@aws-cdk/aws-servicecatalog
Advanced tools
All classes with the
Cfnprefix in this module (CFN Resources) are always stable and safe to use.
The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
AWS Service Catalog enables organizations to create and manage catalogs of products for their end users that are approved for use on AWS.
The @aws-cdk/aws-servicecatalog package contains resources that enable users to automate governance and management of their AWS resources at scale.
import * as servicecatalog from '@aws-cdk/aws-servicecatalog';
AWS Service Catalog portfolios allow admins to manage products that their end users have access to.
Using the CDK, a new portfolio can be created with the Portfolio construct:
new servicecatalog.Portfolio(this, 'MyFirstPortfolio', {
displayName: 'MyFirstPortfolio',
providerName: 'MyTeam',
});
You can also specify properties such as description and acceptLanguage
to help better catalog and manage your portfolios.
new servicecatalog.Portfolio(this, 'MyFirstPortfolio', {
displayName: 'MyFirstPortfolio',
providerName: 'MyTeam',
description: 'Portfolio for a project',
messageLanguage: servicecatalog.MessageLanguage.EN,
});
Read more at Creating and Managing Portfolios.
A portfolio that has been created outside the stack can be imported into your CDK app.
Portfolios can be imported by their ARN via the Portfolio.fromPortfolioArn() API:
const portfolio = servicecatalog.Portfolio.fromPortfolioArn(this, 'MyImportedPortfolio',
'arn:aws:catalog:region:account-id:portfolio/port-abcdefghi');
You can manage end user access to a portfolio by granting permissions to IAM entities like a user, group, or role.
Once resources are deployed end users will be able to access them via the console or service catalog CLI.
import * as iam from '@aws-cdk/aws-iam';
const user = new iam.User(this, 'MyUser');
portfolio.giveAccessToUser(user);
const role = new iam.Role(this, 'MyRole', {
assumedBy: new iam.AccountRootPrincipal(),
});
portfolio.giveAccessToRole(role);
const group = new iam.Group(this, 'MyGroup');
portfolio.giveAccessToGroup(group);
A portfolio can be programatically shared with other accounts so that specified users can also access it:
portfolio.shareWithAccount('012345678901');
Products are the resources you are allowing end users to provision and utilize.
The CDK currently only supports adding products of type Cloudformation product.
Using the CDK, a new Product can be created with the CloudFormationProduct construct.
CloudFormationTemplate.fromUrl can be utilized to create a Product using a Cloudformation template directly from an URL:
const product = new servicecatalog.CloudFormationProduct(this, 'MyFirstProduct', {
productName: "My Product",
owner: "Product Owner",
productVersions: [
{
productVersionName: "v1",
cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromUrl(
'https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml'),
},
]
});
A CloudFormationProduct can also be created using a Cloudformation template from an Asset.
Assets are files that are uploaded to an S3 Bucket before deployment.
CloudFormationTemplate.fromAsset can be utilized to create a Product by passing the path to a local template file on your disk:
import * as path from 'path';
const product = new servicecatalog.CloudFormationProduct(this, 'MyFirstProduct', {
productName: "My Product",
owner: "Product Owner",
productVersions: [
{
productVersionName: "v1",
cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromUrl(
'https://raw.githubusercontent.com/awslabs/aws-cloudformation-templates/master/aws/services/ServiceCatalog/Product.yaml'),
},
{
productVersionName: "v2",
cloudFormationTemplate: servicecatalog.CloudFormationTemplate.fromAsset(path.join(__dirname, 'development-environment.template.json')),
},
]
});
You add products to a portfolio to manage your resources at scale. After adding a product to a portfolio, it creates a portfolio-product association, and will become visible from the portfolio side in both the console and service catalog CLI. A product can be added to multiple portfolios depending on your resource and organizational needs.
portfolio.addProduct(product);
Constraints define governance mechanisms that allow you to manage permissions, notifications, and options related to actions end users can perform on products, Constraints are applied on a portfolio-product association. Using the CDK, if you do not explicitly associate a product to a portfolio and add a constraint, it will automatically add an association for you.
There are rules around plurariliites of constraints for a portfolio and product.
For example, you can only have a single "tag update" constraint applied to a portfolio-product association.
If a misconfigured constraint is added, synth will fail with an error message.
Read more at Service Catalog Constraints.
Tag update constraints allow or disallow end users to update tags on resources associated with an AWS Service Catalog product upon provisioning. By default, tag updating is not permitted. If tag updating is allowed, then new tags associated with the product or portfolio will be applied to provisioned resources during a provisioned product update.
portfolio.addProduct(product);
portfolio.constrainTagUpdates(product);
If you want to disable this feature later on, you can update it by setting the "allow" parameter to false:
// to disable tag updates:
portfolio.constrainTagUpdates(product, {
allow: false,
});
1.114.0 (2021-07-15)
prefixPath property in HttpGatewayRouteMatch has been renamed to path, and its type changed from string to HttpGatewayRoutePathMatchAcceptLanguage enum has been renamed to MessageLanguage, and fields that accepted this enum have been updated to reflect this change.acceptLanguage in PortfolioShareOptions has been renamed to messageLanguage.acceptLanguage in PortfolioProps has been renamed to messageLanguage.acceptLanguage in CloudFormationProductProps has been renamed messageLanguage.prefixPath property in HttpRouteMatch has been renamed to path, and its type changed from string to HttpRoutePathMatchFAQs
The CDK Construct Library for AWS::ServiceCatalog
The npm package @aws-cdk/aws-servicecatalog receives a total of 18,543 weekly downloads. As such, @aws-cdk/aws-servicecatalog popularity was classified as popular.
We found that @aws-cdk/aws-servicecatalog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.