CanaryProps

class aws_cdk.aws_synthetics.CanaryProps(*, runtime, test, active_tracing=None, artifact_s3_encryption_mode=None, artifact_s3_kms_key=None, artifacts_bucket_lifecycle_rules=None, artifacts_bucket_location=None, canary_name=None, cleanup=None, environment_variables=None, failure_retention_period=None, memory=None, role=None, schedule=None, security_groups=None, start_after_creation=None, success_retention_period=None, timeout=None, time_to_live=None, vpc=None, vpc_subnets=None)

Bases: object

Properties for a canary.

Parameters:

  • runtime (Runtime) – Specify the runtime version to use for the canary.

  • test (Test) – The type of test that you want your canary to run. Use Test.custom() to specify the test to run.

  • active_tracing (Optional[bool]) – Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. You can enable active tracing only for canaries that use version syn-nodejs-2.0 or later for their canary runtime. Default: false

  • artifact_s3_encryption_mode (Optional[ArtifactsEncryptionMode]) – Canary Artifacts in S3 encryption mode. Artifact encryption is only supported for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. Default: - Artifacts are encrypted at rest using an AWS managed key. ArtifactsEncryptionMode.KMS is set if you specify artifactS3KmsKey.

  • artifact_s3_kms_key (Optional[IKey]) – The KMS key used to encrypt canary artifacts. Default: - no kms key if artifactS3EncryptionMode is set to S3_MANAGED. A key will be created if one is not provided and artifactS3EncryptionMode is set to KMS.

  • artifacts_bucket_lifecycle_rules (Optional[Sequence[Union[LifecycleRule, Dict[str, Any]]]]) – Lifecycle rules for the generated canary artifact bucket. Has no effect if a bucket is passed to artifactsBucketLocation. If you pass a bucket to artifactsBucketLocation, you can add lifecycle rules to the bucket itself. Default: - no rules applied to the generated bucket.

  • artifacts_bucket_location (Union[ArtifactsBucketLocation, Dict[str, Any], None]) – The s3 location that stores the data of the canary runs. Default: - A new s3 bucket will be created without a prefix.

  • canary_name (Optional[str]) – The name of the canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account. Do not include secrets or proprietary information in your canary name. The canary name makes up part of the canary ARN, which is included in outbound calls over the internet. Default: - A unique name will be generated from the construct ID

  • cleanup (Optional[Cleanup]) – Specify the underlying resources to be cleaned up when the canary is deleted. Using Cleanup.LAMBDA will create a Custom Resource to achieve this. Default: Cleanup.NOTHING

  • environment_variables (Optional[Mapping[str, str]]) – Key-value pairs that the Synthetics caches and makes available for your canary scripts. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Canary script source code. Default: - No environment variables.

  • failure_retention_period (Optional[Duration]) – How many days should failed runs be retained. Default: Duration.days(31)

  • memory (Optional[Size]) – The maximum amount of memory that the canary can use while running. This value must be a multiple of 64 Mib. The range is 960 MiB to 3008 MiB. Default: Size.mebibytes(1024)

  • role (Optional[IRole]) – Canary execution role. This is the role that will be assumed by the canary upon execution. It controls the permissions that the canary will have. The role must be assumable by the AWS Lambda service principal. If not supplied, a role will be created with all the required permissions. If you provide a Role, you must add the required permissions. Default: - A unique role will be generated for this canary. You can add permissions to roles by calling ‘addToRolePolicy’.

  • schedule (Optional[Schedule]) – Specify the schedule for how often the canary runs. For example, if you set schedule to rate(10 minutes), then the canary will run every 10 minutes. You can set the schedule with Schedule.rate(Duration) (recommended) or you can specify an expression using Schedule.expression(). Default: ‘rate(5 minutes)’

  • security_groups (Optional[Sequence[ISecurityGroup]]) – The list of security groups to associate with the canary’s network interfaces. You must provide vpc when using this prop. Default: - If the canary is placed within a VPC and a security group is not specified a dedicated security group will be created for this canary.

  • start_after_creation (Optional[bool]) – Whether or not the canary should start after creation. Default: true

  • success_retention_period (Optional[Duration]) – How many days should successful runs be retained. Default: Duration.days(31)

  • timeout (Optional[Duration]) – How long the canary is allowed to run before it must stop. You can’t set this time to be longer than the frequency of the runs of this canary. The minimum allowed value is 3 seconds. The maximum allowed value is 840 seconds (14 minutes). Default: - the frequency of the canary is used as this value, up to a maximum of 900 seconds.

  • time_to_live (Optional[Duration]) – How long the canary will be in a ‘RUNNING’ state. For example, if you set timeToLive to be 1 hour and schedule to be rate(10 minutes), your canary will run at 10 minute intervals for an hour, for a total of 6 times. Default: - no limit

  • vpc (Optional[IVpc]) – The VPC where this canary is run. Specify this if the canary needs to access resources in a VPC. Default: - Not in VPC

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – Where to place the network interfaces within the VPC. You must provide vpc when using this prop. Default: - the Vpc default strategy if not specified

ExampleMetadata:

infused

Example:

import aws_cdk as cdk


canary = synthetics.Canary(self, "MyCanary",
    schedule=synthetics.Schedule.rate(Duration.minutes(5)),
    test=synthetics.Test.custom(
        code=synthetics.Code.from_asset(path.join(__dirname, "canary")),
        handler="index.handler"
    ),
    runtime=synthetics.Runtime.SYNTHETICS_NODEJS_PUPPETEER_6_2,
    memory=cdk.Size.mebibytes(1024)
)

Attributes

active_tracing

Specifies whether this canary is to use active AWS X-Ray tracing when it runs.

Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges.

You can enable active tracing only for canaries that use version syn-nodejs-2.0 or later for their canary runtime.

Default:

false

See:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html

artifact_s3_encryption_mode

Canary Artifacts in S3 encryption mode.

Artifact encryption is only supported for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later.

Default:

  • Artifacts are encrypted at rest using an AWS managed key. ArtifactsEncryptionMode.KMS is set if you specify artifactS3KmsKey.

See:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html

artifact_s3_kms_key

The KMS key used to encrypt canary artifacts.

Default:

  • no kms key if artifactS3EncryptionMode is set to S3_MANAGED. A key will be created if one is not provided and artifactS3EncryptionMode is set to KMS.

artifacts_bucket_lifecycle_rules

Lifecycle rules for the generated canary artifact bucket.

Has no effect if a bucket is passed to artifactsBucketLocation. If you pass a bucket to artifactsBucketLocation, you can add lifecycle rules to the bucket itself.

Default:

  • no rules applied to the generated bucket.

artifacts_bucket_location

The s3 location that stores the data of the canary runs.

Default:

  • A new s3 bucket will be created without a prefix.

canary_name

The name of the canary.

Be sure to give it a descriptive name that distinguishes it from other canaries in your account.

Do not include secrets or proprietary information in your canary name. The canary name makes up part of the canary ARN, which is included in outbound calls over the internet.

Default:

  • A unique name will be generated from the construct ID

See:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html

cleanup

Specify the underlying resources to be cleaned up when the canary is deleted.

Using Cleanup.LAMBDA will create a Custom Resource to achieve this.

Default:

Cleanup.NOTHING

environment_variables

Key-value pairs that the Synthetics caches and makes available for your canary scripts.

Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Canary script source code.

Default:

  • No environment variables.

failure_retention_period

How many days should failed runs be retained.

Default:

Duration.days(31)

memory

The maximum amount of memory that the canary can use while running.

This value must be a multiple of 64 Mib. The range is 960 MiB to 3008 MiB.

Default:

Size.mebibytes(1024)

role

Canary execution role.

This is the role that will be assumed by the canary upon execution. It controls the permissions that the canary will have. The role must be assumable by the AWS Lambda service principal.

If not supplied, a role will be created with all the required permissions. If you provide a Role, you must add the required permissions.

Default:

  • A unique role will be generated for this canary.

You can add permissions to roles by calling ‘addToRolePolicy’.

See:

required permissions: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-synthetics-canary.html#cfn-synthetics-canary-executionrolearn

runtime

Specify the runtime version to use for the canary.

See:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html

schedule

Specify the schedule for how often the canary runs.

For example, if you set schedule to rate(10 minutes), then the canary will run every 10 minutes. You can set the schedule with Schedule.rate(Duration) (recommended) or you can specify an expression using Schedule.expression().

Default:

‘rate(5 minutes)’

security_groups

The list of security groups to associate with the canary’s network interfaces.

You must provide vpc when using this prop.

Default:

  • If the canary is placed within a VPC and a security group is

not specified a dedicated security group will be created for this canary.

start_after_creation

Whether or not the canary should start after creation.

Default:

true

success_retention_period

How many days should successful runs be retained.

Default:

Duration.days(31)

test

The type of test that you want your canary to run.

Use Test.custom() to specify the test to run.

time_to_live

How long the canary will be in a ‘RUNNING’ state.

For example, if you set timeToLive to be 1 hour and schedule to be rate(10 minutes), your canary will run at 10 minute intervals for an hour, for a total of 6 times.

Default:

  • no limit

timeout

How long the canary is allowed to run before it must stop.

You can’t set this time to be longer than the frequency of the runs of this canary.

The minimum allowed value is 3 seconds. The maximum allowed value is 840 seconds (14 minutes).

Default:

  • the frequency of the canary is used as this value, up to a maximum of 900 seconds.

vpc

The VPC where this canary is run.

Specify this if the canary needs to access resources in a VPC.

Default:

  • Not in VPC

vpc_subnets

Where to place the network interfaces within the VPC.

You must provide vpc when using this prop.

Default:

  • the Vpc default strategy if not specified