chore(custom-resources): update and fix integ test (#19499)

kaizencc · web-flow · commit fe0ecb48d98f · 2022-03-22T11:30:37.000Z
Fixes #19450. The issue is the public read permissions. Even though the s3 bucket is configured to allow these permissions, public access can be blocked at the [account](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) level. This makes the custom resource unable to put a public object into the bucket despite correct permissions, causing deployment failure. Since this is a bad experience and the object is unnecessarily public, I have removed that setting. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json b/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json
@@ -18,8 +18,7 @@
           "Ref": "MyBucketF68F3FF0"
         },
         "Contents": "Hello, world, 1980!",
-        "ObjectKey": "second.txt",
-        "PublicRead": true
+        "ObjectKey": "second.txt"
       },
       "UpdateReplacePolicy": "Delete",
       "DeletionPolicy": "Delete"
@@ -131,7 +130,7 @@
           ]
         },
         "Handler": "index.onEvent",
-        "Runtime": "nodejs10.x"
+        "Runtime": "nodejs12.x"
       },
       "DependsOn": [
         "comamazonawscdkcustomresourcess3fileproviders3fileoneventServiceRoleDefaultPolicy10D24725",
diff --git a/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.ts b/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.ts
@@ -16,7 +16,6 @@ class TestStack extends Stack {
       bucket,
       objectKey: 'second.txt',
       contents: 'Hello, world, 1980!',
-      public: true,
     });
 
     const file2 = new S3File(this, 'file2', {
diff --git a/packages/@aws-cdk/custom-resources/test/provider-framework/integration-test-fixtures/s3-file.ts b/packages/@aws-cdk/custom-resources/test/provider-framework/integration-test-fixtures/s3-file.ts
@@ -82,7 +82,7 @@ class S3FileProvider extends CoreConstruct {
     this.provider = new cr.Provider(this, 's3file-provider', {
       onEventHandler: new lambda.Function(this, 's3file-on-event', {
         code: lambda.Code.fromAsset(path.join(__dirname, 's3-file-handler')),
-        runtime: lambda.Runtime.NODEJS_10_X,
+        runtime: lambda.Runtime.NODEJS_12_X,
         handler: 'index.onEvent',
         initialPolicy: [
           new iam.PolicyStatement({
