feat(core): automatic cross stack, cross region references (under feature flag)

packages/@aws-cdk/aws-cloudformation/package.json

@@ -85,6 +85,7 @@
     "@aws-cdk/aws-ssm": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/integ-runner": "0.0.0",
+    "@aws-cdk/integ-tests": "0.0.0",
     "@aws-cdk/cfn2ts": "0.0.0",
     "@aws-cdk/pkglint": "0.0.0",
     "@types/aws-lambda": "^8.10.104",

packages/@aws-cdk/aws-cloudformation/test/core-cross-region-references.integ.snapshot/asset.81ce50203f1ecfd42920cc23099e4751011d8596f9eb0671f9b703f703b1c989/index.d.ts

@@ -0,0 +1 @@
+export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise<void>;

packages/@aws-cdk/aws-cloudformation/test/core-cross-region-references.integ.snapshot/asset.81ce50203f1ecfd42920cc23099e4751011d8596f9eb0671f9b703f703b1c989/index.ts

@@ -0,0 +1,98 @@
+/*eslint-disable no-console*/
+/* eslint-disable import/no-extraneous-dependencies */
+import { SSM } from 'aws-sdk';
+const SSM_EXPORT_PATH = '/cdk/exports/';
+type CrossRegionExports = { [exportName: string]: string };
+
+export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) {
+  const props = event.ResourceProperties;
+  const exports: CrossRegionExports = props.Exports;
+
+  const ssm = new SSM({ region: props.Region });
+  try {
+    switch (event.RequestType) {
+      case 'Create':
+        console.info(`Creating new SSM Parameter exports in region ${props.Region}`);
+        await putParameters(ssm, exports);
+        return;
+      case 'Update':
+        console.info(`Reading existing SSM Parameter exports in region ${props.Region}`);
+        const existing = await getExistingParameters(ssm);
+        const paramsToDelete = returnMissing(existing, exports);
+        console.info(`Deleting unused SSM Parameter exports in region ${props.Region}`);
+        if (paramsToDelete.length > 0) {
+          await ssm.deleteParameters({
+            Names: paramsToDelete,
+          }).promise();
+        }
+        console.info(`Creating new SSM Parameter exports in region ${props.Region}`);
+        await putParameters(ssm, exports);
+        return;
+      case 'Delete':
+        console.info(`Reading existing SSM Parameter exports in region ${props.Region}`);
+        const existingParams = await getExistingParameters(ssm);
+        console.info(`Deleting all SSM Parameter exports in region ${props.Region}`);
+        await ssm.deleteParameters({
+          Names: Array.from(Object.keys(existingParams)),
+        }).promise();
+        return;
+      default:
+        return;
+    }
+  } catch (e) {
+    console.error('Error processing event: ', e);
+    throw e;
+  }
+};
+
+/**
+ * Create parameters for existing exports
+ */
+async function putParameters(ssm: SSM, parameters: CrossRegionExports): Promise<void> {
+  await Promise.all(Array.from(Object.entries(parameters), ([name, value]) => {
+    return ssm.putParameter({
+      Name: `${SSM_EXPORT_PATH}${name}`,
+      Value: value,
+      Type: 'String',
+    }).promise();
+  }));
+}
+
+function returnMissing(a: CrossRegionExports, b: CrossRegionExports): string[] {
+  const missing: string[] = [];
+  for (const name of Object.keys(a)) {
+    if (!b.hasOwnProperty(name)) {
+      missing.push(name);
+    }
+  }
+  return missing;
+}
+
+/**
+ * Get existing exports from SSM parameters
+ */
+async function getExistingParameters(ssm: SSM): Promise<CrossRegionExports> {
+  const existingExports: CrossRegionExports = {};
+  function recordParameters(parameters: SSM.ParameterList) {
+    parameters.forEach(param => {
+      if (param.Name && param.Value) {
+        existingExports[param.Name] = param.Value;
+      }
+    });
+  }
+  const res = await ssm.getParametersByPath({
+    Path: `${SSM_EXPORT_PATH}`,
+  }).promise();
+  recordParameters(res.Parameters ?? []);
+
+  while (res.NextToken) {
+    const nextRes = await ssm.getParametersByPath({
+      Path: `${SSM_EXPORT_PATH}`,
+      NextToken: res.NextToken,
+    }).promise();
+    recordParameters(nextRes.Parameters ?? []);
+    res.NextToken = nextRes.NextToken;
+  }
+  return existingExports;
+}
+

packages/@aws-cdk/aws-cloudformation/test/core-cross-region-references.integ.snapshot/cdk.out

@@ -0,0 +1 @@
+{"version":"21.0.0"}

packages/@aws-cdk/aws-cloudformation/test/core-cross-region-references.integ.snapshot/cross-region-consumer.assets.json

@@ -0,0 +1,34 @@
+{
+  "version": "21.0.0",
+  "files": {
+    "61c5467a13581c441143dacb7d8878bb691678bb777668c0d4bbf28d05538404": {
+      "source": {
+        "path": "crossregionconsumerIntegNested815BEF8A.nested.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-us-east-2": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-2",
+          "objectKey": "61c5467a13581c441143dacb7d8878bb691678bb777668c0d4bbf28d05538404.json",
+          "region": "us-east-2",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-2"
+        }
+      }
+    },
+    "073479a1920f44222959fc9231ad62d389ab3fe14dc0a6cdc14a3f1f54fb8dfc": {
+      "source": {
+        "path": "cross-region-consumer.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-us-east-2": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-2",
+          "objectKey": "073479a1920f44222959fc9231ad62d389ab3fe14dc0a6cdc14a3f1f54fb8dfc.json",
+          "region": "us-east-2",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-us-east-2"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}

packages/@aws-cdk/aws-cloudformation/test/core-cross-region-references.integ.snapshot/cross-region-consumer.template.json

@@ -0,0 +1,77 @@
+{
+ "Resources": {
+  "IntegNestedNestedStackIntegNestedNestedStackResource168C5881": {
+   "Type": "AWS::CloudFormation::Stack",
+   "Properties": {
+    "TemplateURL": {
+     "Fn::Join": [
+      "",
+      [
+       "https://s3.us-east-2.",
+       {
+        "Ref": "AWS::URLSuffix"
+       },
+       "/",
+       {
+        "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-2"
+       },
+       "/61c5467a13581c441143dacb7d8878bb691678bb777668c0d4bbf28d05538404.json"
+      ]
+     ]
+    }
+   },
+   "UpdateReplacePolicy": "Delete",
+   "DeletionPolicy": "Delete"
+  },
+  "IntegParameter02A1817A4": {
+   "Type": "AWS::SSM::Parameter",
+   "Properties": {
+    "Type": "String",
+    "Value": "{{resolve:ssm:/cdk/exports/cross-region-producer-IntegQueueFnGetAttIntegQueue3A18718AQueueName6E52E429}}",
+    "Name": "integ-parameter0"
+   }
+  },
+  "IntegParameter1EDBEF1C6": {
+   "Type": "AWS::SSM::Parameter",
+   "Properties": {
+    "Type": "String",
+    "Value": "{{resolve:ssm:/cdk/exports/cross-region-producer-IntegNestedNestedStackIntegNestedNestedStackResourceFnGetAttIntegNestedNestedStackIntegNestedNestedStackResource168C5881OutputscrossregionproducerIntegNestedNestedIntegQueueD686DB69QueueNameC3296698}}",
+    "Name": "integ-parameter1"
+   }
+  }
+ },
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}