fix: all aws-cdk-lib custom resources now use Node18 (#26212)

Migrates all of the custom resources within aws-cdk-lib to use Node18 runtime. Also changes all handler code for these CRs to use aws-sdk v3 instead of v2 since Node18 lambda runtime ships sdk v3 in the environment.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: MrArnoldPalmer

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/asset.ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672/index.js renamed to packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/asset.fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774/index.js

@@ -1,6 +1,7 @@
 'use strict';
 
-const aws = require('aws-sdk');
+const { ACM, waitUntilCertificateValidated } = require('@aws-sdk/client-acm');
+const { Route53, waitUntilResourceRecordSetsChanged } = require('@aws-sdk/client-route-53');
 
 const defaultSleep = function (ms) {
   return new Promise(resolve => setTimeout(resolve, ms));
@@ -74,12 +75,12 @@ let report = function (event, context, responseStatus, physicalResourceId, respo
  */
 const addTags = async function(certificateArn, region, tags) {
   const result = Array.from(Object.entries(tags)).map(([Key, Value]) => ({ Key, Value }))
-  const acm = new aws.ACM({ region });
+  const acm = new ACM({ region });
 
   await acm.addTagsToCertificate({
     CertificateArn: certificateArn,
     Tags: result,
-  }).promise();
+  });
 }
 
 /**
@@ -96,12 +97,8 @@ const addTags = async function(certificateArn, region, tags) {
  */
 const requestCertificate = async function (requestId, domainName, subjectAlternativeNames, certificateTransparencyLoggingPreference, hostedZoneId, region, route53Endpoint) {
   const crypto = require('crypto');
-  const acm = new aws.ACM({ region });
-  const route53 = route53Endpoint ? new aws.Route53({ endpoint: route53Endpoint }) : new aws.Route53();
-  if (waiter) {
-    // Used by the test suite, since waiters aren't mockable yet
-    route53.waitFor = acm.waitFor = waiter;
-  }
+  const acm = new ACM({ region });
+  const route53 = route53Endpoint ? new Route53({ endpoint: route53Endpoint }) : new Route53();
 
   console.log(`Requesting certificate for ${domainName}`);
 
@@ -113,7 +110,7 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
     },
     IdempotencyToken: crypto.createHash('sha256').update(requestId).digest('hex').slice(0, 32),
     ValidationMethod: 'DNS'
-  }).promise();
+  });
 
   console.log(`Certificate ARN: ${reqCertResponse.CertificateArn}`);
 
@@ -123,7 +120,7 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
   for (let attempt = 0; attempt < maxAttempts && !records.length; attempt++) {
     const { Certificate } = await acm.describeCertificate({
       CertificateArn: reqCertResponse.CertificateArn
-    }).promise();
+    });
 
     records = getDomainValidationRecords(Certificate);
     if (!records.length) {
@@ -143,14 +140,13 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
   await commitRoute53Records(route53, records, hostedZoneId);
 
   console.log('Waiting for validation...');
-  await acm.waitFor('certificateValidated', {
-    // Wait up to 9 minutes and 30 seconds
-    $waiter: {
-      delay: 30,
-      maxAttempts: 19
-    },
+  await waitUntilCertificateValidated({
+    client: acm,
+    maxAttempts: 19,
+    delay: 30,
+  }, {
     CertificateArn: reqCertResponse.CertificateArn
-  }).promise();
+  })
 
   return reqCertResponse.CertificateArn;
 };
@@ -162,12 +158,8 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
  * @param {string} arn The certificate ARN
  */
 const deleteCertificate = async function (arn, region, hostedZoneId, route53Endpoint, cleanupRecords) {
-  const acm = new aws.ACM({ region });
-  const route53 = route53Endpoint ? new aws.Route53({ endpoint: route53Endpoint }) : new aws.Route53();
-  if (waiter) {
-    // Used by the test suite, since waiters aren't mockable yet
-    route53.waitFor = acm.waitFor = waiter;
-  }
+  const acm = new ACM({ region });
+  const route53 = route53Endpoint ? new Route53({ endpoint: route53Endpoint }) : new Route53();
 
   try {
     console.log(`Waiting for certificate ${arn} to become unused`);
@@ -177,7 +169,7 @@ const deleteCertificate = async function (arn, region, hostedZoneId, route53Endp
     for (let attempt = 0; attempt < maxAttempts; attempt++) {
       const { Certificate } = await acm.describeCertificate({
         CertificateArn: arn
-      }).promise();
+      });
 
       if (cleanupRecords) {
         records = getDomainValidationRecords(Certificate);
@@ -206,7 +198,7 @@ const deleteCertificate = async function (arn, region, hostedZoneId, route53Endp
 
     await acm.deleteCertificate({
       CertificateArn: arn
-    }).promise();
+    });
 
     if (cleanupRecords) {
       console.log(`Deleting ${records.length} DNS records from zone ${hostedZoneId}:`);
@@ -268,17 +260,16 @@ async function commitRoute53Records(route53, records, hostedZoneId, action = 'UP
       }),
     },
     HostedZoneId: hostedZoneId
-  }).promise();
+  });
 
   console.log('Waiting for DNS records to commit...');
-  await route53.waitFor('resourceRecordSetsChanged', {
-    // Wait up to 5 minutes
-    $waiter: {
-      delay: 30,
-      maxAttempts: 10
-    },
-    Id: changeBatch.ChangeInfo.Id
-  }).promise();
+  await waitUntilResourceRecordSetsChanged({
+    client: route53,
+    delay: 30,
+    maxAttempts: 10,
+  }, {
+    Id: changeBatch.ChangeInfo.Id,
+  });
 }
 
 /**

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/cdk.out

@@ -1 +1 @@
-{"version":"31.0.0"}
+{"version":"32.0.0"}

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/integ-dns-validated-certificate.assets.json

@@ -1,28 +1,28 @@
 {
-  "version": "31.0.0",
+  "version": "32.0.0",
   "files": {
-    "ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672": {
+    "fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774": {
       "source": {
-        "path": "asset.ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672",
+        "path": "asset.fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774",
         "packaging": "zip"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672.zip",
+          "objectKey": "fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774.zip",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
     },
-    "1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd": {
+    "14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c": {
       "source": {
         "path": "integ-dns-validated-certificate.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd.json",
+          "objectKey": "14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/integ-dns-validated-certificate.template.json

@@ -96,7 +96,7 @@
      "S3Bucket": {
       "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
      },
-     "S3Key": "ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672.zip"
+     "S3Key": "fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774.zip"
     },
     "Role": {
      "Fn::GetAtt": [
@@ -105,15 +105,7 @@
      ]
     },
     "Handler": "index.certificateRequestHandler",
-    "Runtime": {
-     "Fn::FindInMap": [
-      "DefaultCrNodeVersionMap",
-      {
-       "Ref": "AWS::Region"
-      },
-      "value"
-     ]
-    },
+    "Runtime": "nodejs18.x",
     "Timeout": 900
    },
    "DependsOn": [
@@ -138,109 +130,6 @@
    "DeletionPolicy": "Delete"
   }
  },
- "Mappings": {
-  "DefaultCrNodeVersionMap": {
-   "af-south-1": {
-    "value": "nodejs16.x"
-   },
-   "ap-east-1": {
-    "value": "nodejs16.x"
-   },
-   "ap-northeast-1": {
-    "value": "nodejs16.x"
-   },
-   "ap-northeast-2": {
-    "value": "nodejs16.x"
-   },
-   "ap-northeast-3": {
-    "value": "nodejs16.x"
-   },
-   "ap-south-1": {
-    "value": "nodejs16.x"
-   },
-   "ap-south-2": {
-    "value": "nodejs16.x"
-   },
-   "ap-southeast-1": {
-    "value": "nodejs16.x"
-   },
-   "ap-southeast-2": {
-    "value": "nodejs16.x"
-   },
-   "ap-southeast-3": {
-    "value": "nodejs16.x"
-   },
-   "ca-central-1": {
-    "value": "nodejs16.x"
-   },
-   "cn-north-1": {
-    "value": "nodejs16.x"
-   },
-   "cn-northwest-1": {
-    "value": "nodejs16.x"
-   },
-   "eu-central-1": {
-    "value": "nodejs16.x"
-   },
-   "eu-central-2": {
-    "value": "nodejs16.x"
-   },
-   "eu-north-1": {
-    "value": "nodejs16.x"
-   },
-   "eu-south-1": {
-    "value": "nodejs16.x"
-   },
-   "eu-south-2": {
-    "value": "nodejs16.x"
-   },
-   "eu-west-1": {
-    "value": "nodejs16.x"
-   },
-   "eu-west-2": {
-    "value": "nodejs16.x"
-   },
-   "eu-west-3": {
-    "value": "nodejs16.x"
-   },
-   "me-central-1": {
-    "value": "nodejs16.x"
-   },
-   "me-south-1": {
-    "value": "nodejs16.x"
-   },
-   "sa-east-1": {
-    "value": "nodejs16.x"
-   },
-   "us-east-1": {
-    "value": "nodejs16.x"
-   },
-   "us-east-2": {
-    "value": "nodejs16.x"
-   },
-   "us-gov-east-1": {
-    "value": "nodejs16.x"
-   },
-   "us-gov-west-1": {
-    "value": "nodejs16.x"
-   },
-   "us-iso-east-1": {
-    "value": "nodejs14.x"
-   },
-   "us-iso-west-1": {
-    "value": "nodejs14.x"
-   },
-   "us-isob-east-1": {
-    "value": "nodejs14.x"
-   },
-   "us-west-1": {
-    "value": "nodejs16.x"
-   },
-   "us-west-2": {
-    "value": "nodejs16.x"
-   }
-  }
- },
  "Outputs": {
   "CertificateArn": {
    "Value": {

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/integ.json

@@ -1,6 +1,6 @@
 {
   "enableLookups": true,
-  "version": "31.0.0",
+  "version": "32.0.0",
   "testCases": {
     "integ-test/DefaultTest": {
       "stacks": [

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json

@@ -1,5 +1,5 @@
 {
-  "version": "31.0.0",
+  "version": "32.0.0",
   "files": {
     "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
       "source": {

packages/@aws-cdk-testing/framework-integ/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "31.0.0",
+  "version": "32.0.0",
   "artifacts": {
     "integ-dns-validated-certificate.assets": {
       "type": "cdk:asset-manifest",
@@ -17,7 +17,7 @@
         "validateOnSynth": false,
         "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
         "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
-        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd.json",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c.json",
         "requiresBootstrapStackVersion": 6,
         "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
         "additionalDependencies": [
@@ -57,12 +57,6 @@
             "data": "CertificateCertificateRequestorResource2890C6B7"
           }
         ],
-        "/integ-dns-validated-certificate/DefaultCrNodeVersionMap": [
-          {
-            "type": "aws:cdk:logicalId",
-            "data": "DefaultCrNodeVersionMap"
-          }
-        ],
         "/integ-dns-validated-certificate/CertificateArn": [
           {
             "type": "aws:cdk:logicalId",