wip

Author: gasolima

packages/@aws-cdk/aws-elasticache-alpha/lib/no-password-user.ts

@@ -35,8 +35,8 @@ export class NoPasswordUser extends UserBase {
   /**
    * Return whether the given object is a `NoPasswordUser`.
    */
-  public static isNoPasswordUser(x: any) : x is NoPasswordUser {
-    return x !== null && typeof(x) === 'object' && ELASTICACHE_NOPASSWORDUSER_SYMBOL in x;
+  public static isNoPasswordUser(x: any): x is NoPasswordUser {
+    return x !== null && typeof (x) === 'object' && ELASTICACHE_NOPASSWORDUSER_SYMBOL in x;
   }
 
   /**
@@ -81,12 +81,12 @@ export class NoPasswordUser extends UserBase {
     // Enhanced CDK Analytics Telemetry
     addConstructMetadata(this, props);
 
-    this.engine = props.engine ?? UserEngine.VALKEY;
+    this.engine = props.engine ?? UserEngine.REDIS;
     this.userId = props.userId;
     this.userName = props.userName ?? props.userId;
     this.accessString = props.accessControl.accessString;
 
-    if (this.engine === UserEngine.VALKEY ) {
+    if (this.engine === UserEngine.VALKEY) {
       throw new ValidationError('Valkey engine does not support no-password authentication.', this);
     }
 

packages/@aws-cdk/aws-elasticache-alpha/lib/serverless-cache-base.ts

@@ -11,24 +11,29 @@ import { IResource, Resource, Duration } from 'aws-cdk-lib/core';
 export enum CacheEngine {
   /**
    * Valkey engine, latest version available
+   * For more information about the features related to this version check: https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html
    */
-  VALKEY_DEFAULT = 'valkey',
+  VALKEY_LATEST = 'valkey',
   /**
    * Valkey engine, version 7
+   * For more information about the features related to this version check: https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html
    */
   VALKEY_7 = 'valkey_7',
   /**
    * Valkey engine, version 8
+   * For more information about the features related to this version check: https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html
    */
   VALKEY_8 = 'valkey_8',
   /**
    * Redis engine, latest version available
+   * For more information about the features related to this version check: https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html
    */
-  REDIS_DEFAULT = 'redis',
+  REDIS_LATEST = 'redis',
   /**
    * Memcached engine, latest version available
+   * For more information about the features related to this version check: https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html
    */
-  MEMCACHED_DEFAULT = 'memcached',
+  MEMCACHED_LATEST = 'memcached',
 }
 
 /**
@@ -108,7 +113,7 @@ export interface IServerlessCache extends IResource, ec2.IConnectable {
   /**
    * Metric for ECPUs consumed
    */
-  metricECPUsConsumed(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
+  metricProcessingUnitsConsumed(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
   /**
    * Metric for network bytes in
    */
@@ -196,10 +201,10 @@ export abstract class ServerlessCacheBase extends Resource implements IServerles
    * Metric for cache hit count
    *
    * @param props Additional properties which will be merged with the default metric
-   * @default Average over 5 minutes
+   * @default Sum over 5 minutes
    */
   public metricCacheHitCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric {
-    return this.metric('CacheHits', props);
+    return this.metric('CacheHits', { statistic: 'Sum', ...props });
   }
   /**
    * Metric for cache miss count
@@ -234,7 +239,7 @@ export abstract class ServerlessCacheBase extends Resource implements IServerles
    * @param props Additional properties which will be merged with the default metric
    * @default Average over 5 minutes
    */
-  public metricECPUsConsumed(props?: cloudwatch.MetricOptions): cloudwatch.Metric {
+  public metricProcessingUnitsConsumed(props?: cloudwatch.MetricOptions): cloudwatch.Metric {
     return this.metric('ElastiCacheProcessingUnits', props);
   }
   /**

packages/@aws-cdk/aws-elasticache-alpha/lib/serverless-cache.ts

@@ -6,7 +6,7 @@ import { IUserGroup } from './user-group';
 import * as ec2 from 'aws-cdk-lib/aws-ec2';
 import * as events from 'aws-cdk-lib/aws-events';
 import * as kms from 'aws-cdk-lib/aws-kms';
-import { ArnFormat, Stack, Size, Lazy, ValidationError } from 'aws-cdk-lib/core';
+import { ArnFormat, Stack, Size, Lazy, ValidationError, Names, Token } from 'aws-cdk-lib/core';
 import { addConstructMetadata } from 'aws-cdk-lib/core/lib/metadata-resource';
 import { propertyInjectable } from 'aws-cdk-lib/core/lib/prop-injectable';
 
@@ -244,8 +244,8 @@ export class ServerlessCache extends ServerlessCacheBase {
   /**
    * Return whether the given object is a `ServerlessCache`
    */
-  public static isServerlessCache(x: any) : x is ServerlessCache {
-    return x !== null && typeof(x) === 'object' && ELASTICACHE_SERVERLESSCACHE_SYMBOL in x;
+  public static isServerlessCache(x: any): x is ServerlessCache {
+    return x !== null && typeof (x) === 'object' && ELASTICACHE_SERVERLESSCACHE_SYMBOL in x;
   }
 
   /**
@@ -325,13 +325,13 @@ export class ServerlessCache extends ServerlessCacheBase {
         if (this.engine) {
           let defaultPort: ec2.Port;
           switch (this.engine) {
-            case CacheEngine.VALKEY_DEFAULT:
+            case CacheEngine.VALKEY_LATEST:
             case CacheEngine.VALKEY_7:
             case CacheEngine.VALKEY_8:
-            case CacheEngine.REDIS_DEFAULT:
+            case CacheEngine.REDIS_LATEST:
               defaultPort = ec2.Port.tcp(6379);
               break;
-            case CacheEngine.MEMCACHED_DEFAULT:
+            case CacheEngine.MEMCACHED_LATEST:
               defaultPort = ec2.Port.tcp(11211);
               break;
             default:
@@ -407,13 +407,13 @@ export class ServerlessCache extends ServerlessCacheBase {
 
   constructor(scope: Construct, id: string, props: ServerlessCacheProps) {
     super(scope, id, {
-      physicalName: props.serverlessCacheName,
+      physicalName: props.serverlessCacheName ?? Lazy.string({ produce: () => Names.uniqueId(this) }),
     });
 
     // Enhanced CDK Analytics Telemetry
     addConstructMetadata(this, props);
 
-    this.engine = props.engine ?? CacheEngine.VALKEY_DEFAULT;
+    this.engine = props.engine ?? CacheEngine.VALKEY_LATEST;
     this.serverlessCacheName = this.physicalName;
     this.kmsKey = props.kmsKey;
     this.vpc = props.vpc;
@@ -433,7 +433,7 @@ export class ServerlessCache extends ServerlessCacheBase {
     const securityGroupIds = securityGroupConfig.securityGroupIds;
     this.securityGroups = securityGroupConfig.securityGroups;
 
-    const { engine, version } = this.parseEngine(this.engine);
+    const [engine, version] = this.engine.split('_');
 
     const resource = new CfnServerlessCache(this, 'Resource', {
       engine: engine,
@@ -498,17 +498,17 @@ export class ServerlessCache extends ServerlessCacheBase {
     if (!limits) return;
 
     if (limits.dataStorageMinimumSize && !limits.dataStorageMinimumSize.isUnresolved() &&
-        (limits.dataStorageMinimumSize.toGibibytes() < DATA_STORAGE_MIN_GB || limits.dataStorageMinimumSize.toGibibytes() > DATA_STORAGE_MAX_GB)) {
+      (limits.dataStorageMinimumSize.toGibibytes() < DATA_STORAGE_MIN_GB || limits.dataStorageMinimumSize.toGibibytes() > DATA_STORAGE_MAX_GB)) {
       throw new ValidationError('Data storage minimum must be between 1 and 5000 GB.', this);
     }
     if (limits.dataStorageMaximumSize && !limits.dataStorageMaximumSize.isUnresolved() &&
-        (limits.dataStorageMaximumSize.toGibibytes() < DATA_STORAGE_MIN_GB || limits.dataStorageMaximumSize.toGibibytes() > DATA_STORAGE_MAX_GB)) {
+      (limits.dataStorageMaximumSize.toGibibytes() < DATA_STORAGE_MIN_GB || limits.dataStorageMaximumSize.toGibibytes() > DATA_STORAGE_MAX_GB)) {
       throw new ValidationError('Data storage maximum must be between 1 and 5000 GB.', this);
     }
 
     if (limits.dataStorageMinimumSize && limits.dataStorageMaximumSize &&
-        !limits.dataStorageMinimumSize.isUnresolved() && !limits.dataStorageMaximumSize.isUnresolved() &&
-        limits.dataStorageMinimumSize.toGibibytes() > limits.dataStorageMaximumSize.toGibibytes()) {
+      !limits.dataStorageMinimumSize.isUnresolved() && !limits.dataStorageMaximumSize.isUnresolved() &&
+      limits.dataStorageMinimumSize.toGibibytes() > limits.dataStorageMaximumSize.toGibibytes()) {
       throw new ValidationError('Data storage minimum cannot be greater than maximum', this);
     }
   }
@@ -522,16 +522,16 @@ export class ServerlessCache extends ServerlessCacheBase {
     if (!limits) return;
 
     if (limits.requestRateLimitMinimum !== undefined &&
-        (limits.requestRateLimitMinimum < REQUEST_RATE_MIN_ECPU || limits.requestRateLimitMinimum > REQUEST_RATE_MAX_ECPU)) {
+      (limits.requestRateLimitMinimum < REQUEST_RATE_MIN_ECPU || limits.requestRateLimitMinimum > REQUEST_RATE_MAX_ECPU)) {
       throw new ValidationError('Request rate minimum must be between 1,000 and 15,000,000 ECPUs per second', this);
     }
     if (limits.requestRateLimitMaximum !== undefined &&
-        (limits.requestRateLimitMaximum < REQUEST_RATE_MIN_ECPU || limits.requestRateLimitMaximum > REQUEST_RATE_MAX_ECPU)) {
+      (limits.requestRateLimitMaximum < REQUEST_RATE_MIN_ECPU || limits.requestRateLimitMaximum > REQUEST_RATE_MAX_ECPU)) {
       throw new ValidationError('Request rate maximum must be between 1,000 and 15,000,000 ECPUs per second', this);
     }
 
     if (limits.requestRateLimitMinimum !== undefined && limits.requestRateLimitMaximum !== undefined &&
-        limits.requestRateLimitMinimum > limits.requestRateLimitMaximum) {
+      limits.requestRateLimitMinimum > limits.requestRateLimitMaximum) {
       throw new ValidationError('Request rate minimum cannot be greater than maximum', this);
     }
   }
@@ -542,14 +542,14 @@ export class ServerlessCache extends ServerlessCacheBase {
    * @param backup The backup settings to validate
    */
   private validateBackupSettings(backup?: BackupSettings): void {
-    if (backup?.backupRetentionLimit !== undefined) {
+    if (!Token.isUnresolved(backup?.backupRetentionLimit) && backup?.backupRetentionLimit !== undefined) {
       const limit = backup.backupRetentionLimit;
       if (limit < 1 || limit > 35) {
         throw new ValidationError('Backup retention limit must be between 1 and 35 days', this);
       }
     }
 
-    if (backup?.backupNameBeforeDeletion !== undefined) {
+    if (!Token.isUnresolved(backup?.backupNameBeforeDeletion) && backup?.backupNameBeforeDeletion !== undefined) {
       const name = backup.backupNameBeforeDeletion;
 
       if (!/^[a-zA-Z]/.test(name)) {
@@ -579,11 +579,11 @@ export class ServerlessCache extends ServerlessCacheBase {
   private validateUserGroupCompatibility(engine: CacheEngine, userGroup?: IUserGroup): void {
     if (!userGroup) return;
 
-    if (engine === CacheEngine.MEMCACHED_DEFAULT) {
+    if (engine === CacheEngine.MEMCACHED_LATEST) {
       throw new ValidationError('User groups cannot be used with Memcached engines. Only Redis and Valkey engines support user groups.', this);
     }
 
-    if (engine === CacheEngine.REDIS_DEFAULT && userGroup.engine !== UserEngine.REDIS) {
+    if (engine === CacheEngine.REDIS_LATEST && userGroup.engine !== UserEngine.REDIS) {
       throw new ValidationError('Redis cache can only use Redis user groups.', this);
     }
   }
@@ -682,18 +682,4 @@ export class ServerlessCache extends ServerlessCacheBase {
     }
     throw new ValidationError('Invalid schedule format for backup time', this);
   }
-
-  /**
-   * Parse engine string to extract engine name and version
-   *
-   * @param eng The cache engine enum value
-   * @returns Object with engine name and optional version
-   */
-  private parseEngine(eng: CacheEngine): {engine: string; version?: string} {
-    const parts = eng.split('_');
-    const engine = parts[0];
-    const version = parts.length > 1 ? parts[1] : undefined;
-
-    return { engine, version };
-  }
 }

packages/@aws-cdk/aws-elasticache-alpha/lib/user-group.ts

@@ -2,7 +2,7 @@ import { Construct } from 'constructs';
 import { UserEngine } from './common';
 import { CfnUser, CfnUserGroup } from 'aws-cdk-lib/aws-elasticache';
 import { IUserBase } from './user-base';
-import { IResource, Resource, ArnFormat, Stack, Lazy, ValidationError, UnscopedValidationError } from 'aws-cdk-lib/core';
+import { IResource, Resource, ArnFormat, Stack, Lazy, ValidationError, UnscopedValidationError, Names } from 'aws-cdk-lib/core';
 import { addConstructMetadata } from 'aws-cdk-lib/core/lib/metadata-resource';
 import { propertyInjectable } from 'aws-cdk-lib/core/lib/prop-injectable';
 
@@ -146,8 +146,8 @@ export class UserGroup extends UserGroupBase {
   /**
    * Return whether the given object is a `UserGroup`
    */
-  public static isUserGroup(x: any) : x is UserGroup {
-    return x !== null && typeof(x) === 'object' && ELASTICACHE_USERGROUP_SYMBOL in x;
+  public static isUserGroup(x: any): x is UserGroup {
+    return x !== null && typeof (x) === 'object' && ELASTICACHE_USERGROUP_SYMBOL in x;
   }
 
   /**
@@ -247,7 +247,7 @@ export class UserGroup extends UserGroupBase {
 
   constructor(scope: Construct, id: string, props: UserGroupProps = {}) {
     super(scope, id, {
-      physicalName: props.userGroupName,
+      physicalName: props.userGroupName ?? Lazy.string({ produce: () => Names.uniqueId(this).toLocaleLowerCase() }),
     });
 
     // Enhanced CDK Analytics Telemetry
@@ -260,14 +260,6 @@ export class UserGroup extends UserGroupBase {
       this._users.push(...props.users);
     }
 
-    if (this.engine === UserEngine.REDIS) {
-      this._users.forEach(user => {
-        if (user.engine !== UserEngine.REDIS) {
-          throw new ValidationError('Redis user group can only contain Redis users.', this);
-        }
-      });
-    }
-
     this.resource = new CfnUserGroup(this, 'Resource', {
       engine: this.engine,
       userGroupId: this.physicalName,
@@ -293,10 +285,7 @@ export class UserGroup extends UserGroupBase {
    * Add a CloudFormation dependency on the user resource to ensure proper creation order.
    */
   private addUserDependency(user: IUserBase): void {
-    const userResource = user.node.tryFindChild('Resource') as CfnUser;
-    if (userResource) {
-      this.resource.addDependency(userResource);
-    }
+    this.resource.node.addDependency(user);
   }
 
   /**
@@ -320,6 +309,11 @@ export class UserGroup extends UserGroupBase {
     }
 
     if (this.engine === UserEngine.REDIS) {
+      this._users.forEach(user => {
+        if (user.engine !== UserEngine.REDIS) {
+          throw new ValidationError('Redis user group can only contain Redis users.', this);
+        }
+      });
       const hasDefaultUser = this._users.some(user => user.userName === 'default');
       if (!hasDefaultUser) {
         throw new ValidationError('Redis user groups need to contain a user with the user name "default".', this);
@@ -336,9 +330,6 @@ export class UserGroup extends UserGroupBase {
     if (this._users.find(u => u.userId === user.userId)) {
       return;
     }
-    if (this.engine === UserEngine.REDIS && user.engine !== UserEngine.REDIS) {
-      throw new ValidationError('Redis user group can only contain Redis users.', this);
-    }
     this._users.push(user);
     this.addUserDependency(user);
   }

packages/@aws-cdk/aws-elasticache-alpha/test/iam-user.test.ts

@@ -1,6 +1,6 @@
 import { Template, Match } from 'aws-cdk-lib/assertions';
 import { Stack } from 'aws-cdk-lib';
-import * as iam from 'aws-cdk-lib/aws-iam';
+import { Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam';
 import { IamUser, AccessControl, UserEngine } from '../lib';
 
 describe('IamUser', () => {
@@ -170,16 +170,16 @@ describe('IamUser', () => {
   describe('IAM permissions', () => {
     let stack: Stack;
     let user: IamUser;
-    let role: iam.Role;
+    let role: Role;
 
     beforeEach(() => {
       stack = new Stack();
       user = new IamUser(stack, 'TestUser', {
         userId: 'test-user',
         accessControl: AccessControl.fromAccessString('on ~* +@all'),
       });
-      role = new iam.Role(stack, 'TestRole', {
-        assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),
+      role = new Role(stack, 'TestRole', {
+        assumedBy: new ServicePrincipal('ec2.amazonaws.com'),
       });
     });
 

packages/@aws-cdk/aws-elasticache-alpha/test/no-password-user.test.ts

@@ -9,23 +9,12 @@ describe('NoPasswordUser', () => {
       stack = new Stack();
     });
 
-    test.each([
-      {
-        testDescription: 'when using Valkey engine throws validation error',
-        engine: UserEngine.VALKEY,
-        errorMessage: 'Valkey engine does not support no-password authentication.',
-      },
-      {
-        testDescription: 'when engine defaults to Valkey throws validation error',
-        engine: undefined,
-        errorMessage: 'Valkey engine does not support no-password authentication.',
-      },
-    ])('$testDescription', ({ engine, errorMessage }) => {
+    test('when using Valkey engine throws validation error', () => {
       expect(() => new NoPasswordUser(stack, 'TestUser', {
         userId: 'test-user',
-        engine,
+        engine: UserEngine.VALKEY,
         accessControl: AccessControl.fromAccessString('on ~* +@all'),
-      })).toThrow(errorMessage);
+      })).toThrow('Valkey engine does not support no-password authentication.');
     });
 
     test.each([