aws
diff --git a/‎.github/workflows/yarn-upgrade.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/yarn-upgrade.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎CONTRIBUTING.md
Lines changed: 1 addition & 2 deletions b/‎CONTRIBUTING.md
Lines changed: 1 addition & 2 deletions
diff --git a/‎README.md
Lines changed: 2 additions & 4 deletions b/‎README.md
Lines changed: 2 additions & 4 deletions
diff --git a/‎packages/@aws-cdk-containers/ecs-service-extensions/test/integ.all-service-addons.expected.json
Lines changed: 2 additions & 12 deletions b/‎packages/@aws-cdk-containers/ecs-service-extensions/test/integ.all-service-addons.expected.json
Lines changed: 2 additions & 12 deletions
diff --git a/‎packages/@aws-cdk/aws-appmesh/README.md
Lines changed: 18 additions & 0 deletions b/‎packages/@aws-cdk/aws-appmesh/README.md
Lines changed: 18 additions & 0 deletions
diff --git a/‎packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts
Lines changed: 8 additions & 1 deletion b/‎packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts
Lines changed: 8 additions & 1 deletion
diff --git a/‎packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json
Lines changed: 4 additions & 24 deletions b/‎packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json
Lines changed: 4 additions & 24 deletions
diff --git a/‎packages/@aws-cdk/aws-appmesh/test/mesh.test.ts
Lines changed: 1 addition & 3 deletions b/‎packages/@aws-cdk/aws-appmesh/test/mesh.test.ts
Lines changed: 1 addition & 3 deletions
diff --git a/‎packages/@aws-cdk/aws-appmesh/test/virtual-node.test.ts
Lines changed: 70 additions & 11 deletions b/‎packages/@aws-cdk/aws-appmesh/test/virtual-node.test.ts
Lines changed: 70 additions & 11 deletions
diff --git a/‎packages/@aws-cdk/aws-cloudfront/lib/distribution.ts
Lines changed: 4 additions & 1 deletion b/‎packages/@aws-cdk/aws-cloudfront/lib/distribution.ts
Lines changed: 4 additions & 1 deletion
diff --git a/‎packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts
Lines changed: 4 additions & 1 deletion b/‎packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts
Lines changed: 4 additions & 1 deletion
diff --git a/‎packages/@aws-cdk/aws-cloudfront/test/integ.cloudfront-bucket-logging.expected.json
Lines changed: 58 additions & 0 deletions b/‎packages/@aws-cdk/aws-cloudfront/test/integ.cloudfront-bucket-logging.expected.json
Lines changed: 58 additions & 0 deletions
@@ -18,7 +18,7 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Set up Node
-        uses: actions/[email protected].0
+        uses: actions/[email protected].1
         with:
           node-version: 12
 
 
@@ -52,9 +52,8 @@ See [Gitpod section](#gitpod) on how to set up the CDK repo on Gitpod.
 
 The following tools need to be installed on your system prior to installing the CDK:
 
-- [Node.js >= 10.13.0](https://nodejs.org/download/release/latest-v10.x/)
+- [Node.js >= 14.15.0](https://nodejs.org/download/release/latest-v14.x/)
   - We recommend using a version in [Active LTS](https://nodejs.org/en/about/releases/)
-  - ⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies.
 - [Yarn >= 1.19.1, < 2](https://yarnpkg.com/lang/en/docs/install)
 - [.NET Core SDK 3.1.x](https://www.microsoft.com/net/download)
 - [Python >= 3.6.5, < 4.0](https://www.python.org/downloads/release/python-365/)
 
@@ -19,9 +19,8 @@ infrastructure definition and share it without worrying about boilerplate logic.
 
 The CDK is available in the following languages:
 
-* JavaScript, TypeScript ([Node.js ≥ 10.13.0](https://nodejs.org/download/release/latest-v10.x/))
+* JavaScript, TypeScript ([Node.js ≥ 14.15.0](https://nodejs.org/download/release/latest-v14.x/))
   - We recommend using a version in [Active LTS](https://nodejs.org/en/about/releases/)
-  - ⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies.
 * Python ([Python ≥ 3.6](https://www.python.org/downloads/))
 * Java ([Java ≥ 8](https://www.oracle.com/technetwork/java/javase/downloads/index.html) and [Maven ≥ 3.5.4](https://maven.apache.org/download.cgi))
 * .NET ([.NET Core ≥ 3.1](https://dotnet.microsoft.com/download))
@@ -77,8 +76,7 @@ in the CDK Developer Guide.
 For a detailed walkthrough, see the [tutorial](https://docs.aws.amazon.com/cdk/latest/guide/getting_started.html#hello_world_tutorial) in the AWS CDK [Developer Guide](https://docs.aws.amazon.com/cdk/latest/guide/home.html).
 
 ### At a glance
-Install or update the [AWS CDK CLI] from npm (requires [Node.js ≥ 10.13.0](https://nodejs.org/download/release/latest-v10.x/)). We recommend using a version in [Active LTS](https://nodejs.org/en/about/releases/)
-⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies.
+Install or update the [AWS CDK CLI] from npm (requires [Node.js ≥ 14.15.0](https://nodejs.org/download/release/latest-v14.x/)). We recommend using a version in [Active LTS](https://nodejs.org/en/about/releases/)
 
 ```console
 $ npm i -g aws-cdk
 
@@ -3185,22 +3185,12 @@
           "Backends": [
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "namevirtualservice3DDDDF1E",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "name.production"
               }
             },
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "greetingvirtualservice60AD3AD9",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "greeting.production"
               }
             }
           ],
 
@@ -236,6 +236,24 @@ The `backends` property can be added with `node.addBackend()`. In the example, w
 
 The `backendDefaults` property is added to the node while creating the virtual node. These are the virtual node's default settings for all backends.
 
+The `VirtualNode.addBackend()` method is especially useful if you want to create a circular traffic flow by having a Virtual Service as a backend whose provider is that same Virtual Node:
+
+```ts
+declare const mesh: appmesh.Mesh;
+
+const node = new appmesh.VirtualNode(this, 'node', {
+  mesh,
+  serviceDiscovery: appmesh.ServiceDiscovery.dns('node'),
+});
+
+const virtualService = new appmesh.VirtualService(this, 'service-1', {
+  virtualServiceProvider: appmesh.VirtualServiceProvider.virtualNode(node),
+  virtualServiceName: 'service1.domain.local',
+});
+
+node.addBackend(appmesh.Backend.virtualService(virtualService));
+```
+
 ### Adding TLS to a listener
 
 The `tls` property specifies TLS configuration when creating a listener for a virtual node or a virtual gateway. 
 
@@ -238,7 +238,14 @@ class VirtualServiceBackend extends Backend {
     return {
       virtualServiceBackend: {
         virtualService: {
-          virtualServiceName: this.virtualService.virtualServiceName,
+          /**
+           * We want to use the name of the Virtual Service here directly instead of
+           * a `{ 'Fn::GetAtt' }` CFN expression. This avoids a circular dependency in
+           * the case where this Virtual Node is the Virtual Service's provider.
+           */
+          virtualServiceName: cdk.Token.isUnresolved(this.virtualService.virtualServiceName)
+            ? (this.virtualService as any).physicalName
+            : this.virtualService.virtualServiceName,
           clientPolicy: this.tlsClientPolicy
             ? {
               tls: renderTlsClientPolicy(scope, this.tlsClientPolicy),
 
@@ -1040,22 +1040,12 @@
           "Backends": [
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "service6D174F83",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "service1.domain.local"
               }
             },
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "service27C65CF7D",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "service2.domain.local"
               }
             }
           ],
@@ -1111,12 +1101,7 @@
           "Backends": [
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "service3859EB104",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "service3.domain.local"
               }
             }
           ],
@@ -1241,12 +1226,7 @@
           "Backends": [
             {
               "VirtualService": {
-                "VirtualServiceName": {
-                  "Fn::GetAtt": [
-                    "service4983B61EE",
-                    "VirtualServiceName"
-                  ]
-                }
+                "VirtualServiceName": "service4.domain.local"
               }
             }
           ],
 
@@ -314,9 +314,7 @@ describe('mesh', () => {
               Backends: [
                 {
                   VirtualService: {
-                    VirtualServiceName: {
-                      'Fn::GetAtt': ['service1A48078CF', 'VirtualServiceName'],
-                    },
+                    VirtualServiceName: 'service1.domain.local',
                   },
                 },
               ],
 
@@ -41,24 +41,18 @@ describe('virtual node', () => {
             Backends: [
               {
                 VirtualService: {
-                  VirtualServiceName: {
-                    'Fn::GetAtt': ['service1A48078CF', 'VirtualServiceName'],
-                  },
+                  VirtualServiceName: 'service1.domain.local',
                 },
               },
               {
                 VirtualService: {
-                  VirtualServiceName: {
-                    'Fn::GetAtt': ['service27C65CF7D', 'VirtualServiceName'],
-                  },
+                  VirtualServiceName: 'service2.domain.local',
                 },
               },
             ],
           },
           MeshOwner: ABSENT,
         });
-
-
       });
     });
 
@@ -458,9 +452,7 @@ describe('virtual node', () => {
             Backends: [
               {
                 VirtualService: {
-                  VirtualServiceName: {
-                    'Fn::GetAtt': ['service1A48078CF', 'VirtualServiceName'],
-                  },
+                  VirtualServiceName: 'service1.domain.local',
                   ClientPolicy: {
                     TLS: {
                       Ports: [8080, 8081],
@@ -478,8 +470,75 @@ describe('virtual node', () => {
             ],
           },
         });
+      });
+
+      test('you can add a Virtual Service as a backend to a Virtual Node which is the provider for that Virtual Service', () => {
+        // GIVEN
+        const stack = new cdk.Stack();
+
+        // WHEN
+        const mesh = new appmesh.Mesh(stack, 'mesh', {
+          meshName: 'test-mesh',
+        });
+
+        const node = new appmesh.VirtualNode(stack, 'test-node', {
+          mesh,
+          serviceDiscovery: appmesh.ServiceDiscovery.dns('test'),
+        });
+
+        const myVirtualService = new appmesh.VirtualService(stack, 'service-1', {
+          virtualServiceProvider: appmesh.VirtualServiceProvider.virtualNode(node),
+          virtualServiceName: 'service1.domain.local',
+        });
+
+        node.addBackend(appmesh.Backend.virtualService(myVirtualService));
+
+        // THEN
+        expect(stack).toHaveResourceLike('AWS::AppMesh::VirtualNode', {
+          Spec: {
+            Backends: [
+              {
+                VirtualService: {
+                  VirtualServiceName: 'service1.domain.local',
+                },
+              },
+            ],
+          },
+        });
+      });
+
+      test('you can add a Virtual Service with an automated name as a backend to a Virtual Node which is the provider for that Virtual Service, ', () => {
+        // GIVEN
+        const stack = new cdk.Stack();
 
+        // WHEN
+        const mesh = new appmesh.Mesh(stack, 'mesh', {
+          meshName: 'test-mesh',
+        });
 
+        const node = new appmesh.VirtualNode(stack, 'test-node', {
+          mesh,
+          serviceDiscovery: appmesh.ServiceDiscovery.dns('test'),
+        });
+
+        const myVirtualService = new appmesh.VirtualService(stack, 'service-1', {
+          virtualServiceProvider: appmesh.VirtualServiceProvider.virtualNode(node),
+        });
+
+        node.addBackend(appmesh.Backend.virtualService(myVirtualService));
+
+        // THEN
+        expect(stack).toHaveResourceLike('AWS::AppMesh::VirtualNode', {
+          Spec: {
+            Backends: [
+              {
+                VirtualService: {
+                  VirtualServiceName: 'service1',
+                },
+              },
+            ],
+          },
+        });
       });
     });
 
 
@@ -430,7 +430,10 @@ export class Distribution extends Resource implements IDistribution {
       throw new Error('Explicitly disabled logging but provided a logging bucket.');
     }
 
-    const bucket = props.logBucket ?? new s3.Bucket(this, 'LoggingBucket');
+    const bucket = props.logBucket ?? new s3.Bucket(this, 'LoggingBucket', {
+      encryption: s3.BucketEncryption.S3_MANAGED,
+      enforceSSL: true,
+    });
     return {
       bucket: bucket.bucketRegionalDomainName,
       includeCookies: props.logIncludesCookies,
 
@@ -954,7 +954,10 @@ export class CloudFrontWebDistribution extends cdk.Resource implements IDistribu
     }
 
     if (props.loggingConfig) {
-      this.loggingBucket = props.loggingConfig.bucket || new s3.Bucket(this, 'LoggingBucket');
+      this.loggingBucket = props.loggingConfig.bucket || new s3.Bucket(this, 'LoggingBucket', {
+        encryption: s3.BucketEncryption.S3_MANAGED,
+        enforceSSL: true,
+      });
       distributionConfig = {
         ...distributionConfig,
         logging: {
 
@@ -75,9 +75,67 @@
     },
     "AnAmazingWebsiteProbably2LoggingBucket222F7CE9": {
       "Type": "AWS::S3::Bucket",
+      "Properties": {
+        "BucketEncryption": {
+          "ServerSideEncryptionConfiguration": [
+            {
+              "ServerSideEncryptionByDefault": {
+                "SSEAlgorithm": "AES256"
+              }
+            }
+          ]
+        }
+      },
       "UpdateReplacePolicy": "Retain",
       "DeletionPolicy": "Retain"
     },
+    "AnAmazingWebsiteProbably2LoggingBucketPolicyE298B456": {
+      "Type": "AWS::S3::BucketPolicy",
+      "Properties": {
+        "Bucket": {
+          "Ref": "AnAmazingWebsiteProbably2LoggingBucket222F7CE9"
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "s3:*",
+              "Condition": {
+                "Bool": {
+                  "aws:SecureTransport": "false"
+                }
+              },
+              "Effect": "Deny",
+              "Principal": {
+                "AWS": "*"
+              },
+              "Resource": [
+                {
+                  "Fn::GetAtt": [
+                    "AnAmazingWebsiteProbably2LoggingBucket222F7CE9",
+                    "Arn"
+                  ]
+                },
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "AnAmazingWebsiteProbably2LoggingBucket222F7CE9",
+                          "Arn"
+                        ]
+                      },
+                      "/*"
+                    ]
+                  ]
+                }
+              ]
+            }
+          ],
+          "Version": "2012-10-17"
+        }
+      }
+    },
     "AnAmazingWebsiteProbably2CFDistribution7C1CCD12": {
       "Type": "AWS::CloudFront::Distribution",
       "Properties": {
Original file line number	Diff line number	Diff line change
`@@ -3185,22 +3185,12 @@`
`3185`	`3185`	`"Backends": [`
`3186`	`3186`	`{`
`3187`	`3187`	`"VirtualService": {`
`3188`		`- "VirtualServiceName": {`
`3189`		`- "Fn::GetAtt": [`
`3190`		`- "namevirtualservice3DDDDF1E",`
`3191`		`- "VirtualServiceName"`
`3192`		`- ]`
`3193`		`- }`
	`3188`	`+ "VirtualServiceName": "name.production"`
`3194`	`3189`	`}`
`3195`	`3190`	`},`
`3196`	`3191`	`{`
`3197`	`3192`	`"VirtualService": {`
`3198`		`- "VirtualServiceName": {`
`3199`		`- "Fn::GetAtt": [`
`3200`		`- "greetingvirtualservice60AD3AD9",`
`3201`		`- "VirtualServiceName"`
`3202`		`- ]`
`3203`		`- }`
	`3193`	`+ "VirtualServiceName": "greeting.production"`
`3204`	`3194`	`}`
`3205`	`3195`	`}`
`3206`	`3196`	`],`
Original file line number	Diff line number	Diff line change
`@@ -1040,22 +1040,12 @@`
`1040`	`1040`	`"Backends": [`
`1041`	`1041`	`{`
`1042`	`1042`	`"VirtualService": {`
`1043`		`- "VirtualServiceName": {`
`1044`		`- "Fn::GetAtt": [`
`1045`		`- "service6D174F83",`
`1046`		`- "VirtualServiceName"`
`1047`		`- ]`
`1048`		`- }`
	`1043`	`+ "VirtualServiceName": "service1.domain.local"`
`1049`	`1044`	`}`
`1050`	`1045`	`},`
`1051`	`1046`	`{`
`1052`	`1047`	`"VirtualService": {`
`1053`		`- "VirtualServiceName": {`
`1054`		`- "Fn::GetAtt": [`
`1055`		`- "service27C65CF7D",`
`1056`		`- "VirtualServiceName"`
`1057`		`- ]`
`1058`		`- }`
	`1048`	`+ "VirtualServiceName": "service2.domain.local"`
`1059`	`1049`	`}`
`1060`	`1050`	`}`
`1061`	`1051`	`],`
`@@ -1111,12 +1101,7 @@`
`1111`	`1101`	`"Backends": [`
`1112`	`1102`	`{`
`1113`	`1103`	`"VirtualService": {`
`1114`		`- "VirtualServiceName": {`
`1115`		`- "Fn::GetAtt": [`
`1116`		`- "service3859EB104",`
`1117`		`- "VirtualServiceName"`
`1118`		`- ]`
`1119`		`- }`
	`1104`	`+ "VirtualServiceName": "service3.domain.local"`
`1120`	`1105`	`}`
`1121`	`1106`	`}`
`1122`	`1107`	`],`
`@@ -1241,12 +1226,7 @@`
`1241`	`1226`	`"Backends": [`
`1242`	`1227`	`{`
`1243`	`1228`	`"VirtualService": {`
`1244`		`- "VirtualServiceName": {`
`1245`		`- "Fn::GetAtt": [`
`1246`		`- "service4983B61EE",`
`1247`		`- "VirtualServiceName"`
`1248`		`- ]`
`1249`		`- }`
	`1229`	`+ "VirtualServiceName": "service4.domain.local"`
`1250`	`1230`	`}`
`1251`	`1231`	`}`
`1252`	`1232`	`],`