diff --git a/.github/workflows/rspec.yaml b/.github/workflows/rspec.yaml index b1ee9a7..d0a2ef8 100644 --- a/.github/workflows/rspec.yaml +++ b/.github/workflows/rspec.yaml @@ -3,23 +3,6 @@ name: cftest on: [push, pull_request] jobs: - test: - name: test - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: set up ruby 2.7 - uses: actions/setup-ruby@v1 - with: - ruby-version: 2.7.x - - name: install gems - run: gem install cfhighlander rspec - - name: set cfndsl spec - run: cfndsl -u - - name: cftest - run: rspec - env: - AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ap-southeast-2 \ No newline at end of file + rspec: + uses: theonestack/shared-workflows/.github/workflows/rspec.yaml@main + secrets: inherit \ No newline at end of file diff --git a/aurora-postgres.cfhighlander.rb b/aurora-postgres.cfhighlander.rb index 189ccfd..4379870 100644 --- a/aurora-postgres.cfhighlander.rb +++ b/aurora-postgres.cfhighlander.rb @@ -7,15 +7,22 @@ Parameters do ComponentParam 'EnvironmentName', 'dev', isGlobal: true ComponentParam 'EnvironmentType', 'development', isGlobal: true, allowedValues: ['development', 'production'] - ComponentParam 'WriterInstanceType' - ComponentParam 'ReaderInstanceType' ComponentParam 'DnsDomain' ComponentParam 'SnapshotID' - ComponentParam 'EnableReader', 'false', allowedValues: ['true', 'false'] ComponentParam 'VPCId', type: 'AWS::EC2::VPC::Id' ComponentParam 'SubnetIds', type: 'CommaDelimitedList' ComponentParam 'KmsKeyId' if (defined? kms) && (kms) + if defined?(engine_mode) && engine_mode == 'serverless' + ComponentParam 'MaxCapacity', '2' + ComponentParam 'MinCapacity', '0.5' + ComponentParam 'EnableHttpEndpoint', 'false', allowedValues: ['true', 'false'] + else + ComponentParam 'WriterInstanceType' + ComponentParam 'ReaderInstanceType' + ComponentParam 'EnableReader', 'false', allowedValues: ['true', 'false'] + end + ComponentParam 'NamespaceId' if defined? service_discovery end diff --git a/aurora-postgres.cfndsl.rb b/aurora-postgres.cfndsl.rb index f19e377..ce2d248 100644 --- a/aurora-postgres.cfndsl.rb +++ b/aurora-postgres.cfndsl.rb @@ -1,10 +1,8 @@ CloudFormation do - Condition("EnableReader", FnEquals(Ref("EnableReader"), 'true')) Condition("UseUsernameAndPassword", FnEquals(Ref(:SnapshotID), '')) Condition("UseSnapshotID", FnNot(FnEquals(Ref(:SnapshotID), ''))) Condition("CreateHostRecord", FnNot(FnEquals(Ref(:DnsDomain), ''))) - Condition("CreateReaderRecord", FnAnd([FnEquals(Ref("EnableReader"), 'true'), Condition('CreateHostRecord')])) aurora_tags = [] tags = external_parameters.fetch(:tags, {}) @@ -163,19 +161,22 @@ end engine_version = external_parameters.fetch(:engine_version, nil) + engine_mode = external_parameters.fetch(:engine_mode, nil) database_name = external_parameters.fetch(:database_name, nil) storage_encrypted = external_parameters.fetch(:storage_encrypted, nil) kms = external_parameters.fetch(:kms, false) cluster_maintenance_window = external_parameters.fetch(:cluster_maintenance_window, nil) cloudwatch_log_exports = external_parameters.fetch(:cloudwatch_log_exports, []) + # for serverless v2 the EngineMode property in the DBCluster is to be left unset + RDS_DBCluster(:DBCluster) { Engine 'aurora-postgresql' EngineVersion engine_version unless engine_version.nil? DBClusterParameterGroupName Ref(:DBClusterParameterGroup) EnableCloudwatchLogsExports cloudwatch_log_exports if cloudwatch_log_exports.any? PreferredMaintenanceWindow cluster_maintenance_window unless cluster_maintenance_window.nil? - SnapshotIdentifier FnIf('UseSnapshotID',Ref(:SnapshotID), Ref('AWS::NoValue')) + SnapshotIdentifier FnIf('UseSnapshotID', Ref(:SnapshotID), Ref('AWS::NoValue')) MasterUsername FnIf('UseUsernameAndPassword', instance_username, Ref('AWS::NoValue')) MasterUserPassword FnIf('UseUsernameAndPassword', instance_password, Ref('AWS::NoValue')) DBSubnetGroupName Ref(:DBClusterSubnetGroup) @@ -186,6 +187,14 @@ Port external_parameters[:cluster_port] Tags aurora_tags AssociatedRoles cluster_roles if cluster_roles.any? + + if engine_mode == 'serverless' + EnableHttpEndpoint Ref(:EnableHttpEndpoint) + ServerlessV2ScalingConfiguration({ + MinCapacity: Ref('MinCapacity'), + MaxCapacity: Ref('MaxCapacity') + }) + end } instance_parameters = external_parameters.fetch(:instance_parameters, nil) @@ -201,43 +210,55 @@ maint_window = external_parameters.fetch(:maint_window, nil) # key kept for backwards compatibility writer_maintenance_window = external_parameters.fetch(:writer_maintenance_window, maint_window) - RDS_DBInstance(:DBClusterInstanceWriter) { - DBSubnetGroupName Ref(:DBClusterSubnetGroup) - DBParameterGroupName Ref(:DBInstanceParameterGroup) - DBClusterIdentifier Ref(:DBCluster) - Engine 'aurora-postgresql' - EngineVersion engine_version unless engine_version.nil? - AutoMinorVersionUpgrade minor_upgrade unless minor_upgrade.nil? - PreferredMaintenanceWindow writer_maintenance_window unless writer_maintenance_window.nil? - PubliclyAccessible 'false' - DBInstanceClass Ref(:WriterInstanceType) - Tags aurora_tags - } + if engine_mode == 'serverless' + RDS_DBInstance(:ServerlessDBInstance) { + Engine 'aurora-postgresql' + DBInstanceClass 'db.serverless' + DBClusterIdentifier Ref(:DBCluster) + } - reader_maintenance_window = external_parameters.fetch(:reader_maintenance_window, nil) + else + Condition("CreateReaderRecord", FnAnd([FnEquals(Ref("EnableReader"), 'true'), Condition('CreateHostRecord')])) + Condition("EnableReader", FnEquals(Ref("EnableReader"), 'true')) + + RDS_DBInstance(:DBClusterInstanceWriter) { + DBSubnetGroupName Ref(:DBClusterSubnetGroup) + DBParameterGroupName Ref(:DBInstanceParameterGroup) + DBClusterIdentifier Ref(:DBCluster) + Engine 'aurora-postgresql' + EngineVersion engine_version unless engine_version.nil? + AutoMinorVersionUpgrade minor_upgrade unless minor_upgrade.nil? + PreferredMaintenanceWindow writer_maintenance_window unless writer_maintenance_window.nil? + PubliclyAccessible 'false' + DBInstanceClass Ref(:WriterInstanceType) + Tags aurora_tags + } - RDS_DBInstance(:DBClusterInstanceReader) { - Condition(:EnableReader) - DBSubnetGroupName Ref(:DBClusterSubnetGroup) - DBParameterGroupName Ref(:DBInstanceParameterGroup) - DBClusterIdentifier Ref(:DBCluster) - Engine 'aurora-postgresql' - EngineVersion engine_version unless engine_version.nil? - AutoMinorVersionUpgrade minor_upgrade unless minor_upgrade.nil? - PreferredMaintenanceWindow reader_maintenance_window unless reader_maintenance_window.nil? - PubliclyAccessible 'false' - DBInstanceClass Ref(:ReaderInstanceType) - Tags aurora_tags - } + reader_maintenance_window = external_parameters.fetch(:reader_maintenance_window, nil) + + RDS_DBInstance(:DBClusterInstanceReader) { + Condition(:EnableReader) + DBSubnetGroupName Ref(:DBClusterSubnetGroup) + DBParameterGroupName Ref(:DBInstanceParameterGroup) + DBClusterIdentifier Ref(:DBCluster) + Engine 'aurora-postgresql' + EngineVersion engine_version unless engine_version.nil? + AutoMinorVersionUpgrade minor_upgrade unless minor_upgrade.nil? + PreferredMaintenanceWindow reader_maintenance_window unless reader_maintenance_window.nil? + PubliclyAccessible 'false' + DBInstanceClass Ref(:ReaderInstanceType) + Tags aurora_tags + } - Route53_RecordSet(:DBClusterReaderRecord) { - Condition(:CreateReaderRecord) - HostedZoneName FnSub("#{external_parameters[:dns_format]}.") - Name FnSub("#{external_parameters[:hostname_read_endpoint]}.#{external_parameters[:dns_format]}.") - Type 'CNAME' - TTL '60' - ResourceRecords [ FnGetAtt('DBCluster','ReadEndpoint.Address') ] - } + Route53_RecordSet(:DBClusterReaderRecord) { + Condition(:CreateReaderRecord) + HostedZoneName FnSub("#{external_parameters[:dns_format]}.") + Name FnSub("#{external_parameters[:hostname_read_endpoint]}.#{external_parameters[:dns_format]}.") + Type 'CNAME' + TTL '60' + ResourceRecords [ FnGetAtt('DBCluster','ReadEndpoint.Address') ] + } + end Route53_RecordSet(:DBHostRecord) { Condition(:CreateHostRecord) diff --git a/spec/cloudwatch_log_exports_spec.rb b/spec/cloudwatch_log_exports_spec.rb index d3a32af..1536d48 100644 --- a/spec/cloudwatch_log_exports_spec.rb +++ b/spec/cloudwatch_log_exports_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -177,6 +181,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -214,6 +222,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -236,11 +248,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg-read", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg-read.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do @@ -265,11 +277,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do diff --git a/spec/database_name_parameter_spec.rb b/spec/database_name_parameter_spec.rb index b407e4c..d9d61bd 100644 --- a/spec/database_name_parameter_spec.rb +++ b/spec/database_name_parameter_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -181,6 +185,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -218,6 +226,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/spec/database_parameters_spec.rb b/spec/database_parameters_spec.rb index 19f3dad..8358544 100644 --- a/spec/database_parameters_spec.rb +++ b/spec/database_parameters_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -177,6 +181,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -214,6 +222,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/spec/default_spec.rb b/spec/default_spec.rb index e761109..e10cb2e 100644 --- a/spec/default_spec.rb +++ b/spec/default_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -177,6 +181,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -214,6 +222,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/spec/disable_auto_minor_version_update_spec.rb b/spec/disable_auto_minor_version_update_spec.rb new file mode 100644 index 0000000..7a16e0e --- /dev/null +++ b/spec/disable_auto_minor_version_update_spec.rb @@ -0,0 +1,307 @@ +require 'yaml' + +describe 'compiled component aurora-postgres' do + + context 'cftest' do + it 'compiles test' do + expect(system("cfhighlander cftest #{@validate} --tests tests/disable_auto_minor_version_update.test.yaml")).to be_truthy + end + end + + let(:template) { YAML.load_file("#{File.dirname(__FILE__)}/../out/tests/disable_auto_minor_version_update/aurora-postgres.compiled.yaml") } + + context "Resource" do + + + context "SecurityGroup" do + let(:resource) { template["Resources"]["SecurityGroup"] } + + it "is of type AWS::EC2::SecurityGroup" do + expect(resource["Type"]).to eq("AWS::EC2::SecurityGroup") + end + + it "to have property VpcId" do + expect(resource["Properties"]["VpcId"]).to eq({"Ref"=>"VPCId"}) + end + + it "to have property GroupDescription" do + expect(resource["Properties"]["GroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres access for the ${EnvironmentName} environment"}) + end + + it "to have property SecurityGroupEgress" do + expect(resource["Properties"]["SecurityGroupEgress"]).to eq([{"CidrIp"=>"0.0.0.0/0", "Description"=>"outbound all for ports", "IpProtocol"=>-1}]) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterSubnetGroup" do + let(:resource) { template["Resources"]["DBClusterSubnetGroup"] } + + it "is of type AWS::RDS::DBSubnetGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBSubnetGroup") + end + + it "to have property SubnetIds" do + expect(resource["Properties"]["SubnetIds"]).to eq({"Ref"=>"SubnetIds"}) + end + + it "to have property DBSubnetGroupDescription" do + expect(resource["Properties"]["DBSubnetGroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres subnets for the ${EnvironmentName} environment"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterParameterGroup" do + let(:resource) { template["Resources"]["DBClusterParameterGroup"] } + + it "is of type AWS::RDS::DBClusterParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBClusterParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres cluster parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql12") + end + + it "to have property Parameters" do + expect(resource["Properties"]["Parameters"]).to eq({"timezone"=>"UTC"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBCluster" do + let(:resource) { template["Resources"]["DBCluster"] } + + it "is of type AWS::RDS::DBCluster" do + expect(resource["Type"]).to eq("AWS::RDS::DBCluster") + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property DBClusterParameterGroupName" do + expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) + end + + it "to have property SnapshotIdentifier" do + expect(resource["Properties"]["SnapshotIdentifier"]).to eq({"Fn::If"=>["UseSnapshotID", {"Ref"=>"SnapshotID"}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUsername" do + expect(resource["Properties"]["MasterUsername"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_USERNAME"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUserPassword" do + expect(resource["Properties"]["MasterUserPassword"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm-secure:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_PASSWORD"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property VpcSecurityGroupIds" do + expect(resource["Properties"]["VpcSecurityGroupIds"]).to eq([{"Ref"=>"SecurityGroup"}]) + end + + it "to have property Port" do + expect(resource["Properties"]["Port"]).to eq(5432) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBInstanceParameterGroup" do + let(:resource) { template["Resources"]["DBInstanceParameterGroup"] } + + it "is of type AWS::RDS::DBParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres instance parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql12") + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterInstanceWriter" do + let(:resource) { template["Resources"]["DBClusterInstanceWriter"] } + + it "is of type AWS::RDS::DBInstance" do + expect(resource["Type"]).to eq("AWS::RDS::DBInstance") + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property DBParameterGroupName" do + expect(resource["Properties"]["DBParameterGroupName"]).to eq({"Ref"=>"DBInstanceParameterGroup"}) + end + + it "to have property DBClusterIdentifier" do + expect(resource["Properties"]["DBClusterIdentifier"]).to eq({"Ref"=>"DBCluster"}) + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property AutoMinorVersionUpgrade" do + expect(resource["Properties"]["AutoMinorVersionUpgrade"]).to eq(false) + end + + it "to have property PubliclyAccessible" do + expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") + end + + it "to have property DBInstanceClass" do + expect(resource["Properties"]["DBInstanceClass"]).to eq({"Ref"=>"WriterInstanceType"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterInstanceReader" do + let(:resource) { template["Resources"]["DBClusterInstanceReader"] } + + it "is of type AWS::RDS::DBInstance" do + expect(resource["Type"]).to eq("AWS::RDS::DBInstance") + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property DBParameterGroupName" do + expect(resource["Properties"]["DBParameterGroupName"]).to eq({"Ref"=>"DBInstanceParameterGroup"}) + end + + it "to have property DBClusterIdentifier" do + expect(resource["Properties"]["DBClusterIdentifier"]).to eq({"Ref"=>"DBCluster"}) + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property AutoMinorVersionUpgrade" do + expect(resource["Properties"]["AutoMinorVersionUpgrade"]).to eq(false) + end + + it "to have property PubliclyAccessible" do + expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") + end + + it "to have property DBInstanceClass" do + expect(resource["Properties"]["DBInstanceClass"]).to eq({"Ref"=>"ReaderInstanceType"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterReaderRecord" do + let(:resource) { template["Resources"]["DBClusterReaderRecord"] } + + it "is of type AWS::Route53::RecordSet" do + expect(resource["Type"]).to eq("AWS::Route53::RecordSet") + end + + it "to have property HostedZoneName" do + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Name" do + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg-read.${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Type" do + expect(resource["Properties"]["Type"]).to eq("CNAME") + end + + it "to have property TTL" do + expect(resource["Properties"]["TTL"]).to eq("60") + end + + it "to have property ResourceRecords" do + expect(resource["Properties"]["ResourceRecords"]).to eq([{"Fn::GetAtt"=>["DBCluster", "ReadEndpoint.Address"]}]) + end + + end + + context "DBHostRecord" do + let(:resource) { template["Resources"]["DBHostRecord"] } + + it "is of type AWS::Route53::RecordSet" do + expect(resource["Type"]).to eq("AWS::Route53::RecordSet") + end + + it "to have property HostedZoneName" do + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Name" do + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Type" do + expect(resource["Properties"]["Type"]).to eq("CNAME") + end + + it "to have property TTL" do + expect(resource["Properties"]["TTL"]).to eq("60") + end + + it "to have property ResourceRecords" do + expect(resource["Properties"]["ResourceRecords"]).to eq([{"Fn::GetAtt"=>["DBCluster", "Endpoint.Address"]}]) + end + + end + + end + +end \ No newline at end of file diff --git a/spec/enable_lambda_invoke_spec.rb b/spec/enable_lambda_invoke_spec.rb index f4228cc..c1dfc30 100644 --- a/spec/enable_lambda_invoke_spec.rb +++ b/spec/enable_lambda_invoke_spec.rb @@ -112,6 +112,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -194,6 +198,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -231,6 +239,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -253,11 +265,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg-read", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg-read.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do @@ -282,11 +294,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do diff --git a/spec/enable_s3_import_export_spec.rb b/spec/enable_s3_import_export_spec.rb index 7f1f915..0964939 100644 --- a/spec/enable_s3_import_export_spec.rb +++ b/spec/enable_s3_import_export_spec.rb @@ -270,11 +270,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg-read", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg-read.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do @@ -299,11 +299,11 @@ end it "to have property HostedZoneName" do - expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Join"=>["", [{"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) end it "to have property Name" do - expect(resource["Properties"]["Name"]).to eq({"Fn::Join"=>["", ["aurora2pg", ".", {"Ref"=>"EnvironmentName"}, ".", {"Ref"=>"DnsDomain"}, "."]]}) + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) end it "to have property Type" do diff --git a/spec/kms_spec.rb b/spec/kms_spec.rb index e0bf27f..c6f89ec 100644 --- a/spec/kms_spec.rb +++ b/spec/kms_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -181,6 +185,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -218,6 +226,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/spec/secrets_manager_spec.rb b/spec/secrets_manager_spec.rb index 5f423a8..3c63a87 100644 --- a/spec/secrets_manager_spec.rb +++ b/spec/secrets_manager_spec.rb @@ -108,6 +108,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -190,6 +194,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -227,6 +235,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq("9.6.12") + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/spec/serverless_spec.rb b/spec/serverless_spec.rb new file mode 100644 index 0000000..d2d79a1 --- /dev/null +++ b/spec/serverless_spec.rb @@ -0,0 +1,221 @@ +require 'yaml' + +describe 'compiled component aurora-postgres' do + + context 'cftest' do + it 'compiles test' do + expect(system("cfhighlander cftest #{@validate} --tests tests/serverless.test.yaml")).to be_truthy + end + end + + let(:template) { YAML.load_file("#{File.dirname(__FILE__)}/../out/tests/serverless/aurora-postgres.compiled.yaml") } + + context "Resource" do + + + context "SecurityGroup" do + let(:resource) { template["Resources"]["SecurityGroup"] } + + it "is of type AWS::EC2::SecurityGroup" do + expect(resource["Type"]).to eq("AWS::EC2::SecurityGroup") + end + + it "to have property VpcId" do + expect(resource["Properties"]["VpcId"]).to eq({"Ref"=>"VPCId"}) + end + + it "to have property GroupDescription" do + expect(resource["Properties"]["GroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres access for the ${EnvironmentName} environment"}) + end + + it "to have property SecurityGroupEgress" do + expect(resource["Properties"]["SecurityGroupEgress"]).to eq([{"CidrIp"=>"0.0.0.0/0", "Description"=>"outbound all for ports", "IpProtocol"=>-1}]) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterSubnetGroup" do + let(:resource) { template["Resources"]["DBClusterSubnetGroup"] } + + it "is of type AWS::RDS::DBSubnetGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBSubnetGroup") + end + + it "to have property SubnetIds" do + expect(resource["Properties"]["SubnetIds"]).to eq({"Ref"=>"SubnetIds"}) + end + + it "to have property DBSubnetGroupDescription" do + expect(resource["Properties"]["DBSubnetGroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres subnets for the ${EnvironmentName} environment"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterParameterGroup" do + let(:resource) { template["Resources"]["DBClusterParameterGroup"] } + + it "is of type AWS::RDS::DBClusterParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBClusterParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres cluster parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql14") + end + + it "to have property Parameters" do + expect(resource["Properties"]["Parameters"]).to eq({"timezone"=>"UTC"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBCluster" do + let(:resource) { template["Resources"]["DBCluster"] } + + it "is of type AWS::RDS::DBCluster" do + expect(resource["Type"]).to eq("AWS::RDS::DBCluster") + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(14.6) + end + + it "to have property DBClusterParameterGroupName" do + expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) + end + + it "to have property SnapshotIdentifier" do + expect(resource["Properties"]["SnapshotIdentifier"]).to eq({"Fn::If"=>["UseSnapshotID", {"Ref"=>"SnapshotID"}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUsername" do + expect(resource["Properties"]["MasterUsername"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_USERNAME"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUserPassword" do + expect(resource["Properties"]["MasterUserPassword"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm-secure:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_PASSWORD"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property VpcSecurityGroupIds" do + expect(resource["Properties"]["VpcSecurityGroupIds"]).to eq([{"Ref"=>"SecurityGroup"}]) + end + + it "to have property StorageEncrypted" do + expect(resource["Properties"]["StorageEncrypted"]).to eq(true) + end + + it "to have property Port" do + expect(resource["Properties"]["Port"]).to eq(5432) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + it "to have property EnableHttpEndpoint" do + expect(resource["Properties"]["EnableHttpEndpoint"]).to eq({"Ref"=>"EnableHttpEndpoint"}) + end + + it "to have property ServerlessV2ScalingConfiguration" do + expect(resource["Properties"]["ServerlessV2ScalingConfiguration"]).to eq({"MinCapacity"=>{"Ref"=>"MinCapacity"}, "MaxCapacity"=>{"Ref"=>"MaxCapacity"}}) + end + + end + + context "DBInstanceParameterGroup" do + let(:resource) { template["Resources"]["DBInstanceParameterGroup"] } + + it "is of type AWS::RDS::DBParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres instance parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql14") + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "ServerlessDBInstance" do + let(:resource) { template["Resources"]["ServerlessDBInstance"] } + + it "is of type AWS::RDS::DBInstance" do + expect(resource["Type"]).to eq("AWS::RDS::DBInstance") + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property DBInstanceClass" do + expect(resource["Properties"]["DBInstanceClass"]).to eq("db.serverless") + end + + it "to have property DBClusterIdentifier" do + expect(resource["Properties"]["DBClusterIdentifier"]).to eq({"Ref"=>"DBCluster"}) + end + + end + + context "DBHostRecord" do + let(:resource) { template["Resources"]["DBHostRecord"] } + + it "is of type AWS::Route53::RecordSet" do + expect(resource["Type"]).to eq("AWS::Route53::RecordSet") + end + + it "to have property HostedZoneName" do + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Name" do + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Type" do + expect(resource["Properties"]["Type"]).to eq("CNAME") + end + + it "to have property TTL" do + expect(resource["Properties"]["TTL"]).to eq("60") + end + + it "to have property ResourceRecords" do + expect(resource["Properties"]["ResourceRecords"]).to eq([{"Fn::GetAtt"=>["DBCluster", "Endpoint.Address"]}]) + end + + end + + end + +end \ No newline at end of file diff --git a/spec/set_maintenance_window_spec.rb b/spec/set_maintenance_window_spec.rb new file mode 100644 index 0000000..09f398b --- /dev/null +++ b/spec/set_maintenance_window_spec.rb @@ -0,0 +1,311 @@ +require 'yaml' + +describe 'compiled component aurora-postgres' do + + context 'cftest' do + it 'compiles test' do + expect(system("cfhighlander cftest #{@validate} --tests tests/set_maintenance_window.test.yaml")).to be_truthy + end + end + + let(:template) { YAML.load_file("#{File.dirname(__FILE__)}/../out/tests/set_maintenance_window/aurora-postgres.compiled.yaml") } + + context "Resource" do + + + context "SecurityGroup" do + let(:resource) { template["Resources"]["SecurityGroup"] } + + it "is of type AWS::EC2::SecurityGroup" do + expect(resource["Type"]).to eq("AWS::EC2::SecurityGroup") + end + + it "to have property VpcId" do + expect(resource["Properties"]["VpcId"]).to eq({"Ref"=>"VPCId"}) + end + + it "to have property GroupDescription" do + expect(resource["Properties"]["GroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres access for the ${EnvironmentName} environment"}) + end + + it "to have property SecurityGroupEgress" do + expect(resource["Properties"]["SecurityGroupEgress"]).to eq([{"CidrIp"=>"0.0.0.0/0", "Description"=>"outbound all for ports", "IpProtocol"=>-1}]) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterSubnetGroup" do + let(:resource) { template["Resources"]["DBClusterSubnetGroup"] } + + it "is of type AWS::RDS::DBSubnetGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBSubnetGroup") + end + + it "to have property SubnetIds" do + expect(resource["Properties"]["SubnetIds"]).to eq({"Ref"=>"SubnetIds"}) + end + + it "to have property DBSubnetGroupDescription" do + expect(resource["Properties"]["DBSubnetGroupDescription"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres subnets for the ${EnvironmentName} environment"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterParameterGroup" do + let(:resource) { template["Resources"]["DBClusterParameterGroup"] } + + it "is of type AWS::RDS::DBClusterParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBClusterParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres cluster parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql12") + end + + it "to have property Parameters" do + expect(resource["Properties"]["Parameters"]).to eq({"timezone"=>"UTC"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBCluster" do + let(:resource) { template["Resources"]["DBCluster"] } + + it "is of type AWS::RDS::DBCluster" do + expect(resource["Type"]).to eq("AWS::RDS::DBCluster") + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property DBClusterParameterGroupName" do + expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) + end + + it "to have property PreferredMaintenanceWindow" do + expect(resource["Properties"]["PreferredMaintenanceWindow"]).to eq("Sun:05:00-Sun:06:00") + end + + it "to have property SnapshotIdentifier" do + expect(resource["Properties"]["SnapshotIdentifier"]).to eq({"Fn::If"=>["UseSnapshotID", {"Ref"=>"SnapshotID"}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUsername" do + expect(resource["Properties"]["MasterUsername"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_USERNAME"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property MasterUserPassword" do + expect(resource["Properties"]["MasterUserPassword"]).to eq({"Fn::If"=>["UseUsernameAndPassword", {"Fn::Join"=>["", ["{{resolve:ssm-secure:", {"Fn::Sub"=>"/rds/AURORA_POSTGRES_MASTER_PASSWORD"}, ":1}}"]]}, {"Ref"=>"AWS::NoValue"}]}) + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property VpcSecurityGroupIds" do + expect(resource["Properties"]["VpcSecurityGroupIds"]).to eq([{"Ref"=>"SecurityGroup"}]) + end + + it "to have property Port" do + expect(resource["Properties"]["Port"]).to eq(5432) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBInstanceParameterGroup" do + let(:resource) { template["Resources"]["DBInstanceParameterGroup"] } + + it "is of type AWS::RDS::DBParameterGroup" do + expect(resource["Type"]).to eq("AWS::RDS::DBParameterGroup") + end + + it "to have property Description" do + expect(resource["Properties"]["Description"]).to eq({"Fn::Sub"=>"Aurora postgres aurora-postgres instance parameters for the ${EnvironmentName} environment"}) + end + + it "to have property Family" do + expect(resource["Properties"]["Family"]).to eq("aurora-postgresql12") + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterInstanceWriter" do + let(:resource) { template["Resources"]["DBClusterInstanceWriter"] } + + it "is of type AWS::RDS::DBInstance" do + expect(resource["Type"]).to eq("AWS::RDS::DBInstance") + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property DBParameterGroupName" do + expect(resource["Properties"]["DBParameterGroupName"]).to eq({"Ref"=>"DBInstanceParameterGroup"}) + end + + it "to have property DBClusterIdentifier" do + expect(resource["Properties"]["DBClusterIdentifier"]).to eq({"Ref"=>"DBCluster"}) + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property PreferredMaintenanceWindow" do + expect(resource["Properties"]["PreferredMaintenanceWindow"]).to eq("Sun:06:00-Sun:07:00") + end + + it "to have property PubliclyAccessible" do + expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") + end + + it "to have property DBInstanceClass" do + expect(resource["Properties"]["DBInstanceClass"]).to eq({"Ref"=>"WriterInstanceType"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterInstanceReader" do + let(:resource) { template["Resources"]["DBClusterInstanceReader"] } + + it "is of type AWS::RDS::DBInstance" do + expect(resource["Type"]).to eq("AWS::RDS::DBInstance") + end + + it "to have property DBSubnetGroupName" do + expect(resource["Properties"]["DBSubnetGroupName"]).to eq({"Ref"=>"DBClusterSubnetGroup"}) + end + + it "to have property DBParameterGroupName" do + expect(resource["Properties"]["DBParameterGroupName"]).to eq({"Ref"=>"DBInstanceParameterGroup"}) + end + + it "to have property DBClusterIdentifier" do + expect(resource["Properties"]["DBClusterIdentifier"]).to eq({"Ref"=>"DBCluster"}) + end + + it "to have property Engine" do + expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") + end + + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(12.1) + end + + it "to have property PreferredMaintenanceWindow" do + expect(resource["Properties"]["PreferredMaintenanceWindow"]).to eq("Sun:08:00-Sun:09:00") + end + + it "to have property PubliclyAccessible" do + expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") + end + + it "to have property DBInstanceClass" do + expect(resource["Properties"]["DBInstanceClass"]).to eq({"Ref"=>"ReaderInstanceType"}) + end + + it "to have property Tags" do + expect(resource["Properties"]["Tags"]).to eq([{"Key"=>"Name", "Value"=>{"Fn::Sub"=>"${EnvironmentName}-aurora-postgres"}}, {"Key"=>"Environment", "Value"=>{"Ref"=>"EnvironmentName"}}, {"Key"=>"EnvironmentType", "Value"=>{"Ref"=>"EnvironmentType"}}]) + end + + end + + context "DBClusterReaderRecord" do + let(:resource) { template["Resources"]["DBClusterReaderRecord"] } + + it "is of type AWS::Route53::RecordSet" do + expect(resource["Type"]).to eq("AWS::Route53::RecordSet") + end + + it "to have property HostedZoneName" do + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Name" do + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg-read.${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Type" do + expect(resource["Properties"]["Type"]).to eq("CNAME") + end + + it "to have property TTL" do + expect(resource["Properties"]["TTL"]).to eq("60") + end + + it "to have property ResourceRecords" do + expect(resource["Properties"]["ResourceRecords"]).to eq([{"Fn::GetAtt"=>["DBCluster", "ReadEndpoint.Address"]}]) + end + + end + + context "DBHostRecord" do + let(:resource) { template["Resources"]["DBHostRecord"] } + + it "is of type AWS::Route53::RecordSet" do + expect(resource["Type"]).to eq("AWS::Route53::RecordSet") + end + + it "to have property HostedZoneName" do + expect(resource["Properties"]["HostedZoneName"]).to eq({"Fn::Sub"=>"${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Name" do + expect(resource["Properties"]["Name"]).to eq({"Fn::Sub"=>"aurora2pg.${EnvironmentName}.${DnsDomain}."}) + end + + it "to have property Type" do + expect(resource["Properties"]["Type"]).to eq("CNAME") + end + + it "to have property TTL" do + expect(resource["Properties"]["TTL"]).to eq("60") + end + + it "to have property ResourceRecords" do + expect(resource["Properties"]["ResourceRecords"]).to eq([{"Fn::GetAtt"=>["DBCluster", "Endpoint.Address"]}]) + end + + end + + end + +end \ No newline at end of file diff --git a/spec/tags_spec.rb b/spec/tags_spec.rb index bde0c73..72e51a1 100644 --- a/spec/tags_spec.rb +++ b/spec/tags_spec.rb @@ -95,6 +95,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property DBClusterParameterGroupName" do expect(resource["Properties"]["DBClusterParameterGroupName"]).to eq({"Ref"=>"DBClusterParameterGroup"}) end @@ -177,6 +181,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end @@ -214,6 +222,10 @@ expect(resource["Properties"]["Engine"]).to eq("aurora-postgresql") end + it "to have property EngineVersion" do + expect(resource["Properties"]["EngineVersion"]).to eq(9.6) + end + it "to have property PubliclyAccessible" do expect(resource["Properties"]["PubliclyAccessible"]).to eq("false") end diff --git a/tests/cloudwatch_log_exports.test.yaml b/tests/cloudwatch_log_exports.test.yaml index a912c25..79f2d65 100644 --- a/tests/cloudwatch_log_exports.test.yaml +++ b/tests/cloudwatch_log_exports.test.yaml @@ -4,7 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 cloudwatch_log_exports: - postgresql \ No newline at end of file diff --git a/tests/database_name_parameter.test.yaml b/tests/database_name_parameter.test.yaml index 3628f89..834bf82 100644 --- a/tests/database_name_parameter.test.yaml +++ b/tests/database_name_parameter.test.yaml @@ -7,7 +7,7 @@ test_parameters: DatabaseName: mydb family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 storage_encrypted: true database_name: ${DatabaseName} \ No newline at end of file diff --git a/tests/database_parameters.test.yaml b/tests/database_parameters.test.yaml index 280a8aa..aa3afdc 100644 --- a/tests/database_parameters.test.yaml +++ b/tests/database_parameters.test.yaml @@ -4,7 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 cluster_parameters: ssl_min_protocol_version: TLSv1.2 diff --git a/tests/default.test.yaml b/tests/default.test.yaml index 5245dc4..5ced3e1 100644 --- a/tests/default.test.yaml +++ b/tests/default.test.yaml @@ -4,5 +4,5 @@ test_metadata: description: set the description for your test family: aurora-postgresql9.6 -engine: 9.6.12 +engine_version: 9.6.12 storage_encrypted: true diff --git a/tests/disable_auto_minor_version_update.test.yaml b/tests/disable_auto_minor_version_update.test.yaml index aca91b1..75ffbbe 100644 --- a/tests/disable_auto_minor_version_update.test.yaml +++ b/tests/disable_auto_minor_version_update.test.yaml @@ -4,6 +4,6 @@ test_metadata: description: set the description for your test family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 minor_upgrade: false \ No newline at end of file diff --git a/tests/enable_lambda_invoke.test.yaml b/tests/enable_lambda_invoke.test.yaml index d7285b0..95fbd9c 100644 --- a/tests/enable_lambda_invoke.test.yaml +++ b/tests/enable_lambda_invoke.test.yaml @@ -7,7 +7,7 @@ test_parameters: MyFunction: postgres-lambda family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 invoke_lambdas: - my-function diff --git a/tests/enable_s3_import_export.test.yaml b/tests/enable_s3_import_export.test.yaml index 36f6dcc..3f014fe 100644 --- a/tests/enable_s3_import_export.test.yaml +++ b/tests/enable_s3_import_export.test.yaml @@ -4,7 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 s3_import: postgres-data-import-bucket s3_export: postgres-data-export-bucket diff --git a/tests/kms.test.yaml b/tests/kms.test.yaml index 7cffcf0..6d86b8a 100644 --- a/tests/kms.test.yaml +++ b/tests/kms.test.yaml @@ -4,5 +4,6 @@ test_metadata: description: set the description for your test family: aurora-postgresql9.6 +engine_version: 9.6 storage_encrypted: true kms: true \ No newline at end of file diff --git a/tests/secrets_manager.test.yaml b/tests/secrets_manager.test.yaml index f9cfe4f..1df7e63 100644 --- a/tests/secrets_manager.test.yaml +++ b/tests/secrets_manager.test.yaml @@ -4,7 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql9.6 -engine: 9.6.12 +engine_version: 9.6.12 storage_encrypted: true secret_username: true diff --git a/tests/security_group.test.yaml b/tests/security_group.test.yaml index 6ec48e3..5465305 100644 --- a/tests/security_group.test.yaml +++ b/tests/security_group.test.yaml @@ -4,6 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql9.6 +engine_version: 9.6 storage_encrypted: true security_group_rules: diff --git a/tests/serverless.test.yaml b/tests/serverless.test.yaml new file mode 100644 index 0000000..dc0cce4 --- /dev/null +++ b/tests/serverless.test.yaml @@ -0,0 +1,9 @@ +test_metadata: + type: config + name: serverless + description: test config for aurora serverless v2 + +family: aurora-postgresql14 +engine_version: 14.6 +storage_encrypted: true +engine_mode: serverless diff --git a/tests/set_maintenance_window.test.yaml b/tests/set_maintenance_window.test.yaml index 7d370f6..c7f230b 100644 --- a/tests/set_maintenance_window.test.yaml +++ b/tests/set_maintenance_window.test.yaml @@ -4,7 +4,7 @@ test_metadata: description: set the cluster and db instance maintenance windows family: aurora-postgresql12 -engine: 12.10 +engine_version: 12.10 cluster_maintenance_window: Sun:05:00-Sun:06:00 writer_maintenance_window: Sun:06:00-Sun:07:00 diff --git a/tests/tags.test.yaml b/tests/tags.test.yaml index 257385b..b9e366c 100644 --- a/tests/tags.test.yaml +++ b/tests/tags.test.yaml @@ -4,6 +4,7 @@ test_metadata: description: set the description for your test family: aurora-postgresql9.6 +engine_version: 9.6 storage_encrypted: true tags: