From a70e7473abfdadd2227f63a598f37bcd29870a9e Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Wed, 10 Jul 2024 02:43:13 +0000 Subject: [PATCH 1/3] fix(stepfunctions): allow "disable" x-ray --- .../aws-stepfunctions/lib/state-machine.ts | 34 +++++++++++-------- .../test/state-machine.test.ts | 19 +++++++++++ 2 files changed, 39 insertions(+), 14 deletions(-) diff --git a/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts b/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts index a7636ec6c14a4..83465bf354e54 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts @@ -457,7 +457,7 @@ export class StateMachine extends StateMachineBase { stateMachineType: props.stateMachineType ?? undefined, roleArn: this.role.roleArn, loggingConfiguration: props.logs ? this.buildLoggingConfiguration(props.logs) : undefined, - tracingConfiguration: props.tracingEnabled ? this.buildTracingConfiguration() : undefined, + tracingConfiguration: this.buildTracingConfiguration(props.tracingEnabled), ...definitionBody.bind(this, this.role, props, graph), definitionSubstitutions: props.definitionSubstitutions, }); @@ -532,21 +532,27 @@ export class StateMachine extends StateMachineBase { }; } - private buildTracingConfiguration(): CfnStateMachine.TracingConfigurationProperty { - this.addToRolePolicy(new iam.PolicyStatement({ - // https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#xray-permissions-resources - // https://docs.aws.amazon.com/step-functions/latest/dg/xray-iam.html - actions: [ - 'xray:PutTraceSegments', - 'xray:PutTelemetryRecords', - 'xray:GetSamplingRules', - 'xray:GetSamplingTargets', - ], - resources: ['*'], - })); + private buildTracingConfiguration(isTracing?: boolean): CfnStateMachine.TracingConfigurationProperty | undefined { + if (isTracing === undefined) { + return undefined; + } + + if (isTracing) { + this.addToRolePolicy(new iam.PolicyStatement({ + // https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#xray-permissions-resources + // https://docs.aws.amazon.com/step-functions/latest/dg/xray-iam.html + actions: [ + 'xray:PutTraceSegments', + 'xray:PutTelemetryRecords', + 'xray:GetSamplingRules', + 'xray:GetSamplingTargets', + ], + resources: ['*'], + })); + } return { - enabled: true, + enabled: isTracing, }; } } diff --git a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts index c60c05105c649..2f7d0f8e46afd 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts @@ -348,6 +348,25 @@ describe('State Machine', () => { }); }); + test('disable tracing configuration', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new sfn.StateMachine(stack, 'MyStateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(sfn.Chain.start(new sfn.Pass(stack, 'Pass'))), + tracingEnabled: false, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::StepFunctions::StateMachine', { + DefinitionString: '{"StartAt":"Pass","States":{"Pass":{"Type":"Pass","End":true}}}', + TracingConfiguration: { + Enabled: false, + }, + }); + }); + test('grant access', () => { // GIVEN const stack = new cdk.Stack(); From cb436da2feac0017d6a713b02bca6df6b7ca0626 Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Wed, 10 Jul 2024 03:28:19 +0000 Subject: [PATCH 2/3] add test --- .../test/integ.state-machine-disable-xray.ts | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts new file mode 100644 index 0000000000000..1a62b230f5b5c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts @@ -0,0 +1,25 @@ +import * as iam from 'aws-cdk-lib/aws-iam'; +import * as cdk from 'aws-cdk-lib'; +import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; +/* + * Stack verification steps: + * + * -- aws stepfunctions describe-state-machine --state-machine-arn has a status of `ACTIVE` + * -- aws iam get-role-policy --role-name --policy-name has all actions mapped to respective resources. + */ +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-stepfunctions-integ'); + +// const role = new iam.Role(stack, 'Role', { +// assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), +// }); + +const stateMachine = new sfn.StateMachine(stack, 'StateMachine', { + comment: 'a super cool state machine', + tracingEnabled: false, +}); + +// stateMachine.grantRead(role); +// stateMachine.grant(role, 'states:SendTaskSuccess'); + +app.synth(); From 83d7608567a02a10157b083fcd3237a39f35cca8 Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Mon, 29 Jul 2024 15:16:28 +0000 Subject: [PATCH 3/3] adding snapshot --- ...efaultTestDeployAssert24D3F33C.assets.json | 19 ++ ...aultTestDeployAssert24D3F33C.template.json | 36 ++++ .../aws-stepfunctions-integ.assets.json | 19 ++ .../aws-stepfunctions-integ.template.json | 75 +++++++ .../cdk.out | 1 + .../integ.json | 12 ++ .../manifest.json | 119 +++++++++++ .../tree.json | 185 ++++++++++++++++++ .../test/integ.state-machine-disable-xray.ts | 21 +- 9 files changed, 471 insertions(+), 16 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/tree.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets.json new file mode 100644 index 0000000000000..2b8efe2b912dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.assets.json new file mode 100644 index 0000000000000..2068c7a0b9b72 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "7ba8b87b0747e6c3e548e85d4dd454f09746ed79a29633c3e0fbb869281f9406": { + "source": { + "path": "aws-stepfunctions-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "7ba8b87b0747e6c3e548e85d4dd454f09746ed79a29633c3e0fbb869281f9406.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.template.json new file mode 100644 index 0000000000000..2f96776c49591 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/aws-stepfunctions-integ.template.json @@ -0,0 +1,75 @@ +{ + "Resources": { + "StateMachineRoleB840431D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachine2E01A3A5": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": "{\"StartAt\":\"StartState\",\"States\":{\"StartState\":{\"Type\":\"Pass\",\"End\":true}},\"Comment\":\"a super cool state machine\"}", + "RoleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + }, + "TracingConfiguration": { + "Enabled": false + } + }, + "DependsOn": [ + "StateMachineRoleB840431D" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/integ.json new file mode 100644 index 0000000000000..9888945e3632b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "StateMachineDisableXray/DefaultTest": { + "stacks": [ + "aws-stepfunctions-integ" + ], + "assertionStack": "StateMachineDisableXray/DefaultTest/DeployAssert", + "assertionStackName": "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/manifest.json new file mode 100644 index 0000000000000..0d630730497f9 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "36.0.0", + "artifacts": { + "aws-stepfunctions-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-stepfunctions-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-stepfunctions-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-stepfunctions-integ.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7ba8b87b0747e6c3e548e85d4dd454f09746ed79a29633c3e0fbb869281f9406.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-stepfunctions-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-stepfunctions-integ.assets" + ], + "metadata": { + "/aws-stepfunctions-integ/StateMachine/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineRoleB840431D" + } + ], + "/aws-stepfunctions-integ/StateMachine/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachine2E01A3A5" + } + ], + "/aws-stepfunctions-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-stepfunctions-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-stepfunctions-integ" + }, + "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "StateMachineDisableXrayDefaultTestDeployAssert24D3F33C.assets" + ], + "metadata": { + "/StateMachineDisableXray/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/StateMachineDisableXray/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "StateMachineDisableXray/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/tree.json new file mode 100644 index 0000000000000..9bb1895ae1923 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.js.snapshot/tree.json @@ -0,0 +1,185 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-stepfunctions-integ": { + "id": "aws-stepfunctions-integ", + "path": "aws-stepfunctions-integ", + "children": { + "StartState": { + "id": "StartState", + "path": "aws-stepfunctions-integ/StartState", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.Pass", + "version": "0.0.0" + } + }, + "StateMachine": { + "id": "StateMachine", + "path": "aws-stepfunctions-integ/StateMachine", + "children": { + "Role": { + "id": "Role", + "path": "aws-stepfunctions-integ/StateMachine/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "aws-stepfunctions-integ/StateMachine/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachine/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachine/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": "{\"StartAt\":\"StartState\",\"States\":{\"StartState\":{\"Type\":\"Pass\",\"End\":true}},\"Comment\":\"a super cool state machine\"}", + "roleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + }, + "tracingConfiguration": { + "enabled": false + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-stepfunctions-integ/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-stepfunctions-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "StateMachineDisableXray": { + "id": "StateMachineDisableXray", + "path": "StateMachineDisableXray", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "StateMachineDisableXray/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "StateMachineDisableXray/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "StateMachineDisableXray/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "StateMachineDisableXray/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "StateMachineDisableXray/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts index 1a62b230f5b5c..4196d8ed1239d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-disable-xray.ts @@ -1,25 +1,14 @@ -import * as iam from 'aws-cdk-lib/aws-iam'; import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; -/* - * Stack verification steps: - * - * -- aws stepfunctions describe-state-machine --state-machine-arn has a status of `ACTIVE` - * -- aws iam get-role-policy --role-name --policy-name has all actions mapped to respective resources. - */ + const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-stepfunctions-integ'); -// const role = new iam.Role(stack, 'Role', { -// assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), -// }); - -const stateMachine = new sfn.StateMachine(stack, 'StateMachine', { +new sfn.StateMachine(stack, 'StateMachine', { comment: 'a super cool state machine', + definition: new sfn.Pass(stack, 'StartState'), tracingEnabled: false, }); -// stateMachine.grantRead(role); -// stateMachine.grant(role, 'states:SendTaskSuccess'); - -app.synth(); +new IntegTest(app, 'StateMachineDisableXray', { testCases: [stack] });