awscdkservicecatalogalpha

package module
v2.22.0-alpha.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

README

AWS Service Catalog Construct Library

The APIs of higher level constructs in this module are in developer preview before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to Semantic Versioning, and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

AWS Service Catalog enables organizations to create and manage catalogs of products for their end users that are approved for use on AWS.

Table Of Contents

The @aws-cdk/aws-servicecatalog package contains resources that enable users to automate governance and management of their AWS resources at scale.

import * as servicecatalog from '@aws-cdk/aws-servicecatalog-alpha';

Portfolio

AWS Service Catalog portfolios allow administrators to organize, manage, and distribute cloud resources for their end users. Using the CDK, a new portfolio can be created with the Portfolio construct:

new servicecatalog.Portfolio(this, 'Portfolio', {
  displayName: 'MyPortfolio',
  providerName: 'MyTeam',
});

You can also specify optional metadata properties such as description and messageLanguage to help better catalog and manage your portfolios.

new servicecatalog.Portfolio(this, 'Portfolio', {
  displayName: 'MyFirstPortfolio',
  providerName: 'SCAdmin',
  description: 'Portfolio for a project',
  messageLanguage: servicecatalog.MessageLanguage.EN,
});

Read more at Creating and Managing Portfolios.

To reference an existing portfolio into your CDK application, use the Portfolio.fromPortfolioArn() factory method:

const portfolio = servicecatalog.Portfolio.fromPortfolioArn(this, 'ReferencedPortfolio',
  'arn:aws:catalog:region:account-id:portfolio/port-abcdefghi');
Granting access to a portfolio

You can grant access to and manage the IAM users, groups, or roles that have access to the products within a portfolio. Entities with granted access will be able to utilize the portfolios resources and products via the console or AWS CLI. Once resources are deployed end users will be able to access them via the console or service catalog CLI.

import * as iam from 'aws-cdk-lib/aws-iam';

declare const portfolio: servicecatalog.Portfolio;

const user = new iam.User(this, 'User');
portfolio.giveAccessToUser(user);

const role = new iam.Role(this, 'Role', {
  assumedBy: new iam.AccountRootPrincipal(),
});
portfolio.giveAccessToRole(role);

const group = new iam.Group(this, 'Group');
portfolio.giveAccessToGroup(group);
Sharing a portfolio with another AWS account

You can use account-to-account sharing to distribute a reference to your portfolio to other AWS accounts by passing the recipient account number. After the share is initiated, the recipient account can accept the share via CLI or console by importing the portfolio ID. Changes made to the shared portfolio will automatically propagate to recipients.

declare const portfolio: servicecatalog.Portfolio;
portfolio.shareWithAccount('012345678901');

Product

Products are version friendly infrastructure-as-code templates that admins create and add to portfolios for end users to provision and create AWS resources. Service Catalog supports products from AWS Marketplace or ones defined by a CloudFormation template. The CDK currently only supports adding products of type CloudFormation. Using the CDK, a new Product can be created with the CloudFormationProduct construct. You can use CloudFormationTemplate.fromUrl to create a Product from a CloudFormation template directly from a URL that points to the template in S3, GitHub, or CodeCommit:

const product = new servicecatalog.CloudFormationProduct(this, 'MyFirstProduct', {
  productName: "My Product",
  owner: "Product Owner",
  productVersions: [
    {
      productVersionName: "v1",
      cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromUrl(
        'https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml'),
    },
  ],
});
Creating a product from a local asset

A CloudFormationProduct can also be created by using a CloudFormation template held locally on disk using Assets. Assets are files that are uploaded to an S3 Bucket before deployment. CloudFormationTemplate.fromAsset can be utilized to create a Product by passing the path to a local template file on your disk:

import * as path from 'path';

const product = new servicecatalog.CloudFormationProduct(this, 'Product', {
  productName: "My Product",
  owner: "Product Owner",
  productVersions: [
    {
      productVersionName: "v1",
      cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromUrl(
        'https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml'),
    },
    {
      productVersionName: "v2",
      cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromAsset(path.join(__dirname, 'development-environment.template.json')),
    },
  ],
});
Creating a product from a stack

You can create a Service Catalog CloudFormationProduct entirely defined with CDK code using a service catalog ProductStack. A separate child stack for your product is created and you can add resources like you would for any other CDK stack, such as an S3 Bucket, IAM roles, and EC2 instances. This stack is passed in as a product version to your product. This will not create a separate CloudFormation stack during deployment.

import * as s3 from 'aws-cdk-lib/aws-s3';
import * as cdk from 'aws-cdk-lib';

class S3BucketProduct extends servicecatalog.ProductStack {
  constructor(scope: Construct, id: string) {
    super(scope, id);

    new s3.Bucket(this, 'BucketProduct');
  }
}

const product = new servicecatalog.CloudFormationProduct(this, 'Product', {
  productName: "My Product",
  owner: "Product Owner",
  productVersions: [
    {
      productVersionName: "v1",
      cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromProductStack(new S3BucketProduct(this, 'S3BucketProduct')),
    },
  ],
});
Adding a product to a portfolio

You add products to a portfolio to organize and distribute your catalog at scale. Adding a product to a portfolio creates an association, and the product will become visible within the portfolio side in both the Service Catalog console and AWS CLI. You can add a product to multiple portfolios depending on your organizational structure and how you would like to group access to products.

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;
portfolio.addProduct(product);

Tag Options

TagOptions allow administrators to easily manage tags on provisioned products by providing a template for a selection of tags that end users choose from. TagOptions are created by specifying a tag key with a set of allowed values and can be associated with both portfolios and products. When launching a product, both the TagOptions associated with the product and the containing portfolio are made available.

At the moment, TagOptions can only be deactivated in the console.

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const tagOptionsForPortfolio = new servicecatalog.TagOptions(this, 'OrgTagOptions', {
  allowedValuesForTags: {
    Group: ['finance', 'engineering', 'marketing', 'research'],
    CostCenter: ['01', '02','03'],
  },
});
portfolio.associateTagOptions(tagOptionsForPortfolio);

const tagOptionsForProduct = new servicecatalog.TagOptions(this, 'ProductTagOptions', {
  allowedValuesForTags: {
    Environment: ['dev', 'alpha', 'prod'],
  },
});
product.associateTagOptions(tagOptionsForProduct);

Constraints

Constraints are governance gestures that you place on product-portfolio associations that allow you to manage minimal launch permissions, notifications, and other optional actions that end users can perform on products. Using the CDK, if you do not explicitly associate a product to a portfolio and add a constraint, it will automatically add an association for you.

There are rules around how constraints are applied to portfolio-product associations. For example, you can only have a single "launch role" constraint applied to a portfolio-product association. If a misconfigured constraint is added, synth will fail with an error message.

Read more at Service Catalog Constraints.

Tag update constraint

Tag update constraints allow or disallow end users to update tags on resources associated with an AWS Service Catalog product upon provisioning. By default, if a Tag Update constraint is not configured, tag updating is not permitted. If tag updating is allowed, then new tags associated with the product or portfolio will be applied to provisioned resources during a provisioned product update.

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

portfolio.addProduct(product);
portfolio.constrainTagUpdates(product);

If you want to disable this feature later on, you can update it by setting the "allow" parameter to false:

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

// to disable tag updates:
portfolio.constrainTagUpdates(product, {
  allow: false,
});
Notify on stack events

Allows users to subscribe an AWS SNS topic to a provisioned product's CloudFormation stack events. When an end user provisions a product it creates a CloudFormation stack that notifies the subscribed topic on creation, edit, and delete events. An individual SNS topic may only have a single subscription to any given portfolio-product association.

import * as sns from 'aws-cdk-lib/aws-sns';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const topic1 = new sns.Topic(this, 'Topic1');
portfolio.notifyOnStackEvents(product, topic1);

const topic2 = new sns.Topic(this, 'Topic2');
portfolio.notifyOnStackEvents(product, topic2, {
  description: 'description for topic2', // description is an optional field.
});
CloudFormation template parameters constraint

CloudFormation template parameter constraints allow you to configure the provisioning parameters that are available to end users when they launch a product. Template constraint rules consist of one or more assertions that define the default and/or allowable values for a product’s provisioning parameters. You can configure multiple parameter constraints to govern the different provisioning parameters within your products. For example, a rule might define the EC2 instance types that users can choose from when launching a product that includes one or more EC2 instances. Parameter rules have an optional condition field that allow for rule application to consider conditional evaluations. If a condition is specified, all assertions will be applied if the condition evaluates to true. For information on rule-specific intrinsic functions to define rule conditions and assertions, see AWS Rule Functions.

import * as cdk from 'aws-cdk-lib';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

portfolio.constrainCloudFormationParameters(product, {
  rule: {
    ruleName: 'testInstanceType',
    condition: cdk.Fn.conditionEquals(cdk.Fn.ref('Environment'), 'test'),
    assertions: [{
      assert: cdk.Fn.conditionContains(['t2.micro', 't2.small'], cdk.Fn.ref('InstanceType')),
      description: 'For test environment, the instance type should be small',
    }],
  },
});
Set launch role

Allows you to configure a specific IAM role that Service Catalog assumes on behalf of the end user when launching a product. By setting a launch role constraint, you can maintain least permissions for an end user when launching a product. For example, a launch role can grant permissions for specific resource creation like an S3 bucket that the user. The launch role must be assumed by the Service Catalog principal. You can only have one launch role set for a portfolio-product association, and you cannot set a launch role on a product that already has a StackSets deployment configured.

import * as iam from 'aws-cdk-lib/aws-iam';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const launchRole = new iam.Role(this, 'LaunchRole', {
  assumedBy: new iam.ServicePrincipal('servicecatalog.amazonaws.com'),
});

portfolio.setLaunchRole(product, launchRole);

You can also set the launch role using just the name of a role which is locally deployed in end user accounts. This is useful for when roles and users are separately managed outside of the CDK. The given role must exist in both the account that creates the launch role constraint, as well as in any end user accounts that wish to provision a product with the launch role.

You can do this by passing in the role with an explicitly set name:

import * as iam from 'aws-cdk-lib/aws-iam';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const launchRole = new iam.Role(this, 'LaunchRole', {
  roleName: 'MyRole',
  assumedBy: new iam.ServicePrincipal('servicecatalog.amazonaws.com'),
});

portfolio.setLocalLaunchRole(product, launchRole);

Or you can simply pass in a role name and CDK will create a role with that name that trusts service catalog in the account:

import * as iam from 'aws-cdk-lib/aws-iam';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const roleName = 'MyRole';
const launchRole: iam.IRole = portfolio.setLocalLaunchRoleName(product, roleName);

See Launch Constraint documentation to understand the permissions that launch roles need.

Deploy with StackSets

A StackSets deployment constraint allows you to configure product deployment options using AWS CloudFormation StackSets. You can specify one or more accounts and regions into which stack instances will launch when the product is provisioned. There is an additional field allowStackSetInstanceOperations that sets ability for end users to create, edit, or delete the stacks created by the StackSet. By default, this field is set to false. When launching a StackSets product, end users can select from the list of accounts and regions configured in the constraint to determine where the Stack Instances will deploy and the order of deployment. You can only define one StackSets deployment configuration per portfolio-product association, and you cannot both set a launch role and StackSets deployment configuration for an assocation.

import * as iam from 'aws-cdk-lib/aws-iam';

declare const portfolio: servicecatalog.Portfolio;
declare const product: servicecatalog.CloudFormationProduct;

const adminRole = new iam.Role(this, 'AdminRole', {
  assumedBy: new iam.AccountRootPrincipal(),
});

portfolio.deployWithStackSets(product, {
  accounts: ['012345678901', '012345678902', '012345678903'],
  regions: ['us-west-1', 'us-east-1', 'us-west-2', 'us-east-1'],
  adminRole: adminRole,
  executionRoleName: 'SCStackSetExecutionRole', // Name of role deployed in end users accounts.
  allowStackSetInstanceOperations: true,
});

Documentation

Overview

The CDK Construct Library for AWS::ServiceCatalog

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CloudFormationProduct_IsConstruct 

func CloudFormationProduct_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func CloudFormationProduct_IsResource 

func CloudFormationProduct_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func NewCloudFormationProduct_Override 

func NewCloudFormationProduct_Override(c CloudFormationProduct, scope constructs.Construct, id *string, props *CloudFormationProductProps)

Experimental.

func NewCloudFormationTemplate_Override 

func NewCloudFormationTemplate_Override(c CloudFormationTemplate)

Experimental.

func NewPortfolio_Override 

func NewPortfolio_Override(p Portfolio, scope constructs.Construct, id *string, props *PortfolioProps)

Experimental.

func NewProductStack_Override 

func NewProductStack_Override(p ProductStack, scope constructs.Construct, id *string)

Experimental.

func NewProduct_Override 

func NewProduct_Override(p Product, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

Experimental.

func NewTagOptions_Override 

func NewTagOptions_Override(t TagOptions, scope constructs.Construct, id *string, props *TagOptionsProps)

Experimental.

func Portfolio_IsConstruct 

func Portfolio_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func Portfolio_IsResource 

func Portfolio_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ProductStack_IsConstruct 

func ProductStack_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func ProductStack_IsStack 

func ProductStack_IsStack(x interface{}) *bool

Return whether the given object is a Stack.

We do attribute detection since we can't reliably use 'instanceof'. Experimental.

func ProductStack_Of 

func ProductStack_Of(construct constructs.IConstruct) awscdk.Stack

Looks up the first stack scope in which `construct` is defined.

Fails if there is no stack up the tree. Experimental.

func Product_IsConstruct 

func Product_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func Product_IsResource 

func Product_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func TagOptions_IsConstruct 

func TagOptions_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TagOptions_IsResource 

func TagOptions_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

Types

type CloudFormationProduct 

type CloudFormationProduct interface {
	Product
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The ARN of the product.
	// Experimental.
	ProductArn() *string
	// The id of the product.
	// Experimental.
	ProductId() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Associate Tag Options.
	//
	// A TagOption is a key-value pair managed in AWS Service Catalog.
	// It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption.
	// Experimental.
	AssociateTagOptions(tagOptions TagOptions)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A Service Catalog Cloudformation Product.

Example: 

import path "github.com/aws-samples/dummy/path"

product := servicecatalog.NewCloudFormationProduct(this, jsii.String("Product"), &cloudFormationProductProps{
	productName: jsii.String("My Product"),
	owner: jsii.String("Product Owner"),
	productVersions: []cloudFormationProductVersion{
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v1"),
			cloudFormationTemplate: servicecatalog.cloudFormationTemplate.fromUrl(jsii.String("https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml")),
		},
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v2"),
			cloudFormationTemplate: servicecatalog.*cloudFormationTemplate.fromAsset(path.join(__dirname, jsii.String("development-environment.template.json"))),
		},
	},
})

Experimental.

func NewCloudFormationProduct 

func NewCloudFormationProduct(scope constructs.Construct, id *string, props *CloudFormationProductProps) CloudFormationProduct

Experimental.

type CloudFormationProductProps 

type CloudFormationProductProps struct {
	// The owner of the product.
	// Experimental.
	Owner *string `json:"owner" yaml:"owner"`
	// The name of the product.
	// Experimental.
	ProductName *string `json:"productName" yaml:"productName"`
	// The configuration of the product version.
	// Experimental.
	ProductVersions *[]*CloudFormationProductVersion `json:"productVersions" yaml:"productVersions"`
	// The description of the product.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The distributor of the product.
	// Experimental.
	Distributor *string `json:"distributor" yaml:"distributor"`
	// The language code.
	//
	// Controls language for logging and errors.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// Whether to give provisioning artifacts a new unique identifier when the product attributes or provisioning artifacts is updated.
	// Experimental.
	ReplaceProductVersionIds *bool `json:"replaceProductVersionIds" yaml:"replaceProductVersionIds"`
	// The support information about the product.
	// Experimental.
	SupportDescription *string `json:"supportDescription" yaml:"supportDescription"`
	// The contact email for product support.
	// Experimental.
	SupportEmail *string `json:"supportEmail" yaml:"supportEmail"`
	// The contact URL for product support.
	// Experimental.
	SupportUrl *string `json:"supportUrl" yaml:"supportUrl"`
	// TagOptions associated directly to a product.
	// Experimental.
	TagOptions TagOptions `json:"tagOptions" yaml:"tagOptions"`
}

Properties for a Cloudformation Product.

Example: 

import path "github.com/aws-samples/dummy/path"

product := servicecatalog.NewCloudFormationProduct(this, jsii.String("Product"), &cloudFormationProductProps{
	productName: jsii.String("My Product"),
	owner: jsii.String("Product Owner"),
	productVersions: []cloudFormationProductVersion{
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v1"),
			cloudFormationTemplate: servicecatalog.cloudFormationTemplate.fromUrl(jsii.String("https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml")),
		},
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v2"),
			cloudFormationTemplate: servicecatalog.*cloudFormationTemplate.fromAsset(path.join(__dirname, jsii.String("development-environment.template.json"))),
		},
	},
})

Experimental.

type CloudFormationProductVersion 

type CloudFormationProductVersion struct {
	// The S3 template that points to the provisioning version template.
	// Experimental.
	CloudFormationTemplate CloudFormationTemplate `json:"cloudFormationTemplate" yaml:"cloudFormationTemplate"`
	// The description of the product version.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The name of the product version.
	// Experimental.
	ProductVersionName *string `json:"productVersionName" yaml:"productVersionName"`
	// Whether the specified product template will be validated by CloudFormation.
	//
	// If turned off, an invalid template configuration can be stored.
	// Experimental.
	ValidateTemplate *bool `json:"validateTemplate" yaml:"validateTemplate"`
}

Properties of product version (also known as a provisioning artifact).

Example: 

import servicecatalog_alpha "github.com/aws/aws-cdk-go/awscdkservicecatalogalpha"

var cloudFormationTemplate cloudFormationTemplate
cloudFormationProductVersion := &cloudFormationProductVersion{
	cloudFormationTemplate: cloudFormationTemplate,

	// the properties below are optional
	description: jsii.String("description"),
	productVersionName: jsii.String("productVersionName"),
	validateTemplate: jsii.Boolean(false),
}

Experimental.

type CloudFormationRuleConstraintOptions 

type CloudFormationRuleConstraintOptions struct {
	// The description of the constraint.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The language code.
	//
	// Configures the language for error messages from service catalog.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// The rule with condition and assertions to apply to template.
	// Experimental.
	Rule *TemplateRule `json:"rule" yaml:"rule"`
}

Properties for provisoning rule constraint.

Example: 

import cdk "github.com/aws/aws-cdk-go/awscdk"

var portfolio portfolio
var product cloudFormationProduct

portfolio.constrainCloudFormationParameters(product, &cloudFormationRuleConstraintOptions{
	rule: &templateRule{
		ruleName: jsii.String("testInstanceType"),
		condition: cdk.fn.conditionEquals(cdk.*fn.ref(jsii.String("Environment")), jsii.String("test")),
		assertions: []templateRuleAssertion{
			&templateRuleAssertion{
				assert: cdk.*fn.conditionContains([]*string{
					jsii.String("t2.micro"),
					jsii.String("t2.small"),
				}, cdk.*fn.ref(jsii.String("InstanceType"))),
				description: jsii.String("For test environment, the instance type should be small"),
			},
		},
	},
})

Experimental.

type CloudFormationTemplate 

type CloudFormationTemplate interface {
	// Called when the product is initialized to allow this object to bind to the stack, add resources and have fun.
	// Experimental.
	Bind(scope constructs.Construct) *CloudFormationTemplateConfig
}

Represents the Product Provisioning Artifact Template.

Example: 

import path "github.com/aws-samples/dummy/path"

product := servicecatalog.NewCloudFormationProduct(this, jsii.String("Product"), &cloudFormationProductProps{
	productName: jsii.String("My Product"),
	owner: jsii.String("Product Owner"),
	productVersions: []cloudFormationProductVersion{
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v1"),
			cloudFormationTemplate: servicecatalog.cloudFormationTemplate.fromUrl(jsii.String("https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml")),
		},
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v2"),
			cloudFormationTemplate: servicecatalog.*cloudFormationTemplate.fromAsset(path.join(__dirname, jsii.String("development-environment.template.json"))),
		},
	},
})

Experimental.

func CloudFormationTemplate_FromAsset 

func CloudFormationTemplate_FromAsset(path *string, options *awss3assets.AssetOptions) CloudFormationTemplate

Loads the provisioning artifacts template from a local disk path. Experimental.

func CloudFormationTemplate_FromProductStack 

func CloudFormationTemplate_FromProductStack(productStack ProductStack) CloudFormationTemplate

Creates a product with the resources defined in the given product stack. Experimental.

func CloudFormationTemplate_FromUrl 

func CloudFormationTemplate_FromUrl(url *string) CloudFormationTemplate

Template from URL. Experimental.

type CloudFormationTemplateConfig 

type CloudFormationTemplateConfig struct {
	// The http url of the template in S3.
	// Experimental.
	HttpUrl *string `json:"httpUrl" yaml:"httpUrl"`
}

Result of binding `Template` into a `Product`.

Example: 

import servicecatalog_alpha "github.com/aws/aws-cdk-go/awscdkservicecatalogalpha"
cloudFormationTemplateConfig := &cloudFormationTemplateConfig{
	httpUrl: jsii.String("httpUrl"),
}

Experimental.

type CommonConstraintOptions 

type CommonConstraintOptions struct {
	// The description of the constraint.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The language code.
	//
	// Configures the language for error messages from service catalog.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
}

Properties for governance mechanisms and constraints.

Example: 

import sns "github.com/aws/aws-cdk-go/awscdk"

var portfolio portfolio
var product cloudFormationProduct

topic1 := sns.NewTopic(this, jsii.String("Topic1"))
portfolio.notifyOnStackEvents(product, topic1)

topic2 := sns.NewTopic(this, jsii.String("Topic2"))
portfolio.notifyOnStackEvents(product, topic2, &commonConstraintOptions{
	description: jsii.String("description for topic2"),
})

Experimental.

type IPortfolio 

type IPortfolio interface {
	awscdk.IResource
	// Associate portfolio with the given product.
	// Experimental.
	AddProduct(product IProduct)
	// Associate Tag Options.
	//
	// A TagOption is a key-value pair managed in AWS Service Catalog.
	// It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption.
	// Experimental.
	AssociateTagOptions(tagOptions TagOptions)
	// Set provisioning rules for the product.
	// Experimental.
	ConstrainCloudFormationParameters(product IProduct, options *CloudFormationRuleConstraintOptions)
	// Add a Resource Update Constraint.
	// Experimental.
	ConstrainTagUpdates(product IProduct, options *TagUpdateConstraintOptions)
	// Configure deployment options using AWS Cloudformation StackSets.
	// Experimental.
	DeployWithStackSets(product IProduct, options *StackSetsConstraintOptions)
	// Associate portfolio with an IAM Group.
	// Experimental.
	GiveAccessToGroup(group awsiam.IGroup)
	// Associate portfolio with an IAM Role.
	// Experimental.
	GiveAccessToRole(role awsiam.IRole)
	// Associate portfolio with an IAM User.
	// Experimental.
	GiveAccessToUser(user awsiam.IUser)
	// Add notifications for supplied topics on the provisioned product.
	// Experimental.
	NotifyOnStackEvents(product IProduct, topic awssns.ITopic, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// This sets the launch role using the role arn which is tied to the account this role exists in.
	// This is useful if you will be provisioning products from the account where this role exists.
	// If you intend to share the portfolio across accounts, use a local launch role.
	// Experimental.
	SetLaunchRole(product IProduct, launchRole awsiam.IRole, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// The role name will be referenced by in the local account and must be set explicitly.
	// This is useful when sharing the portfolio with multiple accounts.
	// Experimental.
	SetLocalLaunchRole(product IProduct, launchRole awsiam.IRole, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// The role will be referenced by name in the local account instead of a static role arn.
	// A role with this name will automatically be created and assumable by Service Catalog in this account.
	// This is useful when sharing the portfolio with multiple accounts.
	// Experimental.
	SetLocalLaunchRoleName(product IProduct, launchRoleName *string, options *CommonConstraintOptions) awsiam.IRole
	// Initiate a portfolio share with another account.
	// Experimental.
	ShareWithAccount(accountId *string, options *PortfolioShareOptions)
	// The ARN of the portfolio.
	// Experimental.
	PortfolioArn() *string
	// The ID of the portfolio.
	// Experimental.
	PortfolioId() *string
}

A Service Catalog portfolio. Experimental.

func Portfolio_FromPortfolioArn 

func Portfolio_FromPortfolioArn(scope constructs.Construct, id *string, portfolioArn *string) IPortfolio

Creates a Portfolio construct that represents an external portfolio. Experimental.

type IProduct 

type IProduct interface {
	awscdk.IResource
	// Associate Tag Options.
	//
	// A TagOption is a key-value pair managed in AWS Service Catalog.
	// It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption.
	// Experimental.
	AssociateTagOptions(tagOptions TagOptions)
	// The ARN of the product.
	// Experimental.
	ProductArn() *string
	// The id of the product.
	// Experimental.
	ProductId() *string
}

A Service Catalog product, currently only supports type CloudFormationProduct. Experimental.

func CloudFormationProduct_FromProductArn 

func CloudFormationProduct_FromProductArn(scope constructs.Construct, id *string, productArn *string) IProduct

Creates a Product construct that represents an external product. Experimental.

func Product_FromProductArn 

func Product_FromProductArn(scope constructs.Construct, id *string, productArn *string) IProduct

Creates a Product construct that represents an external product. Experimental.

type MessageLanguage 

type MessageLanguage string

The language code.

Used for error and logging messages for end users. The default behavior if not specified is English.

Example: 

servicecatalog.NewPortfolio(this, jsii.String("Portfolio"), &portfolioProps{
	displayName: jsii.String("MyFirstPortfolio"),
	providerName: jsii.String("SCAdmin"),
	description: jsii.String("Portfolio for a project"),
	messageLanguage: servicecatalog.messageLanguage_EN,
})

Experimental. 

const (
	// English.
	// Experimental.
	MessageLanguage_EN MessageLanguage = "EN"
	// Japanese.
	// Experimental.
	MessageLanguage_JP MessageLanguage = "JP"
	// Chinese.
	// Experimental.
	MessageLanguage_ZH MessageLanguage = "ZH"
)

type Portfolio 

type Portfolio interface {
	awscdk.Resource
	IPortfolio
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The ARN of the portfolio.
	// Experimental.
	PortfolioArn() *string
	// The ID of the portfolio.
	// Experimental.
	PortfolioId() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Associate portfolio with the given product.
	// Experimental.
	AddProduct(product IProduct)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Associate Tag Options.
	//
	// A TagOption is a key-value pair managed in AWS Service Catalog.
	// It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption.
	// Experimental.
	AssociateTagOptions(tagOptions TagOptions)
	// Set provisioning rules for the product.
	// Experimental.
	ConstrainCloudFormationParameters(product IProduct, options *CloudFormationRuleConstraintOptions)
	// Add a Resource Update Constraint.
	// Experimental.
	ConstrainTagUpdates(product IProduct, options *TagUpdateConstraintOptions)
	// Configure deployment options using AWS Cloudformation StackSets.
	// Experimental.
	DeployWithStackSets(product IProduct, options *StackSetsConstraintOptions)
	// Experimental.
	GeneratePhysicalName() *string
	// Create a unique id based off the L1 CfnPortfolio or the arn of an imported portfolio.
	// Experimental.
	GenerateUniqueHash(value *string) *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Associate portfolio with an IAM Group.
	// Experimental.
	GiveAccessToGroup(group awsiam.IGroup)
	// Associate portfolio with an IAM Role.
	// Experimental.
	GiveAccessToRole(role awsiam.IRole)
	// Associate portfolio with an IAM User.
	// Experimental.
	GiveAccessToUser(user awsiam.IUser)
	// Add notifications for supplied topics on the provisioned product.
	// Experimental.
	NotifyOnStackEvents(product IProduct, topic awssns.ITopic, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// This sets the launch role using the role arn which is tied to the account this role exists in.
	// This is useful if you will be provisioning products from the account where this role exists.
	// If you intend to share the portfolio across accounts, use a local launch role.
	// Experimental.
	SetLaunchRole(product IProduct, launchRole awsiam.IRole, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// The role name will be referenced by in the local account and must be set explicitly.
	// This is useful when sharing the portfolio with multiple accounts.
	// Experimental.
	SetLocalLaunchRole(product IProduct, launchRole awsiam.IRole, options *CommonConstraintOptions)
	// Force users to assume a certain role when launching a product.
	//
	// The role will be referenced by name in the local account instead of a static role arn.
	// A role with this name will automatically be created and assumable by Service Catalog in this account.
	// This is useful when sharing the portfolio with multiple accounts.
	// Experimental.
	SetLocalLaunchRoleName(product IProduct, launchRoleName *string, options *CommonConstraintOptions) awsiam.IRole
	// Initiate a portfolio share with another account.
	// Experimental.
	ShareWithAccount(accountId *string, options *PortfolioShareOptions)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A Service Catalog portfolio.

Example: 

servicecatalog.NewPortfolio(this, jsii.String("Portfolio"), &portfolioProps{
	displayName: jsii.String("MyPortfolio"),
	providerName: jsii.String("MyTeam"),
})

Experimental.

func NewPortfolio 

func NewPortfolio(scope constructs.Construct, id *string, props *PortfolioProps) Portfolio

Experimental.

type PortfolioProps 

type PortfolioProps struct {
	// The name of the portfolio.
	// Experimental.
	DisplayName *string `json:"displayName" yaml:"displayName"`
	// The provider name.
	// Experimental.
	ProviderName *string `json:"providerName" yaml:"providerName"`
	// Description for portfolio.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The message language.
	//
	// Controls language for
	// status logging and errors.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// TagOptions associated directly to a portfolio.
	// Experimental.
	TagOptions TagOptions `json:"tagOptions" yaml:"tagOptions"`
}

Properties for a Portfolio.

Example: 

servicecatalog.NewPortfolio(this, jsii.String("Portfolio"), &portfolioProps{
	displayName: jsii.String("MyPortfolio"),
	providerName: jsii.String("MyTeam"),
})

Experimental.

type PortfolioShareOptions 

type PortfolioShareOptions struct {
	// The message language of the share.
	//
	// Controls status and error message language for share.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// Whether to share tagOptions as a part of the portfolio share.
	// Experimental.
	ShareTagOptions *bool `json:"shareTagOptions" yaml:"shareTagOptions"`
}

Options for portfolio share.

Example: 

import servicecatalog_alpha "github.com/aws/aws-cdk-go/awscdkservicecatalogalpha"
portfolioShareOptions := &portfolioShareOptions{
	messageLanguage: servicecatalog_alpha.messageLanguage_EN,
	shareTagOptions: jsii.Boolean(false),
}

Experimental.

type Product 

type Product interface {
	awscdk.Resource
	IProduct
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The ARN of the product.
	// Experimental.
	ProductArn() *string
	// The id of the product.
	// Experimental.
	ProductId() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Associate Tag Options.
	//
	// A TagOption is a key-value pair managed in AWS Service Catalog.
	// It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption.
	// Experimental.
	AssociateTagOptions(tagOptions TagOptions)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

Abstract class for Service Catalog Product.

Example: 

import servicecatalog_alpha "github.com/aws/aws-cdk-go/awscdkservicecatalogalpha"
product := servicecatalog_alpha.product.fromProductArn(this, jsii.String("MyProduct"), jsii.String("productArn"))

Experimental.

type ProductStack 

type ProductStack interface {
	awscdk.Stack
	// The AWS account into which this stack will be deployed.
	//
	// This value is resolved according to the following rules:
	//
	// 1. The value provided to `env.account` when the stack is defined. This can
	//     either be a concerete account (e.g. `585695031111`) or the
	//     `Aws.accountId` token.
	// 3. `Aws.accountId`, which represents the CloudFormation intrinsic reference
	//     `{ "Ref": "AWS::AccountId" }` encoded as a string token.
	//
	// Preferably, you should use the return value as an opaque string and not
	// attempt to parse it to implement your logic. If you do, you must first
	// check that it is a concerete value an not an unresolved token. If this
	// value is an unresolved token (`Token.isUnresolved(stack.account)` returns
	// `true`), this implies that the user wishes that this stack will synthesize
	// into a **account-agnostic template**. In this case, your code should either
	// fail (throw an error, emit a synth error using `Annotations.of(construct).addError()`) or
	// implement some other region-agnostic behavior.
	// Experimental.
	Account() *string
	// The ID of the cloud assembly artifact for this stack.
	// Experimental.
	ArtifactId() *string
	// Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
	//
	// If the stack is environment-agnostic (either account and/or region are
	// tokens), this property will return an array with 2 tokens that will resolve
	// at deploy-time to the first two availability zones returned from CloudFormation's
	// `Fn::GetAZs` intrinsic function.
	//
	// If they are not available in the context, returns a set of dummy values and
	// reports them as missing, and let the CLI resolve them by calling EC2
	// `DescribeAvailabilityZones` on the target environment.
	//
	// To specify a different strategy for selecting availability zones override this method.
	// Experimental.
	AvailabilityZones() *[]*string
	// Indicates whether the stack requires bundling or not.
	// Experimental.
	BundlingRequired() *bool
	// Return the stacks this stack depends on.
	// Experimental.
	Dependencies() *[]awscdk.Stack
	// The environment coordinates in which this stack is deployed.
	//
	// In the form
	// `aws://account/region`. Use `stack.account` and `stack.region` to obtain
	// the specific values, no need to parse.
	//
	// You can use this value to determine if two stacks are targeting the same
	// environment.
	//
	// If either `stack.account` or `stack.region` are not concrete values (e.g.
	// `Aws.account` or `Aws.region`) the special strings `unknown-account` and/or
	// `unknown-region` will be used respectively to indicate this stack is
	// region/account-agnostic.
	// Experimental.
	Environment() *string
	// Indicates if this is a nested stack, in which case `parentStack` will include a reference to it's parent.
	// Experimental.
	Nested() *bool
	// If this is a nested stack, returns it's parent stack.
	// Experimental.
	NestedStackParent() awscdk.Stack
	// If this is a nested stack, this represents its `AWS::CloudFormation::Stack` resource.
	//
	// `undefined` for top-level (non-nested) stacks.
	// Experimental.
	NestedStackResource() awscdk.CfnResource
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
	// Experimental.
	NotificationArns() *[]*string
	// The partition in which this stack is defined.
	// Experimental.
	Partition() *string
	// The AWS region into which this stack will be deployed (e.g. `us-west-2`).
	//
	// This value is resolved according to the following rules:
	//
	// 1. The value provided to `env.region` when the stack is defined. This can
	//     either be a concerete region (e.g. `us-west-2`) or the `Aws.region`
	//     token.
	// 3. `Aws.region`, which is represents the CloudFormation intrinsic reference
	//     `{ "Ref": "AWS::Region" }` encoded as a string token.
	//
	// Preferably, you should use the return value as an opaque string and not
	// attempt to parse it to implement your logic. If you do, you must first
	// check that it is a concerete value an not an unresolved token. If this
	// value is an unresolved token (`Token.isUnresolved(stack.region)` returns
	// `true`), this implies that the user wishes that this stack will synthesize
	// into a **region-agnostic template**. In this case, your code should either
	// fail (throw an error, emit a synth error using `Annotations.of(construct).addError()`) or
	// implement some other region-agnostic behavior.
	// Experimental.
	Region() *string
	// The ID of the stack.
	//
	// Example:
	//   // After resolving, looks like
	//   'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
	//
	// Experimental.
	StackId() *string
	// The concrete CloudFormation physical stack name.
	//
	// This is either the name defined explicitly in the `stackName` prop or
	// allocated based on the stack's location in the construct tree. Stacks that
	// are directly defined under the app use their construct `id` as their stack
	// name. Stacks that are defined deeper within the tree will use a hashed naming
	// scheme based on the construct path to ensure uniqueness.
	//
	// If you wish to obtain the deploy-time AWS::StackName intrinsic,
	// you can use `Aws.stackName` directly.
	// Experimental.
	StackName() *string
	// Synthesis method for this stack.
	// Experimental.
	Synthesizer() awscdk.IStackSynthesizer
	// Tags to be applied to the stack.
	// Experimental.
	Tags() awscdk.TagManager
	// The name of the CloudFormation template file emitted to the output directory during synthesis.
	//
	// Example value: `MyStack.template.json`
	// Experimental.
	TemplateFile() *string
	// Options for CloudFormation template (like version, transform, description).
	// Experimental.
	TemplateOptions() awscdk.ITemplateOptions
	// Whether termination protection is enabled for this stack.
	// Experimental.
	TerminationProtection() *bool
	// The Amazon domain suffix for the region in which this stack is defined.
	// Experimental.
	UrlSuffix() *string
	// Add a dependency between this stack and another stack.
	//
	// This can be used to define dependencies between any two stacks within an
	// app, and also supports nested stacks.
	// Experimental.
	AddDependency(target awscdk.Stack, reason *string)
	// Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
	//
	// Duplicate values are removed when stack is synthesized.
	//
	// Example:
	//   declare const stack: Stack;
	//
	//   stack.addTransform('AWS::Serverless-2016-10-31')
	//
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html
	//
	// Experimental.
	AddTransform(transform *string)
	// Returns the naming scheme used to allocate logical IDs.
	//
	// By default, uses
	// the `HashedAddressingScheme` but this method can be overridden to customize
	// this behavior.
	//
	// In order to make sure logical IDs are unique and stable, we hash the resource
	// construct tree path (i.e. toplevel/secondlevel/.../myresource) and add it as
	// a suffix to the path components joined without a separator (CloudFormation
	// IDs only allow alphanumeric characters).
	//
	// The result will be:
	//
	//    <path.join(”)><md5(path.join('/')>
	//      "human"      "hash"
	//
	// If the "human" part of the ID exceeds 240 characters, we simply trim it so
	// the total ID doesn't exceed CloudFormation's 255 character limit.
	//
	// We only take 8 characters from the md5 hash (0.000005 chance of collision).
	//
	// Special cases:
	//
	// - If the path only contains a single component (i.e. it's a top-level
	//    resource), we won't add the hash to it. The hash is not needed for
	//    disamiguation and also, it allows for a more straightforward migration an
	//    existing CloudFormation template to a CDK stack without logical ID changes
	//    (or renames).
	// - For aesthetic reasons, if the last components of the path are the same
	//    (i.e. `L1/L2/Pipeline/Pipeline`), they will be de-duplicated to make the
	//    resulting human portion of the ID more pleasing: `L1L2Pipeline<HASH>`
	//    instead of `L1L2PipelinePipeline<HASH>`
	// - If a component is named "Default" it will be omitted from the path. This
	//    allows refactoring higher level abstractions around constructs without affecting
	//    the IDs of already deployed resources.
	// - If a component is named "Resource" it will be omitted from the user-visible
	//    path, but included in the hash. This reduces visual noise in the human readable
	//    part of the identifier.
	// Experimental.
	AllocateLogicalId(cfnElement awscdk.CfnElement) *string
	// Create a CloudFormation Export for a value.
	//
	// Returns a string representing the corresponding `Fn.importValue()`
	// expression for this Export. You can control the name for the export by
	// passing the `name` option.
	//
	// If you don't supply a value for `name`, the value you're exporting must be
	// a Resource attribute (for example: `bucket.bucketName`) and it will be
	// given the same name as the automatic cross-stack reference that would be created
	// if you used the attribute in another Stack.
	//
	// One of the uses for this method is to *remove* the relationship between
	// two Stacks established by automatic cross-stack references. It will
	// temporarily ensure that the CloudFormation Export still exists while you
	// remove the reference from the consuming stack. After that, you can remove
	// the resource and the manual export.
	//
	// ## Example
	//
	// Here is how the process works. Let's say there are two stacks,
	// `producerStack` and `consumerStack`, and `producerStack` has a bucket
	// called `bucket`, which is referenced by `consumerStack` (perhaps because
	// an AWS Lambda Function writes into it, or something like that).
	//
	// It is not safe to remove `producerStack.bucket` because as the bucket is being
	// deleted, `consumerStack` might still be using it.
	//
	// Instead, the process takes two deployments:
	//
	// ### Deployment 1: break the relationship
	//
	// - Make sure `consumerStack` no longer references `bucket.bucketName` (maybe the consumer
	//    stack now uses its own bucket, or it writes to an AWS DynamoDB table, or maybe you just
	//    remove the Lambda Function altogether).
	// - In the `ProducerStack` class, call `this.exportValue(this.bucket.bucketName)`. This
	//    will make sure the CloudFormation Export continues to exist while the relationship
	//    between the two stacks is being broken.
	// - Deploy (this will effectively only change the `consumerStack`, but it's safe to deploy both).
	//
	// ### Deployment 2: remove the bucket resource
	//
	// - You are now free to remove the `bucket` resource from `producerStack`.
	// - Don't forget to remove the `exportValue()` call as well.
	// - Deploy again (this time only the `producerStack` will be changed -- the bucket will be deleted).
	// Experimental.
	ExportValue(exportedValue interface{}, options *awscdk.ExportValueOptions) *string
	// Creates an ARN from components.
	//
	// If `partition`, `region` or `account` are not specified, the stack's
	// partition, region and account will be used.
	//
	// If any component is the empty string, an empty string will be inserted
	// into the generated ARN at the location that component corresponds to.
	//
	// The ARN will be formatted as follows:
	//
	//    arn:{partition}:{service}:{region}:{account}:{resource}{sep}}{resource-name}
	//
	// The required ARN pieces that are omitted will be taken from the stack that
	// the 'scope' is attached to. If all ARN pieces are supplied, the supplied scope
	// can be 'undefined'.
	// Experimental.
	FormatArn(components *awscdk.ArnComponents) *string
	// Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
	//
	// This method is called when a `CfnElement` is created and used to render the
	// initial logical identity of resources. Logical ID renames are applied at
	// this stage.
	//
	// This method uses the protected method `allocateLogicalId` to render the
	// logical ID for an element. To modify the naming scheme, extend the `Stack`
	// class and override this method.
	// Experimental.
	GetLogicalId(element awscdk.CfnElement) *string
	// Look up a fact value for the given fact for the region of this stack.
	//
	// Will return a definite value only if the region of the current stack is resolved.
	// If not, a lookup map will be added to the stack and the lookup will be done at
	// CDK deployment time.
	//
	// What regions will be included in the lookup map is controlled by the
	// `@aws-cdk/core:target-partitions` context value: it must be set to a list
	// of partitions, and only regions from the given partitions will be included.
	// If no such context key is set, all regions will be included.
	//
	// This function is intended to be used by construct library authors. Application
	// builders can rely on the abstractions offered by construct libraries and do
	// not have to worry about regional facts.
	//
	// If `defaultValue` is not given, it is an error if the fact is unknown for
	// the given region.
	// Experimental.
	RegionalFact(factName *string, defaultValue *string) *string
	// Rename a generated logical identities.
	//
	// To modify the naming scheme strategy, extend the `Stack` class and
	// override the `allocateLogicalId` method.
	// Experimental.
	RenameLogicalId(oldId *string, newId *string)
	// Indicate that a context key was expected.
	//
	// Contains instructions which will be emitted into the cloud assembly on how
	// the key should be supplied.
	// Experimental.
	ReportMissingContextKey(report *cloudassemblyschema.MissingContext)
	// Resolve a tokenized value in the context of the current stack.
	// Experimental.
	Resolve(obj interface{}) interface{}
	// Splits the provided ARN into its components.
	//
	// Works both if 'arn' is a string like 'arn:aws:s3:::bucket',
	// and a Token representing a dynamic CloudFormation expression
	// (in which case the returned components will also be dynamic CloudFormation expressions,
	// encoded as Tokens).
	// Experimental.
	SplitArn(arn *string, arnFormat awscdk.ArnFormat) *awscdk.ArnComponents
	// Convert an object, potentially containing tokens, to a JSON string.
	// Experimental.
	ToJsonString(obj interface{}, space *float64) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A Service Catalog product stack, which is similar in form to a Cloudformation nested stack.

You can add the resources to this stack that you want to define for your service catalog product.

This stack will not be treated as an independent deployment artifact (won't be listed in "cdk list" or deployable through "cdk deploy"), but rather only synthesized as a template and uploaded as an asset to S3.

Example: 

import s3 "github.com/aws/aws-cdk-go/awscdk"import cdk "github.com/aws/aws-cdk-go/awscdk"

type s3BucketProduct struct {
	productStack
}

func newS3BucketProduct(scope construct, id *string) *s3BucketProduct {
	this := &s3BucketProduct{}
	servicecatalog.NewProductStack_Override(this, scope, id)

	s3.NewBucket(this, jsii.String("BucketProduct"))
	return this
}

product := servicecatalog.NewCloudFormationProduct(this, jsii.String("Product"), &cloudFormationProductProps{
	productName: jsii.String("My Product"),
	owner: jsii.String("Product Owner"),
	productVersions: []cloudFormationProductVersion{
		&cloudFormationProductVersion{
			productVersionName: jsii.String("v1"),
			cloudFormationTemplate: servicecatalog.cloudFormationTemplate.fromProductStack(NewS3BucketProduct(this, jsii.String("S3BucketProduct"))),
		},
	},
})

Experimental.

func NewProductStack 

func NewProductStack(scope constructs.Construct, id *string) ProductStack

Experimental.

type StackSetsConstraintOptions 

type StackSetsConstraintOptions struct {
	// The description of the constraint.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The language code.
	//
	// Configures the language for error messages from service catalog.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// List of accounts to deploy stacks to.
	// Experimental.
	Accounts *[]*string `json:"accounts" yaml:"accounts"`
	// IAM role used to administer the StackSets configuration.
	// Experimental.
	AdminRole awsiam.IRole `json:"adminRole" yaml:"adminRole"`
	// IAM role used to provision the products in the Stacks.
	// Experimental.
	ExecutionRoleName *string `json:"executionRoleName" yaml:"executionRoleName"`
	// List of regions to deploy stacks to.
	// Experimental.
	Regions *[]*string `json:"regions" yaml:"regions"`
	// Wether to allow end users to create, update, and delete stacks.
	// Experimental.
	AllowStackSetInstanceOperations *bool `json:"allowStackSetInstanceOperations" yaml:"allowStackSetInstanceOperations"`
}

Properties for deploying with Stackset, which creates a StackSet constraint.

Example: 

import iam "github.com/aws/aws-cdk-go/awscdk"

var portfolio portfolio
var product cloudFormationProduct

adminRole := iam.NewRole(this, jsii.String("AdminRole"), &roleProps{
	assumedBy: iam.NewAccountRootPrincipal(),
})

portfolio.deployWithStackSets(product, &stackSetsConstraintOptions{
	accounts: []*string{
		jsii.String("012345678901"),
		jsii.String("012345678902"),
		jsii.String("012345678903"),
	},
	regions: []*string{
		jsii.String("us-west-1"),
		jsii.String("us-east-1"),
		jsii.String("us-west-2"),
		jsii.String("us-east-1"),
	},
	adminRole: adminRole,
	executionRoleName: jsii.String("SCStackSetExecutionRole"),
	 // Name of role deployed in end users accounts.
	allowStackSetInstanceOperations: jsii.Boolean(true),
})

Experimental.

type TagOptions 

type TagOptions interface {
	awscdk.Resource
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

Defines a set of TagOptions, which are a list of key-value pairs managed in AWS Service Catalog.

It is not an AWS tag, but serves as a template for creating an AWS tag based on the TagOption. See https://docs.aws.amazon.com/servicecatalog/latest/adminguide/tagoptions.html

Example: 

var portfolio portfolio
var product cloudFormationProduct

tagOptionsForPortfolio := servicecatalog.NewTagOptions(this, jsii.String("OrgTagOptions"), &tagOptionsProps{
	allowedValuesForTags: map[string][]*string{
		"Group": []*string{
			jsii.String("finance"),
			jsii.String("engineering"),
			jsii.String("marketing"),
			jsii.String("research"),
		},
		"CostCenter": []*string{
			jsii.String("01"),
			jsii.String("02"),
			jsii.String("03"),
		},
	},
})
portfolio.associateTagOptions(tagOptionsForPortfolio)

tagOptionsForProduct := servicecatalog.NewTagOptions(this, jsii.String("ProductTagOptions"), &tagOptionsProps{
	allowedValuesForTags: map[string][]*string{
		"Environment": []*string{
			jsii.String("dev"),
			jsii.String("alpha"),
			jsii.String("prod"),
		},
	},
})
product.associateTagOptions(tagOptionsForProduct)

Experimental.

func NewTagOptions 

func NewTagOptions(scope constructs.Construct, id *string, props *TagOptionsProps) TagOptions

Experimental.

type TagOptionsProps 

type TagOptionsProps struct {
	// The values that are allowed to be set for specific tags.
	//
	// The keys of the map represent the tag keys,
	// and the values of the map are a list of allowed values for that particular tag key.
	// Experimental.
	AllowedValuesForTags *map[string]*[]*string `json:"allowedValuesForTags" yaml:"allowedValuesForTags"`
}

Properties for TagOptions.

Example: 

var portfolio portfolio
var product cloudFormationProduct

tagOptionsForPortfolio := servicecatalog.NewTagOptions(this, jsii.String("OrgTagOptions"), &tagOptionsProps{
	allowedValuesForTags: map[string][]*string{
		"Group": []*string{
			jsii.String("finance"),
			jsii.String("engineering"),
			jsii.String("marketing"),
			jsii.String("research"),
		},
		"CostCenter": []*string{
			jsii.String("01"),
			jsii.String("02"),
			jsii.String("03"),
		},
	},
})
portfolio.associateTagOptions(tagOptionsForPortfolio)

tagOptionsForProduct := servicecatalog.NewTagOptions(this, jsii.String("ProductTagOptions"), &tagOptionsProps{
	allowedValuesForTags: map[string][]*string{
		"Environment": []*string{
			jsii.String("dev"),
			jsii.String("alpha"),
			jsii.String("prod"),
		},
	},
})
product.associateTagOptions(tagOptionsForProduct)

Experimental.

type TagUpdateConstraintOptions 

type TagUpdateConstraintOptions struct {
	// The description of the constraint.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// The language code.
	//
	// Configures the language for error messages from service catalog.
	// Experimental.
	MessageLanguage MessageLanguage `json:"messageLanguage" yaml:"messageLanguage"`
	// Toggle for if users should be allowed to change/update tags on provisioned products.
	// Experimental.
	Allow *bool `json:"allow" yaml:"allow"`
}

Properties for ResourceUpdateConstraint.

Example: 

var portfolio portfolio
var product cloudFormationProduct

// to disable tag updates:
portfolio.constrainTagUpdates(product, &tagUpdateConstraintOptions{
	allow: jsii.Boolean(false),
})

Experimental.

type TemplateRule 

type TemplateRule struct {
	// A list of assertions that make up the rule.
	// Experimental.
	Assertions *[]*TemplateRuleAssertion `json:"assertions" yaml:"assertions"`
	// Name of the rule.
	// Experimental.
	RuleName *string `json:"ruleName" yaml:"ruleName"`
	// Specify when to apply rule with a rule-specific intrinsic function.
	// Experimental.
	Condition awscdk.ICfnRuleConditionExpression `json:"condition" yaml:"condition"`
}

Defines the provisioning template constraints.

Example: 

import cdk "github.com/aws/aws-cdk-go/awscdk"

var portfolio portfolio
var product cloudFormationProduct

portfolio.constrainCloudFormationParameters(product, &cloudFormationRuleConstraintOptions{
	rule: &templateRule{
		ruleName: jsii.String("testInstanceType"),
		condition: cdk.fn.conditionEquals(cdk.*fn.ref(jsii.String("Environment")), jsii.String("test")),
		assertions: []templateRuleAssertion{
			&templateRuleAssertion{
				assert: cdk.*fn.conditionContains([]*string{
					jsii.String("t2.micro"),
					jsii.String("t2.small"),
				}, cdk.*fn.ref(jsii.String("InstanceType"))),
				description: jsii.String("For test environment, the instance type should be small"),
			},
		},
	},
})

Experimental.

type TemplateRuleAssertion 

type TemplateRuleAssertion struct {
	// The assertion condition.
	// Experimental.
	Assert awscdk.ICfnRuleConditionExpression `json:"assert" yaml:"assert"`
	// The description for the asssertion.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
}

An assertion within a template rule, defined by intrinsic functions.

Example: 

import servicecatalog_alpha "github.com/aws/aws-cdk-go/awscdkservicecatalogalpha"import cdk "github.com/aws/aws-cdk-go/awscdk"

var cfnRuleConditionExpression iCfnRuleConditionExpression
templateRuleAssertion := &templateRuleAssertion{
	assert: cfnRuleConditionExpression,

	// the properties below are optional
	description: jsii.String("description"),
}

Experimental.

Source Files

View all Source files

Directories

Path Synopsis
Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.
 Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.