diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.assets.json new file mode 100644 index 0000000000000..60d8bc12a2862 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "087176c81f7e6638d7037e15168e603138ce4e0ab52a8c8234e1b2d98fda93a1": { + "source": { + "path": "aws-cdk-ec2-vpn-two-tunnels.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "087176c81f7e6638d7037e15168e603138ce4e0ab52a8c8234e1b2d98fda93a1.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.template.json new file mode 100644 index 0000000000000..aa0bc77663dfc --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/aws-cdk-ec2-vpn-two-tunnels.template.json @@ -0,0 +1,512 @@ +{ + "Resources": { + "MyVpcF9F0CA6F": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.11.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ] + } + }, + "MyVpcPublicSubnet1SubnetF6608456": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.11.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPublicSubnet1RouteTableC46AB2F4": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPublicSubnet1RouteTableAssociation2ECEE1CB": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4" + }, + "SubnetId": { + "Ref": "MyVpcPublicSubnet1SubnetF6608456" + } + } + }, + "MyVpcPublicSubnet1DefaultRoute95FDF9EB": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "RouteTableId": { + "Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4" + } + }, + "DependsOn": [ + "MyVpcVPCGW488ACE0D" + ] + }, + "MyVpcPublicSubnet1EIP096967CB": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ] + } + }, + "MyVpcPublicSubnet1NATGatewayAD3400C1": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "MyVpcPublicSubnet1EIP096967CB", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "MyVpcPublicSubnet1SubnetF6608456" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "MyVpcPublicSubnet1DefaultRoute95FDF9EB", + "MyVpcPublicSubnet1RouteTableAssociation2ECEE1CB" + ] + }, + "MyVpcPublicSubnet2Subnet492B6BFB": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.11.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPublicSubnet2RouteTable1DF17386": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPublicSubnet2RouteTableAssociation227DE78D": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "MyVpcPublicSubnet2RouteTable1DF17386" + }, + "SubnetId": { + "Ref": "MyVpcPublicSubnet2Subnet492B6BFB" + } + } + }, + "MyVpcPublicSubnet2DefaultRoute052936F6": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "RouteTableId": { + "Ref": "MyVpcPublicSubnet2RouteTable1DF17386" + } + }, + "DependsOn": [ + "MyVpcVPCGW488ACE0D" + ] + }, + "MyVpcPublicSubnet2EIP8CCBA239": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ] + } + }, + "MyVpcPublicSubnet2NATGateway91BFBEC9": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "MyVpcPublicSubnet2EIP8CCBA239", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "MyVpcPublicSubnet2Subnet492B6BFB" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "MyVpcPublicSubnet2DefaultRoute052936F6", + "MyVpcPublicSubnet2RouteTableAssociation227DE78D" + ] + }, + "MyVpcPrivateSubnet1Subnet5057CF7E": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.11.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPrivateSubnet1RouteTable8819E6E2": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPrivateSubnet1RouteTableAssociation56D38C7E": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + }, + "SubnetId": { + "Ref": "MyVpcPrivateSubnet1Subnet5057CF7E" + } + } + }, + "MyVpcPrivateSubnet1DefaultRouteA8CDE2FA": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "MyVpcPublicSubnet1NATGatewayAD3400C1" + }, + "RouteTableId": { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + } + } + }, + "MyVpcPrivateSubnet2Subnet0040C983": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.11.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPrivateSubnet2RouteTableCEDCEECE": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcPrivateSubnet2RouteTableAssociation86A610DA": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + }, + "SubnetId": { + "Ref": "MyVpcPrivateSubnet2Subnet0040C983" + } + } + }, + "MyVpcPrivateSubnet2DefaultRoute9CE96294": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "MyVpcPublicSubnet2NATGateway91BFBEC9" + }, + "RouteTableId": { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + } + } + }, + "MyVpcIGW5C4A4F63": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ] + } + }, + "MyVpcVPCGW488ACE0D": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "MyVpcVpnGateway11FB05E5": { + "Type": "AWS::EC2::VPNGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "Type": "ipsec.1" + } + }, + "MyVpcVPCVPNGW0CB969B3": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "MyVpcF9F0CA6F" + }, + "VpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + } + } + }, + "MyVpcRoutePropagation122FC3BE": { + "Type": "AWS::EC2::VPNGatewayRoutePropagation", + "Properties": { + "RouteTableIds": [ + { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + }, + { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + } + ], + "VpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + } + }, + "DependsOn": [ + "MyVpcVPCVPNGW0CB969B3" + ] + }, + "MyVpcDynamicCustomerGatewayFB63DFBF": { + "Type": "AWS::EC2::CustomerGateway", + "Properties": { + "BgpAsn": 65000, + "IpAddress": "52.85.255.164", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "Type": "ipsec.1" + } + }, + "MyVpcDynamic739F3519": { + "Type": "AWS::EC2::VPNConnection", + "Properties": { + "CustomerGatewayId": { + "Ref": "MyVpcDynamicCustomerGatewayFB63DFBF" + }, + "StaticRoutesOnly": false, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "Type": "ipsec.1", + "VpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + }, + "VpnTunnelOptionsSpecifications": [ + { + "PreSharedKey": "secretkey1234" + }, + { + "PreSharedKey": "secretkey5678" + } + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets.json new file mode 100644 index 0000000000000..918a35d9f7d7a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/cdk.out new file mode 100644 index 0000000000000..2313ab5436501 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/integ.json new file mode 100644 index 0000000000000..a4a62b9f018c5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "34.0.0", + "testCases": { + "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest": { + "stacks": [ + "aws-cdk-ec2-vpn-two-tunnels" + ], + "assertionStack": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert", + "assertionStackName": "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/manifest.json new file mode 100644 index 0000000000000..49758bc75b2d3 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/manifest.json @@ -0,0 +1,332 @@ +{ + "version": "34.0.0", + "artifacts": { + "aws-cdk-ec2-vpn-two-tunnels.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-ec2-vpn-two-tunnels.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-ec2-vpn-two-tunnels": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-ec2-vpn-two-tunnels.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/087176c81f7e6638d7037e15168e603138ce4e0ab52a8c8234e1b2d98fda93a1.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-ec2-vpn-two-tunnels.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-ec2-vpn-two-tunnels.assets" + ], + "metadata": { + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcF9F0CA6F", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1SubnetF6608456", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1RouteTableC46AB2F4", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1RouteTableAssociation2ECEE1CB", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1DefaultRoute95FDF9EB", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1EIP096967CB" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet1NATGatewayAD3400C1", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2Subnet492B6BFB", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2RouteTable1DF17386", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2RouteTableAssociation227DE78D", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2DefaultRoute052936F6", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2EIP8CCBA239" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPublicSubnet2NATGateway91BFBEC9", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet1Subnet5057CF7E", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet1RouteTable8819E6E2", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet1RouteTableAssociation56D38C7E", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet1DefaultRouteA8CDE2FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet2Subnet0040C983", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet2RouteTableCEDCEECE", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet2RouteTableAssociation86A610DA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcPrivateSubnet2DefaultRoute9CE96294", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcIGW5C4A4F63" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcVPCGW488ACE0D" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/VpnGateway/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcVpnGateway11FB05E5" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/VPCVPNGW": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcVPCVPNGW0CB969B3" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/RoutePropagation": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcRoutePropagation122FC3BE" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/Dynamic/CustomerGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcDynamicCustomerGatewayFB63DFBF" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/MyVpc/Dynamic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyVpcDynamic739F3519" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-ec2-vpn-two-tunnels" + }, + "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "awscdkec2vpntwotunnelstestDefaultTestDeployAssert354DB13C.assets" + ], + "metadata": { + "/aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/tree.json new file mode 100644 index 0000000000000..4621ae5a3f9b2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.js.snapshot/tree.json @@ -0,0 +1,884 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-ec2-vpn-two-tunnels": { + "id": "aws-cdk-ec2-vpn-two-tunnels", + "path": "aws-cdk-ec2-vpn-two-tunnels", + "children": { + "MyVpc": { + "id": "MyVpc", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.11.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.11.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4" + }, + "subnetId": { + "Ref": "MyVpcPublicSubnet1SubnetF6608456" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "routeTableId": { + "Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "MyVpcPublicSubnet1EIP096967CB", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "MyVpcPublicSubnet1SubnetF6608456" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.11.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "MyVpcPublicSubnet2RouteTable1DF17386" + }, + "subnetId": { + "Ref": "MyVpcPublicSubnet2Subnet492B6BFB" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "routeTableId": { + "Ref": "MyVpcPublicSubnet2RouteTable1DF17386" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "MyVpcPublicSubnet2EIP8CCBA239", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "MyVpcPublicSubnet2Subnet492B6BFB" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.11.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + }, + "subnetId": { + "Ref": "MyVpcPrivateSubnet1Subnet5057CF7E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "MyVpcPublicSubnet1NATGatewayAD3400C1" + }, + "routeTableId": { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.11.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + }, + "subnetId": { + "Ref": "MyVpcPrivateSubnet2Subnet0040C983" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "MyVpcPublicSubnet2NATGateway91BFBEC9" + }, + "routeTableId": { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "MyVpcIGW5C4A4F63" + }, + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + }, + "VpnGateway": { + "id": "VpnGateway", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/VpnGateway", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/VpnGateway/Default", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "type": "ipsec.1" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "VPCVPNGW": { + "id": "VPCVPNGW", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/VPCVPNGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "MyVpcF9F0CA6F" + }, + "vpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + }, + "RoutePropagation": { + "id": "RoutePropagation", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/RoutePropagation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", + "aws:cdk:cloudformation:props": { + "routeTableIds": [ + { + "Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2" + }, + { + "Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE" + } + ], + "vpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", + "version": "0.0.0" + } + }, + "Dynamic": { + "id": "Dynamic", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/Dynamic", + "children": { + "CustomerGateway": { + "id": "CustomerGateway", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/Dynamic/CustomerGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::CustomerGateway", + "aws:cdk:cloudformation:props": { + "bgpAsn": 65000, + "ipAddress": "52.85.255.164", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "type": "ipsec.1" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnCustomerGateway", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-ec2-vpn-two-tunnels/MyVpc/Dynamic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNConnection", + "aws:cdk:cloudformation:props": { + "customerGatewayId": { + "Ref": "MyVpcDynamicCustomerGatewayFB63DFBF" + }, + "staticRoutesOnly": false, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-ec2-vpn-two-tunnels/MyVpc" + } + ], + "type": "ipsec.1", + "vpnGatewayId": { + "Ref": "MyVpcVpnGateway11FB05E5" + }, + "vpnTunnelOptionsSpecifications": [ + { + "preSharedKey": "secretkey1234" + }, + { + "preSharedKey": "secretkey5678" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNConnection", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-ec2-vpn-two-tunnels/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-ec2-vpn-two-tunnels/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "aws-cdk-ec2-vpn-two-tunnels-test": { + "id": "aws-cdk-ec2-vpn-two-tunnels-test", + "path": "aws-cdk-ec2-vpn-two-tunnels-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-ec2-vpn-two-tunnels-test/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.ts new file mode 100644 index 0000000000000..df130c2fa6d4c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpn-two-tunnels.ts @@ -0,0 +1,32 @@ +import * as cdk from 'aws-cdk-lib'; +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import { SecretValue } from 'aws-cdk-lib/core'; +import { EC2_RESTRICT_DEFAULT_SECURITY_GROUP } from 'aws-cdk-lib/cx-api'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-cdk-ec2-vpn-two-tunnels'); +stack.node.setContext(EC2_RESTRICT_DEFAULT_SECURITY_GROUP, false); + +new ec2.Vpc(stack, 'MyVpc', { + cidr: '10.11.0.0/16', + vpnConnections: { + Dynamic: { // Dynamic routing + ip: '52.85.255.164', + tunnelOptions: [ + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey1234'), + }, + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey5678'), + }, + ], + }, + }, +}); + +new integ.IntegTest(app, 'aws-cdk-ec2-vpn-two-tunnels-test', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-redshift-alpha/test/cluster-parameter-change-reboot-handler.test.ts b/packages/@aws-cdk/aws-redshift-alpha/test/cluster-parameter-change-reboot-handler.test.ts new file mode 100644 index 0000000000000..8b12d818a7ce4 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift-alpha/test/cluster-parameter-change-reboot-handler.test.ts @@ -0,0 +1,367 @@ +const mockRebootCluster = jest.fn(); +const mockDescribeClusters = jest.fn(); +const mockRedshift = { + rebootCluster: mockRebootCluster, + describeClusters: mockDescribeClusters, +}; + +jest.mock('@aws-sdk/client-redshift', () => { + return { + Redshift: jest.fn(() => mockRedshift), + }; +}); + +jest.setTimeout(35_000); + +import { handler } from '../lib/cluster-parameter-change-reboot-handler'; + +describe('cluster-parameter-change-reboot-handler', () => { + + beforeEach(() => { + jest.spyOn(global, 'setTimeout'); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + test('reboots cluster with "pending-reboot" status', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(mockRebootCluster).toHaveBeenCalled(); + }); + + test('reboots cluster with "apply-deferred" status', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'apply-deferred', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(mockRebootCluster).toHaveBeenCalled(); + }); + + test('reboots cluster with "apply-error" status', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'apply-deferred', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(mockRebootCluster).toHaveBeenCalled(); + }); + + test('retries cluster with "applying" status', async () => { + // GIVEN + mockDescribeClusters + .mockImplementationOnce(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'applying', + }], + }], + }; + }).mockImplementationOnce(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(setTimeout).toHaveBeenCalled(); + expect(mockDescribeClusters).toHaveBeenCalledTimes(2); + expect(mockRebootCluster).toHaveBeenCalledTimes(1); + }); + + test('retries cluster with "retry" status', async () => { + // GIVEN + mockDescribeClusters + .mockImplementationOnce(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'retry', + }], + }], + }; + }).mockImplementationOnce(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(setTimeout).toHaveBeenCalled(); + expect(mockDescribeClusters).toHaveBeenCalledTimes(2); + expect(mockRebootCluster).toHaveBeenCalledTimes(1); + }); + + test('retries if rebootCluster throws InvalidClusterStateFault error', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + mockRebootCluster + .mockImplementationOnce(async () => { + const { InvalidClusterStateFault } = jest.requireActual('@aws-sdk/client-redshift'); + return Promise.reject(new InvalidClusterStateFault()); + }) + .mockImplementationOnce(jest.fn()); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(setTimeout).toHaveBeenCalled(); + expect(mockDescribeClusters).toHaveBeenCalledTimes(1); + expect(mockRebootCluster).toHaveBeenCalledTimes(2); + }); + + test('fails if rebootCluster throws generic error', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + mockRebootCluster.mockImplementation(async () => { + return Promise.reject(new Error('error')); + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + // THEN + await expect(() => invokeHandler(event)).rejects.toThrow('error'); + }); + + test('fails if cannot find cluster details', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{}], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + // THEN + await expect(() =>invokeHandler(event)) + .rejects.toThrow(/Unable to find any Parameter Groups associated with ClusterId "cluster-id"./); + }); + + test('fails if cannot find cluster parameter group', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'unknown', + ParameterApplyStatus: 'pending-reboot', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + // THEN + await expect(() =>invokeHandler(event)) + .rejects.toThrow(/Unable to find Parameter Group named "parameter-group-name" associated with ClusterId "cluster-id"./); + }); + + test('does not reboot if request type is Delete', async () => { + // GIVEN + const event: Partial = { + RequestType: 'Delete', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(mockRebootCluster).not.toHaveBeenCalled(); + }); + + test('does not reboot if apply status is not recognized', async () => { + // GIVEN + mockDescribeClusters.mockImplementation(() => { + return { + Clusters: [{ + ClusterParameterGroups: [{ + ParameterGroupName: 'parameter-group-name', + ParameterApplyStatus: 'other-status', + }], + }], + }; + }); + + const event: Partial = { + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'service-token', + ClusterId: 'cluster-id', + ParameterGroupName: 'parameter-group-name', + }, + }; + + // WHEN + await invokeHandler(event); + + // THEN + expect(mockRebootCluster).not.toHaveBeenCalled(); + }); +}); + +// helper function to get around TypeScript expecting a complete event object, +// even though our tests only need some of the fields +async function invokeHandler(event: Partial) { + return handler(event as AWSLambda.CloudFormationCustomResourceEvent); +} diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index 7c948cbae0f72..07c36fccb616f 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -843,10 +843,20 @@ examples of images you might want to use: Create your VPC with VPN connections by specifying the `vpnConnections` props (keys are construct `id`s): ```ts +import { SecretValue } from 'aws-cdk-lib/core'; + const vpc = new ec2.Vpc(this, 'MyVpc', { vpnConnections: { dynamic: { // Dynamic routing (BGP) - ip: '1.2.3.4' + ip: '1.2.3.4', + tunnelOptions: [ + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey1234'), + }, + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey5678'), + }, + ], }, static: { // Static routing ip: '4.5.6.7', diff --git a/packages/aws-cdk-lib/aws-ec2/lib/vpn.ts b/packages/aws-cdk-lib/aws-ec2/lib/vpn.ts index 2c690d1d3e13e..34e18cbc39015 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/vpn.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/vpn.ts @@ -319,7 +319,9 @@ export class VpnConnection extends VpnConnectionBase { throw new Error('Cannot specify more than two `tunnelOptions`'); } - if (props.tunnelOptions.length === 2 && props.tunnelOptions[0].tunnelInsideCidr === props.tunnelOptions[1].tunnelInsideCidr) { + if (props.tunnelOptions.length === 2 && + props.tunnelOptions[0].tunnelInsideCidr === props.tunnelOptions[1].tunnelInsideCidr && + props.tunnelOptions[0].tunnelInsideCidr !== undefined) { throw new Error(`Same ${props.tunnelOptions[0].tunnelInsideCidr} \`tunnelInsideCidr\` cannot be used for both tunnels.`); } diff --git a/packages/aws-cdk-lib/aws-ec2/test/vpn.test.ts b/packages/aws-cdk-lib/aws-ec2/test/vpn.test.ts index 040bd14bb0f11..6dae4a1df42aa 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/vpn.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/vpn.test.ts @@ -212,6 +212,48 @@ describe('vpn', () => { }); + test('with two tunnel options and no tunnelInsideCidr', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + new Vpc(stack, 'VpcNetwork', { + vpnConnections: { + VpnConnection: { + ip: '192.0.2.1', + tunnelOptions: [ + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey1234'), + }, + { + preSharedKeySecret: SecretValue.unsafePlainText('secretkey5678'), + }, + ], + }, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNConnection', { + CustomerGatewayId: { + Ref: 'VpcNetworkVpnConnectionCustomerGateway8B56D9AF', + }, + Type: 'ipsec.1', + VpnGatewayId: { + Ref: 'VpcNetworkVpnGateway501295FA', + }, + StaticRoutesOnly: false, + VpnTunnelOptionsSpecifications: [ + { + PreSharedKey: 'secretkey1234', + }, + { + PreSharedKey: 'secretkey5678', + }, + ], + }); + }); + testDeprecated('fails when specifying an invalid pre-shared key', () => { // GIVEN const stack = new Stack();