From 6962fde011efa46509855beaaa6dea63ad02b703 Mon Sep 17 00:00:00 2001 From: biffgaut Date: Thu, 14 Sep 2023 10:56:45 -0400 Subject: [PATCH 1/3] extract s3 and sqs prop checking --- .../aws-apigateway-sqs/lib/index.ts | 1 + .../test/apigateway-sqs.test.ts | 19 +- .../aws-cloudfront-s3/lib/index.ts | 1 + .../test/test.cloudfront-s3.test.ts | 7 +- .../eventbridge-kinesisfirehose-s3.test.ts | 20 +++ .../aws-eventbridge-sns/lib/index.ts | 1 + .../test/eventbridge-sns-topic.test.ts | 20 +++ .../aws-eventbridge-sqs/lib/index.ts | 1 + .../test/eventbridge-sqs-queue.test.ts | 25 ++- .../aws-fargate-s3/lib/index.ts | 1 + .../aws-fargate-s3/test/fargate-s3.test.ts | 30 ++++ .../aws-fargate-sqs/lib/index.ts | 1 + .../aws-fargate-sqs/test/fargate-sqs.test.ts | 25 ++- .../test/test.iot-kinesisfirehose-s3.test.ts | 4 +- .../aws-iot-s3/lib/index.ts | 1 + .../aws-iot-s3/test/iot-s3.test.ts | 22 +++ .../aws-iot-sqs/lib/index.ts | 1 + .../aws-iot-sqs/test/iot-sqs.test.ts | 26 ++- ...isfirehose-s3-and-kinesisanalytics.test.ts | 4 +- .../aws-kinesisfirehose-s3/lib/index.ts | 1 + .../test/kinesisfirehose-s3.test.ts | 7 +- .../kinesisstreams-kinesisfirehose-s3.test.ts | 21 ++- .../aws-lambda-s3/lib/index.ts | 1 + .../aws-lambda-s3/test/lambda-s3.test.ts | 40 +---- .../test/lambda-sqs-lambda.test.ts | 71 +++----- .../aws-lambda-sqs/lib/index.ts | 1 + .../aws-lambda-sqs/test/lambda-sqs.test.ts | 51 +++--- .../aws-s3-lambda/lib/index.ts | 1 + .../aws-s3-lambda/test/s3-lambda.test.ts | 18 +- .../aws-s3-sns/lib/index.ts | 2 + .../aws-s3-sns/test/test.s3-sns.test.ts | 39 ++++- .../aws-s3-sqs/lib/index.ts | 2 + .../aws-s3-sqs/test/test.s3-sqs.test.ts | 64 ++++--- .../aws-s3-stepfunctions/lib/index.ts | 1 + .../test/s3-stepfunctions.test.ts | 2 +- .../aws-sns-sqs/lib/index.ts | 1 + .../aws-sns-sqs/test/sns-sqs.test.ts | 42 ++--- .../aws-sqs-lambda/lib/index.ts | 1 + .../test/test.sqs-lambda.test.ts | 38 ++-- .../core/lib/input-validation.ts | 163 ++++++++++-------- .../core/test/input-validation.test.ts | 87 +++++----- 41 files changed, 548 insertions(+), 316 deletions(-) diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts index 7503879c9..40431218f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts @@ -197,6 +197,7 @@ export class ApiGatewayToSqs extends Construct { constructor(scope: Construct, id: string, props: ApiGatewayToSqsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSqsProps(props); if (this.CheckCreateRequestProps(props)) { throw new Error(`The 'allowCreateOperation' property must be set to true when setting any of the following: ` + diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts index bffefbe46..1b42dfe6a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts @@ -12,7 +12,7 @@ */ // Imports -import { Stack } from "aws-cdk-lib"; +import { RemovalPolicy, Stack } from "aws-cdk-lib"; import { ApiGatewayToSqs } from '../lib'; import * as api from "aws-cdk-lib/aws-apigateway"; import * as kms from 'aws-cdk-lib/aws-kms'; @@ -634,4 +634,19 @@ test('Construct throws error when deleteIntegrationResponses is set and allowDel }); expect(app).toThrowError(/The 'allowDeleteOperation' property must be set to true when setting any of the following: 'deleteRequestTemplate', 'additionalDeleteRequestTemplates', 'deleteIntegrationResponses'/); -}); \ No newline at end of file +}); + +test('Confirm the CheckSqsProps is being called', () => { + const stack = new Stack(); + + const app = () => { + new ApiGatewayToSqs(stack, 'api-gateway-sqs', { + queueProps: { + removalPolicy: RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }); + }; + + expect(app).toThrowError(/Error - Either provide queueProps or existingQueueObj, but not both.\n/); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/lib/index.ts index 9e720bb25..7f597b5f0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/lib/index.ts @@ -112,6 +112,7 @@ export class CloudFrontToS3 extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); let bucket: s3.IBucket; diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts index c4e1ee100..14889c679 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts @@ -147,10 +147,7 @@ test('check properties', () => { expect(construct.s3Bucket !== null); }); -// -------------------------------------------------------------- -// Test bad call with existingBucket and bucketProps -// -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm CheckS3Props is called", () => { // Stack const stack = new cdk.Stack(); @@ -166,7 +163,7 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); }); test("Test existingBucketObj", () => { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-kinesisfirehose-s3/test/eventbridge-kinesisfirehose-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-kinesisfirehose-s3/test/eventbridge-kinesisfirehose-s3.test.ts index d6cd33a6f..9d9cebb09 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-kinesisfirehose-s3/test/eventbridge-kinesisfirehose-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-kinesisfirehose-s3/test/eventbridge-kinesisfirehose-s3.test.ts @@ -291,3 +291,23 @@ test('Supply an existing logging bucket', () => { template.resourceCountIs("AWS::S3::Bucket", 2); }); + +test('Confirm CheckS3Props is being called', () => { + // For L4 constructs, the call is within the internal L3 constructs + const stack = new cdk.Stack(); + + const props: EventbridgeToKinesisFirehoseToS3Props = { + eventRuleProps: { + eventPattern: { + source: ['solutionsconstructs'] + } + }, + bucketProps: {}, + existingBucketObj: new s3.Bucket(stack, 'test-bucket', {}), + }; + + const app = () => { + new EventbridgeToKinesisFirehoseToS3(stack, 'test-eventbridge-firehose', props); + }; + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/lib/index.ts index 4f4c50a05..b9781dd9d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/lib/index.ts @@ -88,6 +88,7 @@ export class EventbridgeToSns extends Construct { constructor(scope: Construct, id: string, props: EventbridgeToSnsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSnsProps(props); let enableEncryptionParam = props.enableEncryptionWithCustomerManagedKey; if (props.enableEncryptionWithCustomerManagedKey === undefined || diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/eventbridge-sns-topic.test.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/eventbridge-sns-topic.test.ts index 9c42d25e8..76045d8e0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/eventbridge-sns-topic.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sns/test/eventbridge-sns-topic.test.ts @@ -390,4 +390,24 @@ test('Properties correctly set when unencrypted existing topic is provided', () expect(testConstruct.snsTopic).toBeDefined(); expect(testConstruct.encryptionKey).not.toBeDefined(); +}); + +test('Confirm CheckSnsProps is being called', () => { + const stack = new cdk.Stack(); + const existingTopicObj = new sns.Topic(stack, 'Topic', { + topicName: 'existing-topic-name' + }); + + const props: EventbridgeToSnsProps = { + existingTopicObj, + topicProps: {}, + eventRuleProps: { + schedule: events.Schedule.rate(cdk.Duration.minutes(5)) + } + }; + const app = () => { + new EventbridgeToSns(stack, 'test', props); + }; + + expect(app).toThrowError("Error - Either provide topicProps or existingTopicObj, but not both.\n"); }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/lib/index.ts index 9d9aae2a8..ca236a852 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/lib/index.ts @@ -117,6 +117,7 @@ export class EventbridgeToSqs extends Construct { constructor(scope: Construct, id: string, props: EventbridgeToSqsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSqsProps(props); // Setup the dead letter queue, if applicable this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { diff --git a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/eventbridge-sqs-queue.test.ts b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/eventbridge-sqs-queue.test.ts index c34701aa8..260eb00b2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/eventbridge-sqs-queue.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-eventbridge-sqs/test/eventbridge-sqs-queue.test.ts @@ -14,6 +14,7 @@ import * as cdk from 'aws-cdk-lib'; import { EventbridgeToSqs, EventbridgeToSqsProps } from '../lib'; import * as events from "aws-cdk-lib/aws-events"; +import * as sqs from "aws-cdk-lib/aws-sqs"; import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; @@ -535,4 +536,26 @@ test('Queue purging flag grants correct permissions', () => { } ] }); -}); \ No newline at end of file +}); + +test('check that CheckSqsProps is being called', () => { + const stack = new cdk.Stack(); + + const props: EventbridgeToSqsProps = { + eventRuleProps: { + eventPattern: { + source: ['solutionsconstructs'] + } + }, + eventBusProps: { eventBusName: 'test' }, + queueProps: { + removalPolicy: cdk.RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new EventbridgeToSqs(stack, 'test-eventbridge-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts index e3944ff67..786b76f21 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts @@ -163,6 +163,7 @@ export class FargateToS3 extends Construct { defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckS3Props(props); if (props.bucketPermissions) { defaults.CheckListValues(['Delete', 'Read', 'Write'], props.bucketPermissions, 'bucket permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts index a88b2c016..5fbf69d14 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts @@ -700,3 +700,33 @@ test('Existing service/existing bucket, private API, existing VPC', () => { template.resourceCountIs('AWS::ECS::Service', 1); template.resourceCountIs('AWS::S3::Bucket', 1); }); + +test('New service/new bucket, public API, new VPC', () => { + // An environment with region is required to enable logging on an ALB + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const bucketName = "custom-bucket-name"; + const familyName = "family-name"; + + const props = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + vpcProps: { ipAddresses: ec2.IpAddresses.cidr('172.0.0.0/16') }, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + bucketProps: { bucketName }, + existingBucketObj: new s3.Bucket(stack, 'test-bucket', {}), + logS3AccessLogs: false, + bucketPermissions: ['Delete', 'Read', 'Write'] + }; + const app = () => { + new FargateToS3(stack, 'test-one', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); +}); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts index 28cb40a7b..45eb07bcb 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts @@ -180,6 +180,7 @@ export class FargateToSqs extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckSqsProps(props); if (props.queuePermissions) { defaults.CheckListValues(['Read', 'Write'], props.queuePermissions, 'queue permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts index 092c50666..30f64ae31 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts @@ -617,4 +617,27 @@ test('Queue is encrypted with customer managed KMS Key when enable encryption fl ] } }); -}); \ No newline at end of file +}); + +test('Confirm CheckSqsProps is called', () => { + + // An environment with region is required to enable logging on an ALB + const stack = new cdk.Stack(); + const publicApi = false; + + const props = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + vpcProps: { ipAddresses: ec2.IpAddresses.cidr('172.0.0.0/16') }, + deployDeadLetterQueue: false, + queueProps: { + removalPolicy: cdk.RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new FargateToSqs(stack, 'test-fargate-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/test.iot-kinesisfirehose-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/test.iot-kinesisfirehose-s3.test.ts index d9bb4f85a..a77015ea2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/test.iot-kinesisfirehose-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/test.iot-kinesisfirehose-s3.test.ts @@ -130,7 +130,7 @@ test('check properties', () => { // -------------------------------------------------------------- // Test bad call with existingBucket and bucketProps // -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm CheckS3Props is being called", () => { // Stack const stack = new cdk.Stack(); @@ -154,7 +154,7 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); + expect(app).toThrowError("Error - Either provide bucketProps or existingBucketObj, but not both.\n"); }); // -------------------------------------------------------------- diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-iot-s3/lib/index.ts index 5afb9a05c..d17c4e809 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-s3/lib/index.ts @@ -83,6 +83,7 @@ export class IotToS3 extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); // Setup S3 Bucket if (!props.existingBucketInterface) { diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-s3/test/iot-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-s3/test/iot-s3.test.ts index b14708f12..87dd4a033 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-s3/test/iot-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-s3/test/iot-s3.test.ts @@ -325,4 +325,26 @@ test('check for chaining of resource', () => { const template = Template.fromStack(stack); template.resourceCountIs('AWS::IoT::TopicRule', 2); template.resourceCountIs('AWS::S3::Bucket', 2); +}); + +test('Confirm CHeckS3Props is being called', () => { + const stack = new cdk.Stack(); + + const props: IotToS3Props = { + iotTopicRuleProps: { + topicRulePayload: { + ruleDisabled: false, + description: "process solutions constructs messages", + sql: "SELECT * FROM 'solutions/constructs'", + actions: [] + } + }, + bucketProps: {}, + existingBucketInterface: new s3.Bucket(stack, 'test-bucket', {}), + }; + const app = () => { + new IotToS3(stack, 'test-iot-s3-integration', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-iot-sqs/lib/index.ts index 13a46e435..c6ed87fdc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-sqs/lib/index.ts @@ -103,6 +103,7 @@ export class IotToSqs extends Construct { constructor(scope: Construct, id: string, props: IotToSqsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSqsProps(props); // Setup the dead letter queue, if applicable this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-sqs/test/iot-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-sqs/test/iot-sqs.test.ts index c4d6cb3f8..bc84424c7 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-sqs/test/iot-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-sqs/test/iot-sqs.test.ts @@ -12,7 +12,7 @@ */ // Imports -import { Stack } from "aws-cdk-lib"; +import { Stack, RemovalPolicy } from "aws-cdk-lib"; import { IotToSqs, IotToSqsProps } from "../lib"; import { Template } from 'aws-cdk-lib/assertions'; import * as sqs from 'aws-cdk-lib/aws-sqs'; @@ -542,3 +542,27 @@ test('Pattern deployment with passing a FIFO queue (not supported by IoT)', () = expect(err.message).toBe('The IoT SQS action doesn\'t support Amazon SQS FIFO (First-In-First-Out) queues'); } }); + +test('Confirm CheckSqsProps is being called', () => { + // Initial Setup + const stack = new Stack(); + const props: IotToSqsProps = { + iotTopicRuleProps: { + topicRulePayload: { + ruleDisabled: false, + description: "Processing messages from IoT devices or factory machines", + sql: "SELECT * FROM 'test/topic/#'", + actions: [] + } + }, + queueProps: { + removalPolicy: RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new IotToSqs(stack, 'test-iot-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/kinesisfirehose-s3-and-kinesisanalytics.test.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/kinesisfirehose-s3-and-kinesisanalytics.test.ts index c172d05b1..ac5449520 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/kinesisfirehose-s3-and-kinesisanalytics.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/kinesisfirehose-s3-and-kinesisanalytics.test.ts @@ -106,7 +106,7 @@ test('test kinesisFirehose override ', () => { // -------------------------------------------------------------- // Test bad call with existingBucket and bucketProps // -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm CheckS3Props is being called", () => { // Stack const stack = new Stack(); @@ -122,7 +122,7 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError("Error - Either provide bucketProps or existingBucketObj, but not both.\n"); }); // -------------------------------------------------------------- diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts index 9f01075f4..29074002e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts @@ -95,6 +95,7 @@ export class KinesisFirehoseToS3 extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); const firehoseId = 'KinesisFirehose'; diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/kinesisfirehose-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/kinesisfirehose-s3.test.ts index 53ec03ff2..1671ab5fa 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/kinesisfirehose-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/kinesisfirehose-s3.test.ts @@ -194,10 +194,7 @@ test('check for no SSE encryption for KinesisFirehoseToS3', () => { }); }); -// -------------------------------------------------------------- -// Test bad call with existingBucket and bucketProps -// -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm that CheckS3Props is being called", () => { // Stack const stack = new cdk.Stack(); @@ -213,7 +210,7 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError("Error - Either provide bucketProps or existingBucketObj, but not both.\n"); }); // -------------------------------------------------------------- diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-kinesisfirehose-s3/test/kinesisstreams-kinesisfirehose-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-kinesisfirehose-s3/test/kinesisstreams-kinesisfirehose-s3.test.ts index 5659bf6e1..0d435e207 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-kinesisfirehose-s3/test/kinesisstreams-kinesisfirehose-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-kinesisfirehose-s3/test/kinesisstreams-kinesisfirehose-s3.test.ts @@ -237,4 +237,23 @@ test('s3 bucket with one content bucket and no logging bucket', () => { const template = Template.fromStack(stack); template.resourceCountIs("AWS::S3::Bucket", 1); -}); \ No newline at end of file +}); + +test("Confirm that CheckS3Props is being called", () => { + // Stack + const stack = new cdk.Stack(); + + const testBucket = new s3.Bucket(stack, 'test-bucket', {}); + + const app = () => { + // Helper declaration + new KinesisStreamsToKinesisFirehoseToS3(stack, "bad-s3-args", { + existingBucketObj: testBucket, + bucketProps: { + removalPolicy: cdk.RemovalPolicy.DESTROY + }, + }); + }; + // Assertion + expect(app).toThrowError("Error - Either provide bucketProps or existingBucketObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts index aaf234198..86be5603e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts @@ -115,6 +115,7 @@ export class LambdaToS3 extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); if (props.bucketPermissions) { defaults.CheckListValues(['Delete', 'Put', 'Read', 'ReadWrite', 'Write'], props.bucketPermissions, 'bucket permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts index a8c51de75..cfb737c8f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts @@ -20,9 +20,6 @@ import { LambdaToS3 } from '../lib'; import { CreateScrapBucket } from '@aws-solutions-constructs/core'; import { Template } from 'aws-cdk-lib/assertions'; -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -44,9 +41,6 @@ test('Test the properties', () => { expect(pattern.s3LoggingBucket !== null); }); -// -------------------------------------------------------------- -// Test the bucketProps override -// -------------------------------------------------------------- test('Test the bucketProps override', () => { // Stack const stack = new Stack(); @@ -69,9 +63,6 @@ test('Test the bucketProps override', () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -120,9 +111,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -177,9 +165,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -223,12 +208,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack const stack = new Stack(); @@ -243,7 +222,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToS3(stack, "lambda-to-s3-stack", { existingLambdaObj: testLambdaFunction, existingVpc: testVpc, @@ -255,9 +235,6 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- test("Test bad call with existingVpc and deployVpc", () => { // Stack const stack = new Stack(); @@ -280,9 +257,6 @@ test("Test bad call with existingVpc and deployVpc", () => { expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -319,7 +293,7 @@ test('Test lambda function custom environment variable', () => { // -------------------------------------------------------------- // Test bad call with existingBucket and bucketProps // -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm that CheckS3Props is being called", () => { // Stack const stack = new Stack(); @@ -340,7 +314,7 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); }); test('Test that CheckProps() is flagging errors correctly', () => { @@ -371,9 +345,6 @@ test('Test that CheckProps() is flagging errors correctly', () => { }); -// -------------------------------------------------------------- -// s3 bucket with bucket, loggingBucket, and auto delete objects -// -------------------------------------------------------------- test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { const stack = new Stack(); @@ -408,9 +379,6 @@ test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { }); }); -// -------------------------------------------------------------- -// s3 bucket with one content bucket and no logging bucket -// -------------------------------------------------------------- test('s3 bucket with one content bucket and no logging bucket', () => { const stack = new Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts index b95479002..e845a9d6e 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts @@ -14,14 +14,12 @@ // Imports import { Stack } from "aws-cdk-lib"; import * as lambda from "aws-cdk-lib/aws-lambda"; +import * as sqs from "aws-cdk-lib/aws-sqs"; import * as ec2 from "aws-cdk-lib/aws-ec2"; import * as defaults from '@aws-solutions-constructs/core'; import { LambdaToSqsToLambda, LambdaToSqsToLambdaProps } from '../lib'; import { Template } from 'aws-cdk-lib/assertions'; -// -------------------------------------------------------------- -// Test minimal deployment -// -------------------------------------------------------------- test('Test minimal deployment', () => { // Stack const stack = new Stack(); @@ -117,9 +115,6 @@ test('Test minimal deployment', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ existing producer function -// -------------------------------------------------------------- test('Test deployment w/ existing producer function', () => { // Stack const stack = new Stack(); @@ -155,9 +150,6 @@ test('Test deployment w/ existing producer function', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ existing consumer function -// -------------------------------------------------------------- test('Test deployment w/ existing consumer function', () => { // Stack const stack = new Stack(); @@ -193,9 +185,6 @@ test('Test deployment w/ existing consumer function', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ existing queue -// -------------------------------------------------------------- test('Test deployment w/ existing queue', () => { // Stack const stack = new Stack(); @@ -230,9 +219,6 @@ test('Test deployment w/ existing queue', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ DLQ explicitly disabled -// -------------------------------------------------------------- test('Test deployment w/ DLQ explicitly disabled', () => { // Stack const stack = new Stack(); @@ -261,9 +247,6 @@ test('Test deployment w/ DLQ explicitly disabled', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ DLQ explicitly enabled and w/ MRC override -// -------------------------------------------------------------- test('Test deployment w/ DLQ explicitly enabled and w/ MRC override', () => { // Stack const stack = new Stack(); @@ -299,9 +282,6 @@ test('Test deployment w/ DLQ explicitly enabled and w/ MRC override', () => { }); }); -// -------------------------------------------------------------- -// Test overrides for producer and consumer functions -// -------------------------------------------------------------- test('Test overrides for producer and consumer functions', () => { // Stack const stack = new Stack(); @@ -333,9 +313,6 @@ test('Test overrides for producer and consumer functions', () => { }); }); -// -------------------------------------------------------------- -// Test the public pattern props -// -------------------------------------------------------------- test('Test the public pattern props', () => { // Stack const stack = new Stack(); @@ -365,9 +342,6 @@ test('Test the public pattern props', () => { expect(pattern.consumerLambdaFunction).toBeDefined(); }); -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -405,9 +379,6 @@ test('Test lambda function custom environment variable', () => { }); }); -// -------------------------------------------------------------- -// Pattern deployment w/ batch size -// -------------------------------------------------------------- test('Pattern deployment w/ batch size', () => { const stack = new Stack(); const props: LambdaToSqsToLambdaProps = { @@ -435,9 +406,6 @@ test('Pattern deployment w/ batch size', () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -493,9 +461,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -557,9 +522,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -610,9 +572,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- test("Test bad call with existingVpc and deployVpc", () => { // Stack const stack = new Stack(); @@ -640,4 +599,30 @@ test("Test bad call with existingVpc and deployVpc", () => { }; // Assertion expect(app).toThrowError(); -}); \ No newline at end of file +}); + +test('Confirm CheckSqsProps is being called', () => { + // NOTE: CheckSqsProps is called from both lambda-sqs and sqs-lambda internally + // Stack + const stack = new Stack(); + // Helper declaration + const props: LambdaToSqsToLambdaProps = { + producerLambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_18_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`) + }, + consumerLambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_18_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`) + }, + queueProps: {}, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new LambdaToSqsToLambda(stack, 'test-eventbridge-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts index cfa860bb0..5d03dc209 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts @@ -132,6 +132,7 @@ export class LambdaToSqs extends Construct { constructor(scope: Construct, id: string, props: LambdaToSqsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSqsProps(props); if (props.deployVpc || props.existingVpc) { this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts index 43e48f02e..0fc964382 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts @@ -12,16 +12,14 @@ */ // Imports -import { Stack } from "aws-cdk-lib"; +import { Stack, RemovalPolicy } from "aws-cdk-lib"; +import * as sqs from 'aws-cdk-lib/aws-sqs'; import * as kms from 'aws-cdk-lib/aws-kms'; import * as lambda from "aws-cdk-lib/aws-lambda"; import * as ec2 from "aws-cdk-lib/aws-ec2"; import { LambdaToSqs } from '../lib'; import { Template } from 'aws-cdk-lib/assertions'; -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -44,9 +42,6 @@ test('Test the properties', () => { expect(dlq).toBeDefined(); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -95,9 +90,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -152,9 +144,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -198,12 +187,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack const stack = new Stack(); @@ -230,9 +213,6 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- test("Test bad call with existingVpc and deployVpc", () => { // Stack const stack = new Stack(); @@ -255,9 +235,6 @@ test("Test bad call with existingVpc and deployVpc", () => { expect(app).toThrowError(); }); -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -523,4 +500,26 @@ test('Queue purging flag grants correct permissions', () => { } ] }); -}); \ No newline at end of file +}); + +test('Confirm CheckSqsProps is being called', () => { + // Stack + const stack = new Stack(); + // Helper declaration + const props = { + lambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`) + }, + queueProps: { + removalPolicy: RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new LambdaToSqs(stack, 'test-eventbridge-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/lib/index.ts index ba1d1a59e..e65cc9743 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/lib/index.ts @@ -90,6 +90,7 @@ export class S3ToLambda extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); let bucket: s3.Bucket; diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts index 6a1a3ea8d..e09f9f0a3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts @@ -43,10 +43,7 @@ test('check properties', () => { expect(construct.s3LoggingBucket !== null); }); -// -------------------------------------------------------------- -// Test bad call with existingBucket and bucketProps -// -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm CheckS3Props is being called", () => { // Stack const stack = new cdk.Stack(); @@ -55,6 +52,11 @@ test("Test bad call with existingBucket and bucketProps", () => { const app = () => { // Helper declaration new S3ToLambda(stack, "bad-s3-args", { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.handler' + }, existingBucketObj: testBucket, bucketProps: { removalPolicy: cdk.RemovalPolicy.DESTROY @@ -62,12 +64,9 @@ test("Test bad call with existingBucket and bucketProps", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); }); -// -------------------------------------------------------------- -// s3 bucket with bucket, loggingBucket, and auto delete objects -// -------------------------------------------------------------- test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { const stack = new cdk.Stack(); @@ -102,9 +101,6 @@ test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { }); }); -// -------------------------------------------------------------- -// s3 bucket with one content bucket and no logging bucket -// -------------------------------------------------------------- test('s3 bucket with one content bucket and no logging bucket', () => { const stack = new cdk.Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-sns/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-s3-sns/lib/index.ts index 207622f86..0df5c0718 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-sns/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-sns/lib/index.ts @@ -130,6 +130,8 @@ export class S3ToSns extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckSnsProps(props); + defaults.CheckS3Props(props); // If the enableEncryptionWithCustomerManagedKey is undefined, default it to true const enableEncryptionParam = props.enableEncryptionWithCustomerManagedKey === false ? false : true; diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-sns/test/test.s3-sns.test.ts b/source/patterns/@aws-solutions-constructs/aws-s3-sns/test/test.s3-sns.test.ts index 7a45685ad..b1bbaa8f5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-sns/test/test.s3-sns.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-sns/test/test.s3-sns.test.ts @@ -254,4 +254,41 @@ test('Construct does not override unencrypted topic when passed in existingTopic template.hasResourceProperties("AWS::SNS::Topic", { TopicName: 'existing-topic-name' }); -}); \ No newline at end of file +}); + +test('Confirm CheckSnsProps is being called', () => { + const stack = new Stack(); + + const topic = new sns.Topic(stack, "existing-topic-obj", { + topicName: 'existing-topic-obj' + }); + + const app = () => { + new S3ToSns(stack, 'test-s3-sns', { + existingTopicObj: topic, + topicProps: { + topicName: 'topic-name' + }, + }); + }; + + // Assertion + expect(app).toThrowError(/Error - Either provide topicProps or existingTopicObj, but not both.\n/); +}); + +test('Confirm CheckS3Props is being called', () => { + const stack = new Stack(); + + const app = () => { + new S3ToSns(stack, 'test-s3-sns', { + topicProps: { + topicName: 'topic-name' + }, + bucketProps: {}, + existingBucketObj: new s3.Bucket(stack, 'test-bucket', {}), + }); + }; + + // Assertion + expect(app).toThrowError(/Error - Either provide bucketProps or existingBucketObj, but not both.\n/); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-s3-sqs/lib/index.ts index cd41a50e0..8a69d3e1e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-sqs/lib/index.ts @@ -140,6 +140,8 @@ export class S3ToSqs extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckSqsProps(props); + defaults.CheckS3Props(props); let bucket: s3.Bucket; let enableEncryptionParam = props.enableEncryptionWithCustomerManagedKey; diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-sqs/test/test.s3-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-s3-sqs/test/test.s3-sqs.test.ts index 34521e7ce..f9a423590 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-sqs/test/test.s3-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-sqs/test/test.s3-sqs.test.ts @@ -20,9 +20,6 @@ import * as s3 from 'aws-cdk-lib/aws-s3'; import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test getter methods', () => { // Initial Setup const stack = new Stack(); @@ -43,9 +40,6 @@ test('Test getter methods', () => { expect(app.s3Bucket !== null); }); -// -------------------------------------------------------------- -// Test deployment w/ existing queue -// -------------------------------------------------------------- test('Test deployment w/ existing queue', () => { // Stack const stack = new Stack(); @@ -77,9 +71,6 @@ test('Test deployment w/ existing queue', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ existing s3 Bucket -// -------------------------------------------------------------- test('Test deployment w/ existing Bucket', () => { // Stack const stack = new Stack(); @@ -108,9 +99,6 @@ test('Test deployment w/ existing Bucket', () => { }); }); -// -------------------------------------------------------------- -// Pattern deployment w/ bucket block public access override -// -------------------------------------------------------------- test('Pattern deployment w/ bucket versioning turned off', () => { const stack = new Stack(); const props: S3ToSqsProps = { @@ -135,9 +123,6 @@ test('Pattern deployment w/ bucket versioning turned off', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ specific s3 event types -// -------------------------------------------------------------- test('Test deployment w/ s3 event types and filters', () => { // Stack const stack = new Stack(); @@ -187,9 +172,6 @@ test('Test deployment w/ s3 event types and filters', () => { }); }); -// -------------------------------------------------------------- -// Test deployment w/ SSE encryption enabled using customer managed KMS CMK -// -------------------------------------------------------------- test('Test deployment w/ SSE encryption enabled using customer managed KMS CMK', () => { // Stack const stack = new Stack(); @@ -218,9 +200,6 @@ test('Test deployment w/ SSE encryption enabled using customer managed KMS CMK', }); }); -// -------------------------------------------------------------- -// Test bad call with existingBucket and bucketProps -// -------------------------------------------------------------- test("Test bad call with existingBucket and bucketProps", () => { // Stack const stack = new Stack(); @@ -240,9 +219,6 @@ test("Test bad call with existingBucket and bucketProps", () => { expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); }); -// -------------------------------------------------------------- -// s3 bucket with bucket, loggingBucket, and auto delete objects -// -------------------------------------------------------------- test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { const stack = new Stack(); @@ -272,9 +248,6 @@ test('s3 bucket with bucket, loggingBucket, and auto delete objects', () => { }); }); -// -------------------------------------------------------------- -// s3 bucket with one content bucket and no logging bucket -// -------------------------------------------------------------- test('s3 bucket with one content bucket and no logging bucket', () => { const stack = new Stack(); @@ -382,4 +355,39 @@ test('Queue is encrypted with SQS-managed KMS Key when enable encryption flag is template.hasResourceProperties("AWS::SQS::Queue", { KmsMasterKeyId: "alias/aws/sqs" }); -}); \ No newline at end of file +}); + +test('Confirm CheckSqsProps is called', () => { + // Initial Setup + const stack = new Stack(); + const filter: s3.NotificationKeyFilter = { prefix: 'the/place', suffix: '*.mp3' }; + const props: S3ToSqsProps = { + deployDeadLetterQueue: true, + maxReceiveCount: 0, + s3EventTypes: [s3.EventType.OBJECT_REMOVED], + s3EventFilters: [filter], + queueProps: { + removalPolicy: RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new S3ToSqs(stack, 'test-s3-sqs', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); + +test('Confirm CheckS3Props is being called', () => { + const stack = new Stack(); + + const app = () => { + new S3ToSqs(stack, 'test-s3-sqs', { + bucketProps: {}, + existingBucketObj: new s3.Bucket(stack, 'test-bucket', {}), + }); + }; + + // Assertion + expect(app).toThrowError(/Error - Either provide bucketProps or existingBucketObj, but not both.\n/); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/lib/index.ts index cfe47d63c..496dea659 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/lib/index.ts @@ -107,6 +107,7 @@ export class S3ToStepfunctions extends Construct { this.node.setContext("@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy", true); defaults.CheckProps(props); + defaults.CheckS3Props(props); let bucket: s3.IBucket; diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/test/s3-stepfunctions.test.ts b/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/test/s3-stepfunctions.test.ts index 927f09213..6c5486295 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/test/s3-stepfunctions.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-stepfunctions/test/s3-stepfunctions.test.ts @@ -108,7 +108,7 @@ test('check properties', () => { // -------------------------------------------------------------- // Test bad call with existingBucket and bucketProps // -------------------------------------------------------------- -test("Test bad call with existingBucket and bucketProps", () => { +test("Confirm that CheckS3Props is getting called", () => { // Stack const stack = new cdk.Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts index d4955ef40..e298db4c2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts @@ -117,6 +117,7 @@ export class SnsToSqs extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckSnsProps(props); + defaults.CheckSqsProps(props); // Setup the dead letter queue, if applicable this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/sns-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/sns-sqs.test.ts index 6f5f3a79d..eb246cffc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/sns-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/sns-sqs.test.ts @@ -12,17 +12,13 @@ */ // Imports -import { Stack } from "aws-cdk-lib"; +import { Stack, RemovalPolicy } from "aws-cdk-lib"; import { SnsToSqs, SnsToSqsProps } from "../lib"; import * as sqs from 'aws-cdk-lib/aws-sqs'; import * as sns from 'aws-cdk-lib/aws-sns'; import * as kms from 'aws-cdk-lib/aws-kms'; import { Template } from 'aws-cdk-lib/assertions'; -// -------------------------------------------------------------- -// Pattern deployment with new Topic, new Queue and -// default properties -// -------------------------------------------------------------- test('Pattern deployment w/ new Topic, new Queue and default props', () => { // Initial Setup const stack = new Stack(); @@ -65,10 +61,6 @@ test('Pattern deployment w/ new Topic, new Queue and default props', () => { }); }); -// -------------------------------------------------------------- -// Pattern deployment with new Topic, new Queue, and -// overridden properties -// -------------------------------------------------------------- test('Pattern deployment w/ new topic, new queue, and overridden props', () => { // Initial Setup const stack = new Stack(); @@ -110,9 +102,6 @@ test('Pattern deployment w/ new topic, new queue, and overridden props', () => { }); }); -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test getter methods', () => { // Initial Setup const stack = new Stack(); @@ -187,9 +176,6 @@ test('Test deployment with imported encryption key', () => { }); }); -// -------------------------------------------------------------- -// Test deployment with SNS managed KMS key -// -------------------------------------------------------------- test('Test deployment with SNS managed KMS key', () => { // Stack const stack = new Stack(); @@ -238,9 +224,6 @@ test('Test deployment with SNS managed KMS key', () => { }); }); -// -------------------------------------------------------------- -// Test deployment with CMK encrypted SNS Topic -// -------------------------------------------------------------- test('Test deployment with CMK encrypted SNS Topic', () => { // Stack const stack = new Stack(); @@ -263,9 +246,6 @@ test('Test deployment with CMK encrypted SNS Topic', () => { }); }); -// -------------------------------------------------------------- -// Pattern deployment with existing Topic and FIFO queues -// -------------------------------------------------------------- test('Pattern deployment w/ existing topic and FIFO queue', () => { // Initial Setup const stack = new Stack(); @@ -308,9 +288,6 @@ test('Pattern deployment w/ existing topic and FIFO queue', () => { }); }); -// -------------------------------------------------------------- -// Pattern deployment with existing Topic and Standard queues -// -------------------------------------------------------------- test('Pattern deployment w/ existing topic and Standard queue', () => { // Initial Setup const stack = new Stack(); @@ -518,4 +495,21 @@ test('Confirm that CheckSnsProps is called', () => { // Assertion expect(app).toThrowError(/Error - Either provide topicProps or existingTopicObj, but not both.\n/); +}); + +test('Confirm that CheckSqsProps is called', () => { + // Stack + const stack = new Stack(); + + const app = () => { + new SnsToSqs(stack, 'sns-to-sqs-stack', { + queueProps: { + removalPolicy: RemovalPolicy.DESTROY, + }, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }); + }; + + // Assertion + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts index 9d8093255..0b45c93c0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts @@ -112,6 +112,7 @@ export class SqsToLambda extends Construct { constructor(scope: Construct, id: string, props: SqsToLambdaProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckSqsProps(props); // Setup the Lambda function this.lambdaFunction = defaults.buildLambdaFunction(this, { diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts index efbc2b91f..46738ea6b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts @@ -15,13 +15,10 @@ import { Stack } from "aws-cdk-lib"; import { SqsToLambda, SqsToLambdaProps } from "../lib"; import * as lambda from 'aws-cdk-lib/aws-lambda'; +import * as sqs from 'aws-cdk-lib/aws-sqs'; import { Template } from 'aws-cdk-lib/assertions'; import * as kms from 'aws-cdk-lib/aws-kms'; -// -------------------------------------------------------------- -// Pattern deployment w/ new Lambda function and -// overridden properties -// -------------------------------------------------------------- test('Pattern deployment w/ new Lambda function and overridden props', () => { // Initial Setup const stack = new Stack(); @@ -55,9 +52,6 @@ test('Pattern deployment w/ new Lambda function and overridden props', () => { }); }); -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test getter methods', () => { // Initial Setup const stack = new Stack(); @@ -98,10 +92,6 @@ test('Test error handling for existing Lambda function', () => { }).toThrowError(); }); -// -------------------------------------------------------------- -// Test error handling for new Lambda function -// w/o required properties -// -------------------------------------------------------------- test('Test error handling for new Lambda function w/o required properties', () => { // Initial Setup const stack = new Stack(); @@ -116,9 +106,6 @@ test('Test error handling for new Lambda function w/o required properties', () = }).toThrowError(); }); -// -------------------------------------------------------------- -// Pattern deployment w/ batch size -// -------------------------------------------------------------- test('Pattern deployment w/ batch size', () => { const stack = new Stack(); const props: SqsToLambdaProps = { @@ -277,4 +264,25 @@ test('Queue is encrypted with customer managed KMS Key when enable encryption fl ] }, }); -}); \ No newline at end of file +}); + +test('Confirm CheckSqsProps is called', () => { + // Initial Setup + const stack = new Stack(); + const props: SqsToLambdaProps = { + lambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`) + }, + deployDeadLetterQueue: true, + maxReceiveCount: 0, + queueProps: {}, + existingQueueObj: new sqs.Queue(stack, 'test', {}) + }; + + const app = () => { + new SqsToLambda(stack, 'test-apigateway-lambda', props); + }; + expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); +}); diff --git a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts index 1377e4fd0..bffe3e1d8 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts @@ -40,26 +40,15 @@ export interface VerifiedProps { readonly existingLambdaObj?: lambda.Function, readonly lambdaFunctionProps?: lambda.FunctionProps, - readonly existingQueueObj?: sqs.Queue, - readonly queueProps?: sqs.QueueProps, - readonly deployDeadLetterQueue?: boolean, - readonly deadLetterQueueProps?: sqs.QueueProps, - readonly existingMediaStoreContainerObj?: mediastore.CfnContainer; readonly mediaStoreContainerProps?: mediastore.CfnContainerProps; - readonly existingBucketObj?: s3.Bucket, - readonly existingBucketInterface?: s3.IBucket, - readonly bucketProps?: s3.BucketProps, - readonly existingSagemakerEndpointObj?: sagemaker.CfnEndpoint, readonly endpointProps?: sagemaker.CfnEndpointProps, readonly existingSecretObj?: secretsmanager.Secret; readonly secretProps?: secretsmanager.SecretProps; - readonly topicProps?: sns.TopicProps, - readonly existingVpc?: ec2.IVpc; readonly vpcProps?: ec2.VpcProps; readonly deployVpc?: boolean; @@ -73,10 +62,6 @@ export interface VerifiedProps { readonly logAlbAccessLogs?: boolean; readonly albLoggingBucketProps?: s3.BucketProps; - readonly existingLoggingBucketObj?: s3.IBucket; - readonly loggingBucketProps?: s3.BucketProps; - readonly logS3AccessLogs?: boolean; - readonly insertHttpSecurityHeaders?: boolean; readonly responseHeadersPolicyProps?: ResponseHeadersPolicyProps; readonly openSearchDomainProps?: opensearch.CfnDomainProps; @@ -105,46 +90,11 @@ export function CheckProps(propsObject: VerifiedProps | any) { errorFound = true; } - if (propsObject.existingQueueObj && propsObject.queueProps) { - errorMessages += 'Error - Either provide queueProps or existingQueueObj, but not both.\n'; - errorFound = true; - } - - if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKey) { - errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKey, but not both.\n'; - errorFound = true; - } - - if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKeyProps) { - errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKeyProps, but not both.\n'; - errorFound = true; - } - - if ((propsObject?.deployDeadLetterQueue === false) && propsObject.deadLetterQueueProps) { - errorMessages += 'Error - If deployDeadLetterQueue is false then deadLetterQueueProps cannot be specified.\n'; - errorFound = true; - } - - const isQueueFifo: boolean = propsObject?.queueProps?.fifo; - const isDeadLetterQueueFifo: boolean = propsObject?.deadLetterQueueProps?.fifo; - const deployDeadLetterQueue: boolean = propsObject.deployDeadLetterQueue || propsObject.deployDeadLetterQueue === undefined; - - if (deployDeadLetterQueue && (isQueueFifo !== isDeadLetterQueueFifo)) { - errorMessages += 'Error - If you specify a fifo: true in either queueProps or deadLetterQueueProps, you must also set fifo: ' + - 'true in the other props object. Fifo must match for the Queue and the Dead Letter Queue.\n'; - errorFound = true; - } - if (propsObject.existingMediaStoreContainerObj && propsObject.mediaStoreContainerProps) { errorMessages += 'Error - Either provide mediaStoreContainerProps or existingMediaStoreContainerObj, but not both.\n'; errorFound = true; } - if (propsObject.existingBucketObj && propsObject.bucketProps) { - errorMessages += 'Error - Either provide bucketProps or existingBucketObj, but not both.\n'; - errorFound = true; - } - if (propsObject.existingSagemakerEndpointObj && propsObject.endpointProps) { errorMessages += 'Error - Either provide endpointProps or existingSagemakerEndpointObj, but not both.\n'; errorFound = true; @@ -175,26 +125,6 @@ export function CheckProps(propsObject: VerifiedProps | any) { errorFound = true; } - if ((propsObject?.logAlbAccessLogs === false) && (propsObject.albLoggingBucketProps)) { - errorMessages += 'Error - If logAlbAccessLogs is false, supplying albLoggingBucketProps is invalid.\n'; - errorFound = true; - } - - if (propsObject.existingLoggingBucketObj && propsObject.loggingBucketProps) { - errorMessages += 'Error - Either provide existingLoggingBucketObj or loggingBucketProps, but not both.\n'; - errorFound = true; - } - - if ((propsObject?.logS3AccessLogs === false) && (propsObject.loggingBucketProps || propsObject.existingLoggingBucketObj)) { - errorMessages += 'Error - If logS3AccessLogs is false, supplying loggingBucketProps or existingLoggingBucketObj is invalid.\n'; - errorFound = true; - } - - if (propsObject.existingBucketObj && (propsObject.loggingBucketProps || propsObject.logS3AccessLogs)) { - errorMessages += 'Error - If existingBucketObj is provided, supplying loggingBucketProps or logS3AccessLogs is an error.\n'; - errorFound = true; - } - if (propsObject.insertHttpSecurityHeaders !== false && propsObject.responseHeadersPolicyProps?.securityHeadersBehavior) { errorMessages += 'responseHeadersPolicyProps.securityHeadersBehavior can only be passed if httpSecurityHeaders is set to `false`.'; errorFound = true; @@ -314,9 +244,100 @@ export function CheckSnsProps(propsObject: SnsProps | any) { } } -export interface DynamoDBProps { +export interface SqsProps { + readonly existingQueueObj?: sqs.Queue, + readonly queueProps?: sqs.QueueProps, + readonly deployDeadLetterQueue?: boolean, + readonly deadLetterQueueProps?: sqs.QueueProps, + readonly encryptionKey?: kms.Key, + readonly encryptionKeyProps?: kms.KeyProps +} + +export function CheckSqsProps(propsObject: SqsProps | any) { + let errorMessages = ''; + let errorFound = false; + + if (propsObject.existingQueueObj && propsObject.queueProps) { + errorMessages += 'Error - Either provide queueProps or existingQueueObj, but not both.\n'; + errorFound = true; + } + + if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKey) { + errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKey, but not both.\n'; + errorFound = true; + } + + if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKeyProps) { + errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKeyProps, but not both.\n'; + errorFound = true; + } + + if ((propsObject?.deployDeadLetterQueue === false) && propsObject.deadLetterQueueProps) { + errorMessages += 'Error - If deployDeadLetterQueue is false then deadLetterQueueProps cannot be specified.\n'; + errorFound = true; + } + + const isQueueFifo: boolean = propsObject?.queueProps?.fifo; + const isDeadLetterQueueFifo: boolean = propsObject?.deadLetterQueueProps?.fifo; + const deployDeadLetterQueue: boolean = propsObject.deployDeadLetterQueue || propsObject.deployDeadLetterQueue === undefined; + + if (deployDeadLetterQueue && (isQueueFifo !== isDeadLetterQueueFifo)) { + errorMessages += 'Error - If you specify a fifo: true in either queueProps or deadLetterQueueProps, you must also set fifo: ' + + 'true in the other props object. Fifo must match for the Queue and the Dead Letter Queue.\n'; + errorFound = true; + } + + if (errorFound) { + throw new Error(errorMessages); + } +} + +export interface S3Props { + readonly existingBucketObj?: s3.Bucket, + readonly existingBucketInterface?: s3.IBucket, + readonly bucketProps?: s3.BucketProps, + readonly existingLoggingBucketObj?: s3.IBucket; + readonly loggingBucketProps?: s3.BucketProps; + readonly logS3AccessLogs?: boolean; } +export function CheckS3Props(propsObject: S3Props | any) { + let errorMessages = ''; + let errorFound = false; + + if ((propsObject.existingBucketObj || propsObject.existingBucketInterface) && propsObject.bucketProps) { + errorMessages += 'Error - Either provide bucketProps or existingBucketObj, but not both.\n'; + errorFound = true; + } + + if ((propsObject?.logAlbAccessLogs === false) && (propsObject.albLoggingBucketProps)) { + errorMessages += 'Error - If logAlbAccessLogs is false, supplying albLoggingBucketProps is invalid.\n'; + errorFound = true; + } + + if (propsObject.existingLoggingBucketObj && propsObject.loggingBucketProps) { + errorMessages += 'Error - Either provide existingLoggingBucketObj or loggingBucketProps, but not both.\n'; + errorFound = true; + } + + if ((propsObject?.logS3AccessLogs === false) && (propsObject.loggingBucketProps || propsObject.existingLoggingBucketObj)) { + errorMessages += 'Error - If logS3AccessLogs is false, supplying loggingBucketProps or existingLoggingBucketObj is invalid.\n'; + errorFound = true; + } + + if (propsObject.existingBucketObj && (propsObject.loggingBucketProps || propsObject.logS3AccessLogs)) { + errorMessages += 'Error - If existingBucketObj is provided, supplying loggingBucketProps or logS3AccessLogs is an error.\n'; + errorFound = true; + } + + if (errorFound) { + throw new Error(errorMessages); + } +} + +// export interface DynamoDBProps { +// } + // export function CheckDynamoDBProps(propsObject: GlueProps | any) { // let errorMessages = ''; // let errorFound = false; diff --git a/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts b/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts index aa3f0d250..c7aac2c33 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts @@ -96,16 +96,19 @@ test("Test fail Lambda function check", () => { ); }); +// --------------------------- +// DynamoDB Prop Tests +// --------------------------- test("Test fail SQS Queue check", () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { queueProps: {}, existingQueueObj: new sqs.Queue(stack, 'placeholder', {}), }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -115,7 +118,7 @@ test("Test fail SQS Queue check", () => { test('Test fail SQS queue check when queueProps.encryptionMasterKey and encryptionKey are both specified', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { queueProps: { encryptionMasterKey: new kms.Key(stack, 'key') }, @@ -123,7 +126,7 @@ test('Test fail SQS queue check when queueProps.encryptionMasterKey and encrypti }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; expect(app).toThrowError('Error - Either provide queueProps.encryptionMasterKey or encryptionKey, but not both.\n'); @@ -132,7 +135,7 @@ test('Test fail SQS queue check when queueProps.encryptionMasterKey and encrypti test('Test fail SQS queue check when queueProps.encryptionMasterKey and encryptionKeyProps are both specified', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { encryptionKeyProps: { description: 'key description' }, @@ -142,7 +145,7 @@ test('Test fail SQS queue check when queueProps.encryptionMasterKey and encrypti }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -151,13 +154,13 @@ test('Test fail SQS queue check when queueProps.encryptionMasterKey and encrypti test('Test fail Dead Letter Queue check', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { deployDeadLetterQueue: false, deadLetterQueueProps: {}, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -166,13 +169,13 @@ test('Test fail Dead Letter Queue check', () => { test('Test fail Dead Letter Queue check with queueProps fifo set to true and undefined deadLetterQueueProps', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { queueProps: { fifo: true }, deadLetterQueueProps: {}, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -182,13 +185,13 @@ test('Test fail Dead Letter Queue check with queueProps fifo set to true and und test('Test fail Dead Letter Queue check with queueProps fifo set to true and deadLetterQueueProps fifo set to false', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { queueProps: { fifo: true }, deadLetterQueueProps: { fifo: false }, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -198,13 +201,13 @@ test('Test fail Dead Letter Queue check with queueProps fifo set to true and dea test('Test fail Dead Letter Queue check with queueProps fifo set to false and deadLetterQueueProps fifo set to true', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { deadLetterQueueProps: { fifo: true }, queueProps: { fifo: false }, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; // Assertion @@ -214,12 +217,12 @@ test('Test fail Dead Letter Queue check with queueProps fifo set to false and de test('Test fail Dead Letter Queue check with deadLetterQueueProps fifo set to true', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { deadLetterQueueProps: { fifo: true }, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; expect(app).toThrowError('Error - If you specify a fifo: true in either queueProps or deadLetterQueueProps, you must also set fifo: ' + @@ -228,12 +231,12 @@ test('Test fail Dead Letter Queue check with deadLetterQueueProps fifo set to tr test('Test fail Dead Letter Queue check with queueProps fifo set to false', () => { - const props: defaults.VerifiedProps = { + const props: defaults.SqsProps = { queueProps: { fifo: false }, }; const app = () => { - defaults.CheckProps(props); + defaults.CheckSqsProps(props); }; expect(app).toThrowError('Error - If you specify a fifo: true in either queueProps or deadLetterQueueProps, you must also set fifo: ' + @@ -284,22 +287,6 @@ test('Test fail Kinesis stream check', () => { expect(app).toThrowError('Error - Either provide existingStreamObj or kinesisStreamProps, but not both.\n'); }); -test('Test fail S3 check', () => { - const stack = new Stack(); - - const props: defaults.VerifiedProps = { - existingBucketObj: CreateScrapBucket(stack, {}), - bucketProps: {}, - }; - - const app = () => { - defaults.CheckProps(props); - }; - - // Assertion - expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); -}); - // --------------------------- // Sns Prop Tests // --------------------------- @@ -591,10 +578,29 @@ test('Test fail Vpc check with vpcProps', () => { expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); +// --------------------------- +// S3 Prop Tests +// --------------------------- +test('Test fail S3 check', () => { + const stack = new Stack(); + + const props: defaults.S3Props = { + existingBucketObj: CreateScrapBucket(stack, {}), + bucketProps: {}, + }; + + const app = () => { + defaults.CheckS3Props(props); + }; + + // Assertion + expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); +}); + test('Test fail existing log bucket and log bucket prop check', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.S3Props = { existingLoggingBucketObj: new s3.Bucket(stack, 'logging-bucket'), loggingBucketProps: { autoDeleteObjects: true @@ -602,7 +608,7 @@ test('Test fail existing log bucket and log bucket prop check', () => { }; const app = () => { - defaults.CheckProps(props); + defaults.CheckS3Props(props); }; // Assertion @@ -612,13 +618,13 @@ test('Test fail existing log bucket and log bucket prop check', () => { test('Test fail false logS3Accesslogs and loggingBucketProps check', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.S3Props = { existingLoggingBucketObj: new s3.Bucket(stack, 'logging-bucket'), logS3AccessLogs: false }; const app = () => { - defaults.CheckProps(props); + defaults.CheckS3Props(props); }; // Assertion @@ -628,7 +634,7 @@ test('Test fail false logS3Accesslogs and loggingBucketProps check', () => { test('Test fail existingBucketObj and loggingBucketProps check', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.S3Props = { existingBucketObj: new s3.Bucket(stack, 'temp-bucket'), loggingBucketProps: { autoDeleteObjects: true @@ -636,12 +642,13 @@ test('Test fail existingBucketObj and loggingBucketProps check', () => { }; const app = () => { - defaults.CheckProps(props); + defaults.CheckS3Props(props); }; // Assertion expect(app).toThrowError('Error - If existingBucketObj is provided, supplying loggingBucketProps or logS3AccessLogs is an error.\n'); }); +// --------------------------- test('Test successful CheckListValues', () => { From 2a1222f113839a663890d034768a2aa2b66b49d6 Mon Sep 17 00:00:00 2001 From: biffgaut Date: Thu, 14 Sep 2023 11:35:15 -0400 Subject: [PATCH 2/3] removed alb bucket check from CheckS3Props --- .../core/lib/input-validation.ts | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts index bffe3e1d8..2e441e004 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts @@ -80,6 +80,11 @@ export function CheckProps(propsObject: VerifiedProps | any) { errorFound = true; } + if ((propsObject?.logAlbAccessLogs === false) && (propsObject.albLoggingBucketProps)) { + errorMessages += 'Error - If logAlbAccessLogs is false, supplying albLoggingBucketProps is invalid.\n'; + errorFound = true; + } + if (propsObject.existingStreamObj && propsObject.kinesisStreamProps) { errorMessages += 'Error - Either provide existingStreamObj or kinesisStreamProps, but not both.\n'; errorFound = true; @@ -310,11 +315,6 @@ export function CheckS3Props(propsObject: S3Props | any) { errorFound = true; } - if ((propsObject?.logAlbAccessLogs === false) && (propsObject.albLoggingBucketProps)) { - errorMessages += 'Error - If logAlbAccessLogs is false, supplying albLoggingBucketProps is invalid.\n'; - errorFound = true; - } - if (propsObject.existingLoggingBucketObj && propsObject.loggingBucketProps) { errorMessages += 'Error - Either provide existingLoggingBucketObj or loggingBucketProps, but not both.\n'; errorFound = true; From 7f6f349a837efa3fdb030a821cc3e0a04040f66f Mon Sep 17 00:00:00 2001 From: biffgaut Date: Thu, 14 Sep 2023 23:05:00 -0400 Subject: [PATCH 3/3] Check VPC and S3 props --- .../aws-alb-fargate/lib/index.ts | 1 + .../aws-alb-fargate/test/alb-fargate.test.ts | 21 +++++ .../aws-alb-lambda/lib/index.ts | 1 + .../aws-alb-lambda/test/alb-lambda.test.ts | 29 ++++++- ...treams-lambda-elasticsearch-kibana.test.ts | 20 ++++- .../aws-fargate-dynamodb/lib/index.ts | 1 + .../test/fargate-dynamodb.test.ts | 37 ++++++++- .../aws-fargate-eventbridge/lib/index.ts | 1 + .../test/fargate-eventbridge.test.ts | 29 ++++++- .../aws-fargate-kinesisfirehose/lib/index.ts | 1 + .../test/aws-fargate-kinesisfirehose.test.ts | 30 ++++++- .../aws-fargate-kinesisstreams/lib/index.ts | 1 + .../test/fargate-kinesisstreams.test.ts | 30 ++++++- .../aws-fargate-opensearch/lib/index.ts | 1 + .../test/fargate-opensearch.test.ts | 30 ++++++- .../aws-fargate-s3/lib/index.ts | 1 + .../aws-fargate-s3/test/fargate-s3.test.ts | 30 ++++++- .../aws-fargate-secretsmanager/lib/index.ts | 1 + .../test/fargate-secretsmanager.test.ts | 29 ++++++- .../aws-fargate-sns/lib/index.ts | 1 + .../aws-fargate-sns/test/fargate-sns.test.ts | 28 ++++++- .../aws-fargate-sqs/lib/index.ts | 1 + .../aws-fargate-sqs/test/fargate-sqs.test.ts | 28 ++++++- .../lib/index.ts | 1 + .../test/fargate-ssmstringparameter.test.ts | 28 ++++++- .../aws-fargate-stepfunctions/lib/index.ts | 1 + .../test/fargate-stepfunctions.test.ts | 26 ++++++- .../test/iot-lambda-dynamodb.test.ts | 4 +- .../aws-lambda-dynamodb/lib/index.ts | 5 +- .../test/lambda-dynamodb.test.ts | 7 +- .../lib/index.ts | 1 + .../test/lambda-elasticachememcached.test.ts | 24 +++++- .../lib/index.ts | 1 + .../test/lambda-elasticsearch-kibana.test.ts | 20 ++++- .../aws-lambda-eventbridge/lib/index.ts | 5 +- .../test/aws-lambda-eventbridge.test.ts | 29 ++----- .../aws-lambda-kendra/lib/index.ts | 1 + .../test/lambda-kendra.test.ts | 78 ++++++++++--------- .../aws-lambda-kinesisfirehose/lib/index.ts | 1 + .../test/aws-lambda-kinesisfirehose.test.ts | 29 +++++++ .../aws-lambda-kinesisstreams/lib/index.ts | 1 + .../test/lambda-kinesisstream.test.ts | 29 ++++++- .../aws-lambda-opensearch/lib/index.ts | 1 + .../test/lambda-opensearch.test.ts | 25 ++++++ .../aws-lambda-s3/lib/index.ts | 1 + .../aws-lambda-s3/test/lambda-s3.test.ts | 56 +++++++------ .../aws-lambda-sagemakerendpoint/lib/index.ts | 4 +- .../test/aws-lambda-sagemakerendpoint.test.ts | 11 ++- .../aws-lambda-secretsmanager/lib/index.ts | 4 +- .../test/lambda-secretsmanager.test.ts | 45 ++--------- .../aws-lambda-sns/lib/index.ts | 1 + .../aws-lambda-sns/test/lambda-sns.test.ts | 62 +-------------- .../aws-lambda-sqs/lib/index.ts | 1 + .../aws-lambda-sqs/test/lambda-sqs.test.ts | 17 +--- .../lib/index.ts | 1 + .../test/lambda-ssmstringparameter.test.ts | 40 +--------- .../aws-lambda-stepfunctions/lib/index.ts | 4 +- .../test/lambda-stepfunctions.test.ts | 37 +-------- .../core/lib/input-validation.ts | 30 ++++--- .../core/test/input-validation.test.ts | 12 ++- 60 files changed, 669 insertions(+), 326 deletions(-) diff --git a/source/patterns/@aws-solutions-constructs/aws-alb-fargate/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-alb-fargate/lib/index.ts index bee06a834..bd9e7ba9c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-alb-fargate/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-alb-fargate/lib/index.ts @@ -167,6 +167,7 @@ export class AlbToFargate extends Construct { defaults.CheckProps(props); defaults.CheckAlbProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); // Obtain VPC for construct (existing or created) this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-alb-fargate/test/alb-fargate.test.ts b/source/patterns/@aws-solutions-constructs/aws-alb-fargate/test/alb-fargate.test.ts index cedb5437f..ab0664025 100644 --- a/source/patterns/@aws-solutions-constructs/aws-alb-fargate/test/alb-fargate.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-alb-fargate/test/alb-fargate.test.ts @@ -463,3 +463,24 @@ test('Test HTTPS API with new vpc, load balancer, service and private API', () = ] }); }); + +test('Confirm that CheckVpcProps is called', () => { + const stack = new cdk.Stack(undefined, undefined, { + env: { account: "123456789012", region: 'us-east-1' }, + }); + + const props: AlbToFargateProps = { + ecrRepositoryArn: defaults.fakeEcrRepoArn, + listenerProps: { + certificates: [defaults.getFakeCertificate(stack, "fake-cert")] + }, + publicApi: false, + vpcProps: {}, + existingVpc: defaults.getTestVpc(stack), + }; + const app = () => { + new AlbToFargate(stack, 'new-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-alb-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-alb-lambda/lib/index.ts index 147becab9..68c7d21b4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-alb-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-alb-lambda/lib/index.ts @@ -123,6 +123,7 @@ export class AlbToLambda extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckAlbProps(props); + defaults.CheckVpcProps(props); // Obtain VPC for construct (existing or created) this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-alb-lambda/test/alb-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-alb-lambda/test/alb-lambda.test.ts index 6e8f60539..2d629a3d2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-alb-lambda/test/alb-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-alb-lambda/test/alb-lambda.test.ts @@ -247,7 +247,7 @@ test("Test existing load balancer and existing lambda function", () => { existingLambdaObj: lambdaFunction, existingLoadBalancerObj: existingAlb, listenerProps: { - certificates: [ defaults.getFakeCertificate(stack, "fake-cert") ], + certificates: [defaults.getFakeCertificate(stack, "fake-cert")], }, publicApi: true, existingVpc: testExistingVpc, @@ -289,7 +289,7 @@ test('Test new load balancer and new lambda function', () => { }); const props: AlbToLambdaProps = { - lambdaFunctionProps: { + lambdaFunctionProps: { code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_16_X, handler: 'index.handler', @@ -952,3 +952,28 @@ test('Test existingLoadBalancerObj and no existingVpc is an error', () => { expect(app).toThrowError( /An existing ALB is already in a VPC, that VPC must be provided in props.existingVpc for the rest of the construct to use./); }); + +test('Confirm that CheckVpcProps is called', () => { + const stack = new cdk.Stack(undefined, undefined, { + env: { account: "123456789012", region: 'us-east-1' }, + }); + + const props: AlbToLambdaProps = { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.handler' + }, + listenerProps: { + certificates: [defaults.getFakeCertificate(stack, "fake-cert")] + }, + publicApi: false, + vpcProps: {}, + existingVpc: defaults.getTestVpc(stack), + }; + const app = () => { + new AlbToLambda(stack, 'new-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodbstreams-lambda-elasticsearch-kibana/test/dynamodbstreams-lambda-elasticsearch-kibana.test.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodbstreams-lambda-elasticsearch-kibana/test/dynamodbstreams-lambda-elasticsearch-kibana.test.ts index 5ebf9de4e..b084ebdb9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodbstreams-lambda-elasticsearch-kibana/test/dynamodbstreams-lambda-elasticsearch-kibana.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodbstreams-lambda-elasticsearch-kibana/test/dynamodbstreams-lambda-elasticsearch-kibana.test.ts @@ -226,4 +226,22 @@ test('Test minimal deployment with an existing isolated VPC', () => { template.resourceCountIs("AWS::EC2::VPC", 1); expect(construct.vpc).toBeDefined(); -}); \ No newline at end of file +}); + +test('Confirm CheckVpcProps is being called', () => { + const stack = new cdk.Stack(); + + const app = () => { + new DynamoDBStreamsToLambdaToElasticSearchAndKibana(stack, 'test-construct', { + lambdaFunctionProps: getDefaultTestLambdaProps(), + domainName: "test", + deployVpc: true, + vpcProps: { + vpcName: "existing-vpc-test" + }, + existingVpc: defaults.getTestVpc(stack), + }); + }; + + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/lib/index.ts index d937e6b3b..e2602aa4e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/lib/index.ts @@ -143,6 +143,7 @@ export class FargateToDynamoDB extends Construct { defaults.CheckProps(props); defaults.CheckFargateProps(props); defaults.CheckDynamoDBProps(props); + defaults.CheckVpcProps(props); // Other permissions for constructs are accepted as arrays, turning tablePermissions into // an array to use the same validation function. diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/test/fargate-dynamodb.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/test/fargate-dynamodb.test.ts index 1e535817d..23c011611 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/test/fargate-dynamodb.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-dynamodb/test/fargate-dynamodb.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToDynamoDB } from "../lib"; +import { FargateToDynamoDB, FargateToDynamoDBProps } from "../lib"; import * as dynamodb from 'aws-cdk-lib/aws-dynamodb'; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -713,4 +713,37 @@ test('test that DDB input args are getting checked', () => { }; expect(app).toThrowError('Error - Either provide existingTableInterface or dynamoTableProps, but not both.\n'); -}); \ No newline at end of file +}); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToDynamoDBProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + dynamoTableProps: { + tableName: 'fake-name', + partitionKey: { + name: 'id', + type: dynamodb.AttributeType.STRING + }, + }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToDynamoDB(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/lib/index.ts index 06b577b7f..0c97a19d2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/lib/index.ts @@ -134,6 +134,7 @@ export class FargateToEventbridge extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); this.vpc = defaults.buildVpc(scope, { existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/test/fargate-eventbridge.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/test/fargate-eventbridge.test.ts index 780dca7ff..0a8e7f10e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/test/fargate-eventbridge.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-eventbridge/test/fargate-eventbridge.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToEventbridge } from "../lib"; +import { FargateToEventbridge, FargateToEventbridgeProps } from "../lib"; import * as events from 'aws-cdk-lib/aws-events'; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -372,4 +372,29 @@ function createFargateConstructWithNewResources(stack: cdk.Stack, publicApi: boo eventBusName: 'custom-name' } }); -} \ No newline at end of file +} + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + + const props: FargateToEventbridgeProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + eventBusProps: { + eventBusName: 'custom-name' + }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToEventbridge(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/lib/index.ts index 42cee3e2b..3cd6c3c6e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/lib/index.ts @@ -127,6 +127,7 @@ export class FargateToKinesisFirehose extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); if (!props.existingKinesisFirehose.deliveryStreamName) { throw new Error('existingKinesisFirehose must have a defined deliveryStreamName'); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/test/aws-fargate-kinesisfirehose.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/test/aws-fargate-kinesisfirehose.test.ts index 3c35374d4..7ea1a788d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/test/aws-fargate-kinesisfirehose.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisfirehose/test/aws-fargate-kinesisfirehose.test.ts @@ -13,7 +13,7 @@ import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToKinesisFirehose } from "../lib"; +import { FargateToKinesisFirehose, FargateToKinesisFirehoseProps } from "../lib"; import * as ecs from 'aws-cdk-lib/aws-ecs'; import { Match, Template } from "aws-cdk-lib/assertions"; import { GetTestFirehoseDestination } from './test-helper'; @@ -711,3 +711,31 @@ test('Test fail if existingFirehose does not have a stream name', () => { expect(app).toThrowError(/existingKinesisFirehose must have a defined deliveryStreamName/); }); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + const destination = GetTestFirehoseDestination(stack, 'test-destination'); + + const props: FargateToKinesisFirehoseProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + existingKinesisFirehose: destination.kinesisFirehose, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToKinesisFirehose(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/lib/index.ts index b87cdb3a4..57b95b6e8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/lib/index.ts @@ -152,6 +152,7 @@ export class FargateToKinesisStreams extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); // Setup the VPC this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/test/fargate-kinesisstreams.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/test/fargate-kinesisstreams.test.ts index ea17271b0..15740bc9d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/test/fargate-kinesisstreams.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-kinesisstreams/test/fargate-kinesisstreams.test.ts @@ -11,7 +11,7 @@ * and limitations under the License. */ -import { FargateToKinesisStreams } from "../lib"; +import { FargateToKinesisStreams, FargateToKinesisStreamsProps } from "../lib"; import * as cdk from "aws-cdk-lib"; import * as kinesis from 'aws-cdk-lib/aws-kinesis'; import * as defaults from '@aws-solutions-constructs/core'; @@ -596,4 +596,30 @@ test('Construct uses existingFargateServiceObject when provided', () => { template.hasResourceProperties("AWS::ECS::Service", { ServiceName: 'my-service', }); -}); \ No newline at end of file +}); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToKinesisStreamsProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToKinesisStreams(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/lib/index.ts index e38b9a469..c9365df97 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/lib/index.ts @@ -147,6 +147,7 @@ export class FargateToOpenSearch extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); this.vpc = defaults.buildVpc(scope, { existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/test/fargate-opensearch.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/test/fargate-opensearch.test.ts index 277a64796..9d0b29c48 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/test/fargate-opensearch.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-opensearch/test/fargate-opensearch.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToOpenSearch } from "../lib"; +import { FargateToOpenSearch, FargateToOpenSearchProps } from "../lib"; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -737,3 +737,31 @@ test('Check error for using OpenSearch VPC prop parameter', () => { expect(app).toThrowError("Error - Define VPC using construct parameters not the OpenSearch Service props"); }); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToOpenSearchProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + openSearchDomainName: DOMAIN_NAME, + cognitoDomainName: COGNITO_DOMAIN_NAME, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToOpenSearch(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts index 786b76f21..f57723cbf 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts @@ -164,6 +164,7 @@ export class FargateToS3 extends Construct { defaults.CheckProps(props); defaults.CheckFargateProps(props); defaults.CheckS3Props(props); + defaults.CheckVpcProps(props); if (props.bucketPermissions) { defaults.CheckListValues(['Delete', 'Read', 'Write'], props.bucketPermissions, 'bucket permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts index 5fbf69d14..f4d3d4bdc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-s3/test/fargate-s3.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToS3 } from "../lib"; +import { FargateToS3, FargateToS3Props } from "../lib"; import * as s3 from 'aws-cdk-lib/aws-s3'; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -729,4 +729,30 @@ test('New service/new bucket, public API, new VPC', () => { }; // Assertion expect(app).toThrowError('Error - Either provide bucketProps or existingBucketObj, but not both.\n'); -}); \ No newline at end of file +}); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToS3Props = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToS3(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/lib/index.ts index 4b93937cc..3f2ef2551 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/lib/index.ts @@ -136,6 +136,7 @@ export class FargateToSecretsmanager extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); // Other permissions for constructs are accepted as arrays, turning grantWriteAccess into // an array to use the same validation function. diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/test/fargate-secretsmanager.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/test/fargate-secretsmanager.test.ts index d1d2dd005..ac84bf248 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/test/fargate-secretsmanager.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-secretsmanager/test/fargate-secretsmanager.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToSecretsmanager } from "../lib"; +import { FargateToSecretsmanager, FargateToSecretsmanagerProps } from "../lib"; import * as ecs from 'aws-cdk-lib/aws-ecs'; import { buildSecretsManagerSecret } from '@aws-solutions-constructs/core'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -637,4 +637,29 @@ test('Test error invalid secret permission', () => { }; expect(app).toThrowError('Invalid grantWriteAccess submitted - REED'); -}); \ No newline at end of file +}); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + + const props: FargateToSecretsmanagerProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + secretProps: { + secretName + }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToSecretsmanager(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sns/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sns/lib/index.ts index fb89e4034..dcf2b3751 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sns/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sns/lib/index.ts @@ -156,6 +156,7 @@ export class FargateToSns extends Construct { defaults.CheckProps(props); defaults.CheckFargateProps(props); defaults.CheckSnsProps(props); + defaults.CheckVpcProps(props); this.vpc = defaults.buildVpc(scope, { existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sns/test/fargate-sns.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sns/test/fargate-sns.test.ts index b68b8da3f..b22d033c9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sns/test/fargate-sns.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sns/test/fargate-sns.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToSns } from "../lib"; +import { FargateToSns, FargateToSnsProps } from "../lib"; import * as kms from 'aws-cdk-lib/aws-kms'; import * as sns from 'aws-cdk-lib/aws-sns'; import * as ecs from 'aws-cdk-lib/aws-ecs'; @@ -527,3 +527,29 @@ test('Confirm CheckSnsProps is being called', () => { // Assertion expect(app).toThrowError(/Error - Either provide topicProps or existingTopicObj, but not both.\n/); }); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToSnsProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToSns(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts index 45eb07bcb..3dd776d39 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/lib/index.ts @@ -181,6 +181,7 @@ export class FargateToSqs extends Construct { defaults.CheckProps(props); defaults.CheckFargateProps(props); defaults.CheckSqsProps(props); + defaults.CheckVpcProps(props); if (props.queuePermissions) { defaults.CheckListValues(['Read', 'Write'], props.queuePermissions, 'queue permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts index 30f64ae31..f614177c3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-sqs/test/fargate-sqs.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToSqs } from "../lib"; +import { FargateToSqs, FargateToSqsProps } from "../lib"; import * as kms from 'aws-cdk-lib/aws-kms'; import * as sqs from 'aws-cdk-lib/aws-sqs'; import * as ecs from 'aws-cdk-lib/aws-ecs'; @@ -641,3 +641,29 @@ test('Confirm CheckSqsProps is called', () => { }; expect(app).toThrowError("Error - Either provide queueProps or existingQueueObj, but not both.\n"); }); + +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + const clusterName = "custom-cluster-name"; + const containerName = "custom-container-name"; + const serviceName = "custom-service-name"; + const familyName = "custom-family-name"; + + const props: FargateToSqsProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToSqs(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts index 69474adac..114694b19 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts @@ -135,6 +135,7 @@ export class FargateToSsmstringparameter extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); // Other permissions for constructs are accepted as arrays, turning stringParameterPermissions into // an array to use the same validation function. diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/test/fargate-ssmstringparameter.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/test/fargate-ssmstringparameter.test.ts index 09ad54249..283ee5be6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/test/fargate-ssmstringparameter.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/test/fargate-ssmstringparameter.test.ts @@ -14,7 +14,7 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToSsmstringparameter } from "../lib"; +import { FargateToSsmstringparameter, FargateToSsmstringparameterProps } from "../lib"; import * as ssm from 'aws-cdk-lib/aws-ssm'; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -810,6 +810,32 @@ test('Test error no existing object or prop provided', () => { expect(app).toThrowError('existingStringParameterObj or stringParameterProps needs to be provided.'); }); +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + + const props: FargateToSsmstringparameterProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + stringParameterProps: { + parameterName, + stringValue + }, + existingVpc: defaults.getTestVpc(stack), + vpcProps: { }, + }; + + const app = () => { + new FargateToSsmstringparameter(stack, 'test-construct', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); + function createSsmParameterStore(stack: cdk.Stack) { return new ssm.StringParameter(stack, 'Parameter', { allowedPattern, diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/lib/index.ts index 056c3f2d1..9871f2b05 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/lib/index.ts @@ -140,6 +140,7 @@ export class FargateToStepfunctions extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckFargateProps(props); + defaults.CheckVpcProps(props); this.vpc = defaults.buildVpc(scope, { existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/test/fargate-stepfunctions.test.ts b/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/test/fargate-stepfunctions.test.ts index 66910d5da..6b065aa35 100644 --- a/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/test/fargate-stepfunctions.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-fargate-stepfunctions/test/fargate-stepfunctions.test.ts @@ -13,7 +13,7 @@ import * as defaults from '@aws-solutions-constructs/core'; import * as cdk from "aws-cdk-lib"; -import { FargateToStepfunctions } from "../lib"; +import { FargateToStepfunctions, FargateToStepfunctionsProps } from "../lib"; import * as stepfunctions from 'aws-cdk-lib/aws-stepfunctions'; import * as ecs from 'aws-cdk-lib/aws-ecs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; @@ -309,6 +309,30 @@ test('Check for custom log group props', () => { }); }); +test('Confirm that CheckVpcProps was called', () => { + const stack = new cdk.Stack(); + const publicApi = true; + + const props: FargateToStepfunctionsProps = { + publicApi, + ecrRepositoryArn: defaults.fakeEcrRepoArn, + clusterProps: { clusterName }, + containerDefinitionProps: { containerName }, + fargateTaskDefinitionProps: { family: familyName }, + fargateServiceProps: { serviceName }, + stateMachineProps: testStateMachineProps(stack), + existingVpc: defaults.getTestVpc(stack), + vpcProps: { ipAddresses: ec2.IpAddresses.cidr(testCidr) }, + }; + + const app = () => { + new FargateToStepfunctions(stack, 'test-construct', props); + }; + + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); + function createFargateConstructWithNewResources(stack: cdk.Stack, publicApi: boolean) { return new FargateToStepfunctions(stack, 'test-construct', { publicApi, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts index 42f7e8ff3..3e903a09c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts @@ -587,7 +587,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // -------------------------------------------------------------- // Test bad call with existingVpc and deployVpc // -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is called", () => { // Stack const stack = new cdk.Stack(); @@ -614,7 +614,7 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); // NOTE: existingTableObj was omitted from the interface for this construct, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/lib/index.ts index 2376bc92b..93497d06f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/lib/index.ts @@ -92,6 +92,7 @@ export class LambdaToDynamoDB extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckDynamoDBProps(props); + defaults.CheckVpcProps(props); // Other permissions for constructs are accepted as arrays, turning tablePermissions into // an array to use the same validation function. @@ -100,10 +101,6 @@ export class LambdaToDynamoDB extends Construct { } if (props.deployVpc || props.existingVpc) { - if (props.deployVpc && props.existingVpc) { - throw new Error("More than 1 VPC specified in the properties"); - } - this.vpc = defaults.buildVpc(scope, { defaultVpcProps: defaults.DefaultIsolatedVpcProps(), existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts index ea878a52a..1afe7536c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts @@ -759,10 +759,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is called", () => { // Stack const stack = new cdk.Stack(); @@ -781,7 +778,7 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); test('Test bad table permission', () => { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/lib/index.ts index dce8c4152..eded4d6eb 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/lib/index.ts @@ -93,6 +93,7 @@ export class LambdaToElasticachememcached extends Construct { ) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if ((props.existingCache || props.existingLambdaObj) && (!props.existingVpc)) { throw Error('If providing an existing Cache or Lambda Function, you must also supply the associated existingVpc'); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/test/lambda-elasticachememcached.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/test/lambda-elasticachememcached.test.ts index 99c126081..f9206d8a9 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/test/lambda-elasticachememcached.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/test/lambda-elasticachememcached.test.ts @@ -282,7 +282,7 @@ test('Test for the proper self referencing security group', () => { }, }); }); -// test('', () => {}); + test("Test error from existingCache and no VPC", () => { const stack = new cdk.Stack(); @@ -370,3 +370,25 @@ test("Test error from trying to launch Redis", () => { expect(app).toThrowError("This construct can only launch memcached clusters"); }); + +test("Test error from existingCache and no VPC", () => { + const stack = new cdk.Stack(); + + const vpc = defaults.getTestVpc(stack); + + const app = () => { + new LambdaToElasticachememcached(stack, "testStack", { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_16_X, + handler: ".handler", + }, + vpcProps: {}, + existingVpc: vpc + }); + }; + + expect(app).toThrowError( + 'Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n' + ); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts index dffaf3625..89efeb10b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts @@ -108,6 +108,7 @@ export class LambdaToElasticSearchAndKibana extends Construct { constructor(scope: Construct, id: string, props: LambdaToElasticSearchAndKibanaProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.vpcProps && !props.deployVpc) { throw new Error("Error - deployVpc must be true when defining vpcProps"); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts index 94ea22461..f110786b3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts @@ -567,4 +567,22 @@ function getDefaultTestLambdaProps(): lambda.FunctionProps { runtime: lambda.Runtime.NODEJS_16_X, handler: 'index.handler', }; -} \ No newline at end of file +} + +test('Confirm CheckVpcProps is being called', () => { + const stack = new cdk.Stack(); + + const app = () => { + new LambdaToElasticSearchAndKibana(stack, 'test-lambda-elasticsearch-kibana', { + lambdaFunctionProps: getDefaultTestLambdaProps(), + domainName: "test", + deployVpc: true, + vpcProps: { + vpcName: "existing-vpc-test" + }, + existingVpc: defaults.getTestVpc(stack), + }); + }; + + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/lib/index.ts index d2f3815c2..be6edde78 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/lib/index.ts @@ -87,12 +87,9 @@ export class LambdaToEventbridge extends Construct { constructor(scope: Construct, id: string, props: LambdaToEventbridgeProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.deployVpc || props.existingVpc) { - if (props.deployVpc && props.existingVpc) { - throw new Error("More than 1 VPC specified in the properties"); - } - this.vpc = defaults.buildVpc(scope, { defaultVpcProps: defaults.DefaultIsolatedVpcProps(), existingVpc: props.existingVpc, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts index 93e167b64..4b5553ba9 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts @@ -73,9 +73,6 @@ const vpcConfig = { }, }; -// -------------------------------------------------------------- -// Tests minimal deployment with new Lambda function -// -------------------------------------------------------------- test('Test minimal deployment with new Lambda function', () => { // Stack const stack = new Stack(); @@ -121,10 +118,7 @@ test('Test minimal deployment with new Lambda function', () => { }); }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is being called", () => { // Stack const stack = new Stack(); @@ -134,7 +128,7 @@ test("Test bad call with existingVpc and deployVpc", () => { // Helper declaration new LambdaToEventbridge(stack, "lambda-to-eventbridge-stack", { lambdaFunctionProps: { - runtime: lambda.Runtime.NODEJS_16_X, + runtime: lambda.Runtime.NODEJS_18_X, handler: "index.handler", code: lambda.Code.fromAsset(`${__dirname}/lambda`), }, @@ -143,12 +137,9 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); -// -------------------------------------------------------------- -// Test exception while passing existingEventBus & eventBusProps -// -------------------------------------------------------------- test("Test bad call with existingVpc and deployVpc", () => { // Stack const stack = new Stack(); @@ -213,9 +204,6 @@ test('Test deployment w/ existing eventbus', () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -245,9 +233,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -353,8 +338,6 @@ test("Test minimal deployment with an existing VPC", () => { // -------------------------------------------------------------- // Test minimal deployment with an existing VPC and existing Lambda function not in a VPC // -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC // -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack @@ -370,7 +353,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToEventbridge(stack, "lambda-to-eventbridge-stack", { existingLambdaObj: testLambdaFunction, existingVpc: testVpc, @@ -382,9 +366,6 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// ---------------------------------------------------------------------------------- -// Test lambda function custom environment variable and custom event bus permissions -// ---------------------------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/lib/index.ts index e44f13a92..331edc378 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/lib/index.ts @@ -105,6 +105,7 @@ export class LambdaToKendra extends Construct { constructor(scope: Construct, id: string, props: LambdaToKendraProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.kendraIndexProps && props.existingKendraIndexObj) { throw new Error('You may not provide both kendraIndexProps and existingKendraIndexObj'); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/test/lambda-kendra.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/test/lambda-kendra.test.ts index 988d5eb13..7f834f4d7 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/test/lambda-kendra.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kendra/test/lambda-kendra.test.ts @@ -11,9 +11,8 @@ * and limitations under the License. */ -import { LambdaToKendra } from "../lib"; +import { LambdaToKendra, LambdaToKendraProps } from "../lib"; import * as lambda from 'aws-cdk-lib/aws-lambda'; -import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as kendra from 'aws-cdk-lib/aws-kendra'; import * as iam from 'aws-cdk-lib/aws-iam'; import * as cdk from "aws-cdk-lib"; @@ -445,39 +444,6 @@ test('Launch with existing lambda', () => { }); }); -test('Confirm error with existing vpc and vpc props', () => { - const stack = new cdk.Stack(); - const testBucketName = 'test-bucket-name22'; - - const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.fromAsset(`${__dirname}/lambda`), - runtime: lambda.Runtime.NODEJS_18_X, - handler: 'index.handler' - }; - - const app = () => { - new LambdaToKendra(stack, 'sample', { - existingVpc: defaults.getTestVpc(stack), - deployVpc: true, - vpcProps: { - ipAddresses: ec2.IpAddresses.cidr('10.0.0.0/16') - }, - lambdaFunctionProps: lambdaProps, - kendraDataSourcesProps: [{ - type: 'S3', - dataSourceConfiguration: { - s3Configuration: { - bucketName: testBucketName, - } - } - } - ], - }); - }; - - expect(app).toThrowError(/Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n/); -}); - test('Confirm error with data source with no bucket name', () => { const stack = new cdk.Stack(); @@ -1038,3 +1004,45 @@ test('Test with custom environment variable name', () => { }); }); + +test('Confirm CheckVpcProps is being called', () => { + const stack = new cdk.Stack(); + const testFunctionName = 'test-function-name24334'; + const testBucketName = 'test-bucket-name12344'; + + const vpc = defaults.buildVpc(stack, { + defaultVpcProps: defaults.DefaultIsolatedVpcProps(), + constructVpcProps: { + enableDnsHostnames: true, + enableDnsSupport: true, + }, + }); + + const lambdaProps: lambda.FunctionProps = { + functionName: testFunctionName, + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_18_X, + handler: 'index.handler' + }; + + const props: LambdaToKendraProps = { + lambdaFunctionProps: lambdaProps, + kendraDataSourcesProps: [{ + type: 'S3', + dataSourceConfiguration: { + s3Configuration: { + bucketName: testBucketName, + } + } + } + ], + deployVpc: true, + existingVpc: vpc + }; + + const app = () => { + new LambdaToKendra(stack, 'sample', props); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/lib/index.ts index 6971f5946..350cdbbc1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/lib/index.ts @@ -83,6 +83,7 @@ export class LambdaToKinesisFirehose extends Construct { constructor(scope: Construct, id: string, props: LambdaToKinesisFirehoseProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (!props.deployVpc && props.vpcProps) { throw new Error('Error - If deployVpc is not true, then vpcProps is ignored'); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/test/aws-lambda-kinesisfirehose.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/test/aws-lambda-kinesisfirehose.test.ts index e049b30fb..fb02e6b8d 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/test/aws-lambda-kinesisfirehose.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisfirehose/test/aws-lambda-kinesisfirehose.test.ts @@ -242,3 +242,32 @@ test('Test fail Vpc check with vpcProps yet deployVpc is undefined', () => { // Assertion expect(app).toThrowError('Error - If deployVpc is not true, then vpcProps is ignored'); }); + +test('Confirm CheckVpcProps() is being called', () => { + const stack = new cdk.Stack(); + const destination = GetTestFirehoseDestination(stack, 'test-destination'); + + const vpc = defaults.buildVpc(stack, { + defaultVpcProps: defaults.DefaultIsolatedVpcProps(), + constructVpcProps: { + enableDnsHostnames: true, + enableDnsSupport: true, + }, + }); + + const app = () => { + // Helper declaration + new LambdaToKinesisFirehose(stack, 'test-lambda-kinesisfirehose', { + existingKinesisFirehose: destination.kinesisFirehose, + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_18_X, + handler: 'index.handler' + }, + deployVpc: true, + existingVpc: vpc + }); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/lib/index.ts index 06d6acbd1..aa8d3a699 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/lib/index.ts @@ -96,6 +96,7 @@ export class LambdaToKinesisStreams extends Construct { constructor(scope: Construct, id: string, props: LambdaToKinesisStreamsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); // Setup the VPC if (props.deployVpc || props.existingVpc) { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/test/lambda-kinesisstream.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/test/lambda-kinesisstream.test.ts index 60c375174..5c7312e48 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/test/lambda-kinesisstream.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-kinesisstreams/test/lambda-kinesisstream.test.ts @@ -549,4 +549,31 @@ function verifyLambdaFunctionVpcProps(template: Template, vpcId: string, subnetT EnableDnsHostnames: true, EnableDnsSupport: true, }); -} \ No newline at end of file +} + +test('Confirm CheckVpcProps() is being called', () => { + const stack = new cdk.Stack(); + + const vpc = defaults.buildVpc(stack, { + defaultVpcProps: defaults.DefaultIsolatedVpcProps(), + constructVpcProps: { + enableDnsHostnames: true, + enableDnsSupport: true, + }, + }); + + const app = () => { + // Helper declaration + new LambdaToKinesisStreams(stack, 'test-lambda-kinesisstreams', { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_18_X, + handler: 'index.handler' + }, + deployVpc: true, + existingVpc: vpc + }); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/lib/index.ts index af3bee054..9eda22c10 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/lib/index.ts @@ -108,6 +108,7 @@ export class LambdaToOpenSearch extends Construct { constructor(scope: Construct, id: string, props: LambdaToOpenSearchProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.vpcProps && !props.deployVpc) { throw new Error("Error - deployVpc must be true when defining vpcProps"); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/test/lambda-opensearch.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/test/lambda-opensearch.test.ts index 47013d07c..89ed23f15 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/test/lambda-opensearch.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-opensearch/test/lambda-opensearch.test.ts @@ -600,3 +600,28 @@ test('Test error for missing existingLambdaObj or lambdaFunctionProps', () => { expect(e).toBeInstanceOf(Error); } }); + +test('Confirm CheckVpcProps is being called', () => { + const stack = new cdk.Stack(); + const vpc = defaults.buildVpc(stack, { + defaultVpcProps: defaults.DefaultIsolatedVpcProps(), + constructVpcProps: { + enableDnsHostnames: true, + enableDnsSupport: true, + }, + }); + + const app = () => { + new LambdaToOpenSearch(stack, 'test-lambda-opensearch', { + lambdaFunctionProps: getDefaultTestLambdaProps(), + openSearchDomainName: "test", + vpcProps: { + vpcName: "existing-vpc-test" + }, + deployVpc: true, + existingVpc: vpc + }); + }; + + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts index 86be5603e..7db870a07 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/lib/index.ts @@ -116,6 +116,7 @@ export class LambdaToS3 extends Construct { defaults.CheckProps(props); defaults.CheckS3Props(props); + defaults.CheckVpcProps(props); if (props.bucketPermissions) { defaults.CheckListValues(['Delete', 'Put', 'Read', 'ReadWrite', 'Write'], props.bucketPermissions, 'bucket permission'); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts index cfb737c8f..2ddabc047 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts @@ -17,7 +17,7 @@ import * as lambda from "aws-cdk-lib/aws-lambda"; import * as ec2 from "aws-cdk-lib/aws-ec2"; import * as s3 from "aws-cdk-lib/aws-s3"; import { LambdaToS3 } from '../lib'; -import { CreateScrapBucket } from '@aws-solutions-constructs/core'; +import * as defaults from '@aws-solutions-constructs/core'; import { Template } from 'aws-cdk-lib/assertions'; test('Test the properties', () => { @@ -235,34 +235,12 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -test("Test bad call with existingVpc and deployVpc", () => { - // Stack - const stack = new Stack(); - - const testVpc = new ec2.Vpc(stack, "test-vpc", {}); - - const app = () => { - // Helper declaration - new LambdaToS3(stack, "lambda-to-s3-stack", { - lambdaFunctionProps: { - runtime: lambda.Runtime.NODEJS_16_X, - handler: "index.handler", - code: lambda.Code.fromAsset(`${__dirname}/lambda`), - }, - existingVpc: testVpc, - deployVpc: true, - }); - }; - // Assertion - expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); -}); - test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); // Helper declaration - const existingBucket = CreateScrapBucket(stack, {}); + const existingBucket = defaults.CreateScrapBucket(stack, {}); const mybucket: s3.IBucket = s3.Bucket.fromBucketName(stack, 'mybucket', existingBucket.bucketName); new LambdaToS3(stack, 'lambda-to-s3-stack', { existingBucketObj: mybucket, @@ -420,3 +398,33 @@ test('Test bad bucket permission', () => { expect(alb).toThrowError('Invalid bucket permission submitted - Reed'); }); + +test("Confirm that CheckVpcProps is being called", () => { + // Stack + const stack = new Stack(); + const vpc = defaults.buildVpc(stack, { + defaultVpcProps: defaults.DefaultIsolatedVpcProps(), + constructVpcProps: { + enableDnsHostnames: true, + enableDnsSupport: true, + }, + }); + + const app = () => { + // Helper declaration + new LambdaToS3(stack, "bad-s3-args", { + lambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_16_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + }, + bucketProps: { + removalPolicy: RemovalPolicy.DESTROY + }, + deployVpc: true, + existingVpc: vpc, + }); + }; + // Assertion + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); +}); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/lib/index.ts index a59c19713..720d316cc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/lib/index.ts @@ -106,11 +106,9 @@ export class LambdaToSagemakerEndpoint extends Construct { constructor(scope: Construct, id: string, props: LambdaToSagemakerEndpointProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.deployVpc || props.existingVpc) { - if (props.deployVpc && props.existingVpc) { - throw new Error('More than 1 VPC specified in the properties'); - } // create the VPC this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/test/aws-lambda-sagemakerendpoint.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/test/aws-lambda-sagemakerendpoint.test.ts index b2b2599b2..7de4618fc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/test/aws-lambda-sagemakerendpoint.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sagemakerendpoint/test/aws-lambda-sagemakerendpoint.test.ts @@ -360,7 +360,7 @@ test('Test for error with existingLambdaObj/lambdaFunctionProps=undefined (not s // -------------------------------------------------------------------- // Test for error with (props.deployVpc && props.existingVpc) is true // -------------------------------------------------------------------- -test('Test for error with (props.deployVpc && props.existingVpc) is true', () => { +test('confirm CheckVpcProps is called', () => { // Initial Setup const stack = new Stack(); @@ -384,6 +384,13 @@ test('Test for error with (props.deployVpc && props.existingVpc) is true', () => modelDataUrl: 's3:////model.tar.gz', }, }, + lambdaFunctionProps: { + runtime: lambda.Runtime.PYTHON_3_8, + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + handler: 'index.handler', + timeout: Duration.minutes(5), + memorySize: 128, + }, deployVpc: true, existingVpc: vpc, }; @@ -391,7 +398,7 @@ test('Test for error with (props.deployVpc && props.existingVpc) is true', () => new LambdaToSagemakerEndpoint(stack, 'test-lambda-sagemaker', constructProps); }; // Assertion 1 - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); // ---------------------------------------------------------------------------------------------------------- diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/lib/index.ts index 79060aed8..9d32421e1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/lib/index.ts @@ -93,11 +93,9 @@ export class LambdaToSecretsmanager extends Construct { constructor(scope: Construct, id: string, props: LambdaToSecretsmanagerProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); if (props.deployVpc || props.existingVpc) { - if (props.deployVpc && props.existingVpc) { - throw new Error("More than 1 VPC specified in the properties"); - } this.vpc = defaults.buildVpc(scope, { defaultVpcProps: defaults.DefaultIsolatedVpcProps(), diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/test/lambda-secretsmanager.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/test/lambda-secretsmanager.test.ts index e693e5891..5855b3e0f 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/test/lambda-secretsmanager.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-secretsmanager/test/lambda-secretsmanager.test.ts @@ -20,9 +20,6 @@ import { LambdaToSecretsmanager } from '../lib'; import { Template } from 'aws-cdk-lib/assertions'; import * as defaults from "@aws-solutions-constructs/core"; -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -43,9 +40,6 @@ test('Test the properties', () => { expect(secret).toBeDefined(); }); -// -------------------------------------------------------------- -// Test deployment w/ existing secret -// -------------------------------------------------------------- test('Test deployment w/ existing secret', () => { // Stack const stack = new Stack(); @@ -68,9 +62,6 @@ test('Test deployment w/ existing secret', () => { expect(pattern.secret).toBe(existingSecret); }); -// -------------------------------------------------------------- -// Test deployment w/ existing function -// -------------------------------------------------------------- test('Test deployment w/ existing function', () => { // Stack const stack = new Stack(); @@ -95,9 +86,6 @@ test('Test deployment w/ existing function', () => { expect(pattern.lambdaFunction).toBe(existingFunction); }); -// -------------------------------------------------------------- -// Test minimal deployment with write access to Secret -// -------------------------------------------------------------- test('Test minimal deployment write access to Secret', () => { // Stack const stack = new Stack(); @@ -119,9 +107,6 @@ test('Test minimal deployment write access to Secret', () => { }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -171,9 +156,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -229,9 +211,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -276,13 +255,7 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- -test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { +test("Check error when existing lambda function is not in VPC and construct is in VPC", () => { // Stack const stack = new Stack(); @@ -296,7 +269,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToSecretsmanager(stack, "lambda-to-secretsmanager-stack", { existingLambdaObj: testLambdaFunction, existingVpc: testVpc, @@ -309,10 +283,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is called", () => { // Stack const stack = new Stack(); @@ -332,12 +303,9 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -372,9 +340,6 @@ test('Test lambda function custom environment variable', () => { }); }); -// -------------------------------------------------------------- -// Test overriding secretProps to pass a customer provided CMK -// -------------------------------------------------------------- test('Test overriding secretProps to pass a customer provided CMK', () => { // Stack const stack = new Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/lib/index.ts index 765e36c99..16839ca9e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/lib/index.ts @@ -115,6 +115,7 @@ export class LambdaToSns extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckSnsProps(props); + defaults.CheckVpcProps(props); if (props.deployVpc || props.existingVpc) { this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts index 145c7fbf2..0b5285e50 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts @@ -20,9 +20,6 @@ import * as ec2 from "aws-cdk-lib/aws-ec2"; import { LambdaToSns, LambdaToSnsProps } from '../lib'; import { Template } from 'aws-cdk-lib/assertions'; -// -------------------------------------------------------------- -// Test deployment with new Lambda function -// -------------------------------------------------------------- test('Test deployment with new Lambda function', () => { // Stack const stack = new Stack(); @@ -80,9 +77,6 @@ test('Test deployment with new Lambda function', () => { }); }); -// -------------------------------------------------------------- -// Test deployment with existing existingTopicObj -// -------------------------------------------------------------- test('Test deployment with existing existingTopicObj', () => { // Stack const stack = new Stack(); @@ -110,9 +104,6 @@ test('Test deployment with existing existingTopicObj', () => { }); }); -// -------------------------------------------------------------- -// Test deployment with imported encryption key -// -------------------------------------------------------------- test('override topicProps', () => { const stack = new Stack(); @@ -135,9 +126,6 @@ test('override topicProps', () => { }); }); -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -157,9 +145,6 @@ test('Test the properties', () => { expect(topic).toBeDefined(); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -208,9 +193,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -265,9 +247,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -311,12 +290,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack const stack = new Stack(); @@ -331,7 +304,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToSns(stack, "lambda-to-sns-stack", { existingLambdaObj: testLambdaFunction, existingVpc: testVpc, @@ -343,34 +317,6 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { - // Stack - const stack = new Stack(); - - const testVpc = new ec2.Vpc(stack, "test-vpc", {}); - - const app = () => { - // Helper declaration - new LambdaToSns(stack, "lambda-to-sns-stack", { - lambdaFunctionProps: { - runtime: lambda.Runtime.NODEJS_16_X, - handler: "index.handler", - code: lambda.Code.fromAsset(`${__dirname}/lambda`), - }, - existingVpc: testVpc, - deployVpc: true, - }); - }; - // Assertion - expect(app).toThrowError(); -}); - -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -567,7 +513,7 @@ test('Topic is encrypted with customer managed KMS Key when enable encryption fl }); }); -test('Error is thrown when conflicting VPC information is provided', () => { +test('Confirm CheckVpcProps is called', () => { const stack = new Stack(); const app = () => { @@ -577,7 +523,7 @@ test('Error is thrown when conflicting VPC information is provided', () => { }); }; - expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.'); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); test('Test that CheckSnsProps is getting called', () => { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts index 5d03dc209..9ab738b04 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts @@ -133,6 +133,7 @@ export class LambdaToSqs extends Construct { super(scope, id); defaults.CheckProps(props); defaults.CheckSqsProps(props); + defaults.CheckVpcProps(props); if (props.deployVpc || props.existingVpc) { this.vpc = defaults.buildVpc(scope, { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts index 0fc964382..d71a285bc 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts @@ -213,7 +213,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is called", () => { // Stack const stack = new Stack(); @@ -232,7 +232,7 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); test('Test lambda function custom environment variable', () => { @@ -405,19 +405,6 @@ test('Queue is encrypted with customer managed KMS Key when enable encryption fl }); }); -test('Error is thrown when conflicting VPC information is provided', () => { - const stack = new Stack(); - - const app = () => { - new LambdaToSqs(stack, 'test-construct', { - existingVpc: new ec2.Vpc(stack, "test-vpc", {}), - deployVpc: true - }); - }; - - expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.'); -}); - test('Queue purging flag grants correct permissions', () => { const stack = new Stack(); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/lib/index.ts index 01d038773..ee603b8ca 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/lib/index.ts @@ -95,6 +95,7 @@ export class LambdaToSsmstringparameter extends Construct { constructor(scope: Construct, id: string, props: LambdaToSsmstringparameterProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); // This should have been an array, we will make it an array for validation if (props.stringParameterPermissions) { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/test/lambda-ssmstringparameter.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/test/lambda-ssmstringparameter.test.ts index db3f570b9..9be560701 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/test/lambda-ssmstringparameter.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-ssmstringparameter/test/lambda-ssmstringparameter.test.ts @@ -20,9 +20,6 @@ import { Template } from 'aws-cdk-lib/assertions'; import { StringParameter } from "aws-cdk-lib/aws-ssm"; import * as defaults from "@aws-solutions-constructs/core"; -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -57,9 +54,6 @@ test('Test lambda function custom environment variable', () => { }); }); -// -------------------------------------------------------------- -// Test the getter methods -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -80,9 +74,6 @@ test('Test the properties', () => { expect(stringParam).toBeDefined(); }); -// -------------------------------------------------------------- -// Test deployment w/ existing String Parameter -// -------------------------------------------------------------- test('Test deployment w/ existing String Parameter', () => { // Stack const stack = new Stack(); @@ -107,9 +98,6 @@ test('Test deployment w/ existing String Parameter', () => { expect(pattern.stringParameter).toBe(existingStringParam); }); -// -------------------------------------------------------------- -// Test deployment w/ existing function -// -------------------------------------------------------------- test('Test deployment w/ existing function', () => { // Stack const stack = new Stack(); @@ -135,9 +123,6 @@ test('Test deployment w/ existing function', () => { expect(pattern.lambdaFunction).toBe(existingFunction); }); -// -------------------------------------------------------------- -// Test minimal deployment with write access to String Parameter. -// -------------------------------------------------------------- test('Test minimal deployment write access to String Parameter ', () => { // Stack const stack = new Stack(); @@ -160,9 +145,6 @@ test('Test minimal deployment write access to String Parameter ', () => { }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -212,9 +194,6 @@ test("Test minimal deployment that deploys a VPC without vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC w/vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC w/vpcProps", () => { // Stack const stack = new Stack(); @@ -270,9 +249,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -317,12 +293,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack const stack = new Stack(); @@ -337,7 +307,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToSsmstringparameter(stack, "lambda-to-ssm-stack", { existingLambdaObj: testLambdaFunction, existingVpc: testVpc, @@ -350,10 +321,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm that CheckVpcProps is called", () => { // Stack const stack = new Stack(); @@ -373,7 +341,7 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); test("Test bad call with invalid string parameter permission", () => { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/lib/index.ts index 9f6406460..6761f39f9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/lib/index.ts @@ -98,12 +98,10 @@ export class LambdaToStepfunctions extends Construct { constructor(scope: Construct, id: string, props: LambdaToStepfunctionsProps) { super(scope, id); defaults.CheckProps(props); + defaults.CheckVpcProps(props); // Setup vpc if (props.deployVpc || props.existingVpc) { - if (props.deployVpc && props.existingVpc) { - throw new Error("More than 1 VPC specified in the properties"); - } this.vpc = defaults.buildVpc(scope, { defaultVpcProps: defaults.DefaultIsolatedVpcProps(), diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/test/lambda-stepfunctions.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/test/lambda-stepfunctions.test.ts index cf9fbc33b..5bbd23157 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/test/lambda-stepfunctions.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-stepfunctions/test/lambda-stepfunctions.test.ts @@ -20,9 +20,6 @@ import * as ec2 from "aws-cdk-lib/aws-ec2"; import { LambdaToStepfunctions } from '../lib'; import { Template } from "aws-cdk-lib/assertions"; -// -------------------------------------------------------------- -// Test deployment with new Lambda function -// -------------------------------------------------------------- test('Test deployment with new Lambda function', () => { // Stack const stack = new Stack(); @@ -90,9 +87,6 @@ test('Test deployment with existing Lambda function', () => { }); }); -// -------------------------------------------------------------- -// Test invocation permissions -// -------------------------------------------------------------- test('Test invocation permissions', () => { // Stack const stack = new Stack(); @@ -140,9 +134,6 @@ test('Test invocation permissions', () => { }); }); -// -------------------------------------------------------------- -// Test the properties -// -------------------------------------------------------------- test('Test the properties', () => { // Stack const stack = new Stack(); @@ -173,9 +164,6 @@ test('Test the properties', () => { expect(pattern.stateMachineLogGroup).toBeDefined(); }); -// -------------------------------------------------------------- -// Test the properties -// -------------------------------------------------------------- test('Test the properties with no CW Alarms', () => { // Stack const stack = new Stack(); @@ -204,9 +192,6 @@ test('Test the properties with no CW Alarms', () => { expect(pattern.stateMachineLogGroup).toBeDefined(); }); -// -------------------------------------------------------------- -// Test lambda function custom environment variable -// -------------------------------------------------------------- test('Test lambda function custom environment variable', () => { // Stack const stack = new Stack(); @@ -241,9 +226,6 @@ test('Test lambda function custom environment variable', () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment that deploys a VPC without vpcProps -// -------------------------------------------------------------- test("Test minimal deployment that deploys a VPC without vpcProps", () => { // Stack const stack = new Stack(); @@ -357,9 +339,6 @@ test("Test minimal deployment that deploys a VPC w/vpcProps", () => { template.resourceCountIs("AWS::EC2::InternetGateway", 0); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC", () => { // Stack const stack = new Stack(); @@ -406,12 +385,6 @@ test("Test minimal deployment with an existing VPC", () => { }); }); -// -------------------------------------------------------------- -// Test minimal deployment with an existing VPC and existing Lambda function not in a VPC -// -// buildLambdaFunction should throw an error if the Lambda function is not -// attached to a VPC -// -------------------------------------------------------------- test("Test minimal deployment with an existing VPC and existing Lambda function not in a VPC", () => { // Stack const stack = new Stack(); @@ -427,7 +400,8 @@ test("Test minimal deployment with an existing VPC and existing Lambda function // Helper declaration const app = () => { - // Helper declaration + // buildLambdaFunction should throw an error if the Lambda function is not + // attached to a VPC new LambdaToStepfunctions(stack, "lambda-to-stepfunctions-stack", { existingLambdaObj: testLambdaFunction, stateMachineProps: { @@ -442,10 +416,7 @@ test("Test minimal deployment with an existing VPC and existing Lambda function }); -// -------------------------------------------------------------- -// Test bad call with existingVpc and deployVpc -// -------------------------------------------------------------- -test("Test bad call with existingVpc and deployVpc", () => { +test("Confirm CheckVpcProps is called", () => { // Stack const stack = new Stack(); const startState = new stepfunctions.Pass(stack, 'StartState'); @@ -467,5 +438,5 @@ test("Test bad call with existingVpc and deployVpc", () => { }); }; // Assertion - expect(app).toThrowError(); + expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); diff --git a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts index 2e441e004..87aaad8e1 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/input-validation.ts @@ -49,10 +49,6 @@ export interface VerifiedProps { readonly existingSecretObj?: secretsmanager.Secret; readonly secretProps?: secretsmanager.SecretProps; - readonly existingVpc?: ec2.IVpc; - readonly vpcProps?: ec2.VpcProps; - readonly deployVpc?: boolean; - readonly encryptionKey?: kms.Key, readonly encryptionKeyProps?: kms.KeyProps @@ -110,11 +106,6 @@ export function CheckProps(propsObject: VerifiedProps | any) { errorFound = true; } - if ((propsObject.deployVpc || propsObject.vpcProps) && propsObject.existingVpc) { - errorMessages += 'Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'; - errorFound = true; - } - if (propsObject.encryptionKey && propsObject.encryptionKeyProps) { errorMessages += 'Error - Either provide encryptionKey or encryptionKeyProps, but not both.\n'; errorFound = true; @@ -335,6 +326,27 @@ export function CheckS3Props(propsObject: S3Props | any) { } } +export interface VpcProps { + readonly existingVpc?: ec2.IVpc; + readonly vpcProps?: ec2.VpcProps; + readonly deployVpc?: boolean; + +} + +export function CheckVpcProps(propsObject: VpcProps | any) { + let errorMessages = ''; + let errorFound = false; + + if ((propsObject.deployVpc || propsObject.vpcProps) && propsObject.existingVpc) { + errorMessages += 'Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'; + errorFound = true; + } + + if (errorFound) { + throw new Error(errorMessages); + } +} + // export interface DynamoDBProps { // } diff --git a/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts b/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts index c7aac2c33..a45882639 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/input-validation.test.ts @@ -542,10 +542,13 @@ test('Test fail encryption key check', () => { expect(app).toThrowError('Error - Either provide encryptionKey or encryptionKeyProps, but not both.\n'); }); +// --------------------------- +// S3 Prop Tests +// --------------------------- test('Test fail Vpc check with deployVpc', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.VpcProps = { deployVpc: true, existingVpc: defaults.buildVpc(stack, { defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(), @@ -553,7 +556,7 @@ test('Test fail Vpc check with deployVpc', () => { }; const app = () => { - defaults.CheckProps(props); + defaults.CheckVpcProps(props); }; // Assertion @@ -563,7 +566,7 @@ test('Test fail Vpc check with deployVpc', () => { test('Test fail Vpc check with vpcProps', () => { const stack = new Stack(); - const props: defaults.VerifiedProps = { + const props: defaults.VpcProps = { vpcProps: defaults.DefaultPublicPrivateVpcProps(), existingVpc: defaults.buildVpc(stack, { defaultVpcProps: defaults.DefaultPublicPrivateVpcProps(), @@ -571,12 +574,13 @@ test('Test fail Vpc check with vpcProps', () => { }; const app = () => { - defaults.CheckProps(props); + defaults.CheckVpcProps(props); }; // Assertion expect(app).toThrowError('Error - Either provide an existingVpc or some combination of deployVpc and vpcProps, but not both.\n'); }); +// --------------------------- // --------------------------- // S3 Prop Tests