From 2f0ab344b896cb1bd1c373113d0609f1bb203eb9 Mon Sep 17 00:00:00 2001 From: Samson Keung Date: Sat, 18 Jan 2025 07:13:19 +0000 Subject: [PATCH] snapshot updates --- .../cdk-dynamodb-global-20191121.assets.json | 10 +-- ...cdk-dynamodb-global-20191121.template.json | 2 +- .../test/integ.global.js.snapshot/cdk.out | 2 +- ...plicaProviderB281C954.nested.template.json | 54 +++++++++++++++ ...efaultTestDeployAssert469C3611.assets.json | 2 +- .../test/integ.global.js.snapshot/integ.json | 2 +- .../integ.global.js.snapshot/manifest.json | 4 +- .../test/integ.global.js.snapshot/tree.json | 56 ++++++++++++++- .../index.js | 1 - .../__entrypoint__.js | 0 .../index.js | 1 + .../aws-cdk-eks-cluster.assets.json | 18 ++--- .../aws-cdk-eks-cluster.template.json | 9 ++- ...ourceProvider0DD9B7A4.nested.template.json | 54 +++++++++++++++ ...bectlProvider12A12654.nested.template.json | 10 +++ .../manifest.json | 2 +- .../integ.eks-cluster.js.snapshot/tree.json | 68 ++++++++++++++++++- 17 files changed, 265 insertions(+), 30 deletions(-) delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/index.js rename packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/{asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4 => asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8}/__entrypoint__.js (100%) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/index.js diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.assets.json index f9b2cd3d7a07b..8012b256625e8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.assets.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "39.0.0", "files": { "654051b03fb3684cba885b9015a42237db092a98a4fd2ffc75f07919dde1aca4": { "source": { @@ -29,7 +29,7 @@ } } }, - "4d7e876e7ecbd787c769dbfe05917a92bbc63c8b98b3a2df7e1241181df05af3": { + "41871c36854ad8fb935ae46cbc99d707a2d39015497f4991e9334950f734d47d": { "source": { "path": "cdkdynamodbglobal20191121awscdkawsdynamodbReplicaProviderB281C954.nested.template.json", "packaging": "file" @@ -37,13 +37,13 @@ "destinations": { "current_account-eu-west-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1", - "objectKey": "4d7e876e7ecbd787c769dbfe05917a92bbc63c8b98b3a2df7e1241181df05af3.json", + "objectKey": "41871c36854ad8fb935ae46cbc99d707a2d39015497f4991e9334950f734d47d.json", "region": "eu-west-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-eu-west-1" } } }, - "ec56f75e99fdad3fc57d97dd801c0407cf59d417ca10eed91a89137df3c9fe4e": { + "1d727ef0a8572d10483da5fd458c84b16999aea5c06457cc58c7885b85bc2fa0": { "source": { "path": "cdk-dynamodb-global-20191121.template.json", "packaging": "file" @@ -51,7 +51,7 @@ "destinations": { "current_account-eu-west-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1", - "objectKey": "ec56f75e99fdad3fc57d97dd801c0407cf59d417ca10eed91a89137df3c9fe4e.json", + "objectKey": "1d727ef0a8572d10483da5fd458c84b16999aea5c06457cc58c7885b85bc2fa0.json", "region": "eu-west-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-eu-west-1" } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.template.json index f19cba1656208..6e376e364f83f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk-dynamodb-global-20191121.template.json @@ -246,7 +246,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1" }, - "/4d7e876e7ecbd787c769dbfe05917a92bbc63c8b98b3a2df7e1241181df05af3.json" + "/41871c36854ad8fb935ae46cbc99d707a2d39015497f4991e9334950f734d47d.json" ] ] } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk.out index c6e612584e352..91e1a8b9901d5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"38.0.1"} \ No newline at end of file +{"version":"39.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121awscdkawsdynamodbReplicaProviderB281C954.nested.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121awscdkawsdynamodbReplicaProviderB281C954.nested.template.json index bb76c37deb310..d4d205c7c5632 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121awscdkawsdynamodbReplicaProviderB281C954.nested.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121awscdkawsdynamodbReplicaProviderB281C954.nested.template.json @@ -275,6 +275,24 @@ } ] }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] + }, { "Action": "states:StartExecution", "Effect": "Allow", @@ -418,6 +436,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -552,6 +588,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121testDefaultTestDeployAssert469C3611.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121testDefaultTestDeployAssert469C3611.assets.json index d8f80122f5615..a0ec03a5cc475 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121testDefaultTestDeployAssert469C3611.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/cdkdynamodbglobal20191121testDefaultTestDeployAssert469C3611.assets.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "39.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/integ.json index 0cab16bb8c2fc..13aa54ae8e81a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "39.0.0", "testCases": { "cdk-dynamodb-global-20191121-test/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/manifest.json index 3ce9d93e29ef5..ffff868a6b351 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "39.0.0", "artifacts": { "cdk-dynamodb-global-20191121.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-eu-west-1", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-eu-west-1", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1/ec56f75e99fdad3fc57d97dd801c0407cf59d417ca10eed91a89137df3c9fe4e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1/1d727ef0a8572d10483da5fd458c84b16999aea5c06457cc58c7885b85bc2fa0.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/tree.json index 979f0ec66eb30..ce2b05e32ea8c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-dynamodb/test/integ.global.js.snapshot/tree.json @@ -788,6 +788,24 @@ } ] }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] + }, { "Action": "states:StartExecution", "Effect": "Allow", @@ -1015,6 +1033,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -1233,6 +1269,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -1652,7 +1706,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1" }, - "/4d7e876e7ecbd787c769dbfe05917a92bbc63c8b98b3a2df7e1241181df05af3.json" + "/41871c36854ad8fb935ae46cbc99d707a2d39015497f4991e9334950f734d47d.json" ] ] } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/index.js deleted file mode 100644 index 83d106fd4d4b5..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/index.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";var v=Object.create;var l=Object.defineProperty;var y=Object.getOwnPropertyDescriptor;var O=Object.getOwnPropertyNames;var w=Object.getPrototypeOf,R=Object.prototype.hasOwnProperty;var A=(e,r)=>{for(var t in r)l(e,t,{get:r[t],enumerable:!0})},D=(e,r,t,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let o of O(r))!R.call(e,o)&&o!==t&&l(e,o,{get:()=>r[o],enumerable:!(i=y(r,o))||i.enumerable});return e};var m=(e,r,t)=>(t=e!=null?v(w(e)):{},D(r||!e||!e.__esModule?l(t,"default",{value:e,enumerable:!0}):t,e)),$=e=>D(l({},"__esModule",{value:!0}),e);var j={};A(j,{handler:()=>x});module.exports=$(j);function h(e,r){let t=new Set(e),i=new Set;for(let o of new Set(r))t.has(o)?t.delete(o):i.add(o);return{adds:Array.from(i),deletes:Array.from(t)}}var g=m(require("tls")),P=m(require("url")),T=m(require("@aws-sdk/client-iam")),C;function u(){return C||(C=new T.IAM({})),C}function U(e,...r){console.log(e,...r)}async function L(e,r){return new Promise((t,i)=>{let o=P.parse(e),p=o.port?parseInt(o.port,10):443;if(!o.host)return i(new Error(`unable to determine host from issuer url ${e}`));n.log(`Fetching x509 certificate chain from issuer ${e}`);let s=g.connect(p,o.host,{rejectUnauthorized:r,servername:o.host});s.once("error",i),s.once("secureConnect",()=>{let a=s.getPeerX509Certificate();if(!a)throw new Error(`Unable to retrieve X509 certificate from host ${o.host}`);for(;a.issuerCertificate;)E(a),a=a.issuerCertificate;let d=new Date(a.validTo),c=S(d);if(c<0)return i(new Error(`The certificate has already expired on: ${d.toUTCString()}`));c<180&&console.warn(`The root certificate obtained would expire in ${c} days!`),s.end();let I=f(a);n.log(`Certificate Authority thumbprint for ${e} is ${I}`),t(I)})})}function f(e){return e.fingerprint.split(":").join("")}function E(e){n.log("-------------BEGIN CERT----------------"),n.log(`Thumbprint: ${f(e)}`),n.log(`Valid To: ${e.validTo}`),e.issuerCertificate&&n.log(`Issuer Thumbprint: ${f(e.issuerCertificate)}`),n.log(`Issuer: ${e.issuer}`),n.log(`Subject: ${e.subject}`),n.log("-------------END CERT------------------")}function S(e){let t=new Date;return Math.round((e.getTime()-t.getTime())/864e5)}var n={downloadThumbprint:L,log:U,createOpenIDConnectProvider:e=>u().createOpenIDConnectProvider(e),deleteOpenIDConnectProvider:e=>u().deleteOpenIDConnectProvider(e),updateOpenIDConnectProviderThumbprint:e=>u().updateOpenIDConnectProviderThumbprint(e),addClientIDToOpenIDConnectProvider:e=>u().addClientIDToOpenIDConnectProvider(e),removeClientIDFromOpenIDConnectProvider:e=>u().removeClientIDFromOpenIDConnectProvider(e)};async function x(e){if(e.RequestType==="Create")return b(e);if(e.RequestType==="Update")return F(e);if(e.RequestType==="Delete")return k(e);throw new Error("invalid request type")}async function b(e){let r=e.ResourceProperties.Url,t=(e.ResourceProperties.ThumbprintList??[]).sort(),i=(e.ResourceProperties.ClientIDList??[]).sort(),o=e.ResourceProperties.RejectUnauthorized??!1;return t.length===0&&t.push(await n.downloadThumbprint(r,o)),{PhysicalResourceId:(await n.createOpenIDConnectProvider({Url:r,ClientIDList:i,ThumbprintList:t})).OpenIDConnectProviderArn,Data:{Thumbprints:JSON.stringify(t)}}}async function F(e){let r=e.ResourceProperties.Url,t=(e.ResourceProperties.ThumbprintList??[]).sort(),i=(e.ResourceProperties.ClientIDList??[]).sort(),o=e.ResourceProperties.RejectUnauthorized??!1;if(e.OldResourceProperties.Url!==r)return b({...e,RequestType:"Create"});let s=e.PhysicalResourceId;t.length===0&&t.push(await n.downloadThumbprint(r,o)),n.log("updating thumbprint to",t),await n.updateOpenIDConnectProviderThumbprint({OpenIDConnectProviderArn:s,ThumbprintList:t});let a=(e.OldResourceProperties.ClientIDList||[]).sort(),d=h(a,i);n.log(`client ID diff: ${JSON.stringify(d)}`);for(let c of d.adds)n.log(`adding client id "${c}" to provider ${s}`),await n.addClientIDToOpenIDConnectProvider({OpenIDConnectProviderArn:s,ClientID:c});for(let c of d.deletes)n.log(`removing client id "${c}" from provider ${s}`),await n.removeClientIDFromOpenIDConnectProvider({OpenIDConnectProviderArn:s,ClientID:c});return{Data:{Thumbprints:JSON.stringify(t)}}}async function k(e){await n.deleteOpenIDConnectProvider({OpenIDConnectProviderArn:e.PhysicalResourceId})}0&&(module.exports={handler}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/__entrypoint__.js b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/__entrypoint__.js similarity index 100% rename from packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4/__entrypoint__.js rename to packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/__entrypoint__.js diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/index.js new file mode 100644 index 0000000000000..a7356c1d940f0 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8/index.js @@ -0,0 +1 @@ +"use strict";var v=Object.create;var l=Object.defineProperty;var b=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var O=Object.getPrototypeOf,w=Object.prototype.hasOwnProperty;var R=(e,r)=>{for(var t in r)l(e,t,{get:r[t],enumerable:!0})},I=(e,r,t,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let i of y(r))!w.call(e,i)&&i!==t&&l(e,i,{get:()=>r[i],enumerable:!(o=b(r,i))||o.enumerable});return e};var p=(e,r,t)=>(t=e!=null?v(O(e)):{},I(r||!e||!e.__esModule?l(t,"default",{value:e,enumerable:!0}):t,e)),A=e=>I(l({},"__esModule",{value:!0}),e);var k={};R(k,{handler:()=>U});module.exports=A(k);function D(e,r){let t=new Set(e),o=new Set;for(let i of new Set(r))t.has(i)?t.delete(i):o.add(i);return{adds:Array.from(o),deletes:Array.from(t)}}var h=p(require("tls")),g=p(require("url")),P=p(require("@aws-sdk/client-iam")),m;function u(){return m||(m=new P.IAM({})),m}function $(e,...r){console.log(e,...r)}async function L(e){return new Promise((r,t)=>{let o=g.parse(e),i=o.port?parseInt(o.port,10):443;if(!o.host)return t(new Error(`unable to determine host from issuer url ${e}`));n.log(`Fetching x509 certificate chain from issuer ${e}`);let s=h.connect(i,o.host,{rejectUnauthorized:!1,servername:o.host});s.once("error",t),s.once("secureConnect",()=>{let a=s.getPeerX509Certificate();if(!a)throw new Error(`Unable to retrieve X509 certificate from host ${o.host}`);for(;a.issuerCertificate;)E(a),a=a.issuerCertificate;let d=new Date(a.validTo),c=S(d);if(c<0)return t(new Error(`The certificate has already expired on: ${d.toUTCString()}`));c<180&&console.warn(`The root certificate obtained would expire in ${c} days!`),s.end();let f=C(a);n.log(`Certificate Authority thumbprint for ${e} is ${f}`),r(f)})})}function C(e){return e.fingerprint.split(":").join("")}function E(e){n.log("-------------BEGIN CERT----------------"),n.log(`Thumbprint: ${C(e)}`),n.log(`Valid To: ${e.validTo}`),e.issuerCertificate&&n.log(`Issuer Thumbprint: ${C(e.issuerCertificate)}`),n.log(`Issuer: ${e.issuer}`),n.log(`Subject: ${e.subject}`),n.log("-------------END CERT------------------")}function S(e){let t=new Date;return Math.round((e.getTime()-t.getTime())/864e5)}var n={downloadThumbprint:L,log:$,createOpenIDConnectProvider:e=>u().createOpenIDConnectProvider(e),deleteOpenIDConnectProvider:e=>u().deleteOpenIDConnectProvider(e),updateOpenIDConnectProviderThumbprint:e=>u().updateOpenIDConnectProviderThumbprint(e),addClientIDToOpenIDConnectProvider:e=>u().addClientIDToOpenIDConnectProvider(e),removeClientIDFromOpenIDConnectProvider:e=>u().removeClientIDFromOpenIDConnectProvider(e)};async function U(e){if(e.RequestType==="Create")return T(e);if(e.RequestType==="Update")return x(e);if(e.RequestType==="Delete")return F(e);throw new Error("invalid request type")}async function T(e){let r=e.ResourceProperties.Url,t=(e.ResourceProperties.ThumbprintList??[]).sort(),o=(e.ResourceProperties.ClientIDList??[]).sort();return t.length===0&&t.push(await n.downloadThumbprint(r)),{PhysicalResourceId:(await n.createOpenIDConnectProvider({Url:r,ClientIDList:o,ThumbprintList:t})).OpenIDConnectProviderArn,Data:{Thumbprints:JSON.stringify(t)}}}async function x(e){let r=e.ResourceProperties.Url,t=(e.ResourceProperties.ThumbprintList??[]).sort(),o=(e.ResourceProperties.ClientIDList??[]).sort();if(e.OldResourceProperties.Url!==r)return T({...e,RequestType:"Create"});let s=e.PhysicalResourceId;t.length===0&&t.push(await n.downloadThumbprint(r)),n.log("updating thumbprint to",t),await n.updateOpenIDConnectProviderThumbprint({OpenIDConnectProviderArn:s,ThumbprintList:t});let a=(e.OldResourceProperties.ClientIDList||[]).sort(),d=D(a,o);n.log(`client ID diff: ${JSON.stringify(d)}`);for(let c of d.adds)n.log(`adding client id "${c}" to provider ${s}`),await n.addClientIDToOpenIDConnectProvider({OpenIDConnectProviderArn:s,ClientID:c});for(let c of d.deletes)n.log(`removing client id "${c}" from provider ${s}`),await n.removeClientIDFromOpenIDConnectProvider({OpenIDConnectProviderArn:s,ClientID:c});return{Data:{Thumbprints:JSON.stringify(t)}}}async function F(e){await n.deleteOpenIDConnectProvider({OpenIDConnectProviderArn:e.PhysicalResourceId})}0&&(module.exports={handler}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.assets.json index 4aa9573bc3236..84c3bd8aa26ec 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.assets.json @@ -99,15 +99,15 @@ } } }, - "2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4": { + "a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8": { "source": { - "path": "asset.2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4", + "path": "asset.a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8", "packaging": "zip" }, "destinations": { "current_account-us-east-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", - "objectKey": "2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4.zip", + "objectKey": "a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8.zip", "region": "us-east-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" } @@ -127,7 +127,7 @@ } } }, - "9bd33d1e1eaf1b892712d7a7b59b910c69acb11b6aaf47a6daf626f86dd9e3d4": { + "3267a3b1db64e4c841c97465b9b19a18f2e1cd61b6b4e4d5a64efab66ffc6ad2": { "source": { "path": "awscdkeksclusterawscdkawseksClusterResourceProvider0DD9B7A4.nested.template.json", "packaging": "file" @@ -135,13 +135,13 @@ "destinations": { "current_account-us-east-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", - "objectKey": "9bd33d1e1eaf1b892712d7a7b59b910c69acb11b6aaf47a6daf626f86dd9e3d4.json", + "objectKey": "3267a3b1db64e4c841c97465b9b19a18f2e1cd61b6b4e4d5a64efab66ffc6ad2.json", "region": "us-east-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" } } }, - "da09b37fcfde017272055109722f2f32f25601dceb8b92afac0c7b1138e385ad": { + "35067f83e0ebfaa3b05a893a5515c610d6f041dc30357c3598893cb8ed1ab3b1": { "source": { "path": "awscdkeksclusterawscdkawseksKubectlProvider12A12654.nested.template.json", "packaging": "file" @@ -149,13 +149,13 @@ "destinations": { "current_account-us-east-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", - "objectKey": "da09b37fcfde017272055109722f2f32f25601dceb8b92afac0c7b1138e385ad.json", + "objectKey": "35067f83e0ebfaa3b05a893a5515c610d6f041dc30357c3598893cb8ed1ab3b1.json", "region": "us-east-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" } } }, - "4f1921a793fcac887efa8ca9ebcf007c115a05af390b2f47d96b5e38bfe6f33c": { + "f6d4f3f8cb9abd05931e599b7079f5a1a5a1d0d31d2d7b1ca1cbe2c672525360": { "source": { "path": "aws-cdk-eks-cluster.template.json", "packaging": "file" @@ -163,7 +163,7 @@ "destinations": { "current_account-us-east-1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1", - "objectKey": "4f1921a793fcac887efa8ca9ebcf007c115a05af390b2f47d96b5e38bfe6f33c.json", + "objectKey": "f6d4f3f8cb9abd05931e599b7079f5a1a5a1d0d31d2d7b1ca1cbe2c672525360.json", "region": "us-east-1", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-1" } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.template.json index c05b0337afd2c..966a50f47d538 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/aws-cdk-eks-cluster.template.json @@ -4144,8 +4144,7 @@ "OpenIdConnectIssuerUrl" ] }, - "RejectUnauthorized": false, - "CodeHash": "2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4" + "CodeHash": "a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -4282,7 +4281,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" }, - "/9bd33d1e1eaf1b892712d7a7b59b910c69acb11b6aaf47a6daf626f86dd9e3d4.json" + "/3267a3b1db64e4c841c97465b9b19a18f2e1cd61b6b4e4d5a64efab66ffc6ad2.json" ] ] } @@ -4328,7 +4327,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" }, - "/da09b37fcfde017272055109722f2f32f25601dceb8b92afac0c7b1138e385ad.json" + "/35067f83e0ebfaa3b05a893a5515c610d6f041dc30357c3598893cb8ed1ab3b1.json" ] ] } @@ -4446,7 +4445,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" }, - "S3Key": "2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4.zip" + "S3Key": "a4796a13d6463dc004e4c4a2558caba37e681d86598515bae73669dde9bc73c8.zip" }, "Timeout": 900, "MemorySize": 128, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksClusterResourceProvider0DD9B7A4.nested.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksClusterResourceProvider0DD9B7A4.nested.template.json index dcf3dedba88af..e4b564a5e43a8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksClusterResourceProvider0DD9B7A4.nested.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksClusterResourceProvider0DD9B7A4.nested.template.json @@ -224,6 +224,24 @@ } ] }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] + }, { "Action": "states:StartExecution", "Effect": "Allow", @@ -367,6 +385,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -501,6 +537,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksKubectlProvider12A12654.nested.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksKubectlProvider12A12654.nested.template.json index 56e685847c928..840b678d3905b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksKubectlProvider12A12654.nested.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/awscdkeksclusterawscdkawseksKubectlProvider12A12654.nested.template.json @@ -132,6 +132,16 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "Handler886CB40B", + "Arn" + ] + } } ], "Version": "2012-10-17" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/manifest.json index ea82c49cc0e51..aba299ce3722d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-us-east-1", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-us-east-1", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1/4f1921a793fcac887efa8ca9ebcf007c115a05af390b2f47d96b5e38bfe6f33c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1/f6d4f3f8cb9abd05931e599b7079f5a1a5a1d0d31d2d7b1ca1cbe2c672525360.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/tree.json index b40d996af7b71..695db1ae65c3e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-cluster.js.snapshot/tree.json @@ -5958,6 +5958,24 @@ } ] }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] + }, { "Action": "states:StartExecution", "Effect": "Allow", @@ -6185,6 +6203,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -6403,6 +6439,24 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsCompleteHandler7073F4DA", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEventHandler42BEBAE0", + "Arn" + ] + } + ] } ], "Version": "2012-10-17" @@ -6809,7 +6863,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" }, - "/9bd33d1e1eaf1b892712d7a7b59b910c69acb11b6aaf47a6daf626f86dd9e3d4.json" + "/3267a3b1db64e4c841c97465b9b19a18f2e1cd61b6b4e4d5a64efab66ffc6ad2.json" ] ] } @@ -7101,6 +7155,16 @@ ] } ] + }, + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "Handler886CB40B", + "Arn" + ] + } } ], "Version": "2012-10-17" @@ -7321,7 +7385,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1" }, - "/da09b37fcfde017272055109722f2f32f25601dceb8b92afac0c7b1138e385ad.json" + "/35067f83e0ebfaa3b05a893a5515c610d6f041dc30357c3598893cb8ed1ab3b1.json" ] ] }