diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..53eb30c
--- /dev/null
@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+## Our Pledge
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+## Our Standards
+Examples of behavior that contributes to a positive environment for our
+community include:
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+ and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+ overall community
+Examples of unacceptable behavior include:
+* The use of sexualized language or imagery, and sexual attention or
+ advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+ address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+## Enforcement Responsibilities
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+## Scope
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+## Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+All complaints will be reviewed and investigated promptly and fairly.
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+## Enforcement Guidelines
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+### 1. Correction
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+### 2. Warning
+**Community Impact**: A violation through a single incident or series
+of actions.
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+### 3. Temporary Ban
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+### 4. Permanent Ban
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+## Attribution
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+[homepage]: https://www.contributor-covenant.org
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
\ No newline at end of file
new file mode 100644
index 0000000..71c43c0
--- /dev/null
@@ -0,0 +1,12 @@
+## Hello, Please Review My Pull Request!
+#### :heavy_check_mark: Checklist
+- [ ] Describe what you did in the pull request description
+- [ ] Add Unit and Integration Tests - at least 80% unit tests for new code.
+- [ ] Added or updated documentation
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..3c35de8
--- /dev/null
+++ b/README.md
@@ -0,0 +1,90 @@
+# sandpipers-cdk
+Create and test AWS CDK stacks with ease using the Sandpipers CDK libraries.
+### Description
+This project aims to create L3 constructs with sensible defaults that can be used as building blocks for your CDK stacks. It also provides a set of
+libraries to test your CDK stacks in a readable and maintainable way inspired by the [AssertJ](https://assertj.github.io/doc/) library.
+The project is divided into the following modules:
+* [sandpipers-cdk-bom](sandpipers-cdk-bom): A Bill of Materials (BOM) for the Sandpipers CDK libraries.
+* [sandpipers-cdk-core](sandpipers-cdk-core): Opinionated L3 constructs with sensible defaults. It, also, provides base App and Stack classes that
+ serve as a starting point for your CDK projects. It uses the [type-factory project](https://github.com/type-factory/type-factory/tree/main) to
+ create and validate input to some of the constructs properties. This allows for a more robust and type-safe API.
+* [sandpipers-cdk-assertions](sandpipers-cdk-assertions): Fluent assertions for AWS CDK testing.
+* [sandpipers-cdk-examples](sandpipers-cdk-examples): Examples of how to use the [sandpipers-cdk-core](sandpipers-cdk-core)
+ and [sandpipers-cdk-assertions](sandpipers-cdk-assertions) libraries.
+### Usage
+* Import the [sandpipers-cdk-bom](..%2Fsandpipers-cdk-bom/README.md) into to your `pom.xml` file.
+ ```xml
+ io.sandpipers
+ sandpipers-cdk-bom
+ version
+ pom
+ import
+ ```
+* Add the [sandpipers-cdk-core](sandpipers-cdk-core) into to your `pom.xml` file, if you want to use the L3 constructs provided by the project.
+ ```xml
+ io.sandpipers
+ sandpipers-cdk-core
+ test
+ ```
+* Use the constructs provided by the [sandpipers-cdk-core](sandpipers-cdk-core) in your CDK stacks. Examples of these constructs can be found in
+ the [sandpipers-cdk-examples](sandpipers-cdk-examples) module. However, here is a sneak peek of how to use the `Lambda` construct:
+ ```java
+ final CustomRuntime2023FunctionProps functionProps = CustomRuntime2023FunctionProps.builder()
+ .description("Example Function for CDK")
+ .handler("org.springframework.cloud.function.adapter.aws.FunctionInvoker::handleRequest")
+ .code(Code.fromAsset(testLambdaCodePath))
+ .deadLetterTopicEnabled(true)
+ .environment(Map.of("ENV", "TEST"))
+ .build();
+ final CustomRuntime2023Function function =
+ new CustomRuntime2023Function<>(this, SafeString.of("Function"), functionProps);
+ ```
+* Add the [sandpipers-cdk-assertions](sandpipers-cdk-assertions) into to your `pom.xml` file, if you want to use the fluent assertions provided by the
+ project.
+ ```xml
+ io.sandpipers
+ sandpipers-cdk-assertions
+ test
+ ```
+* Use the assertions provided by the [sandpipers-cdk-assertions](sandpipers-cdk-assertions) in your CDK tests. Examples of these assertions can be
+ found in the [sandpipers-cdk-examples](sandpipers-cdk-examples) module. However, here is a sneak peek of how to use
+ the [CDKStackAssert.java](sandpipers-cdk-assertions%2Fsrc%2Fmain%2Fjava%2Fio%2Fsandpipers%2Fcdk%2Fassertion%2FCDKStackAssert.java) assertions class
+ for testing a Lambda function:
+ ```java
+ CDKStackAssert.assertThat(template)
+ .containsFunction("^Function[A-Z0-9]{8}$")
+ .hasHandler("org.springframework.cloud.function.adapter.aws.FunctionInvoker::handleRequest")
+ .hasCode("^cdk-sandpipers-assets-\\$\\{AWS\\:\\:AccountId\\}-\\$\\{AWS\\:\\:Region\\}$", "(.*).zip")
+ .hasRole("^FunctionServiceRole[A-Z0-9]{8}$")
+ .hasDependency("^FunctionServiceRoleDefaultPolicy[A-Z0-9]{8}$")
+ .hasDependency("^FunctionServiceRole[A-Z0-9]{8}$")
+ .hasTag("COST_CENTRE", "Sandpipers")
+ .hasTag("APPLICATION_NAME", "lambda-cdk-example")
+ .hasEnvironmentVariable("ENV", TEST)
+ .hasEnvironmentVariable("SPRING_PROFILES_ACTIVE", TEST)
+ .hasDescription("Example Function for CDK")
+ .hasMemorySize(512)
+ .hasRuntime("provided.al2023")
+ .hasTimeout(10)
+ .hasMemorySize(512)
+ .hasDeadLetterTarget("^FunctionDeadLetterTopic[A-Z0-9]{8}$");
+ ```
\ No newline at end of file
+ 4.0.0
+ io.sandpipers
+ sandpipers-cdk
+ pom
+ sandpipers-cdk-core
+ sandpipers-cdk-assertions
+ sandpipers-cdk-examples
+ sandpipers-cdk-types
+ sandpipers-cdk-bom
+ 21
+ 21
+ UTF-8
+ 5.10.2
+ 2.128.0
+ 5.10.0
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/muhamadto/sandpipers-cdk
+ io.sandpipers
+ sandpipers-cdk-core
+ ${project.version}
+ io.sandpipers
+ sandpipers-cdk-assertions
+ ${project.version}
+ io.sandpipers
+ sandpipers-cdk-types
+ ${project.version}
+ software.amazon.awscdk
+ aws-cdk-lib
+ ${aws-cdk.version}
+ provided
+ software.amazon.awscdk
+ apprunner-alpha
+ ${aws-cdk.version}-alpha.0
+ org.apache.commons
+ commons-lang3
+ 3.14.0
+ org.apache.commons
+ commons-collections4
+ 4.4
+ javax.validation
+ validation-api
+ 2.0.1.Final
+ com.google.guava
+ guava
+ 33.0.0-jre
+ org.projectlombok
+ lombok
+ 1.18.30
+ org.typefactory
+ type-factory-bom
+ 1.0.0
+ pom
+ import
+ com.fasterxml.jackson
+ jackson-bom
+ 2.17.0
+ pom
+ import
+ org.assertj
+ assertj-core
+ 3.25.3
+ org.junit.jupiter
+ junit-jupiter-api
+ 5.10.2
+ test
+ org.junit.jupiter
+ junit-jupiter-params
+ ${junit-jupiter.version}
+ test
+ org.mockito
+ mockito-core
+ ${mockito-core.version}
+ test
+ org.mockito
+ mockito-junit-jupiter
+ ${mockito-core.version}
+ test
+ org.testcontainers
+ testcontainers-bom
+ 1.19.0
+ pom
+ import
+ matto
+ Muhammad Hamadto
+ https://github.com/muhamadto
+ Apache License, Version 2.0
+ https://www.apache.org/licenses/LICENSE-2.0
+ Licensed to Muhammad Hamadto
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ https://www.apache.org/licenses/LICENSE-2.0
+ See the NOTICE file distributed with this work for additional information regarding
+ copyright ownership.
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ See the License for the specific language governing permissions and
+ limitations under the License.
\ No newline at end of file
diff --git a/sandpipers-cdk-assertions/README.md b/sandpipers-cdk-assertions/README.md
new file mode 100644
index 0000000..ccba31c
--- /dev/null
@@ -0,0 +1,115 @@
# sandpipers-cdk-assertions
@@ -0,0 +1,115 @@
+# sandpipers-cdk-assertions
+AssertJ-like fluent assertions for AWS CDK testing
+### Description
+When working with the AWS CDK, it is important to test your stacks to ensure that they are well-formed and that they match your expectations.
+AWS offers a framework to verify that your stack is well-formed and that it matches your expectations. This framework can be found [here](https://docs.aws.amazon.com/cdk/latest/guide/testing.html).
+Here is an example test that a stack contains a specific role:
+ template.hasResourceProperties("AWS::IAM::Role", Match.objectEquals(
+ Collections.singletonMap("AssumeRolePolicyDocument", Map.of(
+ "Version", "2012-10-17",
+ "Statement", Collections.singletonList(Map.of(
+ "Action", "sts:AssumeRole",
+ "Effect", "Allow",
+ "Principal", Collections.singletonMap(
+ "Service", Collections.singletonMap(
+ "Fn::Join", Arrays.asList(
+ "",
+ Arrays.asList("states.", Match.anyValue(), ".amazonaws.com")
+ )
+ )
+ )
+ ))
+ ))
+#### Sandpipers' CDK fluent testing library
+As you might have noticed, the tests written this way are verbose and present challenges in terms of readability and maintainability. However, don't despair! `sandpipers-cdk-assertions` allows you to write tests in a more readable and maintainable way. The library is inspired by the [AssertJ](https://assertj.github.io/doc/) library and provides a fluent API to test your CDK stacks.
+To illustrate, an equivalent representation to the aforementioned example can be found below:
+ .containsRoleWithManagedPolicyArn(managedPolicyArn)
+ .hasAssumeRolePolicyDocument("states.amazonaws.com", null, "Allow", "2012-10-17", "sts:AssumeRole");
+### Usage
+* Import the [sandpipers-cdk-bom](..%2Fsandpipers-cdk-bom/README.md) in your project (if you haven't already done so)
+* Add the following dependency to your `pom.xml` file:
+ ```xml
+ io.sandpipers
+ sandpipers-cdk-assertions
+ test
+ ```
+* Create a class `TemplateSupport` in your testing packages. This class will be used to load the template and create the `CDKStackAssert` object.
+ ```java
+ public abstract class TemplateSupport {
+ public static final String ENV = "test";
+ public static final String TEST_CDK_BUCKET = "test-cdk-bucket";
+ public static final String QUALIFIER = "test";
+ static Template template;
+ private static final String STACK_NAME = "example-lambda-function-test-stack";
+ @TempDir
+ private static Path TEMP_DIR;
+ @BeforeAll
+ static void initAll() throws IOException {
+ final Path lambdaCodePath = TestLambdaUtils.getTestLambdaCodePath(TEMP_DIR);
+ final Map tags = createTags(ENV, TAG_VALUE_COST_CENTRE);
+ final App app = new App();
+ final ExampleLambdaStack stack = StackUtils.createStack(app, STACK_NAME, lambdaCodePath.toString(), QUALIFIER, TEST_CDK_BUCKET, ENV);
+ tags.entrySet().stream()
+ .filter(tag -> Objects.nonNull(tag.getValue()))
+ .forEach(tag -> Tags.of(app).add(tag.getKey(), tag.getValue()));
+ template = Template.fromStack(stack);
+ }
+ @AfterAll
+ static void cleanup() {
+ template = null;
+ }
+ }
+ ```
+* Extend the `TemplateSupport` class in your test classes and use the `CDKStackAssert` object to verify your stack.
+ ```java
+ class LambdaTest extends TemplateSupport {
+ public static final String TEST = "test";
+ @Test
+ void should_have_lambda_function() {
+ CDKStackAssert.assertThat(template)
+ .containsFunction("example-lambda-function")
+ .hasHandler("org.springframework.cloud.function.adapter.aws.FunctionInvoker::handleRequest")
+ .hasCode("test-cdk-bucket", "(.*).zip")
+ .hasRole("examplelambdafunctionrole(.*)")
+ .hasDependency("examplelambdafunctionrole(.*)")
+ .hasDependency("examplelambdafunctionroleDefaultPolicy(.*)")
+ .hasTag("ENV", TEST)
+ .hasEnvironmentVariable("ENV", TEST)
+ .hasEnvironmentVariable("SPRING_PROFILES_ACTIVE", TEST)
+ .hasDescription("Lambda example")
+ .hasMemorySize(512)
+ .hasRuntime("provided.al2")
+ .hasTimeout(3);
+ }
+ }
+ ```
\ No newline at end of file
diff --git a/sandpipers-cdk-assertions/pom.xml b/sandpipers-cdk-assertions/pom.xml
new file mode 100644
index 0000000..d2c4e7e
--- /dev/null
@@ -0,0 +1,81 @@
+ 4.0.0
+ sandpipers-cdk-core
+ software.amazon.awscdk
+ aws-cdk-lib
+ software.amazon.awscdk
+ apprunner-alpha
+ org.apache.commons
+ commons-lang3
+ org.projectlombok
+ lombok
+ org.assertj
+ assertj-core
+ org.apache.commons
+ commons-collections4
\ No newline at end of file
+ * Licensed to Muhammad Hamadto
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * See the NOTICE file distributed with this work for additional information regarding copyright ownership.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.sandpipers.cdk.assertion;
+import static org.apache.commons.collections4.CollectionUtils.isNotEmpty;
+import java.util.List;
+import java.util.Map;
+import org.assertj.core.api.AbstractAssert;
+import org.assertj.core.api.Assertions;
+import org.assertj.core.api.InstanceOfAssertFactories;
+import org.jetbrains.annotations.NotNull;
+public abstract class AbstractCDKResourcesAssert, ACTUAL extends Map> extends
+ AbstractAssert {
+ protected AbstractCDKResourcesAssert(ACTUAL actual, Class> selfType) {
+ super(actual, selfType);
+ }
+ public SELF hasTag(final String key, final Object value) {
+ hasTag("Tags", key, value);
+ return myself;
+ }
+ public SELF hasTag(final String tagsMapId,
+ final String key,
+ final Object value) {
+ final Map> properties =
+ (Map>) actual.get("Properties");
+ final List
+ *
+ * @param id the name of the lambda permission
+ * @return {@link LambdaPermissionAssert} instance
+ */
+ public LambdaPermissionAssert containsLambdaPermission(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.LAMBDA_PERMISSION, id);
+ return LambdaPermissionAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::ApiGateway::BasePathMapping. Assertions are done
+ * directly on an object of {@link software.amazon.awscdk.assertions.Template}. If a resource map
+ * has been extracted from, then {@link ApiDomainNameAssert} should be used instead.
+ *
+ * @param id the name of the domain name
+ * @return {@link ApiDomainNameAssert} instance
+ */
+ public ApiDomainNameAssert containsApiDomainName(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.APIGATEWAY_DOMAIN_NAME, id);
+ return ApiDomainNameAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::ApiGateway::BasePathMapping. Assertions are done
+ * directly on an object of {@link software.amazon.awscdk.assertions.Template}. If a resource map
+ * has been extracted from, then {@link ApiBasePathMappingAssert} should be used instead.
+ *
+ *
+ * @param id the name of the mapping
+ * @return {@link ApiBasePathMappingAssert} instance
+ */
+ public ApiBasePathMappingAssert containsApiPathMapping(final String id) {
+ final Entry> resource = containsResource(actual,
+ return ApiBasePathMappingAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::SQS::QueuePolicy. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link QueuePolicyAssert} should be used instead.
+ *
+ *
+ *
+ * @param id the queue policy id
+ * @return {@link QueuePolicyAssert} instance
+ */
+ public QueuePolicyAssert containsQueuePolicy(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.QUEUE_POLICY, id);
+ return QueuePolicyAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::SQS::Queue. Assertions are done directly on an object
+ * of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been extracted
+ * from, then {@link QueueAssert} should be used instead.
+ *
+ *
+ *
+ * @param id the key of the queue
+ * @return {@link QueueAssert} instance
+ */
+ public QueueAssert containsQueue(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.QUEUE, id);
+ return QueueAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::SNS::Topic. Assertions are done directly on an object
+ * of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been extracted
+ * from, then {@link TopicAssert} should be used instead.
+ *
+ *
+ *
+ * @param id the key of the topic
+ * @return {@link TopicAssert} instance
+ */
+ public TopicAssert containsTopic(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.TOPIC, id);
+ return TopicAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::SNS::Subscription. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link TopicSubscriptionAssert} should be used instead.
+ *
+ *
+ *
+ * @param id the topic subscription id
+ * @return {@link TopicSubscriptionAssert} instance
+ */
+ public TopicSubscriptionAssert containsTopicSubscription(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.TOPIC_SUBSCRIPTION, id);
+ return TopicSubscriptionAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::CertificateManager::Certificate. Assertions are done
+ * directly on an object of {@link software.amazon.awscdk.assertions.Template}. If a resource map
+ * has been extracted from, then {@link CertificateAssert} should be used instead.
+ *
+ * @param id the name of the certificate
+ * @return {@link CertificateAssert} instance
+ */
+ public CertificateAssert containsCertificate(final String id) {
+ final Entry> resource = containsResource(actual,
+ return CertificateAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::Route53::ARecord. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link RecordSetAssert} should be used instead.
+ *
+ * @param id the name of the record set
+ * @return {@link RecordSetAssert} instance
+ */
+ public RecordSetAssert containsRecordSet(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.ROUTE53_RECORD_SET, id);
+ return RecordSetAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::Route53::ARecord. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link HostedZoneAssert} should be used instead.
+ *
+ * @param id the name of the hosted zone
+ * @return {@link HostedZoneAssert} instance
+ */
+ public HostedZoneAssert containsHostedZone(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.ROUTE53_HOSTED_ZONE, id);
+ return HostedZoneAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::DynamoDB::GlobalTable. Assertions are done directly on
+ * an object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link DynamoDBGlobalTableAssert} should be used instead.
+ *
+ * @param id the name of the table
+ * @return {@link DynamoDBGlobalTableAssert} instance
+ */
+ public DynamoDBGlobalTableAssert containsDynamoDBTable(final String id) {
+ final Entry> resource = containsResource(actual,
+ CdkResourceType.DYNAMODB_GLOBAL_TABLE, id);
+ return DynamoDBGlobalTableAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::AppRunner::Service. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link AppRunnerAssert} should be used instead.
+ *
+ * @param id the name of the app runner service
+ * @return {@link AppRunnerAssert} instance
+ */
+ public AppRunnerAssert containsAppRunnerService(final String id) {
+ final Entry> resource = containsResource(actual, APPRUNNER_SERVICE,
+ id);
+ return AppRunnerAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::AppRunner::VpcConnector. Assertions are done directly
+ * on an object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link VpcConnectorAssert} should be used instead.
+ *
+ * @param id the name of the vpc connector
+ * @return {@link VpcConnectorAssert} instance
+ */
+ public VpcConnectorAssert containsVpcConnector(final String id) {
+ final Entry> resource = containsResource(actual,
+ return VpcConnectorAssert.assertThat(resource.getValue());
+ }
+ /**
+ * Fluent assertions for AWS::EC2::SecurityGroup. Assertions are done directly on an
+ * object of {@link software.amazon.awscdk.assertions.Template}. If a resource map has been
+ * extracted from, then {@link SecurityGroupAssert} should be used instead.
+ *
+ * @param id the name of the security group
+ * @return {@link SecurityGroupAssert} instance
+ */
+ public SecurityGroupAssert containsSecurityGroup(final String id) {
+ final Entry> resource = containsResource(actual, EC2_SECURITY_GROUP,
+ id);
+ return SecurityGroupAssert.assertThat(resource.getValue());
+ }
+ private Entry> containsResource(
+ final Template template,
+ final CdkResourceType cdkResourceType,
+ final String id) {
+ final Entry> resource =
+ template.findResources(cdkResourceType.getValue())
+ .entrySet()
+ .stream()
+ .filter(entry -> stringLikeRegexp(id).test(entry.getKey()).getIsSuccess())
+ .findFirst()
+ .orElseThrow();
+ Assertions.assertThat(resource)
+ .isNotNull();
+ return resource;
+ }
+ * Licensed to Muhammad Hamadto
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * See the NOTICE file distributed with this work for additional information regarding copyright ownership.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.sandpipers.cdk.assertion;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public enum CdkResourceType {
+ APIGATEWAY_RESTAPI("AWS::ApiGateway::RestApi"),
+ APIGATEWAY_METHOD("AWS::ApiGateway::Method"),
+ APIGATEWAY_RESOURCE("AWS::ApiGateway::Resource"),
+ APIGATEWAY_ACCOUNT("AWS::ApiGateway::Account"),
+ APIGATEWAY_DEPLOYMENT("AWS::ApiGateway::Deployment"),
+ APIGATEWAY_STAGE("AWS::ApiGateway::Stage"),
+ APIGATEWAY_DOMAIN_NAME("AWS::ApiGateway::DomainName"),
+ APIGATEWAY_BASE_PATH_MAPPING("AWS::ApiGateway::BasePathMapping"),
+ LAMBDA_FUNCTION("AWS::Lambda::Function"),
+ LAMBDA_EVENT_INVOKE_CONFIG("AWS::Lambda::EventInvokeConfig"),
+ LAMBDA_PERMISSION("AWS::Lambda::Permission"),
+ POLICY("AWS::IAM::Policy"),
+ ROLE("AWS::IAM::Role"),
+ TOPIC("AWS::SNS::Topic"),
+ QUEUE("AWS::SQS::Queue"),
+ QUEUE_POLICY("AWS::SQS::QueuePolicy"),
+ BUCKET("AWS::S3::Bucket"),
+ EC2_SECURITY_GROUP("AWS::EC2::SecurityGroup"),
+ ECS_TASK_DEFINITION("AWS::ECS::TaskDefinition"),
+ DYNAMODB_TABLE("AWS::DynamoDB::Table"),
+ DYNAMODB_GLOBAL_TABLE("AWS::DynamoDB::GlobalTable"),
+ CERTIFICATEMANAGER_CERTIFICATE("AWS::CertificateManager::Certificate"),
+ ROUTE53_RECORD_SET("AWS::Route53::RecordSet"),
+ ROUTE53_HOSTED_ZONE("AWS::Route53::HostedZone"),
+ APPRUNNER_SERVICE("AWS::AppRunner::Service"),
+ APPRUNNER_VPC_CONNECTOR("AWS::AppRunner::VpcConnector")
+ ;
+ private String value;
+ * Licensed to Muhammad Hamadto
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * See the NOTICE file distributed with this work for additional information regarding copyright ownership.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.sandpipers.cdk.assertion;
+import java.util.List;
+import java.util.Map;
+import org.assertj.core.api.Assertions;
+ * Fluent assertions for AWS::CertificateManager::Certificate. This should be used if the resource map is extracted from the AWS template. Otherwise, start
+ * with{@link CDKStackAssert#containsCertificate(String)}
+ */
+public class CertificateAssert extends AbstractCDKResourcesAssert> {
+ private CertificateAssert(final Map actual) {
+ super(actual, CertificateAssert.class);
+ }
+ public static CertificateAssert assertThat(final Map actual) {
+ return new CertificateAssert(actual);
+ }
+ public CertificateAssert hasDomainName(final String expected) {
+ final Map properties = (Map) actual.get("Properties");
+ final String domainName = (String) properties.get("DomainName");
+ Assertions.assertThat(domainName)
+ .isNotEmpty()
+ .isEqualTo(expected);
+ return this;
+ }
+ public CertificateAssert hasDomainValidationOptions(final String domainName, final String validationDomain) {
+ final Map properties = (Map) actual.get("Properties");
+ final List< Object> domainValidationOptions = (List< Object>) properties.get("DomainValidationOptions");
+ Assertions.assertThat(domainValidationOptions)
+ .isNotNull()
+ .isNotEmpty()
+ .anySatisfy(dvo -> {
+ final Map domainValidationOption = (Map) dvo;
+ final String domainNameValue = (String) domainValidationOption.get("DomainName");
+ final String validationDomainValue = (String) domainValidationOption.get("ValidationDomain");
+ Assertions.assertThat(domainNameValue)
+ .isNotEmpty()
+ .isEqualTo(domainName);
+ Assertions.assertThat(validationDomainValue)
+ .isNotEmpty()
+ .isEqualTo(validationDomain);
+ });
+ return this;
+ }
+ public CertificateAssert hasValidationMethod(final String expected) {
+ final Map properties = (Map) actual.get("Properties");
+ final String validationMethod = (String) properties.get("ValidationMethod");
+ Assertions.assertThat(validationMethod)
+ .isNotEmpty()
+ .isEqualTo(expected);
+ return this;
+ }
diff --git a/sandpipers-cdk-assertions/src/main/java/io/sandpipers/cdk/assertion/DynamoDBGlobalTableAssert.java b/sandpipers-cdk-assertions/src/main/java/io/sandpipers/cdk/assertion/DynamoDBGlobalTableAssert.java
+ * Licensed to Muhammad Hamadto
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * See the NOTICE file distributed with this work for additional information regarding copyright ownership.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.sandpipers.cdk.assertion;
+import java.util.List;
+import java.util.Map;
+import org.assertj.core.api.Assertions;
+ * Fluent assertions for AWS::DynamoDB::GlobalTable. This should be used if the resource map is extracted from the AWS template. Otherwise, start with
+ * {@link CDKStackAssert#containsDynamoDBTable(String)}.
+ */
+public class DynamoDBGlobalTableAssert extends
+ AbstractCDKResourcesAssert> {
+ private DynamoDBGlobalTableAssert(final Map actual) {
+ super(actual, DynamoDBGlobalTableAssert.class);
+ }
+ public static DynamoDBGlobalTableAssert assertThat(final Map actual) {
+ return new DynamoDBGlobalTableAssert(actual);
+ }
+ public DynamoDBGlobalTableAssert hasBillingMode(final String expected) {
+ final String billingMode = ((Map) actual.get("Properties")).get("BillingMode");
+ Assertions.assertThat(billingMode)
+ .isNotNull()
+ .isInstanceOf(String.class)
+ .matches(bm -> bm.matches(expected));
+ return this;
+ }
+ public DynamoDBGlobalTableAssert hasName(final String expected) {
+ final String billingMode = ((Map) actual.get("Properties")).get("TableName");
+ Assertions.assertThat(billingMode)
+ .isNotNull()
+ .isInstanceOf(String.class)
+ .matches(bm -> bm.matches(expected));
+ return this;
+ }
+ public DynamoDBGlobalTableAssert hasSSESpecification(final Boolean expected) {
+ final Map properties = ((Map) actual.get("Properties"));
+ final Map sseSpecification = ((Map) properties.get("SSESpecification"));
+ final Boolean sseEnabled = sseSpecification.get("SSEEnabled");
+ Assertions.assertThat(sseEnabled)
+ .isEqualTo(expected);
+ return this;
+ }
+ public DynamoDBGlobalTableAssert hasKeySchema(final String name, final String type) {
+ final Map properties = ((Map) actual.get("Properties"));
+ final List