feat(synthetics): lifecycle rules for auto-generated artifact buckets

packages/@aws-cdk/aws-synthetics/README.md

@@ -220,3 +220,53 @@ new cloudwatch.Alarm(this, 'CanaryAlarm', {
  comparisonOperator: cloudwatch.ComparisonOperator.LESS_THAN_THRESHOLD,
 });
 ```
+
+### Artifacts
+
+You can pass an S3 bucket to store artifacts from canary runs. If you do not, one will be auto-generated when the canary is created. You may add [lifecycle rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) to the auto-generated bucket.
+
+Artifact bucket examples:
+
+```typescript
+// Auto-generated bucket with lifecycle rules.
+const canary = new synthetics.Canary(this, 'MyCanary', {
+ schedule: synthetics.Schedule.rate(Duration.minutes(5)),
+ test: synthetics.Test.custom({
+ code: synthetics.Code.fromAsset(path.join(__dirname, 'canary')),
+ handler: 'index.handler',
+ }),
+ runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_3_8,
+ environmentVariables: {
+ stage: 'prod',
+ },
+ artifactsBucketLifecycleRules: [
+ {
+ expiration: Duration.days(30),
+ }, 
+ ]
+});
+
+// Custom bucket as artifact bucket.
+import * as s3 from '@aws-cdk/aws-s3';
+
+const bucket = new s3.Bucket(this, 'MyArtifactsBucket', {
+ encryption: s3.BucketEncryption.KMS_MANAGED,
+ enforceSSL: true,
+});
+
+const canary = new synthetics.Canary(this, 'MyCanary', {
+ schedule: synthetics.Schedule.rate(Duration.minutes(5)),
+ test: synthetics.Test.custom({
+ code: synthetics.Code.fromAsset(path.join(__dirname, 'canary')),
+ handler: 'index.handler',
+ }),
+ runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_3_8,
+ environmentVariables: {
+ stage: 'prod',
+ },
+ artifactsBucketLocation: {
+ bucket: bucket,
+ }
+});
+```
+

packages/@aws-cdk/aws-synthetics/lib/canary.ts

@@ -88,6 +88,16 @@ export interface ArtifactsBucketLocation {
  * Properties for a canary
  */
 export interface CanaryProps {
+ /**
+ * Lifecycle rules for the generated canary artifact bucket. Has no effect
+ * if a bucket is passed to `artifactsBucketLocation`. If you pass a bucket
+ * to `artifactsBucketLocation`, you can add lifecycle rules to the bucket
+ * itself.
+ *
+ * @default - no rules applied to the generated bucket.
+ */
+ readonly artifactsBucketLifecycleRules?: Array<s3.LifecycleRule>;
+
  /**
  * The s3 location that stores the data of the canary runs.
  *
@@ -260,6 +270,7 @@ export class Canary extends cdk.Resource implements ec2.IConnectable {
  this.artifactsBucket = props.artifactsBucketLocation?.bucket ?? new s3.Bucket(this, 'ArtifactsBucket', {
  encryption: s3.BucketEncryption.KMS_MANAGED,
  enforceSSL: true,
+ lifecycleRules: props.artifactsBucketLifecycleRules,
  });
 
  this.role = props.role ?? this.createDefaultRole(props);

packages/@aws-cdk/aws-synthetics/test/canary.test.ts

@@ -151,6 +151,37 @@ test('An existing bucket and prefix can be specified instead of auto-created', (
  });
 });
 
+test('An auto-generated bucket has lifecycle rules', () => {
+ // GIVEN
+ const stack = new Stack();
+ const lifecycleRules: Array<s3.LifecycleRule> = [
+ {
+ expiration: Duration.days(30),
+ },
+ ];
+
+ // WHEN
+ new synthetics.Canary(stack, 'Canary', {
+ artifactsBucketLifecycleRules: lifecycleRules,
+ test: synthetics.Test.custom({
+ handler: 'index.handler',
+ code: synthetics.Code.fromInline('/* Synthetics handler code */'),
+ }),
+ runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_3_8,
+ });
+
+ // THEN
+ Template.fromStack(stack).hasResourceProperties('AWS::S3::Bucket', {
+ LifecycleConfiguration: {
+ Rules: [
+ {
+ ExpirationInDays: 30,
+ },
+ ],
+ },
+ });
+});
+
 test('Runtime can be specified', () => {
  // GIVEN
  const stack = new Stack();

packages/@aws-cdk/aws-synthetics/test/integ.canary.js.snapshot/canary-one.assets.json

@@ -27,15 +27,15 @@
  }
  }
  },
- "32cb6cc1550e67ae5e77eb85a64192d2aa44c328b778079b139e3965fb042575": {
+ "118dbbafbcc45f72b55290773ddb91e44b138ccf366add6c1c5c74c2235fec37": {
  "source": {
  "path": "canary-one.template.json",
  "packaging": "file"
  },
  "destinations": {
  "current_account-current_region": {
  "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "32cb6cc1550e67ae5e77eb85a64192d2aa44c328b778079b139e3965fb042575.json",
+ "objectKey": "118dbbafbcc45f72b55290773ddb91e44b138ccf366add6c1c5c74c2235fec37.json",
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
  }
  }

packages/@aws-cdk/aws-synthetics/test/integ.canary.js.snapshot/canary-one.template.json

@@ -148,6 +148,14 @@
  }
  }
  ]
+ },
+ "LifecycleConfiguration": {
+ "Rules": [
+ {
+ "ExpirationInDays": 30,
+ "Status": "Enabled"
+ }
+ ]
  }
  },
  "UpdateReplacePolicy": "Retain",

packages/@aws-cdk/aws-synthetics/test/integ.canary.js.snapshot/manifest.json

@@ -1,12 +1,6 @@
 {
  "version": "21.0.0",
  "artifacts": {
- "Tree": {
- "type": "cdk:tree",
- "properties": {
- "file": "tree.json"
- }
- },
  "canary-one.assets": {
  "type": "cdk:asset-manifest",
  "properties": {
@@ -23,7 +17,7 @@
  "validateOnSynth": false,
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
  "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/32cb6cc1550e67ae5e77eb85a64192d2aa44c328b778079b139e3965fb042575.json",
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/118dbbafbcc45f72b55290773ddb91e44b138ccf366add6c1c5c74c2235fec37.json",
  "requiresBootstrapStackVersion": 6,
  "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
  "additionalDependencies": [
@@ -215,6 +209,12 @@
  ]
  },
  "displayName": "canary-one"
+ },
+ "Tree": {
+ "type": "cdk:tree",
+ "properties": {
+ "file": "tree.json"
+ }
  }
  }
 }

packages/@aws-cdk/aws-synthetics/test/integ.canary.js.snapshot/tree.json

@@ -4,14 +4,6 @@
  "id": "App",
  "path": "",
  "children": {
- "Tree": {
- "id": "Tree",
- "path": "Tree",
- "constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.133"
- }
- },
  "canary-one": {
  "id": "canary-one",
  "path": "canary-one",
@@ -228,6 +220,14 @@
  }
  }
  ]
+ },
+ "lifecycleConfiguration": {
+ "rules": [
+ {
+ "expirationInDays": 30,
+ "status": "Enabled"
+ }
+ ]
  }
  }
  },
@@ -1963,12 +1963,36 @@
  "fqn": "@aws-cdk/aws-synthetics.Canary",
  "version": "0.0.0"
  }
+ },
+ "BootstrapVersion": {
+ "id": "BootstrapVersion",
+ "path": "canary-one/BootstrapVersion",
+ "constructInfo": {
+ "fqn": "@aws-cdk/core.CfnParameter",
+ "version": "0.0.0"
+ }
+ },
+ "CheckBootstrapVersion": {
+ "id": "CheckBootstrapVersion",
+ "path": "canary-one/CheckBootstrapVersion",
+ "constructInfo": {
+ "fqn": "@aws-cdk/core.CfnRule",
+ "version": "0.0.0"
+ }
  }
  },
  "constructInfo": {
  "fqn": "@aws-cdk/core.Stack",
  "version": "0.0.0"
  }
+ },
+ "Tree": {
+ "id": "Tree",
+ "path": "Tree",
+ "constructInfo": {
+ "fqn": "constructs.Construct",
+ "version": "10.1.140"
+ }
  }
  },
  "constructInfo": {

packages/@aws-cdk/aws-synthetics/test/integ.canary.ts

@@ -41,6 +41,11 @@ new synthetics.Canary(stack, 'MyCanaryOne', {
  code: synthetics.Code.fromAsset(path.join(__dirname, 'canaries')),
  }),
  runtime: synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_3_2,
+ artifactsBucketLifecycleRules: [
+ {
+ expiration: cdk.Duration.days(30),
+ },
+ ],
 });
 
 new synthetics.Canary(stack, 'MyCanaryTwo', {