diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md b/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md index 8e91fcd78b6ac..2e99aeb3ba0d0 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md @@ -46,7 +46,7 @@ const flinkApp = new flink.Application(this, 'Application', { }, }, // ... - runtime: flink.Runtime.FLINK_1_13, + runtime: flink.Runtime.FLINK_1_15, code: flink.ApplicationCode.fromBucket(bucket, 'my-app.jar'), }); ``` @@ -59,7 +59,7 @@ snapshotting, monitoring, and parallelism. declare const bucket: s3.Bucket; const flinkApp = new flink.Application(this, 'Application', { code: flink.ApplicationCode.fromBucket(bucket, 'my-app.jar'), - runtime: flink.Runtime.FLINK_1_13, + runtime: flink.Runtime.FLINK_1_15, checkpointingEnabled: true, // default is true checkpointInterval: Duration.seconds(30), // default is 1 minute minPauseBetweenCheckpoints: Duration.seconds(10), // default is 5 seconds @@ -72,3 +72,15 @@ const flinkApp = new flink.Application(this, 'Application', { logGroup: new logs.LogGroup(this, 'LogGroup'), // by default, a new LogGroup will be created }); ``` + +Flink applications can optionally be deployed in a VPC: + +```ts +declare const bucket: s3.Bucket; +declare const vpc: ec2.Vpc; +const flinkApp = new flink.Application(this, 'Application', { + code: flink.ApplicationCode.fromBucket(bucket, 'my-app.jar'), + runtime: flink.Runtime.FLINK_1_15, + vpc, +}); +``` diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/application.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/application.ts index 312c55eb9ac22..a7cee60ffa496 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/application.ts +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/application.ts @@ -1,4 +1,5 @@ import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import { CfnApplicationCloudWatchLoggingOptionV2, CfnApplicationV2 } from '@aws-cdk/aws-kinesisanalytics'; import * as logs from '@aws-cdk/aws-logs'; @@ -14,7 +15,7 @@ import { LogLevel, MetricsLevel, PropertyGroups, Runtime } from './types'; * An interface expressing the public properties on both an imported and * CDK-created Flink application. */ -export interface IApplication extends core.IResource, iam.IGrantable { +export interface IApplication extends core.IResource, ec2.IConnectable, iam.IGrantable { /** * The application ARN. * @@ -56,7 +57,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricKpus(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -67,7 +68,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricDowntime(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -78,7 +79,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default sample count over 5 minutes + * @default - sample count over 5 minutes */ metricUptime(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -90,7 +91,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricFullRestarts(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -101,7 +102,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricNumberOfFailedCheckpoints(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -112,7 +113,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricLastCheckpointDuration(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -123,7 +124,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricLastCheckpointSize(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -136,7 +137,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricCpuUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -149,7 +150,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricHeapMemoryUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -160,7 +161,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricOldGenerationGCTime(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -172,7 +173,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricOldGenerationGCCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -183,7 +184,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricThreadsCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -195,7 +196,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsIn(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -207,7 +208,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsInPerSecond(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -218,7 +219,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsOut(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -230,7 +231,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsOutPerSecond(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -241,7 +242,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricNumLateRecordsDropped(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -252,7 +253,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricCurrentInputWatermark(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -263,7 +264,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricCurrentOutputWatermark(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -274,7 +275,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryUsed(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -285,7 +286,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryTotal(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -296,7 +297,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -309,7 +310,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricIdleTimeMsPerSecond(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -321,7 +322,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricBackPressuredTimeMsPerSecond(props?: cloudwatch.MetricOptions): cloudwatch.Metric; @@ -334,7 +335,7 @@ export interface IApplication extends core.IResource, iam.IGrantable { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricBusyTimePerMsPerSecond(props?: cloudwatch.MetricOptions): cloudwatch.Metric; } @@ -351,6 +352,13 @@ abstract class ApplicationBase extends core.Resource implements IApplication { // Implement iam.IGrantable interface public abstract readonly grantPrincipal: iam.IPrincipal; + /** + * The underlying connections object for the connections getter. + * + * @internal + */ + protected _connections?: ec2.Connections; + /** Implement the convenience `IApplication.addToPrincipalPolicy` method. */ public addToRolePolicy(policyStatement: iam.PolicyStatement): boolean { if (this.role) { @@ -361,6 +369,13 @@ abstract class ApplicationBase extends core.Resource implements IApplication { return false; } + public get connections() { + if (!this._connections) { + throw new Error('This Application isn\'t associated with a VPC. Provide a "vpc" prop when creating the Application or "securityGroups" when importing it.'); + } + return this._connections; + } + /** * Return a CloudWatch metric associated with this Flink application. * @@ -385,7 +400,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricKpus(props?: cloudwatch.MetricOptions) { return this.metric('KPUs', { statistic: 'Average', ...props }); @@ -399,7 +414,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricDowntime(props?: cloudwatch.MetricOptions) { return this.metric('downtime', { statistic: 'Average', ...props }); @@ -412,7 +427,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricUptime(props?: cloudwatch.MetricOptions) { return this.metric('uptime', { statistic: 'Average', ...props }); @@ -426,7 +441,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricFullRestarts(props?: cloudwatch.MetricOptions) { return this.metric('fullRestarts', { statistic: 'Sum', ...props }); @@ -439,7 +454,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricNumberOfFailedCheckpoints(props?: cloudwatch.MetricOptions) { return this.metric('numberOfFailedCheckpoints', { statistic: 'Sum', ...props }); @@ -452,7 +467,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricLastCheckpointDuration(props?: cloudwatch.MetricOptions) { return this.metric('lastCheckpointDuration', { statistic: 'Maximum', ...props }); @@ -465,7 +480,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricLastCheckpointSize(props?: cloudwatch.MetricOptions) { return this.metric('lastCheckpointSize', { statistic: 'Maximum', ...props }); @@ -480,7 +495,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricCpuUtilization(props?: cloudwatch.MetricOptions) { return this.metric('cpuUtilization', { statistic: 'Average', ...props }); @@ -495,7 +510,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricHeapMemoryUtilization(props?: cloudwatch.MetricOptions) { return this.metric('heapMemoryUtilization', { statistic: 'Average', ...props }); @@ -508,7 +523,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricOldGenerationGCTime(props?: cloudwatch.MetricOptions) { return this.metric('oldGenerationGCTime', { statistic: 'Sum', ...props }); @@ -522,7 +537,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricOldGenerationGCCount(props?: cloudwatch.MetricOptions) { return this.metric('oldGenerationGCCount', { statistic: 'Sum', ...props }); @@ -535,7 +550,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricThreadsCount(props?: cloudwatch.MetricOptions) { return this.metric('threadsCount', { statistic: 'Average', ...props }); @@ -549,7 +564,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsIn(props?: cloudwatch.MetricOptions) { return this.metric('numRecordsIn', { statistic: 'Average', ...props }); @@ -563,7 +578,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsInPerSecond(props?: cloudwatch.MetricOptions) { return this.metric('numRecordsInPerSecond', { statistic: 'Average', ...props }); @@ -576,7 +591,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsOut(props?: cloudwatch.MetricOptions) { return this.metric('numRecordsOut', { statistic: 'Average', ...props }); @@ -590,7 +605,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricNumRecordsOutPerSecond(props?: cloudwatch.MetricOptions) { return this.metric('numRecordsOutPerSecond', { statistic: 'Average', ...props }); @@ -604,7 +619,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default sum over 5 minutes + * @default - sum over 5 minutes */ metricNumLateRecordsDropped(props?: cloudwatch.MetricOptions) { return this.metric('numLateRecordsDropped', { statistic: 'Sum', ...props }); @@ -617,7 +632,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricCurrentInputWatermark(props?: cloudwatch.MetricOptions) { return this.metric('currentInputWatermark', { statistic: 'Maximum', ...props }); @@ -630,7 +645,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default maximum over 5 minutes + * @default - maximum over 5 minutes */ metricCurrentOutputWatermark(props?: cloudwatch.MetricOptions) { return this.metric('currentOutputWatermark', { statistic: 'Maximum', ...props }); @@ -643,7 +658,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryUsed(props?: cloudwatch.MetricOptions) { return this.metric('managedMemoryUsed', { statistic: 'Average', ...props }); @@ -656,7 +671,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryTotal(props?: cloudwatch.MetricOptions) { return this.metric('managedMemoryTotal', { statistic: 'Average', ...props }); @@ -669,7 +684,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Application, Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricManagedMemoryUtilization(props?: cloudwatch.MetricOptions) { return this.metric('managedMemoryUtilization', { statistic: 'Average', ...props }); @@ -684,7 +699,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricIdleTimeMsPerSecond(props?: cloudwatch.MetricOptions) { return this.metric('idleTimeMsPerSecond', { statistic: 'Average', ...props }); @@ -698,7 +713,7 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricBackPressuredTimeMsPerSecond(props?: cloudwatch.MetricOptions) { return this.metric('backPressuredTimeMsPerSecond', { statistic: 'Average', ...props }); @@ -713,13 +728,32 @@ abstract class ApplicationBase extends core.Resource implements IApplication { * * Reporting Level: Operator, Task, Parallelism * - * @default average over 5 minutes + * @default - average over 5 minutes */ metricBusyTimePerMsPerSecond(props?: cloudwatch.MetricOptions) { return this.metric('busyTimePerMsPerSecond', { statistic: 'Average', ...props }); } } +/** + * Attributes used for importing an Application with Application.fromApplicationAttributes. + */ +export interface ApplicationAttributes { + /** + * The ARN of the Flink application. + * + * Format: arn::kinesisanalytics:::application/ + */ + readonly applicationArn: string; + + /** + * The security groups for this Flink application if deployed in a VPC. + * + * @default - no security groups + */ + readonly securityGroups?: ec2.ISecurityGroup[]; +} + /** * Props for creating an Application construct. */ @@ -751,7 +785,7 @@ export interface ApplicationProps { /** * The interval between checkpoints. * - * @default 1 minute + * @default - 1 minute */ readonly checkpointInterval?: core.Duration; @@ -759,7 +793,7 @@ export interface ApplicationProps { * The minimum amount of time in to wait after a checkpoint finishes to start * a new checkpoint. * - * @default 5 seconds + * @default - 5 seconds */ readonly minPauseBetweenCheckpoints?: core.Duration; @@ -815,7 +849,7 @@ export interface ApplicationProps { * Configuration PropertyGroups. You can use these property groups to pass * arbitrary runtime configuration values to your Flink app. * - * @default No property group configuration provided to the Flink app + * @default - No property group configuration provided to the Flink app */ readonly propertyGroups?: PropertyGroups; @@ -837,9 +871,30 @@ export interface ApplicationProps { /** * The log group to send log entries to. * - * @default CDK's default LogGroup + * @default - CDK's default LogGroup */ readonly logGroup?: logs.ILogGroup; + + /** + * Deploy the Flink application in a VPC. + * + * @default - no VPC + */ + readonly vpc?: ec2.IVpc; + + /** + * Choose which VPC subnets to use. + * + * @default - SubnetType.PRIVATE_WITH_EGRESS subnets + */ + readonly vpcSubnets?: ec2.SubnetSelection; + + /** + * Security groups to use with a provided VPC. + * + * @default - a new security group is created for this application. + */ + readonly securityGroups?: ec2.ISecurityGroup[]; } /** @@ -851,7 +906,7 @@ class Import extends ApplicationBase { public readonly applicationName: string; public readonly applicationArn: string; - constructor(scope: Construct, id: string, attrs: { applicationArn: string, applicationName: string }) { + constructor(scope: Construct, id: string, attrs: { applicationArn: string, securityGroups?: ec2.ISecurityGroup[] }) { super(scope, id); // Imported applications have no associated role or grantPrincipal @@ -859,7 +914,16 @@ class Import extends ApplicationBase { this.role = undefined; this.applicationArn = attrs.applicationArn; - this.applicationName = attrs.applicationName; + const applicationName = core.Stack.of(scope).splitArn(attrs.applicationArn, core.ArnFormat.SLASH_RESOURCE_NAME).resourceName; + if (!applicationName) { + throw new Error(`applicationArn for fromApplicationArn (${attrs.applicationArn}) must include resource name`); + } + this.applicationName = applicationName; + + const securityGroups = attrs.securityGroups ?? []; + if (securityGroups.length > 0) { + this._connections = new ec2.Connections({ securityGroups }); + } } } @@ -877,7 +941,7 @@ export class Application extends ApplicationBase { public static fromApplicationName(scope: Construct, id: string, applicationName: string): IApplication { const applicationArn = core.Stack.of(scope).formatArn(applicationArnComponents(applicationName)); - return new Import(scope, id, { applicationArn, applicationName }); + return new Import(scope, id, { applicationArn }); } /** @@ -885,12 +949,17 @@ export class Application extends ApplicationBase { * applicationArn. */ public static fromApplicationArn(scope: Construct, id: string, applicationArn: string): IApplication { - const applicationName = core.Stack.of(scope).splitArn(applicationArn, core.ArnFormat.SLASH_RESOURCE_NAME).resourceName; - if (!applicationName) { - throw new Error(`applicationArn for fromApplicationArn (${applicationArn}) must include resource name`); - } + return new Import(scope, id, { applicationArn }); + } - return new Import(scope, id, { applicationArn, applicationName }); + /** + * Import an existing application defined outside of CDK code. + */ + public static fromApplicationAttributes(scope: Construct, id: string, attrs: ApplicationAttributes): IApplication { + return new Import(scope, id, { + applicationArn: attrs.applicationArn, + securityGroups: attrs.securityGroups, + }); } public readonly applicationArn: string; @@ -919,6 +988,23 @@ export class Application extends ApplicationBase { const code = props.code.bind(this); code.bucket.grantRead(this); + let vpcConfigurations; + if (props.vpc) { + const securityGroups = props.securityGroups ?? [ + new ec2.SecurityGroup(this, 'SecurityGroup', { + vpc: props.vpc, + }), + ]; + this._connections = new ec2.Connections({ securityGroups }); + const subnetSelection = props.vpcSubnets ?? { + subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS, + }; + vpcConfigurations = [{ + securityGroupIds: securityGroups.map(sg => sg.securityGroupId), + subnetIds: props.vpc.selectSubnets(subnetSelection).subnetIds, + }]; + } + const resource = new CfnApplicationV2(this, 'Resource', { applicationName: props.applicationName, runtimeEnvironment: props.runtime.value, @@ -939,6 +1025,7 @@ export class Application extends ApplicationBase { applicationSnapshotConfiguration: { snapshotsEnabled: props.snapshotsEnabled ?? true, }, + vpcConfigurations, }, }); resource.node.addDependency(this.role); @@ -978,6 +1065,24 @@ export class Application extends ApplicationBase { }, }); + // Permissions required for VPC usage per: + // https://docs.aws.amazon.com/kinesisanalytics/latest/java/vpc-permissions.html + if (props.vpc) { + this.role.addToPrincipalPolicy(new iam.PolicyStatement({ + actions: [ + 'ec2:DescribeVpcs', + 'ec2:DescribeSubnets', + 'ec2:DescribeSecurityGroups', + 'ec2:DescribeDhcpOptions', + 'ec2:CreateNetworkInterface', + 'ec2:CreateNetworkInterfacePermission', + 'ec2:DescribeNetworkInterfaces', + 'ec2:DeleteNetworkInterface', + ], + resources: ['*'], + })); + } + this.applicationName = this.getResourceNameAttribute(resource.ref); this.applicationArn = this.getResourceArnAttribute( core.Stack.of(this).formatArn(applicationArnComponents(resource.ref)), diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/private/validation.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/private/validation.ts index b0f94f56daf77..739956e926f3f 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/private/validation.ts +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/private/validation.ts @@ -1,9 +1,13 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; import * as core from '@aws-cdk/core'; interface ValidatedProps { applicationName?: string; parallelism?: number; parallelismPerKpu?: number; + vpc?: ec2.IVpc; + vpcSubnets?: ec2.SubnetSelection; + securityGroups?: ec2.ISecurityGroup[]; } /** @@ -13,6 +17,7 @@ export function validateFlinkApplicationProps(props: ValidatedProps) { validateApplicationName(props.applicationName); validateParallelism(props.parallelism); validateParallelismPerKpu(props.parallelismPerKpu); + validateVpcProps(props); } function validateApplicationName(applicationName?: string) { @@ -52,3 +57,15 @@ function validateParallelismPerKpu(parallelismPerKpu?: number) { throw new Error('parallelismPerKpu must be at least 1'); } } + +function validateVpcProps({ vpc, securityGroups = [], vpcSubnets }: ValidatedProps) { + if (!vpc) { + if (vpcSubnets) { + throw new Error('vpc prop required when passing vpcSubnets'); + } + + if (securityGroups.length > 0) { + throw new Error('vpc prop required when passing securityGroups'); + } + } +} diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json index 103eb37da9387..b0aeedbafabfe 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json @@ -76,6 +76,7 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", "jest": "^27.5.1", @@ -84,6 +85,7 @@ "dependencies": { "@aws-cdk/assets": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kinesisanalytics": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", @@ -98,6 +100,7 @@ "peerDependencies": { "@aws-cdk/assets": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kinesisanalytics": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-kinesisanalytics-flink/rosetta/default.ts-fixture index a9f46e29f793b..69cf40a794c9a 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/rosetta/default.ts-fixture @@ -1,6 +1,7 @@ // Fixture with packages imported, but nothing else import { Construct } from 'constructs'; import { Duration, Stack } from '@aws-cdk/core'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as flink from '@aws-cdk/aws-kinesisanalytics-flink'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; @@ -11,4 +12,4 @@ class Fixture extends Stack { /// here } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/application.test.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/application.test.ts index f663c2b4cc0e7..3b83c039452b4 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/application.test.ts +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/application.test.ts @@ -1,6 +1,7 @@ import * as path from 'path'; import { Match, Template } from '@aws-cdk/assertions'; import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; @@ -76,8 +77,14 @@ describe('Application', () => { Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { - Statement: Match.arrayWith([ + Statement: Match.arrayEquals([ { Action: 'cloudwatch:PutMetricData', Effect: 'Allow', Resource: '*' }, + // Access to read from the code bucket + { + Action: ['s3:GetObject*', 's3:GetBucket*', 's3:List*'], + Effect: 'Allow', + Resource: Match.anyValue(), + }, { Action: 'logs:DescribeLogGroups', Effect: 'Allow', @@ -504,6 +511,206 @@ describe('Application', () => { }); }); + test('using a VPC with default vpcSubnets and securityGroups', () => { + new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + vpc: new ec2.Vpc(stack, 'VPC'), + }); + + const template = Template.fromStack(stack); + template.hasResourceProperties( + 'AWS::KinesisAnalyticsV2::Application', + { + ApplicationConfiguration: { + VpcConfigurations: [ + { + SecurityGroupIds: [ + { + 'Fn::GetAtt': ['FlinkApplicationSecurityGroup1FD816EE', 'GroupId'], + }, + ], + SubnetIds: [ + { + Ref: 'VPCPrivateSubnet1Subnet8BCA10E0', + }, + { + Ref: 'VPCPrivateSubnet2SubnetCFCDAA7A', + }, + ], + }, + ], + }, + }, + ); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: Match.arrayWith([ + { + Action: [ + 'ec2:DescribeVpcs', + 'ec2:DescribeSubnets', + 'ec2:DescribeSecurityGroups', + 'ec2:DescribeDhcpOptions', + 'ec2:CreateNetworkInterface', + 'ec2:CreateNetworkInterfacePermission', + 'ec2:DescribeNetworkInterfaces', + 'ec2:DeleteNetworkInterface', + ], + Effect: 'Allow', + Resource: '*', + }, + ]), + }, + }); + }); + + test('providing securityGroups', () => { + const vpc = new ec2.Vpc(stack, 'VPC'); + new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + vpc, + securityGroups: [ + new ec2.SecurityGroup(stack, 'ProvidedSecurityGroup', { vpc }), + ], + }); + + Template.fromStack(stack).hasResourceProperties( + 'AWS::KinesisAnalyticsV2::Application', + { + ApplicationConfiguration: { + VpcConfigurations: [ + { + SecurityGroupIds: [ + { + 'Fn::GetAtt': ['ProvidedSecurityGroup3C7655DD', 'GroupId'], + }, + ], + }, + ], + }, + }, + ); + }); + + test('providing a subnetSelection', () => { + new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + vpc: new ec2.Vpc(stack, 'VPC'), + vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC }, + }); + + Template.fromStack(stack).hasResourceProperties( + 'AWS::KinesisAnalyticsV2::Application', + { + ApplicationConfiguration: { + VpcConfigurations: [ + { + SubnetIds: [ + { + Ref: 'VPCPublicSubnet1SubnetB4246D30', + }, + { + Ref: 'VPCPublicSubnet2Subnet74179F39', + }, + ], + }, + ], + }, + }, + ); + }); + + test('using connections on a created Application', () => { + const app = new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + vpc: new ec2.Vpc(stack, 'VPC'), + }); + + app.connections.allowFromAnyIpv4(ec2.Port.tcp(443)); + + Template.fromStack(stack).hasResourceProperties( + 'AWS::EC2::SecurityGroup', + { + SecurityGroupEgress: [{ + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + }], + SecurityGroupIngress: [{ + Description: 'from 0.0.0.0/0:443', + FromPort: 443, + IpProtocol: 'tcp', + ToPort: 443, + }], + }, + ); + }); + + test('using connections on an imported Application', () => { + const app = flink.Application.fromApplicationAttributes(stack, 'FlinkApplication', { + applicationArn: 'arn:aws:kinesisanalytics:us-west-2:012345678901:application/my-app', + securityGroups: [ec2.SecurityGroup.fromSecurityGroupId(stack, 'ImportedSG', 'sg-123456789')], + }); + + app.connections.allowFromAnyIpv4(ec2.Port.tcp(443)); + + Template.fromStack(stack).hasResourceProperties( + 'AWS::EC2::SecurityGroupIngress', + { + FromPort: 443, + GroupId: 'sg-123456789', + IpProtocol: 'tcp', + ToPort: 443, + }, + ); + }); + + test('validating vpnSubnets prop requires vpc prop', () => { + expect(() => { + new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC }, + }); + }).toThrow(/vpc prop required when passing vpcSubnets/); + }); + + test('validating securityGroups prop requires vpc prop', () => { + expect(() => { + const vpc = new ec2.Vpc(stack, 'VPC'); + const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', { + vpc, + }); + new flink.Application(stack, 'Error', { + ...requiredProps, + securityGroups: [securityGroup], + }); + }).toThrow(/vpc prop required when passing securityGroups/); + + // empty array for securityGroups is treated the same as undefined + expect(() => { + new flink.Application(stack, 'OK', { + ...requiredProps, + securityGroups: [], + }); + }).not.toThrow(); + }); + + test('validating vpc provided when using connections for created App', () => { + let app = new flink.Application(stack, 'FlinkApplication', { + ...requiredProps, + }); + expect(() => { + app.connections; + }).toThrow(/This Application isn\'t associated with a VPC/); + }); + + test('validating vpc provided when using connections for imported App', () => { + let app = flink.Application.fromApplicationName(stack, 'FlinkApplication', 'Name'); + expect(() => { + app.connections; + }).toThrow(/This Application isn\'t associated with a VPC/); + }); + test('validating applicationName', () => { // Expect no error with valid name new flink.Application(stack, 'ValidString', { @@ -612,6 +819,17 @@ describe('Application', () => { expect(flinkApp.addToRolePolicy(new iam.PolicyStatement())).toBe(false); }); + test('fromFlinkApplicationAttributes', () => { + const arn = 'arn:aws:kinesisanalytics:us-west-2:012345678901:application/my-app'; + const flinkApp = flink.Application.fromApplicationAttributes(stack, 'Imported', { + applicationArn: arn, + }); + + expect(flinkApp.applicationName).toEqual('my-app'); + expect(flinkApp.applicationArn).toEqual(arn); + expect(flinkApp.addToRolePolicy(new iam.PolicyStatement())).toBe(false); + }); + test('get metric', () => { const flinkApp = new flink.Application(stack, 'Application', { ...requiredProps }); expect(flinkApp.metric('KPUs', { statistic: 'Sum' })) diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.assets.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.assets.json new file mode 100644 index 0000000000000..705074e025672 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.assets.json @@ -0,0 +1,32 @@ +{ + "version": "30.1.0", + "files": { + "8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577": { + "source": { + "path": "asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "e6269b086e65eaed552c57d90811a297037300cdaf9403468e748cc1d22dc668": { + "source": { + "path": "FlinkAppTest.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "e6269b086e65eaed552c57d90811a297037300cdaf9403468e748cc1d22dc668.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json new file mode 100644 index 0000000000000..b2ab7859cf42a --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/FlinkAppTest.template.json @@ -0,0 +1,720 @@ +{ + "Resources": { + "VPCB9E5F0B4": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC" + } + ] + } + }, + "VPCPublicSubnet1SubnetB4246D30": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1RouteTableFEE4B781": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1RouteTableAssociation0B0896DC": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "VPCPublicSubnet1DefaultRoute91CEF279": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + } + }, + "DependsOn": [ + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet1EIP6AD938E8": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1NATGatewayE0556630": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VPCPublicSubnet1DefaultRoute91CEF279", + "VPCPublicSubnet1RouteTableAssociation0B0896DC" + ] + }, + "VPCPublicSubnet2Subnet74179F39": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "VPCPublicSubnet2RouteTable6F1A15F1": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "VPCPublicSubnet2RouteTableAssociation5A808732": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "VPCPublicSubnet2DefaultRouteB7481BBA": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + } + }, + "DependsOn": [ + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet2EIP4947BC00": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "VPCPublicSubnet2NATGateway3C070193": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet2EIP4947BC00", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VPCPublicSubnet2DefaultRouteB7481BBA", + "VPCPublicSubnet2RouteTableAssociation5A808732" + ] + }, + "VPCPrivateSubnet1Subnet8BCA10E0": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PrivateSubnet1" + } + ] + } + }, + "VPCPrivateSubnet1RouteTableBE8A6027": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PrivateSubnet1" + } + ] + } + }, + "VPCPrivateSubnet1RouteTableAssociation347902D1": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "SubnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "VPCPrivateSubnet1DefaultRouteAE1D6490": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "VPCPrivateSubnet2SubnetCFCDAA7A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PrivateSubnet2" + } + ] + } + }, + "VPCPrivateSubnet2RouteTable0A19E10E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC/PrivateSubnet2" + } + ] + } + }, + "VPCPrivateSubnet2RouteTableAssociation0C73D413": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "SubnetId": { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + } + }, + "VPCPrivateSubnet2DefaultRouteF4F5CFD2": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VPCPublicSubnet2NATGateway3C070193" + } + } + }, + "VPCIGWB7E252D3": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "FlinkAppTest/VPC" + } + ] + } + }, + "VPCVPCGW99B986DC": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "InternetGatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "AppRole1AF9B530": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "kinesisanalytics.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "AppRoleDefaultPolicy9CADBAA1": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "cloudwatch:PutMetricData", + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:DeleteNetworkInterface", + "ec2:DescribeDhcpOptions", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "/*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + } + ] + ] + } + ] + }, + { + "Action": "logs:DescribeLogGroups", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:*" + ] + ] + } + }, + { + "Action": "logs:DescribeLogStreams", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "AppLogGroupC72EEC8C", + "Arn" + ] + } + }, + { + "Action": "logs:PutLogEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:", + { + "Ref": "AppLogGroupC72EEC8C" + }, + ":log-stream:", + { + "Ref": "AppLogStream3CAF66A7" + } + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "AppRoleDefaultPolicy9CADBAA1", + "Roles": [ + { + "Ref": "AppRole1AF9B530" + } + ] + } + }, + "AppSecurityGroupC292657D": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "FlinkAppTest/App/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "AppF1B96344": { + "Type": "AWS::KinesisAnalyticsV2::Application", + "Properties": { + "RuntimeEnvironment": "FLINK-1_15", + "ServiceExecutionRole": { + "Fn::GetAtt": [ + "AppRole1AF9B530", + "Arn" + ] + }, + "ApplicationConfiguration": { + "ApplicationCodeConfiguration": { + "CodeContent": { + "S3ContentLocation": { + "BucketARN": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + } + ] + ] + }, + "FileKey": "8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577.zip" + } + }, + "CodeContentType": "ZIPFILE" + }, + "ApplicationSnapshotConfiguration": { + "SnapshotsEnabled": true + }, + "VpcConfigurations": [ + { + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "AppSecurityGroupC292657D", + "GroupId" + ] + } + ], + "SubnetIds": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ] + } + ] + } + }, + "DependsOn": [ + "AppRoleDefaultPolicy9CADBAA1", + "AppRole1AF9B530" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "AppLogGroupC72EEC8C": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "AppLogStream3CAF66A7": { + "Type": "AWS::Logs::LogStream", + "Properties": { + "LogGroupName": { + "Ref": "AppLogGroupC72EEC8C" + } + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "AppLoggingOption75BE995E": { + "Type": "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption", + "Properties": { + "ApplicationName": { + "Ref": "AppF1B96344" + }, + "CloudWatchLoggingOption": { + "LogStreamARN": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:", + { + "Ref": "AppLogGroupC72EEC8C" + }, + ":log-stream:", + { + "Ref": "AppLogStream3CAF66A7" + } + ] + ] + } + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.assets.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.assets.json new file mode 100644 index 0000000000000..e03abd70970a9 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "VpcTestDefaultTestDeployAssert06A9965C.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.template.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/VpcTestDefaultTestDeployAssert06A9965C.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar new file mode 100644 index 0000000000000..9c533e6fea607 Binary files /dev/null and b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar differ diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/cdk.out b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/cdk.out new file mode 100644 index 0000000000000..b72fef144f05c --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/integ.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/integ.json new file mode 100644 index 0000000000000..dbb80adf83c08 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "30.1.0", + "testCases": { + "VpcTest/DefaultTest": { + "stacks": [ + "FlinkAppTest" + ], + "assertionStack": "VpcTest/DefaultTest/DeployAssert", + "assertionStackName": "VpcTestDefaultTestDeployAssert06A9965C" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/manifest.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/manifest.json new file mode 100644 index 0000000000000..741b85af43cf8 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/manifest.json @@ -0,0 +1,285 @@ +{ + "version": "30.1.0", + "artifacts": { + "FlinkAppTest.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "FlinkAppTest.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "FlinkAppTest": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "FlinkAppTest.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e6269b086e65eaed552c57d90811a297037300cdaf9403468e748cc1d22dc668.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "FlinkAppTest.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "FlinkAppTest.assets" + ], + "metadata": { + "/FlinkAppTest/VPC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCB9E5F0B4" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1SubnetB4246D30" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableFEE4B781" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute91CEF279" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1EIP6AD938E8" + } + ], + "/FlinkAppTest/VPC/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1NATGatewayE0556630" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2Subnet74179F39" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTable6F1A15F1" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTableAssociation5A808732" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2DefaultRouteB7481BBA" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2EIP4947BC00" + } + ], + "/FlinkAppTest/VPC/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2NATGateway3C070193" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableBE8A6027" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTable0A19E10E" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTableAssociation0C73D413" + } + ], + "/FlinkAppTest/VPC/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2DefaultRouteF4F5CFD2" + } + ], + "/FlinkAppTest/VPC/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIGWB7E252D3" + } + ], + "/FlinkAppTest/VPC/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCVPCGW99B986DC" + } + ], + "/FlinkAppTest/App/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppRole1AF9B530" + } + ], + "/FlinkAppTest/App/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppRoleDefaultPolicy9CADBAA1" + } + ], + "/FlinkAppTest/App/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppSecurityGroupC292657D" + } + ], + "/FlinkAppTest/App/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppF1B96344" + } + ], + "/FlinkAppTest/App/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppLogGroupC72EEC8C" + } + ], + "/FlinkAppTest/App/LogStream/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AppLogStream3CAF66A7" + } + ], + "/FlinkAppTest/App/LoggingOption": [ + { + "type": "aws:cdk:logicalId", + "data": "AppLoggingOption75BE995E" + } + ], + "/FlinkAppTest/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/FlinkAppTest/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "FlinkAppTest" + }, + "VpcTestDefaultTestDeployAssert06A9965C.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "VpcTestDefaultTestDeployAssert06A9965C.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "VpcTestDefaultTestDeployAssert06A9965C": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "VpcTestDefaultTestDeployAssert06A9965C.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "VpcTestDefaultTestDeployAssert06A9965C.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "VpcTestDefaultTestDeployAssert06A9965C.assets" + ], + "metadata": { + "/VpcTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/VpcTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "VpcTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/tree.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/tree.json new file mode 100644 index 0000000000000..7890359dcfe66 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.js.snapshot/tree.json @@ -0,0 +1,1175 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "FlinkAppTest": { + "id": "FlinkAppTest", + "path": "FlinkAppTest", + "children": { + "VPC": { + "id": "VPC", + "path": "FlinkAppTest/VPC", + "children": { + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/VPC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "FlinkAppTest/VPC/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "FlinkAppTest/VPC/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "FlinkAppTest/VPC/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "FlinkAppTest/VPC/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "FlinkAppTest/VPC/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "FlinkAppTest/VPC/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "FlinkAppTest/VPC/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "FlinkAppTest/VPC/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "FlinkAppTest/VPC/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "FlinkAppTest/VPC/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "FlinkAppTest/VPC/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "FlinkAppTest/VPC/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "FlinkAppTest/VPC/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "FlinkAppTest/VPC/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "FlinkAppTest/VPC/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "FlinkAppTest/VPC/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + }, + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet2EIP4947BC00", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "FlinkAppTest/VPC/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "FlinkAppTest/VPC/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "FlinkAppTest/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "FlinkAppTest/VPC/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "FlinkAppTest/VPC/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "FlinkAppTest/VPC/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "FlinkAppTest/VPC/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "FlinkAppTest/VPC/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "FlinkAppTest/VPC/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "FlinkAppTest/VPC/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "FlinkAppTest/VPC/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "FlinkAppTest/VPC/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "FlinkAppTest/VPC/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "FlinkAppTest/VPC/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet2NATGateway3C070193" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "FlinkAppTest/VPC/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "FlinkAppTest/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "FlinkAppTest/VPC/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "internetGatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "App": { + "id": "App", + "path": "FlinkAppTest/App", + "children": { + "Role": { + "id": "Role", + "path": "FlinkAppTest/App/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "FlinkAppTest/App/Role/ImportRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "kinesisanalytics.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "FlinkAppTest/App/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "cloudwatch:PutMetricData", + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:DeleteNetworkInterface", + "ec2:DescribeDhcpOptions", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "/*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + } + ] + ] + } + ] + }, + { + "Action": "logs:DescribeLogGroups", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:*" + ] + ] + } + }, + { + "Action": "logs:DescribeLogStreams", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "AppLogGroupC72EEC8C", + "Arn" + ] + } + }, + { + "Action": "logs:PutLogEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:", + { + "Ref": "AppLogGroupC72EEC8C" + }, + ":log-stream:", + { + "Ref": "AppLogStream3CAF66A7" + } + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "AppRoleDefaultPolicy9CADBAA1", + "roles": [ + { + "Ref": "AppRole1AF9B530" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "FlinkAppTest/App/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "FlinkAppTest/App/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "FlinkAppTest/App/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "FlinkAppTest/App/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "FlinkAppTest/App/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KinesisAnalyticsV2::Application", + "aws:cdk:cloudformation:props": { + "runtimeEnvironment": "FLINK-1_15", + "serviceExecutionRole": { + "Fn::GetAtt": [ + "AppRole1AF9B530", + "Arn" + ] + }, + "applicationConfiguration": { + "applicationCodeConfiguration": { + "codeContent": { + "s3ContentLocation": { + "bucketArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":s3:::", + { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + } + ] + ] + }, + "fileKey": "8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577.zip" + } + }, + "codeContentType": "ZIPFILE" + }, + "applicationSnapshotConfiguration": { + "snapshotsEnabled": true + }, + "vpcConfigurations": [ + { + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "AppSecurityGroupC292657D", + "GroupId" + ] + } + ], + "subnetIds": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kinesisanalytics.CfnApplicationV2", + "version": "0.0.0" + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "FlinkAppTest/App/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": { + "retentionInDays": 731 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + }, + "LogStream": { + "id": "LogStream", + "path": "FlinkAppTest/App/LogStream", + "children": { + "Resource": { + "id": "Resource", + "path": "FlinkAppTest/App/LogStream/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogStream", + "aws:cdk:cloudformation:props": { + "logGroupName": { + "Ref": "AppLogGroupC72EEC8C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogStream", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogStream", + "version": "0.0.0" + } + }, + "LoggingOption": { + "id": "LoggingOption", + "path": "FlinkAppTest/App/LoggingOption", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption", + "aws:cdk:cloudformation:props": { + "applicationName": { + "Ref": "AppF1B96344" + }, + "cloudWatchLoggingOption": { + "logStreamArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:", + { + "Ref": "AppLogGroupC72EEC8C" + }, + ":log-stream:", + { + "Ref": "AppLogStream3CAF66A7" + } + ] + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kinesisanalytics.CfnApplicationCloudWatchLoggingOptionV2", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kinesisanalytics-flink.Application", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "FlinkAppTest/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "FlinkAppTest/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "VpcTest": { + "id": "VpcTest", + "path": "VpcTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "VpcTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "VpcTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.264" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "VpcTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "VpcTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "VpcTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.264" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.ts new file mode 100644 index 0000000000000..03a7beee03a43 --- /dev/null +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/test/integ.vpc-application.ts @@ -0,0 +1,19 @@ +import * as path from 'path'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as core from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as flink from '../lib'; + +const app = new core.App(); +const stack = new core.Stack(app, 'FlinkAppTest'); +const vpc = new ec2.Vpc(stack, 'VPC'); + +new flink.Application(stack, 'App', { + code: flink.ApplicationCode.fromAsset(path.join(__dirname, 'code-asset')), + runtime: flink.Runtime.FLINK_1_15, + vpc, +}); + +new integ.IntegTest(app, 'VpcTest', { + testCases: [stack], +});