Documentation ¶
Index ¶
- func AwsCustomResourcePolicy_ANY_RESOURCE() *[]*string
- func AwsCustomResource_IsConstruct(x interface{}) *bool
- func NewAwsCustomResource_Override(a AwsCustomResource, scope constructs.Construct, id *string, ...)
- func NewPhysicalResourceIdReference_Override(p PhysicalResourceIdReference)
- func NewProvider_Override(p Provider, scope constructs.Construct, id *string, props *ProviderProps)
- func Provider_IsConstruct(x interface{}) *bool
- type AwsCustomResource
- type AwsCustomResourcePolicy
- type AwsCustomResourceProps
- type AwsSdkCall
- type PhysicalResourceId
- type PhysicalResourceIdReference
- type Provider
- type ProviderProps
- type SdkCallsPolicyOptions
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AwsCustomResourcePolicy_ANY_RESOURCE ¶
func AwsCustomResourcePolicy_ANY_RESOURCE() *[]*string
func AwsCustomResource_IsConstruct ¶
func AwsCustomResource_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func NewAwsCustomResource_Override ¶
func NewAwsCustomResource_Override(a AwsCustomResource, scope constructs.Construct, id *string, props *AwsCustomResourceProps)
Experimental.
func NewPhysicalResourceIdReference_Override ¶
func NewPhysicalResourceIdReference_Override(p PhysicalResourceIdReference)
Experimental.
func NewProvider_Override ¶
func NewProvider_Override(p Provider, scope constructs.Construct, id *string, props *ProviderProps)
Experimental.
func Provider_IsConstruct ¶
func Provider_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
Types ¶
type AwsCustomResource ¶
type AwsCustomResource interface { awscdk.Construct awsiam.IGrantable GrantPrincipal() awsiam.IPrincipal Node() awscdk.ConstructNode GetResponseField(dataPath *string) *string GetResponseFieldReference(dataPath *string) awscdk.Reference OnPrepare() OnSynthesize(session constructs.ISynthesisSession) OnValidate() *[]*string Prepare() Synthesize(session awscdk.ISynthesisSession) ToString() *string Validate() *[]*string }
Defines a custom resource that is materialized using specific AWS API calls.
Use this to bridge any gap that might exist in the CloudFormation Coverage. You can specify exactly which calls are invoked for the 'CREATE', 'UPDATE' and 'DELETE' life cycle events. Experimental.
func NewAwsCustomResource ¶
func NewAwsCustomResource(scope constructs.Construct, id *string, props *AwsCustomResourceProps) AwsCustomResource
Experimental.
type AwsCustomResourcePolicy ¶
type AwsCustomResourcePolicy interface { Resources() *[]*string Statements() *[]awsiam.PolicyStatement }
The IAM Policy that will be applied to the different calls. Experimental.
func AwsCustomResourcePolicy_FromSdkCalls ¶
func AwsCustomResourcePolicy_FromSdkCalls(options *SdkCallsPolicyOptions) AwsCustomResourcePolicy
Generate IAM Policy Statements from the configured SDK calls.
Each SDK call with be translated to an IAM Policy Statement in the form of: `call.service:call.action` (e.g `s3:PutObject`). Experimental.
func AwsCustomResourcePolicy_FromStatements ¶
func AwsCustomResourcePolicy_FromStatements(statements *[]awsiam.PolicyStatement) AwsCustomResourcePolicy
Explicit IAM Policy Statements. Experimental.
type AwsCustomResourceProps ¶
type AwsCustomResourceProps struct { // The policy that will be added to the execution role of the Lambda function implementing this custom resource provider. // // The custom resource also implements `iam.IGrantable`, making it possible // to use the `grantXxx()` methods. // // As this custom resource uses a singleton Lambda function, it's important // to note the that function's role will eventually accumulate the // permissions/grants from all resources. // See: Policy.fromSdkCalls // // Experimental. Policy AwsCustomResourcePolicy `json:"policy"` // A name for the Lambda function implementing this custom resource. // Experimental. FunctionName *string `json:"functionName"` // Whether to install the latest AWS SDK v2. Allows to use the latest API calls documented at https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/index.html. // // The installation takes around 60 seconds. // Experimental. InstallLatestAwsSdk *bool `json:"installLatestAwsSdk"` // The number of days log events of the Lambda function implementing this custom resource are kept in CloudWatch Logs. // Experimental. LogRetention awslogs.RetentionDays `json:"logRetention"` // The AWS SDK call to make when the resource is created. // Experimental. OnCreate *AwsSdkCall `json:"onCreate"` // The AWS SDK call to make when the resource is deleted. // Experimental. OnDelete *AwsSdkCall `json:"onDelete"` // The AWS SDK call to make when the resource is updated. // Experimental. OnUpdate *AwsSdkCall `json:"onUpdate"` // Cloudformation Resource type. // Experimental. ResourceType *string `json:"resourceType"` // The execution role for the Lambda function implementing this custom resource provider. // // This role will apply to all `AwsCustomResource` // instances in the stack. The role must be assumable by the // `lambda.amazonaws.com` service principal. // Experimental. Role awsiam.IRole `json:"role"` // The timeout for the Lambda function implementing this custom resource. // Experimental. Timeout awscdk.Duration `json:"timeout"` }
Properties for AwsCustomResource.
Note that at least onCreate, onUpdate or onDelete must be specified. Experimental.
type AwsSdkCall ¶
type AwsSdkCall struct { // The service action to call. // See: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/index.html // // Experimental. Action *string `json:"action"` // The service to call. // See: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/index.html // // Experimental. Service *string `json:"service"` // API version to use for the service. // See: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/locking-api-versions.html // // Experimental. ApiVersion *string `json:"apiVersion"` // Used for running the SDK calls in underlying lambda with a different role Can be used primarily for cross-account requests to for example connect hostedzone with a shared vpc. // // Example for Route53 / associateVPCWithHostedZone // Experimental. AssumedRoleArn *string `json:"assumedRoleArn"` // The regex pattern to use to catch API errors. // // The `code` property of the // `Error` object will be tested against this pattern. If there is a match an // error will not be thrown. // Experimental. IgnoreErrorCodesMatching *string `json:"ignoreErrorCodesMatching"` // Restrict the data returned by the custom resource to a specific path in the API response. // // Use this to limit the data returned by the custom // resource if working with API calls that could potentially result in custom // response objects exceeding the hard limit of 4096 bytes. // // Example for ECS / updateService: 'service.deploymentConfiguration.maximumPercent' // Deprecated: use outputPaths instead OutputPath *string `json:"outputPath"` // Restrict the data returned by the custom resource to specific paths in the API response. // // Use this to limit the data returned by the custom // resource if working with API calls that could potentially result in custom // response objects exceeding the hard limit of 4096 bytes. // // Example for ECS / updateService: ['service.deploymentConfiguration.maximumPercent'] // Experimental. OutputPaths *[]*string `json:"outputPaths"` // The parameters for the service action. // See: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/index.html // // Experimental. Parameters interface{} `json:"parameters"` // The physical resource id of the custom resource for this call. // // Mandatory for onCreate or onUpdate calls. // Experimental. PhysicalResourceId PhysicalResourceId `json:"physicalResourceId"` // The region to send service requests to. // // **Note: Cross-region operations are generally considered an anti-pattern.** // **Consider first deploying a stack in that region.** // Experimental. Region *string `json:"region"` }
An AWS SDK call. Experimental.
type PhysicalResourceId ¶
Physical ID of the custom resource. Experimental.
func PhysicalResourceId_FromResponse ¶
func PhysicalResourceId_FromResponse(responsePath *string) PhysicalResourceId
Extract the physical resource id from the path (dot notation) to the data in the API call response. Experimental.
func PhysicalResourceId_Of ¶
func PhysicalResourceId_Of(id *string) PhysicalResourceId
Explicit physical resource id. Experimental.
type PhysicalResourceIdReference ¶
type PhysicalResourceIdReference interface { awscdk.IResolvable CreationStack() *[]*string Resolve(_arg awscdk.IResolveContext) interface{} ToJSON() *string ToString() *string }
Reference to the physical resource id that can be passed to the AWS operation as a parameter. Experimental.
func NewPhysicalResourceIdReference ¶
func NewPhysicalResourceIdReference() PhysicalResourceIdReference
Experimental.
type Provider ¶
type Provider interface { awscdk.Construct awscloudformation.ICustomResourceProvider IsCompleteHandler() awslambda.IFunction Node() awscdk.ConstructNode OnEventHandler() awslambda.IFunction ServiceToken() *string Bind(_scope awscdk.Construct) *awscloudformation.CustomResourceProviderConfig OnPrepare() OnSynthesize(session constructs.ISynthesisSession) OnValidate() *[]*string Prepare() Synthesize(session awscdk.ISynthesisSession) ToString() *string Validate() *[]*string }
Defines an AWS CloudFormation custom resource provider. Experimental.
func NewProvider ¶
func NewProvider(scope constructs.Construct, id *string, props *ProviderProps) Provider
Experimental.
type ProviderProps ¶
type ProviderProps struct { // The AWS Lambda function to invoke for all resource lifecycle operations (CREATE/UPDATE/DELETE). // // This function is responsible to begin the requested resource operation // (CREATE/UPDATE/DELETE) and return any additional properties to add to the // event, which will later be passed to `isComplete`. The `PhysicalResourceId` // property must be included in the response. // Experimental. OnEventHandler awslambda.IFunction `json:"onEventHandler"` // The AWS Lambda function to invoke in order to determine if the operation is complete. // // This function will be called immediately after `onEvent` and then // periodically based on the configured query interval as long as it returns // `false`. If the function still returns `false` and the alloted timeout has // passed, the operation will fail. // Experimental. IsCompleteHandler awslambda.IFunction `json:"isCompleteHandler"` // The number of days framework log events are kept in CloudWatch Logs. // // When // updating this property, unsetting it doesn't remove the log retention policy. // To remove the retention policy, set the value to `INFINITE`. // Experimental. LogRetention awslogs.RetentionDays `json:"logRetention"` // Time between calls to the `isComplete` handler which determines if the resource has been stabilized. // // The first `isComplete` will be called immediately after `handler` and then // every `queryInterval` seconds, and until `timeout` has been reached or until // `isComplete` returns `true`. // Experimental. QueryInterval awscdk.Duration `json:"queryInterval"` // AWS Lambda execution role. // // The role that will be assumed by the AWS Lambda. // Must be assumable by the 'lambda.amazonaws.com' service principal. // Experimental. Role awsiam.IRole `json:"role"` // Security groups to attach to the provider functions. // // Only used if 'vpc' is supplied // Experimental. SecurityGroups *[]awsec2.ISecurityGroup `json:"securityGroups"` // Total timeout for the entire operation. // // The maximum timeout is 2 hours (yes, it can exceed the AWS Lambda 15 minutes) // Experimental. TotalTimeout awscdk.Duration `json:"totalTimeout"` // The vpc to provision the lambda functions in. // Experimental. Vpc awsec2.IVpc `json:"vpc"` // Which subnets from the VPC to place the lambda functions in. // // Only used if 'vpc' is supplied. Note: internet access for Lambdas // requires a NAT gateway, so picking Public subnets is not allowed. // Experimental. VpcSubnets *awsec2.SubnetSelection `json:"vpcSubnets"` }
Initialization properties for the `Provider` construct. Experimental.
type SdkCallsPolicyOptions ¶
type SdkCallsPolicyOptions struct { // The resources that the calls will have access to. // // It is best to use specific resource ARN's when possible. However, you can also use `AwsCustomResourcePolicy.ANY_RESOURCE` // to allow access to all resources. For example, when `onCreate` is used to create a resource which you don't // know the physical name of in advance. // // Note that will apply to ALL SDK calls. // Experimental. Resources *[]*string `json:"resources"` }
Options for the auto-generation of policies based on the configured SDK calls. Experimental.