From ee911ec8abb147d378e0e8f287d131dbfab9501f Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Tue, 24 Jan 2023 04:54:30 +0000 Subject: [PATCH 1/3] fix(cfnspec): incorrectly handling array result from jsondiff (backport #23795) (#23800) This is an automatic backport of pull request #23795 done by [Mergify](https://mergify.com). ---
Mergify commands and options
More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport ` will backport this PR on `` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com/) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com
--- packages/@aws-cdk/cfnspec/build-tools/spec-diff.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/cfnspec/build-tools/spec-diff.ts b/packages/@aws-cdk/cfnspec/build-tools/spec-diff.ts index 86fb8a6145f21..465637b789522 100644 --- a/packages/@aws-cdk/cfnspec/build-tools/spec-diff.ts +++ b/packages/@aws-cdk/cfnspec/build-tools/spec-diff.ts @@ -237,6 +237,10 @@ async function main() { if (Array.isArray(update)) { changes.push(`* ${namespace} ${prefix} (__changed__)`); for (const entry of update) { + if (entry.length === 1 && entry[0] === ' ') { + // This means that this element of the array is unchanged + continue; + } if (entry.length !== 2) { throw new Error(`Unexpected array diff entry: ${JSON.stringify(entry)}`); } @@ -247,7 +251,7 @@ async function main() { case '-': throw new Error(`Something awkward happened: ${entry[1]} was deleted from ${namespace} ${prefix}!`); case ' ': - // This entry is "context" + // This entry is "context" break; default: throw new Error(`Unexpected array diff entry: ${JSON.stringify(entry)}`); From 91c4dec0ee01c46c39bfacfe838cd448c5dfd9f9 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Tue, 24 Jan 2023 01:50:34 -0800 Subject: [PATCH 2/3] docs(cfnspec): update CloudFormation documentation (#23806) --- .../spec-source/cfn-docs/cfn-docs.json | 50 +++++++++---------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json index 592e026f0f4cb..9093af17a6fc8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json @@ -2055,7 +2055,7 @@ "ConnectorLabel": "The label used for registering the connector.", "ConnectorProvisioningConfig": "The configuration required for registering the connector.", "ConnectorProvisioningType": "The provisioning type used to register the connector.", - "Description": "A description about the connector runtime setting." + "Description": "A description of the connector entity field." } }, "AWS::AppFlow::Connector.ConnectorProvisioningConfig": { @@ -36811,7 +36811,7 @@ "ClusterConfig": "Container for the cluster configuration of a domain.", "CognitoOptions": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", "DomainEndpointOptions": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "DomainName": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "DomainName": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "EBSOptions": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", "EncryptionAtRestOptions": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", "EngineVersion": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", @@ -41609,42 +41609,42 @@ "AWS::RolesAnywhere::CRL": { "attributes": { "CrlId": "The unique primary identifier of the Crl", - "Ref": "The name of the CRL." + "Ref": "`Ref` returns `CrlId` ." }, - "description": "Creates a Crl.", + "description": "The state of the certificate revocation list (CRL) after a read or write operation.", "properties": { - "CrlData": "x509 v3 Certificate Revocation List to revoke auth for corresponding certificates presented in CreateSession operations", - "Enabled": "The enabled status of the resource.", - "Name": "The customer specified name of the resource.", - "Tags": "A list of Tags.", + "CrlData": "The revocation record for a certificate, following the x509 v3 standard.", + "Enabled": "Indicates whether the certificate revocation list (CRL) is enabled.", + "Name": "The name of the certificate revocation list (CRL).", + "Tags": "A list of tags to attach to the CRL.", "TrustAnchorArn": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for." } }, "AWS::RolesAnywhere::Profile": { "attributes": { - "ProfileArn": "", + "ProfileArn": "The ARN of the profile.", "ProfileId": "The unique primary identifier of the Profile", - "Ref": "The name of the Profile" + "Ref": "`Ref` returns `ProfileId` ." }, - "description": "Creates a Profile.", + "description": "Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.\n\n*Required permissions:* `rolesanywhere:CreateProfile` .", "properties": { - "DurationSeconds": "The number of seconds vended session credentials will be valid for", - "Enabled": "The enabled status of the resource.", - "ManagedPolicyArns": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "Name": "The customer specified name of the resource.", - "RequireInstanceProperties": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "RoleArns": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "SessionPolicy": "A session policy that will applied to the trust boundary of the vended session credentials.", - "Tags": "A list of Tags." + "DurationSeconds": "Sets the maximum number of seconds that vended temporary credentials through [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-create-session.html) will be valid for, between 900 and 3600.", + "Enabled": "Indicates whether the profile is enabled.", + "ManagedPolicyArns": "A list of managed policy ARNs that apply to the vended session credentials.", + "Name": "The name of the profile.", + "RequireInstanceProperties": "Specifies whether instance properties are required in temporary credential requests with this profile.", + "RoleArns": "A list of IAM role ARNs. During `CreateSession` , if a matching role ARN is provided, the properties in this profile will be applied to the intersection session policy.", + "SessionPolicy": "A session policy that applies to the trust boundary of the vended session credentials.", + "Tags": "A list of tags to attach to the profile." } }, "AWS::RolesAnywhere::TrustAnchor": { "attributes": { "Ref": "`Ref` returns `TrustAnchorId` .", "TrustAnchorArn": "The ARN of the trust anchor.", - "TrustAnchorId": "" + "TrustAnchorId": "The unique primary identifier of the TrustAnchor" }, - "description": "Creates a TrustAnchor.", + "description": "The state of the trust anchor after a read or write operation.", "properties": { "Enabled": "Indicates whether the trust anchor is enabled.", "Name": "The name of the trust anchor.", @@ -41654,15 +41654,15 @@ }, "AWS::RolesAnywhere::TrustAnchor.Source": { "attributes": {}, - "description": "Object representing the TrustAnchor type and its related certificate data.", + "description": "The trust anchor type and its related certificate data.", "properties": { - "SourceData": "A union object representing the data field of the TrustAnchor depending on its type", - "SourceType": "The type of the TrustAnchor." + "SourceData": "The data field of the trust anchor depending on its type.", + "SourceType": "The type of the trust anchor." } }, "AWS::RolesAnywhere::TrustAnchor.SourceData": { "attributes": {}, - "description": "A union object representing the data field of the TrustAnchor depending on its type", + "description": "The data field of the trust anchor depending on its type.", "properties": { "AcmPcaArn": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .", "X509CertificateData": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` ." From 613ec619e8639d0b4d4da02505889046609d7319 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Tue, 24 Jan 2023 02:36:53 -0800 Subject: [PATCH 3/3] feat(cfnspec): cloudformation spec v108.0.0 (#23809) --- packages/@aws-cdk/cfnspec/CHANGELOG.md | 20 ++++ .../cfn-lint/StatefulResources/000.json | 1 + .../100_sam/000_official/spec.json | 103 +++++++++++++++++- 3 files changed, 123 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 3d198b648e5a0..c4b618e92e7d7 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,23 @@ + +# Serverless Application Model (SAM) Resource Specification v2016-10-31 + +## New Resource Types + + +## Attribute Changes + + +## Property Changes + + +## Property Type Changes + +* AWS::Serverless::Function.HttpApiEvent (__added__) +* AWS::Serverless::Function.HttpApiFunctionAuth (__added__) +* AWS::Serverless::Function.RouteSettings (__added__) +* AWS::Serverless::Function.EventSource Properties.Types (__changed__) + * Added HttpApiEvent + # CloudFormation Resource Specification v108.0.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/spec-source/cfn-lint/StatefulResources/000.json b/packages/@aws-cdk/cfnspec/spec-source/cfn-lint/StatefulResources/000.json index d3360b14dde0a..3a185f9f3513f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/cfn-lint/StatefulResources/000.json +++ b/packages/@aws-cdk/cfnspec/spec-source/cfn-lint/StatefulResources/000.json @@ -18,6 +18,7 @@ "AWS::Neptune::DBCluster" : {}, "AWS::Neptune::DBInstance" : {}, "AWS::OpenSearchService::Domain" : {}, + "AWS::Organizations::Account" : {}, "AWS::QLDB::Ledger" : {}, "AWS::RDS::DBCluster" : {}, "AWS::RDS::DBInstance" : {}, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/100_sam/000_official/spec.json b/packages/@aws-cdk/cfnspec/spec-source/specification/100_sam/000_official/spec.json index 35cdfe22854e0..cedf2b0bc1e79 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/100_sam/000_official/spec.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/100_sam/000_official/spec.json @@ -792,7 +792,8 @@ "CloudWatchLogsEvent", "IoTRuleEvent", "AlexaSkillEvent", - "EventBridgeRuleEvent" + "EventBridgeRuleEvent", + "HttpApiEvent" ], "UpdateType": "Immutable" }, @@ -844,6 +845,71 @@ } } }, + "AWS::Serverless::Function.HttpApiEvent": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "Properties": { + "ApiId": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Auth": { + "Documentation": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html", + "Required": false, + "Type": "HttpApiFunctionAuth", + "UpdateType": "Immutable" + }, + "Method": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Path": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "PayloadFormatVersion": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "RouteSettings": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings", + "Required": false, + "Type": "RouteSettings", + "UpdateType": "Immutable" + }, + "TimeoutInMillis": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#httpapi", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::Serverless::Function.HttpApiFunctionAuth": { + "Documentation": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapifunctionauth.html", + "Properties": { + "AuthorizationScopes": { + "Documentation": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapifunctionauth.html", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, + "Authorizer": { + "Documentation": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapifunctionauth.html", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::Serverless::Function.IAMPolicyDocument": { "Documentation": "http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html", "Properties": { @@ -1052,6 +1118,41 @@ } } }, + "AWS::Serverless::Function.RouteSettings": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html", + "Properties": { + "DataTraceEnabled": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html#cfn-apigatewayv2-stage-routesettings-datatraceenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "DetailedMetricsEnabled": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html#cfn-apigatewayv2-stage-routesettings-detailedmetricsenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "LoggingLevel": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html#cfn-apigatewayv2-stage-routesettings-logginglevel", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "ThrottlingBurstLimit": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html#cfn-apigatewayv2-stage-routesettings-throttlingburstlimit", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + }, + "ThrottlingRateLimit": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html#cfn-apigatewayv2-stage-routesettings-throttlingratelimit", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::Serverless::Function.S3Event": { "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#s3", "Properties": {