search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.68k stars 3.93k forks source link

feat(cognito): new `cloudFrontEndpoint` method for user pool domain without custom resource #31402

Open go-to-k opened 2 months ago

go-to-k commented 2 months ago

Issue # (if applicable)

Closes #31342.

Reason for this change

UserPoolDomain creates a custom resource to get CloudFront endpoint. However, CFn exposes the attribute natively now (see the issue). No custom resource is better if it is not needed.

Description of changes

I propose a new method cloudFrontEndpoint without a custom resource.

Three ways were originally considered. This method was chosen as it was the most reasonable of all.

1. Create a new method

This is the method submitted in this PR.

2. Rewrite an existing method directly

This causes destructive changes. Custom resources are not directly used in the user's application. However, this change will result in resource deletion in the user's CDK stack. This causes confusion for users and should be avoided.

Also, the existing integ tests that use the method will fail because the changes are considered as destructive changes.

Tests:    1 failed, 1 total
Failed: /aws-cdk/packages/@aws-cdk-testing/framework-integ/test/aws-cognito/test/integ.user-pool-domain-cfdist.js
!!! This test contains destructive changes !!!
    Stack: integ-user-pool-domain-cfdist - Resource: UserPoolDomainCloudFrontDomainNameE213E594 - Impact: WILL_DESTROY
    Stack: integ-user-pool-domain-cfdist - Resource: UserPoolDomainCloudFrontDomainNameCustomResourcePolicy7DE54188 - Impact: WILL_DESTROY
    Stack: integ-user-pool-domain-cfdist - Resource: AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2 - Impact: WILL_DESTROY
    Stack: integ-user-pool-domain-cfdist - Resource: AWS679f53fac002430cb0da5b7982bd22872D164C4C - Impact: WILL_DESTROY
!!! If these destructive changes are necessary, please indicate this on the PR !!!
Error: Some changes were destructive!
    at main (/aws-cdk/packages/@aws-cdk/integ-runner/lib/cli.js:183:15)
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

3. Rewrite an existing method with a feature flag

An alternative to way 2, but a feature flag was avoided in this case as it leads to complexity. The design guidelines also recommend a new method.

Additional information

I avoided the feature flag in this PR, but there are situations where there are constructs that use an existing method, but cannot provide a new method for the constructs because it is used by a method implemented in the interface.

https://github.com/go-to-k/aws-cdk/blob/fcbdc769e681f1f915cdc8cd7aa3a565d807884d/packages/aws-cdk-lib/aws-route53-targets/lib/userpool-domain.ts#L14

I will make changes to those cases using a feature flag in a separate PR.

https://github.com/aws/aws-cdk/pull/31403

Description of how you validated changes

Both unit and integ tests.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

aws-cdk-automation commented 2 months ago

AWS CodeBuild CI Report

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository