Skip to content
Data Landing Zone

API

API Reference

Constructs

AuditGlobalStack

Initializers 

import { AuditGlobalStack } from 'aws-data-landing-zone'


new AuditGlobalStack(scope: Construct, stackProps: DlzStackProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
stackPropsDlzStackPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
stackPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
securityHubNotificationsNo description.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string
securityHubNotifications 
public securityHubNotifications(): void

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { AuditGlobalStack } from 'aws-data-landing-zone'


AuditGlobalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { AuditGlobalStack } from 'aws-data-landing-zone'


AuditGlobalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { AuditGlobalStack } from 'aws-data-landing-zone'


AuditGlobalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

AuditRegionalStack

Initializers 

import { AuditRegionalStack } from 'aws-data-landing-zone'


new AuditRegionalStack(scope: Construct, props: DlzStackProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
propsDlzStackPropsNo description.
scopeRequired
  • Type: constructs.Construct
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { AuditRegionalStack } from 'aws-data-landing-zone'


AuditRegionalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { AuditRegionalStack } from 'aws-data-landing-zone'


AuditRegionalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { AuditRegionalStack } from 'aws-data-landing-zone'


AuditRegionalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

DlzStack

Initializers 

import { DlzStack } from 'aws-data-landing-zone'


new DlzStack(scope: Construct, props: DlzStackProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
propsDlzStackPropsNo description.
scopeRequired
  • Type: constructs.Construct
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { DlzStack } from 'aws-data-landing-zone'


DlzStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { DlzStack } from 'aws-data-landing-zone'


DlzStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { DlzStack } from 'aws-data-landing-zone'


DlzStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

IamAccountAlias

Set the IAM Account Alias.

Initializers 

import { IamAccountAlias } from 'aws-data-landing-zone'


new IamAccountAlias(scope: Construct, id: string, props: IamAccountAliasProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsIamAccountAliasPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

NameDescription
isConstructChecks if x is a construct.
fetchCodeDirectoryNo description.
isConstruct 
import { IamAccountAlias } from 'aws-data-landing-zone'


IamAccountAlias.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

fetchCodeDirectory 
import { IamAccountAlias } from 'aws-data-landing-zone'


IamAccountAlias.fetchCodeDirectory()

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
reportResourceReportResourceNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

reportResourceRequired 
public readonly reportResource: ReportResource;

IamIdentityCenterGroup

A group of users in the IAM Identity Center.

Initializers 

import { IamIdentityCenterGroup } from 'aws-data-landing-zone'


new IamIdentityCenterGroup(scope: Construct, id: string, props: IamIdentityCenterGroupProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsIamIdentityCenterGroupPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

NameDescription
isConstructChecks if x is a construct.
isConstruct 
import { IamIdentityCenterGroup } from 'aws-data-landing-zone'


IamIdentityCenterGroup.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

IamPasswordPolicy

Set the IAM Password Policy.

Initializers 

import { IamPasswordPolicy } from 'aws-data-landing-zone'


new IamPasswordPolicy(scope: Construct, id: string, props: IamPasswordPolicyProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsIamPasswordPolicyPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

NameDescription
isConstructChecks if x is a construct.
isConstruct 
import { IamPasswordPolicy } from 'aws-data-landing-zone'


IamPasswordPolicy.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
reportResourceReportResourceNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

reportResourceRequired 
public readonly reportResource: ReportResource;

IdentityStoreUser

A user in the IAM Identity Center.

Initializers 

import { IdentityStoreUser } from 'aws-data-landing-zone'


new IdentityStoreUser(scope: Construct, id: string, props: IdentityStoreUserPropsExt)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsIdentityStoreUserPropsExtNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

NameDescription
isConstructChecks if x is a construct.
fetchCodeDirectoryNo description.
isConstruct 
import { IdentityStoreUser } from 'aws-data-landing-zone'


IdentityStoreUser.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

fetchCodeDirectory 
import { IdentityStoreUser } from 'aws-data-landing-zone'


IdentityStoreUser.fetchCodeDirectory()

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
userIdstringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

userIdRequired 
public readonly userId: string;
  • Type: string

LogGlobalStack

Initializers 

import { LogGlobalStack } from 'aws-data-landing-zone'


new LogGlobalStack(scope: Construct, props: DlzStackProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
propsDlzStackPropsNo description.
scopeRequired
  • Type: constructs.Construct
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { LogGlobalStack } from 'aws-data-landing-zone'


LogGlobalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { LogGlobalStack } from 'aws-data-landing-zone'


LogGlobalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { LogGlobalStack } from 'aws-data-landing-zone'


LogGlobalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

LogRegionalStack

Initializers 

import { LogRegionalStack } from 'aws-data-landing-zone'


new LogRegionalStack(scope: Construct, props: DlzStackProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
propsDlzStackPropsNo description.
scopeRequired
  • Type: constructs.Construct
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { LogRegionalStack } from 'aws-data-landing-zone'


LogRegionalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { LogRegionalStack } from 'aws-data-landing-zone'


LogRegionalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { LogRegionalStack } from 'aws-data-landing-zone'


LogRegionalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

ManagementGlobalIamIdentityCenterStack

Initializers 

import { ManagementGlobalIamIdentityCenterStack } from 'aws-data-landing-zone'


new ManagementGlobalIamIdentityCenterStack(scope: Construct, stackProps: DlzStackProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
stackPropsDlzStackPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
stackPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { ManagementGlobalIamIdentityCenterStack } from 'aws-data-landing-zone'


ManagementGlobalIamIdentityCenterStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { ManagementGlobalIamIdentityCenterStack } from 'aws-data-landing-zone'


ManagementGlobalIamIdentityCenterStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { ManagementGlobalIamIdentityCenterStack } from 'aws-data-landing-zone'


ManagementGlobalIamIdentityCenterStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

ManagementGlobalStack

Initializers 

import { ManagementGlobalStack } from 'aws-data-landing-zone'


new ManagementGlobalStack(scope: Construct, stackProps: ManagementGlobalStackProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
stackPropsManagementGlobalStackPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
stackPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
budgetsNo description.
deploymentPlatformGitHubNo description.
iamPermissionBoundaryIAM Policy Permission Boundary.
suspendedOuPoliciesService Control Policies and Tag Policies applied at the OU level because we won’t need any customizations per account.
workloadAccountsOrgPoliciesService Control Policies and Tag Policies applied at the account level to enable customization per account.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string
budgets 
public budgets(): void
deploymentPlatformGitHub 
public deploymentPlatformGitHub(): void
iamPermissionBoundary 
public iamPermissionBoundary(): void

IAM Policy Permission Boundary.

suspendedOuPolicies 
public suspendedOuPolicies(): void

Service Control Policies and Tag Policies applied at the OU level because we won’t need any customizations per account.

workloadAccountsOrgPolicies 
public workloadAccountsOrgPolicies(): void

Service Control Policies and Tag Policies applied at the account level to enable customization per account.

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { ManagementGlobalStack } from 'aws-data-landing-zone'


ManagementGlobalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { ManagementGlobalStack } from 'aws-data-landing-zone'


ManagementGlobalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { ManagementGlobalStack } from 'aws-data-landing-zone'


ManagementGlobalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadGlobalDataServicesPhase1Stack

Initializers 

import { WorkloadGlobalDataServicesPhase1Stack } from 'aws-data-landing-zone'


new WorkloadGlobalDataServicesPhase1Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadGlobalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalDataServicesPhase1Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadGlobalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalDataServicesPhase1Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadGlobalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalDataServicesPhase1Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadGlobalNetworkConnectionsPhase1Stack

Initializers 

import { WorkloadGlobalNetworkConnectionsPhase1Stack } from 'aws-data-landing-zone'


new WorkloadGlobalNetworkConnectionsPhase1Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
createPeeringRoleNo description.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string
createPeeringRole 
public createPeeringRole(from: DlzAccountNetwork, to: DlzAccountNetwork): void
fromRequired
toRequired

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadGlobalNetworkConnectionsPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase1Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadGlobalNetworkConnectionsPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase1Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadGlobalNetworkConnectionsPhase1Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase1Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadGlobalNetworkConnectionsPhase2Stack

Initializers 

import { WorkloadGlobalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


new WorkloadGlobalNetworkConnectionsPhase2Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadGlobalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase2Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadGlobalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase2Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadGlobalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase2Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadGlobalNetworkConnectionsPhase3Stack

Initializers 

import { WorkloadGlobalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


new WorkloadGlobalNetworkConnectionsPhase3Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadGlobalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase3Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadGlobalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase3Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadGlobalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadGlobalNetworkConnectionsPhase3Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadGlobalStack

Initializers 

import { WorkloadGlobalStack } from 'aws-data-landing-zone'


new WorkloadGlobalStack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadGlobalStack } from 'aws-data-landing-zone'


WorkloadGlobalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadGlobalStack } from 'aws-data-landing-zone'


WorkloadGlobalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadGlobalStack } from 'aws-data-landing-zone'


WorkloadGlobalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadRegionalDataServicesPhase1Stack

Initializers 

import { WorkloadRegionalDataServicesPhase1Stack } from 'aws-data-landing-zone'


new WorkloadRegionalDataServicesPhase1Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadRegionalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadRegionalDataServicesPhase1Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadRegionalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadRegionalDataServicesPhase1Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadRegionalDataServicesPhase1Stack } from 'aws-data-landing-zone'


WorkloadRegionalDataServicesPhase1Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadRegionalNetworkConnectionsPhase2Stack

Initializers 

import { WorkloadRegionalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


new WorkloadRegionalNetworkConnectionsPhase2Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadRegionalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase2Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadRegionalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase2Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadRegionalNetworkConnectionsPhase2Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase2Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadRegionalNetworkConnectionsPhase3Stack

Initializers 

import { WorkloadRegionalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


new WorkloadRegionalNetworkConnectionsPhase3Stack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadRegionalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase3Stack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadRegionalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase3Stack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadRegionalNetworkConnectionsPhase3Stack } from 'aws-data-landing-zone'


WorkloadRegionalNetworkConnectionsPhase3Stack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

WorkloadRegionalStack

Initializers 

import { WorkloadRegionalStack } from 'aws-data-landing-zone'


new WorkloadRegionalStack(scope: Construct, workloadAccountProps: WorkloadAccountProps, props: DataLandingZoneProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
workloadAccountPropsWorkloadAccountPropsNo description.
propsDataLandingZonePropsNo description.
scopeRequired
  • Type: constructs.Construct
workloadAccountPropsRequired
propsRequired

Methods

NameDescription
toStringReturns a string representation of this construct.
addDependencyUse addDependency for dependencies between stacks in an ExpressStage.
addMetadataAdds an arbitary key-value pair, with information you want to record about the stack.
addTransformAdd a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.
exportStringListValueCreate a CloudFormation Export for a string list value.
exportValueCreate a CloudFormation Export for a string value.
formatArnCreates an ARN from components.
getLogicalIdAllocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
regionalFactLook up a fact value for the given fact for the region of this stack.
renameLogicalIdRename a generated logical identities.
reportMissingContextKeyIndicate that a context key was expected.
resolveResolve a tokenized value in the context of the current stack.
splitArnSplits the provided ARN into its components.
toJsonStringConvert an object, potentially containing tokens, to a JSON string.
toYamlStringConvert an object, potentially containing tokens, to a YAML string.
addExpressDependencyOnly use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.
expressDependenciesThe ExpressStack dependencies of the stack.
resourceNameCreate unique ResourceNames.
toString 
public toString(): string

Returns a string representation of this construct.

addDependency 
public addDependency(target: Stack, reason?: string): void

Use addDependency for dependencies between stacks in an ExpressStage.

Otherwise, use addExpressDependency to construct the Pipeline of stacks between Waves and Stages.

targetRequired
  • Type: aws-cdk-lib.Stack
reasonOptional
  • Type: string
addMetadata 
public addMetadata(key: string, value: any): void

Adds an arbitary key-value pair, with information you want to record about the stack.

These get translated to the Metadata section of the generated template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

keyRequired
  • Type: string
valueRequired
  • Type: any
addTransform 
public addTransform(transform: string): void

Add a Transform to this stack. A Transform is a macro that AWS CloudFormation uses to process your template.

Duplicate values are removed when stack is synthesized.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html

Example

declare const stack: Stack;


stack.addTransform('AWS::Serverless-2016-10-31')
transformRequired
  • Type: string

The transform to add.

exportStringListValue 
public exportStringListValue(exportedValue: any, options?: ExportValueOptions): string[]

Create a CloudFormation Export for a string list value.

Returns a string list representing the corresponding Fn.importValue() expression for this Export. The export expression is automatically wrapped with an Fn::Join and the import value with an Fn::Split, since CloudFormation can only export strings. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

See exportValue for an example of this process.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
exportValue 
public exportValue(exportedValue: any, options?: ExportValueOptions): string

Create a CloudFormation Export for a string value.

Returns a string representing the corresponding Fn.importValue() expression for this Export. You can control the name for the export by passing the name option.

If you don’t supply a value for name, the value you’re exporting must be a Resource attribute (for example: bucket.bucketName) and it will be given the same name as the automatic cross-stack reference that would be created if you used the attribute in another Stack.

One of the uses for this method is to remove the relationship between two Stacks established by automatic cross-stack references. It will temporarily ensure that the CloudFormation Export still exists while you remove the reference from the consuming stack. After that, you can remove the resource and the manual export.

exportedValueRequired
  • Type: any
optionsOptional
  • Type: aws-cdk-lib.ExportValueOptions
formatArn 
public formatArn(components: ArnComponents): string

Creates an ARN from components.

If partition, region or account are not specified, the stack’s partition, region and account will be used.

If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

The ARN will be formatted as follows:

arn:{partition}:{service}:{region}:{account}:{resource}{sep}{resource-name}

The required ARN pieces that are omitted will be taken from the stack that the ‘scope’ is attached to. If all ARN pieces are supplied, the supplied scope can be ‘undefined’.

componentsRequired
  • Type: aws-cdk-lib.ArnComponents
getLogicalId 
public getLogicalId(element: CfnElement): string

Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.

This method is called when a CfnElement is created and used to render the initial logical identity of resources. Logical ID renames are applied at this stage.

This method uses the protected method allocateLogicalId to render the logical ID for an element. To modify the naming scheme, extend the Stack class and override this method.

elementRequired
  • Type: aws-cdk-lib.CfnElement

The CloudFormation element for which a logical identity is needed.

regionalFact 
public regionalFact(factName: string, defaultValue?: string): string

Look up a fact value for the given fact for the region of this stack.

Will return a definite value only if the region of the current stack is resolved. If not, a lookup map will be added to the stack and the lookup will be done at CDK deployment time.

What regions will be included in the lookup map is controlled by the @aws-cdk/core:target-partitions context value: it must be set to a list of partitions, and only regions from the given partitions will be included. If no such context key is set, all regions will be included.

This function is intended to be used by construct library authors. Application builders can rely on the abstractions offered by construct libraries and do not have to worry about regional facts.

If defaultValue is not given, it is an error if the fact is unknown for the given region.

factNameRequired
  • Type: string
defaultValueOptional
  • Type: string
renameLogicalId 
public renameLogicalId(oldId: string, newId: string): void

Rename a generated logical identities.

To modify the naming scheme strategy, extend the Stack class and override the allocateLogicalId method.

oldIdRequired
  • Type: string
newIdRequired
  • Type: string
reportMissingContextKey 
public reportMissingContextKey(report: MissingContext): void

Indicate that a context key was expected.

Contains instructions which will be emitted into the cloud assembly on how the key should be supplied.

reportRequired
  • Type: aws-cdk-lib.cloud_assembly_schema.MissingContext

The set of parameters needed to obtain the context.

resolve 
public resolve(obj: any): any

Resolve a tokenized value in the context of the current stack.

objRequired
  • Type: any
splitArn 
public splitArn(arn: string, arnFormat: ArnFormat): ArnComponents

Splits the provided ARN into its components.

Works both if ‘arn’ is a string like ‘arn:aws:s3:::bucket’, and a Token representing a dynamic CloudFormation expression (in which case the returned components will also be dynamic CloudFormation expressions, encoded as Tokens).

arnRequired
  • Type: string

the ARN to split into its components.

arnFormatRequired
  • Type: aws-cdk-lib.ArnFormat

the expected format of ‘arn’ - depends on what format the service ‘arn’ represents uses.

toJsonString 
public toJsonString(obj: any, space?: number): string

Convert an object, potentially containing tokens, to a JSON string.

objRequired
  • Type: any
spaceOptional
  • Type: number
toYamlString 
public toYamlString(obj: any): string

Convert an object, potentially containing tokens, to a YAML string.

objRequired
  • Type: any
addExpressDependency 
public addExpressDependency(target: ExpressStack, reason?: string): void

Only use to create dependencies between Stacks in Waves and Stages for building the Pipeline, where having cyclic dependencies is not possible.

If the addExpressDependency is used outside the Pipeline construction, it will not be safe. Use addDependency to create stack dependency within the same Stage.

targetRequired
  • Type: cdk-express-pipeline.ExpressStack
reasonOptional
  • Type: string
expressDependencies 
public expressDependencies(): ExpressStack[]

The ExpressStack dependencies of the stack.

resourceName 
public resourceName(resourceId: string): string

Create unique ResourceNames.

resourceIdRequired
  • Type: string

Static Functions

NameDescription
isConstructChecks if x is a construct.
isStackReturn whether the given object is a Stack.
ofLooks up the first stack scope in which construct is defined.
isConstruct 
import { WorkloadRegionalStack } from 'aws-data-landing-zone'


WorkloadRegionalStack.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isStack 
import { WorkloadRegionalStack } from 'aws-data-landing-zone'


WorkloadRegionalStack.isStack(x: any)

Return whether the given object is a Stack.

We do attribute detection since we can’t reliably use ‘instanceof’.

xRequired
  • Type: any
of 
import { WorkloadRegionalStack } from 'aws-data-landing-zone'


WorkloadRegionalStack.of(construct: IConstruct)

Looks up the first stack scope in which construct is defined.

Fails if there is no stack up the tree.

constructRequired
  • Type: constructs.IConstruct

The construct to start the search from.

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
accountstringThe AWS account into which this stack will be deployed.
artifactIdstringThe ID of the cloud assembly artifact for this stack.
availabilityZonesstring[]Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundlingRequiredbooleanIndicates whether the stack requires bundling or not.
dependenciesaws-cdk-lib.Stack[]Return the stacks this stack depends on.
environmentstringThe environment coordinates in which this stack is deployed.
nestedbooleanIndicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.
notificationArnsstring[]Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partitionstringThe partition in which this stack is defined.
regionstringThe AWS region into which this stack will be deployed (e.g. us-west-2).
stackIdstringThe ID of the stack.
stackNamestringThe concrete CloudFormation physical stack name.
synthesizeraws-cdk-lib.IStackSynthesizerSynthesis method for this stack.
tagsaws-cdk-lib.TagManagerTags to be applied to the stack.
templateFilestringThe name of the CloudFormation template file emitted to the output directory during synthesis.
templateOptionsaws-cdk-lib.ITemplateOptionsOptions for CloudFormation template (like version, transform, description).
urlSuffixstringThe Amazon domain suffix for the region in which this stack is defined.
nestedStackParentaws-cdk-lib.StackIf this is a nested stack, returns it’s parent stack.
nestedStackResourceaws-cdk-lib.CfnResourceIf this is a nested stack, this represents its AWS::CloudFormation::Stack resource.
terminationProtectionbooleanWhether termination protection is enabled for this stack.
idstringThe stack identifier which is a combination of the wave, stage and stack id.
stagecdk-express-pipeline.ExpressStageThe stage that the stack belongs to.
accountIdstringNo description.
accountNamestringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

accountRequired 
public readonly account: string;
  • Type: string

The AWS account into which this stack will be deployed.

This value is resolved according to the following rules:

  1. The value provided to env.account when the stack is defined. This can either be a concrete account (e.g. 585695031111) or the Aws.ACCOUNT_ID token.
  2. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference { "Ref": "AWS::AccountId" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.account) returns true), this implies that the user wishes that this stack will synthesize into a account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

artifactIdRequired 
public readonly artifactId: string;
  • Type: string

The ID of the cloud assembly artifact for this stack.

availabilityZonesRequired 
public readonly availabilityZones: string[];
  • Type: string[]

Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.

If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation’s Fn::GetAZs intrinsic function.

If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 DescribeAvailabilityZones on the target environment.

To specify a different strategy for selecting availability zones override this method.

bundlingRequiredRequired 
public readonly bundlingRequired: boolean;
  • Type: boolean

Indicates whether the stack requires bundling or not.

dependenciesRequired 
public readonly dependencies: Stack[];
  • Type: aws-cdk-lib.Stack[]

Return the stacks this stack depends on.

environmentRequired 
public readonly environment: string;
  • Type: string

The environment coordinates in which this stack is deployed.

In the form aws://account/region. Use stack.account and stack.region to obtain the specific values, no need to parse.

You can use this value to determine if two stacks are targeting the same environment.

If either stack.account or stack.region are not concrete values (e.g. Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or unknown-region will be used respectively to indicate this stack is region/account-agnostic.

nestedRequired 
public readonly nested: boolean;
  • Type: boolean

Indicates if this is a nested stack, in which case parentStack will include a reference to it’s parent.

notificationArnsRequired 
public readonly notificationArns: string[];
  • Type: string[]

Returns the list of notification Amazon Resource Names (ARNs) for the current stack.

partitionRequired 
public readonly partition: string;
  • Type: string

The partition in which this stack is defined.

regionRequired 
public readonly region: string;
  • Type: string

The AWS region into which this stack will be deployed (e.g. us-west-2).

This value is resolved according to the following rules:

  1. The value provided to env.region when the stack is defined. This can either be a concrete region (e.g. us-west-2) or the Aws.REGION token.
  2. Aws.REGION, which is represents the CloudFormation intrinsic reference { "Ref": "AWS::Region" } encoded as a string token.

Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (Token.isUnresolved(stack.region) returns true), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or implement some other region-agnostic behavior.

stackIdRequired 
public readonly stackId: string;
  • Type: string

The ID of the stack.

Example

// After resolving, looks like
'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123'
stackNameRequired 
public readonly stackName: string;
  • Type: string

The concrete CloudFormation physical stack name.

This is either the name defined explicitly in the stackName prop or allocated based on the stack’s location in the construct tree. Stacks that are directly defined under the app use their construct id as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness.

If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use Aws.STACK_NAME directly.

synthesizerRequired 
public readonly synthesizer: IStackSynthesizer;
  • Type: aws-cdk-lib.IStackSynthesizer

Synthesis method for this stack.

tagsRequired 
public readonly tags: TagManager;
  • Type: aws-cdk-lib.TagManager

Tags to be applied to the stack.

templateFileRequired 
public readonly templateFile: string;
  • Type: string

The name of the CloudFormation template file emitted to the output directory during synthesis.

Example value: MyStack.template.json

templateOptionsRequired 
public readonly templateOptions: ITemplateOptions;
  • Type: aws-cdk-lib.ITemplateOptions

Options for CloudFormation template (like version, transform, description).

urlSuffixRequired 
public readonly urlSuffix: string;
  • Type: string

The Amazon domain suffix for the region in which this stack is defined.

nestedStackParentOptional 
public readonly nestedStackParent: Stack;
  • Type: aws-cdk-lib.Stack

If this is a nested stack, returns it’s parent stack.

nestedStackResourceOptional 
public readonly nestedStackResource: CfnResource;
  • Type: aws-cdk-lib.CfnResource

If this is a nested stack, this represents its AWS::CloudFormation::Stack resource.

undefined for top-level (non-nested) stacks.

terminationProtectionRequired 
public readonly terminationProtection: boolean;
  • Type: boolean

Whether termination protection is enabled for this stack.

idRequired 
public readonly id: string;
  • Type: string

The stack identifier which is a combination of the wave, stage and stack id.

stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

The stage that the stack belongs to.

accountIdRequired 
public readonly accountId: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string

Structs

AuditStacks

Initializer 

import { AuditStacks } from 'aws-data-landing-zone'


const auditStacks: AuditStacks = { ... }

Properties

NameTypeDescription
globalAuditGlobalStackNo description.
globalRequired 
public readonly global: AuditGlobalStack;

BaseSharedTagProps

Initializer 

import { BaseSharedTagProps } from 'aws-data-landing-zone'


const baseSharedTagProps: BaseSharedTagProps = { ... }

Properties

NameTypeDescription
principalsstring[]A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.
specificValuesstring[]OPTIONAL - A list of specific values of the tag that can be shared.
principalsRequired 
public readonly principals: string[];
  • Type: string[]

A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.

specificValuesOptional 
public readonly specificValues: string[];
  • Type: string[]

OPTIONAL - A list of specific values of the tag that can be shared.

All possible values if omitted.

BastionHost

Initializer 

import { BastionHost } from 'aws-data-landing-zone'


const bastionHost: BastionHost = { ... }

Properties

NameTypeDescription
instanceTypeaws-cdk-lib.aws_ec2.InstanceTypeThe bastion instance EC2 type.
locationNetworkAddressThe location where the Bastion will exist.
namestringThe name of the Bastion, defaults to ‘default’, specify the name if there are more than one per account.
instanceTypeRequired 
public readonly instanceType: InstanceType;
  • Type: aws-cdk-lib.aws_ec2.InstanceType

The bastion instance EC2 type.

locationRequired 
public readonly location: NetworkAddress;

The location where the Bastion will exist.

The network address must target a specific subnet

nameOptional 
public readonly name: string;
  • Type: string

The name of the Bastion, defaults to ‘default’, specify the name if there are more than one per account.

BudgetSubscribers

Initializer 

import { BudgetSubscribers } from 'aws-data-landing-zone'


const budgetSubscribers: BudgetSubscribers = { ... }

Properties

NameTypeDescription
emailsstring[]No description.
slacksSlackChannel[]No description.
snsTopicNamestringOptional, specify to reuse the same SNS topic for multiple budgets.
emailsOptional 
public readonly emails: string[];
  • Type: string[]
slacksOptional 
public readonly slacks: SlackChannel[];
snsTopicNameOptional 
public readonly snsTopicName: string;
  • Type: string

Optional, specify to reuse the same SNS topic for multiple budgets.

DataLandingZoneClientBastionProps

Initializer 

import { DataLandingZoneClientBastionProps } from 'aws-data-landing-zone'


const dataLandingZoneClientBastionProps: DataLandingZoneClientBastionProps = { ... }

Properties

NameTypeDescription
accountNamestringNo description.
regionstringNo description.
bastionNamestringNo description.
accountNameRequired 
public readonly accountName: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string
bastionNameOptional 
public readonly bastionName: string;
  • Type: string

DataLandingZoneClientProps

Initializer 

import { DataLandingZoneClientProps } from 'aws-data-landing-zone'


const dataLandingZoneClientProps: DataLandingZoneClientProps = { ... }

Properties

NameTypeDescription
accountNamestringNo description.
regionstringNo description.
accountNameRequired 
public readonly accountName: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string

DataLandingZoneClientRouteTableIdProps

Initializer 

import { DataLandingZoneClientRouteTableIdProps } from 'aws-data-landing-zone'


const dataLandingZoneClientRouteTableIdProps: DataLandingZoneClientRouteTableIdProps = { ... }

Properties

NameTypeDescription
accountNamestringNo description.
regionstringNo description.
routeTablestringNo description.
vpcNamestringNo description.
accountNameRequired 
public readonly accountName: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string
routeTableRequired 
public readonly routeTable: string;
  • Type: string
vpcNameRequired 
public readonly vpcName: string;
  • Type: string

DataLandingZoneClientSubnetIdProps

Initializer 

import { DataLandingZoneClientSubnetIdProps } from 'aws-data-landing-zone'


const dataLandingZoneClientSubnetIdProps: DataLandingZoneClientSubnetIdProps = { ... }

Properties

NameTypeDescription
accountNamestringNo description.
regionstringNo description.
routeTablestringNo description.
subnetNamestringNo description.
vpcNamestringNo description.
accountNameRequired 
public readonly accountName: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string
routeTableRequired 
public readonly routeTable: string;
  • Type: string
subnetNameRequired 
public readonly subnetName: string;
  • Type: string
vpcNameRequired 
public readonly vpcName: string;
  • Type: string

DataLandingZoneClientVpcIdProps

Initializer 

import { DataLandingZoneClientVpcIdProps } from 'aws-data-landing-zone'


const dataLandingZoneClientVpcIdProps: DataLandingZoneClientVpcIdProps = { ... }

Properties

NameTypeDescription
accountNamestringNo description.
regionstringNo description.
vpcNamestringNo description.
accountNameRequired 
public readonly accountName: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string
vpcNameRequired 
public readonly vpcName: string;
  • Type: string

DataLandingZoneProps

Initializer 

import { DataLandingZoneProps } from 'aws-data-landing-zone'


const dataLandingZoneProps: DataLandingZoneProps = { ... }

Properties

NameTypeDescription
budgetsDlzBudgetProps[]No description.
localProfilestringThe the AWS CLI profile that will be used to run the Scripts.
mandatoryTagsMandatoryTagsThe values of the mandatory tags that all resources must have.
organizationDLzOrganizationNo description.
regionsDlzRegionsNo description.
securityHubNotificationsSecurityHubNotification[]No description.
additionalMandatoryTagsDlzTag[]List of additional mandatory tags that all resources must have. Not all resources support tags, this is a best-effort.
defaultNotificationNotificationDetailsPropsDefault notification settings for the organization.
denyServiceListstring[]List of services to deny in the organization SCP.
deploymentPlatformDeploymentPlatformNo description.
iamIdentityCenterIamIdentityCenterPropsIAM Identity Center configuration.
iamPolicyPermissionBoundaryIamPolicyPermissionsBoundaryPropsIAM Policy Permission Boundary.
networkNetworkNo description.
printDeploymentOrderbooleanPrint the deployment order to the console.
printReportbooleanPrint the report grouped by account, type and aggregated regions to the console.
saveReportbooleanSave the raw report items and the reports grouped by account to a ./.dlz-reports folder.
budgetsRequired 
public readonly budgets: DlzBudgetProps[];
localProfileRequired 
public readonly localProfile: string;
  • Type: string

The the AWS CLI profile that will be used to run the Scripts.

For the bootstrap script, this profile must be an Admin of the root management account and it must be able to assume the AWSControlTowerExecution role created by ControlTower. This is an extremely powerful set of credentials and should be treated with care. The permissions can be reduced for the everyday use of the diff and deploy scripts but the bootstrap script requires full admin access.

mandatoryTagsRequired 
public readonly mandatoryTags: MandatoryTags;

The values of the mandatory tags that all resources must have.

The following values are already specified and used by the DLZ constructs

  • Owner: [infra]
  • Project: [dlz]
  • Environment: [dlz]
organizationRequired 
public readonly organization: DLzOrganization;
regionsRequired 
public readonly regions: DlzRegions;
securityHubNotificationsRequired 
public readonly securityHubNotifications: SecurityHubNotification[];
additionalMandatoryTagsOptional 
public readonly additionalMandatoryTags: DlzTag[];
  • Type: DlzTag[]
  • Default: Defaults.mandatoryTags()

List of additional mandatory tags that all resources must have. Not all resources support tags, this is a best-effort.

Mandatory tags are defined in Defaults.mandatoryTags() which are:

  • Owner, the team responsible for the resource
  • Project, the project the resource is part of
  • Environment, the environment the resource is part of

It creates:

  1. A tag policy in the organization
  2. An SCP on the organization that all CFN stacks must have these tags when created
  3. An AWS Config rule that checks for these tags on all CFN stacks and resources

For all stacks created by DLZ the following tags are applied:

  • Owner: infra
  • Project: dlz
  • Environment: dlz
defaultNotificationOptional 
public readonly defaultNotification: NotificationDetailsProps;

Default notification settings for the organization.

Allows you to define the email notfication settings or slack channel settings. If the account level defaultNotification is defined those will be used for the account instead of this defaultNotification which acts as the fallback.

denyServiceListOptional 
public readonly denyServiceList: string[];
  • Type: string[]
  • Default: DataLandingZone.defaultDenyServiceList()

List of services to deny in the organization SCP.

If not specified, the default defined by

deploymentPlatformOptional 
public readonly deploymentPlatform: DeploymentPlatform;
iamIdentityCenterOptional 
public readonly iamIdentityCenter: IamIdentityCenterProps;

IAM Identity Center configuration.

iamPolicyPermissionBoundaryOptional 
public readonly iamPolicyPermissionBoundary: IamPolicyPermissionsBoundaryProps;

IAM Policy Permission Boundary.

networkOptional 
public readonly network: Network;
printDeploymentOrderOptional 
public readonly printDeploymentOrder: boolean;
  • Type: boolean
  • Default: true

Print the deployment order to the console.

printReportOptional 
public readonly printReport: boolean;
  • Type: boolean
  • Default: true

Print the report grouped by account, type and aggregated regions to the console.

saveReportOptional 
public readonly saveReport: boolean;
  • Type: boolean
  • Default: true

Save the raw report items and the reports grouped by account to a ./.dlz-reports folder.

DeploymentPlatform

Initializer 

import { DeploymentPlatform } from 'aws-data-landing-zone'


const deploymentPlatform: DeploymentPlatform = { ... }

Properties

NameTypeDescription
gitHubDeploymentPlatformGitHubNo description.
gitHubOptional 
public readonly gitHub: DeploymentPlatformGitHub;

DeploymentPlatformGitHub

Initializer 

import { DeploymentPlatformGitHub } from 'aws-data-landing-zone'


const deploymentPlatformGitHub: DeploymentPlatformGitHub = { ... }

Properties

NameTypeDescription
referencesGitHubReference[]No description.
referencesRequired 
public readonly references: GitHubReference[];

DLzAccount

Initializer 

import { DLzAccount } from 'aws-data-landing-zone'


const dLzAccount: DLzAccount = { ... }

Properties

NameTypeDescription
accountIdstringNo description.
namestringNo description.
typeDlzAccountTypeNo description.
defaultNotificationNotificationDetailsPropsDefault notifications settings for the account.
iamDLzIamPropsIAM configuration for the account.
lakeFormationDlzLakeFormationProps[]LakeFormation settings and tags.
vpcsDlzVpcProps[]No description.
accountIdRequired 
public readonly accountId: string;
  • Type: string
nameRequired 
public readonly name: string;
  • Type: string
typeRequired 
public readonly type: DlzAccountType;
defaultNotificationOptional 
public readonly defaultNotification: NotificationDetailsProps;

Default notifications settings for the account.

Defines settings for email notifications or the slack channel details. This will override the organization level defaultNotification.

iamOptional 
public readonly iam: DLzIamProps;

IAM configuration for the account.

lakeFormationOptional 
public readonly lakeFormation: DlzLakeFormationProps[];

LakeFormation settings and tags.

vpcsOptional 
public readonly vpcs: DlzVpcProps[];

DlzAccountNetwork

Initializer 

import { DlzAccountNetwork } from 'aws-data-landing-zone'


const dlzAccountNetwork: DlzAccountNetwork = { ... }

Properties

NameTypeDescription
dlzAccountDLzAccountNo description.
vpcsNetworkEntityVpc[]No description.
dlzAccountRequired 
public readonly dlzAccount: DLzAccount;
vpcsRequired 
public readonly vpcs: NetworkEntityVpc[];

DLzAccountSuspended

Initializer 

import { DLzAccountSuspended } from 'aws-data-landing-zone'


const dLzAccountSuspended: DLzAccountSuspended = { ... }

Properties

NameTypeDescription
accountIdstringNo description.
namestringNo description.
accountIdRequired 
public readonly accountId: string;
  • Type: string
nameRequired 
public readonly name: string;
  • Type: string

DlzBudgetProps

Initializer 

import { DlzBudgetProps } from 'aws-data-landing-zone'


const dlzBudgetProps: DlzBudgetProps = { ... }

Properties

NameTypeDescription
amountnumberNo description.
namestringNo description.
subscribersBudgetSubscribersNo description.
forTags{[ key: string ]: string}No description.
amountRequired 
public readonly amount: number;
  • Type: number
nameRequired 
public readonly name: string;
  • Type: string
subscribersRequired 
public readonly subscribers: BudgetSubscribers;
forTagsOptional 
public readonly forTags: {[ key: string ]: string};
  • Type: {[ key: string ]: string}

DlzControlTowerControlIdNameProps

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Do not export any of the controls in the folders, they do not conform to JSII, class names are snake case caps and the controlIdName properties are also snake case caps. This will cause the JSII build to fail. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Initializer 

import { DlzControlTowerControlIdNameProps } from 'aws-data-landing-zone'


const dlzControlTowerControlIdNameProps: DlzControlTowerControlIdNameProps = { ... }

Properties

NameTypeDescription
euWest1stringNo description.
usEast1stringNo description.
euWest1Required 
public readonly euWest1: string;
  • Type: string
usEast1Required 
public readonly usEast1: string;
  • Type: string

DlzControlTowerEnabledControlProps

Initializer 

import { DlzControlTowerEnabledControlProps } from 'aws-data-landing-zone'


const dlzControlTowerEnabledControlProps: DlzControlTowerEnabledControlProps = { ... }

Properties

NameTypeDescription
appliedOustringNo description.
controlIDlzControlTowerControlNo description.
controlTowerAccountIdstringNo description.
controlTowerRegionRegionNo description.
organizationIdstringNo description.
tagsaws-cdk-lib.CfnTag[]No description.
appliedOuRequired 
public readonly appliedOu: string;
  • Type: string
controlRequired 
public readonly control: IDlzControlTowerControl;
controlTowerAccountIdRequired 
public readonly controlTowerAccountId: string;
  • Type: string
controlTowerRegionRequired 
public readonly controlTowerRegion: Region;
organizationIdRequired 
public readonly organizationId: string;
  • Type: string
tagsOptional 
public readonly tags: CfnTag[];
  • Type: aws-cdk-lib.CfnTag[]

DlzIamPolicy

Initializer 

import { DlzIamPolicy } from 'aws-data-landing-zone'


const dlzIamPolicy: DlzIamPolicy = { ... }

Properties

NameTypeDescription
policyNamestringThe name of the policy.
documentaws-cdk-lib.aws_iam.PolicyDocumentInitial PolicyDocument to use for this Policy.
statementsaws-cdk-lib.aws_iam.PolicyStatement[]Initial set of permissions to add to this policy document.
policyNameRequired 
public readonly policyName: string;
  • Type: string

The name of the policy.

Differs from Policy, now required.

documentOptional 
public readonly document: PolicyDocument;
  • Type: aws-cdk-lib.aws_iam.PolicyDocument
  • Default: An empty policy.

Initial PolicyDocument to use for this Policy.

If omited, any PolicyStatement provided in the statements property will be applied against the empty default PolicyDocument.

statementsOptional 
public readonly statements: PolicyStatement[];
  • Type: aws-cdk-lib.aws_iam.PolicyStatement[]
  • Default: No statements.

Initial set of permissions to add to this policy document.

You can also use addStatements(...statement) to add permissions later.

DLzIamProps

Initializer 

import { DLzIamProps } from 'aws-data-landing-zone'


const dLzIamProps: DLzIamProps = { ... }

Properties

NameTypeDescription
accountAliasstringThe account alias to set for this account.
passwordPolicyIamPasswordPolicyPropsThe password policy for this account If not set the default AWS IAM policy is applied, use this to customize the password policy.
policiesDlzIamPolicy[]IAM policies to create in this account.
rolesDlzIamRole[]IAM roles to create in this account.
userGroupsDLzIamUserGroup[]IAM groups to create in this account with their associated users.
usersDlzIamUser[]IAM users to create in this account.
accountAliasOptional 
public readonly accountAlias: string;
  • Type: string

The account alias to set for this account.

passwordPolicyOptional 
public readonly passwordPolicy: IamPasswordPolicyProps;

The password policy for this account If not set the default AWS IAM policy is applied, use this to customize the password policy.

policiesOptional 
public readonly policies: DlzIamPolicy[];

IAM policies to create in this account.

rolesOptional 
public readonly roles: DlzIamRole[];

IAM roles to create in this account.

userGroupsOptional 
public readonly userGroups: DLzIamUserGroup[];

IAM groups to create in this account with their associated users.

usersOptional 
public readonly users: DlzIamUser[];

IAM users to create in this account.

DlzIamRole

Initializer 

import { DlzIamRole } from 'aws-data-landing-zone'


const dlzIamRole: DlzIamRole = { ... }

Properties

NameTypeDescription
assumedByaws-cdk-lib.aws_iam.IPrincipalThe IAM principal (i.e. new ServicePrincipal('sns.amazonaws.com')) which can assume this role.
roleNamestringA name for the IAM role.
descriptionstringA description of the role.
externalIdsstring[]List of IDs that the role assumer needs to provide one of when assuming this role.
inlinePolicies{[ key: string ]: aws-cdk-lib.aws_iam.PolicyDocument}A list of named policies to inline into this role.
managedPolicyNamesstring[]A list of managed policies associated with this role.
maxSessionDurationaws-cdk-lib.DurationThe maximum session duration that you want to set for the specified role.
permissionsBoundaryaws-cdk-lib.aws_iam.IManagedPolicyAWS supports permissions boundaries for IAM entities (users or roles).
assumedByRequired 
public readonly assumedBy: IPrincipal;
  • Type: aws-cdk-lib.aws_iam.IPrincipal

The IAM principal (i.e. new ServicePrincipal('sns.amazonaws.com')) which can assume this role.

You can later modify the assume role policy document by accessing it via the assumeRolePolicy property.

roleNameRequired 
public readonly roleName: string;
  • Type: string

A name for the IAM role.

For valid values, see the RoleName parameter for the CreateRole action in the IAM API Reference.

Differs from Role, now required.

descriptionOptional 
public readonly description: string;
  • Type: string

A description of the role.

It can be up to 1000 characters long.

externalIdsOptional 
public readonly externalIds: string[];
  • Type: string[]

List of IDs that the role assumer needs to provide one of when assuming this role.

If the configured and provided external IDs do not match, the AssumeRole operation will fail.

inlinePoliciesOptional 
public readonly inlinePolicies: {[ key: string ]: PolicyDocument};
  • Type: {[ key: string ]: aws-cdk-lib.aws_iam.PolicyDocument}

A list of named policies to inline into this role.

These policies will be created with the role, whereas those added by addToPolicy are added using a separate CloudFormation resource (allowing a way around circular dependencies that could otherwise be introduced)..

managedPolicyNamesOptional 
public readonly managedPolicyNames: string[];
  • Type: string[]

A list of managed policies associated with this role.

Differs from Role that accepts IManagedPolicy[]. This is to not expose the scope of the stack and make it difficult to pass new iam.ManagedPolicy.fromAwsManagedPolicyName... that gets defined as a construct

maxSessionDurationOptional 
public readonly maxSessionDuration: Duration;
  • Type: aws-cdk-lib.Duration
  • Default: Duration.hours(1)

The maximum session duration that you want to set for the specified role.

This setting can have a value from 1 hour (3600sec) to 12 (43200sec) hours.

Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds API parameter or the duration-seconds CLI parameter to request a longer session. The MaxSessionDuration setting determines the maximum duration that can be requested using the DurationSeconds parameter.

If users don’t specify a value for the DurationSeconds parameter, their security credentials are valid for one hour by default. This applies when you use the AssumeRole* API operations or the assume-role* CLI operations but does not apply when you use those operations to create a console URL.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html

permissionsBoundaryOptional 
public readonly permissionsBoundary: IManagedPolicy;
  • Type: aws-cdk-lib.aws_iam.IManagedPolicy
  • Default: No permissions boundary.

AWS supports permissions boundaries for IAM entities (users or roles).

A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity. An entity’s permissions boundary allows it to perform only the actions that are allowed by both its identity-based policies and its permissions boundaries.

https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

DlzIamUser

Initializer 

import { DlzIamUser } from 'aws-data-landing-zone'


const dlzIamUser: DlzIamUser = { ... }

Properties

NameTypeDescription
userNamestringA name for the IAM user.
managedPolicyNamesstring[]A list of managed policies associated with this role.
passwordaws-cdk-lib.SecretValueThe password for the user. This is required so the user can access the AWS Management Console.
passwordResetRequiredbooleanSpecifies whether the user is required to set a new password the next time the user logs in to the AWS Management Console.
permissionsBoundaryaws-cdk-lib.aws_iam.IManagedPolicyAWS supports permissions boundaries for IAM entities (users or roles).
userNameRequired 
public readonly userName: string;
  • Type: string

A name for the IAM user.

Differs from User, now required.

managedPolicyNamesOptional 
public readonly managedPolicyNames: string[];
  • Type: string[]

A list of managed policies associated with this role.

Differs from User that accepts IManagedPolicy[]. This is to not expose the scope of the stack and make it difficult to pass new iam.ManagedPolicy.fromAwsManagedPolicyName... that gets defined as a construct

passwordOptional 
public readonly password: SecretValue;
  • Type: aws-cdk-lib.SecretValue
  • Default: User won’t be able to access the management console without a password.

The password for the user. This is required so the user can access the AWS Management Console.

You can use SecretValue.unsafePlainText to specify a password in plain text or use secretsmanager.Secret.fromSecretAttributes to reference a secret in Secrets Manager.

passwordResetRequiredOptional 
public readonly passwordResetRequired: boolean;
  • Type: boolean
  • Default: false

Specifies whether the user is required to set a new password the next time the user logs in to the AWS Management Console.

If this is set to ‘true’, you must also specify “initialPassword”.

permissionsBoundaryOptional 
public readonly permissionsBoundary: IManagedPolicy;
  • Type: aws-cdk-lib.aws_iam.IManagedPolicy

AWS supports permissions boundaries for IAM entities (users or roles).

A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity. An entity’s permissions boundary allows it to perform only the actions that are allowed by both its identity-based policies and its permissions boundaries.

https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

DLzIamUserGroup

Initializer 

import { DLzIamUserGroup } from 'aws-data-landing-zone'


const dLzIamUserGroup: DLzIamUserGroup = { ... }

Properties

NameTypeDescription
groupNamestringA name for the IAM group.
usersstring[]List of usernames that should be added to this group.
managedPolicyNamesstring[]A list of managed policies associated with this role.
groupNameRequired 
public readonly groupName: string;
  • Type: string

A name for the IAM group.

Differs from Group, now required.

usersRequired 
public readonly users: string[];
  • Type: string[]

List of usernames that should be added to this group.

Differs from Group, does not exist

managedPolicyNamesOptional 
public readonly managedPolicyNames: string[];
  • Type: string[]

A list of managed policies associated with this role.

Differs from Group that accepts IManagedPolicy[]. This is to not expose the scope of the stack and make it difficult to pass new iam.ManagedPolicy.fromAwsManagedPolicyName... that gets defined as a construct

DlzLakeFormationProps

Initializer 

import { DlzLakeFormationProps } from 'aws-data-landing-zone'


const dlzLakeFormationProps: DlzLakeFormationProps = { ... }

Properties

NameTypeDescription
adminsstring[]A list of strings representing the IAM role ARNs.
permissionsLakePermission[]A list of permission settings, specifying which Lake Formation permissions apply to which principals.
regionRegionThe region where LakeFormation will be created in.
tagsLFTagSharable[]A list of Lake Formation tags that can be shared across accounts and principals.
crossAccountVersionnumberOPTIONAL - Version for cross-account data sharing.
hybridModebooleanOPTIONAL - Select true to use both IAM and Lake Formation for data access, or false to use Lake Formation only.
adminsRequired 
public readonly admins: string[];
  • Type: string[]

A list of strings representing the IAM role ARNs.

permissionsRequired 
public readonly permissions: LakePermission[];

A list of permission settings, specifying which Lake Formation permissions apply to which principals.

regionRequired 
public readonly region: Region;

The region where LakeFormation will be created in.

tagsRequired 
public readonly tags: LFTagSharable[];

A list of Lake Formation tags that can be shared across accounts and principals.

crossAccountVersionOptional 
public readonly crossAccountVersion: number;
  • Type: number

OPTIONAL - Version for cross-account data sharing.

Defaults to 4. Read more {@link https://docs.aws.amazon.com/lake-formation/latest/dg/cross-account.html here}.

hybridModeOptional 
public readonly hybridMode: boolean;
  • Type: boolean

OPTIONAL - Select true to use both IAM and Lake Formation for data access, or false to use Lake Formation only.

Defaults to false.

DLzManagementAccount

Initializer 

import { DLzManagementAccount } from 'aws-data-landing-zone'


const dLzManagementAccount: DLzManagementAccount = { ... }

Properties

NameTypeDescription
accountIdstringNo description.
accountIdRequired 
public readonly accountId: string;
  • Type: string

DLzOrganization

Initializer 

import { DLzOrganization } from 'aws-data-landing-zone'


const dLzOrganization: DLzOrganization = { ... }

Properties

NameTypeDescription
organizationIdstringNo description.
ousOrgOusNo description.
rootRootOptionsNo description.
organizationIdRequired 
public readonly organizationId: string;
  • Type: string
ousRequired 
public readonly ous: OrgOus;
rootRequired 
public readonly root: RootOptions;

DlzRegions

Initializer 

import { DlzRegions } from 'aws-data-landing-zone'


const dlzRegions: DlzRegions = { ... }

Properties

NameTypeDescription
globalRegionAlso known as the Home region for Control Tower.
regionalRegion[]The other regions to support (do not specify the global region again).
globalRequired 
public readonly global: Region;

Also known as the Home region for Control Tower.

regionalRequired 
public readonly regional: Region[];

The other regions to support (do not specify the global region again).

DlzRouteTableProps

Initializer 

import { DlzRouteTableProps } from 'aws-data-landing-zone'


const dlzRouteTableProps: DlzRouteTableProps = { ... }

Properties

NameTypeDescription
namestringNo description.
subnetsDlzSubnetProps[]No description.
nameRequired 
public readonly name: string;
  • Type: string
subnetsRequired 
public readonly subnets: DlzSubnetProps[];

DlzServiceControlPolicyProps

Initializer 

import { DlzServiceControlPolicyProps } from 'aws-data-landing-zone'


const dlzServiceControlPolicyProps: DlzServiceControlPolicyProps = { ... }

Properties

NameTypeDescription
namestringNo description.
statementsaws-cdk-lib.aws_iam.PolicyStatement[]No description.
descriptionstringNo description.
tagsaws-cdk-lib.CfnTag[]No description.
targetIdsstring[]No description.
nameRequired 
public readonly name: string;
  • Type: string
statementsRequired 
public readonly statements: PolicyStatement[];
  • Type: aws-cdk-lib.aws_iam.PolicyStatement[]
descriptionOptional 
public readonly description: string;
  • Type: string
tagsOptional 
public readonly tags: CfnTag[];
  • Type: aws-cdk-lib.CfnTag[]
targetIdsOptional 
public readonly targetIds: string[];
  • Type: string[]

DlzStackNameProps

Initializer 

import { DlzStackNameProps } from 'aws-data-landing-zone'


const dlzStackNameProps: DlzStackNameProps = { ... }

Properties

NameTypeDescription
regionstringNo description.
stackstringNo description.
accountstringNo description.
oustringNo description.
regionRequired 
public readonly region: string;
  • Type: string
stackRequired 
public readonly stack: string;
  • Type: string
accountOptional 
public readonly account: string;
  • Type: string
ouOptional 
public readonly ou: string;
  • Type: string

DlzStackProps

Initializer 

import { DlzStackProps } from 'aws-data-landing-zone'


const dlzStackProps: DlzStackProps = { ... }

Properties

NameTypeDescription
envaws-cdk-lib.EnvironmentNo description.
nameDlzStackNamePropsNo description.
stagecdk-express-pipeline.ExpressStageNo description.
envRequired 
public readonly env: Environment;
  • Type: aws-cdk-lib.Environment
nameRequired 
public readonly name: DlzStackNameProps;
stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage

DlzSubnetProps

Initializer 

import { DlzSubnetProps } from 'aws-data-landing-zone'


const dlzSubnetProps: DlzSubnetProps = { ... }

Properties

NameTypeDescription
cidrstringThe CIDR block of the subnet.
namestringThe name of the subnet, must be unique within the routeTable.
azstringOptional.
cidrRequired 
public readonly cidr: string;
  • Type: string

The CIDR block of the subnet.

nameRequired 
public readonly name: string;
  • Type: string

The name of the subnet, must be unique within the routeTable.

azOptional 
public readonly az: string;
  • Type: string

Optional.

The Availability Zone of the subnet, if not specified a random AZ will be selected

DlzTag

Initializer 

import { DlzTag } from 'aws-data-landing-zone'


const dlzTag: DlzTag = { ... }

Properties

NameTypeDescription
namestringNo description.
valuesstring[]Specifying an empty array or undefined still enforces the tag presence but does not enforce the value.
nameRequired 
public readonly name: string;
  • Type: string
valuesOptional 
public readonly values: string[];
  • Type: string[]

Specifying an empty array or undefined still enforces the tag presence but does not enforce the value.

DlzTagPolicyProps

Initializer 

import { DlzTagPolicyProps } from 'aws-data-landing-zone'


const dlzTagPolicyProps: DlzTagPolicyProps = { ... }

Properties

NameTypeDescription
namestringNo description.
policyTagsDlzTag[]No description.
descriptionstringNo description.
tagsaws-cdk-lib.CfnTag[]No description.
targetIdsstring[]No description.
nameRequired 
public readonly name: string;
  • Type: string
policyTagsRequired 
public readonly policyTags: DlzTag[];
descriptionOptional 
public readonly description: string;
  • Type: string
tagsOptional 
public readonly tags: CfnTag[];
  • Type: aws-cdk-lib.CfnTag[]
targetIdsOptional 
public readonly targetIds: string[];
  • Type: string[]

DlzVpcProps

Initializer 

import { DlzVpcProps } from 'aws-data-landing-zone'


const dlzVpcProps: DlzVpcProps = { ... }

Properties

NameTypeDescription
cidrstringThe CIDR block of the VPC.
namestringThe name of the VPC, must be unique within the region.
regionRegionThe region where the VPC will be created.
routeTablesDlzRouteTableProps[]The route tables to be created in the VPC.
cidrRequired 
public readonly cidr: string;
  • Type: string

The CIDR block of the VPC.

nameRequired 
public readonly name: string;
  • Type: string

The name of the VPC, must be unique within the region.

regionRequired 
public readonly region: Region;

The region where the VPC will be created.

routeTablesRequired 
public readonly routeTables: DlzRouteTableProps[];

The route tables to be created in the VPC.

ForceNoPythonArgumentLifting

This is a type that is used to force JSII to not “argument lift” the arguments.

Use it as the last argument of user facing function that you want to prevent argument lifting on. Example:

public async diffAll(props: DataLandingZoneProps, _: ForceNoPythonArgumentLifting = {})


export class DataLandingZone {
  constructor(app: App, props: DataLandingZoneProps, _: ForceNoPythonArgumentLifting = {}) {

Then just call the function/constructor and “forget about the last parameter”. It’s an ugly hack but acceptable for the time being. Tracking issue: https://github.com/aws/jsii/issues/4721

Initializer 

import { ForceNoPythonArgumentLifting } from 'aws-data-landing-zone'


const forceNoPythonArgumentLifting: ForceNoPythonArgumentLifting = { ... }

GitHubReference

Initializer 

import { GitHubReference } from 'aws-data-landing-zone'


const gitHubReference: GitHubReference = { ... }

Properties

NameTypeDescription
ownerstringThe owner of the GitHub repository.
repostringThe repository name.
filterstringFor a complete list of filters see https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token.
ownerRequired 
public readonly owner: string;
  • Type: string

The owner of the GitHub repository.

repoRequired 
public readonly repo: string;
  • Type: string

The repository name.

filterOptional 
public readonly filter: string;
  • Type: string

For a complete list of filters see https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token.

Some common Examples:

  • specific environment environment:ENVIRONMENT-NAME
  • specific branch ref:refs/heads/BRANCH-NAME
  • specific tag ref:refs/tags/TAG-NAME
  • only PRs pull_request

A * can be used for most parts like ENVIRONMENT-NAME, BRANCH-NAME, TAG-NAME

GlobalVariables

Initializer 

import { GlobalVariables } from 'aws-data-landing-zone'


const globalVariables: GlobalVariables = { ... }

Properties

NameTypeDescription
budgetSnsCache{[ key: string ]: GlobalVariablesBudgetSnsCacheRecord}No description.
dlzAccountNetworksDlzAccountNetworksNo description.
ncp1GlobalVariablesNcp1No description.
ncp2GlobalVariablesNcp2No description.
ncp3GlobalVariablesNcp3No description.
budgetSnsCacheRequired 
public readonly budgetSnsCache: {[ key: string ]: GlobalVariablesBudgetSnsCacheRecord};
dlzAccountNetworksRequired 
public readonly dlzAccountNetworks: DlzAccountNetworks;
ncp1Required 
public readonly ncp1: GlobalVariablesNcp1;
ncp2Required 
public readonly ncp2: GlobalVariablesNcp2;
ncp3Required 
public readonly ncp3: GlobalVariablesNcp3;

GlobalVariablesBudgetSnsCacheRecord

Initializer 

import { GlobalVariablesBudgetSnsCacheRecord } from 'aws-data-landing-zone'


const globalVariablesBudgetSnsCacheRecord: GlobalVariablesBudgetSnsCacheRecord = { ... }

Properties

NameTypeDescription
subscribersBudgetSubscribersNo description.
topicaws-cdk-lib.aws_sns.TopicNo description.
subscribersRequired 
public readonly subscribers: BudgetSubscribers;
topicRequired 
public readonly topic: Topic;
  • Type: aws-cdk-lib.aws_sns.Topic

GlobalVariablesNcp1

Initializer 

import { GlobalVariablesNcp1 } from 'aws-data-landing-zone'


const globalVariablesNcp1: GlobalVariablesNcp1 = { ... }

Properties

NameTypeDescription
vpcPeeringRoleKeysstring[]No description.
vpcPeeringRoleKeysRequired 
public readonly vpcPeeringRoleKeys: string[];
  • Type: string[]

GlobalVariablesNcp2

Initializer 

import { GlobalVariablesNcp2 } from 'aws-data-landing-zone'


const globalVariablesNcp2: GlobalVariablesNcp2 = { ... }

Properties

NameTypeDescription
ownerVpcIdsDlzSsmReaderStackCacheNo description.
peeringConnections{[ key: string ]: aws-cdk-lib.aws_ec2.CfnVPCPeeringConnection}No description.
peeringRoleArnsDlzSsmReaderStackCacheNo description.
ownerVpcIdsRequired 
public readonly ownerVpcIds: DlzSsmReaderStackCache;
peeringConnectionsRequired 
public readonly peeringConnections: {[ key: string ]: CfnVPCPeeringConnection};
  • Type: {[ key: string ]: aws-cdk-lib.aws_ec2.CfnVPCPeeringConnection}
peeringRoleArnsRequired 
public readonly peeringRoleArns: DlzSsmReaderStackCache;

GlobalVariablesNcp3

Initializer 

import { GlobalVariablesNcp3 } from 'aws-data-landing-zone'


const globalVariablesNcp3: GlobalVariablesNcp3 = { ... }

Properties

NameTypeDescription
routeTablesSsmCacheDlzSsmReaderStackCacheNo description.
vpcPeeringConnectionIdsDlzSsmReaderStackCacheNo description.
routeTablesSsmCacheRequired 
public readonly routeTablesSsmCache: DlzSsmReaderStackCache;
vpcPeeringConnectionIdsRequired 
public readonly vpcPeeringConnectionIds: DlzSsmReaderStackCache;

IamAccountAliasProps

Initializer 

import { IamAccountAliasProps } from 'aws-data-landing-zone'


const iamAccountAliasProps: IamAccountAliasProps = { ... }

Properties

NameTypeDescription
accountAliasstringMust be not more than 63 characters.
accountAliasRequired 
public readonly accountAlias: string;
  • Type: string

Must be not more than 63 characters.

Valid characters are a-z, 0-9, and - (hyphen).

IamIdentityCenterAccessGroupProps

An access group in the IAM Identity Center.

Initializer 

import { IamIdentityCenterAccessGroupProps } from 'aws-data-landing-zone'


const iamIdentityCenterAccessGroupProps: IamIdentityCenterAccessGroupProps = { ... }

Properties

NameTypeDescription
accountNamesstring[]No description.
namestringNo description.
permissionSetNamestringNo description.
descriptionstringNo description.
userNamesstring[]No description.
accountNamesRequired 
public readonly accountNames: string[];
  • Type: string[]
nameRequired 
public readonly name: string;
  • Type: string
permissionSetNameRequired 
public readonly permissionSetName: string;
  • Type: string
descriptionOptional 
public readonly description: string;
  • Type: string
userNamesOptional 
public readonly userNames: string[];
  • Type: string[]

IamIdentityCenterGroupProps

A group of users in the IAM Identity Center.

Initializer 

import { IamIdentityCenterGroupProps } from 'aws-data-landing-zone'


const iamIdentityCenterGroupProps: IamIdentityCenterGroupProps = { ... }

Properties

NameTypeDescription
accountsstring[]No description.
identityStoreIdstringNo description.
namestringNo description.
permissionSetaws-cdk-lib.aws_sso.CfnPermissionSetNo description.
ssoArnstringNo description.
usersIamIdentityCenterGroupUser[]No description.
descriptionstringNo description.
accountsRequired 
public readonly accounts: string[];
  • Type: string[]
identityStoreIdRequired 
public readonly identityStoreId: string;
  • Type: string
nameRequired 
public readonly name: string;
  • Type: string
permissionSetRequired 
public readonly permissionSet: CfnPermissionSet;
  • Type: aws-cdk-lib.aws_sso.CfnPermissionSet
ssoArnRequired 
public readonly ssoArn: string;
  • Type: string
usersRequired 
public readonly users: IamIdentityCenterGroupUser[];
descriptionOptional 
public readonly description: string;
  • Type: string

IamIdentityCenterGroupUser

A user in the IAM Identity Center.

Initializer 

import { IamIdentityCenterGroupUser } from 'aws-data-landing-zone'


const iamIdentityCenterGroupUser: IamIdentityCenterGroupUser = { ... }

Properties

NameTypeDescription
userIdstringNo description.
userNamestringNo description.
userIdRequired 
public readonly userId: string;
  • Type: string
userNameRequired 
public readonly userName: string;
  • Type: string

IamIdentityCenterPermissionSetProps

A permission set in the IAM Identity Center.

Initializer 

import { IamIdentityCenterPermissionSetProps } from 'aws-data-landing-zone'


const iamIdentityCenterPermissionSetProps: IamIdentityCenterPermissionSetProps = { ... }

Properties

NameTypeDescription
namestringNo description.
descriptionstringNo description.
inlinePolicyDocumentaws-cdk-lib.aws_iam.PolicyDocumentNo description.
managedPolicyArnsstring[]No description.
permissionsBoundaryaws-cdk-lib.IResolvable | aws-cdk-lib.aws_sso.CfnPermissionSet.PermissionsBoundaryPropertyNo description.
sessionDurationaws-cdk-lib.DurationNo description.
nameRequired 
public readonly name: string;
  • Type: string
descriptionOptional 
public readonly description: string;
  • Type: string
inlinePolicyDocumentOptional 
public readonly inlinePolicyDocument: PolicyDocument;
  • Type: aws-cdk-lib.aws_iam.PolicyDocument
managedPolicyArnsOptional 
public readonly managedPolicyArns: string[];
  • Type: string[]
permissionsBoundaryOptional 
public readonly permissionsBoundary: IResolvable | PermissionsBoundaryProperty;
  • Type: aws-cdk-lib.IResolvable | aws-cdk-lib.aws_sso.CfnPermissionSet.PermissionsBoundaryProperty
sessionDurationOptional 
public readonly sessionDuration: Duration;
  • Type: aws-cdk-lib.Duration

IamIdentityCenterProps

Initializer 

import { IamIdentityCenterProps } from 'aws-data-landing-zone'


const iamIdentityCenterProps: IamIdentityCenterProps = { ... }

Properties

NameTypeDescription
arnstringNo description.
idstringNo description.
storeIdstringNo description.
accessGroupsIamIdentityCenterAccessGroupProps[]No description.
permissionSetsIamIdentityCenterPermissionSetProps[]No description.
usersIdentityStoreUserProps[]No description.
arnRequired 
public readonly arn: string;
  • Type: string
idRequired 
public readonly id: string;
  • Type: string
storeIdRequired 
public readonly storeId: string;
  • Type: string
accessGroupsOptional 
public readonly accessGroups: IamIdentityCenterAccessGroupProps[];
permissionSetsOptional 
public readonly permissionSets: IamIdentityCenterPermissionSetProps[];
usersOptional 
public readonly users: IdentityStoreUserProps[];

IamPasswordPolicyProps

Initializer 

import { IamPasswordPolicyProps } from 'aws-data-landing-zone'


const iamPasswordPolicyProps: IamPasswordPolicyProps = { ... }

Properties

NameTypeDescription
allowUsersToChangePasswordbooleanNo description.
hardExpirybooleanPrevents IAM users who are accessing the account via the AWS Management Console from setting a new console password after their password has expired.
maxPasswordAgenumberThe number of days that an IAM user password is valid.
minimumPasswordLengthnumberNo description.
passwordReusePreventionnumberSpecifies the number of previous passwords that IAM users are prevented from reusing.
requireLowercaseCharactersbooleanNo description.
requireNumbersbooleanNo description.
requireSymbolsbooleanSpecifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters: !
requireUppercaseCharactersbooleanNo description.
allowUsersToChangePasswordOptional 
public readonly allowUsersToChangePassword: boolean;
  • Type: boolean
hardExpiryOptional 
public readonly hardExpiry: boolean;
  • Type: boolean

Prevents IAM users who are accessing the account via the AWS Management Console from setting a new console password after their password has expired.

The IAM user cannot access the console until an administrator resets the password.

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that IAM users can change their passwords after they expire and continue to sign in as the user.

maxPasswordAgeOptional 
public readonly maxPasswordAge: number;
  • Type: number

The number of days that an IAM user password is valid.

If you do not specify a value for this parameter, then the operation uses the default value of 0. The result is that IAM user passwords never expire.

Valid Range: Minimum value of 1. Maximum value of 1095.

minimumPasswordLengthOptional 
public readonly minimumPasswordLength: number;
  • Type: number
passwordReusePreventionOptional 
public readonly passwordReusePrevention: number;
  • Type: number

Specifies the number of previous passwords that IAM users are prevented from reusing.

If you do not specify a value for this parameter, then the operation uses the default value of 0. The result is that IAM users are not prevented from reusing previous passwords.

Valid Range: Minimum value of 1. Maximum value of 24.

requireLowercaseCharactersOptional 
public readonly requireLowercaseCharacters: boolean;
  • Type: boolean
requireNumbersOptional 
public readonly requireNumbers: boolean;
  • Type: boolean
requireSymbolsOptional 
public readonly requireSymbols: boolean;
  • Type: boolean

Specifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters: !

@ # $ % ^ & * ( ) _ + - = [ ] { } | ‘

requireUppercaseCharactersOptional 
public readonly requireUppercaseCharacters: boolean;
  • Type: boolean

IamPolicyPermissionsBoundaryProps

Initializer 

import { IamPolicyPermissionsBoundaryProps } from 'aws-data-landing-zone'


const iamPolicyPermissionsBoundaryProps: IamPolicyPermissionsBoundaryProps = { ... }

Properties

NameTypeDescription
policyStatementaws-cdk-lib.aws_iam.PolicyStatementPropsNo description.
policyStatementRequired 
public readonly policyStatement: PolicyStatementProps;
  • Type: aws-cdk-lib.aws_iam.PolicyStatementProps

IdentityStoreUserEmailsProps

The email of a user in the IAM Identity Center.

Initializer 

import { IdentityStoreUserEmailsProps } from 'aws-data-landing-zone'


const identityStoreUserEmailsProps: IdentityStoreUserEmailsProps = { ... }

Properties

NameTypeDescription
typestringNo description.
valuestringNo description.
primarybooleanNo description.
typeRequired 
public readonly type: string;
  • Type: string
valueRequired 
public readonly value: string;
  • Type: string
primaryOptional 
public readonly primary: boolean;
  • Type: boolean

IdentityStoreUserNameProps

The name of a user in the IAM Identity Center.

Initializer 

import { IdentityStoreUserNameProps } from 'aws-data-landing-zone'


const identityStoreUserNameProps: IdentityStoreUserNameProps = { ... }

Properties

NameTypeDescription
familyNamestringNo description.
formattedstringNo description.
givenNamestringNo description.
honorificPrefixstringNo description.
honorificSuffixstringNo description.
middleNamestringNo description.
familyNameRequired 
public readonly familyName: string;
  • Type: string
formattedRequired 
public readonly formatted: string;
  • Type: string
givenNameRequired 
public readonly givenName: string;
  • Type: string
honorificPrefixOptional 
public readonly honorificPrefix: string;
  • Type: string
honorificSuffixOptional 
public readonly honorificSuffix: string;
  • Type: string
middleNameOptional 
public readonly middleName: string;
  • Type: string

IdentityStoreUserProps

A user in the IAM Identity Center.

Initializer 

import { IdentityStoreUserProps } from 'aws-data-landing-zone'


const identityStoreUserProps: IdentityStoreUserProps = { ... }

Properties

NameTypeDescription
namestringNo description.
surnamestringNo description.
userNamestringNo description.
nameRequired 
public readonly name: string;
  • Type: string
surnameRequired 
public readonly surname: string;
  • Type: string
userNameRequired 
public readonly userName: string;
  • Type: string

IdentityStoreUserPropsExt

A user in the IAM Identity Center.

Initializer 

import { IdentityStoreUserPropsExt } from 'aws-data-landing-zone'


const identityStoreUserPropsExt: IdentityStoreUserPropsExt = { ... }

Properties

NameTypeDescription
displayNamestringNo description.
emailIdentityStoreUserEmailsPropsNo description.
identityStoreIdstringNo description.
nameIdentityStoreUserNamePropsNo description.
userNamestringNo description.
displayNameRequired 
public readonly displayName: string;
  • Type: string
emailRequired 
public readonly email: IdentityStoreUserEmailsProps;
identityStoreIdRequired 
public readonly identityStoreId: string;
  • Type: string
nameRequired 
public readonly name: IdentityStoreUserNameProps;
userNameRequired 
public readonly userName: string;
  • Type: string

LakePermission

Initializer 

import { LakePermission } from 'aws-data-landing-zone'


const lakePermission: LakePermission = { ... }

Properties

NameTypeDescription
databaseActionsDatabaseAction[]Actions that can be performed on databases, using Lake Formation Tag Based Access Control.
principalsstring[]A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.
tagsLFTag[]LF tags associated with the permissions, used to specify fine-grained access controls.
databaseActionsWithGrantDatabaseAction[]OPTIONAL - Actions on databases with grant option, allowing grantees to further grant these permissions.
tableActionsTableAction[]OPTIONAL - Actions that can be performed on tables, using Lake Formation Lake Formation Tag Based Access Control.
tableActionsWithGrantTableAction[]OPTIONAL - Actions on tables with grant option, allowing grantees to further grant these permissions.
databaseActionsRequired 
public readonly databaseActions: DatabaseAction[];

Actions that can be performed on databases, using Lake Formation Tag Based Access Control.

principalsRequired 
public readonly principals: string[];
  • Type: string[]

A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.

tagsRequired 
public readonly tags: LFTag[];

LF tags associated with the permissions, used to specify fine-grained access controls.

databaseActionsWithGrantOptional 
public readonly databaseActionsWithGrant: DatabaseAction[];

OPTIONAL - Actions on databases with grant option, allowing grantees to further grant these permissions.

tableActionsOptional 
public readonly tableActions: TableAction[];

OPTIONAL - Actions that can be performed on tables, using Lake Formation Lake Formation Tag Based Access Control.

tableActionsWithGrantOptional 
public readonly tableActionsWithGrant: TableAction[];

OPTIONAL - Actions on tables with grant option, allowing grantees to further grant these permissions.

LFTag

Initializer 

import { LFTag } from 'aws-data-landing-zone'


const lFTag: LFTag = { ... }

Properties

NameTypeDescription
tagKeystringNo description.
tagValuesstring[]No description.
tagKeyRequired 
public readonly tagKey: string;
  • Type: string
tagValuesRequired 
public readonly tagValues: string[];
  • Type: string[]

LFTagSharable

Initializer 

import { LFTagSharable } from 'aws-data-landing-zone'


const lFTagSharable: LFTagSharable = { ... }

Properties

NameTypeDescription
tagKeystringNo description.
tagValuesstring[]No description.
shareSharePropsOPTIONAL - Configuration detailing how the tag can be shared with specified principals.
tagKeyRequired 
public readonly tagKey: string;
  • Type: string
tagValuesRequired 
public readonly tagValues: string[];
  • Type: string[]
shareOptional 
public readonly share: ShareProps;

OPTIONAL - Configuration detailing how the tag can be shared with specified principals.

LogStacks

Initializer 

import { LogStacks } from 'aws-data-landing-zone'


const logStacks: LogStacks = { ... }

ManagementGlobalStackProps

Initializer 

import { ManagementGlobalStackProps } from 'aws-data-landing-zone'


const managementGlobalStackProps: ManagementGlobalStackProps = { ... }

Properties

NameTypeDescription
envaws-cdk-lib.EnvironmentNo description.
nameDlzStackNamePropsNo description.
stagecdk-express-pipeline.ExpressStageNo description.
globalVariablesGlobalVariablesNo description.
envRequired 
public readonly env: Environment;
  • Type: aws-cdk-lib.Environment
nameRequired 
public readonly name: DlzStackNameProps;
stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage
globalVariablesRequired 
public readonly globalVariables: GlobalVariables;

ManagementStacks

Initializer 

import { ManagementStacks } from 'aws-data-landing-zone'


const managementStacks: ManagementStacks = { ... }

Properties

NameTypeDescription
globalManagementGlobalStackNo description.
globalIamIdentityCenterManagementGlobalIamIdentityCenterStackNo description.
globalRequired 
public readonly global: ManagementGlobalStack;
globalIamIdentityCenterOptional 
public readonly globalIamIdentityCenter: ManagementGlobalIamIdentityCenterStack;

MandatoryTags

Initializer 

import { MandatoryTags } from 'aws-data-landing-zone'


const mandatoryTags: MandatoryTags = { ... }

Properties

NameTypeDescription
environmentstring[]The values of the mandatory Environment tag that all resources must have.
ownerstring[]The values of the mandatory Owner tag that all resources must have.
projectstring[]The values of the mandatory Project tag that all resources must have.
environmentOptional 
public readonly environment: string[];
  • Type: string[]

The values of the mandatory Environment tag that all resources must have.

Specifying an empty array or undefined still enforces the tag presence but does not enforce the value.

ownerOptional 
public readonly owner: string[];
  • Type: string[]

The values of the mandatory Owner tag that all resources must have.

Specifying an empty array or undefined still enforces the tag presence but does not enforce the value.

projectOptional 
public readonly project: string[];
  • Type: string[]

The values of the mandatory Project tag that all resources must have.

Specifying an empty array or undefined still enforces the tag presence but does not enforce the value.

Network

Initializer 

import { Network } from 'aws-data-landing-zone'


const network: Network = { ... }

Properties

NameTypeDescription
bastionHostsBastionHost[]No description.
connectionsNetworkConnectionNo description.
natsNetworkNat[]No description.
bastionHostsOptional 
public readonly bastionHosts: BastionHost[];
connectionsOptional 
public readonly connections: NetworkConnection;
natsOptional 
public readonly nats: NetworkNat[];

NetworkConnection

Initializer 

import { NetworkConnection } from 'aws-data-landing-zone'


const networkConnection: NetworkConnection = { ... }

Properties

NameTypeDescription
vpcPeeringNetworkConnectionVpcPeering[]No description.
vpcPeeringRequired 
public readonly vpcPeering: NetworkConnectionVpcPeering[];

NetworkConnectionVpcPeering

Initializer 

import { NetworkConnectionVpcPeering } from 'aws-data-landing-zone'


const networkConnectionVpcPeering: NetworkConnectionVpcPeering = { ... }

Properties

NameTypeDescription
destinationNetworkAddressNo description.
sourceNetworkAddressNo description.
destinationRequired 
public readonly destination: NetworkAddress;
sourceRequired 
public readonly source: NetworkAddress;

NetworkEntityRouteTable

Initializer 

import { NetworkEntityRouteTable } from 'aws-data-landing-zone'


const networkEntityRouteTable: NetworkEntityRouteTable = { ... }

Properties

NameTypeDescription
addressNetworkAddressNo description.
routeTableaws-cdk-lib.aws_ec2.CfnRouteTableNo description.
subnetsNetworkEntitySubnet[]No description.
addressRequired 
public readonly address: NetworkAddress;
routeTableRequired 
public readonly routeTable: CfnRouteTable;
  • Type: aws-cdk-lib.aws_ec2.CfnRouteTable
subnetsRequired 
public readonly subnets: NetworkEntitySubnet[];

NetworkEntitySubnet

Initializer 

import { NetworkEntitySubnet } from 'aws-data-landing-zone'


const networkEntitySubnet: NetworkEntitySubnet = { ... }

Properties

NameTypeDescription
addressNetworkAddressNo description.
subnetaws-cdk-lib.aws_ec2.CfnSubnetNo description.
addressRequired 
public readonly address: NetworkAddress;
subnetRequired 
public readonly subnet: CfnSubnet;
  • Type: aws-cdk-lib.aws_ec2.CfnSubnet

NetworkEntityVpc

Initializer 

import { NetworkEntityVpc } from 'aws-data-landing-zone'


const networkEntityVpc: NetworkEntityVpc = { ... }

Properties

NameTypeDescription
addressNetworkAddressNo description.
routeTablesNetworkEntityRouteTable[]No description.
vpcaws-cdk-lib.aws_ec2.CfnVPCNo description.
addressRequired 
public readonly address: NetworkAddress;
routeTablesRequired 
public readonly routeTables: NetworkEntityRouteTable[];
vpcRequired 
public readonly vpc: CfnVPC;
  • Type: aws-cdk-lib.aws_ec2.CfnVPC

NetworkNat

Initializer 

import { NetworkNat } from 'aws-data-landing-zone'


const networkNat: NetworkNat = { ... }

Properties

NameTypeDescription
allowAccessFromNetworkAddress[]The route tables that should route to the NAT.
locationNetworkAddressThe location where the NAT will exist.
namestringThe name of the NAT Gateway to easily identify it.
typeNetworkNatTypeThe type of NAT to create.
allowAccessFromRequired 
public readonly allowAccessFrom: NetworkAddress[];

The route tables that should route to the NAT.

Must be in the same Account, Region and VPC as the NAT.

locationRequired 
public readonly location: NetworkAddress;

The location where the NAT will exist.

The network address must target a specific subnet

nameRequired 
public readonly name: string;
  • Type: string

The name of the NAT Gateway to easily identify it.

typeRequired 
public readonly type: NetworkNatType;

The type of NAT to create.

NetworkNatGateway

Initializer 

import { NetworkNatGateway } from 'aws-data-landing-zone'


const networkNatGateway: NetworkNatGateway = { ... }

Properties

NameTypeDescription
eipaws-cdk-lib.aws_ec2.CfnEIPPropsNo description.
eipOptional 
public readonly eip: CfnEIPProps;
  • Type: aws-cdk-lib.aws_ec2.CfnEIPProps

NetworkNatInstance

Initializer 

import { NetworkNatInstance } from 'aws-data-landing-zone'


const networkNatInstance: NetworkNatInstance = { ... }

Properties

NameTypeDescription
instanceTypeaws-cdk-lib.aws_ec2.InstanceTypeNo description.
eipaws-cdk-lib.aws_ec2.CfnEIPPropsNo description.
instanceTypeRequired 
public readonly instanceType: InstanceType;
  • Type: aws-cdk-lib.aws_ec2.InstanceType
eipOptional 
public readonly eip: CfnEIPProps;
  • Type: aws-cdk-lib.aws_ec2.CfnEIPProps

NetworkNatType

Initializer 

import { NetworkNatType } from 'aws-data-landing-zone'


const networkNatType: NetworkNatType = { ... }

Properties

NameTypeDescription
gatewayNetworkNatGatewayNo description.
instanceNetworkNatInstanceNo description.
gatewayOptional 
public readonly gateway: NetworkNatGateway;
instanceOptional 
public readonly instance: NetworkNatInstance;

NotificationDetailsProps

Initializer 

import { NotificationDetailsProps } from 'aws-data-landing-zone'


const notificationDetailsProps: NotificationDetailsProps = { ... }

Properties

NameTypeDescription
emailsstring[]No description.
slackSlackChannelNo description.
emailsOptional 
public readonly emails: string[];
  • Type: string[]
slackOptional 
public readonly slack: SlackChannel;

OrgOus

Initializer 

import { OrgOus } from 'aws-data-landing-zone'


const orgOus: OrgOus = { ... }

Properties

NameTypeDescription
securityOrgOuSecurityNo description.
suspendedOrgOuSuspendedNo description.
workloadsOrgOuWorkloadsNo description.
securityRequired 
public readonly security: OrgOuSecurity;
suspendedRequired 
public readonly suspended: OrgOuSuspended;
workloadsRequired 
public readonly workloads: OrgOuWorkloads;

OrgOuSecurity

Initializer 

import { OrgOuSecurity } from 'aws-data-landing-zone'


const orgOuSecurity: OrgOuSecurity = { ... }

Properties

NameTypeDescription
accountsOrgOuSecurityAccountsNo description.
ouIdstringNo description.
accountsRequired 
public readonly accounts: OrgOuSecurityAccounts;
ouIdRequired 
public readonly ouId: string;
  • Type: string

OrgOuSecurityAccounts

Initializer 

import { OrgOuSecurityAccounts } from 'aws-data-landing-zone'


const orgOuSecurityAccounts: OrgOuSecurityAccounts = { ... }

Properties

NameTypeDescription
auditDLzManagementAccountNo description.
logDLzManagementAccountNo description.
auditRequired 
public readonly audit: DLzManagementAccount;
logRequired 
public readonly log: DLzManagementAccount;

OrgOuSuspended

Initializer 

import { OrgOuSuspended } from 'aws-data-landing-zone'


const orgOuSuspended: OrgOuSuspended = { ... }

Properties

NameTypeDescription
ouIdstringNo description.
accountsDLzAccountSuspended[]No description.
ouIdRequired 
public readonly ouId: string;
  • Type: string
accountsOptional 
public readonly accounts: DLzAccountSuspended[];

OrgOuWorkloads

Initializer 

import { OrgOuWorkloads } from 'aws-data-landing-zone'


const orgOuWorkloads: OrgOuWorkloads = { ... }

Properties

NameTypeDescription
accountsDLzAccount[]No description.
ouIdstringNo description.
accountsRequired 
public readonly accounts: DLzAccount[];
ouIdRequired 
public readonly ouId: string;
  • Type: string

OrgRootAccounts

Initializer 

import { OrgRootAccounts } from 'aws-data-landing-zone'


const orgRootAccounts: OrgRootAccounts = { ... }

Properties

NameTypeDescription
managementDLzManagementAccountNo description.
managementRequired 
public readonly management: DLzManagementAccount;

PartialAccount

Initializer 

import { PartialAccount } from 'aws-data-landing-zone'


const partialAccount: PartialAccount = { ... }

Properties

NameTypeDescription
namestringNo description.
nameRequired 
public readonly name: string;
  • Type: string

PartialOu

Initializer 

import { PartialOu } from 'aws-data-landing-zone'


const partialOu: PartialOu = { ... }

Properties

NameTypeDescription
ouIdstringNo description.
accountsPartialAccount[]No description.
ouIdRequired 
public readonly ouId: string;
  • Type: string
accountsOptional 
public readonly accounts: PartialAccount[];

ReportItem

Initializer 

import { ReportItem } from 'aws-data-landing-zone'


const reportItem: ReportItem = { ... }

Properties

NameTypeDescription
descriptionstringNo description.
namestringNo description.
typeReportTypeNo description.
externalLinkstringNo description.
accountNamestringNo description.
appliedFromstringNo description.
regionstringNo description.
descriptionRequired 
public readonly description: string;
  • Type: string
nameRequired 
public readonly name: string;
  • Type: string
typeRequired 
public readonly type: ReportType;
externalLinkOptional 
public readonly externalLink: string;
  • Type: string
accountNameRequired 
public readonly accountName: string;
  • Type: string
appliedFromRequired 
public readonly appliedFrom: string;
  • Type: string
regionRequired 
public readonly region: string;
  • Type: string

ReportResource

Initializer 

import { ReportResource } from 'aws-data-landing-zone'


const reportResource: ReportResource = { ... }

Properties

NameTypeDescription
descriptionstringNo description.
namestringNo description.
typeReportTypeNo description.
externalLinkstringNo description.
descriptionRequired 
public readonly description: string;
  • Type: string
nameRequired 
public readonly name: string;
  • Type: string
typeRequired 
public readonly type: ReportType;
externalLinkOptional 
public readonly externalLink: string;
  • Type: string

RootOptions

Initializer 

import { RootOptions } from 'aws-data-landing-zone'


const rootOptions: RootOptions = { ... }

Properties

NameTypeDescription
accountsOrgRootAccountsNo description.
controlsDlzControlTowerStandardControls[]Control Tower Controls applied to all the OUs in the organization.
accountsRequired 
public readonly accounts: OrgRootAccounts;
controlsOptional 
public readonly controls: DlzControlTowerStandardControls[];

Control Tower Controls applied to all the OUs in the organization.

SecurityHubNotification

Initializer 

import { SecurityHubNotification } from 'aws-data-landing-zone'


const securityHubNotification: SecurityHubNotification = { ... }

Properties

NameTypeDescription
idstringNo description.
notificationSecurityHubNotificationPropsNo description.
severitySecurityHubNotificationSeverity[]No description.
workflowStatusSecurityHubNotificationSWorkflowStatus[]No description.
idRequired 
public readonly id: string;
  • Type: string
notificationRequired 
public readonly notification: SecurityHubNotificationProps;
severityOptional 
public readonly severity: SecurityHubNotificationSeverity[];
workflowStatusOptional 
public readonly workflowStatus: SecurityHubNotificationSWorkflowStatus[];

SecurityHubNotificationProps

Initializer 

import { SecurityHubNotificationProps } from 'aws-data-landing-zone'


const securityHubNotificationProps: SecurityHubNotificationProps = { ... }

Properties

NameTypeDescription
emailsstring[]No description.
slackSlackChannelNo description.
emailsOptional 
public readonly emails: string[];
  • Type: string[]
slackOptional 
public readonly slack: SlackChannel;

SharedExternal

Initializer 

import { SharedExternal } from 'aws-data-landing-zone'


const sharedExternal: SharedExternal = { ... }

Properties

NameTypeDescription
principalsstring[]A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.
specificValuesstring[]OPTIONAL - A list of specific values of the tag that can be shared.
tagActionsTagAction[]A list of actions that can be performed on the tag.
tagActionsWithGrantTagAction[]A list of actions on the tag with grant option, allowing grantees to further grant these permissions.
principalsRequired 
public readonly principals: string[];
  • Type: string[]

A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.

specificValuesOptional 
public readonly specificValues: string[];
  • Type: string[]

OPTIONAL - A list of specific values of the tag that can be shared.

All possible values if omitted.

tagActionsRequired 
public readonly tagActions: TagAction[];

A list of actions that can be performed on the tag.

Only TagAction.DESCRIBE and TagAction.ASSOCIATE are allowed.

tagActionsWithGrantOptional 
public readonly tagActionsWithGrant: TagAction[];

A list of actions on the tag with grant option, allowing grantees to further grant these permissions.

SharedInternal

Initializer 

import { SharedInternal } from 'aws-data-landing-zone'


const sharedInternal: SharedInternal = { ... }

Properties

NameTypeDescription
principalsstring[]A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.
specificValuesstring[]OPTIONAL - A list of specific values of the tag that can be shared.
tagActionsTagAction[]A list of actions that can be performed on the tag.
tagActionsWithGrantTagAction[]A list of actions on the tag with grant option, allowing grantees to further grant these permissions.
principalsRequired 
public readonly principals: string[];
  • Type: string[]

A list of principal identity ARNs (e.g., AWS accounts, IAM roles/users) that the permissions apply to.

specificValuesOptional 
public readonly specificValues: string[];
  • Type: string[]

OPTIONAL - A list of specific values of the tag that can be shared.

All possible values if omitted.

tagActionsRequired 
public readonly tagActions: TagAction[];

A list of actions that can be performed on the tag.

tagActionsWithGrantOptional 
public readonly tagActionsWithGrant: TagAction[];

A list of actions on the tag with grant option, allowing grantees to further grant these permissions.

ShareProps

Initializer 

import { ShareProps } from 'aws-data-landing-zone'


const shareProps: ShareProps = { ... }

Properties

NameTypeDescription
withExternalAccountSharedExternal[]Configurations for sharing LF-Tags with external AWS accounts.
withinAccountSharedInternal[]Configurations for sharing LF-Tags with principals within the same AWS account.
withExternalAccountOptional 
public readonly withExternalAccount: SharedExternal[];

Configurations for sharing LF-Tags with external AWS accounts.

withinAccountOptional 
public readonly withinAccount: SharedInternal[];

Configurations for sharing LF-Tags with principals within the same AWS account.

SlackChannel

Initializer 

import { SlackChannel } from 'aws-data-landing-zone'


const slackChannel: SlackChannel = { ... }

Properties

NameTypeDescription
slackChannelConfigurationNamestringThe name of Slack channel configuration.
slackChannelIdstringThe ID of the Slack channel.
slackWorkspaceIdstringThe ID of the Slack workspace authorized with AWS Chatbot.
slackChannelConfigurationNameRequired 
public readonly slackChannelConfigurationName: string;
  • Type: string

The name of Slack channel configuration.

slackChannelIdRequired 
public readonly slackChannelId: string;
  • Type: string

The ID of the Slack channel.

To get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the 9-character string at the end of the URL. For example, ABCBBLZZZ.

slackWorkspaceIdRequired 
public readonly slackWorkspaceId: string;
  • Type: string

The ID of the Slack workspace authorized with AWS Chatbot.

To get the workspace ID, you must perform the initial authorization flow with Slack in the AWS Chatbot console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-4 in Setting Up AWS Chatbot with Slack in the AWS Chatbot User Guide.

https://docs.aws.amazon.com/chatbot/latest/adminguide/setting-up.html#Setup_intro

WorkloadAccountProps

Initializer 

import { WorkloadAccountProps } from 'aws-data-landing-zone'


const workloadAccountProps: WorkloadAccountProps = { ... }

Properties

NameTypeDescription
envaws-cdk-lib.EnvironmentNo description.
nameDlzStackNamePropsNo description.
stagecdk-express-pipeline.ExpressStageNo description.
dlzAccountDLzAccountNo description.
globalVariablesGlobalVariablesNo description.
envRequired 
public readonly env: Environment;
  • Type: aws-cdk-lib.Environment
nameRequired 
public readonly name: DlzStackNameProps;
stageRequired 
public readonly stage: ExpressStage;
  • Type: cdk-express-pipeline.ExpressStage
dlzAccountRequired 
public readonly dlzAccount: DLzAccount;
globalVariablesRequired 
public readonly globalVariables: GlobalVariables;

Classes

AccountChatbots

Initializers 

import { AccountChatbots } from 'aws-data-landing-zone'


new AccountChatbots()
NameTypeDescription

Static Functions

NameDescription
addSlackChannelNo description.
existsSlackChannelNo description.
findSlackChannelNo description.
addSlackChannel 
import { AccountChatbots } from 'aws-data-landing-zone'


AccountChatbots.addSlackChannel(scope: Construct, id: string, chatbotProps: SlackChannelConfigurationProps)
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
chatbotPropsRequired
  • Type: aws-cdk-lib.aws_chatbot.SlackChannelConfigurationProps
existsSlackChannel 
import { AccountChatbots } from 'aws-data-landing-zone'


AccountChatbots.existsSlackChannel(scope: Construct, chatbotProps: SlackChannel)
scopeRequired
  • Type: constructs.Construct
chatbotPropsRequired
findSlackChannel 
import { AccountChatbots } from 'aws-data-landing-zone'


AccountChatbots.findSlackChannel(scope: Construct, chatbotProps: SlackChannel)
scopeRequired
  • Type: constructs.Construct
chatbotPropsRequired

Properties

NameTypeDescription
slackChatBots{[ key: string ]: aws-cdk-lib.aws_chatbot.SlackChannelConfiguration}No description.
slackChatBotsRequired 
public readonly slackChatBots: {[ key: string ]: SlackChannelConfiguration};
  • Type: {[ key: string ]: aws-cdk-lib.aws_chatbot.SlackChannelConfiguration}

DataLandingZone

Initializers 

import { DataLandingZone } from 'aws-data-landing-zone'


new DataLandingZone(app: App, props: DataLandingZoneProps, _?: ForceNoPythonArgumentLifting)
NameTypeDescription
appaws-cdk-lib.AppThe CDK App.
propsDataLandingZonePropsThe DataLandingZoneProps.
_ForceNoPythonArgumentLiftingIgnore this parameter, it is used to force a consistent interface across TS and Python usage.
appRequired
  • Type: aws-cdk-lib.App

The CDK App.

propsRequired

The DataLandingZoneProps.

_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

Methods

NameDescription
stageManagementNo description.
stageManagement 
public stageManagement(): ManagementStacks

Properties

NameTypeDescription
auditStacksAuditStacksNo description.
logStacksLogStacksNo description.
managementStacksManagementStacksNo description.
workloadGlobalDataServicesPhase1StacksWorkloadGlobalDataServicesPhase1Stack[]No description.
workloadGlobalNetworkConnectionsPhase1StacksWorkloadGlobalNetworkConnectionsPhase1Stack[]No description.
workloadGlobalNetworkConnectionsPhase2StacksWorkloadGlobalNetworkConnectionsPhase2Stack[]No description.
workloadGlobalNetworkConnectionsPhase3StacksWorkloadGlobalNetworkConnectionsPhase3Stack[]No description.
workloadGlobalStacksWorkloadGlobalStack[]No description.
workloadRegionalDataServicesPhase1StacksWorkloadRegionalDataServicesPhase1Stack[]No description.
workloadRegionalNetworkConnectionsPhase2StacksWorkloadRegionalNetworkConnectionsPhase2Stack[]No description.
workloadRegionalNetworkConnectionsPhase3StacksWorkloadRegionalNetworkConnectionsPhase3Stack[]No description.
workloadRegionalStacksWorkloadRegionalStack[]No description.
auditStacksRequired 
public readonly auditStacks: AuditStacks;
logStacksRequired 
public readonly logStacks: LogStacks;
managementStacksRequired 
public readonly managementStacks: ManagementStacks;
workloadGlobalDataServicesPhase1StacksRequired 
public readonly workloadGlobalDataServicesPhase1Stacks: WorkloadGlobalDataServicesPhase1Stack[];
workloadGlobalNetworkConnectionsPhase1StacksRequired 
public readonly workloadGlobalNetworkConnectionsPhase1Stacks: WorkloadGlobalNetworkConnectionsPhase1Stack[];
workloadGlobalNetworkConnectionsPhase2StacksRequired 
public readonly workloadGlobalNetworkConnectionsPhase2Stacks: WorkloadGlobalNetworkConnectionsPhase2Stack[];
workloadGlobalNetworkConnectionsPhase3StacksRequired 
public readonly workloadGlobalNetworkConnectionsPhase3Stacks: WorkloadGlobalNetworkConnectionsPhase3Stack[];
workloadGlobalStacksRequired 
public readonly workloadGlobalStacks: WorkloadGlobalStack[];
workloadRegionalDataServicesPhase1StacksRequired 
public readonly workloadRegionalDataServicesPhase1Stacks: WorkloadRegionalDataServicesPhase1Stack[];
workloadRegionalNetworkConnectionsPhase2StacksRequired 
public readonly workloadRegionalNetworkConnectionsPhase2Stacks: WorkloadRegionalNetworkConnectionsPhase2Stack[];
workloadRegionalNetworkConnectionsPhase3StacksRequired 
public readonly workloadRegionalNetworkConnectionsPhase3Stacks: WorkloadRegionalNetworkConnectionsPhase3Stack[];
workloadRegionalStacksRequired 
public readonly workloadRegionalStacks: WorkloadRegionalStack[];

DataLandingZoneClient

Initializers 

import { DataLandingZoneClient } from 'aws-data-landing-zone'


new DataLandingZoneClient()
NameTypeDescription

Static Functions

NameDescription
bastionSecurityGroupIdFetches the bastion security group ID from the SSM Parameter Store.
notificationTopicArnFetches the notification topic ARN from the SSM Parameter Store.
permissionsBoundaryArnFetches the permissions boundary ARN from the SSM Parameter Store.
routeTableIdFetches the route table ID from the SSM Parameter Store.
subnetIdFetches the subnet ID from the SSM Parameter Store.
vpcIdFetches the VPC ID from the SSM Parameter Store.
bastionSecurityGroupId 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.bastionSecurityGroupId(scope: Construct, id: string, props: DataLandingZoneClientBastionProps)

Fetches the bastion security group ID from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

propsRequired

The props of the construct.

notificationTopicArn 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.notificationTopicArn(scope: Construct, id: string)

Fetches the notification topic ARN from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

permissionsBoundaryArn 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.permissionsBoundaryArn(scope: Construct, id: string)

Fetches the permissions boundary ARN from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

routeTableId 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.routeTableId(scope: Construct, id: string, props: DataLandingZoneClientRouteTableIdProps)

Fetches the route table ID from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

propsRequired

The props of the construct.

subnetId 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.subnetId(scope: Construct, id: string, props: DataLandingZoneClientSubnetIdProps)

Fetches the subnet ID from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

propsRequired

The props of the construct.

vpcId 
import { DataLandingZoneClient } from 'aws-data-landing-zone'


DataLandingZoneClient.vpcId(scope: Construct, id: string, props: DataLandingZoneClientVpcIdProps)

Fetches the VPC ID from the SSM Parameter Store.

scopeRequired
  • Type: constructs.Construct

The scope of the construct.

idRequired
  • Type: string

The id of the construct.

propsRequired

The props of the construct.

Defaults

Initializers 

import { Defaults } from 'aws-data-landing-zone'


new Defaults()
NameTypeDescription

Static Functions

NameDescription
budgetsBudgets for the organization.
denyServiceList* List of services that are denied in the organization.
iamIdentityCenterPermissionSetsProvides the AWS managed policy AdministratorAccess and ReadOnlyAccess as permission sets.
mandatoryTags* Mandatory tags for the organization.
rootControlsControl Tower Controls applied to all the OUs in the organization.
vpcClassB3Private3PublicCreates a VPC configuration with 2 route tables, one used as public and the other private, each with 3 subnets.
budgets 
import { Defaults } from 'aws-data-landing-zone'


Defaults.budgets(orgTotal: number, infraDlz: number, subscribers: BudgetSubscribers, _?: ForceNoPythonArgumentLifting)

Budgets for the organization.

orgTotalRequired
  • Type: number

Total budget for the organization in USD.

infraDlzRequired
  • Type: number

Budget for this DLZ project identified by tags Owner=infra, Project=dlz in USD.

subscribersRequired

Subscribers for the budget.

_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

denyServiceList 
import { Defaults } from 'aws-data-landing-zone'


Defaults.denyServiceList()
  • List of services that are denied in the organization.
iamIdentityCenterPermissionSets 
import { Defaults } from 'aws-data-landing-zone'


Defaults.iamIdentityCenterPermissionSets()

Provides the AWS managed policy AdministratorAccess and ReadOnlyAccess as permission sets.

mandatoryTags 
import { Defaults } from 'aws-data-landing-zone'


Defaults.mandatoryTags(props: DataLandingZoneProps)
  • Mandatory tags for the organization.
propsRequired
rootControls 
import { Defaults } from 'aws-data-landing-zone'


Defaults.rootControls()

Control Tower Controls applied to all the OUs in the organization.

vpcClassB3Private3Public 
import { Defaults } from 'aws-data-landing-zone'


Defaults.vpcClassB3Private3Public(thirdOctetMask: number, region: Region)

Creates a VPC configuration with 2 route tables, one used as public and the other private, each with 3 subnets.

Each subnet has a /19 CIDR block. The VPC CIDR is 10.${thirdOctetMask}.0.0/16 There will be remaining space:

  • 10.x.192.0/19
  • 10.x.224.0/19
thirdOctetMaskRequired
  • Type: number

the third octet of the VPC CIDR.

regionRequired

the region where the VPC will be created.

DlzAccountNetworks

Initializers 

import { DlzAccountNetworks } from 'aws-data-landing-zone'


new DlzAccountNetworks()
NameTypeDescription

Methods

NameDescription
addNo description.
getEntitiesForAddressGet NetworkEntities for the given networkAddress and match on the given matchOnAddress.
add 
public add(dlzAccount: DLzAccount, networkEntityVpc: NetworkEntityVpc): void
dlzAccountRequired
networkEntityVpcRequired
getEntitiesForAddress 
public getEntitiesForAddress(networkAddress: NetworkAddress, matchOnAddress?: string): DlzAccountNetwork[]

Get NetworkEntities for the given networkAddress and match on the given matchOnAddress.

For example, if the networkAddress is a routeTable address and matchOnAddress has a value of vpc then it will return all NetworkEntities that have the same VPC as the networkAddress. Or, if the matchOnAddress has a value of region then it will return all NetworkEntities that have the same VPC region as the networkAddress.

If the matchOnAddress is account then the complete NetworkEntity will be returned. Else, if matchOnAddress is region, vpc, routeTable or subnet then a partial NetworkEntity will be returned. The vpcs routeTables and subnets will be filtered to only include those that match the networkAddress. A value of undefined will automatically detect the level of the networkAddress and use that as the matchOnAddress.

Example:

Given we have these NetworkEntity[]:

  1. project-1-develop.us-east-1.default.private
  2. project-1-develop.eu-west-1.default.private
  3. project-1-production.eu-west-1.default.private

  • If the networkAddress has a routeTable address of: project-1-develop.us-east-1.default.private and the matchOnAddress value is routeTable. Then it will only match the first entry of project-1-develop.us-east-1.default.private and return a partial NetworkEntity with the VPC, and only the routeTables and subnets that have the same routeTable address.

  • If the networkAddress has the same routeTable address of: project-1-develop.us-east-1.default.private and the matchOnAddress value is changed to vpc. Then it will match the first and second entries and return the complete NetworkEntity for each.

networkAddressRequired
matchOnAddressOptional
  • Type: string

DlzBudget

Initializers 

import { DlzBudget } from 'aws-data-landing-zone'


new DlzBudget(scope: Construct, id: string, props: DlzBudgetProps, budgetSnsCache: {[ key: string ]: GlobalVariablesBudgetSnsCacheRecord})
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsDlzBudgetPropsNo description.
budgetSnsCache{[ key: string ]: GlobalVariablesBudgetSnsCacheRecord}No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired
budgetSnsCacheRequired

Properties

NameTypeDescription
cfnBudgetaws-cdk-lib.aws_budgets.CfnBudgetNo description.
cfnBudgetRequired 
public readonly cfnBudget: CfnBudget;
  • Type: aws-cdk-lib.aws_budgets.CfnBudget

DlzControlTowerEnabledControl

Initializers 

import { DlzControlTowerEnabledControl } from 'aws-data-landing-zone'


new DlzControlTowerEnabledControl(scope: Construct, id: string, props: DlzControlTowerEnabledControlProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsDlzControlTowerEnabledControlPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Static Functions

NameDescription
canBeAppliedToSecurityOUCheck if the control can be applied to the Security OU.
canBeAppliedToSecurityOU 
import { DlzControlTowerEnabledControl } from 'aws-data-landing-zone'


DlzControlTowerEnabledControl.canBeAppliedToSecurityOU(control: IDlzControlTowerControl)

Check if the control can be applied to the Security OU.

Only LEGACY controls can be applied to the Security OU.

controlRequired

Properties

NameTypeDescription
controlaws-cdk-lib.aws_controltower.CfnEnabledControlNo description.
reportResourceReportResourceNo description.
controlRequired 
public readonly control: CfnEnabledControl;
  • Type: aws-cdk-lib.aws_controltower.CfnEnabledControl
reportResourceRequired 
public readonly reportResource: ReportResource;

DlzLakeFormation

Initializers 

import { DlzLakeFormation } from 'aws-data-landing-zone'


new DlzLakeFormation(scope: Construct, id: string, lfProps: DlzLakeFormationProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
lfPropsDlzLakeFormationPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
lfPropsRequired

DlzServiceControlPolicy

Initializers 

import { DlzServiceControlPolicy } from 'aws-data-landing-zone'


new DlzServiceControlPolicy(scope: Construct, id: string, props: DlzServiceControlPolicyProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsDlzServiceControlPolicyPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Static Functions

NameDescription
denyCfnStacksWithoutStandardTagsNo description.
denyIamPolicyActionStatementsNo description.
denyServiceActionStatementsNo description.
denyCfnStacksWithoutStandardTags 
import { DlzServiceControlPolicy } from 'aws-data-landing-zone'


DlzServiceControlPolicy.denyCfnStacksWithoutStandardTags(tags: DlzTag[])
tagsRequired
denyIamPolicyActionStatements 
import { DlzServiceControlPolicy } from 'aws-data-landing-zone'


DlzServiceControlPolicy.denyIamPolicyActionStatements()
denyServiceActionStatements 
import { DlzServiceControlPolicy } from 'aws-data-landing-zone'


DlzServiceControlPolicy.denyServiceActionStatements(serviceActions: string[])
serviceActionsRequired
  • Type: string[]

Properties

NameTypeDescription
policyaws-cdk-lib.aws_organizations.CfnPolicyNo description.
reportResourceReportResourceNo description.
policyRequired 
public readonly policy: CfnPolicy;
  • Type: aws-cdk-lib.aws_organizations.CfnPolicy
reportResourceRequired 
public readonly reportResource: ReportResource;

DlzSsmReader

Initializers 

import { DlzSsmReader } from 'aws-data-landing-zone'


new DlzSsmReader()
NameTypeDescription

Static Functions

NameDescription
getValueGet the value of an SSM Parameter Store value.
getValue 
import { DlzSsmReader } from 'aws-data-landing-zone'


DlzSsmReader.getValue(scope: Construct, id: string, accountId: string, region: string, name: string, fetchType?: string, withDecryption?: boolean)

Get the value of an SSM Parameter Store value.

Fetch type always will always fetch the value from SSM Parameter Store, this will produce a CDK diff every time. Fetch type value-change will fetch the value from SSM Parameter Store only when the value changes, this will not produce a CDK diff every time.

scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
accountIdRequired
  • Type: string
regionRequired
  • Type: string
nameRequired
  • Type: string
fetchTypeOptional
  • Type: string
withDecryptionOptional
  • Type: boolean

DlzSsmReaderStackCache

Get the value of an SSM Parameter Store value.

This method will reuse the same CustomResource, reducing the number of lookups to the same resource within a stack.

Initializers 

import { DlzSsmReaderStackCache } from 'aws-data-landing-zone'


new DlzSsmReaderStackCache()
NameTypeDescription

Methods

NameDescription
getValueFetch type always will always fetch the value from SSM Parameter Store, this will produce a CDK diff every time.
getValue 
public getValue(scope: Construct, id: string, accountId: string, region: string, name: string, fetchType?: string, withDecryption?: boolean): string

Fetch type always will always fetch the value from SSM Parameter Store, this will produce a CDK diff every time.

Fetch type value-change will fetch the value from SSM Parameter Store only when the value changes, this will not produce a CDK diff every time.

scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
accountIdRequired
  • Type: string
regionRequired
  • Type: string
nameRequired
  • Type: string
fetchTypeOptional
  • Type: string
withDecryptionOptional
  • Type: boolean

DlzTagPolicy

Initializers 

import { DlzTagPolicy } from 'aws-data-landing-zone'


new DlzTagPolicy(scope: Construct, id: string, props: DlzTagPolicyProps)
NameTypeDescription
scopeconstructs.ConstructNo description.
idstringNo description.
propsDlzTagPolicyPropsNo description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Properties

NameTypeDescription
policyaws-cdk-lib.aws_organizations.CfnPolicyNo description.
reportResourceReportResourceNo description.
policyRequired 
public readonly policy: CfnPolicy;
  • Type: aws-cdk-lib.aws_organizations.CfnPolicy
reportResourceRequired 
public readonly reportResource: ReportResource;

DlzVpc

Initializers 

import { DlzVpc } from 'aws-data-landing-zone'


new DlzVpc(dlzAccount: DLzAccount, dlzStack: DlzStack, dlzVpc: DlzVpcProps, networkNats?: NetworkNat[])
NameTypeDescription
dlzAccountDLzAccountNo description.
dlzStackDlzStackNo description.
dlzVpcDlzVpcPropsNo description.
networkNatsNetworkNat[]No description.
dlzAccountRequired
dlzStackRequired
dlzVpcRequired
networkNatsOptional

Properties

NameTypeDescription
networkEntityVpcNetworkEntityVpcNo description.
networkEntityVpcRequired 
public readonly networkEntityVpc: NetworkEntityVpc;

IamIdentityCenter

The IAM Identity Center.

Initializers 

import { IamIdentityCenter } from 'aws-data-landing-zone'


new IamIdentityCenter(dlzStack: DlzStack, organization: DLzOrganization, iamIdentityCenter: IamIdentityCenterProps)
NameTypeDescription
dlzStackDlzStackNo description.
organizationDLzOrganizationNo description.
iamIdentityCenterIamIdentityCenterPropsNo description.
dlzStackRequired
organizationRequired
iamIdentityCenterRequired

NetworkAddress

Initializers 

import { NetworkAddress } from 'aws-data-landing-zone'


new NetworkAddress(account: string, region?: string, vpc?: string, routeTable?: string, subnet?: string)
NameTypeDescription
accountstringNo description.
regionstringNo description.
vpcstringNo description.
routeTablestringNo description.
subnetstringNo description.
accountRequired
  • Type: string
regionOptional
  • Type: string
vpcOptional
  • Type: string
routeTableOptional
  • Type: string
subnetOptional
  • Type: string

Methods

NameDescription
isAccountAddressNo description.
isRegionAddressNo description.
isRouteTableAddressNo description.
isSubnetAddressNo description.
isVpcAddressNo description.
matchesNo description.
toStringNo description.
isAccountAddress 
public isAccountAddress(): boolean
isRegionAddress 
public isRegionAddress(): boolean
isRouteTableAddress 
public isRouteTableAddress(): boolean
isSubnetAddress 
public isSubnetAddress(): boolean
isVpcAddress 
public isVpcAddress(): boolean
matches 
public matches(other: NetworkAddress): boolean
otherRequired
toString 
public toString(): string

Static Functions

NameDescription
fromStringNo description.
fromString 
import { NetworkAddress } from 'aws-data-landing-zone'


NetworkAddress.fromString(props: string)
propsRequired
  • Type: string

Properties

NameTypeDescription
accountstringNo description.
regionstringNo description.
routeTablestringNo description.
subnetstringNo description.
vpcstringNo description.
accountRequired 
public readonly account: string;
  • Type: string
regionOptional 
public readonly region: string;
  • Type: string
routeTableOptional 
public readonly routeTable: string;
  • Type: string
subnetOptional 
public readonly subnet: string;
  • Type: string
vpcOptional 
public readonly vpc: string;
  • Type: string

Report

Initializers 

import { Report } from 'aws-data-landing-zone'


new Report()
NameTypeDescription

Static Functions

NameDescription
addReportForAccountRegionNo description.
addReportForAccountRegionsNo description.
addReportForOuAccountRegionsNo description.
addReportForSecurityOuAccountRegionsNo description.
printConsoleReportNo description.
saveConsoleReportNo description.
addReportForAccountRegion 
import { Report } from 'aws-data-landing-zone'


Report.addReportForAccountRegion(accountName: string, region: string, reportResource: ReportResource)
accountNameRequired
  • Type: string
regionRequired
  • Type: string
reportResourceRequired
addReportForAccountRegions 
import { Report } from 'aws-data-landing-zone'


Report.addReportForAccountRegions(accountName: string, regions: DlzRegions, reportResource: ReportResource)
accountNameRequired
  • Type: string
regionsRequired
reportResourceRequired
addReportForOuAccountRegions 
import { Report } from 'aws-data-landing-zone'


Report.addReportForOuAccountRegions(partialOu: PartialOu, regions: DlzRegions, reportResource: ReportResource)
partialOuRequired
regionsRequired
reportResourceRequired
addReportForSecurityOuAccountRegions 
import { Report } from 'aws-data-landing-zone'


Report.addReportForSecurityOuAccountRegions(securityOu: OrgOuSecurity, regions: DlzRegions, reportResource: ReportResource)
securityOuRequired
regionsRequired
reportResourceRequired
printConsoleReport 
import { Report } from 'aws-data-landing-zone'


Report.printConsoleReport()
saveConsoleReport 
import { Report } from 'aws-data-landing-zone'


Report.saveConsoleReport()

Properties

NameTypeDescription
reportsReportItem[]No description.
reportsRequired 
public readonly reports: ReportItem[];

Scripts

Initializers 

import { Scripts } from 'aws-data-landing-zone'


new Scripts()
NameTypeDescription

Methods

NameDescription
awsNukeRuns AWS Nuke on the account.
boostrapAllBootstraps all accounts in all regions as defined by the config.
configureCostAllocationTagsSets the Cost Allocation Tags for the organization.
deployAllCDK deploy all stacks.
deploySelectCDK deploy stacks identified by the id.
diffAllCDK diff all stacks.
diffSelectCDK diff stacks identified by the id.
warnSuspendedAccountResourcesWarns about suspended account resources by finding stacks that starts with dlz-.
awsNuke 
public awsNuke(props: DataLandingZoneProps, relativeDir: string, awsNukeBinary: string, accountName: string, dryRun?: boolean): void

Runs AWS Nuke on the account.

If the account is in the Workloads OU, it will delete all resources but exclude the ControlTower, CDK Bootstrap and DLZ resources. If the account is in the Suspended OU, it will delete all resources but exclude the ControlTower and CDK Bootstrap resources.

propsRequired
relativeDirRequired
  • Type: string

Path to the binary.

awsNukeBinaryRequired
  • Type: string

Path to the binary.

accountNameRequired
  • Type: string

Account name as in the props.

dryRunOptional
  • Type: boolean

If true (default), it will not delete resources but only list them.

boostrapAll 
public boostrapAll(props: DataLandingZoneProps, bootstrapRoleName?: string): void

Bootstraps all accounts in all regions as defined by the config.

propsRequired
bootstrapRoleNameOptional
  • Type: string
configureCostAllocationTags 
public configureCostAllocationTags(props: DataLandingZoneProps, _?: ForceNoPythonArgumentLifting): void

Sets the Cost Allocation Tags for the organization.

propsRequired
_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

deployAll 
public deployAll(props: DataLandingZoneProps, _?: ForceNoPythonArgumentLifting): void

CDK deploy all stacks.

propsRequired
_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

deploySelect 
public deploySelect(props: DataLandingZoneProps, id: string): void

CDK deploy stacks identified by the id.

propsRequired
idRequired
  • Type: string
diffAll 
public diffAll(props: DataLandingZoneProps, _?: ForceNoPythonArgumentLifting): void

CDK diff all stacks.

propsRequired
_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

diffSelect 
public diffSelect(props: DataLandingZoneProps, id: string): void

CDK diff stacks identified by the id.

propsRequired
idRequired
  • Type: string
warnSuspendedAccountResources 
public warnSuspendedAccountResources(props: DataLandingZoneProps, _?: ForceNoPythonArgumentLifting): void

Warns about suspended account resources by finding stacks that starts with dlz-.

propsRequired
_Optional

Ignore this parameter, it is used to force a consistent interface across TS and Python usage.

Protocols

IDlzControlTowerControl

Properties

NameTypeDescription
controlFriendlyNameDlzControlTowerStandardControls | DlzControlTowerSpecializedControlsThe short name of the control, example: AWS-GR_ENCRYPTED_VOLUMES.
controlIdNameDlzControlTowerControlIdNamePropsThe control ID name used to construct the controlIdentifier, example: AWS-GR_ENCRYPTED_VOLUMES This can differ from the controlFriendlyName for newer controls.
descriptionstringDescription of the control.
externalLinkstringExternal link to the control documentation.
formatDlzControlTowerControlFormatThe format of the control, LEGACY or STANDARD LEGACY controls include the control name in the controlIdentifier STANDARD controls do not include the control name in the controlIdentifier and can not be applied to the Security OU.
parameters{[ key: string ]: any}Optional parameters for the control.
controlFriendlyNameRequired 
public readonly controlFriendlyName: DlzControlTowerStandardControls | DlzControlTowerSpecializedControls;

The short name of the control, example: AWS-GR_ENCRYPTED_VOLUMES.

controlIdNameRequired 
public readonly controlIdName: DlzControlTowerControlIdNameProps;

The control ID name used to construct the controlIdentifier, example: AWS-GR_ENCRYPTED_VOLUMES This can differ from the controlFriendlyName for newer controls.

descriptionRequired 
public readonly description: string;
  • Type: string

Description of the control.

externalLinkRequired 
public readonly externalLink: string;
  • Type: string

External link to the control documentation.

formatRequired 
public readonly format: DlzControlTowerControlFormat;

The format of the control, LEGACY or STANDARD LEGACY controls include the control name in the controlIdentifier STANDARD controls do not include the control name in the controlIdentifier and can not be applied to the Security OU.

parametersOptional 
public readonly parameters: {[ key: string ]: any};
  • Type: {[ key: string ]: any}

Optional parameters for the control.

IReportResource

Behavioral, used with Inheritance.

Properties

NameTypeDescription
reportResourceReportResourceNo description.
reportResourceRequired 
public readonly reportResource: ReportResource;

Enums

DatabaseAction

Members

NameDescription
DESCRIBENo description.
ALTERNo description.
DROPNo description.
CREATE_TABLENo description.
DESCRIBE
ALTER
DROP
CREATE_TABLE

DlzAccountType

Members

NameDescription
DEVELOPNo description.
PRODUCTIONNo description.
DEVELOP
PRODUCTION

DlzControlTowerControlFormat

Members

NameDescription
LEGACYNo description.
STANDARDNo description.
LEGACY
STANDARD

DlzControlTowerSpecializedControls

Controls that take parameters.

Members

NameDescription
CT_MULTISERVICE_PV_1No description.
CT_MULTISERVICE_PV_1

DlzControlTowerStandardControls

Controls that do not take parameters.

Members

NameDescription
AWS_GR_MFA_ENABLED_FOR_IAM_CONSOLE_ACCESSNo description.
AWS_GR_ENCRYPTED_VOLUMESNo description.
AWS_GR_RDS_INSTANCE_PUBLIC_ACCESS_CHECKNo description.
AWS_GR_RDS_SNAPSHOTS_PUBLIC_PROHIBITEDNo description.
AWS_GR_RDS_STORAGE_ENCRYPTEDNo description.
AWS_GR_RESTRICTED_SSHNo description.
AWS_GR_RESTRICT_ROOT_USERNo description.
AWS_GR_RESTRICT_ROOT_USER_ACCESS_KEYSNo description.
AWS_GR_ROOT_ACCOUNT_MFA_ENABLEDNo description.
AWS_GR_S3_BUCKET_PUBLIC_READ_PROHIBITEDNo description.
AWS_GR_S3_BUCKET_PUBLIC_WRITE_PROHIBITEDNo description.
SH_SECRETS_MANAGER_3No description.
AWS_GR_MFA_ENABLED_FOR_IAM_CONSOLE_ACCESS
AWS_GR_ENCRYPTED_VOLUMES
AWS_GR_RDS_INSTANCE_PUBLIC_ACCESS_CHECK
AWS_GR_RDS_SNAPSHOTS_PUBLIC_PROHIBITED
AWS_GR_RDS_STORAGE_ENCRYPTED
AWS_GR_RESTRICTED_SSH
AWS_GR_RESTRICT_ROOT_USER
AWS_GR_RESTRICT_ROOT_USER_ACCESS_KEYS
AWS_GR_ROOT_ACCOUNT_MFA_ENABLED
AWS_GR_S3_BUCKET_PUBLIC_READ_PROHIBITED
AWS_GR_S3_BUCKET_PUBLIC_WRITE_PROHIBITED
SH_SECRETS_MANAGER_3

IamIdentityAccounts

Members

NameDescription
ROOTNo description.
SECURITY_LOGNo description.
SECURITY_AUDITNo description.
ROOT
SECURITY_LOG
SECURITY_AUDIT

IamIdentityPermissionSets

Members

NameDescription
ADMINNo description.
READ_ONLYNo description.
CATALOGNo description.
ADMIN
READ_ONLY
CATALOG

Ou

Members

NameDescription
SECURITYNo description.
WORKLOADSNo description.
SUSPENDEDNo description.
SECURITY
WORKLOADS
SUSPENDED

Region

Control Tower Supported Regions as listed here https://docs.aws.amazon.com/controltower/latest/userguide/region-how.html with the regions that might have partial or no support for SecurityHub Standard mentioned in the comment https://docs.aws.amazon.com/controltower/latest/userguide/security-hub-controls.html#sh-unsupported-regions Last updated: 22 Mar 2024.

Members

NameDescription
US_EAST_1N.
US_EAST_2Ohio.
US_WEST_1N.
US_WEST_2Oregon.
CA_CENTRAL_1Canada (Central).
EU_WEST_1Ireland.
EU_WEST_2London.
EU_WEST_3Paris.
EU_CENTRAL_1Frankfurt.
EU_CENTRAL_2Zurich.
EU_NORTH_1Stockholm.
EU_SOUTH_1Milan.
EU_SOUTH_2Spain.
AP_NORTHEAST_1Tokyo.
AP_NORTHEAST_2Seoul.
AP_NORTHEAST_3Osaka.
AP_SOUTHEAST_1Singapore.
AP_SOUTHEAST_2Sydney, Melbourne.
AP_SOUTHEAST_3Jakarta No Control Tower SecurityHub Standard support.
AP_SOUTHEAST_4Melbourne No Control Tower SecurityHub Standard support.
AP_EAST_1Hong Kong No Control Tower SecurityHub Standard support.
SA_EAST_1Sao Paulo.
AF_SOUTH_1Cape Town No Control Tower SecurityHub Standard support.
ME_SOUTH_1Bahrain, UAE, Tel Aviv No Control Tower SecurityHub Standard support.
ME_CENTRAL_1UAE No Control Tower SecurityHub Standard support.
IL_CENTRAL_1Israel No Control Tower SecurityHub Standard support.
AP_SOUTH_2Hyderabad No Control Tower SecurityHub Standard support.
US_EAST_1

N.

Virginia

US_EAST_2

Ohio.

US_WEST_1

N.

California

US_WEST_2

Oregon.

CA_CENTRAL_1

Canada (Central).

EU_WEST_1

Ireland.

EU_WEST_2

London.

EU_WEST_3

Paris.

EU_CENTRAL_1

Frankfurt.

EU_CENTRAL_2

Zurich.

EU_NORTH_1

Stockholm.

EU_SOUTH_1

Milan.

EU_SOUTH_2

Spain.

AP_NORTHEAST_1

Tokyo.

AP_NORTHEAST_2

Seoul.

AP_NORTHEAST_3

Osaka.

AP_SOUTHEAST_1

Singapore.

AP_SOUTHEAST_2

Sydney, Melbourne.

AP_SOUTHEAST_3

Jakarta No Control Tower SecurityHub Standard support.

AP_SOUTHEAST_4

Melbourne No Control Tower SecurityHub Standard support.

AP_EAST_1

Hong Kong No Control Tower SecurityHub Standard support.

SA_EAST_1

Sao Paulo.

AF_SOUTH_1

Cape Town No Control Tower SecurityHub Standard support.

ME_SOUTH_1

Bahrain, UAE, Tel Aviv No Control Tower SecurityHub Standard support.

ME_CENTRAL_1

UAE No Control Tower SecurityHub Standard support.

IL_CENTRAL_1

Israel No Control Tower SecurityHub Standard support.

AP_SOUTH_2

Hyderabad No Control Tower SecurityHub Standard support.

ReportType

Members

NameDescription
CONTROL_TOWER_CONTROLNo description.
CONFIG_RULENo description.
SECURITY_HUB_STANDARDNo description.
TAG_POLICYNo description.
SERVICE_CONTROL_POLICYNo description.
IAM_ACCOUNT_ALIASNo description.
IAM_PASSWORD_POLICYNo description.
IAM_PERMISSION_BOUNDARYNo description.
IAM_POLICYNo description.
IAM_ROLENo description.
IAM_USERNo description.
IAM_USER_GROUPNo description.
CONTROL_TOWER_CONTROL
CONFIG_RULE
SECURITY_HUB_STANDARD
TAG_POLICY
SERVICE_CONTROL_POLICY
IAM_ACCOUNT_ALIAS
IAM_PASSWORD_POLICY
IAM_PERMISSION_BOUNDARY
IAM_POLICY
IAM_ROLE
IAM_USER
IAM_USER_GROUP

SecurityHubNotificationSeverity

https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Severity.html.

Members

NameDescription
INFORMATIONALNo description.
LOWNo description.
MEDIUMNo description.
HIGHNo description.
CRITICALNo description.
INFORMATIONAL
LOW
MEDIUM
HIGH
CRITICAL

SecurityHubNotificationSWorkflowStatus

https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Workflow.html.

Members

NameDescription
NEWNo description.
NOTIFIEDNo description.
SUPPRESSEDNo description.
RESOLVEDNo description.
NEW
NOTIFIED
SUPPRESSED
RESOLVED

TableAction

Members

NameDescription
DESCRIBENo description.
SELECTNo description.
DELETENo description.
INSERTNo description.
DROPNo description.
ALTERNo description.
DESCRIBE
SELECT
DELETE
INSERT
DROP
ALTER

TagAction

Members

NameDescription
DESCRIBENo description.
ASSOCIATENo description.
ALTERNo description.
DROPNo description.
DESCRIBE
ASSOCIATE
ALTER
DROP