Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

Latest commit

 

History

History
2407 lines (1484 loc) · 83.5 KB

API.md

File metadata and controls

2407 lines (1484 loc) · 83.5 KB
Raw

API Reference

Constructs

Account

An AWS Account.

Initializers 

import { Account } from 'aws-bootstrap-kit'

new Account(scope: Construct, id: string, accountProps: IAccountProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
accountProps IAccountProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
accountPropsRequired

Methods

Name Description
toString Returns a string representation of this construct.
registerAsDelegatedAdministrator No description.
toString 
public toString(): string

Returns a string representation of this construct.

registerAsDelegatedAdministrator 
public registerAsDelegatedAdministrator(accountId: string, servicePrincipal: string): void
accountIdRequired
  • Type: string
servicePrincipalRequired
  • Type: string

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { Account } from 'aws-bootstrap-kit'

Account.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
accountId string No description.
accountName string Constructor.
accountStageName string No description.
accountStageOrder number No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

Constructor.

accountStageNameOptional 
public readonly accountStageName: string;
  • Type: string
accountStageOrderOptional 
public readonly accountStageOrder: number;
  • Type: number

AwsOrganizationsStack

A Stack creating the Software Development Life Cycle (SDLC) Organization.

Initializers 

import { AwsOrganizationsStack } from 'aws-bootstrap-kit'

new AwsOrganizationsStack(scope: Construct, id: string, props: AwsOrganizationsStackProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props AwsOrganizationsStackProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
addDependency Add a dependency between this stack and another stack.
addMetadata Adds an arbitary key-value pair, with information you want to record about the stack.
addTransform Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValue Create a CloudFormation Export for a string list value.
exportValue Create a CloudFormation Export for a string value.
formatArn Creates an ARN from components.
getLogicalId Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFact Look up a fact value for the given fact for the region of this stack.
renameLogicalId Rename a generated logical identities.
reportMissingContextKey Indicate that a context key was expected.
resolve Resolve a tokenized value in the context of the current stack.
splitArn Splits the provided ARN into its components.
toJsonString Convert an object, potentially containing tokens, to a JSON string.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Add a dependency between this stack and another stack.

This can be used to define dependencies between any two stacks within an app, and also supports nested stacks.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;

stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don't supply a value for name, the value you're exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don't supply a value for name, the value you're exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

Example

Here is how the process works. Let's say there are two stacks, producerStack and consumerStack, and producerStack has a bucket called bucket, which is referenced by consumerStack (perhaps because an AWS Lambda Function writes into it, or something like that).

It is not safe to remove producerStack.bucket because as the bucket is being deleted, consumerStack might still be using it.

Instead, the process takes two deployments:

Deployment 1: break the relationship

  • Make sure consumerStack no longer references bucket.bucketName (maybe the consumer stack now uses its own bucket, or it writes to an AWS DynamoDB table, or maybe you just remove the Lambda Function altogether).
  • In the ProducerStack class, call this.exportValue(this.bucket.bucketName). This will make sure the CloudFormation Export continues to exist while the relationship between the two stacks is being broken.
  • Deploy (this will effectively only change the consumerStack, but it's safe to deploy both).

Deployment 2: remove the bucket resource

  • You are now free to remove the bucket resource from producerStack.
  • Don't forget to remove the exportValue() call as well.
  • Deploy again (this time only the producerStack will be changed -- the bucket will be deleted).
exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack's partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the 'scope' is attached to. If all ARN pieces are supplied, the supplied scope can be 'undefined'.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if 'arn' is a string like 'arn:aws:s3:::bucket', and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of 'arn' - depends on what format the service 'arn' represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number

Static Functions

Name Description
isConstruct Checks if x is a construct.
isStack Return whether the given object is a Stack.
of Looks up the first stack scope in which construct is defined.
isConstruct 
import { AwsOrganizationsStack } from 'aws-bootstrap-kit'

AwsOrganizationsStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { AwsOrganizationsStack } from 'aws-bootstrap-kit'

AwsOrganizationsStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can't reliably use 'instanceof'.

xRequired
  • Type: any
of 
import { AwsOrganizationsStack } from 'aws-bootstrap-kit'

AwsOrganizationsStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

Name Type Description
node constructs.Node The tree node.
account string The AWS account into which this stack will be deployed.
artifactId string The ID of the cloud assembly artifact for this stack.
availabilityZones string[] Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequired boolean Indicates whether the stack requires bundling or not.
dependencies aws-cdk-lib.Stack[] Return the stacks this stack depends on.
environment string The environment coordinates in which this stack is deployed.
nested boolean Indicates if this is a nested stack, in which case parentStack will include a reference to it's parent.
notificationArns string[] Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partition string The partition in which this stack is defined.
region string The AWS region into which this stack will be deployed (e.g. us-west-2).
stackId string The ID of the stack.
stackName string The concrete CloudFormation physical stack name.
synthesizer aws-cdk-lib.IStackSynthesizer Synthesis method for this stack.
tags aws-cdk-lib.TagManager Tags to be applied to the stack.
templateFile string The name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptions aws-cdk-lib.ITemplateOptions Options for CloudFormation template (like version, transform, description).
urlSuffix string The Amazon domain suffix for the region in which this stack is defined.
nestedStackParent aws-cdk-lib.Stack If this is a nested stack, returns it's parent stack.
nestedStackResource aws-cdk-lib.CfnResource If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtection boolean Whether termination protection is enabled for this stack.
rootDns RootDns No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concerete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation's Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws:https://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it's parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concerete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concerete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack's location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it's parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionOptional 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

rootDnsOptional 
public readonly rootDns: RootDns;

CrossAccountDNSDelegator

TODO: propose this to fix aws/aws-cdk#8776 High-level construct that creates: 1. A public hosted zone in the current account 2. A record name in the hosted zone id of target account.

Usage: Create a role with the following permission: { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "route53:GetHostedZone", "route53:ChangeResourceRecordSets" ], "Resource": "arn:aws:route53:::hostedzone/ZXXXXXXXXX" }

Then use the construct like this:

const crossAccountDNSDelegatorProps: ICrossAccountDNSDelegatorProps = { targetAccount: '1234567890', targetRoleToAssume: 'DelegateRecordUpdateRoleInThatAccount', targetHostedZoneId: 'ZXXXXXXXXX', zoneName: 'subdomain.mydomain.com', };

new CrossAccountDNSDelegator(this, 'CrossAccountDNSDelegatorStack', crossAccountDNSDelegatorProps);

Initializers 

import { CrossAccountDNSDelegator } from 'aws-bootstrap-kit'

new CrossAccountDNSDelegator(scope: Construct, id: string, props: ICrossAccountDNSDelegatorProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props ICrossAccountDNSDelegatorProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { CrossAccountDNSDelegator } from 'aws-bootstrap-kit'

CrossAccountDNSDelegator.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
hostedZone aws-cdk-lib.aws_route53.HostedZone No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

hostedZoneRequired 
public readonly hostedZone: HostedZone;
  • Type: aws-cdk-lib.aws_route53.HostedZone

RootDns

A class creating the main hosted zone and a role assumable by stages account to be able to set sub domain delegation.

Initializers 

import { RootDns } from 'aws-bootstrap-kit'

new RootDns(scope: Construct, id: string, props: RootDnsProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props RootDnsProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
createDNSAutoUpdateRole No description.
createRootHostedZone No description.
createStageSubZone No description.
toString 
public toString(): string

Returns a string representation of this construct.

createDNSAutoUpdateRole 
public createDNSAutoUpdateRole(account: Account, stageSubZone: HostedZone): Role
accountRequired
stageSubZoneRequired
  • Type: aws-cdk-lib.aws_route53.HostedZone
createRootHostedZone 
public createRootHostedZone(props: RootDnsProps): IHostedZone
propsRequired
createStageSubZone 
public createStageSubZone(account: Account, rootHostedZoneDNSName: string): HostedZone
accountRequired
rootHostedZoneDNSNameRequired
  • Type: string

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { RootDns } from 'aws-bootstrap-kit'

RootDns.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
rootHostedZone aws-cdk-lib.aws_route53.IHostedZone No description.
stagesHostedZones aws-cdk-lib.aws_route53.HostedZone[] No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

rootHostedZoneRequired 
public readonly rootHostedZone: IHostedZone;
  • Type: aws-cdk-lib.aws_route53.IHostedZone
stagesHostedZonesRequired 
public readonly stagesHostedZones: HostedZone[];
  • Type: aws-cdk-lib.aws_route53.HostedZone[]

SecureRootUser

Initializers 

import { SecureRootUser } from 'aws-bootstrap-kit'

new SecureRootUser(scope: Construct, id: string, notificationEmail: string)
Name Type Description
scope constructs.Construct No description.
id string No description.
notificationEmail string No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
notificationEmailRequired
  • Type: string

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { SecureRootUser } from 'aws-bootstrap-kit'

SecureRootUser.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

ValidateEmail

Email Validation.

Initializers 

import { ValidateEmail } from 'aws-bootstrap-kit'

new ValidateEmail(scope: Construct, id: string, props: ValidateEmailProps)
Name Type Description
scope constructs.Construct The parent Construct instantiating this construct.
id string This instance name.
props ValidateEmailProps No description.
scopeRequired
  • Type: constructs.Construct

The parent Construct instantiating this construct.

idRequired
  • Type: string

This instance name.

propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { ValidateEmail } from 'aws-bootstrap-kit'

ValidateEmail.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

Structs

AccountSpec

AWS Account input details.

Initializer 

import { AccountSpec } from 'aws-bootstrap-kit'

const accountSpec: AccountSpec = { ... }

Properties

Name Type Description
name string The name of the AWS account.
email string The email associated to the AWS account.
existingAccountId string The (optional) id of the account to reuse, instead of creating a new account.
hostedServices string[] List of your services that will be hosted in this account.
removalPolicy aws-cdk-lib.RemovalPolicy RemovalPolicy of the account (wether it must be retained or destroyed). See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options.
stageName string The (optional) Stage name to be used in CI/CD pipeline.
stageOrder number The (optional) Stage deployment order.
type AccountType The account type.
nameRequired 
public readonly name: string;
  • Type: string

The name of the AWS account.

emailOptional 
public readonly email: string;
  • Type: string

The email associated to the AWS account.

existingAccountIdOptional 
public readonly existingAccountId: string;
  • Type: string

The (optional) id of the account to reuse, instead of creating a new account.

hostedServicesOptional 
public readonly hostedServices: string[];
  • Type: string[]

List of your services that will be hosted in this account.

Set it to [ALL] if you don't plan to have dedicated account for each service.

removalPolicyOptional 
public readonly removalPolicy: RemovalPolicy;
  • Type: aws-cdk-lib.RemovalPolicy
  • Default: RemovalPolicy.RETAIN

RemovalPolicy of the account (wether it must be retained or destroyed). See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options.

As an account cannot be deleted, RETAIN is the default value.

If you choose DESTROY instead (default behavior of CloudFormation), the stack deletion will fail and you will have to manually remove the account from the organization before retrying to delete the stack: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html

Note that existing accounts (when using existingAccountId) are retained whatever the removalPolicy is.

stageNameOptional 
public readonly stageName: string;
  • Type: string

The (optional) Stage name to be used in CI/CD pipeline.

stageOrderOptional 
public readonly stageOrder: number;
  • Type: number

The (optional) Stage deployment order.

typeOptional 
public readonly type: AccountType;

The account type.

AwsOrganizationsStackProps

Properties for AWS SDLC Organizations Stack.

Initializer 

import { AwsOrganizationsStackProps } from 'aws-bootstrap-kit'

const awsOrganizationsStackProps: AwsOrganizationsStackProps = { ... }

Properties

Name Type Description
analyticsReporting boolean Include runtime versioning information in this Stack.
crossRegionReferences boolean Enable this flag to allow native cross region stack references.
description string A description of the stack.
env aws-cdk-lib.Environment The AWS environment (account/region) where this stack will be deployed.
permissionsBoundary aws-cdk-lib.PermissionsBoundary Options for applying a permissions boundary to all IAM Roles and Users created within this Stage.
stackName string Name to deploy the stack with.
synthesizer aws-cdk-lib.IStackSynthesizer Synthesis method to use while deploying this stack.
tags {[ key: string ]: string} Stack tags that will be applied to all the taggable resources and the stack itself.
terminationProtection boolean Whether to enable termination protection for this stack.
email string Email address of the Root account.
nestedOU OUSpec[] Specification of the sub Organizational Unit.
existingRootHostedZoneId string The (optional) existing root hosted zone id to use instead of creating one.
forceEmailVerification boolean Enable Email Verification Process.
rootHostedZoneDNSName string The main DNS domain name to manage.
thirdPartyProviderDNSUsed boolean A boolean used to decide if domain should be requested through this delpoyment or if already registered through a third party.
analyticsReportingOptional 
public readonly analyticsReporting: boolean;
  • Type: boolean
  • Default: analyticsReporting setting of containing App, or value of 'aws:cdk:version-reporting' context key

Include runtime versioning information in this Stack.

crossRegionReferencesOptional 
public readonly crossRegionReferences: boolean;
  • Type: boolean
  • Default: false

Enable this flag to allow native cross region stack references.

Enabling this will create a CloudFormation custom resource in both the producing stack and consuming stack in order to perform the export/import

This feature is currently experimental

descriptionOptional 
public readonly description: string;
  • Type: string
  • Default: No description.

A description of the stack.

envOptional 
public readonly env: Environment;
  • Type: aws-cdk-lib.Environment
  • Default: The environment of the containing Stage if available, otherwise create the stack will be environment-agnostic.

The AWS environment (account/region) where this stack will be deployed.

Set the region/account fields of env to either a concrete value to select the indicated environment (recommended for production stacks), or to the values of environment variables CDK_DEFAULT_REGION/CDK_DEFAULT_ACCOUNT to let the target environment depend on the AWS credentials/configuration that the CDK CLI is executed under (recommended for development stacks).

If the Stack is instantiated inside a Stage, any undefined region/account fields from env will default to the same field on the encompassing Stage, if configured there.

If either region or account are not set nor inherited from Stage, the Stack will be considered "environment-agnostic"". Environment-agnostic stacks can be deployed to any environment but may not be able to take advantage of all features of the CDK. For example, they will not be able to use environmental context lookups such as ec2.Vpc.fromLookup and will not automatically translate Service Principals to the right format based on the environment's AWS partition, and other such enhancements.

Example

// Use a concrete account and region to deploy this stack to:
// `.account` and `.region` will simply return these values.
new Stack(app, 'Stack1', {
  env: {
    account: '123456789012',
    region: 'us-east-1'
  },
});

// Use the CLI's current credentials to determine the target environment:
// `.account` and `.region` will reflect the account+region the CLI
// is configured to use (based on the user CLI credentials)
new Stack(app, 'Stack2', {
  env: {
    account: process.env.CDK_DEFAULT_ACCOUNT,
    region: process.env.CDK_DEFAULT_REGION
  },
});

// Define multiple stacks stage associated with an environment
const myStage = new Stage(app, 'MyStage', {
  env: {
    account: '123456789012',
    region: 'us-east-1'
  }
});

// both of these stacks will use the stage's account/region:
// `.account` and `.region` will resolve to the concrete values as above
new MyStack(myStage, 'Stack1');
new YourStack(myStage, 'Stack2');

// Define an environment-agnostic stack:
// `.account` and `.region` will resolve to `{ "Ref": "AWS::AccountId" }` and `{ "Ref": "AWS::Region" }` respectively.
// which will only resolve to actual values by CloudFormation during deployment.
new MyStack(app, 'Stack1');
permissionsBoundaryOptional 
public readonly permissionsBoundary: PermissionsBoundary;
  • Type: aws-cdk-lib.PermissionsBoundary
  • Default: no permissions boundary is applied

Options for applying a permissions boundary to all IAM Roles and Users created within this Stage.

stackNameOptional 
public readonly stackName: string;
  • Type: string
  • Default: Derived from construct path.

Name to deploy the stack with.

synthesizerOptional 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer
  • Default: DefaultStackSynthesizer if the @aws-cdk/core:newStyleStackSynthesis feature flag is set, LegacyStackSynthesizer otherwise.

Synthesis method to use while deploying this stack.

tagsOptional 
public readonly tags: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
  • Default: {}

Stack tags that will be applied to all the taggable resources and the stack itself.

terminationProtectionOptional 
public readonly terminationProtection: boolean;
  • Type: boolean
  • Default: false

Whether to enable termination protection for this stack.

emailRequired 
public readonly email: string;
  • Type: string

Email address of the Root account.

nestedOURequired 
public readonly nestedOU: OUSpec[];

Specification of the sub Organizational Unit.

existingRootHostedZoneIdOptional 
public readonly existingRootHostedZoneId: string;
  • Type: string

The (optional) existing root hosted zone id to use instead of creating one.

forceEmailVerificationOptional 
public readonly forceEmailVerification: boolean;
  • Type: boolean

Enable Email Verification Process.

rootHostedZoneDNSNameOptional 
public readonly rootHostedZoneDNSName: string;
  • Type: string

The main DNS domain name to manage.

thirdPartyProviderDNSUsedOptional 
public readonly thirdPartyProviderDNSUsed: boolean;
  • Type: boolean

A boolean used to decide if domain should be requested through this delpoyment or if already registered through a third party.

OUSpec

Organizational Unit Input details.

Initializer 

import { OUSpec } from 'aws-bootstrap-kit'

const oUSpec: OUSpec = { ... }

Properties

Name Type Description
name string Name of the Organizational Unit.
accounts AccountSpec[] Accounts' specification inside in this Organizational Unit.
nestedOU OUSpec[] Specification of sub Organizational Unit.
nameRequired 
public readonly name: string;
  • Type: string

Name of the Organizational Unit.

accountsOptional 
public readonly accounts: AccountSpec[];

Accounts' specification inside in this Organizational Unit.

nestedOUOptional 
public readonly nestedOU: OUSpec[];

Specification of sub Organizational Unit.

RootDnsProps

Properties for RootDns.

Initializer 

import { RootDnsProps } from 'aws-bootstrap-kit'

const rootDnsProps: RootDnsProps = { ... }

Properties

Name Type Description
rootHostedZoneDNSName string The top level domain name.
stagesAccounts Account[] The stages Accounts taht will need their subzone delegation.
existingRootHostedZoneId string The (optional) existing root hosted zone id to use instead of creating one.
thirdPartyProviderDNSUsed boolean A boolean indicating if Domain name has already been registered to a third party or if you want this contruct to create it (the latter is not yet supported).
rootHostedZoneDNSNameRequired 
public readonly rootHostedZoneDNSName: string;
  • Type: string

The top level domain name.

stagesAccountsRequired 
public readonly stagesAccounts: Account[];

The stages Accounts taht will need their subzone delegation.

existingRootHostedZoneIdOptional 
public readonly existingRootHostedZoneId: string;
  • Type: string

The (optional) existing root hosted zone id to use instead of creating one.

thirdPartyProviderDNSUsedOptional 
public readonly thirdPartyProviderDNSUsed: boolean;
  • Type: boolean

A boolean indicating if Domain name has already been registered to a third party or if you want this contruct to create it (the latter is not yet supported).

ValidateEmailProps

Properties of ValidateEmail.

Initializer 

import { ValidateEmailProps } from 'aws-bootstrap-kit'

const validateEmailProps: ValidateEmailProps = { ... }

Properties

Name Type Description
email string Email address of the Root account.
timeout aws-cdk-lib.Duration No description.
emailRequired 
public readonly email: string;
  • Type: string

Email address of the Root account.

timeoutOptional 
public readonly timeout: Duration;
  • Type: aws-cdk-lib.Duration

Protocols

IAccountProps

Properties of an AWS account.

Properties

Name Type Description
email string The email to use to create the AWS account.
name string The name of the AWS Account.
hostedServices string[] List of your services that will be hosted in this account.
id string The AWS account Id.
parentOrganizationalUnitId string The potential Organizational Unit Id the account should be placed in.
parentOrganizationalUnitName string The potential Organizational Unit Name the account should be placed in.
removalPolicy aws-cdk-lib.RemovalPolicy RemovalPolicy of the account.
stageName string The (optional) Stage name to be used in CI/CD pipeline.
stageOrder number The (optional) Stage deployment order.
type AccountType The account type.
emailRequired 
public readonly email: string;
  • Type: string

The email to use to create the AWS account.

nameRequired 
public readonly name: string;
  • Type: string

The name of the AWS Account.

hostedServicesOptional 
public readonly hostedServices: string[];
  • Type: string[]

List of your services that will be hosted in this account.

Set it to [ALL] if you don't plan to have dedicated account for each service.

idOptional 
public readonly id: string;
  • Type: string

The AWS account Id.

parentOrganizationalUnitIdOptional 
public readonly parentOrganizationalUnitId: string;
  • Type: string

The potential Organizational Unit Id the account should be placed in.

parentOrganizationalUnitNameOptional 
public readonly parentOrganizationalUnitName: string;
  • Type: string

The potential Organizational Unit Name the account should be placed in.

removalPolicyOptional 
public readonly removalPolicy: RemovalPolicy;
  • Type: aws-cdk-lib.RemovalPolicy
  • Default: RemovalPolicy.RETAIN

RemovalPolicy of the account.

See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options

stageNameOptional 
public readonly stageName: string;
  • Type: string

The (optional) Stage name to be used in CI/CD pipeline.

stageOrderOptional 
public readonly stageOrder: number;
  • Type: number

The (optional) Stage deployment order.

typeOptional 
public readonly type: AccountType;

The account type.

ICrossAccountDNSDelegatorProps

Properties to create delegated subzone of a zone hosted in a different account.

Properties

Name Type Description
zoneName string The sub zone name to be created.
targetAccount string The Account hosting the parent zone Optional since can be resolved if the system has been setup with aws-bootstrap-kit.
targetHostedZoneId string The parent zone Id to add the sub zone delegation NS record to Optional since can be resolved if the system has been setup with aws-bootstrap-kit.
targetRoleToAssume string The role to Assume in the parent zone's account which has permissions to update the parent zone Optional since can be resolved if the system has been setup with aws-bootstrap-kit.
zoneNameRequired 
public readonly zoneName: string;
  • Type: string

The sub zone name to be created.

targetAccountOptional 
public readonly targetAccount: string;
  • Type: string

The Account hosting the parent zone Optional since can be resolved if the system has been setup with aws-bootstrap-kit.

targetHostedZoneIdOptional 
public readonly targetHostedZoneId: string;
  • Type: string

The parent zone Id to add the sub zone delegation NS record to Optional since can be resolved if the system has been setup with aws-bootstrap-kit.

targetRoleToAssumeOptional 
public readonly targetRoleToAssume: string;
  • Type: string

The role to Assume in the parent zone's account which has permissions to update the parent zone Optional since can be resolved if the system has been setup with aws-bootstrap-kit.

Enums

AccountType

The type of the AWS account.

Members

Name Description
CICD The account used to deploy CI/CD pipelines (See here for internal usage).
STAGE Accounts which will be used to deploy Stage environments (staging/prod ...). (See here for internal usage).
PLAYGROUND Sandbox accounts dedicated to developers work.
CICD

The account used to deploy CI/CD pipelines (See here for internal usage).

STAGE

Accounts which will be used to deploy Stage environments (staging/prod ...). (See here for internal usage).

PLAYGROUND

Sandbox accounts dedicated to developers work.