@aws-solutions-constructs/aws-alb-lambda 2.51.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +49 -4
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +10 -9
  6. package/test/integ.alblam-privateApiExistingResources.js +7 -3
  7. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.assets.json +62 -0
  8. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.template.json +1332 -0
  9. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.assets.json +19 -0
  10. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.template.json +36 -0
  11. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  12. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  13. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  14. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  15. package/test/integ.alblam-privateApiExistingResources.js.snapshot/cdk.out +1 -0
  16. package/test/integ.alblam-privateApiExistingResources.js.snapshot/integ.json +12 -0
  17. package/test/integ.alblam-privateApiExistingResources.js.snapshot/manifest.json +371 -0
  18. package/test/integ.alblam-privateApiExistingResources.js.snapshot/tree.json +1708 -0
  19. package/test/integ.alblam-privateApiNewResources.js +7 -3
  20. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.assets.json +62 -0
  21. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.template.json +1048 -0
  22. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.assets.json +19 -0
  23. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.template.json +36 -0
  24. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  25. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  26. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  27. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  28. package/test/integ.alblam-privateApiNewResources.js.snapshot/cdk.out +1 -0
  29. package/test/integ.alblam-privateApiNewResources.js.snapshot/integ.json +12 -0
  30. package/test/integ.alblam-privateApiNewResources.js.snapshot/manifest.json +275 -0
  31. package/test/integ.alblam-privateApiNewResources.js.snapshot/tree.json +1294 -0
  32. package/test/integ.alblam-publicApiExistingResources.js +7 -3
  33. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.assets.json +62 -0
  34. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.template.json +1332 -0
  35. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.assets.json +19 -0
  36. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.template.json +36 -0
  37. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  38. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  39. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  40. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  41. package/test/integ.alblam-publicApiExistingResources.js.snapshot/cdk.out +1 -0
  42. package/test/integ.alblam-publicApiExistingResources.js.snapshot/integ.json +12 -0
  43. package/test/integ.alblam-publicApiExistingResources.js.snapshot/manifest.json +371 -0
  44. package/test/integ.alblam-publicApiExistingResources.js.snapshot/tree.json +1708 -0
  45. package/test/integ.alblam-publicApiNewResources.js +7 -3
  46. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.assets.json +62 -0
  47. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.template.json +1338 -0
  48. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.assets.json +19 -0
  49. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.template.json +36 -0
  50. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  51. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  52. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  53. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  54. package/test/integ.alblam-publicApiNewResources.js.snapshot/cdk.out +1 -0
  55. package/test/integ.alblam-publicApiNewResources.js.snapshot/integ.json +12 -0
  56. package/test/integ.alblam-publicApiNewResources.js.snapshot/manifest.json +371 -0
  57. package/test/integ.alblam-publicApiNewResources.js.snapshot/tree.json +1706 -0
  58. package/test/integ.alblam-twoTargets.js +7 -3
  59. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.assets.json +62 -0
  60. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.template.json +1598 -0
  61. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.assets.json +19 -0
  62. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.template.json +36 -0
  63. package/test/integ.alblam-twoTargets.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  64. package/test/integ.alblam-twoTargets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  65. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  66. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  67. package/test/integ.alblam-twoTargets.js.snapshot/cdk.out +1 -0
  68. package/test/integ.alblam-twoTargets.js.snapshot/integ.json +12 -0
  69. package/test/integ.alblam-twoTargets.js.snapshot/manifest.json +413 -0
  70. package/test/integ.alblam-twoTargets.js.snapshot/tree.json +2067 -0
  71. package/test/integ.alblam-privateApiExistingResources.expected.json +0 -1378
  72. package/test/integ.alblam-privateApiNewResources.expected.json +0 -983
  73. package/test/integ.alblam-publicApiExistingResources.expected.json +0 -1378
  74. package/test/integ.alblam-publicApiNewResources.expected.json +0 -1386
  75. package/test/integ.alblam-twoTargets.expected.json +0 -1659
@@ -1,1386 +0,0 @@
1
- {
2
- "Description": "Integration Test for public HTTP API with a new function and ALB",
3
- "Resources": {
4
- "testonetestonealb4F263E42": {
5
- "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
6
- "Properties": {
7
- "LoadBalancerAttributes": [
8
- {
9
- "Key": "deletion_protection.enabled",
10
- "Value": "false"
11
- },
12
- {
13
- "Key": "access_logs.s3.enabled",
14
- "Value": "true"
15
- },
16
- {
17
- "Key": "access_logs.s3.bucket",
18
- "Value": {
19
- "Ref": "testoneE6ACFBB6"
20
- }
21
- },
22
- {
23
- "Key": "access_logs.s3.prefix",
24
- "Value": ""
25
- }
26
- ],
27
- "Scheme": "internet-facing",
28
- "SecurityGroups": [
29
- {
30
- "Fn::GetAtt": [
31
- "testonetestonealbSecurityGroup4DED9E2A",
32
- "GroupId"
33
- ]
34
- }
35
- ],
36
- "Subnets": [
37
- {
38
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
39
- },
40
- {
41
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
42
- },
43
- {
44
- "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
45
- }
46
- ],
47
- "Type": "application"
48
- },
49
- "DependsOn": [
50
- "testonePolicyE30853FE",
51
- "VpcPublicSubnet1DefaultRoute3DA9E72A",
52
- "VpcPublicSubnet1RouteTableAssociation97140677",
53
- "VpcPublicSubnet2DefaultRoute97F91067",
54
- "VpcPublicSubnet2RouteTableAssociationDD5762D8",
55
- "VpcPublicSubnet3DefaultRoute4697774F",
56
- "VpcPublicSubnet3RouteTableAssociation1F1EDF02"
57
- ]
58
- },
59
- "testonetestonealbSecurityGroup4DED9E2A": {
60
- "Type": "AWS::EC2::SecurityGroup",
61
- "Properties": {
62
- "GroupDescription": "Automatically created Security Group for ELB alblampublicApiNewResourcestestonetestonealbE07397A7",
63
- "SecurityGroupEgress": [
64
- {
65
- "CidrIp": "255.255.255.255/32",
66
- "Description": "Disallow all traffic",
67
- "FromPort": 252,
68
- "IpProtocol": "icmp",
69
- "ToPort": 86
70
- }
71
- ],
72
- "SecurityGroupIngress": [
73
- {
74
- "CidrIp": "0.0.0.0/0",
75
- "Description": "Allow from anyone on port 80",
76
- "FromPort": 80,
77
- "IpProtocol": "tcp",
78
- "ToPort": 80
79
- }
80
- ],
81
- "VpcId": {
82
- "Ref": "Vpc8378EB38"
83
- }
84
- },
85
- "Metadata": {
86
- "cfn_nag": {
87
- "rules_to_suppress": [
88
- {
89
- "id": "W29",
90
- "reason": "CDK created rule that blocks all traffic."
91
- },
92
- {
93
- "id": "W2",
94
- "reason": "Rule does not apply for ELB."
95
- },
96
- {
97
- "id": "W9",
98
- "reason": "Rule does not apply for ELB."
99
- }
100
- ]
101
- }
102
- }
103
- },
104
- "testoneE6ACFBB6": {
105
- "Type": "AWS::S3::Bucket",
106
- "Properties": {
107
- "BucketEncryption": {
108
- "ServerSideEncryptionConfiguration": [
109
- {
110
- "ServerSideEncryptionByDefault": {
111
- "SSEAlgorithm": "AES256"
112
- }
113
- }
114
- ]
115
- },
116
- "PublicAccessBlockConfiguration": {
117
- "BlockPublicAcls": true,
118
- "BlockPublicPolicy": true,
119
- "IgnorePublicAcls": true,
120
- "RestrictPublicBuckets": true
121
- },
122
- "Tags": [
123
- {
124
- "Key": "aws-cdk:auto-delete-objects",
125
- "Value": "true"
126
- }
127
- ],
128
- "VersioningConfiguration": {
129
- "Status": "Enabled"
130
- }
131
- },
132
- "UpdateReplacePolicy": "Delete",
133
- "DeletionPolicy": "Delete",
134
- "Metadata": {
135
- "cfn_nag": {
136
- "rules_to_suppress": [
137
- {
138
- "id": "W35",
139
- "reason": "This is a log bucket for an Application Load Balancer"
140
- }
141
- ]
142
- }
143
- }
144
- },
145
- "testonePolicyE30853FE": {
146
- "Type": "AWS::S3::BucketPolicy",
147
- "Properties": {
148
- "Bucket": {
149
- "Ref": "testoneE6ACFBB6"
150
- },
151
- "PolicyDocument": {
152
- "Statement": [
153
- {
154
- "Action": "s3:*",
155
- "Condition": {
156
- "Bool": {
157
- "aws:SecureTransport": "false"
158
- }
159
- },
160
- "Effect": "Deny",
161
- "Principal": {
162
- "AWS": "*"
163
- },
164
- "Resource": [
165
- {
166
- "Fn::GetAtt": [
167
- "testoneE6ACFBB6",
168
- "Arn"
169
- ]
170
- },
171
- {
172
- "Fn::Join": [
173
- "",
174
- [
175
- {
176
- "Fn::GetAtt": [
177
- "testoneE6ACFBB6",
178
- "Arn"
179
- ]
180
- },
181
- "/*"
182
- ]
183
- ]
184
- }
185
- ]
186
- },
187
- {
188
- "Action": [
189
- "s3:PutBucketPolicy",
190
- "s3:GetBucket*",
191
- "s3:List*",
192
- "s3:DeleteObject*"
193
- ],
194
- "Effect": "Allow",
195
- "Principal": {
196
- "AWS": {
197
- "Fn::GetAtt": [
198
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
199
- "Arn"
200
- ]
201
- }
202
- },
203
- "Resource": [
204
- {
205
- "Fn::GetAtt": [
206
- "testoneE6ACFBB6",
207
- "Arn"
208
- ]
209
- },
210
- {
211
- "Fn::Join": [
212
- "",
213
- [
214
- {
215
- "Fn::GetAtt": [
216
- "testoneE6ACFBB6",
217
- "Arn"
218
- ]
219
- },
220
- "/*"
221
- ]
222
- ]
223
- }
224
- ]
225
- },
226
- {
227
- "Action": "s3:PutObject",
228
- "Effect": "Allow",
229
- "Principal": {
230
- "AWS": {
231
- "Fn::Join": [
232
- "",
233
- [
234
- "arn:",
235
- {
236
- "Ref": "AWS::Partition"
237
- },
238
- ":iam::127311923021:root"
239
- ]
240
- ]
241
- }
242
- },
243
- "Resource": {
244
- "Fn::Join": [
245
- "",
246
- [
247
- {
248
- "Fn::GetAtt": [
249
- "testoneE6ACFBB6",
250
- "Arn"
251
- ]
252
- },
253
- "/AWSLogs/",
254
- {
255
- "Ref": "AWS::AccountId"
256
- },
257
- "/*"
258
- ]
259
- ]
260
- }
261
- },
262
- {
263
- "Action": "s3:PutObject",
264
- "Condition": {
265
- "StringEquals": {
266
- "s3:x-amz-acl": "bucket-owner-full-control"
267
- }
268
- },
269
- "Effect": "Allow",
270
- "Principal": {
271
- "Service": "delivery.logs.amazonaws.com"
272
- },
273
- "Resource": {
274
- "Fn::Join": [
275
- "",
276
- [
277
- {
278
- "Fn::GetAtt": [
279
- "testoneE6ACFBB6",
280
- "Arn"
281
- ]
282
- },
283
- "/AWSLogs/",
284
- {
285
- "Ref": "AWS::AccountId"
286
- },
287
- "/*"
288
- ]
289
- ]
290
- }
291
- },
292
- {
293
- "Action": "s3:GetBucketAcl",
294
- "Effect": "Allow",
295
- "Principal": {
296
- "Service": "delivery.logs.amazonaws.com"
297
- },
298
- "Resource": {
299
- "Fn::GetAtt": [
300
- "testoneE6ACFBB6",
301
- "Arn"
302
- ]
303
- }
304
- }
305
- ],
306
- "Version": "2012-10-17"
307
- }
308
- }
309
- },
310
- "testoneAutoDeleteObjectsCustomResourceEDE3D2FC": {
311
- "Type": "Custom::S3AutoDeleteObjects",
312
- "Properties": {
313
- "ServiceToken": {
314
- "Fn::GetAtt": [
315
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
316
- "Arn"
317
- ]
318
- },
319
- "BucketName": {
320
- "Ref": "testoneE6ACFBB6"
321
- }
322
- },
323
- "DependsOn": [
324
- "testonePolicyE30853FE"
325
- ],
326
- "UpdateReplacePolicy": "Delete",
327
- "DeletionPolicy": "Delete"
328
- },
329
- "testoneLambdaFunctionServiceRoleE92573D3": {
330
- "Type": "AWS::IAM::Role",
331
- "Properties": {
332
- "AssumeRolePolicyDocument": {
333
- "Statement": [
334
- {
335
- "Action": "sts:AssumeRole",
336
- "Effect": "Allow",
337
- "Principal": {
338
- "Service": "lambda.amazonaws.com"
339
- }
340
- }
341
- ],
342
- "Version": "2012-10-17"
343
- },
344
- "Policies": [
345
- {
346
- "PolicyDocument": {
347
- "Statement": [
348
- {
349
- "Action": [
350
- "logs:CreateLogGroup",
351
- "logs:CreateLogStream",
352
- "logs:PutLogEvents"
353
- ],
354
- "Effect": "Allow",
355
- "Resource": {
356
- "Fn::Join": [
357
- "",
358
- [
359
- "arn:",
360
- {
361
- "Ref": "AWS::Partition"
362
- },
363
- ":logs:",
364
- {
365
- "Ref": "AWS::Region"
366
- },
367
- ":",
368
- {
369
- "Ref": "AWS::AccountId"
370
- },
371
- ":log-group:/aws/lambda/*"
372
- ]
373
- ]
374
- }
375
- }
376
- ],
377
- "Version": "2012-10-17"
378
- },
379
- "PolicyName": "LambdaFunctionServiceRolePolicy"
380
- }
381
- ]
382
- }
383
- },
384
- "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173": {
385
- "Type": "AWS::IAM::Policy",
386
- "Properties": {
387
- "PolicyDocument": {
388
- "Statement": [
389
- {
390
- "Action": [
391
- "ec2:CreateNetworkInterface",
392
- "ec2:DescribeNetworkInterfaces",
393
- "ec2:DeleteNetworkInterface",
394
- "ec2:AssignPrivateIpAddresses",
395
- "ec2:UnassignPrivateIpAddresses"
396
- ],
397
- "Effect": "Allow",
398
- "Resource": "*"
399
- },
400
- {
401
- "Action": [
402
- "xray:PutTraceSegments",
403
- "xray:PutTelemetryRecords"
404
- ],
405
- "Effect": "Allow",
406
- "Resource": "*"
407
- }
408
- ],
409
- "Version": "2012-10-17"
410
- },
411
- "PolicyName": "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173",
412
- "Roles": [
413
- {
414
- "Ref": "testoneLambdaFunctionServiceRoleE92573D3"
415
- }
416
- ]
417
- },
418
- "Metadata": {
419
- "cfn_nag": {
420
- "rules_to_suppress": [
421
- {
422
- "id": "W12",
423
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
424
- }
425
- ]
426
- }
427
- }
428
- },
429
- "testoneReplaceDefaultSecurityGroupsecuritygroupE46270FE": {
430
- "Type": "AWS::EC2::SecurityGroup",
431
- "Properties": {
432
- "GroupDescription": "alblam-publicApiNewResources/test-one/ReplaceDefaultSecurityGroup-security-group",
433
- "SecurityGroupEgress": [
434
- {
435
- "CidrIp": "0.0.0.0/0",
436
- "Description": "Allow all outbound traffic by default",
437
- "IpProtocol": "-1"
438
- }
439
- ],
440
- "VpcId": {
441
- "Ref": "Vpc8378EB38"
442
- }
443
- },
444
- "Metadata": {
445
- "cfn_nag": {
446
- "rules_to_suppress": [
447
- {
448
- "id": "W5",
449
- "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
450
- },
451
- {
452
- "id": "W40",
453
- "reason": "Egress IPProtocol of -1 is default and generally considered OK"
454
- }
455
- ]
456
- }
457
- }
458
- },
459
- "testoneLambdaFunctionCC9B03E1": {
460
- "Type": "AWS::Lambda::Function",
461
- "Properties": {
462
- "Code": {
463
- "S3Bucket": {
464
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
465
- },
466
- "S3Key": "7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79.zip"
467
- },
468
- "Environment": {
469
- "Variables": {
470
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
471
- }
472
- },
473
- "Handler": "index.handler",
474
- "Role": {
475
- "Fn::GetAtt": [
476
- "testoneLambdaFunctionServiceRoleE92573D3",
477
- "Arn"
478
- ]
479
- },
480
- "Runtime": "nodejs16.x",
481
- "TracingConfig": {
482
- "Mode": "Active"
483
- },
484
- "VpcConfig": {
485
- "SecurityGroupIds": [
486
- {
487
- "Fn::GetAtt": [
488
- "testoneReplaceDefaultSecurityGroupsecuritygroupE46270FE",
489
- "GroupId"
490
- ]
491
- }
492
- ],
493
- "SubnetIds": [
494
- {
495
- "Ref": "VpcPrivateSubnet1Subnet536B997A"
496
- },
497
- {
498
- "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
499
- },
500
- {
501
- "Ref": "VpcPrivateSubnet3SubnetF258B56E"
502
- }
503
- ]
504
- }
505
- },
506
- "DependsOn": [
507
- "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173",
508
- "testoneLambdaFunctionServiceRoleE92573D3",
509
- "VpcPrivateSubnet1DefaultRouteBE02A9ED",
510
- "VpcPrivateSubnet1RouteTableAssociation70C59FA6",
511
- "VpcPrivateSubnet2DefaultRoute060D2087",
512
- "VpcPrivateSubnet2RouteTableAssociationA89CAD56",
513
- "VpcPrivateSubnet3DefaultRoute94B74F0D",
514
- "VpcPrivateSubnet3RouteTableAssociation16BDDC43"
515
- ],
516
- "Metadata": {
517
- "cfn_nag": {
518
- "rules_to_suppress": [
519
- {
520
- "id": "W58",
521
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
522
- },
523
- {
524
- "id": "W89",
525
- "reason": "This is not a rule for the general case, just for specific use cases/industries"
526
- },
527
- {
528
- "id": "W92",
529
- "reason": "Impossible for us to define the correct concurrency for clients"
530
- }
531
- ]
532
- }
533
- }
534
- },
535
- "testoneLambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HY508A8518": {
536
- "Type": "AWS::Lambda::Permission",
537
- "Properties": {
538
- "Action": "lambda:InvokeFunction",
539
- "FunctionName": {
540
- "Fn::GetAtt": [
541
- "testoneLambdaFunctionCC9B03E1",
542
- "Arn"
543
- ]
544
- },
545
- "Principal": "elasticloadbalancing.amazonaws.com"
546
- },
547
- "DependsOn": [
548
- "VpcPrivateSubnet1DefaultRouteBE02A9ED",
549
- "VpcPrivateSubnet1RouteTableAssociation70C59FA6",
550
- "VpcPrivateSubnet2DefaultRoute060D2087",
551
- "VpcPrivateSubnet2RouteTableAssociationA89CAD56",
552
- "VpcPrivateSubnet3DefaultRoute94B74F0D",
553
- "VpcPrivateSubnet3RouteTableAssociation16BDDC43"
554
- ]
555
- },
556
- "testonetestonelistener51CF582F": {
557
- "Type": "AWS::ElasticLoadBalancingV2::Listener",
558
- "Properties": {
559
- "DefaultActions": [
560
- {
561
- "TargetGroupArn": {
562
- "Ref": "testonetg2tg6459EC7C"
563
- },
564
- "Type": "forward"
565
- }
566
- ],
567
- "LoadBalancerArn": {
568
- "Ref": "testonetestonealb4F263E42"
569
- },
570
- "Port": 80,
571
- "Protocol": "HTTP"
572
- },
573
- "DependsOn": [
574
- "testonetg2tg6459EC7C"
575
- ],
576
- "Metadata": {
577
- "cfn_nag": {
578
- "rules_to_suppress": [
579
- {
580
- "id": "W56",
581
- "reason": "All integration tests must be HTTP because of certificate limitations."
582
- }
583
- ]
584
- }
585
- }
586
- },
587
- "testonetg2tg6459EC7C": {
588
- "Type": "AWS::ElasticLoadBalancingV2::TargetGroup",
589
- "Properties": {
590
- "TargetType": "lambda",
591
- "Targets": [
592
- {
593
- "Id": {
594
- "Fn::GetAtt": [
595
- "testoneLambdaFunctionCC9B03E1",
596
- "Arn"
597
- ]
598
- }
599
- }
600
- ]
601
- },
602
- "DependsOn": [
603
- "testoneLambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HY508A8518"
604
- ]
605
- },
606
- "Vpc8378EB38": {
607
- "Type": "AWS::EC2::VPC",
608
- "Properties": {
609
- "CidrBlock": "10.0.0.0/16",
610
- "EnableDnsHostnames": true,
611
- "EnableDnsSupport": true,
612
- "InstanceTenancy": "default",
613
- "Tags": [
614
- {
615
- "Key": "Name",
616
- "Value": "alblam-publicApiNewResources/Vpc"
617
- }
618
- ]
619
- }
620
- },
621
- "VpcPublicSubnet1Subnet5C2D37C4": {
622
- "Type": "AWS::EC2::Subnet",
623
- "Properties": {
624
- "AvailabilityZone": "test-region-1a",
625
- "CidrBlock": "10.0.0.0/19",
626
- "MapPublicIpOnLaunch": true,
627
- "Tags": [
628
- {
629
- "Key": "aws-cdk:subnet-name",
630
- "Value": "Public"
631
- },
632
- {
633
- "Key": "aws-cdk:subnet-type",
634
- "Value": "Public"
635
- },
636
- {
637
- "Key": "Name",
638
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet1"
639
- }
640
- ],
641
- "VpcId": {
642
- "Ref": "Vpc8378EB38"
643
- }
644
- },
645
- "Metadata": {
646
- "cfn_nag": {
647
- "rules_to_suppress": [
648
- {
649
- "id": "W33",
650
- "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
651
- }
652
- ]
653
- }
654
- }
655
- },
656
- "VpcPublicSubnet1RouteTable6C95E38E": {
657
- "Type": "AWS::EC2::RouteTable",
658
- "Properties": {
659
- "Tags": [
660
- {
661
- "Key": "Name",
662
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet1"
663
- }
664
- ],
665
- "VpcId": {
666
- "Ref": "Vpc8378EB38"
667
- }
668
- }
669
- },
670
- "VpcPublicSubnet1RouteTableAssociation97140677": {
671
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
672
- "Properties": {
673
- "RouteTableId": {
674
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
675
- },
676
- "SubnetId": {
677
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
678
- }
679
- }
680
- },
681
- "VpcPublicSubnet1DefaultRoute3DA9E72A": {
682
- "Type": "AWS::EC2::Route",
683
- "Properties": {
684
- "DestinationCidrBlock": "0.0.0.0/0",
685
- "GatewayId": {
686
- "Ref": "VpcIGWD7BA715C"
687
- },
688
- "RouteTableId": {
689
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
690
- }
691
- },
692
- "DependsOn": [
693
- "VpcVPCGWBF912B6E"
694
- ]
695
- },
696
- "VpcPublicSubnet1EIPD7E02669": {
697
- "Type": "AWS::EC2::EIP",
698
- "Properties": {
699
- "Domain": "vpc",
700
- "Tags": [
701
- {
702
- "Key": "Name",
703
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet1"
704
- }
705
- ]
706
- }
707
- },
708
- "VpcPublicSubnet1NATGateway4D7517AA": {
709
- "Type": "AWS::EC2::NatGateway",
710
- "Properties": {
711
- "AllocationId": {
712
- "Fn::GetAtt": [
713
- "VpcPublicSubnet1EIPD7E02669",
714
- "AllocationId"
715
- ]
716
- },
717
- "SubnetId": {
718
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
719
- },
720
- "Tags": [
721
- {
722
- "Key": "Name",
723
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet1"
724
- }
725
- ]
726
- },
727
- "DependsOn": [
728
- "VpcPublicSubnet1DefaultRoute3DA9E72A",
729
- "VpcPublicSubnet1RouteTableAssociation97140677"
730
- ]
731
- },
732
- "VpcPublicSubnet2Subnet691E08A3": {
733
- "Type": "AWS::EC2::Subnet",
734
- "Properties": {
735
- "AvailabilityZone": "test-region-1b",
736
- "CidrBlock": "10.0.32.0/19",
737
- "MapPublicIpOnLaunch": true,
738
- "Tags": [
739
- {
740
- "Key": "aws-cdk:subnet-name",
741
- "Value": "Public"
742
- },
743
- {
744
- "Key": "aws-cdk:subnet-type",
745
- "Value": "Public"
746
- },
747
- {
748
- "Key": "Name",
749
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet2"
750
- }
751
- ],
752
- "VpcId": {
753
- "Ref": "Vpc8378EB38"
754
- }
755
- },
756
- "Metadata": {
757
- "cfn_nag": {
758
- "rules_to_suppress": [
759
- {
760
- "id": "W33",
761
- "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
762
- }
763
- ]
764
- }
765
- }
766
- },
767
- "VpcPublicSubnet2RouteTable94F7E489": {
768
- "Type": "AWS::EC2::RouteTable",
769
- "Properties": {
770
- "Tags": [
771
- {
772
- "Key": "Name",
773
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet2"
774
- }
775
- ],
776
- "VpcId": {
777
- "Ref": "Vpc8378EB38"
778
- }
779
- }
780
- },
781
- "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
782
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
783
- "Properties": {
784
- "RouteTableId": {
785
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
786
- },
787
- "SubnetId": {
788
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
789
- }
790
- }
791
- },
792
- "VpcPublicSubnet2DefaultRoute97F91067": {
793
- "Type": "AWS::EC2::Route",
794
- "Properties": {
795
- "DestinationCidrBlock": "0.0.0.0/0",
796
- "GatewayId": {
797
- "Ref": "VpcIGWD7BA715C"
798
- },
799
- "RouteTableId": {
800
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
801
- }
802
- },
803
- "DependsOn": [
804
- "VpcVPCGWBF912B6E"
805
- ]
806
- },
807
- "VpcPublicSubnet2EIP3C605A87": {
808
- "Type": "AWS::EC2::EIP",
809
- "Properties": {
810
- "Domain": "vpc",
811
- "Tags": [
812
- {
813
- "Key": "Name",
814
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet2"
815
- }
816
- ]
817
- }
818
- },
819
- "VpcPublicSubnet2NATGateway9182C01D": {
820
- "Type": "AWS::EC2::NatGateway",
821
- "Properties": {
822
- "AllocationId": {
823
- "Fn::GetAtt": [
824
- "VpcPublicSubnet2EIP3C605A87",
825
- "AllocationId"
826
- ]
827
- },
828
- "SubnetId": {
829
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
830
- },
831
- "Tags": [
832
- {
833
- "Key": "Name",
834
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet2"
835
- }
836
- ]
837
- },
838
- "DependsOn": [
839
- "VpcPublicSubnet2DefaultRoute97F91067",
840
- "VpcPublicSubnet2RouteTableAssociationDD5762D8"
841
- ]
842
- },
843
- "VpcPublicSubnet3SubnetBE12F0B6": {
844
- "Type": "AWS::EC2::Subnet",
845
- "Properties": {
846
- "AvailabilityZone": "test-region-1c",
847
- "CidrBlock": "10.0.64.0/19",
848
- "MapPublicIpOnLaunch": true,
849
- "Tags": [
850
- {
851
- "Key": "aws-cdk:subnet-name",
852
- "Value": "Public"
853
- },
854
- {
855
- "Key": "aws-cdk:subnet-type",
856
- "Value": "Public"
857
- },
858
- {
859
- "Key": "Name",
860
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet3"
861
- }
862
- ],
863
- "VpcId": {
864
- "Ref": "Vpc8378EB38"
865
- }
866
- },
867
- "Metadata": {
868
- "cfn_nag": {
869
- "rules_to_suppress": [
870
- {
871
- "id": "W33",
872
- "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
873
- }
874
- ]
875
- }
876
- }
877
- },
878
- "VpcPublicSubnet3RouteTable93458DBB": {
879
- "Type": "AWS::EC2::RouteTable",
880
- "Properties": {
881
- "Tags": [
882
- {
883
- "Key": "Name",
884
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet3"
885
- }
886
- ],
887
- "VpcId": {
888
- "Ref": "Vpc8378EB38"
889
- }
890
- }
891
- },
892
- "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
893
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
894
- "Properties": {
895
- "RouteTableId": {
896
- "Ref": "VpcPublicSubnet3RouteTable93458DBB"
897
- },
898
- "SubnetId": {
899
- "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
900
- }
901
- }
902
- },
903
- "VpcPublicSubnet3DefaultRoute4697774F": {
904
- "Type": "AWS::EC2::Route",
905
- "Properties": {
906
- "DestinationCidrBlock": "0.0.0.0/0",
907
- "GatewayId": {
908
- "Ref": "VpcIGWD7BA715C"
909
- },
910
- "RouteTableId": {
911
- "Ref": "VpcPublicSubnet3RouteTable93458DBB"
912
- }
913
- },
914
- "DependsOn": [
915
- "VpcVPCGWBF912B6E"
916
- ]
917
- },
918
- "VpcPublicSubnet3EIP3A666A23": {
919
- "Type": "AWS::EC2::EIP",
920
- "Properties": {
921
- "Domain": "vpc",
922
- "Tags": [
923
- {
924
- "Key": "Name",
925
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet3"
926
- }
927
- ]
928
- }
929
- },
930
- "VpcPublicSubnet3NATGateway7640CD1D": {
931
- "Type": "AWS::EC2::NatGateway",
932
- "Properties": {
933
- "AllocationId": {
934
- "Fn::GetAtt": [
935
- "VpcPublicSubnet3EIP3A666A23",
936
- "AllocationId"
937
- ]
938
- },
939
- "SubnetId": {
940
- "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
941
- },
942
- "Tags": [
943
- {
944
- "Key": "Name",
945
- "Value": "alblam-publicApiNewResources/Vpc/PublicSubnet3"
946
- }
947
- ]
948
- },
949
- "DependsOn": [
950
- "VpcPublicSubnet3DefaultRoute4697774F",
951
- "VpcPublicSubnet3RouteTableAssociation1F1EDF02"
952
- ]
953
- },
954
- "VpcPrivateSubnet1Subnet536B997A": {
955
- "Type": "AWS::EC2::Subnet",
956
- "Properties": {
957
- "AvailabilityZone": "test-region-1a",
958
- "CidrBlock": "10.0.96.0/19",
959
- "MapPublicIpOnLaunch": false,
960
- "Tags": [
961
- {
962
- "Key": "aws-cdk:subnet-name",
963
- "Value": "Private"
964
- },
965
- {
966
- "Key": "aws-cdk:subnet-type",
967
- "Value": "Private"
968
- },
969
- {
970
- "Key": "Name",
971
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet1"
972
- }
973
- ],
974
- "VpcId": {
975
- "Ref": "Vpc8378EB38"
976
- }
977
- }
978
- },
979
- "VpcPrivateSubnet1RouteTableB2C5B500": {
980
- "Type": "AWS::EC2::RouteTable",
981
- "Properties": {
982
- "Tags": [
983
- {
984
- "Key": "Name",
985
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet1"
986
- }
987
- ],
988
- "VpcId": {
989
- "Ref": "Vpc8378EB38"
990
- }
991
- }
992
- },
993
- "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
994
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
995
- "Properties": {
996
- "RouteTableId": {
997
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
998
- },
999
- "SubnetId": {
1000
- "Ref": "VpcPrivateSubnet1Subnet536B997A"
1001
- }
1002
- }
1003
- },
1004
- "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
1005
- "Type": "AWS::EC2::Route",
1006
- "Properties": {
1007
- "DestinationCidrBlock": "0.0.0.0/0",
1008
- "NatGatewayId": {
1009
- "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
1010
- },
1011
- "RouteTableId": {
1012
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
1013
- }
1014
- }
1015
- },
1016
- "VpcPrivateSubnet2Subnet3788AAA1": {
1017
- "Type": "AWS::EC2::Subnet",
1018
- "Properties": {
1019
- "AvailabilityZone": "test-region-1b",
1020
- "CidrBlock": "10.0.128.0/19",
1021
- "MapPublicIpOnLaunch": false,
1022
- "Tags": [
1023
- {
1024
- "Key": "aws-cdk:subnet-name",
1025
- "Value": "Private"
1026
- },
1027
- {
1028
- "Key": "aws-cdk:subnet-type",
1029
- "Value": "Private"
1030
- },
1031
- {
1032
- "Key": "Name",
1033
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet2"
1034
- }
1035
- ],
1036
- "VpcId": {
1037
- "Ref": "Vpc8378EB38"
1038
- }
1039
- }
1040
- },
1041
- "VpcPrivateSubnet2RouteTableA678073B": {
1042
- "Type": "AWS::EC2::RouteTable",
1043
- "Properties": {
1044
- "Tags": [
1045
- {
1046
- "Key": "Name",
1047
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet2"
1048
- }
1049
- ],
1050
- "VpcId": {
1051
- "Ref": "Vpc8378EB38"
1052
- }
1053
- }
1054
- },
1055
- "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
1056
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
1057
- "Properties": {
1058
- "RouteTableId": {
1059
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
1060
- },
1061
- "SubnetId": {
1062
- "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
1063
- }
1064
- }
1065
- },
1066
- "VpcPrivateSubnet2DefaultRoute060D2087": {
1067
- "Type": "AWS::EC2::Route",
1068
- "Properties": {
1069
- "DestinationCidrBlock": "0.0.0.0/0",
1070
- "NatGatewayId": {
1071
- "Ref": "VpcPublicSubnet2NATGateway9182C01D"
1072
- },
1073
- "RouteTableId": {
1074
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
1075
- }
1076
- }
1077
- },
1078
- "VpcPrivateSubnet3SubnetF258B56E": {
1079
- "Type": "AWS::EC2::Subnet",
1080
- "Properties": {
1081
- "AvailabilityZone": "test-region-1c",
1082
- "CidrBlock": "10.0.160.0/19",
1083
- "MapPublicIpOnLaunch": false,
1084
- "Tags": [
1085
- {
1086
- "Key": "aws-cdk:subnet-name",
1087
- "Value": "Private"
1088
- },
1089
- {
1090
- "Key": "aws-cdk:subnet-type",
1091
- "Value": "Private"
1092
- },
1093
- {
1094
- "Key": "Name",
1095
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet3"
1096
- }
1097
- ],
1098
- "VpcId": {
1099
- "Ref": "Vpc8378EB38"
1100
- }
1101
- }
1102
- },
1103
- "VpcPrivateSubnet3RouteTableD98824C7": {
1104
- "Type": "AWS::EC2::RouteTable",
1105
- "Properties": {
1106
- "Tags": [
1107
- {
1108
- "Key": "Name",
1109
- "Value": "alblam-publicApiNewResources/Vpc/PrivateSubnet3"
1110
- }
1111
- ],
1112
- "VpcId": {
1113
- "Ref": "Vpc8378EB38"
1114
- }
1115
- }
1116
- },
1117
- "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
1118
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
1119
- "Properties": {
1120
- "RouteTableId": {
1121
- "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
1122
- },
1123
- "SubnetId": {
1124
- "Ref": "VpcPrivateSubnet3SubnetF258B56E"
1125
- }
1126
- }
1127
- },
1128
- "VpcPrivateSubnet3DefaultRoute94B74F0D": {
1129
- "Type": "AWS::EC2::Route",
1130
- "Properties": {
1131
- "DestinationCidrBlock": "0.0.0.0/0",
1132
- "NatGatewayId": {
1133
- "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
1134
- },
1135
- "RouteTableId": {
1136
- "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
1137
- }
1138
- }
1139
- },
1140
- "VpcIGWD7BA715C": {
1141
- "Type": "AWS::EC2::InternetGateway",
1142
- "Properties": {
1143
- "Tags": [
1144
- {
1145
- "Key": "Name",
1146
- "Value": "alblam-publicApiNewResources/Vpc"
1147
- }
1148
- ]
1149
- }
1150
- },
1151
- "VpcVPCGWBF912B6E": {
1152
- "Type": "AWS::EC2::VPCGatewayAttachment",
1153
- "Properties": {
1154
- "InternetGatewayId": {
1155
- "Ref": "VpcIGWD7BA715C"
1156
- },
1157
- "VpcId": {
1158
- "Ref": "Vpc8378EB38"
1159
- }
1160
- }
1161
- },
1162
- "VpcFlowLogIAMRole6A475D41": {
1163
- "Type": "AWS::IAM::Role",
1164
- "Properties": {
1165
- "AssumeRolePolicyDocument": {
1166
- "Statement": [
1167
- {
1168
- "Action": "sts:AssumeRole",
1169
- "Effect": "Allow",
1170
- "Principal": {
1171
- "Service": "vpc-flow-logs.amazonaws.com"
1172
- }
1173
- }
1174
- ],
1175
- "Version": "2012-10-17"
1176
- },
1177
- "Tags": [
1178
- {
1179
- "Key": "Name",
1180
- "Value": "alblam-publicApiNewResources/Vpc/FlowLog"
1181
- }
1182
- ]
1183
- }
1184
- },
1185
- "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
1186
- "Type": "AWS::IAM::Policy",
1187
- "Properties": {
1188
- "PolicyDocument": {
1189
- "Statement": [
1190
- {
1191
- "Action": [
1192
- "logs:CreateLogStream",
1193
- "logs:PutLogEvents",
1194
- "logs:DescribeLogStreams"
1195
- ],
1196
- "Effect": "Allow",
1197
- "Resource": {
1198
- "Fn::GetAtt": [
1199
- "VpcFlowLogLogGroup7B5C56B9",
1200
- "Arn"
1201
- ]
1202
- }
1203
- },
1204
- {
1205
- "Action": "iam:PassRole",
1206
- "Effect": "Allow",
1207
- "Resource": {
1208
- "Fn::GetAtt": [
1209
- "VpcFlowLogIAMRole6A475D41",
1210
- "Arn"
1211
- ]
1212
- }
1213
- }
1214
- ],
1215
- "Version": "2012-10-17"
1216
- },
1217
- "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
1218
- "Roles": [
1219
- {
1220
- "Ref": "VpcFlowLogIAMRole6A475D41"
1221
- }
1222
- ]
1223
- }
1224
- },
1225
- "VpcFlowLogLogGroup7B5C56B9": {
1226
- "Type": "AWS::Logs::LogGroup",
1227
- "Properties": {
1228
- "RetentionInDays": 731,
1229
- "Tags": [
1230
- {
1231
- "Key": "Name",
1232
- "Value": "alblam-publicApiNewResources/Vpc/FlowLog"
1233
- }
1234
- ]
1235
- },
1236
- "UpdateReplacePolicy": "Retain",
1237
- "DeletionPolicy": "Retain",
1238
- "Metadata": {
1239
- "cfn_nag": {
1240
- "rules_to_suppress": [
1241
- {
1242
- "id": "W84",
1243
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
1244
- }
1245
- ]
1246
- }
1247
- }
1248
- },
1249
- "VpcFlowLog8FF33A73": {
1250
- "Type": "AWS::EC2::FlowLog",
1251
- "Properties": {
1252
- "DeliverLogsPermissionArn": {
1253
- "Fn::GetAtt": [
1254
- "VpcFlowLogIAMRole6A475D41",
1255
- "Arn"
1256
- ]
1257
- },
1258
- "LogDestinationType": "cloud-watch-logs",
1259
- "LogGroupName": {
1260
- "Ref": "VpcFlowLogLogGroup7B5C56B9"
1261
- },
1262
- "ResourceId": {
1263
- "Ref": "Vpc8378EB38"
1264
- },
1265
- "ResourceType": "VPC",
1266
- "Tags": [
1267
- {
1268
- "Key": "Name",
1269
- "Value": "alblam-publicApiNewResources/Vpc/FlowLog"
1270
- }
1271
- ],
1272
- "TrafficType": "ALL"
1273
- }
1274
- },
1275
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
1276
- "Type": "AWS::IAM::Role",
1277
- "Properties": {
1278
- "AssumeRolePolicyDocument": {
1279
- "Version": "2012-10-17",
1280
- "Statement": [
1281
- {
1282
- "Action": "sts:AssumeRole",
1283
- "Effect": "Allow",
1284
- "Principal": {
1285
- "Service": "lambda.amazonaws.com"
1286
- }
1287
- }
1288
- ]
1289
- },
1290
- "ManagedPolicyArns": [
1291
- {
1292
- "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
1293
- }
1294
- ]
1295
- }
1296
- },
1297
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
1298
- "Type": "AWS::Lambda::Function",
1299
- "Properties": {
1300
- "Code": {
1301
- "S3Bucket": {
1302
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
1303
- },
1304
- "S3Key": "b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6.zip"
1305
- },
1306
- "Timeout": 900,
1307
- "MemorySize": 128,
1308
- "Handler": "index.handler",
1309
- "Role": {
1310
- "Fn::GetAtt": [
1311
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1312
- "Arn"
1313
- ]
1314
- },
1315
- "Runtime": "nodejs18.x",
1316
- "Description": {
1317
- "Fn::Join": [
1318
- "",
1319
- [
1320
- "Lambda function for auto-deleting objects in ",
1321
- {
1322
- "Ref": "testoneE6ACFBB6"
1323
- },
1324
- " S3 bucket."
1325
- ]
1326
- ]
1327
- }
1328
- },
1329
- "DependsOn": [
1330
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
1331
- ],
1332
- "Metadata": {
1333
- "cfn_nag": {
1334
- "rules_to_suppress": [
1335
- {
1336
- "id": "W58",
1337
- "reason": "CDK generated custom resource"
1338
- },
1339
- {
1340
- "id": "W89",
1341
- "reason": "CDK generated custom resource"
1342
- },
1343
- {
1344
- "id": "W92",
1345
- "reason": "CDK generated custom resource"
1346
- }
1347
- ]
1348
- }
1349
- }
1350
- }
1351
- },
1352
- "Parameters": {
1353
- "BootstrapVersion": {
1354
- "Type": "AWS::SSM::Parameter::Value<String>",
1355
- "Default": "/cdk-bootstrap/hnb659fds/version",
1356
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1357
- }
1358
- },
1359
- "Rules": {
1360
- "CheckBootstrapVersion": {
1361
- "Assertions": [
1362
- {
1363
- "Assert": {
1364
- "Fn::Not": [
1365
- {
1366
- "Fn::Contains": [
1367
- [
1368
- "1",
1369
- "2",
1370
- "3",
1371
- "4",
1372
- "5"
1373
- ],
1374
- {
1375
- "Ref": "BootstrapVersion"
1376
- }
1377
- ]
1378
- }
1379
- ]
1380
- },
1381
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1382
- }
1383
- ]
1384
- }
1385
- }
1386
- }