diff --git a/packages/@aws-cdk/aws-rum/README.md b/packages/@aws-cdk/aws-rum/README.md index bba075a2e768d..8ba5b934fd8f4 100644 --- a/packages/@aws-cdk/aws-rum/README.md +++ b/packages/@aws-cdk/aws-rum/README.md @@ -1,4 +1,4 @@ -# AWS::RUM Construct Library +# Amazon CloudWatch RUM Construct Library --- @@ -9,31 +9,117 @@ > > [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib +![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) + +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. + --- -This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. +## Table of Contents + +- [Introduction](#introduction) + - [App Monitor](#appmonitor) + - [Authorizer](#authorizer) + - [Create a New Cognito ID pool](#use-an-existing-amazon-cognito-identity-pool) + - [Existing Cognito ID pool](#use-an-existing-amazon-cognito-identity-pool) + - [Third-party provider](#use-third-party-provider) + +## Introduction + +With CloudWatch RUM, you can perform real user monitoring to collect and view client-side data about your web application performance +from actual user sessions in near real time. The data that you can visualize and analyze includes page load times, +client-side errors, and user behavior. When you view this data, you can see it all aggregated together and also see breakdowns +by the browsers and devices that your customers use. + +To use RUM, you create an app monitor and provide some information. RUM generates a JavaScript snippet for you to paste into your application. +The snippet pulls in the RUM web client code. The RUM web client captures data from a percentage of your application's user sessions, +which is displayed in a pre-built dashboard. You can specify what percentage of user sessions to gather data from. +For more information, see [Amazon Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM.html). -```ts nofixture -import * as rum from '@aws-cdk/aws-rum'; +This module supports the ability for users to create CloudWatch RUM and retrieve code snippets. + +## App Monitor + +Define an `AppMonitor` in your stack: + +```ts +new AppMonitor(this, 'AppMonitor', { + domain: 'my-website.com' +}); ``` - +### Authorizer -There are no official hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. Here are some suggestions on how to proceed: +To use CloudWatch RUM, your application must have authorization. -- Search [Construct Hub for RUM construct libraries](https://constructs.dev/search?q=rum) -- Use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, in the same way you would use [the CloudFormation AWS::RUM resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_RUM.html) directly. +You have three options to set up authorization: +- Let CloudWatch RUM create a new Amazon Cognito identity pool for the application. This method requires the least effort to set up. It's the default option. +The identity pool will contain an unauthenticated identity. +This allows the CloudWatch RUM web client to send data to CloudWatch RUM without authenticating the user of the application. +The Amazon Cognito identity pool has an attached IAM role. +The Amazon Cognito unauthenticated identity allows the web client to assume the IAM role that is authorized to send data to CloudWatch RUM. +- Use an existing Amazon Cognito identity pool. In this case, you must pass the IAM role as well that is attached to the identity pool. +- Use authentication from an existing identity provider that you have already set up. +In this case, you must get credentials from the identity provider and your application must forward these credentials to the RUM web client. - +#### Creates a new Amazon Cognito identity pool + +By default, AppMonitor creates a new Amazon Cognito identity pool. +This is the simplest option to set up, and if you choose this no further setup steps are required. +You must have administrative permissions to use this option. For more information, +see [IAM policies to use CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-permissions.html). + +```ts +new AppMonitor(this, 'AppMonitor', { + domain: 'my-website.com' +}); +``` -There are no hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. -However, you can still use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, and use this service exactly as you would using CloudFormation directly. +#### Use an existing Amazon Cognito identity pool -For more information on the resources and properties available for this service, see the [CloudFormation documentation for AWS::RUM](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_RUM.html). +If you want to use an existing Amazon Cognito identity pool, +you need to pass the `identityPool` and the `role` that associated with your identity pool. -(Read the [CDK Contributing Guide](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and submit an RFC if you are interested in contributing to this construct library.) +```ts +import * as identitypool from '@aws-cdk/aws-cognito-identitypool'; +import * as iam from '@aws-cdk/aws-iam'; + +declare const identityPool: identitypool.IIdentityPool; +declare const unauthenticatedRole: iam.IRole; + +new AppMonitor(this, 'AppMonitor', { + domain: 'my-website.com', + identityPool, + role: unauthenticatedRole +}); +``` + +#### Use Third-party provider + +If you want to use third-party authenticator, you can only pass a `role` that associated with your identity pool. + +```ts +import * as iam from '@aws-cdk/aws-iam'; + +declare const role: iam.IRole; +new AppMonitor(this, 'AppMonitor', { + domain: 'my-website.com', + role +}); +``` + +Add the following to your application to have it pass the credentials from your provider to CloudWatch RUM. +Insert the line so that it runs after a user has signed in to your application and the application has received the credentials to use to access AWS. + +```js +cwr('setAwsCredentials', {/* Credentials or CredentialProvider */}); +``` - +For more information, see [Amazon Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html#CloudWatch-RUM-get-started-authorization-thirdparty) for to use Third-party provider. diff --git a/packages/@aws-cdk/aws-rum/lib/app-monitor.ts b/packages/@aws-cdk/aws-rum/lib/app-monitor.ts new file mode 100644 index 0000000000000..d76bfc2568d46 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/lib/app-monitor.ts @@ -0,0 +1,279 @@ +import * as identitypool from '@aws-cdk/aws-cognito-identitypool'; +import * as iam from '@aws-cdk/aws-iam'; +import { + Arn, IResource, Lazy, Names, Resource, ResourceProps, +} from '@aws-cdk/core'; + +import { + AwsCustomResource, + AwsCustomResourcePolicy, + AwsSdkCall, + PhysicalResourceId, +} from '@aws-cdk/custom-resources'; +import { Construct } from 'constructs'; +import * as rum from './rum.generated'; + + +/** + * All app monitor telemetories + */ +export enum Telemetry { + /** + * performance indicates that RUM collects performance data about how your application + * and its resources are loaded and rendered. This includes Core Web Vitals. + */ + PERFORMANCE = 'performance', + /** + * errors indicates that RUM collects data about unhandled JavaScript errors raised by your application. + */ + ERRORS = 'errors', + /** + * http indicates that RUM collects data about HTTP errors thrown by your application. + */ + HTTP = 'http', +} + +/** + * Define a RUM app monitor interface. + */ +export interface IAppMonitor extends IResource { + /** + * Returns the app monitor id of this app monitor. + * + * @attribute + */ + readonly appMonitorId: string; + /** + * Returns the ARN of this app monitor. + * + * @attribute + */ + readonly appMonitorArn: string; + /** + * Returns the name of this app monitor. + * + * @attribute + */ + readonly appMonitorName: string; +} + +/** + * Represents an app monitor. + */ +export abstract class AppMonitorBase extends Resource implements IAppMonitor { + private _appMonitor?: AwsCustomResource; + /** + * @internal + */ + protected _resource?: rum.CfnAppMonitor; + constructor(scope: Construct, id: string, props: ResourceProps) { + super(scope, id, props); + } + + public get appMonitorName(): string { + return this.physicalName; + } + + public get appMonitorArn(): string { + return Arn.format( + { + service: 'rum', + resource: 'appmonitor', + resourceName: this.physicalName, + }, + this.stack, + ); + } + + public get appMonitorId(): string { + return this.appMonitor.getResponseField('AppMonitor.Id'); + } + + protected get appMonitor(): AwsCustomResource { + if (!this._appMonitor) { + this._appMonitor = this.createGetAppMonitorCustomResource(); + } + return this._appMonitor; + } + + protected createGetAppMonitorCustomResource(): AwsCustomResource { + const awsRumSdkCall: AwsSdkCall = { + service: 'RUM', + action: 'getAppMonitor', + parameters: { Name: this.physicalName }, + physicalResourceId: PhysicalResourceId.of(this.physicalName), + }; + const customResource = new AwsCustomResource( + this, + 'Custom::GetAppMonitor', + { + resourceType: 'Custom::GetAppMonitor', + policy: AwsCustomResourcePolicy.fromSdkCalls({ + resources: [this.appMonitorArn], + }), + installLatestAwsSdk: true, + onCreate: awsRumSdkCall, + onUpdate: awsRumSdkCall, + }, + ); + if (this._resource) { + customResource.node.addDependency(this._resource); + } + return customResource; + } +} + +/** + * App monitor props. + */ +export interface AppMonitorProps { + /** + * The top-level internet domain name for which your application has administrative authority. + */ + readonly domain: string; + /** + * Name of this app monitor. + * + * @default - generated by CDK + */ + readonly appMonitorName?: string; + /** + * Cognito identity pool that allows the application to send data to this app monitor. + * Set if you are using an existing Cognito identity pool. If you are using a Cognito identity pool imported from outside the stack, you must also configure roles. + * + * @default - If this prop and role are not passed, then create a new one. + */ + readonly identityPool?: identitypool.IIdentityPool; + /** + * Role that allows the application to send data to this app monitor. + * The policy will be added to allow applications to send data to this app monitor. + * + * If you set this Prop but not identityPool, the app monitor will assume you are using a third-party provider + * and will not add the configuration for authentication to the code snippet. + * Please see https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html#CloudWatch-RUM-get-started-authorization-thirdparty. + * + * @default - If this prop and identityPool are not passed, then create a new one. + */ + readonly role?: iam.IRole; + /** + * Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. + * This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. + * This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. + * + * @default false + */ + readonly persistence?: boolean; + /** + * If you set this to true, the CloudWatch RUM web client sets two cookies, + * a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client + * to collect data relating to the number of users an application has and + * the behavior of the application across a sequence of events. + * Cookies are stored in the top-level domain of the current page. + * + * @default false + */ + readonly allowCookies?: boolean; + /** + * If you set this to true, CloudWatch RUM sends client-side traces to X-Ray for each sampled session. + * You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. + * + * @default false + */ + readonly enableXRay?: boolean; + /** + * A list of URLs in your website or application to exclude from RUM data collection. + * + * @default - No exclude pages. + */ + readonly excludedPages?: string[]; + /** + * A list of pages in your application that are to be displayed with a 'favorite' icon in the CloudWatch RUM console. + * + * @default - No favorite pages. + */ + readonly favoritePages?: string[]; + /** + * If this app monitor is to collect data from only certain pages in your application, + * this structure lists those pages. + * You can't include both ExcludedPages and IncludedPages in the same app monitor. + * + * @default - No include pages. + */ + readonly includedPages?: string[]; + /** + * Specifies the portion of user sessions to use for CloudWatch RUM data collection. + * Choosing a higher portion gives you more data but also incurs more costs. + * The range for this value is 0 to 1 inclusive. + * Setting this to 1 means that 100% of user sessions are sampled, + * and setting it to 0.1 means that 10% of user sessions are sampled. + * + * @default 1 + */ + readonly sessionSampleRate?: number; + /** + * An array that lists the types of telemetry data that this app monitor is to collect. + * + * @default [Telemetry.ERRORS, Telemetry.HTTP, Telemetry.PERFORMANCE]. + */ + readonly telemetries?: Telemetry[]; +} + +/** + * Define a new RUM app monitor. + */ +export class AppMonitor extends AppMonitorBase { + constructor(scope: Construct, id: string, props: AppMonitorProps) { + super(scope, id, { + physicalName: props.appMonitorName ?? Lazy.string({ produce: () => Names.uniqueId(this) }), + }); + + // If not passed authorizer, when create a new identity pool. + // This like a to create RUM in management console. + const { identityPool, role } = this.resolveAuthorizer(props.identityPool, props.role); + role.addToPrincipalPolicy(new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + actions: ['rum:PutRumEvents'], + resources: [this.appMonitorArn], + })); + this._resource = new rum.CfnAppMonitor(this, 'AppMonitor', { + name: this.physicalName, + domain: props.domain, + cwLogEnabled: props.persistence, + appMonitorConfiguration: { + allowCookies: props.allowCookies, + enableXRay: props.enableXRay, + excludedPages: props.excludedPages, + favoritePages: props.favoritePages, + includedPages: props.includedPages, + sessionSampleRate: props.sessionSampleRate ?? 1, + telemetries: props.telemetries ?? [Telemetry.ERRORS, Telemetry.HTTP, Telemetry.PERFORMANCE], + identityPoolId: identityPool && role ? identityPool.identityPoolId : undefined, + guestRoleArn: identityPool && role ? role.roleArn : undefined, + }, + }); + } + + private resolveAuthorizer(identityPool?: identitypool.IIdentityPool, role?: iam.IRole): { + identityPool?: identitypool.IIdentityPool + role: iam.IRole, + } { + if (identityPool instanceof identitypool.IdentityPool) { + return { identityPool, role: identityPool.unauthenticatedRole }; + } else if (identityPool && !role) { + throw new Error('if you are passing an imported \'identityPool\', you must also set the \'role\''); + } else if (!role) { + return this.createIdentityPool(); + } + return { identityPool, role }; + } + + private createIdentityPool(): { + identityPool: identitypool.IIdentityPool + role: iam.IRole, + } { + const identityPool = new identitypool.IdentityPool(this, 'IdentityPool', { + allowUnauthenticatedIdentities: true, + }); + return { identityPool, role: identityPool.unauthenticatedRole }; + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/lib/index.ts b/packages/@aws-cdk/aws-rum/lib/index.ts index 0689c0aa0f40b..396643846e092 100644 --- a/packages/@aws-cdk/aws-rum/lib/index.ts +++ b/packages/@aws-cdk/aws-rum/lib/index.ts @@ -1,2 +1,4 @@ +export * from './app-monitor'; + // AWS::RUM CloudFormation Resources: export * from './rum.generated'; diff --git a/packages/@aws-cdk/aws-rum/package.json b/packages/@aws-cdk/aws-rum/package.json index 77dee357c74e6..0c0967b721c6d 100644 --- a/packages/@aws-cdk/aws-rum/package.json +++ b/packages/@aws-cdk/aws-rum/package.json @@ -85,29 +85,47 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assertions": "0.0.0", + "@aws-cdk/aws-cognito-identitypool": "0.0.0", + "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", + "@aws-cdk/core": "0.0.0", + "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/pkglint": "0.0.0", - "@types/jest": "^26.0.24" + "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", + "@types/jest": "^26.0.24", + "constructs": "^10.0.0" }, "dependencies": { + "@aws-cdk/aws-cognito-identitypool": "0.0.0", + "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/custom-resources": "0.0.0", "constructs": "^10.0.0" }, "peerDependencies": { + "@aws-cdk/aws-cognito-identitypool": "0.0.0", + "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/custom-resources": "0.0.0", "constructs": "^10.0.0" }, "engines": { "node": ">= 14.15.0" }, "stability": "experimental", - "maturity": "cfn-only", + "maturity": "experimental", "awscdkio": { "announce": false }, "publishConfig": { "tag": "latest" }, + "awslint": { + "exclude": [ + "from-method:@aws-cdk/aws-rum.AppMonitor" + ] + }, "private": true } diff --git a/packages/@aws-cdk/aws-rum/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-rum/rosetta/default.ts-fixture index e208762bca03c..49f4dc4181dae 100644 --- a/packages/@aws-cdk/aws-rum/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-rum/rosetta/default.ts-fixture @@ -1,8 +1,11 @@ import { Construct } from 'constructs'; import { Stack } from '@aws-cdk/core'; +import { AppMonitor } from '@aws-cdk/aws-rum'; -class MyStack extends Stack { +const cwr = (setAwsCredentials: string, options: any) => {}; +class Fixture extends Stack { constructor(scope: Construct, id: string) { + super(scope, id); /// here } } diff --git a/packages/@aws-cdk/aws-rum/test/app-monitor.test.ts b/packages/@aws-cdk/aws-rum/test/app-monitor.test.ts new file mode 100644 index 0000000000000..4acef2dd33bb3 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/app-monitor.test.ts @@ -0,0 +1,599 @@ +import { Template } from '@aws-cdk/assertions'; +import * as identitypool from '@aws-cdk/aws-cognito-identitypool'; +import * as iam from '@aws-cdk/aws-iam'; +import { Stack } from '@aws-cdk/core'; +import * as rum from '../lib'; + +describe('App monitor', () => { + test('Default app monitor', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + + // The only one identity pool that is automatically generated + template.resourceCountIs('AWS::Cognito::IdentityPool', 1); + template.hasResource('AWS::IAM::Policy', { + Properties: { + PolicyDocument: { + Statement: [ + { + Action: 'rum:PutRumEvents', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':rum:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':appmonitor/MyAppMonitor', + ], + ], + }, + }, + ], + Version: '2012-10-17', + }, + Roles: [ + { + Ref: 'MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', + }, + ], + }, + }); + // The only two roles that is automatically generated for auth and unauth + template.resourceCountIs('AWS::IAM::Role', 2); + }); + + test('App monitor with physical name', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + appMonitorName: 'my-app-monitor', + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'my-app-monitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with persistence will be set CwLogEnabled to true', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + persistence: true, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + CwLogEnabled: true, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with allow cookies', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + allowCookies: true, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + AllowCookies: true, + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with enable X-Ray', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + enableXRay: true, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + EnableXRay: true, + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with exclude pages', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + excludedPages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + ExcludedPages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with include pages', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + includedPages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + IncludedPages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with favorite pages', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + favoritePages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + FavoritePages: ['https://my-website.com/foo', 'https://my-website.com/bar'], + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with session sample rate', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + sessionSampleRate: 0.1, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 0.1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with telemetries', () => { + const stack = new Stack(); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + telemetries: [rum.Telemetry.ERRORS], + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['MyAppMonitorIdentityPoolUnauthenticatedRole1FA96655', 'Arn'], + }, + IdentityPoolId: { + Ref: 'MyAppMonitorIdentityPoolEF658265', + }, + Telemetries: ['errors'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + }); + + test('App monitor with identity pool', () => { + const stack = new Stack(); + const identityPool = new identitypool.IdentityPool(stack, 'ExistIdentityPool'); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + identityPool, + role: identityPool.unauthenticatedRole, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::GetAtt': ['ExistIdentityPoolUnauthenticatedRoleADC46387', 'Arn'], + }, + IdentityPoolId: { + Ref: 'ExistIdentityPool911FDB0C', + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + + // The only one that is manually created + template.resourceCountIs('AWS::Cognito::IdentityPool', 1); + template.hasResource('AWS::Cognito::IdentityPool', {}); + + // Policy generated + template.hasResource('AWS::IAM::Policy', { + Properties: { + PolicyDocument: { + Statement: [ + { + Action: 'rum:PutRumEvents', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':rum:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':appmonitor/MyAppMonitor', + ], + ], + }, + }, + ], + Version: '2012-10-17', + }, + Roles: [ + { + Ref: 'ExistIdentityPoolUnauthenticatedRoleADC46387', + }, + ], + }, + }); + template.resourceCountIs('AWS::IAM::Role', 2); + }); + + test('App monitor with imported identity pool', () => { + const stack = new Stack(); + const identityPool = identitypool.IdentityPool + .fromIdentityPoolId(stack, 'ImportedIdentityPool', `${stack.region}:ImportedIdentityPoolId`); + + expect(() => new rum.AppMonitor(stack, 'MissingRoleAppMonitor', { + domain: 'my-website.com', + identityPool, + })).toThrowError('if you are passing an imported \'identityPool\', you must also set the \'role\''); + + const role = iam.Role.fromRoleName(stack, 'ImportedRole', 'UnauthenticatedRole'); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + identityPool, + role, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + GuestRoleArn: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':iam::', + { + Ref: 'AWS::AccountId', + }, + ':role/UnauthenticatedRole', + ], + ], + }, + IdentityPoolId: { + 'Fn::Join': [ + '', + [ + { + Ref: 'AWS::Region', + }, + ':ImportedIdentityPoolId', + ], + ], + }, + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + + // Policy generated + template.hasResource('AWS::IAM::Policy', { + Properties: { + PolicyDocument: { + Statement: [ + { + Action: 'rum:PutRumEvents', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':rum:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':appmonitor/MyAppMonitor', + ], + ], + }, + }, + ], + Version: '2012-10-17', + }, + Roles: ['UnauthenticatedRole'], + }, + }); + }); + + test('App monitor with third-party provider', () => { + const stack = new Stack(); + const myRole = new iam.Role(stack, 'MyRole', { + assumedBy: new iam.AnyPrincipal(), + }); + new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + role: myRole, + }); + + const template = Template.fromStack(stack); + + template.hasResource('AWS::RUM::AppMonitor', { + Properties: { + AppMonitorConfiguration: { + Telemetries: ['errors', 'http', 'performance'], + SessionSampleRate: 1, + }, + Name: 'MyAppMonitor', + Domain: 'my-website.com', + }, + }); + + // Cognito IdentityPool not created + template.resourceCountIs('AWS::Cognito::IdentityPool', 0); + template.hasResource('AWS::IAM::Policy', { + Properties: { + PolicyDocument: { + Statement: [ + { + Action: 'rum:PutRumEvents', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':rum:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':appmonitor/MyAppMonitor', + ], + ], + }, + }, + ], + Version: '2012-10-17', + }, + Roles: [ + { + Ref: 'MyRoleF48FFE04', + }, + ], + }, + }); + // The only one that is manually created + template.resourceCountIs('AWS::IAM::Role', 1); + }); + + test('Get app monitor ID', () => { + const stack = new Stack(); + const appMonitor = new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + }); + + expect(stack.resolve(appMonitor.appMonitorId)).toEqual({ + 'Fn::GetAtt': ['MyAppMonitorCustomGetAppMonitor15BA2BBF', 'AppMonitor.Id'], + }); + }); + + test('Get app monitor ARN', () => { + const stack = new Stack(); + const appMonitor = new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + }); + + expect(stack.resolve(appMonitor.appMonitorArn)).toEqual({ + 'Fn::Join': [ + '', + [ + 'arn:', { Ref: 'AWS::Partition' }, + ':rum:', { Ref: 'AWS::Region' }, + ':', { Ref: 'AWS::AccountId' }, + ':appmonitor/MyAppMonitor', + ], + ], + }); + }); + + test('Get app monitor Name', () => { + const stack = new Stack(); + const appMonitor = new rum.AppMonitor(stack, 'MyAppMonitor', { + domain: 'my-website.com', + }); + + expect(stack.resolve(appMonitor.appMonitorName)).toEqual('MyAppMonitor'); + }); +}); diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json new file mode 100644 index 0000000000000..d38b919332d46 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json @@ -0,0 +1,19 @@ +{ + "version": "22.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/cdk.out b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/cdk.out new file mode 100644 index 0000000000000..145739f539580 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"22.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.assets.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.assets.json new file mode 100644 index 0000000000000..2d50ce84fc925 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.assets.json @@ -0,0 +1,19 @@ +{ + "version": "22.0.0", + "files": { + "8c425e50a0b54f6e9f94003a64fd785e61e15132ebee5902fc6a2daaf198c147": { + "source": { + "path": "integ-app-monitor.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "8c425e50a0b54f6e9f94003a64fd785e61e15132ebee5902fc6a2daaf198c147.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.template.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.template.json new file mode 100644 index 0000000000000..48c7502d393d1 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ-app-monitor.template.json @@ -0,0 +1,394 @@ +{ + "Resources": { + "DefaultValueAppMonitorIdentityPoolD3418A23": { + "Type": "AWS::Cognito::IdentityPool", + "Properties": { + "AllowUnauthenticatedIdentities": true, + "CognitoIdentityProviders": [] + } + }, + "DefaultValueAppMonitorIdentityPoolAuthenticatedRoleB49490BC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "authenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Description": { + "Fn::Join": [ + "", + [ + "Default Authenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolD3418A23", + "Name" + ] + } + ] + ] + } + } + }, + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "unauthenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Description": { + "Fn::Join": [ + "", + [ + "Default Unauthenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolD3418A23", + "Name" + ] + } + ] + ] + } + } + }, + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleDefaultPolicyD3650374": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "rum:PutRumEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rum:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":appmonitor/integappmonitorDefaultValueAppMonitor7E8C5F05" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleDefaultPolicyD3650374", + "Roles": [ + { + "Ref": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694" + } + ] + } + }, + "DefaultValueAppMonitorIdentityPoolDefaultRoleAttachmentC8E11D44": { + "Type": "AWS::Cognito::IdentityPoolRoleAttachment", + "Properties": { + "IdentityPoolId": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + }, + "Roles": { + "authenticated": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolAuthenticatedRoleB49490BC", + "Arn" + ] + }, + "unauthenticated": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694", + "Arn" + ] + } + } + } + }, + "DefaultValueAppMonitor212AADC5": { + "Type": "AWS::RUM::AppMonitor", + "Properties": { + "Domain": "my-website.com", + "Name": "integappmonitorDefaultValueAppMonitor7E8C5F05", + "AppMonitorConfiguration": { + "GuestRoleArn": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694", + "Arn" + ] + }, + "IdentityPoolId": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + }, + "SessionSampleRate": 1, + "Telemetries": [ + "errors", + "http", + "performance" + ] + } + } + }, + "MyIdentityPool9DBCF48C": { + "Type": "AWS::Cognito::IdentityPool", + "Properties": { + "AllowUnauthenticatedIdentities": false, + "CognitoIdentityProviders": [] + } + }, + "MyIdentityPoolAuthenticatedRoleAE259B88": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "MyIdentityPool9DBCF48C" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "authenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Description": { + "Fn::Join": [ + "", + [ + "Default Authenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "MyIdentityPool9DBCF48C", + "Name" + ] + } + ] + ] + } + } + }, + "MyIdentityPoolUnauthenticatedRole8827D18F": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "MyIdentityPool9DBCF48C" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "unauthenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Description": { + "Fn::Join": [ + "", + [ + "Default Unauthenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "MyIdentityPool9DBCF48C", + "Name" + ] + } + ] + ] + } + } + }, + "MyIdentityPoolUnauthenticatedRoleDefaultPolicy67D891CC": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "rum:PutRumEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rum:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":appmonitor/my-app-monitor" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyIdentityPoolUnauthenticatedRoleDefaultPolicy67D891CC", + "Roles": [ + { + "Ref": "MyIdentityPoolUnauthenticatedRole8827D18F" + } + ] + } + }, + "MyIdentityPoolDefaultRoleAttachmentD367CC64": { + "Type": "AWS::Cognito::IdentityPoolRoleAttachment", + "Properties": { + "IdentityPoolId": { + "Ref": "MyIdentityPool9DBCF48C" + }, + "Roles": { + "authenticated": { + "Fn::GetAtt": [ + "MyIdentityPoolAuthenticatedRoleAE259B88", + "Arn" + ] + }, + "unauthenticated": { + "Fn::GetAtt": [ + "MyIdentityPoolUnauthenticatedRole8827D18F", + "Arn" + ] + } + } + } + }, + "CustomValueAppMonitor730913A4": { + "Type": "AWS::RUM::AppMonitor", + "Properties": { + "Domain": "my-website2.com", + "Name": "my-app-monitor", + "AppMonitorConfiguration": { + "AllowCookies": true, + "EnableXRay": true, + "ExcludedPages": [ + "https://my-website2.com/exclude" + ], + "FavoritePages": [ + "https://my-website2.com/favorite" + ], + "GuestRoleArn": { + "Fn::GetAtt": [ + "MyIdentityPoolUnauthenticatedRole8827D18F", + "Arn" + ] + }, + "IdentityPoolId": { + "Ref": "MyIdentityPool9DBCF48C" + }, + "IncludedPages": [], + "SessionSampleRate": 0.1, + "Telemetries": [] + }, + "CwLogEnabled": true + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ.json new file mode 100644 index 0000000000000..30a22b0cb1fd6 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "22.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "integ-app-monitor" + ], + "assertionStack": "Integ/DefaultTest/DeployAssert", + "assertionStackName": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/manifest.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/manifest.json new file mode 100644 index 0000000000000..67c8d22e828c0 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/manifest.json @@ -0,0 +1,177 @@ +{ + "version": "22.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "integ-app-monitor.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-app-monitor.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-app-monitor": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-app-monitor.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8c425e50a0b54f6e9f94003a64fd785e61e15132ebee5902fc6a2daaf198c147.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-app-monitor.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-app-monitor.assets" + ], + "metadata": { + "/integ-app-monitor/DefaultValueAppMonitor/IdentityPool/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitorIdentityPoolD3418A23" + } + ], + "/integ-app-monitor/DefaultValueAppMonitor/IdentityPool/AuthenticatedRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitorIdentityPoolAuthenticatedRoleB49490BC" + } + ], + "/integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694" + } + ], + "/integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleDefaultPolicyD3650374" + } + ], + "/integ-app-monitor/DefaultValueAppMonitor/IdentityPool/DefaultRoleAttachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitorIdentityPoolDefaultRoleAttachmentC8E11D44" + } + ], + "/integ-app-monitor/DefaultValueAppMonitor/AppMonitor": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultValueAppMonitor212AADC5" + } + ], + "/integ-app-monitor/MyIdentityPool/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyIdentityPool9DBCF48C" + } + ], + "/integ-app-monitor/MyIdentityPool/AuthenticatedRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyIdentityPoolAuthenticatedRoleAE259B88" + } + ], + "/integ-app-monitor/MyIdentityPool/UnauthenticatedRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyIdentityPoolUnauthenticatedRole8827D18F" + } + ], + "/integ-app-monitor/MyIdentityPool/UnauthenticatedRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyIdentityPoolUnauthenticatedRoleDefaultPolicy67D891CC" + } + ], + "/integ-app-monitor/MyIdentityPool/DefaultRoleAttachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyIdentityPoolDefaultRoleAttachmentD367CC64" + } + ], + "/integ-app-monitor/CustomValueAppMonitor/AppMonitor": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomValueAppMonitor730913A4" + } + ], + "/integ-app-monitor/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-app-monitor/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-app-monitor" + }, + "IntegDefaultTestDeployAssert4E6713E1.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IntegDefaultTestDeployAssert4E6713E1.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IntegDefaultTestDeployAssert4E6713E1.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IntegDefaultTestDeployAssert4E6713E1.assets" + ], + "metadata": { + "/Integ/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/tree.json b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/tree.json new file mode 100644 index 0000000000000..539ed6b955cbf --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.js.snapshot/tree.json @@ -0,0 +1,639 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.168" + } + }, + "integ-app-monitor": { + "id": "integ-app-monitor", + "path": "integ-app-monitor", + "children": { + "DefaultValueAppMonitor": { + "id": "DefaultValueAppMonitor", + "path": "integ-app-monitor/DefaultValueAppMonitor", + "children": { + "IdentityPool": { + "id": "IdentityPool", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::IdentityPool", + "aws:cdk:cloudformation:props": { + "allowUnauthenticatedIdentities": true, + "cognitoIdentityProviders": [] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "AuthenticatedRole": { + "id": "AuthenticatedRole", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/AuthenticatedRole", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/AuthenticatedRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "authenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "description": { + "Fn::Join": [ + "", + [ + "Default Authenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolD3418A23", + "Name" + ] + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "UnauthenticatedRole": { + "id": "UnauthenticatedRole", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "unauthenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "description": { + "Fn::Join": [ + "", + [ + "Default Unauthenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolD3418A23", + "Name" + ] + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/UnauthenticatedRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "rum:PutRumEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rum:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":appmonitor/integappmonitorDefaultValueAppMonitor7E8C5F05" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleDefaultPolicyD3650374", + "roles": [ + { + "Ref": "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "DefaultRoleAttachment": { + "id": "DefaultRoleAttachment", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/DefaultRoleAttachment", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/DefaultValueAppMonitor/IdentityPool/DefaultRoleAttachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::IdentityPoolRoleAttachment", + "aws:cdk:cloudformation:props": { + "identityPoolId": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + }, + "roles": { + "authenticated": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolAuthenticatedRoleB49490BC", + "Arn" + ] + }, + "unauthenticated": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694", + "Arn" + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "AppMonitor": { + "id": "AppMonitor", + "path": "integ-app-monitor/DefaultValueAppMonitor/AppMonitor", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RUM::AppMonitor", + "aws:cdk:cloudformation:props": { + "domain": "my-website.com", + "name": "integappmonitorDefaultValueAppMonitor7E8C5F05", + "appMonitorConfiguration": { + "sessionSampleRate": 1, + "telemetries": [ + "errors", + "http", + "performance" + ], + "identityPoolId": { + "Ref": "DefaultValueAppMonitorIdentityPoolD3418A23" + }, + "guestRoleArn": { + "Fn::GetAtt": [ + "DefaultValueAppMonitorIdentityPoolUnauthenticatedRoleF744D694", + "Arn" + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rum.CfnAppMonitor", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rum.AppMonitor", + "version": "0.0.0" + } + }, + "MyIdentityPool": { + "id": "MyIdentityPool", + "path": "integ-app-monitor/MyIdentityPool", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/MyIdentityPool/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::IdentityPool", + "aws:cdk:cloudformation:props": { + "allowUnauthenticatedIdentities": false, + "cognitoIdentityProviders": [] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "AuthenticatedRole": { + "id": "AuthenticatedRole", + "path": "integ-app-monitor/MyIdentityPool/AuthenticatedRole", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/MyIdentityPool/AuthenticatedRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "MyIdentityPool9DBCF48C" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "authenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "description": { + "Fn::Join": [ + "", + [ + "Default Authenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "MyIdentityPool9DBCF48C", + "Name" + ] + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "UnauthenticatedRole": { + "id": "UnauthenticatedRole", + "path": "integ-app-monitor/MyIdentityPool/UnauthenticatedRole", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/MyIdentityPool/UnauthenticatedRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "MyIdentityPool9DBCF48C" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "unauthenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "description": { + "Fn::Join": [ + "", + [ + "Default Unauthenticated Role for Identity Pool ", + { + "Fn::GetAtt": [ + "MyIdentityPool9DBCF48C", + "Name" + ] + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-app-monitor/MyIdentityPool/UnauthenticatedRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/MyIdentityPool/UnauthenticatedRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "rum:PutRumEvents", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":rum:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":appmonitor/my-app-monitor" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyIdentityPoolUnauthenticatedRoleDefaultPolicy67D891CC", + "roles": [ + { + "Ref": "MyIdentityPoolUnauthenticatedRole8827D18F" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "DefaultRoleAttachment": { + "id": "DefaultRoleAttachment", + "path": "integ-app-monitor/MyIdentityPool/DefaultRoleAttachment", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-app-monitor/MyIdentityPool/DefaultRoleAttachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::IdentityPoolRoleAttachment", + "aws:cdk:cloudformation:props": { + "identityPoolId": { + "Ref": "MyIdentityPool9DBCF48C" + }, + "roles": { + "authenticated": { + "Fn::GetAtt": [ + "MyIdentityPoolAuthenticatedRoleAE259B88", + "Arn" + ] + }, + "unauthenticated": { + "Fn::GetAtt": [ + "MyIdentityPoolUnauthenticatedRole8827D18F", + "Arn" + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "CustomValueAppMonitor": { + "id": "CustomValueAppMonitor", + "path": "integ-app-monitor/CustomValueAppMonitor", + "children": { + "AppMonitor": { + "id": "AppMonitor", + "path": "integ-app-monitor/CustomValueAppMonitor/AppMonitor", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RUM::AppMonitor", + "aws:cdk:cloudformation:props": { + "domain": "my-website2.com", + "name": "my-app-monitor", + "appMonitorConfiguration": { + "allowCookies": true, + "enableXRay": true, + "excludedPages": [ + "https://my-website2.com/exclude" + ], + "favoritePages": [ + "https://my-website2.com/favorite" + ], + "includedPages": [], + "sessionSampleRate": 0.1, + "telemetries": [], + "identityPoolId": { + "Ref": "MyIdentityPool9DBCF48C" + }, + "guestRoleArn": { + "Fn::GetAtt": [ + "MyIdentityPoolUnauthenticatedRole8827D18F", + "Arn" + ] + } + }, + "cwLogEnabled": true + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rum.CfnAppMonitor", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-rum.AppMonitor", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.168" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.168" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.168" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rum/test/integ.app-monitor.ts b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.ts new file mode 100644 index 0000000000000..1b56ed9602249 --- /dev/null +++ b/packages/@aws-cdk/aws-rum/test/integ.app-monitor.ts @@ -0,0 +1,30 @@ +import * as identitypool from '@aws-cdk/aws-cognito-identitypool'; +import { App, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import * as rum from '../lib'; + +const app = new App(); + +const stack = new Stack(app, 'integ-app-monitor'); + +new rum.AppMonitor(stack, 'DefaultValueAppMonitor', { + domain: 'my-website.com', +}); + +const myIdentityPool = new identitypool.IdentityPool(stack, 'MyIdentityPool'); +new rum.AppMonitor(stack, 'CustomValueAppMonitor', { + domain: 'my-website2.com', + appMonitorName: 'my-app-monitor', + identityPool: myIdentityPool, + role: myIdentityPool.unauthenticatedRole, + persistence: true, + allowCookies: true, + enableXRay: true, + excludedPages: ['https://my-website2.com/exclude'], + favoritePages: ['https://my-website2.com/favorite'], + includedPages: [], + sessionSampleRate: 0.1, + telemetries: [], +}); + +new IntegTest(app, 'Integ', { testCases: [stack] }); diff --git a/packages/@aws-cdk/aws-rum/test/rum.test.ts b/packages/@aws-cdk/aws-rum/test/rum.test.ts deleted file mode 100644 index 465c7bdea0693..0000000000000 --- a/packages/@aws-cdk/aws-rum/test/rum.test.ts +++ /dev/null @@ -1,6 +0,0 @@ -import '@aws-cdk/assertions'; -import {} from '../lib'; - -test('No tests are specified for this package', () => { - expect(true).toBe(true); -}); diff --git a/tools/@aws-cdk/pkglint/lib/rules.ts b/tools/@aws-cdk/pkglint/lib/rules.ts index 5a921a7d27dbc..f5f9d3a1a9741 100644 --- a/tools/@aws-cdk/pkglint/lib/rules.ts +++ b/tools/@aws-cdk/pkglint/lib/rules.ts @@ -1722,6 +1722,7 @@ export class NoExperimentalDependents extends ValidationRule { ['@aws-cdk/aws-kinesisfirehose-destinations', ['@aws-cdk/aws-kinesisfirehose']], ['@aws-cdk/aws-iot-actions', ['@aws-cdk/aws-iot', '@aws-cdk/aws-kinesisfirehose', '@aws-cdk/aws-iotevents']], ['@aws-cdk/aws-iotevents-actions', ['@aws-cdk/aws-iotevents']], + ['@aws-cdk/aws-rum', ['@aws-cdk/aws-cognito-identitypool']], ]); private readonly excludedModules = ['@aws-cdk/cloudformation-include'];