Skip to content

fix(lambda): add token resolution validation to capacity providers #36275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
reedham-aws wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix(lambda): add token resolution validation to capacity providers #36275

reedham-aws wants to merge 4 commits into from

Conversation

@reedham-aws
Copy link

@reedham-aws reedham-aws commented Dec 2, 2025

Issue # (if applicable)

N/a

Reason for this change

Current validation of fields for recent capacity provider additions in aws-lambda does not take into account unresolved tokens.

Description of changes

Added Token.isUnresolved() checks before all new validations. This ensures that validation only occurs when concrete values are provided, while still allowing tokens to pass through for CloudFormation resolution.

Describe any new or updated permissions being added

N/a

Description of how you validated changes

Changes should be only internal, validated that unit and integration tests continued to work.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added the p2 label Dec 2, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team December 2, 2025 21:32
@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Dec 2, 2025
aws-cdk-automation
aws-cdk-automation requested changes Dec 2, 2025
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter fails with the following errors:

❌ Fixes must contain a change to an integration test file and the resulting snapshot.

If you believe this pull request should receive an exemption, please comment and provide a justification. A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed, add Clarification Request to a comment.

@kumvprat
Copy link
Contributor

kumvprat commented Dec 3, 2025

@reedham-aws Can we have some unit tests that cover the edge of these properties being provided as tokens instead of exact values ?

kumvprat
kumvprat reviewed Dec 8, 2025
View reviewed changes
packages/aws-cdk-lib/aws-lambda/test/capacity-provider.test.ts
new lambda.CapacityProvider(stack, 'MyCapacityProvider', {
capacityProviderName: tokenName,
maxVCpuCount: cdk.Token.asNumber(tokenMaxVCpu),
subnets: tokenSubnets.map((id, i) => ec2.Subnet.fromSubnetId(stack, `TokenSubnet${i}`, id)),
Copy link
Contributor

@kumvprat kumvprat Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to have assertions on subnets and securityGroups values in the checks below ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kumvprat kumvprat kumvprat left review comments

@aws-cdk-automation aws-cdk-automation aws-cdk-automation requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK p2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@reedham-aws @kumvprat @aws-cdk-automation