Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(core): environment-agnostic cloud assemblies #2922

Merged
merged 10 commits into from
Jun 19, 2019
Merged

feat(core): environment-agnostic cloud assemblies #2922

merged 10 commits into from
Jun 19, 2019

Commits on Jun 19, 2019

  1. feat(core): environment-agnostic cloud assemblies 

    Formalize the simple use case for synthesizing cloudformation templates that
are not pre-associated with a specific AWS account/region.

When a CDK stack is defined without an explicit `env` configuration, or if `env.account`
and/or `env.region` are set to `Aws.accountId`/`Aws.region`, the stack is said to be
"environment-agnostic". This means that when a template is synthesized, we will use
the CloudFormation intrinsics `AWS::AccountId` and `AWS::Region` instead of concrete
account/region.

The cloud assembly manifest for such stacks will indicate `aws://unknown-account/unknown-region`
to represent that this stack is environment-agnostic, and tooling should rely on external
configuration to determine the deployment environment.

Environment-agnostic stacks have limitations. For example, their resources cannot be referenced
across accounts or regions, and context providers such as SSM, AZs, VPC and Route53 lookup
cannot be used since they won't know which environment to query.

To faciliate the env-agnostic use case at the AWS Construct Library level,
this change removes any dependency on concrete environment specification. Namely:

- The AZ provider, which is now accessible through `stack.availabilityZones` will fall
  back to use `[ Fn::GetAZs[0], Fn::GetAZs[1] ]` in case the stack is env-agnostic. This is
  a safe fallback since all AWS regions have at least two AZs.
- The use of the SSM context provider by the EC2 and ECS libraries to retrieve AMIs was
  replaced by deploy-time resolution of SSM parameters, so no fallback is required.

See list of breaking API changes below.

Added a few static methods to `ssm.StringParameter` to make it easier to reference values directly:
* `valueFromLookup` will read a value during synthesis using the SSM context provider.
* `valueForStringParameter` will return a deploy-time resolved value.
* `valueForSecureStringParameter` will return a deploy-time resolved secure string value.

Fixes #2866

BREAKING CHANGE: `ContextProvider` is no longer designed to be extended. Use `ContextProvider.getValue` and `ContextProvider.getKey` as utilities.
* **core:** `Context.getSsmParameter` has been removed. Use `ssm.StringParameter.valueFromLookup`
* **core:** `Context.getAvailabilityZones` has been removed. Use `stack.availabilityZones`
* **core:** `Context.getDefaultAccount` and `getDefaultRegion` have been removed an no longer available.
* **route52:** `HostedZoneProvider` has been removed. Use `HostedZone.fromLookup`.
* **ec2:** `VpcNetworkProvider` has been removed. Use `Vpc.fromLookup`.
* **ec2:** `ec2.MachineImage` will now resolve AMIs from SSM during deployment.
* **ecs:** `ecs.EcsOptimizedAmi` will now resolve AMis from SSM during deployment.
    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    aae14b7 View commit details
    Browse the repository at this point in the history

  2. documentation fixes

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    fc3bfd1 View commit details
    Browse the repository at this point in the history

  3. update cdk-integ to support new way of passing account/region info th… 

    …rough env variables
    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    f05186c View commit details
    Browse the repository at this point in the history

  4. fix cli to respect "unknown-xxx"

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    dacc4b0 View commit details
    Browse the repository at this point in the history

  5. set CDK_DEFAULT_ACCOUNT and CDK_DEFAULT_REGION

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    01b9fdf View commit details
    Browse the repository at this point in the history

  6. allow setting fallback for AZ provider through context

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    cf41f8c View commit details
    Browse the repository at this point in the history

  7. fix vpc module reference

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    69c4b0f View commit details
    Browse the repository at this point in the history

  8. update tests

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    9270a85 View commit details
    Browse the repository at this point in the history

  9. Merge remote-tracking branch 'origin/master' into benisrae/environmen… 

    …t-defaults-3
    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    485e2ff View commit details
    Browse the repository at this point in the history

  10. pass integ test environment variables to "ls"

    Elad Ben-Israel committed Jun 19, 2019
    Configuration menu
    Copy the full SHA
    f782f7c View commit details
    Browse the repository at this point in the history