AWS Security ChangesHomeSearch

AWS cdk documentation change

Service: cdk · 2025-05-16 · Documentation low

File: cdk/v1/guide/assets.md

Summary

Updated API documentation links from v1 to v2 references throughout the file

Security assessment

The changes are version updates to documentation links without altering security-related content. No evidence of addressing vulnerabilities or security features added.

Diff

diff --git a/cdk/v1/guide/assets.md b/cdk/v1/guide/assets.md
index 0b9f8d542..a5166eb69 100644
--- a//cdk/v1/guide/assets.md
+++ b//cdk/v1/guide/assets.md
@@ -11 +11 @@ Assets are local files, directories, or Docker images that can be bundled into A
-You add assets through APIs that are exposed by specific AWS constructs. For example, when you define a [lambda.Function](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-lambda.Function.html) construct, the [code](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-lambda.Function.html#code) property lets you pass an [asset](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-lambda.Code.html#static-fromassetpath) (directory). `Function` uses assets to bundle the contents of the directory and use it for the function's code. Similarly, [ecs.ContainerImage.fromAsset](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ecs.ContainerImage.html#static-from-assetdirectory-props) uses a Docker image built from a local directory when defining an Amazon ECS task definition.
+You add assets through APIs that are exposed by specific AWS constructs. For example, when you define a [lambda.Function](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-lambda.Function.html) construct, the [code](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-lambda.Function.html#code) property lets you pass an [asset](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-lambda.Code.html#static-fromassetpath) (directory). `Function` uses assets to bundle the contents of the directory and use it for the function's code. Similarly, [ecs.ContainerImage.fromAsset](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-ecs.ContainerImage.html#static-from-assetdirectory-props) uses a Docker image built from a local directory when defining an Amazon ECS task definition.
@@ -45 +45 @@ These asset types are explained in the following sections.
-You can define local files and directories as assets, and the AWS CDK packages and uploads them to Amazon S3 through the [aws-s3-assets](https://docs.aws.amazon.com/cdk/api/v1/docs/aws-s3-assets-readme.html) module.
+You can define local files and directories as assets, and the AWS CDK packages and uploads them to Amazon S3 through the [aws-s3-assets](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-s3-assets-readme.html) module.
@@ -138 +138 @@ C#
-In most cases, you don't need to directly use the APIs in the `aws-s3-assets` module. Modules that support assets, such as `aws-lambda`, have convenience methods that enable you to use assets. For Lambda functions, the [fromAsset()](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-lambda.Code.html#static-assetpath) static method enables you to specify a directory or a .zip file in the local file system.
+In most cases, you don't need to directly use the APIs in the `aws-s3-assets` module. Modules that support assets, such as `aws-lambda`, have convenience methods that enable you to use assets. For Lambda functions, the [fromAsset()](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-lambda.Code.html#static-assetpath) static method enables you to specify a directory or a .zip file in the local file system.
@@ -409 +409 @@ C#
-If you use Amazon S3 assets directly through the [aws-s3-assets](https://docs.aws.amazon.com/cdk/api/v1/docs/aws-s3-assets-readme.html) module, IAM roles, users, or groups, and need to read assets in runtime, grant those assets IAM permissions through the [asset.grantRead](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-s3-assets.Asset.html#grant-readgrantee) method.
+If you use Amazon S3 assets directly through the [aws-s3-assets](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-s3-assets-readme.html) module, IAM roles, users, or groups, and need to read assets in runtime, grant those assets IAM permissions through the [asset.grantRead](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-s3-assets.Asset.html#grant-readgrantee) method.
@@ -501 +501 @@ C#
-The AWS CDK supports bundling local Docker images as assets through the [aws-ecr-assets](https://docs.aws.amazon.com/cdk/api/v1/docs/aws-ecr-assets-readme.html) module.
+The AWS CDK supports bundling local Docker images as assets through the [aws-ecr-assets](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-ecr-assets-readme.html) module.
@@ -564 +564 @@ The `my-image` directory must include a Dockerfile. The AWS CDK CLI builds a Doc
-A common use case is to create an Amazon ECS [TaskDefinition](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ecs.TaskDefinition.html) to run docker containers. The following example specifies the location of a Docker image asset that the AWS CDK builds locally and pushes to Amazon ECR. 
+A common use case is to create an Amazon ECS [TaskDefinition](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-ecs.TaskDefinition.html) to run docker containers. The following example specifies the location of a Docker image asset that the AWS CDK builds locally and pushes to Amazon ECR. 
@@ -829 +829 @@ C#
-If you use a module that supports Docker image assets, such as [aws-ecs](https://docs.aws.amazon.com/cdk/api/v1/docs/aws-ecs-readme.html), the AWS CDK manages permissions for you when you use assets directly or through [ContainerImage.fromEcrRepository](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ecs.ContainerImage.html#static-from-ecr-repositoryrepository-tag) (Python: `from_ecr_repository`). If you use Docker image assets directly, you need to ensure that the consuming principal has permissions to pull the image. 
+If you use a module that supports Docker image assets, such as [aws-ecs](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-ecs-readme.html), the AWS CDK manages permissions for you when you use assets directly or through [ContainerImage.fromEcrRepository](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-ecs.ContainerImage.html#static-from-ecr-repositoryrepository-tag) (Python: `from_ecr_repository`). If you use Docker image assets directly, you need to ensure that the consuming principal has permissions to pull the image. 
@@ -831 +831 @@ If you use a module that supports Docker image assets, such as [aws-ecs](https:/
-In most cases, you should use [asset.repository.grantPull](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ecr.Repository.html#grant-pullgrantee) method (Python: `grant_pull`. This modifies the IAM policy of the principal to enable it to pull images from this repository. If the principal that is pulling the image is not in the same account or is an AWS service, such as AWS CodeBuild, that does not assume a role in your account, you must grant pull permissions on the resource policy and not on the principal's policy. Use the [asset.repository.addToResourcePolicy](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ecr.Repository.html#add-to-resource-policystatement) method (Python: `add_to_resource_policy`) to grant the appropriate principal permissions. 
+In most cases, you should use [asset.repository.grantPull](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-ecr.Repository.html#grant-pullgrantee) method (Python: `grant_pull`. This modifies the IAM policy of the principal to enable it to pull images from this repository. If the principal that is pulling the image is not in the same account or is an AWS service, such as AWS CodeBuild, that does not assume a role in your account, you must grant pull permissions on the resource policy and not on the principal's policy. Use the [asset.repository.addToResourcePolicy](https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-ecr.Repository.html#add-to-resource-policystatement) method (Python: `add_to_resource_policy`) to grant the appropriate principal permissions.