@aws-solutions-constructs/aws-alb-lambda 2.51.0 → 2.52.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +49 -4
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +10 -9
  6. package/test/integ.alblam-privateApiExistingResources.js +7 -3
  7. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.assets.json +62 -0
  8. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblam-privateApiExistingResources.template.json +1332 -0
  9. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.assets.json +19 -0
  10. package/test/integ.alblam-privateApiExistingResources.js.snapshot/alblamprivateApiExistingResourcesIntegDefaultTestDeployAssertC865AE59.template.json +36 -0
  11. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  12. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  13. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  14. package/test/integ.alblam-privateApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  15. package/test/integ.alblam-privateApiExistingResources.js.snapshot/cdk.out +1 -0
  16. package/test/integ.alblam-privateApiExistingResources.js.snapshot/integ.json +12 -0
  17. package/test/integ.alblam-privateApiExistingResources.js.snapshot/manifest.json +371 -0
  18. package/test/integ.alblam-privateApiExistingResources.js.snapshot/tree.json +1708 -0
  19. package/test/integ.alblam-privateApiNewResources.js +7 -3
  20. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.assets.json +62 -0
  21. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblam-privateApiNewResources.template.json +1048 -0
  22. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.assets.json +19 -0
  23. package/test/integ.alblam-privateApiNewResources.js.snapshot/alblamprivateApiNewResourcesIntegDefaultTestDeployAssertB0CCE59F.template.json +36 -0
  24. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  25. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  26. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  27. package/test/integ.alblam-privateApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  28. package/test/integ.alblam-privateApiNewResources.js.snapshot/cdk.out +1 -0
  29. package/test/integ.alblam-privateApiNewResources.js.snapshot/integ.json +12 -0
  30. package/test/integ.alblam-privateApiNewResources.js.snapshot/manifest.json +275 -0
  31. package/test/integ.alblam-privateApiNewResources.js.snapshot/tree.json +1294 -0
  32. package/test/integ.alblam-publicApiExistingResources.js +7 -3
  33. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.assets.json +62 -0
  34. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblam-publicApiExistingResources.template.json +1332 -0
  35. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.assets.json +19 -0
  36. package/test/integ.alblam-publicApiExistingResources.js.snapshot/alblampublicApiExistingResourcesIntegDefaultTestDeployAssert22C8EEFD.template.json +36 -0
  37. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  38. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  39. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  40. package/test/integ.alblam-publicApiExistingResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  41. package/test/integ.alblam-publicApiExistingResources.js.snapshot/cdk.out +1 -0
  42. package/test/integ.alblam-publicApiExistingResources.js.snapshot/integ.json +12 -0
  43. package/test/integ.alblam-publicApiExistingResources.js.snapshot/manifest.json +371 -0
  44. package/test/integ.alblam-publicApiExistingResources.js.snapshot/tree.json +1708 -0
  45. package/test/integ.alblam-publicApiNewResources.js +7 -3
  46. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.assets.json +62 -0
  47. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblam-publicApiNewResources.template.json +1338 -0
  48. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.assets.json +19 -0
  49. package/test/integ.alblam-publicApiNewResources.js.snapshot/alblampublicApiNewResourcesIntegDefaultTestDeployAssert43CC63D2.template.json +36 -0
  50. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  51. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  52. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  53. package/test/integ.alblam-publicApiNewResources.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  54. package/test/integ.alblam-publicApiNewResources.js.snapshot/cdk.out +1 -0
  55. package/test/integ.alblam-publicApiNewResources.js.snapshot/integ.json +12 -0
  56. package/test/integ.alblam-publicApiNewResources.js.snapshot/manifest.json +371 -0
  57. package/test/integ.alblam-publicApiNewResources.js.snapshot/tree.json +1706 -0
  58. package/test/integ.alblam-twoTargets.js +7 -3
  59. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.assets.json +62 -0
  60. package/test/integ.alblam-twoTargets.js.snapshot/alblam-twoTargets.template.json +1598 -0
  61. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.assets.json +19 -0
  62. package/test/integ.alblam-twoTargets.js.snapshot/alblamtwoTargetsIntegDefaultTestDeployAssert4F811416.template.json +36 -0
  63. package/test/integ.alblam-twoTargets.js.snapshot/asset.7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79/index.js +8 -0
  64. package/test/integ.alblam-twoTargets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  65. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  66. package/test/integ.alblam-twoTargets.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  67. package/test/integ.alblam-twoTargets.js.snapshot/cdk.out +1 -0
  68. package/test/integ.alblam-twoTargets.js.snapshot/integ.json +12 -0
  69. package/test/integ.alblam-twoTargets.js.snapshot/manifest.json +413 -0
  70. package/test/integ.alblam-twoTargets.js.snapshot/tree.json +2067 -0
  71. package/test/integ.alblam-privateApiExistingResources.expected.json +0 -1378
  72. package/test/integ.alblam-privateApiNewResources.expected.json +0 -983
  73. package/test/integ.alblam-publicApiExistingResources.expected.json +0 -1378
  74. package/test/integ.alblam-publicApiNewResources.expected.json +0 -1386
  75. package/test/integ.alblam-twoTargets.expected.json +0 -1659
@@ -1,983 +0,0 @@
1
- {
2
- "Description": "Integration Test for HTTP API with a new function and ALB",
3
- "Resources": {
4
- "testonetestonealb4F263E42": {
5
- "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
6
- "Properties": {
7
- "LoadBalancerAttributes": [
8
- {
9
- "Key": "deletion_protection.enabled",
10
- "Value": "false"
11
- },
12
- {
13
- "Key": "access_logs.s3.enabled",
14
- "Value": "true"
15
- },
16
- {
17
- "Key": "access_logs.s3.bucket",
18
- "Value": {
19
- "Ref": "testoneE6ACFBB6"
20
- }
21
- },
22
- {
23
- "Key": "access_logs.s3.prefix",
24
- "Value": ""
25
- }
26
- ],
27
- "Scheme": "internal",
28
- "SecurityGroups": [
29
- {
30
- "Fn::GetAtt": [
31
- "testonetestonealbSecurityGroup4DED9E2A",
32
- "GroupId"
33
- ]
34
- }
35
- ],
36
- "Subnets": [
37
- {
38
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
39
- },
40
- {
41
- "Ref": "VpcisolatedSubnet2Subnet39217055"
42
- },
43
- {
44
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
45
- }
46
- ],
47
- "Type": "application"
48
- },
49
- "DependsOn": [
50
- "testonePolicyE30853FE"
51
- ]
52
- },
53
- "testonetestonealbSecurityGroup4DED9E2A": {
54
- "Type": "AWS::EC2::SecurityGroup",
55
- "Properties": {
56
- "GroupDescription": "Automatically created Security Group for ELB alblamprivateApiNewResourcestestonetestonealb8D3CF023",
57
- "SecurityGroupEgress": [
58
- {
59
- "CidrIp": "255.255.255.255/32",
60
- "Description": "Disallow all traffic",
61
- "FromPort": 252,
62
- "IpProtocol": "icmp",
63
- "ToPort": 86
64
- }
65
- ],
66
- "SecurityGroupIngress": [
67
- {
68
- "CidrIp": "0.0.0.0/0",
69
- "Description": "Allow from anyone on port 80",
70
- "FromPort": 80,
71
- "IpProtocol": "tcp",
72
- "ToPort": 80
73
- }
74
- ],
75
- "VpcId": {
76
- "Ref": "Vpc8378EB38"
77
- }
78
- },
79
- "Metadata": {
80
- "cfn_nag": {
81
- "rules_to_suppress": [
82
- {
83
- "id": "W29",
84
- "reason": "CDK created rule that blocks all traffic."
85
- },
86
- {
87
- "id": "W2",
88
- "reason": "Rule does not apply for ELB."
89
- },
90
- {
91
- "id": "W9",
92
- "reason": "Rule does not apply for ELB."
93
- }
94
- ]
95
- }
96
- }
97
- },
98
- "testoneE6ACFBB6": {
99
- "Type": "AWS::S3::Bucket",
100
- "Properties": {
101
- "BucketEncryption": {
102
- "ServerSideEncryptionConfiguration": [
103
- {
104
- "ServerSideEncryptionByDefault": {
105
- "SSEAlgorithm": "AES256"
106
- }
107
- }
108
- ]
109
- },
110
- "PublicAccessBlockConfiguration": {
111
- "BlockPublicAcls": true,
112
- "BlockPublicPolicy": true,
113
- "IgnorePublicAcls": true,
114
- "RestrictPublicBuckets": true
115
- },
116
- "Tags": [
117
- {
118
- "Key": "aws-cdk:auto-delete-objects",
119
- "Value": "true"
120
- }
121
- ],
122
- "VersioningConfiguration": {
123
- "Status": "Enabled"
124
- }
125
- },
126
- "UpdateReplacePolicy": "Delete",
127
- "DeletionPolicy": "Delete",
128
- "Metadata": {
129
- "cfn_nag": {
130
- "rules_to_suppress": [
131
- {
132
- "id": "W35",
133
- "reason": "This is a log bucket for an Application Load Balancer"
134
- }
135
- ]
136
- }
137
- }
138
- },
139
- "testonePolicyE30853FE": {
140
- "Type": "AWS::S3::BucketPolicy",
141
- "Properties": {
142
- "Bucket": {
143
- "Ref": "testoneE6ACFBB6"
144
- },
145
- "PolicyDocument": {
146
- "Statement": [
147
- {
148
- "Action": "s3:*",
149
- "Condition": {
150
- "Bool": {
151
- "aws:SecureTransport": "false"
152
- }
153
- },
154
- "Effect": "Deny",
155
- "Principal": {
156
- "AWS": "*"
157
- },
158
- "Resource": [
159
- {
160
- "Fn::GetAtt": [
161
- "testoneE6ACFBB6",
162
- "Arn"
163
- ]
164
- },
165
- {
166
- "Fn::Join": [
167
- "",
168
- [
169
- {
170
- "Fn::GetAtt": [
171
- "testoneE6ACFBB6",
172
- "Arn"
173
- ]
174
- },
175
- "/*"
176
- ]
177
- ]
178
- }
179
- ]
180
- },
181
- {
182
- "Action": [
183
- "s3:PutBucketPolicy",
184
- "s3:GetBucket*",
185
- "s3:List*",
186
- "s3:DeleteObject*"
187
- ],
188
- "Effect": "Allow",
189
- "Principal": {
190
- "AWS": {
191
- "Fn::GetAtt": [
192
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
193
- "Arn"
194
- ]
195
- }
196
- },
197
- "Resource": [
198
- {
199
- "Fn::GetAtt": [
200
- "testoneE6ACFBB6",
201
- "Arn"
202
- ]
203
- },
204
- {
205
- "Fn::Join": [
206
- "",
207
- [
208
- {
209
- "Fn::GetAtt": [
210
- "testoneE6ACFBB6",
211
- "Arn"
212
- ]
213
- },
214
- "/*"
215
- ]
216
- ]
217
- }
218
- ]
219
- },
220
- {
221
- "Action": "s3:PutObject",
222
- "Effect": "Allow",
223
- "Principal": {
224
- "AWS": {
225
- "Fn::Join": [
226
- "",
227
- [
228
- "arn:",
229
- {
230
- "Ref": "AWS::Partition"
231
- },
232
- ":iam::127311923021:root"
233
- ]
234
- ]
235
- }
236
- },
237
- "Resource": {
238
- "Fn::Join": [
239
- "",
240
- [
241
- {
242
- "Fn::GetAtt": [
243
- "testoneE6ACFBB6",
244
- "Arn"
245
- ]
246
- },
247
- "/AWSLogs/",
248
- {
249
- "Ref": "AWS::AccountId"
250
- },
251
- "/*"
252
- ]
253
- ]
254
- }
255
- },
256
- {
257
- "Action": "s3:PutObject",
258
- "Condition": {
259
- "StringEquals": {
260
- "s3:x-amz-acl": "bucket-owner-full-control"
261
- }
262
- },
263
- "Effect": "Allow",
264
- "Principal": {
265
- "Service": "delivery.logs.amazonaws.com"
266
- },
267
- "Resource": {
268
- "Fn::Join": [
269
- "",
270
- [
271
- {
272
- "Fn::GetAtt": [
273
- "testoneE6ACFBB6",
274
- "Arn"
275
- ]
276
- },
277
- "/AWSLogs/",
278
- {
279
- "Ref": "AWS::AccountId"
280
- },
281
- "/*"
282
- ]
283
- ]
284
- }
285
- },
286
- {
287
- "Action": "s3:GetBucketAcl",
288
- "Effect": "Allow",
289
- "Principal": {
290
- "Service": "delivery.logs.amazonaws.com"
291
- },
292
- "Resource": {
293
- "Fn::GetAtt": [
294
- "testoneE6ACFBB6",
295
- "Arn"
296
- ]
297
- }
298
- }
299
- ],
300
- "Version": "2012-10-17"
301
- }
302
- }
303
- },
304
- "testoneAutoDeleteObjectsCustomResourceEDE3D2FC": {
305
- "Type": "Custom::S3AutoDeleteObjects",
306
- "Properties": {
307
- "ServiceToken": {
308
- "Fn::GetAtt": [
309
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
310
- "Arn"
311
- ]
312
- },
313
- "BucketName": {
314
- "Ref": "testoneE6ACFBB6"
315
- }
316
- },
317
- "DependsOn": [
318
- "testonePolicyE30853FE"
319
- ],
320
- "UpdateReplacePolicy": "Delete",
321
- "DeletionPolicy": "Delete"
322
- },
323
- "testoneLambdaFunctionServiceRoleE92573D3": {
324
- "Type": "AWS::IAM::Role",
325
- "Properties": {
326
- "AssumeRolePolicyDocument": {
327
- "Statement": [
328
- {
329
- "Action": "sts:AssumeRole",
330
- "Effect": "Allow",
331
- "Principal": {
332
- "Service": "lambda.amazonaws.com"
333
- }
334
- }
335
- ],
336
- "Version": "2012-10-17"
337
- },
338
- "Policies": [
339
- {
340
- "PolicyDocument": {
341
- "Statement": [
342
- {
343
- "Action": [
344
- "logs:CreateLogGroup",
345
- "logs:CreateLogStream",
346
- "logs:PutLogEvents"
347
- ],
348
- "Effect": "Allow",
349
- "Resource": {
350
- "Fn::Join": [
351
- "",
352
- [
353
- "arn:",
354
- {
355
- "Ref": "AWS::Partition"
356
- },
357
- ":logs:",
358
- {
359
- "Ref": "AWS::Region"
360
- },
361
- ":",
362
- {
363
- "Ref": "AWS::AccountId"
364
- },
365
- ":log-group:/aws/lambda/*"
366
- ]
367
- ]
368
- }
369
- }
370
- ],
371
- "Version": "2012-10-17"
372
- },
373
- "PolicyName": "LambdaFunctionServiceRolePolicy"
374
- }
375
- ]
376
- }
377
- },
378
- "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173": {
379
- "Type": "AWS::IAM::Policy",
380
- "Properties": {
381
- "PolicyDocument": {
382
- "Statement": [
383
- {
384
- "Action": [
385
- "ec2:CreateNetworkInterface",
386
- "ec2:DescribeNetworkInterfaces",
387
- "ec2:DeleteNetworkInterface",
388
- "ec2:AssignPrivateIpAddresses",
389
- "ec2:UnassignPrivateIpAddresses"
390
- ],
391
- "Effect": "Allow",
392
- "Resource": "*"
393
- },
394
- {
395
- "Action": [
396
- "xray:PutTraceSegments",
397
- "xray:PutTelemetryRecords"
398
- ],
399
- "Effect": "Allow",
400
- "Resource": "*"
401
- }
402
- ],
403
- "Version": "2012-10-17"
404
- },
405
- "PolicyName": "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173",
406
- "Roles": [
407
- {
408
- "Ref": "testoneLambdaFunctionServiceRoleE92573D3"
409
- }
410
- ]
411
- },
412
- "Metadata": {
413
- "cfn_nag": {
414
- "rules_to_suppress": [
415
- {
416
- "id": "W12",
417
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
418
- }
419
- ]
420
- }
421
- }
422
- },
423
- "testoneReplaceDefaultSecurityGroupsecuritygroupE46270FE": {
424
- "Type": "AWS::EC2::SecurityGroup",
425
- "Properties": {
426
- "GroupDescription": "alblam-privateApiNewResources/test-one/ReplaceDefaultSecurityGroup-security-group",
427
- "SecurityGroupEgress": [
428
- {
429
- "CidrIp": "0.0.0.0/0",
430
- "Description": "Allow all outbound traffic by default",
431
- "IpProtocol": "-1"
432
- }
433
- ],
434
- "VpcId": {
435
- "Ref": "Vpc8378EB38"
436
- }
437
- },
438
- "Metadata": {
439
- "cfn_nag": {
440
- "rules_to_suppress": [
441
- {
442
- "id": "W5",
443
- "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
444
- },
445
- {
446
- "id": "W40",
447
- "reason": "Egress IPProtocol of -1 is default and generally considered OK"
448
- }
449
- ]
450
- }
451
- }
452
- },
453
- "testoneLambdaFunctionCC9B03E1": {
454
- "Type": "AWS::Lambda::Function",
455
- "Properties": {
456
- "Code": {
457
- "S3Bucket": {
458
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
459
- },
460
- "S3Key": "7caf594b8ad91abecca72f7f10a23a5cf446d05dc00d6194619935e7e3fd5a79.zip"
461
- },
462
- "Environment": {
463
- "Variables": {
464
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
465
- }
466
- },
467
- "Handler": "index.handler",
468
- "Role": {
469
- "Fn::GetAtt": [
470
- "testoneLambdaFunctionServiceRoleE92573D3",
471
- "Arn"
472
- ]
473
- },
474
- "Runtime": "nodejs16.x",
475
- "TracingConfig": {
476
- "Mode": "Active"
477
- },
478
- "VpcConfig": {
479
- "SecurityGroupIds": [
480
- {
481
- "Fn::GetAtt": [
482
- "testoneReplaceDefaultSecurityGroupsecuritygroupE46270FE",
483
- "GroupId"
484
- ]
485
- }
486
- ],
487
- "SubnetIds": [
488
- {
489
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
490
- },
491
- {
492
- "Ref": "VpcisolatedSubnet2Subnet39217055"
493
- },
494
- {
495
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
496
- }
497
- ]
498
- }
499
- },
500
- "DependsOn": [
501
- "testoneLambdaFunctionServiceRoleDefaultPolicy6025A173",
502
- "testoneLambdaFunctionServiceRoleE92573D3",
503
- "VpcisolatedSubnet1RouteTableAssociationD259E31A",
504
- "VpcisolatedSubnet2RouteTableAssociation25A4716F",
505
- "VpcisolatedSubnet3RouteTableAssociationDC010BEB"
506
- ],
507
- "Metadata": {
508
- "cfn_nag": {
509
- "rules_to_suppress": [
510
- {
511
- "id": "W58",
512
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
513
- },
514
- {
515
- "id": "W89",
516
- "reason": "This is not a rule for the general case, just for specific use cases/industries"
517
- },
518
- {
519
- "id": "W92",
520
- "reason": "Impossible for us to define the correct concurrency for clients"
521
- }
522
- ]
523
- }
524
- }
525
- },
526
- "testoneLambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HY508A8518": {
527
- "Type": "AWS::Lambda::Permission",
528
- "Properties": {
529
- "Action": "lambda:InvokeFunction",
530
- "FunctionName": {
531
- "Fn::GetAtt": [
532
- "testoneLambdaFunctionCC9B03E1",
533
- "Arn"
534
- ]
535
- },
536
- "Principal": "elasticloadbalancing.amazonaws.com"
537
- },
538
- "DependsOn": [
539
- "VpcisolatedSubnet1RouteTableAssociationD259E31A",
540
- "VpcisolatedSubnet2RouteTableAssociation25A4716F",
541
- "VpcisolatedSubnet3RouteTableAssociationDC010BEB"
542
- ]
543
- },
544
- "testonetestonelistener51CF582F": {
545
- "Type": "AWS::ElasticLoadBalancingV2::Listener",
546
- "Properties": {
547
- "DefaultActions": [
548
- {
549
- "TargetGroupArn": {
550
- "Ref": "testonetg2tg6459EC7C"
551
- },
552
- "Type": "forward"
553
- }
554
- ],
555
- "LoadBalancerArn": {
556
- "Ref": "testonetestonealb4F263E42"
557
- },
558
- "Port": 80,
559
- "Protocol": "HTTP"
560
- },
561
- "DependsOn": [
562
- "testonetg2tg6459EC7C"
563
- ],
564
- "Metadata": {
565
- "cfn_nag": {
566
- "rules_to_suppress": [
567
- {
568
- "id": "W56",
569
- "reason": "All integration tests must be HTTP because of certificate limitations."
570
- }
571
- ]
572
- }
573
- }
574
- },
575
- "testonetg2tg6459EC7C": {
576
- "Type": "AWS::ElasticLoadBalancingV2::TargetGroup",
577
- "Properties": {
578
- "TargetType": "lambda",
579
- "Targets": [
580
- {
581
- "Id": {
582
- "Fn::GetAtt": [
583
- "testoneLambdaFunctionCC9B03E1",
584
- "Arn"
585
- ]
586
- }
587
- }
588
- ]
589
- },
590
- "DependsOn": [
591
- "testoneLambdaFunctionInvoke2UTWxhlfyqbT5FTn5jvgbLgjFfJwzswGk55DU1HY508A8518"
592
- ]
593
- },
594
- "Vpc8378EB38": {
595
- "Type": "AWS::EC2::VPC",
596
- "Properties": {
597
- "CidrBlock": "10.0.0.0/16",
598
- "EnableDnsHostnames": true,
599
- "EnableDnsSupport": true,
600
- "InstanceTenancy": "default",
601
- "Tags": [
602
- {
603
- "Key": "Name",
604
- "Value": "alblam-privateApiNewResources/Vpc"
605
- }
606
- ]
607
- }
608
- },
609
- "VpcisolatedSubnet1SubnetE62B1B9B": {
610
- "Type": "AWS::EC2::Subnet",
611
- "Properties": {
612
- "AvailabilityZone": "test-region-1a",
613
- "CidrBlock": "10.0.0.0/18",
614
- "MapPublicIpOnLaunch": false,
615
- "Tags": [
616
- {
617
- "Key": "aws-cdk:subnet-name",
618
- "Value": "isolated"
619
- },
620
- {
621
- "Key": "aws-cdk:subnet-type",
622
- "Value": "Isolated"
623
- },
624
- {
625
- "Key": "Name",
626
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet1"
627
- }
628
- ],
629
- "VpcId": {
630
- "Ref": "Vpc8378EB38"
631
- }
632
- }
633
- },
634
- "VpcisolatedSubnet1RouteTableE442650B": {
635
- "Type": "AWS::EC2::RouteTable",
636
- "Properties": {
637
- "Tags": [
638
- {
639
- "Key": "Name",
640
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet1"
641
- }
642
- ],
643
- "VpcId": {
644
- "Ref": "Vpc8378EB38"
645
- }
646
- }
647
- },
648
- "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
649
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
650
- "Properties": {
651
- "RouteTableId": {
652
- "Ref": "VpcisolatedSubnet1RouteTableE442650B"
653
- },
654
- "SubnetId": {
655
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
656
- }
657
- }
658
- },
659
- "VpcisolatedSubnet2Subnet39217055": {
660
- "Type": "AWS::EC2::Subnet",
661
- "Properties": {
662
- "AvailabilityZone": "test-region-1b",
663
- "CidrBlock": "10.0.64.0/18",
664
- "MapPublicIpOnLaunch": false,
665
- "Tags": [
666
- {
667
- "Key": "aws-cdk:subnet-name",
668
- "Value": "isolated"
669
- },
670
- {
671
- "Key": "aws-cdk:subnet-type",
672
- "Value": "Isolated"
673
- },
674
- {
675
- "Key": "Name",
676
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet2"
677
- }
678
- ],
679
- "VpcId": {
680
- "Ref": "Vpc8378EB38"
681
- }
682
- }
683
- },
684
- "VpcisolatedSubnet2RouteTable334F9764": {
685
- "Type": "AWS::EC2::RouteTable",
686
- "Properties": {
687
- "Tags": [
688
- {
689
- "Key": "Name",
690
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet2"
691
- }
692
- ],
693
- "VpcId": {
694
- "Ref": "Vpc8378EB38"
695
- }
696
- }
697
- },
698
- "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
699
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
700
- "Properties": {
701
- "RouteTableId": {
702
- "Ref": "VpcisolatedSubnet2RouteTable334F9764"
703
- },
704
- "SubnetId": {
705
- "Ref": "VpcisolatedSubnet2Subnet39217055"
706
- }
707
- }
708
- },
709
- "VpcisolatedSubnet3Subnet44F2537D": {
710
- "Type": "AWS::EC2::Subnet",
711
- "Properties": {
712
- "AvailabilityZone": "test-region-1c",
713
- "CidrBlock": "10.0.128.0/18",
714
- "MapPublicIpOnLaunch": false,
715
- "Tags": [
716
- {
717
- "Key": "aws-cdk:subnet-name",
718
- "Value": "isolated"
719
- },
720
- {
721
- "Key": "aws-cdk:subnet-type",
722
- "Value": "Isolated"
723
- },
724
- {
725
- "Key": "Name",
726
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet3"
727
- }
728
- ],
729
- "VpcId": {
730
- "Ref": "Vpc8378EB38"
731
- }
732
- }
733
- },
734
- "VpcisolatedSubnet3RouteTableA2F6BBC0": {
735
- "Type": "AWS::EC2::RouteTable",
736
- "Properties": {
737
- "Tags": [
738
- {
739
- "Key": "Name",
740
- "Value": "alblam-privateApiNewResources/Vpc/isolatedSubnet3"
741
- }
742
- ],
743
- "VpcId": {
744
- "Ref": "Vpc8378EB38"
745
- }
746
- }
747
- },
748
- "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
749
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
750
- "Properties": {
751
- "RouteTableId": {
752
- "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
753
- },
754
- "SubnetId": {
755
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
756
- }
757
- }
758
- },
759
- "VpcFlowLogIAMRole6A475D41": {
760
- "Type": "AWS::IAM::Role",
761
- "Properties": {
762
- "AssumeRolePolicyDocument": {
763
- "Statement": [
764
- {
765
- "Action": "sts:AssumeRole",
766
- "Effect": "Allow",
767
- "Principal": {
768
- "Service": "vpc-flow-logs.amazonaws.com"
769
- }
770
- }
771
- ],
772
- "Version": "2012-10-17"
773
- },
774
- "Tags": [
775
- {
776
- "Key": "Name",
777
- "Value": "alblam-privateApiNewResources/Vpc/FlowLog"
778
- }
779
- ]
780
- }
781
- },
782
- "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
783
- "Type": "AWS::IAM::Policy",
784
- "Properties": {
785
- "PolicyDocument": {
786
- "Statement": [
787
- {
788
- "Action": [
789
- "logs:CreateLogStream",
790
- "logs:PutLogEvents",
791
- "logs:DescribeLogStreams"
792
- ],
793
- "Effect": "Allow",
794
- "Resource": {
795
- "Fn::GetAtt": [
796
- "VpcFlowLogLogGroup7B5C56B9",
797
- "Arn"
798
- ]
799
- }
800
- },
801
- {
802
- "Action": "iam:PassRole",
803
- "Effect": "Allow",
804
- "Resource": {
805
- "Fn::GetAtt": [
806
- "VpcFlowLogIAMRole6A475D41",
807
- "Arn"
808
- ]
809
- }
810
- }
811
- ],
812
- "Version": "2012-10-17"
813
- },
814
- "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
815
- "Roles": [
816
- {
817
- "Ref": "VpcFlowLogIAMRole6A475D41"
818
- }
819
- ]
820
- }
821
- },
822
- "VpcFlowLogLogGroup7B5C56B9": {
823
- "Type": "AWS::Logs::LogGroup",
824
- "Properties": {
825
- "RetentionInDays": 731,
826
- "Tags": [
827
- {
828
- "Key": "Name",
829
- "Value": "alblam-privateApiNewResources/Vpc/FlowLog"
830
- }
831
- ]
832
- },
833
- "UpdateReplacePolicy": "Retain",
834
- "DeletionPolicy": "Retain",
835
- "Metadata": {
836
- "cfn_nag": {
837
- "rules_to_suppress": [
838
- {
839
- "id": "W84",
840
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
841
- }
842
- ]
843
- }
844
- }
845
- },
846
- "VpcFlowLog8FF33A73": {
847
- "Type": "AWS::EC2::FlowLog",
848
- "Properties": {
849
- "DeliverLogsPermissionArn": {
850
- "Fn::GetAtt": [
851
- "VpcFlowLogIAMRole6A475D41",
852
- "Arn"
853
- ]
854
- },
855
- "LogDestinationType": "cloud-watch-logs",
856
- "LogGroupName": {
857
- "Ref": "VpcFlowLogLogGroup7B5C56B9"
858
- },
859
- "ResourceId": {
860
- "Ref": "Vpc8378EB38"
861
- },
862
- "ResourceType": "VPC",
863
- "Tags": [
864
- {
865
- "Key": "Name",
866
- "Value": "alblam-privateApiNewResources/Vpc/FlowLog"
867
- }
868
- ],
869
- "TrafficType": "ALL"
870
- }
871
- },
872
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
873
- "Type": "AWS::IAM::Role",
874
- "Properties": {
875
- "AssumeRolePolicyDocument": {
876
- "Version": "2012-10-17",
877
- "Statement": [
878
- {
879
- "Action": "sts:AssumeRole",
880
- "Effect": "Allow",
881
- "Principal": {
882
- "Service": "lambda.amazonaws.com"
883
- }
884
- }
885
- ]
886
- },
887
- "ManagedPolicyArns": [
888
- {
889
- "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
890
- }
891
- ]
892
- }
893
- },
894
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
895
- "Type": "AWS::Lambda::Function",
896
- "Properties": {
897
- "Code": {
898
- "S3Bucket": {
899
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-us-east-1"
900
- },
901
- "S3Key": "b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6.zip"
902
- },
903
- "Timeout": 900,
904
- "MemorySize": 128,
905
- "Handler": "index.handler",
906
- "Role": {
907
- "Fn::GetAtt": [
908
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
909
- "Arn"
910
- ]
911
- },
912
- "Runtime": "nodejs18.x",
913
- "Description": {
914
- "Fn::Join": [
915
- "",
916
- [
917
- "Lambda function for auto-deleting objects in ",
918
- {
919
- "Ref": "testoneE6ACFBB6"
920
- },
921
- " S3 bucket."
922
- ]
923
- ]
924
- }
925
- },
926
- "DependsOn": [
927
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
928
- ],
929
- "Metadata": {
930
- "cfn_nag": {
931
- "rules_to_suppress": [
932
- {
933
- "id": "W58",
934
- "reason": "CDK generated custom resource"
935
- },
936
- {
937
- "id": "W89",
938
- "reason": "CDK generated custom resource"
939
- },
940
- {
941
- "id": "W92",
942
- "reason": "CDK generated custom resource"
943
- }
944
- ]
945
- }
946
- }
947
- }
948
- },
949
- "Parameters": {
950
- "BootstrapVersion": {
951
- "Type": "AWS::SSM::Parameter::Value<String>",
952
- "Default": "/cdk-bootstrap/hnb659fds/version",
953
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
954
- }
955
- },
956
- "Rules": {
957
- "CheckBootstrapVersion": {
958
- "Assertions": [
959
- {
960
- "Assert": {
961
- "Fn::Not": [
962
- {
963
- "Fn::Contains": [
964
- [
965
- "1",
966
- "2",
967
- "3",
968
- "4",
969
- "5"
970
- ],
971
- {
972
- "Ref": "BootstrapVersion"
973
- }
974
- ]
975
- }
976
- ]
977
- },
978
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
979
- }
980
- ]
981
- }
982
- }
983
- }