Update to version v1.58.0

Author: hnishar

.viperlightignore

@@ -0,0 +1,21 @@
+# This file is used by Viperlight utility to override findings (false alarm)
+dist/
+coverage/
+node_modules/
+deployment/publishing/nuget/publish.sh:43
+deployment/publishing/nuget/publish.sh:44
+source/use_cases/aws-serverless-web-app/test/integ.backend-deployment.expected.json:180
+source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.expected.json:140
+source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.expected.json:140
+source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json:121
+source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json:140
+CODE_OF_CONDUCT.md:4
+CONTRIBUTING.md:206
+source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.ts:118
+source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json:41
+source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.expected.json:90
+source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.expected.json:90
+source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json:163
+source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json:179
+source/tools/cdk-integ-tools/package-lock.json:373
+source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.js:115

.viperlightrc

@@ -0,0 +1,4 @@
+{
+  "failOn": "medium",
+  "all": true
+}

CHANGELOG.md

@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.58.0] - 2020-08-14
+
+### Changed
+- Upgraded all patterns to CDK v1.58.0
+- Fix `aws-apigateway-sqs` pattern bug with overriding `apiGatewayProps` ([#37](https://github.com/awslabs/aws-solutions-constructs/issues/37))
+- Updated `aws-cloudfront-apigateway` and `aws-cloudfront-apigateway-lambda` patterns to deploy unauthenticated APIs
+- [All *-dynamodb-* patterns] Enable continuous backups and point-in-time recovery for DynamoDB Table ([#35](https://github.com/awslabs/aws-solutions-constructs/issues/35))
+- Removed the default Cognito UserPool SMS role creation ([#9513](https://github.com/aws/aws-cdk/pull/9513))
+
 ## [1.57.0] - 2020-08-07
 
 ### Changed

CONTRIBUTING.md

@@ -149,20 +149,25 @@ BREAKING CHANGE: Description of what broke and how to achieve this behavior now
 
 ### Step 5: Pull Request
 
-* Push to a GitHub fork or to a branch (naming convention: `<user>/<feature-bug-name>`)
+* Push to a GitHub fork
 * Submit a Pull Requests on GitHub.
-* Please follow the PR checklist written below. We trust our contributors to self-check, and this helps that process!
+* Please follow the PR checklist written above. We trust our contributors to self-check, and this helps that process!
 * Discuss review comments and iterate until you get at least one “Approve”. When iterating, push new commits to the
   same branch. Usually all these are going to be squashed when you merge to master. The commit messages should be hints
   for you when you finalize your merge commit message.
 * Make sure to update the PR title/description if things change. The PR title/description are going to be used as the
   commit title/message and will appear in the CHANGELOG, so maintain them all the way throughout the process.
+* Make sure your PR builds successfully (we have CodeBuild setup to automatically build all PRs)
 
+#### CodeBuild Build steps
 
+The CodeBuild runs through the following build steps:
+* Content scanning using Viperlight utility. It is a security, vulnerability and general risk highlighting tool. The source code for utility is located [here](https://s3.amazonaws.com/viperlight-scanner/latest/viperlight.zip) It uses [.viperlightignore](https://github.com/awslabs/aws-solutions-constructs/blob/master/.viperlightignore) to override any false alarms.
+* Build/validate/package all the constructs in the library
+* Scan the Cloudformation templates generated by [Integration Tests](https://github.com/awslabs/aws-solutions-constructs/blob/master/CONTRIBUTING.md#integration-tests) using (cfn_nag)[https://github.com/stelligent/cfn_nag]
 
 ### Step 6: Merge
 
-* Make sure your PR builds successfully (we have CodeBuild setup to automatically build all PRs)
 * Once approved and tested, a maintainer will squash-merge to master and will use your PR title/description as the
   commit message.
 

source/lerna.json

@@ -6,5 +6,5 @@
     "./patterns/@aws-solutions-constructs/*"
   ],
   "rejectCycles": "true",
-  "version": "1.57.0"
+  "version": "1.58.0"
 }

source/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aws-solutions-constructs",
-  "version": "1.57.0",
+  "version": "1.58.0",
   "description": "AWS Solutions Constructs Library",
   "repository": {
     "type": "git",

source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/README.md

@@ -87,6 +87,7 @@ Out of the box implementation of the Construct without any override will set the
 * Enable server-side encryption for DynamoDB Table using AWS managed KMS Key
 * Creates a partition key called 'id' for DynamoDB Table
 * Retain the Table when deleting the CloudFormation stack
+* Enable continuous backups and point-in-time recovery
 
 ## Architecture
 ![Architecture Diagram](architecture.png)

source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/lib/index.ts

@@ -126,25 +126,53 @@ export class ApiGatewayToDynamoDB extends Construct {
     if (props.allowCreateOperation && props.allowCreateOperation === true && props.createRequestTemplate) {
       const createRequestTemplate = props.createRequestTemplate.replace("${Table}", this.dynamoTable.tableName);
       this.addActionToPolicy("dynamodb:PutItem");
-      this.addMethod(this.apiGateway.root, createRequestTemplate, "PutItem", "POST");
+      defaults.addProxyMethodToApiResource({
+        service: "dynamodb",
+        action: "PutItem",
+        apiGatewayRole: this.apiGatewayRole,
+        apiMethod: "POST",
+        apiResource: this.apiGateway.root,
+        requestTemplate: createRequestTemplate
+      });
     }
     // Read
     if (!props.allowReadOperation || props.allowReadOperation === true) {
       const getRequestTemplate = "{\r\n\"TableName\": \"" + this.dynamoTable.tableName + "\",\r\n \"KeyConditionExpression\": \"" + partitionKeyName + " = :v1\",\r\n    \"ExpressionAttributeValues\": {\r\n        \":v1\": {\r\n            \"S\": \"$input.params('" + partitionKeyName + "')\"\r\n        }\r\n    }\r\n}";
       this.addActionToPolicy("dynamodb:Query");
-      this.addMethod(apiGatewayResource, getRequestTemplate, "Query", "GET");
+      defaults.addProxyMethodToApiResource({
+        service: "dynamodb",
+        action: "Query",
+        apiGatewayRole: this.apiGatewayRole,
+        apiMethod: "GET",
+        apiResource: apiGatewayResource,
+        requestTemplate: getRequestTemplate
+      });
     }
     // Update
     if (props.allowUpdateOperation && props.allowUpdateOperation === true && props.updateRequestTemplate) {
       const updateRequestTemplate = props.updateRequestTemplate.replace("${Table}", this.dynamoTable.tableName);
       this.addActionToPolicy("dynamodb:UpdateItem");
-      this.addMethod(apiGatewayResource, updateRequestTemplate, "UpdateItem", "PUT");
+      defaults.addProxyMethodToApiResource({
+        service: "dynamodb",
+        action: "UpdateItem",
+        apiGatewayRole: this.apiGatewayRole,
+        apiMethod: "PUT",
+        apiResource: apiGatewayResource,
+        requestTemplate: updateRequestTemplate
+      });
     }
     // Delete
     if (props.allowDeleteOperation && props.allowDeleteOperation === true) {
       const deleteRequestTemplate = "{\r\n  \"TableName\": \"" + this.dynamoTable.tableName + "\",\r\n  \"Key\": {\r\n    \"" + partitionKeyName + "\": {\r\n      \"S\": \"$input.params('" + partitionKeyName + "')\"\r\n    }\r\n  },\r\n  \"ConditionExpression\": \"attribute_not_exists(Replies)\",\r\n  \"ReturnValues\": \"ALL_OLD\"\r\n}";
       this.addActionToPolicy("dynamodb:DeleteItem");
-      this.addMethod(apiGatewayResource, deleteRequestTemplate, "DeleteItem", "DELETE");
+      defaults.addProxyMethodToApiResource({
+        service: "dynamodb",
+        action: "DeleteItem",
+        apiGatewayRole: this.apiGatewayRole,
+        apiMethod: "DELETE",
+        apiResource: apiGatewayResource,
+        requestTemplate: deleteRequestTemplate
+      });
     }
   }
 
@@ -156,53 +184,4 @@ export class ApiGatewayToDynamoDB extends Construct {
       actions: [ `${action}` ]
     }));
   }
-
-  private addMethod(apiResource: api.IResource, requestTemplate: string, dynamodbAction: string, apiMethod: string) {
-    // Setup the API Gateway Integration
-    const apiGatewayIntegration = new api.AwsIntegration({
-      service: "dynamodb",
-      action: dynamodbAction,
-      integrationHttpMethod: "POST",
-      options: {
-        passthroughBehavior: api.PassthroughBehavior.NEVER,
-        credentialsRole: this.apiGatewayRole,
-        requestParameters: {
-            "integration.request.header.Content-Type": "'application/json'"
-        },
-        requestTemplates: {
-            "application/json": requestTemplate
-        },
-        integrationResponses: [
-          {
-              statusCode: "200"
-          },
-          {
-              statusCode: "500",
-              responseTemplates: {
-                  "text/html": "Error"
-              },
-              selectionPattern: "500"
-          }
-        ]
-      }
-    });
-
-    // Setup the API Gateway method(s)
-    apiResource.addMethod(apiMethod, apiGatewayIntegration, {
-        methodResponses: [
-            {
-                statusCode: "200",
-                responseParameters: {
-                    "method.response.header.Content-Type": true
-                }
-            },
-            {
-                statusCode: "500",
-                responseParameters: {
-                    "method.response.header.Content-Type": true
-                },
-            }
-        ]
-    });
-  }
 }

source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aws-solutions-constructs/aws-apigateway-dynamodb",
-  "version": "1.57.0",
+  "version": "1.58.0",
   "description": "CDK Constructs for AWS API Gateway and Amazon DynamoDB integration.",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -53,16 +53,16 @@
     }
   },
   "dependencies": {
-    "@aws-cdk/core": "~1.57.0",
-    "@aws-cdk/aws-apigateway": "~1.57.0",
-    "@aws-cdk/aws-iam": "~1.57.0",
-    "@aws-cdk/aws-dynamodb": "~1.57.0",
-    "@aws-cdk/aws-logs": "~1.57.0",
-    "@aws-solutions-constructs/core": "~1.57.0",
+    "@aws-cdk/core": "~1.58.0",
+    "@aws-cdk/aws-apigateway": "~1.58.0",
+    "@aws-cdk/aws-iam": "~1.58.0",
+    "@aws-cdk/aws-dynamodb": "~1.58.0",
+    "@aws-cdk/aws-logs": "~1.58.0",
+    "@aws-solutions-constructs/core": "~1.58.0",
     "constructs": "^3.0.2"
   },
   "devDependencies": {
-    "@aws-cdk/assert": "~1.57.0",
+    "@aws-cdk/assert": "~1.58.0",
     "@types/jest": "^24.0.23",
     "@types/node": "^10.3.0"
   },
@@ -72,12 +72,12 @@
     ]
   },
   "peerDependencies": {
-    "@aws-cdk/core": "~1.57.0",
-    "@aws-cdk/aws-apigateway": "~1.57.0",
-    "@aws-cdk/aws-iam": "~1.57.0",
-    "@aws-cdk/aws-dynamodb": "~1.57.0",
-    "@aws-solutions-constructs/core": "~1.57.0",
+    "@aws-cdk/core": "~1.58.0",
+    "@aws-cdk/aws-apigateway": "~1.58.0",
+    "@aws-cdk/aws-iam": "~1.58.0",
+    "@aws-cdk/aws-dynamodb": "~1.58.0",
+    "@aws-solutions-constructs/core": "~1.58.0",
     "constructs": "^3.0.2",
-    "@aws-cdk/aws-logs": "~1.57.0"
+    "@aws-cdk/aws-logs": "~1.58.0"
   }
 }

source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/__snapshots__/apigateway-dynamodb.test.js.snap

@@ -52,6 +52,9 @@ Object {
             "KeyType": "HASH",
           },
         ],
+        "PointInTimeRecoverySpecification": Object {
+          "PointInTimeRecoveryEnabled": true,
+        },
         "SSESpecification": Object {
           "SSEEnabled": true,
         },