diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.assets.json index b64d373ba0733..be93d83fbc681 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.assets.json @@ -1,7 +1,7 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { - "fbfbdae93c15032979fecbc2362ee6c1bf3b952eb363424fb60a8f6c15d6a0d0": { + "938b3109faa6eac41e1d4a7b5d76197a74908e45302636596d841968426d6321": { "source": { "path": "aws-cdk-rds-proxy.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "fbfbdae93c15032979fecbc2362ee6c1bf3b952eb363424fb60a8f6c15d6a0d0.json", + "objectKey": "938b3109faa6eac41e1d4a7b5d76197a74908e45302636596d841968426d6321.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.template.json index cb67056386bd0..a7fff003e31a9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/aws-cdk-rds-proxy.template.json @@ -18,9 +18,6 @@ "vpcPublicSubnet1Subnet2E65531E": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "AvailabilityZone": { "Fn::Select": [ 0, @@ -44,21 +41,24 @@ "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PublicSubnet1" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPublicSubnet1RouteTable48A2DF9B": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "Tags": [ { "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PublicSubnet1" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPublicSubnet1RouteTableAssociation5D3F4579": { @@ -75,12 +75,12 @@ "vpcPublicSubnet1DefaultRoute10708846": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" - }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "RouteTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" } }, "DependsOn": [ @@ -102,15 +102,15 @@ "vpcPublicSubnet1NATGateway9C16659E": { "Type": "AWS::EC2::NatGateway", "Properties": { - "SubnetId": { - "Ref": "vpcPublicSubnet1Subnet2E65531E" - }, "AllocationId": { "Fn::GetAtt": [ "vpcPublicSubnet1EIPDA49DCBE", "AllocationId" ] }, + "SubnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + }, "Tags": [ { "Key": "Name", @@ -126,9 +126,6 @@ "vpcPublicSubnet2Subnet009B674F": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "AvailabilityZone": { "Fn::Select": [ 1, @@ -152,21 +149,24 @@ "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PublicSubnet2" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPublicSubnet2RouteTableEB40D4CB": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "Tags": [ { "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PublicSubnet2" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPublicSubnet2RouteTableAssociation21F81B59": { @@ -183,12 +183,12 @@ "vpcPublicSubnet2DefaultRouteA1EC0F60": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" - }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "RouteTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" } }, "DependsOn": [ @@ -210,15 +210,15 @@ "vpcPublicSubnet2NATGateway9B8AE11A": { "Type": "AWS::EC2::NatGateway", "Properties": { - "SubnetId": { - "Ref": "vpcPublicSubnet2Subnet009B674F" - }, "AllocationId": { "Fn::GetAtt": [ "vpcPublicSubnet2EIP9B3743B1", "AllocationId" ] }, + "SubnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + }, "Tags": [ { "Key": "Name", @@ -234,9 +234,6 @@ "vpcPrivateSubnet1Subnet934893E8": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "AvailabilityZone": { "Fn::Select": [ 0, @@ -260,21 +257,24 @@ "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PrivateSubnet1" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPrivateSubnet1RouteTableB41A48CC": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "Tags": [ { "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PrivateSubnet1" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPrivateSubnet1RouteTableAssociation67945127": { @@ -291,21 +291,18 @@ "vpcPrivateSubnet1DefaultRoute1AA8E2E5": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" - }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "vpcPublicSubnet1NATGateway9C16659E" + }, + "RouteTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" } } }, "vpcPrivateSubnet2Subnet7031C2BA": { "Type": "AWS::EC2::Subnet", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "AvailabilityZone": { "Fn::Select": [ 1, @@ -329,21 +326,24 @@ "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PrivateSubnet2" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPrivateSubnet2RouteTable7280F23E": { "Type": "AWS::EC2::RouteTable", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "Tags": [ { "Key": "Name", "Value": "aws-cdk-rds-proxy/vpc/PrivateSubnet2" } - ] + ], + "VpcId": { + "Ref": "vpcA2121C38" + } } }, "vpcPrivateSubnet2RouteTableAssociation007E94D3": { @@ -360,12 +360,12 @@ "vpcPrivateSubnet2DefaultRouteB0E07F99": { "Type": "AWS::EC2::Route", "Properties": { - "RouteTableId": { - "Ref": "vpcPrivateSubnet2RouteTable7280F23E" - }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "vpcPublicSubnet2NATGateway9B8AE11A" + }, + "RouteTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" } } }, @@ -383,11 +383,11 @@ "vpcVPCGW7984C166": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { - "VpcId": { - "Ref": "vpcA2121C38" - }, "InternetGatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "VpcId": { + "Ref": "vpcA2121C38" } } }, @@ -424,7 +424,6 @@ "dbInstanceSecurityGroupfromawscdkrdsproxydbProxyProxySecurityGroupA345AFE5IndirectPortE3621D4F": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { - "IpProtocol": "tcp", "Description": "Allow connections to the database Instance from the Proxy", "FromPort": { "Fn::GetAtt": [ @@ -438,6 +437,7 @@ "GroupId" ] }, + "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "dbProxyProxySecurityGroup16E727A7", @@ -499,7 +499,7 @@ }, "Engine": "postgres", "EngineVersion": "15.2", - "MasterUsername": { + "MasterUserPassword": { "Fn::Join": [ "", [ @@ -507,11 +507,11 @@ { "Ref": "dbInstanceSecret032D3661" }, - ":SecretString:username::}}" + ":SecretString:password::}}" ] ] }, - "MasterUserPassword": { + "MasterUsername": { "Fn::Join": [ "", [ @@ -519,7 +519,7 @@ { "Ref": "dbInstanceSecret032D3661" }, - ":SecretString:password::}}" + ":SecretString:username::}}" ] ] }, @@ -609,21 +609,13 @@ ], "DBProxyName": "awscdkrdsproxydbProxy0E60A1B7", "EngineFamily": "POSTGRESQL", + "RequireTLS": true, "RoleArn": { "Fn::GetAtt": [ "dbProxyIAMRole662F3AB8", "Arn" ] }, - "VpcSubnetIds": [ - { - "Ref": "vpcPrivateSubnet1Subnet934893E8" - }, - { - "Ref": "vpcPrivateSubnet2Subnet7031C2BA" - } - ], - "RequireTLS": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ @@ -631,16 +623,20 @@ "GroupId" ] } + ], + "VpcSubnetIds": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } ] } }, "dbProxyProxyTargetGroup8DA26A77": { "Type": "AWS::RDS::DBProxyTargetGroup", "Properties": { - "DBProxyName": { - "Ref": "dbProxy3B89EAF2" - }, - "TargetGroupName": "default", "ConnectionPoolConfigurationInfo": { "ConnectionBorrowTimeout": 30, "MaxConnectionsPercent": 50 @@ -649,7 +645,11 @@ { "Ref": "dbInstance4076B1EC" } - ] + ], + "DBProxyName": { + "Ref": "dbProxy3B89EAF2" + }, + "TargetGroupName": "default" } }, "dbClusterSubnets03B9B0E1": { @@ -682,10 +682,40 @@ } } }, - "dbClusterSecurityGroupfromawscdkrdsproxyProxyProxySecurityGroup9F179E6FIndirectPortED421002": { + "dbClusterSecurityGroupfromawscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09IndirectPort152B2D99": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { + "Description": "Allow connections to the database Cluster from the Proxy", + "FromPort": { + "Fn::GetAtt": [ + "dbClusterE86E47AE", + "Endpoint.Port" + ] + }, + "GroupId": { + "Fn::GetAtt": [ + "dbClusterSecurityGroupCAA1A91F", + "GroupId" + ] + }, "IpProtocol": "tcp", + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "dbClusterProxyProxySecurityGroup170F327D", + "GroupId" + ] + }, + "ToPort": { + "Fn::GetAtt": [ + "dbClusterE86E47AE", + "Endpoint.Port" + ] + } + } + }, + "dbClusterSecurityGroupfromawscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853FIndirectPort61009070": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { "Description": "Allow connections to the database Cluster from the Proxy", "FromPort": { "Fn::GetAtt": [ @@ -699,9 +729,10 @@ "GroupId" ] }, + "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ - "ProxyProxySecurityGroupC42FC3CE", + "dbClusterProxy2ProxySecurityGroupB44507AE", "GroupId" ] }, @@ -759,7 +790,7 @@ }, "Engine": "aurora-postgresql", "EngineVersion": "14.5", - "MasterUsername": { + "MasterUserPassword": { "Fn::Join": [ "", [ @@ -767,11 +798,11 @@ { "Ref": "dbClusterSecretCEA6D7B6" }, - ":SecretString:username::}}" + ":SecretString:password::}}" ] ] }, - "MasterUserPassword": { + "MasterUsername": { "Fn::Join": [ "", [ @@ -779,7 +810,7 @@ { "Ref": "dbClusterSecretCEA6D7B6" }, - ":SecretString:password::}}" + ":SecretString:username::}}" ] ] }, @@ -838,7 +869,7 @@ "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "ProxyIAMRole2FE8AB0F": { + "dbClusterProxyIAMRole693E39F5": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { @@ -855,7 +886,7 @@ } } }, - "ProxyIAMRoleDefaultPolicy59EB0117": { + "dbClusterProxyIAMRoleDefaultPolicyEEE23224": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { @@ -873,15 +904,15 @@ ], "Version": "2012-10-17" }, - "PolicyName": "ProxyIAMRoleDefaultPolicy59EB0117", + "PolicyName": "dbClusterProxyIAMRoleDefaultPolicyEEE23224", "Roles": [ { - "Ref": "ProxyIAMRole2FE8AB0F" + "Ref": "dbClusterProxyIAMRole693E39F5" } ] } }, - "ProxyProxySecurityGroupC42FC3CE": { + "dbClusterProxyProxySecurityGroup170F327D": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "SecurityGroup for Database Proxy", @@ -897,7 +928,7 @@ } } }, - "ProxyCB0DFB71": { + "dbClusterProxyAB5F8181": { "Type": "AWS::RDS::DBProxy", "Properties": { "Auth": [ @@ -909,14 +940,23 @@ } } ], - "DBProxyName": "cluster-db-proxy", + "DBProxyName": "awscdkrdsproxydbClusterProxyE88930B6", "EngineFamily": "POSTGRESQL", + "RequireTLS": true, "RoleArn": { "Fn::GetAtt": [ - "ProxyIAMRole2FE8AB0F", + "dbClusterProxyIAMRole693E39F5", "Arn" ] }, + "VpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "dbClusterProxyProxySecurityGroup170F327D", + "GroupId" + ] + } + ], "VpcSubnetIds": [ { "Ref": "vpcPrivateSubnet1Subnet934893E8" @@ -924,41 +964,145 @@ { "Ref": "vpcPrivateSubnet2Subnet7031C2BA" } + ] + } + }, + "dbClusterProxyProxyTargetGroupB7010C0D": { + "Type": "AWS::RDS::DBProxyTargetGroup", + "Properties": { + "ConnectionPoolConfigurationInfo": {}, + "DBClusterIdentifiers": [ + { + "Ref": "dbClusterE86E47AE" + } ], + "DBProxyName": { + "Ref": "dbClusterProxyAB5F8181" + }, + "TargetGroupName": "default" + }, + "DependsOn": [ + "dbClusterInstance1BCE092AC", + "dbClusterInstance20BA1ECD9", + "dbClusterE86E47AE" + ] + }, + "dbClusterProxy2IAMRole190D217C": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "dbClusterProxy2IAMRoleDefaultPolicyFD9414D8": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "dbClusterSecretAttachmentAB67A752" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "dbClusterProxy2IAMRoleDefaultPolicyFD9414D8", + "Roles": [ + { + "Ref": "dbClusterProxy2IAMRole190D217C" + } + ] + } + }, + "dbClusterProxy2ProxySecurityGroupB44507AE": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "SecurityGroup for Database Proxy", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "dbClusterProxy28BBD43D5": { + "Type": "AWS::RDS::DBProxy", + "Properties": { + "Auth": [ + { + "AuthScheme": "SECRETS", + "IAMAuth": "DISABLED", + "SecretArn": { + "Ref": "dbClusterSecretAttachmentAB67A752" + } + } + ], + "DBProxyName": "awscdkrdsproxydbClusterProxy27493E9A7", + "EngineFamily": "POSTGRESQL", "RequireTLS": true, + "RoleArn": { + "Fn::GetAtt": [ + "dbClusterProxy2IAMRole190D217C", + "Arn" + ] + }, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ - "ProxyProxySecurityGroupC42FC3CE", + "dbClusterProxy2ProxySecurityGroupB44507AE", "GroupId" ] } + ], + "VpcSubnetIds": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } ] } }, - "ProxyProxyTargetGroupB462B5C5": { + "dbClusterProxy2ProxyTargetGroup8BD48F57": { "Type": "AWS::RDS::DBProxyTargetGroup", "Properties": { - "DBProxyName": { - "Ref": "ProxyCB0DFB71" - }, - "TargetGroupName": "default", "ConnectionPoolConfigurationInfo": {}, "DBClusterIdentifiers": [ { "Ref": "dbClusterE86E47AE" } - ] + ], + "DBProxyName": { + "Ref": "dbClusterProxy28BBD43D5" + }, + "TargetGroupName": "default" }, "DependsOn": [ "dbClusterInstance1BCE092AC", "dbClusterInstance20BA1ECD9", - "dbClusterE86E47AE", - "dbClusterSecretAttachmentAB67A752", - "dbClusterSecretCEA6D7B6", - "dbClusterSecurityGroupfromawscdkrdsproxyProxyProxySecurityGroup9F179E6FIndirectPortED421002", - "dbClusterSecurityGroupCAA1A91F", - "dbClusterSubnets03B9B0E1" + "dbClusterE86E47AE" ] } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/cdk.out index 7925065efbcc4..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/databaseproxyintegtestDefaultTestDeployAssert1DC3D9D5.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/databaseproxyintegtestDefaultTestDeployAssert1DC3D9D5.assets.json index 9f8c7fc42363c..c1fc7e45b88a1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/databaseproxyintegtestDefaultTestDeployAssert1DC3D9D5.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/databaseproxyintegtestDefaultTestDeployAssert1DC3D9D5.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/integ.json index 0f50e706e7b16..45dc395b13d22 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "35.0.0", "testCases": { "database-proxy-integ-test/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/manifest.json index 579edfb39a58d..579b5da69d673 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "35.0.0", "artifacts": { "aws-cdk-rds-proxy.assets": { "type": "cdk:asset-manifest", @@ -14,10 +14,11 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "aws-cdk-rds-proxy.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fbfbdae93c15032979fecbc2362ee6c1bf3b952eb363424fb60a8f6c15d6a0d0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/938b3109faa6eac41e1d4a7b5d76197a74908e45302636596d841968426d6321.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -249,10 +250,16 @@ "data": "dbClusterSecurityGroupCAA1A91F" } ], - "/aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxyProxyProxySecurityGroup9F179E6F:{IndirectPort}": [ + "/aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09:{IndirectPort}": [ { "type": "aws:cdk:logicalId", - "data": "dbClusterSecurityGroupfromawscdkrdsproxyProxyProxySecurityGroup9F179E6FIndirectPortED421002" + "data": "dbClusterSecurityGroupfromawscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09IndirectPort152B2D99" + } + ], + "/aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853F:{IndirectPort}": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterSecurityGroupfromawscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853FIndirectPort61009070" } ], "/aws-cdk-rds-proxy/dbCluster/Secret/Resource": [ @@ -285,34 +292,64 @@ "data": "dbClusterInstance20BA1ECD9" } ], - "/aws-cdk-rds-proxy/Proxy/IAMRole/Resource": [ + "/aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterProxyIAMRole693E39F5" + } + ], + "/aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterProxyIAMRoleDefaultPolicyEEE23224" + } + ], + "/aws-cdk-rds-proxy/dbCluster/Proxy/ProxySecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterProxyProxySecurityGroup170F327D" + } + ], + "/aws-cdk-rds-proxy/dbCluster/Proxy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterProxyAB5F8181" + } + ], + "/aws-cdk-rds-proxy/dbCluster/Proxy/ProxyTargetGroup": [ + { + "type": "aws:cdk:logicalId", + "data": "dbClusterProxyProxyTargetGroupB7010C0D" + } + ], + "/aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ProxyIAMRole2FE8AB0F" + "data": "dbClusterProxy2IAMRole190D217C" } ], - "/aws-cdk-rds-proxy/Proxy/IAMRole/DefaultPolicy/Resource": [ + "/aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ProxyIAMRoleDefaultPolicy59EB0117" + "data": "dbClusterProxy2IAMRoleDefaultPolicyFD9414D8" } ], - "/aws-cdk-rds-proxy/Proxy/ProxySecurityGroup/Resource": [ + "/aws-cdk-rds-proxy/dbCluster/Proxy2/ProxySecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ProxyProxySecurityGroupC42FC3CE" + "data": "dbClusterProxy2ProxySecurityGroupB44507AE" } ], - "/aws-cdk-rds-proxy/Proxy/Resource": [ + "/aws-cdk-rds-proxy/dbCluster/Proxy2/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ProxyCB0DFB71" + "data": "dbClusterProxy28BBD43D5" } ], - "/aws-cdk-rds-proxy/Proxy/ProxyTargetGroup": [ + "/aws-cdk-rds-proxy/dbCluster/Proxy2/ProxyTargetGroup": [ { "type": "aws:cdk:logicalId", - "data": "ProxyProxyTargetGroupB462B5C5" + "data": "dbClusterProxy2ProxyTargetGroup8BD48F57" } ], "/aws-cdk-rds-proxy/BootstrapVersion": [ @@ -343,6 +380,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "databaseproxyintegtestDefaultTestDeployAssert1DC3D9D5.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/tree.json index 82421eb7d52aa..d9e55b3be753c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.js.snapshot/tree.json @@ -31,7 +31,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", "version": "0.0.0" } }, @@ -45,9 +45,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "availabilityZone": { "Fn::Select": [ 0, @@ -71,11 +68,14 @@ "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PublicSubnet1" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -83,7 +83,7 @@ "id": "Acl", "path": "aws-cdk-rds-proxy/vpc/PublicSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -93,19 +93,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "tags": [ { "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PublicSubnet1" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -124,7 +124,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -134,17 +134,17 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" - }, "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "routeTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -164,7 +164,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -174,15 +174,15 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "vpcPublicSubnet1Subnet2E65531E" - }, "allocationId": { "Fn::GetAtt": [ "vpcPublicSubnet1EIPDA49DCBE", "AllocationId" ] }, + "subnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + }, "tags": [ { "key": "Name", @@ -192,13 +192,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -212,9 +212,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "availabilityZone": { "Fn::Select": [ 1, @@ -238,11 +235,14 @@ "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PublicSubnet2" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -250,7 +250,7 @@ "id": "Acl", "path": "aws-cdk-rds-proxy/vpc/PublicSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -260,19 +260,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "tags": [ { "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PublicSubnet2" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -291,7 +291,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -301,17 +301,17 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" - }, "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "routeTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -331,7 +331,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -341,15 +341,15 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { - "subnetId": { - "Ref": "vpcPublicSubnet2Subnet009B674F" - }, "allocationId": { "Fn::GetAtt": [ "vpcPublicSubnet2EIP9B3743B1", "AllocationId" ] }, + "subnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + }, "tags": [ { "key": "Name", @@ -359,13 +359,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -379,9 +379,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "availabilityZone": { "Fn::Select": [ 0, @@ -405,11 +402,14 @@ "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PrivateSubnet1" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -417,7 +417,7 @@ "id": "Acl", "path": "aws-cdk-rds-proxy/vpc/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -427,19 +427,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "tags": [ { "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PrivateSubnet1" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -458,7 +458,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -468,23 +468,23 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" - }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { "Ref": "vpcPublicSubnet1NATGateway9C16659E" + }, + "routeTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -498,9 +498,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "availabilityZone": { "Fn::Select": [ 1, @@ -524,11 +521,14 @@ "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PrivateSubnet2" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -536,7 +536,7 @@ "id": "Acl", "path": "aws-cdk-rds-proxy/vpc/PrivateSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -546,19 +546,19 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "tags": [ { "key": "Name", "value": "aws-cdk-rds-proxy/vpc/PrivateSubnet2" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -577,7 +577,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -587,23 +587,23 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "vpcPrivateSubnet2RouteTable7280F23E" - }, "destinationCidrBlock": "0.0.0.0/0", "natGatewayId": { "Ref": "vpcPublicSubnet2NATGateway9B8AE11A" + }, + "routeTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -622,7 +622,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", "version": "0.0.0" } }, @@ -632,22 +632,22 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", "aws:cdk:cloudformation:props": { - "vpcId": { - "Ref": "vpcA2121C38" - }, "internetGatewayId": { "Ref": "vpcIGWE57CBDCA" + }, + "vpcId": { + "Ref": "vpcA2121C38" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Vpc", + "fqn": "aws-cdk-lib.aws_ec2.Vpc", "version": "0.0.0" } }, @@ -677,13 +677,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBSubnetGroup", + "fqn": "aws-cdk-lib.aws_rds.CfnDBSubnetGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.SubnetGroup", + "fqn": "aws-cdk-lib.aws_rds.SubnetGroup", "version": "0.0.0" } }, @@ -711,7 +711,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", "version": "0.0.0" } }, @@ -721,7 +721,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", "aws:cdk:cloudformation:props": { - "ipProtocol": "tcp", "description": "Allow connections to the database Instance from the Proxy", "fromPort": { "Fn::GetAtt": [ @@ -735,6 +734,7 @@ "GroupId" ] }, + "ipProtocol": "tcp", "sourceSecurityGroupId": { "Fn::GetAtt": [ "dbProxyProxySecurityGroup16E727A7", @@ -750,13 +750,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, @@ -790,7 +790,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", "version": "0.0.0" } }, @@ -814,19 +814,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseSecret", + "fqn": "aws-cdk-lib.aws_rds.DatabaseSecret", "version": "0.0.0" } }, @@ -880,13 +880,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseInstance", + "fqn": "aws-cdk-lib.aws_rds.DatabaseInstance", "version": "0.0.0" } }, @@ -902,7 +902,7 @@ "id": "ImportIAMRole", "path": "aws-cdk-rds-proxy/dbProxy/IAMRole/ImportIAMRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -927,7 +927,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -965,19 +965,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1005,13 +1005,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, @@ -1032,21 +1032,13 @@ ], "dbProxyName": "awscdkrdsproxydbProxy0E60A1B7", "engineFamily": "POSTGRESQL", + "requireTls": true, "roleArn": { "Fn::GetAtt": [ "dbProxyIAMRole662F3AB8", "Arn" ] }, - "vpcSubnetIds": [ - { - "Ref": "vpcPrivateSubnet1Subnet934893E8" - }, - { - "Ref": "vpcPrivateSubnet2Subnet7031C2BA" - } - ], - "requireTls": true, "vpcSecurityGroupIds": [ { "Fn::GetAtt": [ @@ -1054,11 +1046,19 @@ "GroupId" ] } + ], + "vpcSubnetIds": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBProxy", + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxy", "version": "0.0.0" } }, @@ -1068,10 +1068,6 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::RDS::DBProxyTargetGroup", "aws:cdk:cloudformation:props": { - "dbProxyName": { - "Ref": "dbProxy3B89EAF2" - }, - "targetGroupName": "default", "connectionPoolConfigurationInfo": { "connectionBorrowTimeout": 30, "maxConnectionsPercent": 50 @@ -1080,17 +1076,21 @@ { "Ref": "dbInstance4076B1EC" } - ] + ], + "dbProxyName": { + "Ref": "dbProxy3B89EAF2" + }, + "targetGroupName": "default" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBProxyTargetGroup", + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxyTargetGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseProxy", + "fqn": "aws-cdk-lib.aws_rds.DatabaseProxy", "version": "0.0.0" } }, @@ -1120,13 +1120,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBSubnetGroup", + "fqn": "aws-cdk-lib.aws_rds.CfnDBSubnetGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.SubnetGroup", + "fqn": "aws-cdk-lib.aws_rds.SubnetGroup", "version": "0.0.0" } }, @@ -1154,17 +1154,55 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", "version": "0.0.0" } }, - "from awscdkrdsproxyProxyProxySecurityGroup9F179E6F:{IndirectPort}": { - "id": "from awscdkrdsproxyProxyProxySecurityGroup9F179E6F:{IndirectPort}", - "path": "aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxyProxyProxySecurityGroup9F179E6F:{IndirectPort}", + "from awscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09:{IndirectPort}": { + "id": "from awscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09:{IndirectPort}", + "path": "aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxydbClusterProxyProxySecurityGroupFBC47B09:{IndirectPort}", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", "aws:cdk:cloudformation:props": { + "description": "Allow connections to the database Cluster from the Proxy", + "fromPort": { + "Fn::GetAtt": [ + "dbClusterE86E47AE", + "Endpoint.Port" + ] + }, + "groupId": { + "Fn::GetAtt": [ + "dbClusterSecurityGroupCAA1A91F", + "GroupId" + ] + }, "ipProtocol": "tcp", + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "dbClusterProxyProxySecurityGroup170F327D", + "GroupId" + ] + }, + "toPort": { + "Fn::GetAtt": [ + "dbClusterE86E47AE", + "Endpoint.Port" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from awscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853F:{IndirectPort}": { + "id": "from awscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853F:{IndirectPort}", + "path": "aws-cdk-rds-proxy/dbCluster/SecurityGroup/from awscdkrdsproxydbClusterProxy2ProxySecurityGroup5B77853F:{IndirectPort}", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { "description": "Allow connections to the database Cluster from the Proxy", "fromPort": { "Fn::GetAtt": [ @@ -1178,9 +1216,10 @@ "GroupId" ] }, + "ipProtocol": "tcp", "sourceSecurityGroupId": { "Fn::GetAtt": [ - "ProxyProxySecurityGroupC42FC3CE", + "dbClusterProxy2ProxySecurityGroupB44507AE", "GroupId" ] }, @@ -1193,13 +1232,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, @@ -1207,7 +1246,7 @@ "id": "AuroraPostgreSqlDatabaseClusterEngineDefaultParameterGroup", "path": "aws-cdk-rds-proxy/dbCluster/AuroraPostgreSqlDatabaseClusterEngineDefaultParameterGroup", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1241,7 +1280,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", "version": "0.0.0" } }, @@ -1265,19 +1304,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseSecret", + "fqn": "aws-cdk-lib.aws_rds.DatabaseSecret", "version": "0.0.0" } }, @@ -1330,7 +1369,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBCluster", + "fqn": "aws-cdk-lib.aws_rds.CfnDBCluster", "version": "0.0.0" } }, @@ -1351,7 +1390,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", "version": "0.0.0" } }, @@ -1372,214 +1411,415 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBInstance", + "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseCluster", - "version": "0.0.0" - } - }, - "Proxy": { - "id": "Proxy", - "path": "aws-cdk-rds-proxy/Proxy", - "children": { - "IAMRole": { - "id": "IAMRole", - "path": "aws-cdk-rds-proxy/Proxy/IAMRole", + }, + "Proxy": { + "id": "Proxy", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy", "children": { - "ImportIAMRole": { - "id": "ImportIAMRole", - "path": "aws-cdk-rds-proxy/Proxy/IAMRole/ImportIAMRole", + "IAMRole": { + "id": "IAMRole", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole", + "children": { + "ImportIAMRole": { + "id": "ImportIAMRole", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/ImportIAMRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/IAMRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "dbClusterSecretAttachmentAB67A752" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "dbClusterProxyIAMRoleDefaultPolicyEEE23224", + "roles": [ + { + "Ref": "dbClusterProxyIAMRole693E39F5" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "ProxySecurityGroup": { + "id": "ProxySecurityGroup", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/ProxySecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/ProxySecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "SecurityGroup for Database Proxy", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-rds-proxy/Proxy/IAMRole/Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:type": "AWS::RDS::DBProxy", "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "rds.amazonaws.com" - } + "auth": [ + { + "authScheme": "SECRETS", + "iamAuth": "DISABLED", + "secretArn": { + "Ref": "dbClusterSecretAttachmentAB67A752" } - ], - "Version": "2012-10-17" - } + } + ], + "dbProxyName": "awscdkrdsproxydbClusterProxyE88930B6", + "engineFamily": "POSTGRESQL", + "requireTls": true, + "roleArn": { + "Fn::GetAtt": [ + "dbClusterProxyIAMRole693E39F5", + "Arn" + ] + }, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "dbClusterProxyProxySecurityGroup170F327D", + "GroupId" + ] + } + ], + "vpcSubnetIds": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxy", "version": "0.0.0" } }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "aws-cdk-rds-proxy/Proxy/IAMRole/DefaultPolicy", + "ProxyTargetGroup": { + "id": "ProxyTargetGroup", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy/ProxyTargetGroup", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBProxyTargetGroup", + "aws:cdk:cloudformation:props": { + "connectionPoolConfigurationInfo": {}, + "dbClusterIdentifiers": [ + { + "Ref": "dbClusterE86E47AE" + } + ], + "dbProxyName": { + "Ref": "dbClusterProxyAB5F8181" + }, + "targetGroupName": "default" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxyTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.DatabaseProxy", + "version": "0.0.0" + } + }, + "Proxy2": { + "id": "Proxy2", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2", + "children": { + "IAMRole": { + "id": "IAMRole", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole", "children": { + "ImportIAMRole": { + "id": "ImportIAMRole", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/ImportIAMRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", - "path": "aws-cdk-rds-proxy/Proxy/IAMRole/DefaultPolicy/Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { - "policyDocument": { + "assumeRolePolicyDocument": { "Statement": [ { - "Action": [ - "secretsmanager:DescribeSecret", - "secretsmanager:GetSecretValue" - ], + "Action": "sts:AssumeRole", "Effect": "Allow", - "Resource": { - "Ref": "dbClusterSecretAttachmentAB67A752" + "Principal": { + "Service": "rds.amazonaws.com" } } ], "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/IAMRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "dbClusterSecretAttachmentAB67A752" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "dbClusterProxy2IAMRoleDefaultPolicyFD9414D8", + "roles": [ + { + "Ref": "dbClusterProxy2IAMRole190D217C" + } + ] + } }, - "policyName": "ProxyIAMRoleDefaultPolicy59EB0117", - "roles": [ + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "ProxySecurityGroup": { + "id": "ProxySecurityGroup", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/ProxySecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/ProxySecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "SecurityGroup for Database Proxy", + "securityGroupEgress": [ { - "Ref": "ProxyIAMRole2FE8AB0F" + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" } - ] + ], + "vpcId": { + "Ref": "vpcA2121C38" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", - "version": "0.0.0" - } - }, - "ProxySecurityGroup": { - "id": "ProxySecurityGroup", - "path": "aws-cdk-rds-proxy/Proxy/ProxySecurityGroup", - "children": { + }, "Resource": { "id": "Resource", - "path": "aws-cdk-rds-proxy/Proxy/ProxySecurityGroup/Resource", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:type": "AWS::RDS::DBProxy", "aws:cdk:cloudformation:props": { - "groupDescription": "SecurityGroup for Database Proxy", - "securityGroupEgress": [ + "auth": [ { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" + "authScheme": "SECRETS", + "iamAuth": "DISABLED", + "secretArn": { + "Ref": "dbClusterSecretAttachmentAB67A752" + } } ], - "vpcId": { - "Ref": "vpcA2121C38" - } + "dbProxyName": "awscdkrdsproxydbClusterProxy27493E9A7", + "engineFamily": "POSTGRESQL", + "requireTls": true, + "roleArn": { + "Fn::GetAtt": [ + "dbClusterProxy2IAMRole190D217C", + "Arn" + ] + }, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "dbClusterProxy2ProxySecurityGroupB44507AE", + "GroupId" + ] + } + ], + "vpcSubnetIds": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxy", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-proxy/Proxy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBProxy", - "aws:cdk:cloudformation:props": { - "auth": [ - { - "authScheme": "SECRETS", - "iamAuth": "DISABLED", - "secretArn": { - "Ref": "dbClusterSecretAttachmentAB67A752" - } - } - ], - "dbProxyName": "cluster-db-proxy", - "engineFamily": "POSTGRESQL", - "roleArn": { - "Fn::GetAtt": [ - "ProxyIAMRole2FE8AB0F", - "Arn" - ] - }, - "vpcSubnetIds": [ - { - "Ref": "vpcPrivateSubnet1Subnet934893E8" - }, - { - "Ref": "vpcPrivateSubnet2Subnet7031C2BA" - } - ], - "requireTls": true, - "vpcSecurityGroupIds": [ - { - "Fn::GetAtt": [ - "ProxyProxySecurityGroupC42FC3CE", - "GroupId" - ] + }, + "ProxyTargetGroup": { + "id": "ProxyTargetGroup", + "path": "aws-cdk-rds-proxy/dbCluster/Proxy2/ProxyTargetGroup", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBProxyTargetGroup", + "aws:cdk:cloudformation:props": { + "connectionPoolConfigurationInfo": {}, + "dbClusterIdentifiers": [ + { + "Ref": "dbClusterE86E47AE" + } + ], + "dbProxyName": { + "Ref": "dbClusterProxy28BBD43D5" + }, + "targetGroupName": "default" } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBProxy", - "version": "0.0.0" - } - }, - "ProxyTargetGroup": { - "id": "ProxyTargetGroup", - "path": "aws-cdk-rds-proxy/Proxy/ProxyTargetGroup", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBProxyTargetGroup", - "aws:cdk:cloudformation:props": { - "dbProxyName": { - "Ref": "ProxyCB0DFB71" }, - "targetGroupName": "default", - "connectionPoolConfigurationInfo": {}, - "dbClusterIdentifiers": [ - { - "Ref": "dbClusterE86E47AE" - } - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBProxyTargetGroup", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.CfnDBProxyTargetGroup", + "fqn": "aws-cdk-lib.aws_rds.DatabaseProxy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-rds.DatabaseProxy", + "fqn": "aws-cdk-lib.aws_rds.DatabaseCluster", "version": "0.0.0" } }, @@ -1587,7 +1827,7 @@ "id": "BootstrapVersion", "path": "aws-cdk-rds-proxy/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -1595,13 +1835,13 @@ "id": "CheckBootstrapVersion", "path": "aws-cdk-rds-proxy/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -1618,7 +1858,7 @@ "path": "database-proxy-integ-test/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -1629,7 +1869,7 @@ "id": "BootstrapVersion", "path": "database-proxy-integ-test/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -1637,25 +1877,25 @@ "id": "CheckBootstrapVersion", "path": "database-proxy-integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -1664,12 +1904,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.ts index 3f3d83b4332dc..8b8164175d258 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.proxy.ts @@ -36,9 +36,14 @@ const cluster = new rds.DatabaseCluster(stack, 'dbCluster', { instanceProps: { vpc }, }); -new rds.DatabaseProxy(stack, 'Proxy', { - dbProxyName: 'cluster-db-proxy', - proxyTarget: rds.ProxyTarget.fromCluster(cluster), +// The `DatabaseProxy` internally adds a dependency so that the `TargetGroup` is created after the `DatabaseCluster` is created. +// In this test, we use `addProxy` to add two `DatabaseProxy` as a child of `DatabaseCluster` +// and verify that they can be deployed correctly without circular dependencies. +cluster.addProxy('Proxy', { + secrets: [cluster.secret!], + vpc, +}); +cluster.addProxy('Proxy2', { secrets: [cluster.secret!], vpc, }); diff --git a/packages/aws-cdk-lib/aws-rds/lib/proxy.ts b/packages/aws-cdk-lib/aws-rds/lib/proxy.ts index 63f8b483b908e..c1cfae1925ca0 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/proxy.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/proxy.ts @@ -3,7 +3,7 @@ import { IDatabaseCluster } from './cluster-ref'; import { IEngine } from './engine'; import { IDatabaseInstance } from './instance'; import { engineDescription } from './private/util'; -import { CfnDBProxy, CfnDBProxyTargetGroup } from './rds.generated'; +import { CfnDBProxy, CfnDBProxyTargetGroup, CfnDBInstance } from './rds.generated'; import * as ec2 from '../../aws-ec2'; import * as iam from '../../aws-iam'; import * as secretsmanager from '../../aws-secretsmanager'; @@ -490,7 +490,22 @@ export class DatabaseProxy extends DatabaseProxyBase connectionPoolConfigurationInfo: toConnectionPoolConfigurationInfo(props), }); - bindResult.dbClusters?.forEach((c) => proxyTargetGroup.node.addDependency(c)); + // When a `DatabaseProxy` is created by `DatabaseCluster.addProxy`, + // the `DatabaseProxy` and `DBProxyTarget` are created as a child of the `DatabaseCluster`, + // so if multiple `DatabaseProxy` are created by `DatabaseCluster.addProxy`, + // using `node.addDependency` will cause circular dependencies. + // To avoid this, use `CfnResource.addDependency` to add dependencies on `DatabaseCluster` and `DBInstance`. + bindResult.dbClusters?.forEach((cluster) => { + cluster.node.children.forEach((child) => { + if (child instanceof CfnDBInstance) { + proxyTargetGroup.addDependency(child); + } + }); + const clusterResource = cluster.node.defaultChild as cdk.CfnResource; + if (clusterResource && cdk.CfnResource.isCfnResource(clusterResource)) { + proxyTargetGroup.addDependency(clusterResource); + } + }); } /** diff --git a/packages/aws-cdk-lib/aws-rds/test/proxy.test.ts b/packages/aws-cdk-lib/aws-rds/test/proxy.test.ts index 1b9c7de783110..492e90c295d94 100644 --- a/packages/aws-cdk-lib/aws-rds/test/proxy.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/proxy.test.ts @@ -399,11 +399,54 @@ describe('proxy', () => { 'clusterInstance183584D40', 'clusterInstance23D1AD8B2', 'cluster611F8AFF', - 'clusterSecretAttachment69BFCEC4', - 'clusterSecretE349B730', - 'clusterSecurityGroupfromproxyProxySecurityGroupA80F0525IndirectPortA13E5F3D', - 'clusterSecurityGroupF441DCEA', - 'clusterSubnets81E3593F', + ], + }); + }); + + test('Correct dependencies are created when multiple DatabaseProxy are created with addProxy', () => { + // GIVEN + const cluster = new rds.DatabaseCluster(stack, 'cluster', { + engine: rds.DatabaseClusterEngine.AURORA, + instanceProps: { + vpc, + }, + }); + + //WHEN + cluster.addProxy('Proxy', { + vpc, + secrets: [cluster.secret!], + }); + cluster.addProxy('Proxy2', { + vpc, + secrets: [cluster.secret!], + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::RDS::DBProxyTargetGroup', { + Properties: { + DBProxyName: { + Ref: 'clusterProxy22303E35D', + }, + TargetGroupName: 'default', + }, + DependsOn: [ + 'clusterInstance183584D40', + 'clusterInstance23D1AD8B2', + 'cluster611F8AFF', + ], + }); + Template.fromStack(stack).hasResource('AWS::RDS::DBProxyTargetGroup', { + Properties: { + DBProxyName: { + Ref: 'clusterProxyC4BEF551', + }, + TargetGroupName: 'default', + }, + DependsOn: [ + 'clusterInstance183584D40', + 'clusterInstance23D1AD8B2', + 'cluster611F8AFF', ], }); });