions(-) create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts diff --git a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts index cf2f19bb71b51..af56b3180b2f8 100644 --- a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts +++ b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts @@ -214,7 +214,7 @@ export interface LambdaInvokeFunctionProps { /** * An AWS Lambda Invoke function API call. - * Use this istead of the generic AwsApiCall in order to + * Use this instead of the generic AwsApiCall in order to * invoke a lambda function. This will automatically create * the correct permissions to invoke the function */ @@ -251,6 +251,7 @@ export class LambdaInvokeFunction extends AwsApiCall { resourceName: props.functionName, })]); + // If using 'waitForAssertions', it is necessary to add permissions on the waiterProvider side. Aspects.of(this).add({ visit(node: IConstruct) { if (node instanceof AwsApiCall) { diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json new file mode 100644 index 0000000000000..bedb98972d430 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json @@ -0,0 +1,32 @@ +{ + "version": "35.0.0", + "files": { + "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9": { + "source": { + "path": "asset.df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.bundle", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85": { + "source": { + "path": "AssertionsTestDefaultTestDeployAssertDC0672BB.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json new file mode 100644 index 0000000000000..0a5f82cf30fa1 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json @@ -0,0 +1,452 @@ +{ + "Resources": { + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "Type": "Custom::DeployAssert@SdkCallLambdainvoke", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "service": "Lambda", + "api": "invoke", + "expected": "{\"$ObjectLike\":{\"StatusCode\":202}}", + "stateMachineArn": { + "Ref": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5" + }, + "parameters": { + "FunctionName": { + "Fn::Join": [ + "", + [ + "\"", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + }, + "\"" + ] + ] + }, + "InvocationType": "\"Event\"", + "Payload": "\"{\\\"days\\\":1}\"" + }, + "flattenResponse": "false", + "salt": "1702872981556" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2InvokeB9825AB9": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + }, + "Principal": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForIsCompleteProviderInvoke77DE6350": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + "Principal": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForTimeoutProviderInvoke0EAE6FD8": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + }, + "Principal": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ] + }, + "Policies": [ + { + "PolicyName": "InlineInvokeFunctions", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + } + ] + } + ] + } + } + ] + } + }, + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":30,\"MaxAttempts\":180,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE", + "Arn" + ] + }, + "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA", + "Arn" + ] + }, + "\"}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7", + "Arn" + ] + } + }, + "DependsOn": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7" + ] + }, + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "lambda:Invoke" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + }, + { + "Action": [ + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":lambda:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":function:", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ] + ] + } + ] + }, + { + "Action": [ + "states:StartExecution" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + } + ] + } + } + ] + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "lambda:Invoke" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + }, + { + "Action": [ + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":lambda:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":function:", + { + "Fn::ImportValue": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ] + ] + } + ] + } + ] + } + } + ] + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.isComplete", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB", + "Arn" + ] + } + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ] + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs18.x", + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df6156f884f46480078633afbd0b768581022c5e444c5f72752980280ae15bd9.zip" + }, + "Timeout": 120, + "Handler": "index.onTimeout", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE", + "Arn" + ] + } + } + } + }, + "Outputs": { + "AssertionResultsLambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "Value": { + "Fn::GetAtt": [ + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "assertion" + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json new file mode 100644 index 0000000000000..777688fdcdda6 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926": { + "source": { + "path": "InvokeFunctionAssertions.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json new file mode 100644 index 0000000000000..9321a6d5fa7c3 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/InvokeFunctionAssertions.template.json @@ -0,0 +1,98 @@ +{ + "Resources": { + "TargetFuncServiceRoleD60C6577": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "TargetFunc08E2AFD9": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "exports.handler = async (event, context) => { return { foo: \"bar\" }; };" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "TargetFuncServiceRoleD60C6577", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "TargetFuncServiceRoleD60C6577" + ] + } + }, + "Outputs": { + "ExportsOutputRefTargetFunc08E2AFD9BD39CDAE": { + "Value": { + "Ref": "TargetFunc08E2AFD9" + }, + "Export": { + "Name": "InvokeFunctionAssertions:ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c5cb2e5de6344 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json new file mode 100644 index 0000000000000..a9ddde45181d9 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "35.0.0", + "testCases": { + "AssertionsTest/DefaultTest": { + "stacks": [ + "InvokeFunctionAssertions" + ], + "assertionStack": "AssertionsTest/DefaultTest/DeployAssert", + "assertionStackName": "AssertionsTestDefaultTestDeployAssertDC0672BB" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json new file mode 100644 index 0000000000000..6388166035a05 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json @@ -0,0 +1,204 @@ +{ + "version": "35.0.0", + "artifacts": { + "InvokeFunctionAssertions.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "InvokeFunctionAssertions.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "InvokeFunctionAssertions": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "InvokeFunctionAssertions.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3e6d70d727e44d2bb1b20be7a2b63f22fb5227e41d64b54a1b02ed62d00e7926.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "InvokeFunctionAssertions.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InvokeFunctionAssertions.assets" + ], + "metadata": { + "/InvokeFunctionAssertions/TargetFunc/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TargetFuncServiceRoleD60C6577" + } + ], + "/InvokeFunctionAssertions/TargetFunc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TargetFunc08E2AFD9" + } + ], + "/InvokeFunctionAssertions/Exports/Output{\"Ref\":\"TargetFunc08E2AFD9\"}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputRefTargetFunc08E2AFD9BD39CDAE" + } + ], + "/InvokeFunctionAssertions/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/InvokeFunctionAssertions/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "InvokeFunctionAssertions" + }, + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "AssertionsTestDefaultTestDeployAssertDC0672BB": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AssertionsTestDefaultTestDeployAssertDC0672BB.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InvokeFunctionAssertions", + "AssertionsTestDefaultTestDeployAssertDC0672BB.assets" + ], + "metadata": { + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2InvokeB9825AB9" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForIsCompleteProviderInvoke77DE6350" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForTimeoutProviderInvoke0EAE6FD8" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitForRoleD163D5A7" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2WaitFor14F593B5" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/AssertionResults": [ + { + "type": "aws:cdk:logicalId", + "data": "AssertionResultsLambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction76b3e830a873425f8453eddd85c86925Handler81461ECE" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aRoleB84BD8CE" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41aHandlerADF3E6EA" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/AssertionsTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "AssertionsTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json new file mode 100644 index 0000000000000..2fa4e941f1772 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/tree.json @@ -0,0 +1,452 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "InvokeFunctionAssertions": { + "id": "InvokeFunctionAssertions", + "path": "InvokeFunctionAssertions", + "children": { + "TargetFunc": { + "id": "TargetFunc", + "path": "InvokeFunctionAssertions/TargetFunc", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "InvokeFunctionAssertions/TargetFunc/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "InvokeFunctionAssertions/TargetFunc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "exports.handler = async (event, context) => { return { foo: \"bar\" }; };" + }, + "handler": "index.handler", + "role": { + "Fn::GetAtt": [ + "TargetFuncServiceRoleD60C6577", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "InvokeFunctionAssertions/Exports", + "children": { + "Output{\"Ref\":\"TargetFunc08E2AFD9\"}": { + "id": "Output{\"Ref\":\"TargetFunc08E2AFD9\"}", + "path": "InvokeFunctionAssertions/Exports/Output{\"Ref\":\"TargetFunc08E2AFD9\"}", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "InvokeFunctionAssertions/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "InvokeFunctionAssertions/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "AssertionsTest": { + "id": "AssertionsTest", + "path": "AssertionsTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "AssertionsTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "AssertionsTest/DefaultTest/DeployAssert", + "children": { + "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2": { + "id": "LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2", + "children": { + "SdkProvider": { + "id": "SdkProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/SdkProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/SdkProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default", + "children": { + "Default": { + "id": "Default", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Default/Default", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.CustomResource", + "version": "0.0.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "WaitFor": { + "id": "WaitFor", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor", + "children": { + "IsCompleteProvider": { + "id": "IsCompleteProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/IsCompleteProvider/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "TimeoutProvider": { + "id": "TimeoutProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/TimeoutProvider/Invoke", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.AssertionsProvider", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/WaitFor/Resource", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.WaiterStateMachine", + "version": "0.0.0" + } + }, + "AssertionResults": { + "id": "AssertionResults", + "path": "AssertionsTest/DefaultTest/DeployAssert/LambdaInvokeb3f9bfb591e0fc999c1bceaa910c7ca2/AssertionResults", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.LambdaInvokeFunction", + "version": "0.0.0" + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81": { + "id": "SingletonFunction1488541a7b23466481b69b4408076b81", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "SingletonFunction76b3e830a873425f8453eddd85c86925": { + "id": "SingletonFunction76b3e830a873425f8453eddd85c86925", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction76b3e830a873425f8453eddd85c86925/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a": { + "id": "SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a", + "children": { + "Staging": { + "id": "Staging", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Staging", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Role", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "AssertionsTest/DefaultTest/DeployAssert/SingletonFunction5c1898e096fb4e3e95d5f6c67f3ce41a/Handler", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "AssertionsTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "AssertionsTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts new file mode 100644 index 0000000000000..446abe9180161 --- /dev/null +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts @@ -0,0 +1,27 @@ +import { App, Stack, Duration } from 'aws-cdk-lib'; +import * as lambda from 'aws-cdk-lib/aws-lambda'; +import { ExpectedResult, IntegTest, InvocationType } from '../../../lib'; + +const app = new App(); +const stack = new Stack(app, 'InvokeFunctionAssertions'); + +const targetFunc = new lambda.Function(stack, 'TargetFunc', { + code: lambda.Code.fromInline('exports.handler = async (event, context) => { return { foo: "bar" }; };'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_LATEST, +}); + +const integ = new IntegTest(app, 'AssertionsTest', { + testCases: [stack], +}); + +integ.assertions.invokeFunction({ + functionName: targetFunc.functionName, + invocationType: InvocationType.EVENT, + payload: JSON.stringify({ days: 1 }), +}).expect( + ExpectedResult.objectLike({ StatusCode: 202 }), +).waitForAssertions({ + interval: Duration.seconds(30), + totalTimeout: Duration.minutes(90), +}); diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts index 534bd8b5072d7..3631cc3525e9c 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts @@ -292,8 +292,23 @@ describe('AwsApiCall', () => { expect(lambdaRole).toEqual({ Type: 'AWS::IAM::Role', Properties: { - AssumeRolePolicyDocument: expect.any(Object), - ManagedPolicyArns: expect.any(Array), + AssumeRolePolicyDocument: { + Version: '2012-10-17', + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'lambda.amazonaws.com', + }, + }, + ], + }, + ManagedPolicyArns: [ + { + 'Fn::Sub': 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole', + }, + ], Policies: expect.arrayContaining([ { PolicyName: 'Inline', From e7393a4d9e52d3be1c911bf72751ccdf6575c616 Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Tue, 19 Dec 2023 14:37:15 +0900 Subject: [PATCH 3/6] chore: update snapshot --- .../AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json | 4 ++-- ...ssertionsTestDefaultTestDeployAssertDC0672BB.template.json | 2 +- .../manifest.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json index bedb98972d430..e0e0cca8c4e74 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.assets.json @@ -14,7 +14,7 @@ } } }, - "ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85": { + "83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79": { "source": { "path": "AssertionsTestDefaultTestDeployAssertDC0672BB.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85.json", + "objectKey": "83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json index 0a5f82cf30fa1..73745330c312d 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/AssertionsTestDefaultTestDeployAssertDC0672BB.template.json @@ -32,7 +32,7 @@ "Payload": "\"{\\\"days\\\":1}\"" }, "flattenResponse": "false", - "salt": "1702872981556" + "salt": "1702960389230" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json index 6388166035a05..691477c0def67 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.js.snapshot/manifest.json @@ -84,7 +84,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ee914f11d40d227c07d6a9821ff1fe1394e39a9cac0dfe694288af4a76e55c85.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/83be8bf848814226b887baa05c0b9a6da10e068890f74859654bb30637464d79.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ From a14033bc372ef4ad08e3c1c989c8d0fdfedf123b Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Tue, 19 Dec 2023 14:37:27 +0900 Subject: [PATCH 4/6] refactor: method, tests --- .../integ-tests-alpha/lib/assertions/sdk.ts | 18 +- .../test/assertions/sdk.test.ts | 167 +++++++++--------- 2 files changed, 91 insertions(+), 94 deletions(-) diff --git a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts index af56b3180b2f8..4749e6c8d4bec 100644 --- a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts +++ b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts @@ -251,18 +251,16 @@ export class LambdaInvokeFunction extends AwsApiCall { resourceName: props.functionName, })]); - // If using 'waitForAssertions', it is necessary to add permissions on the waiterProvider side. + // If using `waitForAssertions`, do the same for `waiterProvider` as above. Aspects.of(this).add({ visit(node: IConstruct) { - if (node instanceof AwsApiCall) { - if (node.waiterProvider) { - node.waiterProvider.addPolicyStatementFromSdkCall('Lambda', 'invokeFunction', [stack.formatArn({ - service: 'lambda', - resource: 'function', - arnFormat: ArnFormat.COLON_RESOURCE_NAME, - resourceName: props.functionName, - })]); - } + if (node instanceof AwsApiCall && node.waiterProvider) { + node.waiterProvider.addPolicyStatementFromSdkCall('Lambda', 'invokeFunction', [stack.formatArn({ + service: 'lambda', + resource: 'function', + arnFormat: ArnFormat.COLON_RESOURCE_NAME, + resourceName: props.functionName, + })]); } }, }); diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts index 3631cc3525e9c..2c0a745109762 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts @@ -266,90 +266,6 @@ describe('AwsApiCall', () => { }); }); - test('waitFor with invokeFunction', () => { - // GIVEN - const app = new App(); - const deplossert = new DeployAssert(app); - - // WHEN - deplossert.invokeFunction({ - functionName: 'my-func', - invocationType: InvocationType.EVENT, - payload: JSON.stringify({ days: 1 }), - }).expect( - ExpectedResult.objectLike({ Key: 'Value' }), - ).waitForAssertions({ - interval: Duration.seconds(30), - totalTimeout: Duration.minutes(90), - }); - - // THEN - const lambdaRole = Template.fromStack( - deplossert.scope, - ).findResources( - 'AWS::IAM::Role', - ).SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB; - expect(lambdaRole).toEqual({ - Type: 'AWS::IAM::Role', - Properties: { - AssumeRolePolicyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'sts:AssumeRole', - Effect: 'Allow', - Principal: { - Service: 'lambda.amazonaws.com', - }, - }, - ], - }, - ManagedPolicyArns: [ - { - 'Fn::Sub': 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole', - }, - ], - Policies: expect.arrayContaining([ - { - PolicyName: 'Inline', - PolicyDocument: { - Version: '2012-10-17', - Statement: expect.arrayContaining([ - { - Action: ['lambda:InvokeFunction'], - Effect: 'Allow', - Resource: [ - { - 'Fn::Join': [ - '', - [ - 'arn:', - { - Ref: 'AWS::Partition', - }, - ':lambda:', - { - Ref: 'AWS::Region', - }, - ':', - { - Ref: 'AWS::AccountId', - }, - ':function:my-func', - ], - ], - }, - ], - }, - ]), - }, - }, - ]), - }, - }); - //TODO: check lambda invoke permission - }); - describe('get attribute', () => { test('getAttString', () => { // GIVEN @@ -563,5 +479,88 @@ describe('AwsApiCall', () => { ], }); }); + + test('invokeFunction with waitForAssertions applies correct IAM policy to waiterProvider', () => { + // GIVEN + const app = new App(); + const deplossert = new DeployAssert(app); + + // WHEN + deplossert.invokeFunction({ + functionName: 'my-func', + invocationType: InvocationType.EVENT, + payload: JSON.stringify({ days: 1 }), + }).expect( + ExpectedResult.objectLike({ Key: 'Value' }), + ).waitForAssertions({ + interval: Duration.seconds(30), + totalTimeout: Duration.minutes(90), + }); + + // THEN + const waiterProviderRole = Template.fromStack( + deplossert.scope, + ).findResources( + 'AWS::IAM::Role', + ).SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB; + expect(waiterProviderRole).toEqual({ + Type: 'AWS::IAM::Role', + Properties: { + AssumeRolePolicyDocument: { + Version: '2012-10-17', + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'lambda.amazonaws.com', + }, + }, + ], + }, + ManagedPolicyArns: [ + { + 'Fn::Sub': 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole', + }, + ], + Policies: expect.arrayContaining([ + { + PolicyName: 'Inline', + PolicyDocument: { + Version: '2012-10-17', + Statement: expect.arrayContaining([ + { + Action: ['lambda:InvokeFunction'], + Effect: 'Allow', + Resource: [ + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':lambda:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':function:my-func', + ], + ], + }, + ], + }, + ]), + }, + }, + ]), + }, + }); + }); }); }); From df2b39287d1e579c3aab6207f631ba3b9c229ff5 Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Tue, 19 Dec 2023 22:10:12 +0900 Subject: [PATCH 5/6] fix: typo --- .../@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts index 2c0a745109762..2662606178621 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/sdk.test.ts @@ -483,10 +483,10 @@ describe('AwsApiCall', () => { test('invokeFunction with waitForAssertions applies correct IAM policy to waiterProvider', () => { // GIVEN const app = new App(); - const deplossert = new DeployAssert(app); + const deployAssert = new DeployAssert(app); // WHEN - deplossert.invokeFunction({ + deployAssert.invokeFunction({ functionName: 'my-func', invocationType: InvocationType.EVENT, payload: JSON.stringify({ days: 1 }), @@ -499,7 +499,7 @@ describe('AwsApiCall', () => { // THEN const waiterProviderRole = Template.fromStack( - deplossert.scope, + deployAssert.scope, ).findResources( 'AWS::IAM::Role', ).SingletonFunction76b3e830a873425f8453eddd85c86925Role918961BB; From ddcdeabbdc580341ad19da62ae0e9c2e68702c30 Mon Sep 17 00:00:00 2001 From: sakurai-ryo Date: Wed, 20 Dec 2023 20:14:54 +0900 Subject: [PATCH 6/6] chore: add docs --- packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts | 1 + .../assertions/providers/integ.invoke-function-assertions.ts | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts index 4749e6c8d4bec..fff9f88cc8f0e 100644 --- a/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts +++ b/packages/@aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts @@ -252,6 +252,7 @@ export class LambdaInvokeFunction extends AwsApiCall { })]); // If using `waitForAssertions`, do the same for `waiterProvider` as above. + // Aspects are used here because we do not know if the user is using `waitForAssertions` at this point. Aspects.of(this).add({ visit(node: IConstruct) { if (node instanceof AwsApiCall && node.waiterProvider) { diff --git a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts index 446abe9180161..0be06a68d2b26 100644 --- a/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts +++ b/packages/@aws-cdk/integ-tests-alpha/test/assertions/providers/integ.invoke-function-assertions.ts @@ -15,6 +15,10 @@ const integ = new IntegTest(app, 'AssertionsTest', { testCases: [stack], }); +// In this test, we are verifying that when 'invokeFunction' is used in conjunction with 'waitForAssertions', +// the invocation of the Lambda function is handled by the 'waiterProvider'. +// We are specifically checking that the correct IAM policy is set for the 'waiterProvider' and, +// that the Lambda function can be invoked correctly. integ.assertions.invokeFunction({ functionName: targetFunc.functionName, invocationType: InvocationType.EVENT,