diff --git a/packages/@aws-cdk/aws-eks-v2-alpha/lib/kubectl-provider.ts b/packages/@aws-cdk/aws-eks-v2-alpha/lib/kubectl-provider.ts index 5823788ededeb..0ddbc3477ff67 100644 --- a/packages/@aws-cdk/aws-eks-v2-alpha/lib/kubectl-provider.ts +++ b/packages/@aws-cdk/aws-eks-v2-alpha/lib/kubectl-provider.ts @@ -2,7 +2,7 @@ import { Construct, IConstruct } from 'constructs'; import { ICluster, Cluster } from './cluster'; import * as iam from 'aws-cdk-lib/aws-iam'; import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { Duration, Stack, NestedStack, Names, CfnCondition, Fn, Aws } from 'aws-cdk-lib/core'; +import { Duration, Stack, Names, CfnCondition, Fn, Aws } from 'aws-cdk-lib/core'; import * as cr from 'aws-cdk-lib/custom-resources'; import { AwsCliLayer } from 'aws-cdk-lib/lambda-layer-awscli'; import { KubectlLayer } from 'aws-cdk-lib/lambda-layer-kubectl'; @@ -61,7 +61,7 @@ export interface IKubectlProvider extends IConstruct { /** * Implementation of Kubectl Lambda */ -export class KubectlProvider extends NestedStack implements IKubectlProvider { +export class KubectlProvider extends Construct implements IKubectlProvider { /** * Take existing provider or create new based on cluster diff --git a/packages/@aws-cdk/aws-eks-v2-alpha/test/cluster.test.ts b/packages/@aws-cdk/aws-eks-v2-alpha/test/cluster.test.ts index 0d8908645dde9..0ac8a5d54c5a8 100644 --- a/packages/@aws-cdk/aws-eks-v2-alpha/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-eks-v2-alpha/test/cluster.test.ts @@ -1084,7 +1084,7 @@ describe('cluster', () => { Type: 'Custom::AWSCDK-EKS-KubernetesResource', Properties: { ServiceToken: { - 'Fn::ImportValue': 'Stack:ExportsOutputFnGetAttawscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6BOutputsStackawscdkawseksKubectlProviderframeworkonEvent8897FD9BArn49BEF20C', + 'Fn::ImportValue': 'Stack:ExportsOutputFnGetAttawscdkawseksKubectlProviderframeworkonEvent0A650005Arn27EC41A8', }, Manifest: '[{\"foo\":\"bar\"}]', ClusterName: { 'Fn::ImportValue': 'Stack:ExportsOutputRefcluster611F8AFFA07FC079' }, @@ -2069,11 +2069,9 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { - SecurityGroupIds: [{ Ref: 'referencetoStackCluster17032651AClusterSecurityGroupId' }], + SecurityGroupIds: [{ 'Fn::GetAtt': ['Cluster192CD0375', 'ClusterSecurityGroupId'] }], }, }); }); @@ -2101,9 +2099,7 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { Environment: { Variables: { Foo: 'Bar', @@ -2139,11 +2135,9 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { Role: { - Ref: 'referencetoStackKubectlIamRole02F8947EArn', + 'Fn::GetAtt': ['awscdkawseksKubectlProviderframeworkonEventServiceRoleF4FAF053', 'Arn'], }, }); }); @@ -2165,10 +2159,9 @@ describe('cluster', () => { chart, }); - const nested = stack.node.tryFindChild('Imported-KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { Role: { - Ref: 'referencetoKubectlLambdaRole7D084D94Arn', + 'Fn::GetAtt': ['ImportedKubectlProviderframeworkonEventServiceRole6603B49A', 'Arn'], }, }); Template.fromStack(stack).hasResourceProperties(HelmChart.RESOURCE_TYPE, { @@ -2199,11 +2192,9 @@ describe('cluster', () => { vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }], }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - // we don't attach vpc config in case endpoint is public only, regardless of whether // the vpc has private subnets or not. - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: Match.absent(), }); }); @@ -2217,11 +2208,9 @@ describe('cluster', () => { endpointAccess: eks.EndpointAccess.PUBLIC, }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - // we don't attach vpc config in case endpoint is public only, regardless of whether // the vpc has private subnets or not. - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: Match.absent(), }); }); @@ -2248,11 +2237,9 @@ describe('cluster', () => { endpointAccess: eks.EndpointAccess.PRIVATE, }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - - const functions = Template.fromStack(nested).findResources('AWS::Lambda::Function'); - expect(functions.Handler886CB40B.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); - expect(functions.Handler886CB40B.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); + const functions = Template.fromStack(stack).findResources('AWS::Lambda::Function'); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); }); test('private and non restricted public without private subnets', () => { @@ -2265,11 +2252,9 @@ describe('cluster', () => { vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }], }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - // we don't have private subnets, but we don't need them since public access // is not restricted. - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: Match.absent(), }); }); @@ -2283,12 +2268,10 @@ describe('cluster', () => { endpointAccess: eks.EndpointAccess.PUBLIC_AND_PRIVATE, }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - // we have private subnets so we should use them. - const functions = Template.fromStack(nested).findResources('AWS::Lambda::Function'); - expect(functions.Handler886CB40B.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); - expect(functions.Handler886CB40B.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); + const functions = Template.fromStack(stack).findResources('AWS::Lambda::Function'); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); }); test('private and restricted public without private subnets', () => { @@ -2313,12 +2296,10 @@ describe('cluster', () => { endpointAccess: eks.EndpointAccess.PUBLIC_AND_PRIVATE.onlyFrom('1.2.3.4/32'), }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - // we have private subnets so we should use them. - const functions = Template.fromStack(nested).findResources('AWS::Lambda::Function'); - expect(functions.Handler886CB40B.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); - expect(functions.Handler886CB40B.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); + const functions = Template.fromStack(stack).findResources('AWS::Lambda::Function'); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SubnetIds.length).not.toEqual(0); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SecurityGroupIds.length).not.toEqual(0); }); test('private endpoint access selects only private subnets from looked up vpc', () => { @@ -2372,8 +2353,7 @@ describe('cluster', () => { endpointAccess: eks.EndpointAccess.PRIVATE, }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SubnetIds: ['subnet-private-in-us-east-1a'] }, }); }); @@ -2437,8 +2417,7 @@ describe('cluster', () => { }], }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SubnetIds: ['subnet-private-in-us-east-1a'] }, }); }); @@ -2462,11 +2441,10 @@ describe('cluster', () => { }], }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SubnetIds: [ - { Ref: 'referencetoStackVpcPrivateSubnet1Subnet8E6A14CBRef' }, + { Ref: 'VpcPrivateSubnet1Subnet536B997A' }, 'subnet-unknown', ], }, @@ -2488,8 +2466,7 @@ describe('cluster', () => { }], }); - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SubnetIds: ['subnet1'] }, }); }); @@ -2541,21 +2518,19 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SecurityGroupIds: [ { - Ref: 'referencetoStackCluster17032651AClusterSecurityGroupId', + 'Fn::GetAtt': ['Cluster192CD0375', 'ClusterSecurityGroupId'], }, ], SubnetIds: [ { - Ref: 'referencetoStackVpcPrivate1Subnet1Subnet6764A0F6Ref', + Ref: 'VpcPrivate1Subnet1SubnetC688B2B1', }, { - Ref: 'referencetoStackVpcPrivate1Subnet2SubnetDFD49645Ref', + Ref: 'VpcPrivate1Subnet2SubnetA2AF15C7', }, ], }, @@ -2604,10 +2579,8 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - const functions = Template.fromStack(nested).findResources('AWS::Lambda::Function'); - expect(functions.Handler886CB40B.Properties.VpcConfig.SubnetIds.length).toEqual(16); + const functions = Template.fromStack(stack).findResources('AWS::Lambda::Function'); + expect(functions.awscdkawseksKubectlProviderHandlerAABA4423.Properties.VpcConfig.SubnetIds.length).toEqual(16); }); test('kubectl provider considers vpc subnet selection', () => { @@ -2653,27 +2626,25 @@ describe('cluster', () => { }, }); - // the kubectl provider is inside a nested stack. - const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(nested).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { VpcConfig: { SecurityGroupIds: [ { - Ref: 'referencetoStackCluster17032651AClusterSecurityGroupId', + 'Fn::GetAtt': ['Cluster192CD0375', 'ClusterSecurityGroupId'], }, ], SubnetIds: [ { - Ref: 'referencetoStackVpcPrivate1Subnet1Subnet6764A0F6Ref', + Ref: 'VpcPrivate1Subnet1SubnetC688B2B1', }, { - Ref: 'referencetoStackVpcPrivate1Subnet2SubnetDFD49645Ref', + Ref: 'VpcPrivate1Subnet2SubnetA2AF15C7', }, { - Ref: 'referencetoStackVpcPrivate2Subnet1Subnet586AD392Ref', + Ref: 'VpcPrivate2Subnet1SubnetE13E2E30', }, { - Ref: 'referencetoStackVpcPrivate2Subnet2SubnetE42148C0Ref', + Ref: 'VpcPrivate2Subnet2Subnet158A38AB', }, ], }, @@ -2734,8 +2705,8 @@ describe('cluster', () => { expect(resources[expectedKubernetesGetId].Properties).toEqual({ ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.StackawscdkawseksKubectlProviderframeworkonEvent8897FD9BArn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, ClusterName: { @@ -2773,10 +2744,9 @@ describe('cluster', () => { }); // THEN - const providerStack = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(providerStack).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { Layers: [ - { Ref: 'AwsCliLayerF44AAF94' }, + { Ref: 'awscdkawseksKubectlProviderAwsCliLayerF72FE066' }, 'arn:of:layer', ], }); @@ -2833,11 +2803,10 @@ describe('cluster', () => { }); // THEN - const providerStack = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; - Template.fromStack(providerStack).hasResourceProperties('AWS::Lambda::Function', { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { Layers: [ 'arn:of:layer', - { Ref: 'KubectlLayer600207B5' }, + { Ref: 'awscdkawseksKubectlProviderKubectlLayerA7F2FE55' }, ], }); }); @@ -2870,42 +2839,6 @@ describe('cluster', () => { }); }); - test('custom memory size for kubectl provider', () => { - // GIVEN - const { stack, vpc, app } = testFixture(); - - // WHEN - new eks.Cluster(stack, 'Cluster', { - vpc, - version: CLUSTER_VERSION, - kubectlMemory: cdk.Size.gibibytes(2), - }); - - // THEN - const casm = app.synth(); - const providerNestedStackTemplate = JSON.parse(fs.readFileSync(path.join(casm.directory, 'StackawscdkawseksKubectlProvider7346F799.nested.template.json'), 'utf-8')); - expect(providerNestedStackTemplate?.Resources?.Handler886CB40B?.Properties?.MemorySize).toEqual(2048); - }); - - test('custom memory size for imported clusters', () => { - // GIVEN - const { stack, app } = testFixture(); - - // WHEN - const cluster = eks.Cluster.fromClusterAttributes(stack, 'Imported', { - clusterName: 'my-cluster', - kubectlRoleArn: 'arn:aws:iam::123456789012:role/MyRole', - kubectlMemory: cdk.Size.gibibytes(4), - }); - - cluster.addManifest('foo', { bar: 123 }); - - // THEN - const casm = app.synth(); - const providerNestedStackTemplate = JSON.parse(fs.readFileSync(path.join(casm.directory, 'StackStackImported1CBA9C50KubectlProviderAA00BA49.nested.template.json'), 'utf-8')); - expect(providerNestedStackTemplate?.Resources?.Handler886CB40B?.Properties?.MemorySize).toEqual(4096); - }); - test('create a cluster using custom kubernetes network config', () => { // GIVEN const { stack } = testFixture(); diff --git a/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-object-value.test.ts b/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-object-value.test.ts index e82267161c35f..af23712d33d1c 100644 --- a/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-object-value.test.ts +++ b/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-object-value.test.ts @@ -29,8 +29,8 @@ describe('k8s object value', () => { Properties: { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.awscdkawseksKubectlProviderframeworkonEvent0A650005Arn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, ClusterName: { Ref: 'MyCluster4C1BA579' }, @@ -70,8 +70,8 @@ describe('k8s object value', () => { Properties: { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.awscdkawseksKubectlProviderframeworkonEvent0A650005Arn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, ClusterName: { Ref: 'MyCluster4C1BA579' }, diff --git a/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-patch.test.ts b/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-patch.test.ts index 32e2acbfd13a9..c76e5dcfdd9ee 100644 --- a/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-patch.test.ts +++ b/packages/@aws-cdk/aws-eks-v2-alpha/test/k8s-patch.test.ts @@ -23,8 +23,8 @@ describe('k8s patch', () => { Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-KubernetesPatch', { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.awscdkawseksKubectlProviderframeworkonEvent0A650005Arn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, ResourceName: 'myResourceName', diff --git a/packages/@aws-cdk/aws-eks-v2-alpha/test/service-account.test.ts b/packages/@aws-cdk/aws-eks-v2-alpha/test/service-account.test.ts index e2f4a79dcc24b..3ddbdabd9ea12 100644 --- a/packages/@aws-cdk/aws-eks-v2-alpha/test/service-account.test.ts +++ b/packages/@aws-cdk/aws-eks-v2-alpha/test/service-account.test.ts @@ -18,8 +18,8 @@ describe('service account', () => { Template.fromStack(stack).hasResourceProperties(eks.KubernetesManifest.RESOURCE_TYPE, { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.StackawscdkawseksKubectlProviderframeworkonEvent8897FD9BArn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, Manifest: { @@ -83,8 +83,8 @@ describe('service account', () => { Template.fromStack(stack).hasResourceProperties(eks.KubernetesManifest.RESOURCE_TYPE, { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.StackawscdkawseksKubectlProviderframeworkonEvent8897FD9BArn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, Manifest: { @@ -141,8 +141,8 @@ describe('service account', () => { Template.fromStack(stack).hasResourceProperties(eks.KubernetesManifest.RESOURCE_TYPE, { ServiceToken: { 'Fn::GetAtt': [ - 'awscdkawseksKubectlProviderNestedStackawscdkawseksKubectlProviderNestedStackResourceA7AEBA6B', - 'Outputs.StackawscdkawseksKubectlProviderframeworkonEvent8897FD9BArn', + 'awscdkawseksKubectlProviderframeworkonEvent0A650005', + 'Arn', ], }, Manifest: { @@ -190,8 +190,8 @@ describe('service account', () => { Template.fromStack(stack).hasResourceProperties(eks.KubernetesManifest.RESOURCE_TYPE, { ServiceToken: { 'Fn::GetAtt': [ - 'StackClusterF0EB02FAKubectlProviderNestedStackStackClusterF0EB02FAKubectlProviderNestedStackResource739D12C4', - 'Outputs.StackStackClusterF0EB02FAKubectlProviderframeworkonEvent8377F076Arn', + 'StackClusterF0EB02FAKubectlProviderframeworkonEvent0A3AB271', + 'Arn', ], }, PruneLabel: 'aws.cdk.eks/prune-c8d8e1722a4f3ed332f8ac74cb3d962f01fbb62291',