@aws-solutions-constructs/aws-alb-lambda 2.50.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +50 -5
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +13 -12
  6. package/test/integ.alblam-privateApiExistingResources.js +7 -3
  7. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.assets.json +62 -0
  8. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.template.json +1332 -0
  9. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.assets.json +19 -0
  10. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.template.json +36 -0
  11. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  12. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  13. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  14. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  15. package/test/integ.alblam-privateApiExistingResources.js.snapshot/cdk.out +1 -0
  16. package/test/integ.alblam-privateApiExistingResources.js.snapshot/integ.json +12 -0
  17. package/test/integ.alblam-privateApiExistingResources.js.snapshot/manifest.json +371 -0
  18. package/test/integ.alblam-privateApiExistingResources.js.snapshot/tree.json +1708 -0
  19. package/test/integ.alblam-privateApiNewResources.js +7 -3
  20. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.assets.json +62 -0
  21. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.template.json +1048 -0
  22. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.assets.json +19 -0
  23. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.template.json +36 -0
  24. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  25. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  26. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  27. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  28. package/test/integ.alblam-privateApiNewResources.js.snapshot/cdk.out +1 -0
  29. package/test/integ.alblam-privateApiNewResources.js.snapshot/integ.json +12 -0
  30. package/test/integ.alblam-privateApiNewResources.js.snapshot/manifest.json +275 -0
  31. package/test/integ.alblam-privateApiNewResources.js.snapshot/tree.json +1294 -0
  32. package/test/integ.alblam-publicApiExistingResources.js +7 -3
  33. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.assets.json +62 -0
  34. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.template.json +1332 -0
  35. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.assets.json +19 -0
  36. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.template.json +36 -0
  37. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  38. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  39. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  40. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  41. package/test/integ.alblam-publicApiExistingResources.js.snapshot/cdk.out +1 -0
  42. package/test/integ.alblam-publicApiExistingResources.js.snapshot/integ.json +12 -0
  43. package/test/integ.alblam-publicApiExistingResources.js.snapshot/manifest.json +371 -0
  44. package/test/integ.alblam-publicApiExistingResources.js.snapshot/tree.json +1708 -0
  45. package/test/integ.alblam-publicApiNewResources.js +7 -3
  46. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.assets.json +62 -0
  47. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.template.json +1338 -0
  48. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.assets.json +19 -0
  49. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.template.json +36 -0
  50. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  51. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  52. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  53. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  54. package/test/integ.alblam-publicApiNewResources.js.snapshot/cdk.out +1 -0
  55. package/test/integ.alblam-publicApiNewResources.js.snapshot/integ.json +12 -0
  56. package/test/integ.alblam-publicApiNewResources.js.snapshot/manifest.json +371 -0
  57. package/test/integ.alblam-publicApiNewResources.js.snapshot/tree.json +1706 -0
  58. package/test/integ.alblam-twoTargets.js +7 -3
  59. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.assets.json +62 -0
  60. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.template.json +1598 -0
  61. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.assets.json +19 -0
  62. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.template.json +36 -0
  63. package/test/integ.alblam-twoTargets.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  64. package/test/integ.alblam-twoTargets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  65. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  66. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  67. package/test/integ.alblam-twoTargets.js.snapshot/cdk.out +1 -0
  68. package/test/integ.alblam-twoTargets.js.snapshot/integ.json +12 -0
  69. package/test/integ.alblam-twoTargets.js.snapshot/manifest.json +413 -0
  70. package/test/integ.alblam-twoTargets.js.snapshot/tree.json +2067 -0
  71. package/test/integ.alblam-privateApiExistingResources.expected.json +0 -1378
  72. package/test/integ.alblam-privateApiNewResources.expected.json +0 -983
  73. package/test/integ.alblam-publicApiExistingResources.expected.json +0 -1378
  74. package/test/integ.alblam-publicApiNewResources.expected.json +0 -1386
  75. package/test/integ.alblam-twoTargets.expected.json +0 -1659
@@ -0,0 +1,1332 @@
1
+ {
2
+ "Description": "Integration Test for public HTTP API with a existing function and ALB",
3
+ "Resources": {
4
+ "Vpc8378EB38": {
5
+ "Type": "AWS::EC2::VPC",
6
+ "Properties": {
7
+ "CidrBlock": "172.168.0.0/16",
8
+ "EnableDnsHostnames": true,
9
+ "EnableDnsSupport": true,
10
+ "InstanceTenancy": "default",
11
+ "Tags": [
12
+ {
13
+ "Key": "Name",
14
+ "Value": "alblam-publicApiExistingResources/Vpc"
15
+ }
16
+ ]
17
+ }
18
+ },
19
+ "VpcPublicSubnet1Subnet5C2D37C4": {
20
+ "Type": "AWS::EC2::Subnet",
21
+ "Properties": {
22
+ "AvailabilityZone": {
23
+ "Fn::Select": [
24
+ 0,
25
+ {
26
+ "Fn::GetAZs": ""
27
+ }
28
+ ]
29
+ },
30
+ "CidrBlock": "172.168.0.0/18",
31
+ "MapPublicIpOnLaunch": true,
32
+ "Tags": [
33
+ {
34
+ "Key": "aws-cdk:subnet-name",
35
+ "Value": "Public"
36
+ },
37
+ {
38
+ "Key": "aws-cdk:subnet-type",
39
+ "Value": "Public"
40
+ },
41
+ {
42
+ "Key": "Name",
43
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet1"
44
+ }
45
+ ],
46
+ "VpcId": {
47
+ "Ref": "Vpc8378EB38"
48
+ }
49
+ },
50
+ "Metadata": {
51
+ "cfn_nag": {
52
+ "rules_to_suppress": [
53
+ {
54
+ "id": "W33",
55
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
56
+ }
57
+ ]
58
+ }
59
+ }
60
+ },
61
+ "VpcPublicSubnet1RouteTable6C95E38E": {
62
+ "Type": "AWS::EC2::RouteTable",
63
+ "Properties": {
64
+ "Tags": [
65
+ {
66
+ "Key": "Name",
67
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet1"
68
+ }
69
+ ],
70
+ "VpcId": {
71
+ "Ref": "Vpc8378EB38"
72
+ }
73
+ }
74
+ },
75
+ "VpcPublicSubnet1RouteTableAssociation97140677": {
76
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
77
+ "Properties": {
78
+ "RouteTableId": {
79
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
80
+ },
81
+ "SubnetId": {
82
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
83
+ }
84
+ }
85
+ },
86
+ "VpcPublicSubnet1DefaultRoute3DA9E72A": {
87
+ "Type": "AWS::EC2::Route",
88
+ "Properties": {
89
+ "DestinationCidrBlock": "0.0.0.0/0",
90
+ "GatewayId": {
91
+ "Ref": "VpcIGWD7BA715C"
92
+ },
93
+ "RouteTableId": {
94
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
95
+ }
96
+ },
97
+ "DependsOn": [
98
+ "VpcVPCGWBF912B6E"
99
+ ]
100
+ },
101
+ "VpcPublicSubnet1EIPD7E02669": {
102
+ "Type": "AWS::EC2::EIP",
103
+ "Properties": {
104
+ "Domain": "vpc",
105
+ "Tags": [
106
+ {
107
+ "Key": "Name",
108
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet1"
109
+ }
110
+ ]
111
+ }
112
+ },
113
+ "VpcPublicSubnet1NATGateway4D7517AA": {
114
+ "Type": "AWS::EC2::NatGateway",
115
+ "Properties": {
116
+ "AllocationId": {
117
+ "Fn::GetAtt": [
118
+ "VpcPublicSubnet1EIPD7E02669",
119
+ "AllocationId"
120
+ ]
121
+ },
122
+ "SubnetId": {
123
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
124
+ },
125
+ "Tags": [
126
+ {
127
+ "Key": "Name",
128
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet1"
129
+ }
130
+ ]
131
+ },
132
+ "DependsOn": [
133
+ "VpcPublicSubnet1DefaultRoute3DA9E72A",
134
+ "VpcPublicSubnet1RouteTableAssociation97140677"
135
+ ]
136
+ },
137
+ "VpcPublicSubnet2Subnet691E08A3": {
138
+ "Type": "AWS::EC2::Subnet",
139
+ "Properties": {
140
+ "AvailabilityZone": {
141
+ "Fn::Select": [
142
+ 1,
143
+ {
144
+ "Fn::GetAZs": ""
145
+ }
146
+ ]
147
+ },
148
+ "CidrBlock": "172.168.64.0/18",
149
+ "MapPublicIpOnLaunch": true,
150
+ "Tags": [
151
+ {
152
+ "Key": "aws-cdk:subnet-name",
153
+ "Value": "Public"
154
+ },
155
+ {
156
+ "Key": "aws-cdk:subnet-type",
157
+ "Value": "Public"
158
+ },
159
+ {
160
+ "Key": "Name",
161
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet2"
162
+ }
163
+ ],
164
+ "VpcId": {
165
+ "Ref": "Vpc8378EB38"
166
+ }
167
+ },
168
+ "Metadata": {
169
+ "cfn_nag": {
170
+ "rules_to_suppress": [
171
+ {
172
+ "id": "W33",
173
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
174
+ }
175
+ ]
176
+ }
177
+ }
178
+ },
179
+ "VpcPublicSubnet2RouteTable94F7E489": {
180
+ "Type": "AWS::EC2::RouteTable",
181
+ "Properties": {
182
+ "Tags": [
183
+ {
184
+ "Key": "Name",
185
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet2"
186
+ }
187
+ ],
188
+ "VpcId": {
189
+ "Ref": "Vpc8378EB38"
190
+ }
191
+ }
192
+ },
193
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
194
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
195
+ "Properties": {
196
+ "RouteTableId": {
197
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
198
+ },
199
+ "SubnetId": {
200
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
201
+ }
202
+ }
203
+ },
204
+ "VpcPublicSubnet2DefaultRoute97F91067": {
205
+ "Type": "AWS::EC2::Route",
206
+ "Properties": {
207
+ "DestinationCidrBlock": "0.0.0.0/0",
208
+ "GatewayId": {
209
+ "Ref": "VpcIGWD7BA715C"
210
+ },
211
+ "RouteTableId": {
212
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
213
+ }
214
+ },
215
+ "DependsOn": [
216
+ "VpcVPCGWBF912B6E"
217
+ ]
218
+ },
219
+ "VpcPublicSubnet2EIP3C605A87": {
220
+ "Type": "AWS::EC2::EIP",
221
+ "Properties": {
222
+ "Domain": "vpc",
223
+ "Tags": [
224
+ {
225
+ "Key": "Name",
226
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet2"
227
+ }
228
+ ]
229
+ }
230
+ },
231
+ "VpcPublicSubnet2NATGateway9182C01D": {
232
+ "Type": "AWS::EC2::NatGateway",
233
+ "Properties": {
234
+ "AllocationId": {
235
+ "Fn::GetAtt": [
236
+ "VpcPublicSubnet2EIP3C605A87",
237
+ "AllocationId"
238
+ ]
239
+ },
240
+ "SubnetId": {
241
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
242
+ },
243
+ "Tags": [
244
+ {
245
+ "Key": "Name",
246
+ "Value": "alblam-publicApiExistingResources/Vpc/PublicSubnet2"
247
+ }
248
+ ]
249
+ },
250
+ "DependsOn": [
251
+ "VpcPublicSubnet2DefaultRoute97F91067",
252
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8"
253
+ ]
254
+ },
255
+ "VpcPrivateSubnet1Subnet536B997A": {
256
+ "Type": "AWS::EC2::Subnet",
257
+ "Properties": {
258
+ "AvailabilityZone": {
259
+ "Fn::Select": [
260
+ 0,
261
+ {
262
+ "Fn::GetAZs": ""
263
+ }
264
+ ]
265
+ },
266
+ "CidrBlock": "172.168.128.0/18",
267
+ "MapPublicIpOnLaunch": false,
268
+ "Tags": [
269
+ {
270
+ "Key": "aws-cdk:subnet-name",
271
+ "Value": "Private"
272
+ },
273
+ {
274
+ "Key": "aws-cdk:subnet-type",
275
+ "Value": "Private"
276
+ },
277
+ {
278
+ "Key": "Name",
279
+ "Value": "alblam-publicApiExistingResources/Vpc/PrivateSubnet1"
280
+ }
281
+ ],
282
+ "VpcId": {
283
+ "Ref": "Vpc8378EB38"
284
+ }
285
+ }
286
+ },
287
+ "VpcPrivateSubnet1RouteTableB2C5B500": {
288
+ "Type": "AWS::EC2::RouteTable",
289
+ "Properties": {
290
+ "Tags": [
291
+ {
292
+ "Key": "Name",
293
+ "Value": "alblam-publicApiExistingResources/Vpc/PrivateSubnet1"
294
+ }
295
+ ],
296
+ "VpcId": {
297
+ "Ref": "Vpc8378EB38"
298
+ }
299
+ }
300
+ },
301
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
302
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
303
+ "Properties": {
304
+ "RouteTableId": {
305
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
306
+ },
307
+ "SubnetId": {
308
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
309
+ }
310
+ }
311
+ },
312
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
313
+ "Type": "AWS::EC2::Route",
314
+ "Properties": {
315
+ "DestinationCidrBlock": "0.0.0.0/0",
316
+ "NatGatewayId": {
317
+ "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
318
+ },
319
+ "RouteTableId": {
320
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
321
+ }
322
+ }
323
+ },
324
+ "VpcPrivateSubnet2Subnet3788AAA1": {
325
+ "Type": "AWS::EC2::Subnet",
326
+ "Properties": {
327
+ "AvailabilityZone": {
328
+ "Fn::Select": [
329
+ 1,
330
+ {
331
+ "Fn::GetAZs": ""
332
+ }
333
+ ]
334
+ },
335
+ "CidrBlock": "172.168.192.0/18",
336
+ "MapPublicIpOnLaunch": false,
337
+ "Tags": [
338
+ {
339
+ "Key": "aws-cdk:subnet-name",
340
+ "Value": "Private"
341
+ },
342
+ {
343
+ "Key": "aws-cdk:subnet-type",
344
+ "Value": "Private"
345
+ },
346
+ {
347
+ "Key": "Name",
348
+ "Value": "alblam-publicApiExistingResources/Vpc/PrivateSubnet2"
349
+ }
350
+ ],
351
+ "VpcId": {
352
+ "Ref": "Vpc8378EB38"
353
+ }
354
+ }
355
+ },
356
+ "VpcPrivateSubnet2RouteTableA678073B": {
357
+ "Type": "AWS::EC2::RouteTable",
358
+ "Properties": {
359
+ "Tags": [
360
+ {
361
+ "Key": "Name",
362
+ "Value": "alblam-publicApiExistingResources/Vpc/PrivateSubnet2"
363
+ }
364
+ ],
365
+ "VpcId": {
366
+ "Ref": "Vpc8378EB38"
367
+ }
368
+ }
369
+ },
370
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
371
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
372
+ "Properties": {
373
+ "RouteTableId": {
374
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
375
+ },
376
+ "SubnetId": {
377
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
378
+ }
379
+ }
380
+ },
381
+ "VpcPrivateSubnet2DefaultRoute060D2087": {
382
+ "Type": "AWS::EC2::Route",
383
+ "Properties": {
384
+ "DestinationCidrBlock": "0.0.0.0/0",
385
+ "NatGatewayId": {
386
+ "Ref": "VpcPublicSubnet2NATGateway9182C01D"
387
+ },
388
+ "RouteTableId": {
389
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
390
+ }
391
+ }
392
+ },
393
+ "VpcIGWD7BA715C": {
394
+ "Type": "AWS::EC2::InternetGateway",
395
+ "Properties": {
396
+ "Tags": [
397
+ {
398
+ "Key": "Name",
399
+ "Value": "alblam-publicApiExistingResources/Vpc"
400
+ }
401
+ ]
402
+ }
403
+ },
404
+ "VpcVPCGWBF912B6E": {
405
+ "Type": "AWS::EC2::VPCGatewayAttachment",
406
+ "Properties": {
407
+ "InternetGatewayId": {
408
+ "Ref": "VpcIGWD7BA715C"
409
+ },
410
+ "VpcId": {
411
+ "Ref": "Vpc8378EB38"
412
+ }
413
+ }
414
+ },
415
+ "VpcRestrictDefaultSecurityGroupCustomResourceC73DA2BE": {
416
+ "Type": "Custom::VpcRestrictDefaultSG",
417
+ "Properties": {
418
+ "ServiceToken": {
419
+ "Fn::GetAtt": [
420
+ "CustomVpcRestrictDefaultSGCustomResourceProviderHandlerDC833E5E",
421
+ "Arn"
422
+ ]
423
+ },
424
+ "DefaultSecurityGroupId": {
425
+ "Fn::GetAtt": [
426
+ "Vpc8378EB38",
427
+ "DefaultSecurityGroup"
428
+ ]
429
+ },
430
+ "Account": {
431
+ "Ref": "AWS::AccountId"
432
+ }
433
+ },
434
+ "UpdateReplacePolicy": "Delete",
435
+ "DeletionPolicy": "Delete"
436
+ },
437
+ "VpcFlowLogIAMRole6A475D41": {
438
+ "Type": "AWS::IAM::Role",
439
+ "Properties": {
440
+ "AssumeRolePolicyDocument": {
441
+ "Statement": [
442
+ {
443
+ "Action": "sts:AssumeRole",
444
+ "Effect": "Allow",
445
+ "Principal": {
446
+ "Service": "vpc-flow-logs.amazonaws.com"
447
+ }
448
+ }
449
+ ],
450
+ "Version": "2012-10-17"
451
+ },
452
+ "Tags": [
453
+ {
454
+ "Key": "Name",
455
+ "Value": "alblam-publicApiExistingResources/Vpc/FlowLog"
456
+ }
457
+ ]
458
+ }
459
+ },
460
+ "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
461
+ "Type": "AWS::IAM::Policy",
462
+ "Properties": {
463
+ "PolicyDocument": {
464
+ "Statement": [
465
+ {
466
+ "Action": [
467
+ "logs:CreateLogStream",
468
+ "logs:DescribeLogStreams",
469
+ "logs:PutLogEvents"
470
+ ],
471
+ "Effect": "Allow",
472
+ "Resource": {
473
+ "Fn::GetAtt": [
474
+ "VpcFlowLogLogGroup7B5C56B9",
475
+ "Arn"
476
+ ]
477
+ }
478
+ },
479
+ {
480
+ "Action": "iam:PassRole",
481
+ "Effect": "Allow",
482
+ "Resource": {
483
+ "Fn::GetAtt": [
484
+ "VpcFlowLogIAMRole6A475D41",
485
+ "Arn"
486
+ ]
487
+ }
488
+ }
489
+ ],
490
+ "Version": "2012-10-17"
491
+ },
492
+ "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
493
+ "Roles": [
494
+ {
495
+ "Ref": "VpcFlowLogIAMRole6A475D41"
496
+ }
497
+ ]
498
+ }
499
+ },
500
+ "VpcFlowLogLogGroup7B5C56B9": {
501
+ "Type": "AWS::Logs::LogGroup",
502
+ "Properties": {
503
+ "RetentionInDays": 731,
504
+ "Tags": [
505
+ {
506
+ "Key": "Name",
507
+ "Value": "alblam-publicApiExistingResources/Vpc/FlowLog"
508
+ }
509
+ ]
510
+ },
511
+ "UpdateReplacePolicy": "Retain",
512
+ "DeletionPolicy": "Retain",
513
+ "Metadata": {
514
+ "cfn_nag": {
515
+ "rules_to_suppress": [
516
+ {
517
+ "id": "W84",
518
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
519
+ }
520
+ ]
521
+ }
522
+ }
523
+ },
524
+ "VpcFlowLog8FF33A73": {
525
+ "Type": "AWS::EC2::FlowLog",
526
+ "Properties": {
527
+ "DeliverLogsPermissionArn": {
528
+ "Fn::GetAtt": [
529
+ "VpcFlowLogIAMRole6A475D41",
530
+ "Arn"
531
+ ]
532
+ },
533
+ "LogDestinationType": "cloud-watch-logs",
534
+ "LogGroupName": {
535
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
536
+ },
537
+ "ResourceId": {
538
+ "Ref": "Vpc8378EB38"
539
+ },
540
+ "ResourceType": "VPC",
541
+ "Tags": [
542
+ {
543
+ "Key": "Name",
544
+ "Value": "alblam-publicApiExistingResources/Vpc/FlowLog"
545
+ }
546
+ ],
547
+ "TrafficType": "ALL"
548
+ }
549
+ },
550
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0": {
551
+ "Type": "AWS::IAM::Role",
552
+ "Properties": {
553
+ "AssumeRolePolicyDocument": {
554
+ "Version": "2012-10-17",
555
+ "Statement": [
556
+ {
557
+ "Action": "sts:AssumeRole",
558
+ "Effect": "Allow",
559
+ "Principal": {
560
+ "Service": "lambda.amazonaws.com"
561
+ }
562
+ }
563
+ ]
564
+ },
565
+ "ManagedPolicyArns": [
566
+ {
567
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
568
+ }
569
+ ],
570
+ "Policies": [
571
+ {
572
+ "PolicyName": "Inline",
573
+ "PolicyDocument": {
574
+ "Version": "2012-10-17",
575
+ "Statement": [
576
+ {
577
+ "Effect": "Allow",
578
+ "Action": [
579
+ "ec2:AuthorizeSecurityGroupIngress",
580
+ "ec2:AuthorizeSecurityGroupEgress",
581
+ "ec2:RevokeSecurityGroupIngress",
582
+ "ec2:RevokeSecurityGroupEgress"
583
+ ],
584
+ "Resource": [
585
+ {
586
+ "Fn::Join": [
587
+ "",
588
+ [
589
+ "arn:aws:ec2:us-east-1:",
590
+ {
591
+ "Ref": "AWS::AccountId"
592
+ },
593
+ ":security-group/",
594
+ {
595
+ "Fn::GetAtt": [
596
+ "Vpc8378EB38",
597
+ "DefaultSecurityGroup"
598
+ ]
599
+ }
600
+ ]
601
+ ]
602
+ }
603
+ ]
604
+ }
605
+ ]
606
+ }
607
+ }
608
+ ]
609
+ }
610
+ },
611
+ "CustomVpcRestrictDefaultSGCustomResourceProviderHandlerDC833E5E": {
612
+ "Type": "AWS::Lambda::Function",
613
+ "Properties": {
614
+ "Code": {
615
+ "S3Bucket": {
616
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
617
+ },
618
+ "S3Key": "dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e.zip"
619
+ },
620
+ "Timeout": 900,
621
+ "MemorySize": 128,
622
+ "Handler": "__entrypoint__.handler",
623
+ "Role": {
624
+ "Fn::GetAtt": [
625
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0",
626
+ "Arn"
627
+ ]
628
+ },
629
+ "Runtime": "nodejs18.x",
630
+ "Description": "Lambda function for removing all inbound/outbound rules from the VPC default security group"
631
+ },
632
+ "DependsOn": [
633
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0"
634
+ ],
635
+ "Metadata": {
636
+ "cfn_nag": {
637
+ "rules_to_suppress": [
638
+ {
639
+ "id": "W58",
640
+ "reason": "CDK generated custom resource"
641
+ },
642
+ {
643
+ "id": "W89",
644
+ "reason": "CDK generated custom resource"
645
+ },
646
+ {
647
+ "id": "W92",
648
+ "reason": "CDK generated custom resource"
649
+ }
650
+ ]
651
+ }
652
+ }
653
+ },
654
+ "lambdasg93781054": {
655
+ "Type": "AWS::EC2::SecurityGroup",
656
+ "Properties": {
657
+ "GroupDescription": "alblam-publicApiExistingResources/lambda-sg",
658
+ "SecurityGroupEgress": [
659
+ {
660
+ "CidrIp": "255.255.255.255/32",
661
+ "Description": "Disallow all traffic",
662
+ "FromPort": 252,
663
+ "IpProtocol": "icmp",
664
+ "ToPort": 86
665
+ }
666
+ ],
667
+ "VpcId": {
668
+ "Ref": "Vpc8378EB38"
669
+ }
670
+ },
671
+ "Metadata": {
672
+ "cfn_nag": {
673
+ "rules_to_suppress": [
674
+ {
675
+ "id": "W29",
676
+ "reason": "CDK created rule that blocks all traffic."
677
+ }
678
+ ]
679
+ }
680
+ }
681
+ },
682
+ "LambdaFunctionServiceRole0C4CDE0B": {
683
+ "Type": "AWS::IAM::Role",
684
+ "Properties": {
685
+ "AssumeRolePolicyDocument": {
686
+ "Statement": [
687
+ {
688
+ "Action": "sts:AssumeRole",
689
+ "Effect": "Allow",
690
+ "Principal": {
691
+ "Service": "lambda.amazonaws.com"
692
+ }
693
+ }
694
+ ],
695
+ "Version": "2012-10-17"
696
+ },
697
+ "Policies": [
698
+ {
699
+ "PolicyDocument": {
700
+ "Statement": [
701
+ {
702
+ "Action": [
703
+ "logs:CreateLogGroup",
704
+ "logs:CreateLogStream",
705
+ "logs:PutLogEvents"
706
+ ],
707
+ "Effect": "Allow",
708
+ "Resource": {
709
+ "Fn::Join": [
710
+ "",
711
+ [
712
+ "arn:",
713
+ {
714
+ "Ref": "AWS::Partition"
715
+ },
716
+ ":logs:",
717
+ {
718
+ "Ref": "AWS::Region"
719
+ },
720
+ ":",
721
+ {
722
+ "Ref": "AWS::AccountId"
723
+ },
724
+ ":log-group:/aws/lambda/*"
725
+ ]
726
+ ]
727
+ }
728
+ }
729
+ ],
730
+ "Version": "2012-10-17"
731
+ },
732
+ "PolicyName": "LambdaFunctionServiceRolePolicy"
733
+ }
734
+ ]
735
+ }
736
+ },
737
+ "LambdaFunctionServiceRoleDefaultPolicy126C8897": {
738
+ "Type": "AWS::IAM::Policy",
739
+ "Properties": {
740
+ "PolicyDocument": {
741
+ "Statement": [
742
+ {
743
+ "Action": [
744
+ "ec2:AssignPrivateIpAddresses",
745
+ "ec2:CreateNetworkInterface",
746
+ "ec2:DeleteNetworkInterface",
747
+ "ec2:DescribeNetworkInterfaces",
748
+ "ec2:UnassignPrivateIpAddresses",
749
+ "xray:PutTelemetryRecords",
750
+ "xray:PutTraceSegments"
751
+ ],
752
+ "Effect": "Allow",
753
+ "Resource": "*"
754
+ }
755
+ ],
756
+ "Version": "2012-10-17"
757
+ },
758
+ "PolicyName": "LambdaFunctionServiceRoleDefaultPolicy126C8897",
759
+ "Roles": [
760
+ {
761
+ "Ref": "LambdaFunctionServiceRole0C4CDE0B"
762
+ }
763
+ ]
764
+ },
765
+ "Metadata": {
766
+ "cfn_nag": {
767
+ "rules_to_suppress": [
768
+ {
769
+ "id": "W12",
770
+ "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
771
+ }
772
+ ]
773
+ }
774
+ }
775
+ },
776
+ "LambdaFunctionBF21E41F": {
777
+ "Type": "AWS::Lambda::Function",
778
+ "Properties": {
779
+ "Code": {
780
+ "S3Bucket": {
781
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
782
+ },
783
+ "S3Key": "7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79.zip"
784
+ },
785
+ "Environment": {
786
+ "Variables": {
787
+ "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
788
+ }
789
+ },
790
+ "Handler": "index.handler",
791
+ "Role": {
792
+ "Fn::GetAtt": [
793
+ "LambdaFunctionServiceRole0C4CDE0B",
794
+ "Arn"
795
+ ]
796
+ },
797
+ "Runtime": "nodejs16.x",
798
+ "TracingConfig": {
799
+ "Mode": "Active"
800
+ },
801
+ "VpcConfig": {
802
+ "SecurityGroupIds": [
803
+ {
804
+ "Fn::GetAtt": [
805
+ "lambdasg93781054",
806
+ "GroupId"
807
+ ]
808
+ }
809
+ ],
810
+ "SubnetIds": [
811
+ {
812
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
813
+ },
814
+ {
815
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
816
+ }
817
+ ]
818
+ }
819
+ },
820
+ "DependsOn": [
821
+ "LambdaFunctionServiceRoleDefaultPolicy126C8897",
822
+ "LambdaFunctionServiceRole0C4CDE0B",
823
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED",
824
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6",
825
+ "VpcPrivateSubnet2DefaultRoute060D2087",
826
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56"
827
+ ],
828
+ "Metadata": {
829
+ "cfn_nag": {
830
+ "rules_to_suppress": [
831
+ {
832
+ "id": "W58",
833
+ "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
834
+ },
835
+ {
836
+ "id": "W89",
837
+ "reason": "This is not a rule for the general case, just for specific use cases/industries"
838
+ },
839
+ {
840
+ "id": "W92",
841
+ "reason": "Impossible for us to define the correct concurrency for clients"
842
+ }
843
+ ]
844
+ }
845
+ }
846
+ },
847
+ "LambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HYAD69E89D": {
848
+ "Type": "AWS::Lambda::Permission",
849
+ "Properties": {
850
+ "Action": "lambda:InvokeFunction",
851
+ "FunctionName": {
852
+ "Fn::GetAtt": [
853
+ "LambdaFunctionBF21E41F",
854
+ "Arn"
855
+ ]
856
+ },
857
+ "Principal": "elasticloadbalancing.amazonaws.com"
858
+ },
859
+ "DependsOn": [
860
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED",
861
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6",
862
+ "VpcPrivateSubnet2DefaultRoute060D2087",
863
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56"
864
+ ]
865
+ },
866
+ "existingalbalb3A941601": {
867
+ "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
868
+ "Properties": {
869
+ "LoadBalancerAttributes": [
870
+ {
871
+ "Key": "deletion_protection.enabled",
872
+ "Value": "false"
873
+ },
874
+ {
875
+ "Key": "access_logs.s3.enabled",
876
+ "Value": "true"
877
+ },
878
+ {
879
+ "Key": "access_logs.s3.bucket",
880
+ "Value": {
881
+ "Ref": "existingalb0F60CC48"
882
+ }
883
+ },
884
+ {
885
+ "Key": "access_logs.s3.prefix",
886
+ "Value": ""
887
+ }
888
+ ],
889
+ "Scheme": "internal",
890
+ "SecurityGroups": [
891
+ {
892
+ "Fn::GetAtt": [
893
+ "existingalbalbSecurityGroupC8DD2920",
894
+ "GroupId"
895
+ ]
896
+ }
897
+ ],
898
+ "Subnets": [
899
+ {
900
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
901
+ },
902
+ {
903
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
904
+ }
905
+ ],
906
+ "Type": "application"
907
+ },
908
+ "DependsOn": [
909
+ "existingalbPolicy6C7AF240"
910
+ ]
911
+ },
912
+ "existingalbalbSecurityGroupC8DD2920": {
913
+ "Type": "AWS::EC2::SecurityGroup",
914
+ "Properties": {
915
+ "GroupDescription": "Automatically created Security Group for ELB alblampublicApiExistingResourcesexistingalbalb1EA1EAA3",
916
+ "SecurityGroupEgress": [
917
+ {
918
+ "CidrIp": "255.255.255.255/32",
919
+ "Description": "Disallow all traffic",
920
+ "FromPort": 252,
921
+ "IpProtocol": "icmp",
922
+ "ToPort": 86
923
+ }
924
+ ],
925
+ "SecurityGroupIngress": [
926
+ {
927
+ "CidrIp": "0.0.0.0/0",
928
+ "Description": "Allow from anyone on port 80",
929
+ "FromPort": 80,
930
+ "IpProtocol": "tcp",
931
+ "ToPort": 80
932
+ }
933
+ ],
934
+ "VpcId": {
935
+ "Ref": "Vpc8378EB38"
936
+ }
937
+ },
938
+ "Metadata": {
939
+ "cfn_nag": {
940
+ "rules_to_suppress": [
941
+ {
942
+ "id": "W29",
943
+ "reason": "CDK created rule that blocks all traffic."
944
+ },
945
+ {
946
+ "id": "W2",
947
+ "reason": "Rule does not apply for ELB."
948
+ },
949
+ {
950
+ "id": "W9",
951
+ "reason": "Rule does not apply for ELB."
952
+ }
953
+ ]
954
+ }
955
+ }
956
+ },
957
+ "existingalb0F60CC48": {
958
+ "Type": "AWS::S3::Bucket",
959
+ "Properties": {
960
+ "BucketEncryption": {
961
+ "ServerSideEncryptionConfiguration": [
962
+ {
963
+ "ServerSideEncryptionByDefault": {
964
+ "SSEAlgorithm": "AES256"
965
+ }
966
+ }
967
+ ]
968
+ },
969
+ "PublicAccessBlockConfiguration": {
970
+ "BlockPublicAcls": true,
971
+ "BlockPublicPolicy": true,
972
+ "IgnorePublicAcls": true,
973
+ "RestrictPublicBuckets": true
974
+ },
975
+ "Tags": [
976
+ {
977
+ "Key": "aws-cdk:auto-delete-objects",
978
+ "Value": "true"
979
+ }
980
+ ],
981
+ "VersioningConfiguration": {
982
+ "Status": "Enabled"
983
+ }
984
+ },
985
+ "UpdateReplacePolicy": "Delete",
986
+ "DeletionPolicy": "Delete",
987
+ "Metadata": {
988
+ "cfn_nag": {
989
+ "rules_to_suppress": [
990
+ {
991
+ "id": "W35",
992
+ "reason": "This is a log bucket for an Application Load Balancer"
993
+ }
994
+ ]
995
+ }
996
+ }
997
+ },
998
+ "existingalbPolicy6C7AF240": {
999
+ "Type": "AWS::S3::BucketPolicy",
1000
+ "Properties": {
1001
+ "Bucket": {
1002
+ "Ref": "existingalb0F60CC48"
1003
+ },
1004
+ "PolicyDocument": {
1005
+ "Statement": [
1006
+ {
1007
+ "Action": "s3:*",
1008
+ "Condition": {
1009
+ "Bool": {
1010
+ "aws:SecureTransport": "false"
1011
+ }
1012
+ },
1013
+ "Effect": "Deny",
1014
+ "Principal": {
1015
+ "AWS": "*"
1016
+ },
1017
+ "Resource": [
1018
+ {
1019
+ "Fn::GetAtt": [
1020
+ "existingalb0F60CC48",
1021
+ "Arn"
1022
+ ]
1023
+ },
1024
+ {
1025
+ "Fn::Join": [
1026
+ "",
1027
+ [
1028
+ {
1029
+ "Fn::GetAtt": [
1030
+ "existingalb0F60CC48",
1031
+ "Arn"
1032
+ ]
1033
+ },
1034
+ "/*"
1035
+ ]
1036
+ ]
1037
+ }
1038
+ ]
1039
+ },
1040
+ {
1041
+ "Action": [
1042
+ "s3:DeleteObject*",
1043
+ "s3:GetBucket*",
1044
+ "s3:List*",
1045
+ "s3:PutBucketPolicy"
1046
+ ],
1047
+ "Effect": "Allow",
1048
+ "Principal": {
1049
+ "AWS": {
1050
+ "Fn::GetAtt": [
1051
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1052
+ "Arn"
1053
+ ]
1054
+ }
1055
+ },
1056
+ "Resource": [
1057
+ {
1058
+ "Fn::GetAtt": [
1059
+ "existingalb0F60CC48",
1060
+ "Arn"
1061
+ ]
1062
+ },
1063
+ {
1064
+ "Fn::Join": [
1065
+ "",
1066
+ [
1067
+ {
1068
+ "Fn::GetAtt": [
1069
+ "existingalb0F60CC48",
1070
+ "Arn"
1071
+ ]
1072
+ },
1073
+ "/*"
1074
+ ]
1075
+ ]
1076
+ }
1077
+ ]
1078
+ },
1079
+ {
1080
+ "Action": "s3:PutObject",
1081
+ "Effect": "Allow",
1082
+ "Principal": {
1083
+ "AWS": "arn:aws:iam::127311923021:root"
1084
+ },
1085
+ "Resource": {
1086
+ "Fn::Join": [
1087
+ "",
1088
+ [
1089
+ {
1090
+ "Fn::GetAtt": [
1091
+ "existingalb0F60CC48",
1092
+ "Arn"
1093
+ ]
1094
+ },
1095
+ "/AWSLogs/",
1096
+ {
1097
+ "Ref": "AWS::AccountId"
1098
+ },
1099
+ "/*"
1100
+ ]
1101
+ ]
1102
+ }
1103
+ },
1104
+ {
1105
+ "Action": "s3:PutObject",
1106
+ "Condition": {
1107
+ "StringEquals": {
1108
+ "s3:x-amz-acl": "bucket-owner-full-control"
1109
+ }
1110
+ },
1111
+ "Effect": "Allow",
1112
+ "Principal": {
1113
+ "Service": "delivery.logs.amazonaws.com"
1114
+ },
1115
+ "Resource": {
1116
+ "Fn::Join": [
1117
+ "",
1118
+ [
1119
+ {
1120
+ "Fn::GetAtt": [
1121
+ "existingalb0F60CC48",
1122
+ "Arn"
1123
+ ]
1124
+ },
1125
+ "/AWSLogs/",
1126
+ {
1127
+ "Ref": "AWS::AccountId"
1128
+ },
1129
+ "/*"
1130
+ ]
1131
+ ]
1132
+ }
1133
+ },
1134
+ {
1135
+ "Action": "s3:GetBucketAcl",
1136
+ "Effect": "Allow",
1137
+ "Principal": {
1138
+ "Service": "delivery.logs.amazonaws.com"
1139
+ },
1140
+ "Resource": {
1141
+ "Fn::GetAtt": [
1142
+ "existingalb0F60CC48",
1143
+ "Arn"
1144
+ ]
1145
+ }
1146
+ }
1147
+ ],
1148
+ "Version": "2012-10-17"
1149
+ }
1150
+ }
1151
+ },
1152
+ "existingalbAutoDeleteObjectsCustomResource67152080": {
1153
+ "Type": "Custom::S3AutoDeleteObjects",
1154
+ "Properties": {
1155
+ "ServiceToken": {
1156
+ "Fn::GetAtt": [
1157
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
1158
+ "Arn"
1159
+ ]
1160
+ },
1161
+ "BucketName": {
1162
+ "Ref": "existingalb0F60CC48"
1163
+ }
1164
+ },
1165
+ "DependsOn": [
1166
+ "existingalbPolicy6C7AF240"
1167
+ ],
1168
+ "UpdateReplacePolicy": "Delete",
1169
+ "DeletionPolicy": "Delete"
1170
+ },
1171
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
1172
+ "Type": "AWS::IAM::Role",
1173
+ "Properties": {
1174
+ "AssumeRolePolicyDocument": {
1175
+ "Version": "2012-10-17",
1176
+ "Statement": [
1177
+ {
1178
+ "Action": "sts:AssumeRole",
1179
+ "Effect": "Allow",
1180
+ "Principal": {
1181
+ "Service": "lambda.amazonaws.com"
1182
+ }
1183
+ }
1184
+ ]
1185
+ },
1186
+ "ManagedPolicyArns": [
1187
+ {
1188
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
1189
+ }
1190
+ ]
1191
+ }
1192
+ },
1193
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
1194
+ "Type": "AWS::Lambda::Function",
1195
+ "Properties": {
1196
+ "Code": {
1197
+ "S3Bucket": {
1198
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
1199
+ },
1200
+ "S3Key": "b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6.zip"
1201
+ },
1202
+ "Timeout": 900,
1203
+ "MemorySize": 128,
1204
+ "Handler": "index.handler",
1205
+ "Role": {
1206
+ "Fn::GetAtt": [
1207
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1208
+ "Arn"
1209
+ ]
1210
+ },
1211
+ "Runtime": "nodejs18.x",
1212
+ "Description": {
1213
+ "Fn::Join": [
1214
+ "",
1215
+ [
1216
+ "Lambda function for auto-deleting objects in ",
1217
+ {
1218
+ "Ref": "existingalb0F60CC48"
1219
+ },
1220
+ " S3 bucket."
1221
+ ]
1222
+ ]
1223
+ }
1224
+ },
1225
+ "DependsOn": [
1226
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
1227
+ ],
1228
+ "Metadata": {
1229
+ "cfn_nag": {
1230
+ "rules_to_suppress": [
1231
+ {
1232
+ "id": "W58",
1233
+ "reason": "CDK generated custom resource"
1234
+ },
1235
+ {
1236
+ "id": "W89",
1237
+ "reason": "CDK generated custom resource"
1238
+ },
1239
+ {
1240
+ "id": "W92",
1241
+ "reason": "CDK generated custom resource"
1242
+ }
1243
+ ]
1244
+ }
1245
+ }
1246
+ },
1247
+ "testonetestonelistener51CF582F": {
1248
+ "Type": "AWS::ElasticLoadBalancingV2::Listener",
1249
+ "Properties": {
1250
+ "DefaultActions": [
1251
+ {
1252
+ "TargetGroupArn": {
1253
+ "Ref": "testonetg2tg6459EC7C"
1254
+ },
1255
+ "Type": "forward"
1256
+ }
1257
+ ],
1258
+ "LoadBalancerArn": {
1259
+ "Ref": "existingalbalb3A941601"
1260
+ },
1261
+ "Port": 80,
1262
+ "Protocol": "HTTP"
1263
+ },
1264
+ "DependsOn": [
1265
+ "testonetg2tg6459EC7C"
1266
+ ],
1267
+ "Metadata": {
1268
+ "cfn_nag": {
1269
+ "rules_to_suppress": [
1270
+ {
1271
+ "id": "W56",
1272
+ "reason": "All integration tests must be HTTP because of certificate limitations."
1273
+ }
1274
+ ]
1275
+ }
1276
+ }
1277
+ },
1278
+ "testonetg2tg6459EC7C": {
1279
+ "Type": "AWS::ElasticLoadBalancingV2::TargetGroup",
1280
+ "Properties": {
1281
+ "TargetType": "lambda",
1282
+ "Targets": [
1283
+ {
1284
+ "Id": {
1285
+ "Fn::GetAtt": [
1286
+ "LambdaFunctionBF21E41F",
1287
+ "Arn"
1288
+ ]
1289
+ }
1290
+ }
1291
+ ]
1292
+ },
1293
+ "DependsOn": [
1294
+ "LambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HYAD69E89D"
1295
+ ]
1296
+ }
1297
+ },
1298
+ "Parameters": {
1299
+ "BootstrapVersion": {
1300
+ "Type": "AWS::SSM::Parameter::Value<String>",
1301
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1302
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1303
+ }
1304
+ },
1305
+ "Rules": {
1306
+ "CheckBootstrapVersion": {
1307
+ "Assertions": [
1308
+ {
1309
+ "Assert": {
1310
+ "Fn::Not": [
1311
+ {
1312
+ "Fn::Contains": [
1313
+ [
1314
+ "1",
1315
+ "2",
1316
+ "3",
1317
+ "4",
1318
+ "5"
1319
+ ],
1320
+ {
1321
+ "Ref": "BootstrapVersion"
1322
+ }
1323
+ ]
1324
+ }
1325
+ ]
1326
+ },
1327
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1328
+ }
1329
+ ]
1330
+ }
1331
+ }
1332
+ }