diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.assets.json index 2ecc1dbe4c465..04b7be0961941 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.assets.json @@ -1,15 +1,16 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { - "88280b03c5b1be25a757aec1dc08c8df2c722de34a69963dfde75905ceaae61e": { + "6ebf91e65fc00e28320feeed599537ee23102f8329f67fc837211d771738390f": { + "displayName": "aws-cdk-rds-integ-with-feature-flag Template", "source": { "path": "aws-cdk-rds-integ-with-feature-flag.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-0167c2e4": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "88280b03c5b1be25a757aec1dc08c8df2c722de34a69963dfde75905ceaae61e.json", + "objectKey": "6ebf91e65fc00e28320feeed599537ee23102f8329f67fc837211d771738390f.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.template.json index 6aa2bda2f1bef..59d1e79641b13 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ-with-feature-flag.template.json @@ -503,6 +503,7 @@ "DBSubnetGroupName": { "Ref": "DatabaseSubnets56F17B9A" }, + "DeleteAutomatedBackups": false, "Engine": "aurora-mysql", "EngineVersion": "8.0.mysql_aurora.3.07.1", "KmsKeyId": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.assets.json index e4813a656fbd4..7fd08c6c424df 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.assets.json @@ -1,15 +1,16 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { - "c5c41991477732fc96052ff5ee9b37386fd014657c4e5c15836e6075551961b5": { + "4f0094c1c92187789079c6a4dc0359e266a9713b13e88b8936fa9637ef26b3e7": { + "displayName": "aws-cdk-rds-integ Template", "source": { "path": "aws-cdk-rds-integ.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-48d241e9": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "c5c41991477732fc96052ff5ee9b37386fd014657c4e5c15836e6075551961b5.json", + "objectKey": "4f0094c1c92187789079c6a4dc0359e266a9713b13e88b8936fa9637ef26b3e7.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.template.json index 8e864fd4fc053..c93ed44ece8bd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/aws-cdk-rds-integ.template.json @@ -503,6 +503,7 @@ "DBSubnetGroupName": { "Ref": "DatabaseSubnets56F17B9A" }, + "DeleteAutomatedBackups": false, "Engine": "aurora-mysql", "EngineVersion": "8.0.mysql_aurora.3.07.1", "KmsKeyId": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/cdk.out index c6e612584e352..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"38.0.1"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/integ.json index a4563c58af824..10d0ca6d586a4 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "testCases": { "test-rds-cluster-with-feature-flag/DefaultTest": { "stacks": [ @@ -8,5 +8,6 @@ "assertionStack": "test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert", "assertionStackName": "testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B" } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/manifest.json index 7a2508d7dbe9f..fd012997af498 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "artifacts": { "aws-cdk-rds-integ-with-feature-flag.assets": { "type": "cdk:asset-manifest", @@ -16,10 +16,9 @@ "templateFile": "aws-cdk-rds-integ-with-feature-flag.template.json", "terminationProtection": false, "validateOnSynth": false, - "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/88280b03c5b1be25a757aec1dc08c8df2c722de34a69963dfde75905ceaae61e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6ebf91e65fc00e28320feeed599537ee23102f8329f67fc837211d771738390f.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -35,12 +34,36 @@ "aws-cdk-rds-integ-with-feature-flag.assets" ], "metadata": { + "/aws-cdk-rds-integ-with-feature-flag/VPC": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/VPC/Resource": [ { "type": "aws:cdk:logicalId", "data": "VPCB9E5F0B4" } ], + "/aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -77,6 +100,24 @@ "data": "VPCPublicSubnet1NATGatewayE0556630" } ], + "/aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -113,6 +154,20 @@ "data": "VPCPublicSubnet2NATGateway3C070193" } ], + "/aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -137,6 +192,20 @@ "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" } ], + "/aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -173,24 +242,62 @@ "data": "VPCVPCGW99B986DC" } ], + "/aws-cdk-rds-integ-with-feature-flag/Params": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Params/Resource": [ { "type": "aws:cdk:logicalId", "data": "ParamsA8366201" } ], + "/aws-cdk-rds-integ-with-feature-flag/DbSecurity": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/DbSecurity/Resource": [ { "type": "aws:cdk:logicalId", "data": "DbSecurity381C2C15" } ], + "/aws-cdk-rds-integ-with-feature-flag/Database": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Subnets": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Database/Subnets/Default": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSubnets56F17B9A" } ], + "/aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -209,12 +316,34 @@ "data": "DatabaseB269D8BB" } ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Instance1Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Database/Instance1": [ { "type": "aws:cdk:logicalId", "data": "DatabaseInstance1844F58FD" } ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -227,6 +356,22 @@ "data": "DatabaseInstance2AA380DEE" } ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -239,12 +384,58 @@ "data": "DatabaseInstance32FCBA185" } ], + "/aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/ImportClusterIamAccess": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/Resource": [ { "type": "aws:cdk:logicalId", "data": "ClusterIamAccess93AC3DF3" } ], + "/aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", @@ -281,7 +472,6 @@ "templateFile": "testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.template.json", "terminationProtection": false, "validateOnSynth": false, - "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", @@ -320,6 +510,485 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterDefaultTestDeployAssert23E53F17.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterDefaultTestDeployAssert23E53F17.assets.json index 4418321ac7c58..9cfc5d2aec649 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterDefaultTestDeployAssert23E53F17.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterDefaultTestDeployAssert23E53F17.assets.json @@ -1,13 +1,14 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "testrdsclusterDefaultTestDeployAssert23E53F17 Template", "source": { "path": "testrdsclusterDefaultTestDeployAssert23E53F17.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.assets.json index 0509595126662..21233608c3612 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.assets.json @@ -1,13 +1,14 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B Template", "source": { "path": "testrdsclusterwithfeatureflagDefaultTestDeployAssert8E2E540B.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/tree.json index fabfe7323f23b..d4e895d16c613 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.js.snapshot/tree.json @@ -1,1236 +1 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "aws-cdk-rds-integ-with-feature-flag": { - "id": "aws-cdk-rds-integ-with-feature-flag", - "path": "aws-cdk-rds-integ-with-feature-flag", - "children": { - "VPC": { - "id": "VPC", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet1EIP6AD938E8", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet1NATGatewayE0556630" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "IGW": { - "id": "IGW", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-integ-with-feature-flag/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "aws-cdk-rds-integ-with-feature-flag/VPC/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Params": { - "id": "Params", - "path": "aws-cdk-rds-integ-with-feature-flag/Params", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/Params/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBClusterParameterGroup", - "aws:cdk:cloudformation:props": { - "description": "A nice parameter group", - "family": "aurora-mysql8.0", - "parameters": { - "character_set_database": "utf8mb4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DbSecurity": { - "id": "DbSecurity", - "path": "aws-cdk-rds-integ-with-feature-flag/DbSecurity", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/DbSecurity/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::KMS::Key", - "aws:cdk:cloudformation:props": { - "keyPolicy": { - "Statement": [ - { - "Action": "kms:*", - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": "*" - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Database": { - "id": "Database", - "path": "aws-cdk-rds-integ-with-feature-flag/Database", - "children": { - "Subnets": { - "id": "Subnets", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Subnets", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Subnets/Default", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", - "aws:cdk:cloudformation:props": { - "dbSubnetGroupDescription": "Subnets for Database database", - "subnetIds": [ - { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "RDS security group", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "from 0.0.0.0_0:{IndirectPort}": { - "id": "from 0.0.0.0_0:{IndirectPort}", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup/from 0.0.0.0_0:{IndirectPort}", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "cidrIp": "0.0.0.0/0", - "description": "Open to the world", - "fromPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Endpoint.Port" - ] - }, - "groupId": { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "toPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Endpoint.Port" - ] - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", - "aws:cdk:cloudformation:props": { - "autoMinorVersionUpgrade": false, - "copyTagsToSnapshot": true, - "dbClusterParameterGroupName": { - "Ref": "ParamsA8366201" - }, - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql", - "engineVersion": "8.0.mysql_aurora.3.07.1", - "kmsKeyId": { - "Fn::GetAtt": [ - "DbSecurity381C2C15", - "Arn" - ] - }, - "masterUsername": "admin", - "masterUserPassword": "7959866cacc02c2d243ecfe177464fe6", - "storageEncrypted": true, - "vpcSecurityGroupIds": [ - { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance1Wrapper": { - "id": "Instance1Wrapper", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance1Wrapper", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance1": { - "id": "Instance1", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance1", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.t3.medium", - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql", - "preferredMaintenanceWindow": "Sat:22:15-Sat:22:45", - "publiclyAccessible": true - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance2Wrapper": { - "id": "Instance2Wrapper", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper", - "children": { - "InstanceParameterGroup": { - "id": "InstanceParameterGroup", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBParameterGroup", - "aws:cdk:cloudformation:props": { - "description": "Parameter group for aurora-mysql8.0", - "family": "aurora-mysql8.0", - "parameters": {} - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance2": { - "id": "Instance2", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.t3.medium", - "dbParameterGroupName": { - "Ref": "DatabaseInstance2WrapperInstanceParameterGroup61FBD67B" - }, - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql", - "preferredMaintenanceWindow": "Sat:22:15-Sat:22:45", - "publiclyAccessible": true - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance3Wrapper": { - "id": "Instance3Wrapper", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper", - "children": { - "InstanceParameterGroup": { - "id": "InstanceParameterGroup", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBParameterGroup", - "aws:cdk:cloudformation:props": { - "description": "Parameter group for aurora-mysql8.0", - "family": "aurora-mysql8.0", - "parameters": {} - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Instance3": { - "id": "Instance3", - "path": "aws-cdk-rds-integ-with-feature-flag/Database/Instance3", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.t3.medium", - "dbParameterGroupName": { - "Ref": "DatabaseInstance3WrapperInstanceParameterGroup00CB9DB5" - }, - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql", - "preferredMaintenanceWindow": "Sat:22:15-Sat:22:45", - "publiclyAccessible": true - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "ClusterIamAccess": { - "id": "ClusterIamAccess", - "path": "aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess", - "children": { - "ImportClusterIamAccess": { - "id": "ImportClusterIamAccess", - "path": "aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/ImportClusterIamAccess", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ecs-tasks.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": "rds-db:connect", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":rds-db:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":dbuser:", - { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "DBClusterResourceId" - ] - }, - "/db_user" - ] - ] - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "ClusterIamAccessDefaultPolicyA088E4DA", - "roles": [ - { - "Ref": "ClusterIamAccess93AC3DF3" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "aws-cdk-rds-integ-with-feature-flag/BootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "aws-cdk-rds-integ-with-feature-flag/CheckBootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "test-rds-cluster-with-feature-flag": { - "id": "test-rds-cluster-with-feature-flag", - "path": "test-rds-cluster-with-feature-flag", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "test-rds-cluster-with-feature-flag/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "test-rds-cluster-with-feature-flag/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert", - "children": { - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert/BootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert/CheckBootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } -} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"aws-cdk-rds-integ-with-feature-flag":{"id":"aws-cdk-rds-integ-with-feature-flag","path":"aws-cdk-rds-integ-with-feature-flag","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"VPC":{"id":"VPC","path":"aws-cdk-rds-integ-with-feature-flag/VPC","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/VPC/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*","*"]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/Subnet","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/Acl","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/RouteTable","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/EIP","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1/NATGateway","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet1EIP6AD938E8","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"},"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*","*"]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/Subnet","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/Acl","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/RouteTable","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/EIP","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2/NATGateway","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet2EIP4947BC00","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"},"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*"]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/Subnet","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/Acl","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"},"subnetId":{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet1NATGatewayE0556630"},"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*"]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/Subnet","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/Acl","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"},"subnetId":{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-integ-with-feature-flag/VPC/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet2NATGateway3C070193"},"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-rds-integ-with-feature-flag/VPC/IGW","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-integ-with-feature-flag/VPC"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-rds-integ-with-feature-flag/VPC/VPCGW","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VPCIGWB7E252D3"},"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Params":{"id":"Params","path":"aws-cdk-rds-integ-with-feature-flag/Params","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/Params/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBClusterParameterGroup","aws:cdk:cloudformation:props":{"description":"A nice parameter group","family":"aurora-mysql8.0","parameters":{"character_set_database":"utf8mb4"}}}}}},"DbSecurity":{"id":"DbSecurity","path":"aws-cdk-rds-integ-with-feature-flag/DbSecurity","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/DbSecurity/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::KMS::Key","aws:cdk:cloudformation:props":{"keyPolicy":{"Statement":[{"Action":"kms:*","Effect":"Allow","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"}}}}}},"Database":{"id":"Database","path":"aws-cdk-rds-integ-with-feature-flag/Database","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Subnets":{"id":"Subnets","path":"aws-cdk-rds-integ-with-feature-flag/Database/Subnets","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-rds-integ-with-feature-flag/Database/Subnets/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnets for Database database","subnetIds":[{"Ref":"VPCPublicSubnet1SubnetB4246D30"},{"Ref":"VPCPublicSubnet2Subnet74179F39"}]}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"RDS security group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from 0.0.0.0_0:{IndirectPort}":{"id":"from 0.0.0.0_0:{IndirectPort}","path":"aws-cdk-rds-integ-with-feature-flag/Database/SecurityGroup/from 0.0.0.0_0:{IndirectPort}","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"cidrIp":"0.0.0.0/0","description":"Open to the world","fromPort":{"Fn::GetAtt":["DatabaseB269D8BB","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]},"ipProtocol":"tcp","toPort":{"Fn::GetAtt":["DatabaseB269D8BB","Endpoint.Port"]}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/Database/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBCluster","aws:cdk:cloudformation:props":{"autoMinorVersionUpgrade":false,"copyTagsToSnapshot":true,"dbClusterParameterGroupName":{"Ref":"ParamsA8366201"},"dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"deleteAutomatedBackups":false,"engine":"aurora-mysql","engineVersion":"8.0.mysql_aurora.3.07.1","kmsKeyId":{"Fn::GetAtt":["DbSecurity381C2C15","Arn"]},"masterUsername":"admin","masterUserPassword":"7959866cacc02c2d243ecfe177464fe6","storageEncrypted":true,"vpcSecurityGroupIds":[{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]}]}}},"Instance1Wrapper":{"id":"Instance1Wrapper","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance1Wrapper","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]}},"Instance1":{"id":"Instance1","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.t3.medium","dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql","preferredMaintenanceWindow":"Sat:22:15-Sat:22:45","publiclyAccessible":true}}},"Instance2Wrapper":{"id":"Instance2Wrapper","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"InstanceParameterGroup":{"id":"InstanceParameterGroup","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance2Wrapper/InstanceParameterGroup/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBParameterGroup","aws:cdk:cloudformation:props":{"description":"Parameter group for aurora-mysql8.0","family":"aurora-mysql8.0","parameters":{}}}}}}}},"Instance2":{"id":"Instance2","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.t3.medium","dbParameterGroupName":{"Ref":"DatabaseInstance2WrapperInstanceParameterGroup61FBD67B"},"dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql","preferredMaintenanceWindow":"Sat:22:15-Sat:22:45","publiclyAccessible":true}}},"Instance3Wrapper":{"id":"Instance3Wrapper","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"InstanceParameterGroup":{"id":"InstanceParameterGroup","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance3Wrapper/InstanceParameterGroup/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBParameterGroup","aws:cdk:cloudformation:props":{"description":"Parameter group for aurora-mysql8.0","family":"aurora-mysql8.0","parameters":{}}}}}}}},"Instance3":{"id":"Instance3","path":"aws-cdk-rds-integ-with-feature-flag/Database/Instance3","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.t3.medium","dbParameterGroupName":{"Ref":"DatabaseInstance3WrapperInstanceParameterGroup00CB9DB5"},"dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql","preferredMaintenanceWindow":"Sat:22:15-Sat:22:45","publiclyAccessible":true}}}}},"ClusterIamAccess":{"id":"ClusterIamAccess","path":"aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*","*","*"]},"children":{"ImportClusterIamAccess":{"id":"ImportClusterIamAccess","path":"aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/ImportClusterIamAccess","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*","*","*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-integ-with-feature-flag/ClusterIamAccess/DefaultPolicy/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"rds-db:connect","Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":rds-db:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":dbuser:",{"Fn::GetAtt":["DatabaseB269D8BB","DBClusterResourceId"]},"/db_user"]]}}],"Version":"2012-10-17"},"policyName":"ClusterIamAccessDefaultPolicyA088E4DA","roles":[{"Ref":"ClusterIamAccess93AC3DF3"}]}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-rds-integ-with-feature-flag/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-rds-integ-with-feature-flag/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"test-rds-cluster-with-feature-flag":{"id":"test-rds-cluster-with-feature-flag","path":"test-rds-cluster-with-feature-flag","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"test-rds-cluster-with-feature-flag/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"test-rds-cluster-with-feature-flag/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"test-rds-cluster-with-feature-flag/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.ts index 66caa47941fa0..5d200984d055b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster.ts @@ -63,6 +63,7 @@ class TestStack extends cdk.Stack { parameterGroup: params, storageEncryptionKey: kmsKey, autoMinorVersionUpgrade: false, + deleteAutomatedBackups: false, }); cluster.connections.allowDefaultPortFromAnyIpv4('Open to the world'); @@ -100,4 +101,3 @@ const stackWithFeatureFlag = new TestStack(appWithFeatureFlag, 'aws-cdk-rds-inte new IntegTest(appWithFeatureFlag, 'test-rds-cluster-with-feature-flag', { testCases: [stackWithFeatureFlag], }); -appWithFeatureFlag.synth(); diff --git a/packages/aws-cdk-lib/aws-rds/README.md b/packages/aws-cdk-lib/aws-rds/README.md index 43e4962f8becc..899053e13aa15 100644 --- a/packages/aws-cdk-lib/aws-rds/README.md +++ b/packages/aws-cdk-lib/aws-rds/README.md @@ -418,6 +418,24 @@ To apply changes of the cluster, such as engine version, in the next scheduled m For details, see [Modifying an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Modifying.html). +### Retaining Automated Backups + +By default, when a database cluster is deleted, automated backups are removed immediately unless an AWS Backup policy specifies a point-in-time restore rule. You can control this behavior using the `deleteAutomatedBackups` property: + +```ts +declare const vpc: ec2.IVpc; +// Retain automated backups after cluster deletion +new rds.DatabaseCluster(this, 'Database', { + engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_3_01_0 }), + writer: rds.ClusterInstance.provisioned('writer'), + vpc, + deleteAutomatedBackups: false, +}); +``` + +When set to `false`, automated backups are retained according to the configured retention period after the cluster is deleted. When set to `true` or not specified (default), automated backups are deleted immediately when the cluster is deleted. +Detail about this feature can be found in the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.Retaining.html). + ### Migrating from instanceProps Creating instances in a `DatabaseCluster` using `instanceProps` & `instances` is diff --git a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts index d95c689613225..cd5189b25452f 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts @@ -500,6 +500,13 @@ interface DatabaseClusterBaseProps { * @default undefined - AWS RDS default setting is `EngineLifecycleSupport.OPEN_SOURCE_RDS_EXTENDED_SUPPORT` */ readonly engineLifecycleSupport?: EngineLifecycleSupport; + + /** + * Specifies whether to remove automated backups immediately after the DB cluster is deleted. + * + * @default undefined - AWS RDS default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule. + */ + readonly deleteAutomatedBackups?: boolean; } /** @@ -968,6 +975,7 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { monitoringInterval: props.enableClusterLevelEnhancedMonitoring ? props.monitoringInterval?.toSeconds() : undefined, monitoringRoleArn: props.enableClusterLevelEnhancedMonitoring ? this.monitoringRole?.roleArn : undefined, engineLifecycleSupport: props.engineLifecycleSupport, + deleteAutomatedBackups: props.deleteAutomatedBackups, }; } diff --git a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts index da82e0ceae05c..aa935d0db1d59 100644 --- a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts @@ -712,6 +712,27 @@ describe('cluster new api', () => { PreferredMaintenanceWindow: PREFERRED_MAINTENANCE_WINDOW, })); }); + + test.each([true, false])('deleteAutomatedBackups set to %s', (deleteAutomatedBackups) => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'Vpc'); + + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA_MYSQL, + instanceProps: { + vpc, + }, + deleteAutomatedBackups, + }); + + // THEN + const template = Template.fromStack(stack); + template.hasResourceProperties('AWS::RDS::DBCluster', Match.objectLike({ + DeleteAutomatedBackups: deleteAutomatedBackups, + })); + }); }); describe('migrate from instanceProps', () => {