Update to AWS CDK v2. (#21)

* Upgrade to cdk v2

* Make tsc available through npm script

* Revert "Make tsc available through npm script"

This reverts commit 85055a7.

* Install node modules in pipeline and CDK cli

* Explicitly add aws-sdk

* Updated README with instructions to configure Github Connection

* Default github org to aws-samples

README.md

@@ -58,21 +58,22 @@ aws events put-events --entries file://./events/book-insert.json
 
 ## Requirements
 
-- Node.js 16.13 ([lts/erbium](https://nodejs.org/en/blog/release/v12.13.0/))
-- npm 8.19
-- [AWS CDK Toolkit](https://docs.aws.amazon.com/cdk/latest/guide/cli.html) 1.103.0 or above.
+- [Node v20.16.0](https://nodejs.org/en/blog/release/v20.16.0/)
+- npm 10.8.1
+- [AWS CDK Toolkit](https://docs.aws.amazon.com/cdk/latest/guide/cli.html) 2.151.0 or above.
 - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html). You must have run `aws configure` to set up your terminal.
+- [Create a Github Connection](https://docs.aws.amazon.com/codepipeline/latest/userguide/connections-github.html) to your repository and note down the connection ARN as you will need it in the following step.
 
 ## Deployment
 
-To set up your environment for the first time, run the following commands:
+First, replace the `gitOrg` variable on `lib/pipeline-stack.ts` to point to your organization or username on Github where this repository has been forked to.
+
+Then, to set up your environment, run the following commands:
 
 ```sh
 # create the required parameters in your AWS account so
 # AWS CodePipeline can connect to Github and pull source code
-aws ssm put-parameter --name github_username --value <YOUR_GITHUB_USERNAME>
-aws secretsmanager create-secret --name github_token
-aws secretsmanager put-secret-value --secret-id github_token --secret-string '{"github_token": "<YOUR_GITHUB_TOKEN>"}'
+aws ssm put-parameter --name github_connection_arn --value <YOUR_GITHUB_CONNECTION_ARN>
 
 # install aws cdk
 npm install -g aws-cdk
@@ -88,7 +89,7 @@ export AWS_REGION=$(aws configure get region)
 cdk bootstrap aws://$ACCOUNT_ID/$AWS_REGION
 ```
 
-Then, run the following to deploy the app:
+Finally, run the following to deploy the app:
 
 ```sh
 npm run build

bin/audit-service-sample.ts

@@ -4,7 +4,7 @@
 // SPDX-License-Identifier: MIT-0
 
 import 'source-map-support/register';
-import { App } from '@aws-cdk/core';
+import { App } from 'aws-cdk-lib';
 import { PipelineStack } from '../lib/pipeline-stack';
 
 const app = new App();

cdk.json

@@ -1,8 +1,6 @@
 {
   "app": "npx ts-node bin/audit-service-sample.ts",
   "context": {
-    "@aws-cdk/core:enableStackNameDuplicates": "true",
-    "aws-cdk:enableDiffNoFail": "true",
     "@aws-cdk/core:stackRelativeExports": "true",
     "@aws-cdk/core:newStyleStackSynthesis": true
   }

lib/audit-service-sample-stack.spec.ts

@@ -1,40 +1,41 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: MIT-0
 
-import { Stack } from "@aws-cdk/core";
+import { Stack } from "aws-cdk-lib";
 import { AuditServiceStack } from "./audit-service-sample-stack";
 
-import '@aws-cdk/assert/jest';
+import { Template } from "aws-cdk-lib/assertions";
 
-let stack: Stack;
+let template: Template;
 
 beforeEach(() => {
-  stack = new AuditServiceStack(stack, 'stateMachine', {
+   const stack:Stack = new AuditServiceStack(new Stack(), 'stateMachine', {
     logicalEnv: 'test'
   });
+  template = Template.fromStack(stack);
 });
 
-test('should create a CloudWatch log group', () => {
-  expect(stack).toHaveResource('AWS::Logs::LogGroup', {
+test('should create a CloudWatch log group', () => {  
+  template.hasResourceProperties('AWS::Logs::LogGroup', {
     LogGroupName: '/aws/events/test-audit-events',
     RetentionInDays: 1
   });
 });
 
 test('should create a SNS topic', () => {
-  expect(stack).toHaveResource('AWS::SNS::Topic', {
+  template.hasResourceProperties('AWS::SNS::Topic', {
     TopicName: 'test-deleted-entities'
   });
 });
 
 test('should create an EventBridge bus', () => {
-  expect(stack).toHaveResource('AWS::Events::EventBus', {
+  template.hasResourceProperties('AWS::Events::EventBus', {
     Name: 'test-audit-event-bus'
   });
 });
 
 test('should create rule for audit events going to Step Function state machine', () => {
-  expect(stack).toHaveResourceLike('AWS::Events::Rule', {
+  template.hasResourceProperties('AWS::Events::Rule', {
     Name: 'test-audit-events-rule',
     Description: 'Rule matching audit events',
     EventBusName: {Ref: 'AuditEventBus4CA9BCB2'},
@@ -48,7 +49,7 @@ test('should create rule for audit events going to Step Function state machine',
 });
 
 test('should create rule for all events going to CloudWatch log group', () => {
-  expect(stack).toHaveResourceLike('AWS::Events::Rule', {
+  template.hasResourceProperties('AWS::Events::Rule', {
     Name: 'test-all-events-rule',
     Description: 'Rule matching all events',
     EventBusName: {Ref: 'AuditEventBus4CA9BCB2'},
@@ -62,7 +63,7 @@ test('should create rule for all events going to CloudWatch log group', () => {
 });
 
 test('should create rule for deleted entities going to SNS topic', () => {
-  expect(stack).toHaveResourceLike('AWS::Events::Rule', {
+  template.hasResourceProperties('AWS::Events::Rule', {
     Name: 'test-deleted-entities-rule',
     Description: 'Rule matching audit events for delete operations',
     EventBusName: {Ref: 'AuditEventBus4CA9BCB2'},

lib/audit-service-sample-stack.ts

@@ -1,28 +1,28 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: MIT-0
 
-import * as cdk from '@aws-cdk/core';
+import { Construct } from 'constructs';
+import { Stack, StackProps, CfnOutput, Stage, StageProps, Tags } from "aws-cdk-lib";
 
-import { EventBus, Rule, CfnRule, RuleTargetInput, EventField } from '@aws-cdk/aws-events';
-import * as targets from '@aws-cdk/aws-events-targets';
+import { EventBus, Rule, CfnRule, RuleTargetInput, EventField } from 'aws-cdk-lib/aws-events';
+import * as targets from 'aws-cdk-lib/aws-events-targets';
 import { StateMachineTarget } from './constructs/sf-state-machine-target';
-import { CfnOutput } from '@aws-cdk/core';
-import { LogGroup, RetentionDays } from '@aws-cdk/aws-logs';
-import { Topic } from '@aws-cdk/aws-sns';
+import { LogGroup, RetentionDays } from 'aws-cdk-lib/aws-logs';
+import { Topic } from 'aws-cdk-lib/aws-sns';
 
-interface AuditServiceStackProps extends cdk.StackProps {
+interface AuditServiceStackProps extends StackProps {
   logicalEnv: string;
 }
 
-export class AuditServiceStack extends cdk.Stack {
+export class AuditServiceStack extends Stack {
 
   public readonly busName: CfnOutput;
   public readonly bucketName: CfnOutput;
   public readonly tableName: CfnOutput;
   public readonly logGroupName: CfnOutput;
   public readonly topicName: CfnOutput;
 
-  constructor(scope: cdk.Construct, id: string, props?: AuditServiceStackProps) {
+  constructor(scope: Construct, id: string, props?: AuditServiceStackProps) {
     super(scope, id, props);
 
     const prefix = props?.logicalEnv;

lib/audit-service-sample-stage.ts

@@ -1,7 +1,8 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: MIT-0
 
-import { CfnOutput, Construct, Stage, StageProps, Tags } from "@aws-cdk/core"
+import { Construct } from "constructs";
+import { CfnOutput, Stage, StageProps, Tags } from "aws-cdk-lib";
 import { AuditServiceStack } from "./audit-service-sample-stack";
 
 interface DeployStageProps extends StageProps {

lib/constructs/sf-state-machine-target.spec.ts

@@ -1,23 +1,24 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: MIT-0
 
-import { Stack } from "@aws-cdk/core";
+import { Stack } from "aws-cdk-lib";
 import { StateMachineTarget } from "./sf-state-machine-target";
 
-import '@aws-cdk/assert/jest';
+import { Template } from "aws-cdk-lib/assertions";
 
-let stack: Stack;
+let template: Template;
 
 beforeEach(() => {
-  stack = new Stack();
+  const stack: Stack = new Stack();
   new StateMachineTarget(stack, 'stateMachine', {
     logicalEnv: 'test',
     accountId: '11111111'
   });
+  template = Template.fromStack(stack);
 });
 
 test('should create S3 bucket', () => {
-  expect(stack).toHaveResource('AWS::S3::Bucket', {
+  template.hasResourceProperties('AWS::S3::Bucket', {
     BucketName: 'test-audit-events-11111111',
     BucketEncryption: {
       ServerSideEncryptionConfiguration: [
@@ -30,9 +31,9 @@ test('should create S3 bucket', () => {
 });
 
 test('should create Lambda function', () => {
-  expect(stack).toHaveResourceLike('AWS::Lambda::Function', {
+  template.hasResourceProperties('AWS::Lambda::Function', {
     FunctionName: 'test-save-to-s3',
-    Runtime: 'nodejs12.x',
+    Runtime: 'nodejs20.x',
     TracingConfig: {
       Mode: 'Active'
     },
@@ -45,7 +46,7 @@ test('should create Lambda function', () => {
 });
 
 test('should create table with expected partition key', () => {
-  expect(stack).toHaveResource('AWS::DynamoDB::Table', {
+  template.hasResourceProperties('AWS::DynamoDB::Table', {
     TableName: 'test-audit-events',
     BillingMode: 'PAY_PER_REQUEST',
     KeySchema: [{
@@ -56,7 +57,7 @@ test('should create table with expected partition key', () => {
 });
 
 test('should create table with expected global secondary indexes', () => {
-  expect(stack).toHaveResource('AWS::DynamoDB::Table', {
+  template.hasResourceProperties('AWS::DynamoDB::Table', {
     GlobalSecondaryIndexes: [{
       IndexName: 'search-by-entity-id',
       KeySchema: [{
@@ -82,7 +83,7 @@ test('should create table with expected global secondary indexes', () => {
 });
 
 test('should create state machine', () => {
-  expect(stack).toHaveResource('AWS::StepFunctions::StateMachine', {
+  template.hasResourceProperties('AWS::StepFunctions::StateMachine', {
     StateMachineName: 'test-log-audit-event'
   });
 });

lib/constructs/sf-state-machine-target.ts

@@ -1,14 +1,14 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: MIT-0
 
-import { Construct } from "@aws-cdk/core";
+import { Construct } from "constructs";
 
-import { AttributeType, BillingMode, Table } from "@aws-cdk/aws-dynamodb";
-import { Code, Runtime, Tracing, Function } from "@aws-cdk/aws-lambda";
-import { Bucket, BucketEncryption } from "@aws-cdk/aws-s3";
+import { AttributeType, BillingMode, Table } from "aws-cdk-lib/aws-dynamodb";
+import { Code, Runtime, Tracing, Function } from "aws-cdk-lib/aws-lambda";
+import { Bucket, BucketEncryption } from "aws-cdk-lib/aws-s3";
 
-import { JsonPath, StateMachine } from "@aws-cdk/aws-stepfunctions";
-import * as tasks from '@aws-cdk/aws-stepfunctions-tasks';
+import { DefinitionBody, JsonPath, StateMachine } from "aws-cdk-lib/aws-stepfunctions";
+import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks';
 
 interface StateMachineTargetProps {
   logicalEnv: string;
@@ -35,7 +35,7 @@ export class StateMachineTarget extends Construct {
     // lambda function
     const saveToS3Fn = new Function(this, 'SaveToS3Fn', {
       functionName: `${prefix}-save-to-s3`,
-      runtime: Runtime.NODEJS_12_X,
+      runtime: Runtime.NODEJS_20_X,
       handler: 'index.handler',
       code: Code.fromAsset('./lib/lambda/save-to-s3'),
       environment: {
@@ -88,7 +88,7 @@ export class StateMachineTarget extends Construct {
     const definition = saveToS3Job.next(saveToDbJob);
 
     this.stateMachine = new StateMachine(this, 'LogAuditEvent', {
-      definition,
+      definitionBody: DefinitionBody.fromChainable(definition),
       stateMachineName: `${prefix}-log-audit-event`
     });
   }