diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index 4b62986ef80b7..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json index cac858b4093bf..4b9fd30c38d10 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json @@ -1,7 +1,7 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { - "d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2": { + "9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a": { "source": { "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2.json", + "objectKey": "9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json index 8579732128b9f..aa08b3d201d0a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json @@ -7,11 +7,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -36,6 +31,32 @@ ] } }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, "EmrCreateClusterInstanceRoleC80466F5": { "Type": "AWS::IAM::Role", "Properties": { @@ -90,6 +111,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -197,7 +219,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out index 2313ab5436501..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"34.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json index 1ac1922ba879a..ddb9a167fd4ac 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json index ad13d48dbb3eb..b0c6eb5bcbef3 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "artifacts": { "aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -40,6 +40,12 @@ "data": "EmrCreateClusterServiceRole5251910D" } ], + "/aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], "/aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json index 2a4c7bafe00af..d3df8aad57e34 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json @@ -20,8 +20,8 @@ "id": "ImportServiceRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -34,11 +34,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,14 +59,58 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "InstanceRole": { @@ -82,8 +121,8 @@ "id": "ImportInstanceRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -107,14 +146,14 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "InstanceProfile": { @@ -134,14 +173,14 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" } }, "SM": { @@ -156,8 +195,8 @@ "id": "ImportRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/SM/Role/ImportRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -181,8 +220,8 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" } }, "DefaultPolicy": { @@ -199,6 +238,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -288,20 +328,20 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "Resource": { @@ -326,7 +366,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, @@ -339,36 +379,36 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/BootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/CheckBootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" } }, "EmrCreateClusterTest": { @@ -384,7 +424,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } }, "DeployAssert": { @@ -395,22 +435,22 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" } } }, @@ -430,13 +470,13 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts index e134c6251bba6..ea24bac23c2d9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts @@ -40,4 +40,4 @@ new sfn.StateMachine(stack, 'SM', { new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], -}); \ No newline at end of file +}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index ab3eb29a51621..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json index c7200bcd6a82f..7e82e9ad0403e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json @@ -1,15 +1,15 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { - "8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4": { + "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-tags.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4.json", + "objectKey": "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json similarity index 88% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json index 53fb46eab9134..307839cf0f760 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json @@ -7,11 +7,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -36,6 +31,32 @@ ] } }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, "EmrCreateClusterInstanceRoleC80466F5": { "Type": "AWS::IAM::Role", "Properties": { @@ -56,14 +77,14 @@ "EmrCreateClusterInstanceProfileC1729180": { "Type": "AWS::IAM::InstanceProfile", "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "Roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "EmrCreateClusterAutoScalingRoleFDDAF4E2": { @@ -124,6 +145,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -221,12 +243,6 @@ "SM934E715A": { "Type": "AWS::StepFunctions::StateMachine", "Properties": { - "RoleArn": { - "Fn::GetAtt": [ - "SMRole49C19C48", - "Arn" - ] - }, "DefinitionString": { "Fn::Join": [ "", @@ -247,9 +263,15 @@ { "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] } }, "DependsOn": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out index 7925065efbcc4..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json index ec92f12075163..13a917da8d543 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "31.0.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-tags" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json index 8a919ccfdd505..787f552567466 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "31.0.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-tags.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-tags.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-tags": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-tags.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-tags.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,65 +31,71 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-tags.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" } ], - "/aws-cdk-emr-create-cluster/SM/Role/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Role/Resource": [ { "type": "aws:cdk:logicalId", "data": "SMRole49C19C48" } ], - "/aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", "data": "SMRoleDefaultPolicy34CA15C7" } ], - "/aws-cdk-emr-create-cluster/SM/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Resource": [ { "type": "aws:cdk:logicalId", "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-tags/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-tags/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-tags" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -103,6 +110,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json index d96404df3b7d3..7ecd3fb4b6522 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json @@ -4,21 +4,21 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-tags": { + "id": "aws-cdk-emr-create-cluster-tags", + "path": "aws-cdk-emr-create-cluster-tags", "children": { "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -26,7 +26,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +34,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -67,6 +62,50 @@ "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } } }, "constructInfo": { @@ -76,11 +115,11 @@ }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -88,7 +127,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -119,18 +158,18 @@ }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { @@ -140,11 +179,11 @@ }, "AutoScalingRole": { "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole", "children": { "ImportAutoScalingRole": { "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -152,7 +191,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -200,21 +239,21 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", "version": "0.0.0" } }, "SM": { "id": "SM", - "path": "aws-cdk-emr-create-cluster/SM", + "path": "aws-cdk-emr-create-cluster-tags/SM", "children": { "Role": { "id": "Role", - "path": "aws-cdk-emr-create-cluster/SM/Role", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role", "children": { "ImportRole": { "id": "ImportRole", - "path": "aws-cdk-emr-create-cluster/SM/Role/ImportRole", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/ImportRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -222,7 +261,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Role/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -247,11 +286,11 @@ }, "DefaultPolicy": { "id": "DefaultPolicy", - "path": "aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy", "children": { "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Policy", "aws:cdk:cloudformation:props": { @@ -259,6 +298,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -372,16 +412,10 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", "aws:cdk:cloudformation:props": { - "roleArn": { - "Fn::GetAtt": [ - "SMRole49C19C48", - "Arn" - ] - }, "definitionString": { "Fn::Join": [ "", @@ -402,9 +436,15 @@ { "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] } } }, @@ -421,7 +461,7 @@ }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-tags/BootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" @@ -429,7 +469,7 @@ }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-tags/CheckBootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" @@ -454,7 +494,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -500,7 +540,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts index 53f347d655237..89f227fecafb2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts @@ -5,7 +5,7 @@ import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; const app = new App(); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-tags'); const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { instances: {}, @@ -22,4 +22,4 @@ new sfn.StateMachine(stack, 'SM', { new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], -}); \ No newline at end of file +}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index adc92ef57e0dd..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json index baed125e0960f..6cb7a870b52ad 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json @@ -1,15 +1,15 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { - "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd": { + "d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-v1-policy.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "objectKey": "d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json new file mode 100644 index 0000000000000..8f2f23029b144 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json @@ -0,0 +1,646 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EmrCreateClusterServiceRole5251910D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "EmrCreateClusterInstanceRoleC80466F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "EmrCreateClusterInstanceProfileC1729180": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "Roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "SMRole49C19C48": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "SMRoleDefaultPolicy34CA15C7": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SMRoleDefaultPolicy34CA15C7", + "Roles": [ + { + "Ref": "SMRole49C19C48" + } + ] + } + }, + "SM934E715A": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + }, + "DependsOn": [ + "SMRoleDefaultPolicy34CA15C7", + "SMRole49C19C48" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json deleted file mode 100644 index 038c3fdfb35e1..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "Resources": { - "EmrCreateClusterServiceRole5251910D": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, - "Effect": "Allow", - "Principal": { - "Service": "elasticmapreduce.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" - ] - ] - } - ] - } - }, - "EmrCreateClusterInstanceRoleC80466F5": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "EmrCreateClusterInstanceProfileC1729180": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - } - }, - "EmrCreateClusterAutoScalingRoleFDDAF4E2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out index b72fef144f05c..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.1.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json index 62e18fedc0b34..a905c96c7ca11 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "30.1.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-v1-policy" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json index bcc0527e03861..ef5262020f888 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "30.1.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-v1-policy.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-v1-policy.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-v1-policy": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-v1-policy.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v1-policy.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,47 +31,203 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v1-policy.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/SM/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRole49C19C48" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRoleDefaultPolicy34CA15C7" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/SM/Resource": [ { "type": "aws:cdk:logicalId", - "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" + "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v1-policy/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v1-policy/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-v1-policy" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -85,6 +242,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json index 9be5e287284cf..d69cba3d92038 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json @@ -4,29 +4,672 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-v1-policy": { + "id": "aws-cdk-emr-create-cluster-v1-policy", + "path": "aws-cdk-emr-create-cluster-v1-policy", "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +677,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,31 +702,75 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -107,52 +789,62 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } - }, - "AutoScalingRole": { - "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "SM": { + "id": "SM", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM", + "children": { + "Role": { + "id": "Role", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role", "children": { - "ImportAutoScalingRole": { - "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "ImportRole": { + "id": "ImportRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/ImportRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -162,67 +854,183 @@ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] + "Service": "states.amazonaws.com" } } ], "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ { - "Ref": "AWS::Partition" + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "SMRoleDefaultPolicy34CA15C7", + "roles": [ + { + "Ref": "SMRole49C19C48" + } ] } - ] + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-stepfunctions-tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v1-policy/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v1-policy/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -239,7 +1047,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -250,7 +1058,7 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -258,25 +1066,25 @@ "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -285,12 +1093,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts index 16ab642ff55b0..4cf8721c029bf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts @@ -2,17 +2,51 @@ import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; import { App, Stack } from 'aws-cdk-lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { Vpc } from 'aws-cdk-lib/aws-ec2'; + +/* + * Creates a state machine that deploys an EMR cluster. + * + * Stack verification steps: + * + * The generated state machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + * + * Be sure to terminate the EMR cluster after validation. + */ const app = new App(); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-v1-policy'); +const vpc = new Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); -new EmrCreateCluster(stack, 'EmrCreateCluster', { - instances: {}, +const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { + instances: { + instanceFleets: [ + { + instanceFleetType: EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, name: 'Cluster', + releaseLabel: 'emr-6.15.0', integrationPattern: sfn.IntegrationPattern.RUN_JOB, }); +new sfn.StateMachine(stack, 'SM', { + definition: step, +}); + new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], }); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index adc92ef57e0dd..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json index baed125e0960f..91e149c3650cb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json @@ -1,15 +1,15 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { - "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd": { + "c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-v2-policy.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "objectKey": "c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json new file mode 100644 index 0000000000000..b7e132a1ce08b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json @@ -0,0 +1,702 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EmrCreateClusterServiceRole5251910D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "EmrCreateClusterInstanceRoleC80466F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "EmrCreateClusterInstanceProfileC1729180": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "Roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "SMRole49C19C48": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "SMRoleDefaultPolicy34CA15C7": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SMRoleDefaultPolicy34CA15C7", + "Roles": [ + { + "Ref": "SMRole49C19C48" + } + ] + } + }, + "SM934E715A": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + }, + "DependsOn": [ + "SMRoleDefaultPolicy34CA15C7", + "SMRole49C19C48" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json deleted file mode 100644 index 038c3fdfb35e1..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "Resources": { - "EmrCreateClusterServiceRole5251910D": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, - "Effect": "Allow", - "Principal": { - "Service": "elasticmapreduce.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" - ] - ] - } - ] - } - }, - "EmrCreateClusterInstanceRoleC80466F5": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "EmrCreateClusterInstanceProfileC1729180": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - } - }, - "EmrCreateClusterAutoScalingRoleFDDAF4E2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out index b72fef144f05c..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.1.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json index 62e18fedc0b34..ff3a6d4b6a530 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "30.1.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-v2-policy" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json index bcc0527e03861..31274783903bf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "30.1.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-v2-policy.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-v2-policy.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-v2-policy": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-v2-policy.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v2-policy.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,47 +31,203 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v2-policy.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/SM/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRole49C19C48" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRoleDefaultPolicy34CA15C7" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/SM/Resource": [ { "type": "aws:cdk:logicalId", - "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" + "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v2-policy/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v2-policy/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-v2-policy" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -85,6 +242,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json index 9be5e287284cf..d6c5a4cfc825b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json @@ -4,29 +4,728 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-v2-policy": { + "id": "aws-cdk-emr-create-cluster-v2-policy", + "path": "aws-cdk-emr-create-cluster-v2-policy", "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +733,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,31 +758,75 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -107,52 +845,62 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } - }, - "AutoScalingRole": { - "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "SM": { + "id": "SM", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM", + "children": { + "Role": { + "id": "Role", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role", "children": { - "ImportAutoScalingRole": { - "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "ImportRole": { + "id": "ImportRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/ImportRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -162,67 +910,183 @@ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] + "Service": "states.amazonaws.com" } } ], "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ { - "Ref": "AWS::Partition" + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "SMRoleDefaultPolicy34CA15C7", + "roles": [ + { + "Ref": "SMRole49C19C48" + } ] } - ] + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-stepfunctions-tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v2-policy/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v2-policy/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -239,7 +1103,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -250,7 +1114,7 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -258,25 +1122,25 @@ "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -285,12 +1149,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts index 71d28820d0066..85b46d2378e90 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts @@ -1,26 +1,62 @@ import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; -import { App, Stack } from 'aws-cdk-lib'; +import { App, Stack, Tags } from 'aws-cdk-lib'; // eslint-disable-next-line import/no-extraneous-dependencies import { ENABLE_EMR_SERVICE_POLICY_V2 } from 'aws-cdk-lib/cx-api'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { Vpc } from 'aws-cdk-lib/aws-ec2'; -const enableEmrServicePolicyV2 = { [ENABLE_EMR_SERVICE_POLICY_V2]: true }; +/* + * Creates a state machine that deploys an EMR cluster. + * + * Stack verification steps: + * + * The generated state machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + * + * Be sure to terminate the EMR cluster after validation. + */ +const enableEmrServicePolicyV2 = { [ENABLE_EMR_SERVICE_POLICY_V2]: true }; const app = new App({ context: enableEmrServicePolicyV2, }); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-v2-policy'); + +const vpc = new Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); +// https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources +Tags.of(vpc).add('for-use-with-amazon-emr-managed-policies', 'true'); -new EmrCreateCluster(stack, 'EmrCreateCluster', { - instances: {}, +const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { + instances: { + instanceFleets: [ + { + instanceFleetType: EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, name: 'Cluster', + releaseLabel: 'emr-6.15.0', integrationPattern: sfn.IntegrationPattern.RUN_JOB, }); +new sfn.StateMachine(stack, 'SM', { + definition: step, +}); + new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], }); -app.synth(); \ No newline at end of file +app.synth(); diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts index 71e76c82a4078..06de859e1a70c 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts @@ -179,6 +179,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { private _serviceRole: iam.IRole; private _clusterRole: iam.IRole; private _autoScalingRole?: iam.IRole; + private _baseTags?: { [key: string]: string } = undefined; constructor(scope: Construct, id: string, private readonly props: EmrCreateClusterProps) { super(scope, id, props); @@ -192,6 +193,14 @@ export class EmrCreateCluster extends sfn.TaskStateBase { this._serviceRole = this.props.serviceRole ?? this.createServiceRole(); this._clusterRole = this.props.clusterRole ?? this.createClusterRole(); + // Service role must be able to iam:PassRole on the cluster role + this._clusterRole.grantPassRole(this._serviceRole); + + // https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources + if (cdk.FeatureFlags.of(this).isEnabled(ENABLE_EMR_SERVICE_POLICY_V2)) { + this._baseTags = { 'for-use-with-amazon-emr-managed-policies': 'true' }; + } + // AutoScaling roles are not valid with InstanceFleet clusters. // Attempt to create only if .instances.instanceFleets is undefined or empty if (this.props.instances.instanceFleets === undefined || this.props.instances.instanceFleets.length === 0) { @@ -280,7 +289,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { ScaleDownBehavior: cdk.stringToCloudFormation(this.props.scaleDownBehavior?.valueOf()), SecurityConfiguration: cdk.stringToCloudFormation(this.props.securityConfiguration), StepConcurrencyLevel: cdk.numberToCloudFormation(this.props.stepConcurrencyLevel), - ...(this.props.tags ? this.renderTags(this.props.tags) : undefined), + ...(this.props.tags ? this.renderTags({ ...this.props.tags, ...this._baseTags }) : this.renderTags(this._baseTags)), VisibleToAllUsers: cdk.booleanToCloudFormation(this.visibleToAllUsers), }), }; @@ -298,7 +307,12 @@ export class EmrCreateCluster extends sfn.TaskStateBase { const policyStatements = [ new iam.PolicyStatement({ - actions: ['elasticmapreduce:RunJobFlow', 'elasticmapreduce:DescribeCluster', 'elasticmapreduce:TerminateJobFlows'], + actions: [ + 'elasticmapreduce:RunJobFlow', + 'elasticmapreduce:DescribeCluster', + 'elasticmapreduce:TerminateJobFlows', + 'elasticmapreduce:AddTags', + ], resources: ['*'], }), ]; @@ -359,11 +373,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { private createServiceRole(): iam.IRole { if (cdk.FeatureFlags.of(this).isEnabled(ENABLE_EMR_SERVICE_POLICY_V2)) { return new iam.Role(this, 'ServiceRole', { - assumedBy: new iam.ServicePrincipal('elasticmapreduce.amazonaws.com', { - conditions: { - StringEquals: { 'aws:RequestTag/for-use-with-amazon-emr-managed-policies': 'true' }, - }, - }), + assumedBy: new iam.ServicePrincipal('elasticmapreduce.amazonaws.com'), managedPolicies: [iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEMRServicePolicy_v2')], }); } diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts index 55f86de6f0b25..2b448b7f1b73b 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts @@ -1,4 +1,4 @@ -import { Template } from '../../../assertions'; +import { Template, Match } from '../../../assertions'; import * as iam from '../../../aws-iam'; import * as sfn from '../../../aws-stepfunctions'; import * as cdk from '../../../core'; @@ -730,7 +730,7 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { const app = new cdk.App({ context: { [ENABLE_EMR_SERVICE_POLICY_V2]: true } }); const newStack = new cdk.Stack(app, 'NewStack'); - new EmrCreateCluster(newStack, 'Task', { + const task = new EmrCreateCluster(newStack, 'Task', { instances: {}, name: 'Cluster', integrationPattern: sfn.IntegrationPattern.RUN_JOB, @@ -745,11 +745,6 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { Principal: { Service: 'elasticmapreduce.amazonaws.com' }, Action: 'sts:AssumeRole', Effect: 'Allow', - Condition: { - StringEquals: { - 'aws:RequestTag/for-use-with-amazon-emr-managed-policies': 'true', - }, - }, }, ], }, @@ -768,6 +763,43 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { }, ], }); + + expect(stack.resolve(task.toStateJson())).toEqual(expect.objectContaining({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::elasticmapreduce:createCluster.sync', + ], + ], + }, + End: true, + Parameters: { + Name: 'Cluster', + Tags: [{ + Key: 'for-use-with-amazon-emr-managed-policies', + Value: 'true', + }], + VisibleToAllUsers: true, + JobFlowRole: { + Ref: 'TaskInstanceRoleB72072BF', + }, + ServiceRole: { + Ref: 'TaskServiceRoleBF55F61E', + }, + AutoScalingRole: { + Ref: 'TaskAutoScalingRoleD06F8423', + }, + Instances: { + KeepJobFlowAliveWhenNoSteps: true, + }, + }, + })); }); test('Create Cluster with Instances configuration', () => {