@aws-solutions-constructs/aws-apigateway-lambda 1.120.0 → 1.124.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,2477 +0,0 @@
1
- // Jest Snapshot v1, https://goo.gl/fbAQLP
2
-
3
- exports[`Pattern deployment with existing Lambda function 1`] = `
4
- Object {
5
- "Outputs": Object {
6
- "testapigatewaylambdaLambdaRestApiEndpoint2EF0B753": Object {
7
- "Value": Object {
8
- "Fn::Join": Array [
9
- "",
10
- Array [
11
- "https://",
12
- Object {
13
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
14
- },
15
- ".execute-api.",
16
- Object {
17
- "Ref": "AWS::Region",
18
- },
19
- ".",
20
- Object {
21
- "Ref": "AWS::URLSuffix",
22
- },
23
- "/",
24
- Object {
25
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
26
- },
27
- "/",
28
- ],
29
- ],
30
- },
31
- },
32
- },
33
- "Parameters": Object {
34
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420ArtifactHashA71E92AD": Object {
35
- "Description": "Artifact hash for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
36
- "Type": "String",
37
- },
38
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458": Object {
39
- "Description": "S3 bucket for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
40
- "Type": "String",
41
- },
42
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D": Object {
43
- "Description": "S3 key for asset version \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
44
- "Type": "String",
45
- },
46
- },
47
- "Resources": Object {
48
- "ExistingLambdaFunctionF606C520": Object {
49
- "DependsOn": Array [
50
- "ExistingLambdaFunctionServiceRole7CC6DE65",
51
- ],
52
- "Properties": Object {
53
- "Code": Object {
54
- "S3Bucket": Object {
55
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458",
56
- },
57
- "S3Key": Object {
58
- "Fn::Join": Array [
59
- "",
60
- Array [
61
- Object {
62
- "Fn::Select": Array [
63
- 0,
64
- Object {
65
- "Fn::Split": Array [
66
- "||",
67
- Object {
68
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
69
- },
70
- ],
71
- },
72
- ],
73
- },
74
- Object {
75
- "Fn::Select": Array [
76
- 1,
77
- Object {
78
- "Fn::Split": Array [
79
- "||",
80
- Object {
81
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
82
- },
83
- ],
84
- },
85
- ],
86
- },
87
- ],
88
- ],
89
- },
90
- },
91
- "Handler": "index.handler",
92
- "Role": Object {
93
- "Fn::GetAtt": Array [
94
- "ExistingLambdaFunctionServiceRole7CC6DE65",
95
- "Arn",
96
- ],
97
- },
98
- "Runtime": "nodejs10.x",
99
- },
100
- "Type": "AWS::Lambda::Function",
101
- },
102
- "ExistingLambdaFunctionServiceRole7CC6DE65": Object {
103
- "Properties": Object {
104
- "AssumeRolePolicyDocument": Object {
105
- "Statement": Array [
106
- Object {
107
- "Action": "sts:AssumeRole",
108
- "Effect": "Allow",
109
- "Principal": Object {
110
- "Service": "lambda.amazonaws.com",
111
- },
112
- },
113
- ],
114
- "Version": "2012-10-17",
115
- },
116
- "ManagedPolicyArns": Array [
117
- Object {
118
- "Fn::Join": Array [
119
- "",
120
- Array [
121
- "arn:",
122
- Object {
123
- "Ref": "AWS::Partition",
124
- },
125
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
126
- ],
127
- ],
128
- },
129
- ],
130
- },
131
- "Type": "AWS::IAM::Role",
132
- },
133
- "testapigatewaylambdaApiAccessLogGroupEB3253A2": Object {
134
- "DeletionPolicy": "Retain",
135
- "Metadata": Object {
136
- "cfn_nag": Object {
137
- "rules_to_suppress": Array [
138
- Object {
139
- "id": "W86",
140
- "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely",
141
- },
142
- Object {
143
- "id": "W84",
144
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)",
145
- },
146
- ],
147
- },
148
- },
149
- "Type": "AWS::Logs::LogGroup",
150
- "UpdateReplacePolicy": "Retain",
151
- },
152
- "testapigatewaylambdaLambdaRestApiANY1FACA749": Object {
153
- "Properties": Object {
154
- "AuthorizationType": "AWS_IAM",
155
- "HttpMethod": "ANY",
156
- "Integration": Object {
157
- "IntegrationHttpMethod": "POST",
158
- "Type": "AWS_PROXY",
159
- "Uri": Object {
160
- "Fn::Join": Array [
161
- "",
162
- Array [
163
- "arn:",
164
- Object {
165
- "Ref": "AWS::Partition",
166
- },
167
- ":apigateway:",
168
- Object {
169
- "Ref": "AWS::Region",
170
- },
171
- ":lambda:path/2015-03-31/functions/",
172
- Object {
173
- "Fn::GetAtt": Array [
174
- "ExistingLambdaFunctionF606C520",
175
- "Arn",
176
- ],
177
- },
178
- "/invocations",
179
- ],
180
- ],
181
- },
182
- },
183
- "ResourceId": Object {
184
- "Fn::GetAtt": Array [
185
- "testapigatewaylambdaLambdaRestApiE957E944",
186
- "RootResourceId",
187
- ],
188
- },
189
- "RestApiId": Object {
190
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
191
- },
192
- },
193
- "Type": "AWS::ApiGateway::Method",
194
- },
195
- "testapigatewaylambdaLambdaRestApiANYApiPermissionTesttestapigatewaylambdaLambdaRestApi5DDE3360ANYF71F5CAC": Object {
196
- "Properties": Object {
197
- "Action": "lambda:InvokeFunction",
198
- "FunctionName": Object {
199
- "Fn::GetAtt": Array [
200
- "ExistingLambdaFunctionF606C520",
201
- "Arn",
202
- ],
203
- },
204
- "Principal": "apigateway.amazonaws.com",
205
- "SourceArn": Object {
206
- "Fn::Join": Array [
207
- "",
208
- Array [
209
- "arn:",
210
- Object {
211
- "Ref": "AWS::Partition",
212
- },
213
- ":execute-api:",
214
- Object {
215
- "Ref": "AWS::Region",
216
- },
217
- ":",
218
- Object {
219
- "Ref": "AWS::AccountId",
220
- },
221
- ":",
222
- Object {
223
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
224
- },
225
- "/test-invoke-stage/*/",
226
- ],
227
- ],
228
- },
229
- },
230
- "Type": "AWS::Lambda::Permission",
231
- },
232
- "testapigatewaylambdaLambdaRestApiANYApiPermissiontestapigatewaylambdaLambdaRestApi5DDE3360ANY0CAB129B": Object {
233
- "Properties": Object {
234
- "Action": "lambda:InvokeFunction",
235
- "FunctionName": Object {
236
- "Fn::GetAtt": Array [
237
- "ExistingLambdaFunctionF606C520",
238
- "Arn",
239
- ],
240
- },
241
- "Principal": "apigateway.amazonaws.com",
242
- "SourceArn": Object {
243
- "Fn::Join": Array [
244
- "",
245
- Array [
246
- "arn:",
247
- Object {
248
- "Ref": "AWS::Partition",
249
- },
250
- ":execute-api:",
251
- Object {
252
- "Ref": "AWS::Region",
253
- },
254
- ":",
255
- Object {
256
- "Ref": "AWS::AccountId",
257
- },
258
- ":",
259
- Object {
260
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
261
- },
262
- "/",
263
- Object {
264
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
265
- },
266
- "/*/",
267
- ],
268
- ],
269
- },
270
- },
271
- "Type": "AWS::Lambda::Permission",
272
- },
273
- "testapigatewaylambdaLambdaRestApiAccount0D88B6B8": Object {
274
- "DependsOn": Array [
275
- "testapigatewaylambdaLambdaRestApiE957E944",
276
- ],
277
- "Properties": Object {
278
- "CloudWatchRoleArn": Object {
279
- "Fn::GetAtt": Array [
280
- "testapigatewaylambdaLambdaRestApiCloudWatchRole6D45E039",
281
- "Arn",
282
- ],
283
- },
284
- },
285
- "Type": "AWS::ApiGateway::Account",
286
- },
287
- "testapigatewaylambdaLambdaRestApiCloudWatchRole6D45E039": Object {
288
- "Properties": Object {
289
- "AssumeRolePolicyDocument": Object {
290
- "Statement": Array [
291
- Object {
292
- "Action": "sts:AssumeRole",
293
- "Effect": "Allow",
294
- "Principal": Object {
295
- "Service": "apigateway.amazonaws.com",
296
- },
297
- },
298
- ],
299
- "Version": "2012-10-17",
300
- },
301
- "Policies": Array [
302
- Object {
303
- "PolicyDocument": Object {
304
- "Statement": Array [
305
- Object {
306
- "Action": Array [
307
- "logs:CreateLogGroup",
308
- "logs:CreateLogStream",
309
- "logs:DescribeLogGroups",
310
- "logs:DescribeLogStreams",
311
- "logs:PutLogEvents",
312
- "logs:GetLogEvents",
313
- "logs:FilterLogEvents",
314
- ],
315
- "Effect": "Allow",
316
- "Resource": Object {
317
- "Fn::Join": Array [
318
- "",
319
- Array [
320
- "arn:",
321
- Object {
322
- "Ref": "AWS::Partition",
323
- },
324
- ":logs:",
325
- Object {
326
- "Ref": "AWS::Region",
327
- },
328
- ":",
329
- Object {
330
- "Ref": "AWS::AccountId",
331
- },
332
- ":*",
333
- ],
334
- ],
335
- },
336
- },
337
- ],
338
- "Version": "2012-10-17",
339
- },
340
- "PolicyName": "LambdaRestApiCloudWatchRolePolicy",
341
- },
342
- ],
343
- },
344
- "Type": "AWS::IAM::Role",
345
- },
346
- "testapigatewaylambdaLambdaRestApiDeployment85334BB3ec6848f57ed1b1aac179df734f57dcaa": Object {
347
- "DependsOn": Array [
348
- "testapigatewaylambdaLambdaRestApiproxyANYF6150927",
349
- "testapigatewaylambdaLambdaRestApiproxy2C2C544E",
350
- "testapigatewaylambdaLambdaRestApiANY1FACA749",
351
- ],
352
- "Metadata": Object {
353
- "cfn_nag": Object {
354
- "rules_to_suppress": Array [
355
- Object {
356
- "id": "W45",
357
- "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checkes for it in AWS::ApiGateway::Deployment resource",
358
- },
359
- ],
360
- },
361
- },
362
- "Properties": Object {
363
- "Description": "Automatically created by the RestApi construct",
364
- "RestApiId": Object {
365
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
366
- },
367
- },
368
- "Type": "AWS::ApiGateway::Deployment",
369
- },
370
- "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247": Object {
371
- "Properties": Object {
372
- "AccessLogSetting": Object {
373
- "DestinationArn": Object {
374
- "Fn::GetAtt": Array [
375
- "testapigatewaylambdaApiAccessLogGroupEB3253A2",
376
- "Arn",
377
- ],
378
- },
379
- "Format": "{\\"requestId\\":\\"$context.requestId\\",\\"ip\\":\\"$context.identity.sourceIp\\",\\"user\\":\\"$context.identity.user\\",\\"caller\\":\\"$context.identity.caller\\",\\"requestTime\\":\\"$context.requestTime\\",\\"httpMethod\\":\\"$context.httpMethod\\",\\"resourcePath\\":\\"$context.resourcePath\\",\\"status\\":\\"$context.status\\",\\"protocol\\":\\"$context.protocol\\",\\"responseLength\\":\\"$context.responseLength\\"}",
380
- },
381
- "DeploymentId": Object {
382
- "Ref": "testapigatewaylambdaLambdaRestApiDeployment85334BB3ec6848f57ed1b1aac179df734f57dcaa",
383
- },
384
- "MethodSettings": Array [
385
- Object {
386
- "DataTraceEnabled": false,
387
- "HttpMethod": "*",
388
- "LoggingLevel": "INFO",
389
- "ResourcePath": "/*",
390
- },
391
- ],
392
- "RestApiId": Object {
393
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
394
- },
395
- "StageName": "prod",
396
- "TracingEnabled": true,
397
- },
398
- "Type": "AWS::ApiGateway::Stage",
399
- },
400
- "testapigatewaylambdaLambdaRestApiE957E944": Object {
401
- "Properties": Object {
402
- "EndpointConfiguration": Object {
403
- "Types": Array [
404
- "EDGE",
405
- ],
406
- },
407
- "Name": "LambdaRestApi",
408
- },
409
- "Type": "AWS::ApiGateway::RestApi",
410
- },
411
- "testapigatewaylambdaLambdaRestApiUsagePlan658131E3": Object {
412
- "Properties": Object {
413
- "ApiStages": Array [
414
- Object {
415
- "ApiId": Object {
416
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
417
- },
418
- "Stage": Object {
419
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
420
- },
421
- "Throttle": Object {},
422
- },
423
- ],
424
- },
425
- "Type": "AWS::ApiGateway::UsagePlan",
426
- },
427
- "testapigatewaylambdaLambdaRestApiproxy2C2C544E": Object {
428
- "Properties": Object {
429
- "ParentId": Object {
430
- "Fn::GetAtt": Array [
431
- "testapigatewaylambdaLambdaRestApiE957E944",
432
- "RootResourceId",
433
- ],
434
- },
435
- "PathPart": "{proxy+}",
436
- "RestApiId": Object {
437
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
438
- },
439
- },
440
- "Type": "AWS::ApiGateway::Resource",
441
- },
442
- "testapigatewaylambdaLambdaRestApiproxyANYApiPermissionTesttestapigatewaylambdaLambdaRestApi5DDE3360ANYproxyBA241600": Object {
443
- "Properties": Object {
444
- "Action": "lambda:InvokeFunction",
445
- "FunctionName": Object {
446
- "Fn::GetAtt": Array [
447
- "ExistingLambdaFunctionF606C520",
448
- "Arn",
449
- ],
450
- },
451
- "Principal": "apigateway.amazonaws.com",
452
- "SourceArn": Object {
453
- "Fn::Join": Array [
454
- "",
455
- Array [
456
- "arn:",
457
- Object {
458
- "Ref": "AWS::Partition",
459
- },
460
- ":execute-api:",
461
- Object {
462
- "Ref": "AWS::Region",
463
- },
464
- ":",
465
- Object {
466
- "Ref": "AWS::AccountId",
467
- },
468
- ":",
469
- Object {
470
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
471
- },
472
- "/test-invoke-stage/*/*",
473
- ],
474
- ],
475
- },
476
- },
477
- "Type": "AWS::Lambda::Permission",
478
- },
479
- "testapigatewaylambdaLambdaRestApiproxyANYApiPermissiontestapigatewaylambdaLambdaRestApi5DDE3360ANYproxyCC830169": Object {
480
- "Properties": Object {
481
- "Action": "lambda:InvokeFunction",
482
- "FunctionName": Object {
483
- "Fn::GetAtt": Array [
484
- "ExistingLambdaFunctionF606C520",
485
- "Arn",
486
- ],
487
- },
488
- "Principal": "apigateway.amazonaws.com",
489
- "SourceArn": Object {
490
- "Fn::Join": Array [
491
- "",
492
- Array [
493
- "arn:",
494
- Object {
495
- "Ref": "AWS::Partition",
496
- },
497
- ":execute-api:",
498
- Object {
499
- "Ref": "AWS::Region",
500
- },
501
- ":",
502
- Object {
503
- "Ref": "AWS::AccountId",
504
- },
505
- ":",
506
- Object {
507
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
508
- },
509
- "/",
510
- Object {
511
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
512
- },
513
- "/*/*",
514
- ],
515
- ],
516
- },
517
- },
518
- "Type": "AWS::Lambda::Permission",
519
- },
520
- "testapigatewaylambdaLambdaRestApiproxyANYF6150927": Object {
521
- "Properties": Object {
522
- "AuthorizationType": "AWS_IAM",
523
- "HttpMethod": "ANY",
524
- "Integration": Object {
525
- "IntegrationHttpMethod": "POST",
526
- "Type": "AWS_PROXY",
527
- "Uri": Object {
528
- "Fn::Join": Array [
529
- "",
530
- Array [
531
- "arn:",
532
- Object {
533
- "Ref": "AWS::Partition",
534
- },
535
- ":apigateway:",
536
- Object {
537
- "Ref": "AWS::Region",
538
- },
539
- ":lambda:path/2015-03-31/functions/",
540
- Object {
541
- "Fn::GetAtt": Array [
542
- "ExistingLambdaFunctionF606C520",
543
- "Arn",
544
- ],
545
- },
546
- "/invocations",
547
- ],
548
- ],
549
- },
550
- },
551
- "ResourceId": Object {
552
- "Ref": "testapigatewaylambdaLambdaRestApiproxy2C2C544E",
553
- },
554
- "RestApiId": Object {
555
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
556
- },
557
- },
558
- "Type": "AWS::ApiGateway::Method",
559
- },
560
- },
561
- }
562
- `;
563
-
564
- exports[`Pattern deployment with new Lambda function 1`] = `
565
- Object {
566
- "Outputs": Object {
567
- "testapigatewaylambdaLambdaRestApiEndpoint2EF0B753": Object {
568
- "Value": Object {
569
- "Fn::Join": Array [
570
- "",
571
- Array [
572
- "https://",
573
- Object {
574
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
575
- },
576
- ".execute-api.",
577
- Object {
578
- "Ref": "AWS::Region",
579
- },
580
- ".",
581
- Object {
582
- "Ref": "AWS::URLSuffix",
583
- },
584
- "/",
585
- Object {
586
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
587
- },
588
- "/",
589
- ],
590
- ],
591
- },
592
- },
593
- },
594
- "Parameters": Object {
595
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420ArtifactHashA71E92AD": Object {
596
- "Description": "Artifact hash for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
597
- "Type": "String",
598
- },
599
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458": Object {
600
- "Description": "S3 bucket for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
601
- "Type": "String",
602
- },
603
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D": Object {
604
- "Description": "S3 key for asset version \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
605
- "Type": "String",
606
- },
607
- },
608
- "Resources": Object {
609
- "testapigatewaylambdaApiAccessLogGroupEB3253A2": Object {
610
- "DeletionPolicy": "Retain",
611
- "Metadata": Object {
612
- "cfn_nag": Object {
613
- "rules_to_suppress": Array [
614
- Object {
615
- "id": "W86",
616
- "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely",
617
- },
618
- Object {
619
- "id": "W84",
620
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)",
621
- },
622
- ],
623
- },
624
- },
625
- "Type": "AWS::Logs::LogGroup",
626
- "UpdateReplacePolicy": "Retain",
627
- },
628
- "testapigatewaylambdaLambdaFunction18FF222F": Object {
629
- "DependsOn": Array [
630
- "testapigatewaylambdaLambdaFunctionServiceRoleDefaultPolicyA5D0BE32",
631
- "testapigatewaylambdaLambdaFunctionServiceRole5CD2E9F7",
632
- ],
633
- "Metadata": Object {
634
- "cfn_nag": Object {
635
- "rules_to_suppress": Array [
636
- Object {
637
- "id": "W58",
638
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.",
639
- },
640
- Object {
641
- "id": "W89",
642
- "reason": "This is not a rule for the general case, just for specific use cases/industries",
643
- },
644
- Object {
645
- "id": "W92",
646
- "reason": "Impossible for us to define the correct concurrency for clients",
647
- },
648
- ],
649
- },
650
- },
651
- "Properties": Object {
652
- "Code": Object {
653
- "S3Bucket": Object {
654
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458",
655
- },
656
- "S3Key": Object {
657
- "Fn::Join": Array [
658
- "",
659
- Array [
660
- Object {
661
- "Fn::Select": Array [
662
- 0,
663
- Object {
664
- "Fn::Split": Array [
665
- "||",
666
- Object {
667
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
668
- },
669
- ],
670
- },
671
- ],
672
- },
673
- Object {
674
- "Fn::Select": Array [
675
- 1,
676
- Object {
677
- "Fn::Split": Array [
678
- "||",
679
- Object {
680
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
681
- },
682
- ],
683
- },
684
- ],
685
- },
686
- ],
687
- ],
688
- },
689
- },
690
- "Environment": Object {
691
- "Variables": Object {
692
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
693
- },
694
- },
695
- "Handler": "index.handler",
696
- "Role": Object {
697
- "Fn::GetAtt": Array [
698
- "testapigatewaylambdaLambdaFunctionServiceRole5CD2E9F7",
699
- "Arn",
700
- ],
701
- },
702
- "Runtime": "nodejs10.x",
703
- "TracingConfig": Object {
704
- "Mode": "Active",
705
- },
706
- },
707
- "Type": "AWS::Lambda::Function",
708
- },
709
- "testapigatewaylambdaLambdaFunctionServiceRole5CD2E9F7": Object {
710
- "Properties": Object {
711
- "AssumeRolePolicyDocument": Object {
712
- "Statement": Array [
713
- Object {
714
- "Action": "sts:AssumeRole",
715
- "Effect": "Allow",
716
- "Principal": Object {
717
- "Service": "lambda.amazonaws.com",
718
- },
719
- },
720
- ],
721
- "Version": "2012-10-17",
722
- },
723
- "Policies": Array [
724
- Object {
725
- "PolicyDocument": Object {
726
- "Statement": Array [
727
- Object {
728
- "Action": Array [
729
- "logs:CreateLogGroup",
730
- "logs:CreateLogStream",
731
- "logs:PutLogEvents",
732
- ],
733
- "Effect": "Allow",
734
- "Resource": Object {
735
- "Fn::Join": Array [
736
- "",
737
- Array [
738
- "arn:",
739
- Object {
740
- "Ref": "AWS::Partition",
741
- },
742
- ":logs:",
743
- Object {
744
- "Ref": "AWS::Region",
745
- },
746
- ":",
747
- Object {
748
- "Ref": "AWS::AccountId",
749
- },
750
- ":log-group:/aws/lambda/*",
751
- ],
752
- ],
753
- },
754
- },
755
- ],
756
- "Version": "2012-10-17",
757
- },
758
- "PolicyName": "LambdaFunctionServiceRolePolicy",
759
- },
760
- ],
761
- },
762
- "Type": "AWS::IAM::Role",
763
- },
764
- "testapigatewaylambdaLambdaFunctionServiceRoleDefaultPolicyA5D0BE32": Object {
765
- "Metadata": Object {
766
- "cfn_nag": Object {
767
- "rules_to_suppress": Array [
768
- Object {
769
- "id": "W12",
770
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.",
771
- },
772
- ],
773
- },
774
- },
775
- "Properties": Object {
776
- "PolicyDocument": Object {
777
- "Statement": Array [
778
- Object {
779
- "Action": Array [
780
- "xray:PutTraceSegments",
781
- "xray:PutTelemetryRecords",
782
- ],
783
- "Effect": "Allow",
784
- "Resource": "*",
785
- },
786
- ],
787
- "Version": "2012-10-17",
788
- },
789
- "PolicyName": "testapigatewaylambdaLambdaFunctionServiceRoleDefaultPolicyA5D0BE32",
790
- "Roles": Array [
791
- Object {
792
- "Ref": "testapigatewaylambdaLambdaFunctionServiceRole5CD2E9F7",
793
- },
794
- ],
795
- },
796
- "Type": "AWS::IAM::Policy",
797
- },
798
- "testapigatewaylambdaLambdaRestApiANY1FACA749": Object {
799
- "Properties": Object {
800
- "AuthorizationType": "AWS_IAM",
801
- "HttpMethod": "ANY",
802
- "Integration": Object {
803
- "IntegrationHttpMethod": "POST",
804
- "Type": "AWS_PROXY",
805
- "Uri": Object {
806
- "Fn::Join": Array [
807
- "",
808
- Array [
809
- "arn:",
810
- Object {
811
- "Ref": "AWS::Partition",
812
- },
813
- ":apigateway:",
814
- Object {
815
- "Ref": "AWS::Region",
816
- },
817
- ":lambda:path/2015-03-31/functions/",
818
- Object {
819
- "Fn::GetAtt": Array [
820
- "testapigatewaylambdaLambdaFunction18FF222F",
821
- "Arn",
822
- ],
823
- },
824
- "/invocations",
825
- ],
826
- ],
827
- },
828
- },
829
- "ResourceId": Object {
830
- "Fn::GetAtt": Array [
831
- "testapigatewaylambdaLambdaRestApiE957E944",
832
- "RootResourceId",
833
- ],
834
- },
835
- "RestApiId": Object {
836
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
837
- },
838
- },
839
- "Type": "AWS::ApiGateway::Method",
840
- },
841
- "testapigatewaylambdaLambdaRestApiANYApiPermissionTesttestapigatewaylambdaLambdaRestApi5DDE3360ANYF71F5CAC": Object {
842
- "Properties": Object {
843
- "Action": "lambda:InvokeFunction",
844
- "FunctionName": Object {
845
- "Fn::GetAtt": Array [
846
- "testapigatewaylambdaLambdaFunction18FF222F",
847
- "Arn",
848
- ],
849
- },
850
- "Principal": "apigateway.amazonaws.com",
851
- "SourceArn": Object {
852
- "Fn::Join": Array [
853
- "",
854
- Array [
855
- "arn:",
856
- Object {
857
- "Ref": "AWS::Partition",
858
- },
859
- ":execute-api:",
860
- Object {
861
- "Ref": "AWS::Region",
862
- },
863
- ":",
864
- Object {
865
- "Ref": "AWS::AccountId",
866
- },
867
- ":",
868
- Object {
869
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
870
- },
871
- "/test-invoke-stage/*/",
872
- ],
873
- ],
874
- },
875
- },
876
- "Type": "AWS::Lambda::Permission",
877
- },
878
- "testapigatewaylambdaLambdaRestApiANYApiPermissiontestapigatewaylambdaLambdaRestApi5DDE3360ANY0CAB129B": Object {
879
- "Properties": Object {
880
- "Action": "lambda:InvokeFunction",
881
- "FunctionName": Object {
882
- "Fn::GetAtt": Array [
883
- "testapigatewaylambdaLambdaFunction18FF222F",
884
- "Arn",
885
- ],
886
- },
887
- "Principal": "apigateway.amazonaws.com",
888
- "SourceArn": Object {
889
- "Fn::Join": Array [
890
- "",
891
- Array [
892
- "arn:",
893
- Object {
894
- "Ref": "AWS::Partition",
895
- },
896
- ":execute-api:",
897
- Object {
898
- "Ref": "AWS::Region",
899
- },
900
- ":",
901
- Object {
902
- "Ref": "AWS::AccountId",
903
- },
904
- ":",
905
- Object {
906
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
907
- },
908
- "/",
909
- Object {
910
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
911
- },
912
- "/*/",
913
- ],
914
- ],
915
- },
916
- },
917
- "Type": "AWS::Lambda::Permission",
918
- },
919
- "testapigatewaylambdaLambdaRestApiAccount0D88B6B8": Object {
920
- "DependsOn": Array [
921
- "testapigatewaylambdaLambdaRestApiE957E944",
922
- ],
923
- "Properties": Object {
924
- "CloudWatchRoleArn": Object {
925
- "Fn::GetAtt": Array [
926
- "testapigatewaylambdaLambdaRestApiCloudWatchRole6D45E039",
927
- "Arn",
928
- ],
929
- },
930
- },
931
- "Type": "AWS::ApiGateway::Account",
932
- },
933
- "testapigatewaylambdaLambdaRestApiCloudWatchRole6D45E039": Object {
934
- "Properties": Object {
935
- "AssumeRolePolicyDocument": Object {
936
- "Statement": Array [
937
- Object {
938
- "Action": "sts:AssumeRole",
939
- "Effect": "Allow",
940
- "Principal": Object {
941
- "Service": "apigateway.amazonaws.com",
942
- },
943
- },
944
- ],
945
- "Version": "2012-10-17",
946
- },
947
- "Policies": Array [
948
- Object {
949
- "PolicyDocument": Object {
950
- "Statement": Array [
951
- Object {
952
- "Action": Array [
953
- "logs:CreateLogGroup",
954
- "logs:CreateLogStream",
955
- "logs:DescribeLogGroups",
956
- "logs:DescribeLogStreams",
957
- "logs:PutLogEvents",
958
- "logs:GetLogEvents",
959
- "logs:FilterLogEvents",
960
- ],
961
- "Effect": "Allow",
962
- "Resource": Object {
963
- "Fn::Join": Array [
964
- "",
965
- Array [
966
- "arn:",
967
- Object {
968
- "Ref": "AWS::Partition",
969
- },
970
- ":logs:",
971
- Object {
972
- "Ref": "AWS::Region",
973
- },
974
- ":",
975
- Object {
976
- "Ref": "AWS::AccountId",
977
- },
978
- ":*",
979
- ],
980
- ],
981
- },
982
- },
983
- ],
984
- "Version": "2012-10-17",
985
- },
986
- "PolicyName": "LambdaRestApiCloudWatchRolePolicy",
987
- },
988
- ],
989
- },
990
- "Type": "AWS::IAM::Role",
991
- },
992
- "testapigatewaylambdaLambdaRestApiDeployment85334BB3a1765c45928980e423727978265730d1": Object {
993
- "DependsOn": Array [
994
- "testapigatewaylambdaLambdaRestApiproxyANYF6150927",
995
- "testapigatewaylambdaLambdaRestApiproxy2C2C544E",
996
- "testapigatewaylambdaLambdaRestApiANY1FACA749",
997
- ],
998
- "Metadata": Object {
999
- "cfn_nag": Object {
1000
- "rules_to_suppress": Array [
1001
- Object {
1002
- "id": "W45",
1003
- "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checkes for it in AWS::ApiGateway::Deployment resource",
1004
- },
1005
- ],
1006
- },
1007
- },
1008
- "Properties": Object {
1009
- "Description": "Automatically created by the RestApi construct",
1010
- "RestApiId": Object {
1011
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1012
- },
1013
- },
1014
- "Type": "AWS::ApiGateway::Deployment",
1015
- },
1016
- "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247": Object {
1017
- "Properties": Object {
1018
- "AccessLogSetting": Object {
1019
- "DestinationArn": Object {
1020
- "Fn::GetAtt": Array [
1021
- "testapigatewaylambdaApiAccessLogGroupEB3253A2",
1022
- "Arn",
1023
- ],
1024
- },
1025
- "Format": "{\\"requestId\\":\\"$context.requestId\\",\\"ip\\":\\"$context.identity.sourceIp\\",\\"user\\":\\"$context.identity.user\\",\\"caller\\":\\"$context.identity.caller\\",\\"requestTime\\":\\"$context.requestTime\\",\\"httpMethod\\":\\"$context.httpMethod\\",\\"resourcePath\\":\\"$context.resourcePath\\",\\"status\\":\\"$context.status\\",\\"protocol\\":\\"$context.protocol\\",\\"responseLength\\":\\"$context.responseLength\\"}",
1026
- },
1027
- "DeploymentId": Object {
1028
- "Ref": "testapigatewaylambdaLambdaRestApiDeployment85334BB3a1765c45928980e423727978265730d1",
1029
- },
1030
- "MethodSettings": Array [
1031
- Object {
1032
- "DataTraceEnabled": false,
1033
- "HttpMethod": "*",
1034
- "LoggingLevel": "INFO",
1035
- "ResourcePath": "/*",
1036
- },
1037
- ],
1038
- "RestApiId": Object {
1039
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1040
- },
1041
- "StageName": "prod",
1042
- "TracingEnabled": true,
1043
- },
1044
- "Type": "AWS::ApiGateway::Stage",
1045
- },
1046
- "testapigatewaylambdaLambdaRestApiE957E944": Object {
1047
- "Properties": Object {
1048
- "EndpointConfiguration": Object {
1049
- "Types": Array [
1050
- "EDGE",
1051
- ],
1052
- },
1053
- "Name": "LambdaRestApi",
1054
- },
1055
- "Type": "AWS::ApiGateway::RestApi",
1056
- },
1057
- "testapigatewaylambdaLambdaRestApiUsagePlan658131E3": Object {
1058
- "Properties": Object {
1059
- "ApiStages": Array [
1060
- Object {
1061
- "ApiId": Object {
1062
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1063
- },
1064
- "Stage": Object {
1065
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
1066
- },
1067
- "Throttle": Object {},
1068
- },
1069
- ],
1070
- },
1071
- "Type": "AWS::ApiGateway::UsagePlan",
1072
- },
1073
- "testapigatewaylambdaLambdaRestApiproxy2C2C544E": Object {
1074
- "Properties": Object {
1075
- "ParentId": Object {
1076
- "Fn::GetAtt": Array [
1077
- "testapigatewaylambdaLambdaRestApiE957E944",
1078
- "RootResourceId",
1079
- ],
1080
- },
1081
- "PathPart": "{proxy+}",
1082
- "RestApiId": Object {
1083
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1084
- },
1085
- },
1086
- "Type": "AWS::ApiGateway::Resource",
1087
- },
1088
- "testapigatewaylambdaLambdaRestApiproxyANYApiPermissionTesttestapigatewaylambdaLambdaRestApi5DDE3360ANYproxyBA241600": Object {
1089
- "Properties": Object {
1090
- "Action": "lambda:InvokeFunction",
1091
- "FunctionName": Object {
1092
- "Fn::GetAtt": Array [
1093
- "testapigatewaylambdaLambdaFunction18FF222F",
1094
- "Arn",
1095
- ],
1096
- },
1097
- "Principal": "apigateway.amazonaws.com",
1098
- "SourceArn": Object {
1099
- "Fn::Join": Array [
1100
- "",
1101
- Array [
1102
- "arn:",
1103
- Object {
1104
- "Ref": "AWS::Partition",
1105
- },
1106
- ":execute-api:",
1107
- Object {
1108
- "Ref": "AWS::Region",
1109
- },
1110
- ":",
1111
- Object {
1112
- "Ref": "AWS::AccountId",
1113
- },
1114
- ":",
1115
- Object {
1116
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1117
- },
1118
- "/test-invoke-stage/*/*",
1119
- ],
1120
- ],
1121
- },
1122
- },
1123
- "Type": "AWS::Lambda::Permission",
1124
- },
1125
- "testapigatewaylambdaLambdaRestApiproxyANYApiPermissiontestapigatewaylambdaLambdaRestApi5DDE3360ANYproxyCC830169": Object {
1126
- "Properties": Object {
1127
- "Action": "lambda:InvokeFunction",
1128
- "FunctionName": Object {
1129
- "Fn::GetAtt": Array [
1130
- "testapigatewaylambdaLambdaFunction18FF222F",
1131
- "Arn",
1132
- ],
1133
- },
1134
- "Principal": "apigateway.amazonaws.com",
1135
- "SourceArn": Object {
1136
- "Fn::Join": Array [
1137
- "",
1138
- Array [
1139
- "arn:",
1140
- Object {
1141
- "Ref": "AWS::Partition",
1142
- },
1143
- ":execute-api:",
1144
- Object {
1145
- "Ref": "AWS::Region",
1146
- },
1147
- ":",
1148
- Object {
1149
- "Ref": "AWS::AccountId",
1150
- },
1151
- ":",
1152
- Object {
1153
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1154
- },
1155
- "/",
1156
- Object {
1157
- "Ref": "testapigatewaylambdaLambdaRestApiDeploymentStageprod4EBF7247",
1158
- },
1159
- "/*/*",
1160
- ],
1161
- ],
1162
- },
1163
- },
1164
- "Type": "AWS::Lambda::Permission",
1165
- },
1166
- "testapigatewaylambdaLambdaRestApiproxyANYF6150927": Object {
1167
- "Properties": Object {
1168
- "AuthorizationType": "AWS_IAM",
1169
- "HttpMethod": "ANY",
1170
- "Integration": Object {
1171
- "IntegrationHttpMethod": "POST",
1172
- "Type": "AWS_PROXY",
1173
- "Uri": Object {
1174
- "Fn::Join": Array [
1175
- "",
1176
- Array [
1177
- "arn:",
1178
- Object {
1179
- "Ref": "AWS::Partition",
1180
- },
1181
- ":apigateway:",
1182
- Object {
1183
- "Ref": "AWS::Region",
1184
- },
1185
- ":lambda:path/2015-03-31/functions/",
1186
- Object {
1187
- "Fn::GetAtt": Array [
1188
- "testapigatewaylambdaLambdaFunction18FF222F",
1189
- "Arn",
1190
- ],
1191
- },
1192
- "/invocations",
1193
- ],
1194
- ],
1195
- },
1196
- },
1197
- "ResourceId": Object {
1198
- "Ref": "testapigatewaylambdaLambdaRestApiproxy2C2C544E",
1199
- },
1200
- "RestApiId": Object {
1201
- "Ref": "testapigatewaylambdaLambdaRestApiE957E944",
1202
- },
1203
- },
1204
- "Type": "AWS::ApiGateway::Method",
1205
- },
1206
- },
1207
- }
1208
- `;
1209
-
1210
- exports[`Pattern deployment with two ApiGatewayToLambda constructs 1`] = `
1211
- Object {
1212
- "Outputs": Object {
1213
- "pattern1LambdaRestApiEndpointECE66433": Object {
1214
- "Value": Object {
1215
- "Fn::Join": Array [
1216
- "",
1217
- Array [
1218
- "https://",
1219
- Object {
1220
- "Ref": "pattern1LambdaRestApi6083801A",
1221
- },
1222
- ".execute-api.",
1223
- Object {
1224
- "Ref": "AWS::Region",
1225
- },
1226
- ".",
1227
- Object {
1228
- "Ref": "AWS::URLSuffix",
1229
- },
1230
- "/",
1231
- Object {
1232
- "Ref": "pattern1LambdaRestApiDeploymentStageprodFF2B9A97",
1233
- },
1234
- "/",
1235
- ],
1236
- ],
1237
- },
1238
- },
1239
- "pattern2LambdaRestApiEndpoint47B2C6C6": Object {
1240
- "Value": Object {
1241
- "Fn::Join": Array [
1242
- "",
1243
- Array [
1244
- "https://",
1245
- Object {
1246
- "Ref": "pattern2LambdaRestApi7106C394",
1247
- },
1248
- ".execute-api.",
1249
- Object {
1250
- "Ref": "AWS::Region",
1251
- },
1252
- ".",
1253
- Object {
1254
- "Ref": "AWS::URLSuffix",
1255
- },
1256
- "/",
1257
- Object {
1258
- "Ref": "pattern2LambdaRestApiDeploymentStageprod134BC514",
1259
- },
1260
- "/",
1261
- ],
1262
- ],
1263
- },
1264
- },
1265
- },
1266
- "Parameters": Object {
1267
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420ArtifactHashA71E92AD": Object {
1268
- "Description": "Artifact hash for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
1269
- "Type": "String",
1270
- },
1271
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458": Object {
1272
- "Description": "S3 bucket for asset \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
1273
- "Type": "String",
1274
- },
1275
- "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D": Object {
1276
- "Description": "S3 key for asset version \\"8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420\\"",
1277
- "Type": "String",
1278
- },
1279
- },
1280
- "Resources": Object {
1281
- "pattern1ApiAccessLogGroupE3E8C305": Object {
1282
- "DeletionPolicy": "Retain",
1283
- "Metadata": Object {
1284
- "cfn_nag": Object {
1285
- "rules_to_suppress": Array [
1286
- Object {
1287
- "id": "W86",
1288
- "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely",
1289
- },
1290
- Object {
1291
- "id": "W84",
1292
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)",
1293
- },
1294
- ],
1295
- },
1296
- },
1297
- "Type": "AWS::Logs::LogGroup",
1298
- "UpdateReplacePolicy": "Retain",
1299
- },
1300
- "pattern1LambdaFunction4AE2BC2A": Object {
1301
- "DependsOn": Array [
1302
- "pattern1LambdaFunctionServiceRoleDefaultPolicy3DAB9197",
1303
- "pattern1LambdaFunctionServiceRoleEEE9B913",
1304
- ],
1305
- "Metadata": Object {
1306
- "cfn_nag": Object {
1307
- "rules_to_suppress": Array [
1308
- Object {
1309
- "id": "W58",
1310
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.",
1311
- },
1312
- Object {
1313
- "id": "W89",
1314
- "reason": "This is not a rule for the general case, just for specific use cases/industries",
1315
- },
1316
- Object {
1317
- "id": "W92",
1318
- "reason": "Impossible for us to define the correct concurrency for clients",
1319
- },
1320
- ],
1321
- },
1322
- },
1323
- "Properties": Object {
1324
- "Code": Object {
1325
- "S3Bucket": Object {
1326
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458",
1327
- },
1328
- "S3Key": Object {
1329
- "Fn::Join": Array [
1330
- "",
1331
- Array [
1332
- Object {
1333
- "Fn::Select": Array [
1334
- 0,
1335
- Object {
1336
- "Fn::Split": Array [
1337
- "||",
1338
- Object {
1339
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
1340
- },
1341
- ],
1342
- },
1343
- ],
1344
- },
1345
- Object {
1346
- "Fn::Select": Array [
1347
- 1,
1348
- Object {
1349
- "Fn::Split": Array [
1350
- "||",
1351
- Object {
1352
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
1353
- },
1354
- ],
1355
- },
1356
- ],
1357
- },
1358
- ],
1359
- ],
1360
- },
1361
- },
1362
- "Environment": Object {
1363
- "Variables": Object {
1364
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
1365
- },
1366
- },
1367
- "Handler": "index.handler",
1368
- "Role": Object {
1369
- "Fn::GetAtt": Array [
1370
- "pattern1LambdaFunctionServiceRoleEEE9B913",
1371
- "Arn",
1372
- ],
1373
- },
1374
- "Runtime": "nodejs10.x",
1375
- "TracingConfig": Object {
1376
- "Mode": "Active",
1377
- },
1378
- },
1379
- "Type": "AWS::Lambda::Function",
1380
- },
1381
- "pattern1LambdaFunctionServiceRoleDefaultPolicy3DAB9197": Object {
1382
- "Metadata": Object {
1383
- "cfn_nag": Object {
1384
- "rules_to_suppress": Array [
1385
- Object {
1386
- "id": "W12",
1387
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.",
1388
- },
1389
- ],
1390
- },
1391
- },
1392
- "Properties": Object {
1393
- "PolicyDocument": Object {
1394
- "Statement": Array [
1395
- Object {
1396
- "Action": Array [
1397
- "xray:PutTraceSegments",
1398
- "xray:PutTelemetryRecords",
1399
- ],
1400
- "Effect": "Allow",
1401
- "Resource": "*",
1402
- },
1403
- ],
1404
- "Version": "2012-10-17",
1405
- },
1406
- "PolicyName": "pattern1LambdaFunctionServiceRoleDefaultPolicy3DAB9197",
1407
- "Roles": Array [
1408
- Object {
1409
- "Ref": "pattern1LambdaFunctionServiceRoleEEE9B913",
1410
- },
1411
- ],
1412
- },
1413
- "Type": "AWS::IAM::Policy",
1414
- },
1415
- "pattern1LambdaFunctionServiceRoleEEE9B913": Object {
1416
- "Properties": Object {
1417
- "AssumeRolePolicyDocument": Object {
1418
- "Statement": Array [
1419
- Object {
1420
- "Action": "sts:AssumeRole",
1421
- "Effect": "Allow",
1422
- "Principal": Object {
1423
- "Service": "lambda.amazonaws.com",
1424
- },
1425
- },
1426
- ],
1427
- "Version": "2012-10-17",
1428
- },
1429
- "Policies": Array [
1430
- Object {
1431
- "PolicyDocument": Object {
1432
- "Statement": Array [
1433
- Object {
1434
- "Action": Array [
1435
- "logs:CreateLogGroup",
1436
- "logs:CreateLogStream",
1437
- "logs:PutLogEvents",
1438
- ],
1439
- "Effect": "Allow",
1440
- "Resource": Object {
1441
- "Fn::Join": Array [
1442
- "",
1443
- Array [
1444
- "arn:",
1445
- Object {
1446
- "Ref": "AWS::Partition",
1447
- },
1448
- ":logs:",
1449
- Object {
1450
- "Ref": "AWS::Region",
1451
- },
1452
- ":",
1453
- Object {
1454
- "Ref": "AWS::AccountId",
1455
- },
1456
- ":log-group:/aws/lambda/*",
1457
- ],
1458
- ],
1459
- },
1460
- },
1461
- ],
1462
- "Version": "2012-10-17",
1463
- },
1464
- "PolicyName": "LambdaFunctionServiceRolePolicy",
1465
- },
1466
- ],
1467
- },
1468
- "Type": "AWS::IAM::Role",
1469
- },
1470
- "pattern1LambdaRestApi6083801A": Object {
1471
- "Properties": Object {
1472
- "EndpointConfiguration": Object {
1473
- "Types": Array [
1474
- "EDGE",
1475
- ],
1476
- },
1477
- "Name": "LambdaRestApi",
1478
- },
1479
- "Type": "AWS::ApiGateway::RestApi",
1480
- },
1481
- "pattern1LambdaRestApiANY1CAD2ADA": Object {
1482
- "Properties": Object {
1483
- "AuthorizationType": "AWS_IAM",
1484
- "HttpMethod": "ANY",
1485
- "Integration": Object {
1486
- "IntegrationHttpMethod": "POST",
1487
- "Type": "AWS_PROXY",
1488
- "Uri": Object {
1489
- "Fn::Join": Array [
1490
- "",
1491
- Array [
1492
- "arn:",
1493
- Object {
1494
- "Ref": "AWS::Partition",
1495
- },
1496
- ":apigateway:",
1497
- Object {
1498
- "Ref": "AWS::Region",
1499
- },
1500
- ":lambda:path/2015-03-31/functions/",
1501
- Object {
1502
- "Fn::GetAtt": Array [
1503
- "pattern1LambdaFunction4AE2BC2A",
1504
- "Arn",
1505
- ],
1506
- },
1507
- "/invocations",
1508
- ],
1509
- ],
1510
- },
1511
- },
1512
- "ResourceId": Object {
1513
- "Fn::GetAtt": Array [
1514
- "pattern1LambdaRestApi6083801A",
1515
- "RootResourceId",
1516
- ],
1517
- },
1518
- "RestApiId": Object {
1519
- "Ref": "pattern1LambdaRestApi6083801A",
1520
- },
1521
- },
1522
- "Type": "AWS::ApiGateway::Method",
1523
- },
1524
- "pattern1LambdaRestApiANYApiPermissionTestpattern1LambdaRestApi3E9A122CANYFC4F7B13": Object {
1525
- "Properties": Object {
1526
- "Action": "lambda:InvokeFunction",
1527
- "FunctionName": Object {
1528
- "Fn::GetAtt": Array [
1529
- "pattern1LambdaFunction4AE2BC2A",
1530
- "Arn",
1531
- ],
1532
- },
1533
- "Principal": "apigateway.amazonaws.com",
1534
- "SourceArn": Object {
1535
- "Fn::Join": Array [
1536
- "",
1537
- Array [
1538
- "arn:",
1539
- Object {
1540
- "Ref": "AWS::Partition",
1541
- },
1542
- ":execute-api:",
1543
- Object {
1544
- "Ref": "AWS::Region",
1545
- },
1546
- ":",
1547
- Object {
1548
- "Ref": "AWS::AccountId",
1549
- },
1550
- ":",
1551
- Object {
1552
- "Ref": "pattern1LambdaRestApi6083801A",
1553
- },
1554
- "/test-invoke-stage/*/",
1555
- ],
1556
- ],
1557
- },
1558
- },
1559
- "Type": "AWS::Lambda::Permission",
1560
- },
1561
- "pattern1LambdaRestApiANYApiPermissionpattern1LambdaRestApi3E9A122CANY5D85A817": Object {
1562
- "Properties": Object {
1563
- "Action": "lambda:InvokeFunction",
1564
- "FunctionName": Object {
1565
- "Fn::GetAtt": Array [
1566
- "pattern1LambdaFunction4AE2BC2A",
1567
- "Arn",
1568
- ],
1569
- },
1570
- "Principal": "apigateway.amazonaws.com",
1571
- "SourceArn": Object {
1572
- "Fn::Join": Array [
1573
- "",
1574
- Array [
1575
- "arn:",
1576
- Object {
1577
- "Ref": "AWS::Partition",
1578
- },
1579
- ":execute-api:",
1580
- Object {
1581
- "Ref": "AWS::Region",
1582
- },
1583
- ":",
1584
- Object {
1585
- "Ref": "AWS::AccountId",
1586
- },
1587
- ":",
1588
- Object {
1589
- "Ref": "pattern1LambdaRestApi6083801A",
1590
- },
1591
- "/",
1592
- Object {
1593
- "Ref": "pattern1LambdaRestApiDeploymentStageprodFF2B9A97",
1594
- },
1595
- "/*/",
1596
- ],
1597
- ],
1598
- },
1599
- },
1600
- "Type": "AWS::Lambda::Permission",
1601
- },
1602
- "pattern1LambdaRestApiAccount52947E66": Object {
1603
- "DependsOn": Array [
1604
- "pattern1LambdaRestApi6083801A",
1605
- ],
1606
- "Properties": Object {
1607
- "CloudWatchRoleArn": Object {
1608
- "Fn::GetAtt": Array [
1609
- "pattern1LambdaRestApiCloudWatchRole41F462A6",
1610
- "Arn",
1611
- ],
1612
- },
1613
- },
1614
- "Type": "AWS::ApiGateway::Account",
1615
- },
1616
- "pattern1LambdaRestApiCloudWatchRole41F462A6": Object {
1617
- "Properties": Object {
1618
- "AssumeRolePolicyDocument": Object {
1619
- "Statement": Array [
1620
- Object {
1621
- "Action": "sts:AssumeRole",
1622
- "Effect": "Allow",
1623
- "Principal": Object {
1624
- "Service": "apigateway.amazonaws.com",
1625
- },
1626
- },
1627
- ],
1628
- "Version": "2012-10-17",
1629
- },
1630
- "Policies": Array [
1631
- Object {
1632
- "PolicyDocument": Object {
1633
- "Statement": Array [
1634
- Object {
1635
- "Action": Array [
1636
- "logs:CreateLogGroup",
1637
- "logs:CreateLogStream",
1638
- "logs:DescribeLogGroups",
1639
- "logs:DescribeLogStreams",
1640
- "logs:PutLogEvents",
1641
- "logs:GetLogEvents",
1642
- "logs:FilterLogEvents",
1643
- ],
1644
- "Effect": "Allow",
1645
- "Resource": Object {
1646
- "Fn::Join": Array [
1647
- "",
1648
- Array [
1649
- "arn:",
1650
- Object {
1651
- "Ref": "AWS::Partition",
1652
- },
1653
- ":logs:",
1654
- Object {
1655
- "Ref": "AWS::Region",
1656
- },
1657
- ":",
1658
- Object {
1659
- "Ref": "AWS::AccountId",
1660
- },
1661
- ":*",
1662
- ],
1663
- ],
1664
- },
1665
- },
1666
- ],
1667
- "Version": "2012-10-17",
1668
- },
1669
- "PolicyName": "LambdaRestApiCloudWatchRolePolicy",
1670
- },
1671
- ],
1672
- },
1673
- "Type": "AWS::IAM::Role",
1674
- },
1675
- "pattern1LambdaRestApiDeployment20DFD9B2573799e20d1a348378b393327f9c6e15": Object {
1676
- "DependsOn": Array [
1677
- "pattern1LambdaRestApiproxyANY9D2D185B",
1678
- "pattern1LambdaRestApiproxy6E65FF1B",
1679
- "pattern1LambdaRestApiANY1CAD2ADA",
1680
- ],
1681
- "Metadata": Object {
1682
- "cfn_nag": Object {
1683
- "rules_to_suppress": Array [
1684
- Object {
1685
- "id": "W45",
1686
- "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checkes for it in AWS::ApiGateway::Deployment resource",
1687
- },
1688
- ],
1689
- },
1690
- },
1691
- "Properties": Object {
1692
- "Description": "Automatically created by the RestApi construct",
1693
- "RestApiId": Object {
1694
- "Ref": "pattern1LambdaRestApi6083801A",
1695
- },
1696
- },
1697
- "Type": "AWS::ApiGateway::Deployment",
1698
- },
1699
- "pattern1LambdaRestApiDeploymentStageprodFF2B9A97": Object {
1700
- "Properties": Object {
1701
- "AccessLogSetting": Object {
1702
- "DestinationArn": Object {
1703
- "Fn::GetAtt": Array [
1704
- "pattern1ApiAccessLogGroupE3E8C305",
1705
- "Arn",
1706
- ],
1707
- },
1708
- "Format": "{\\"requestId\\":\\"$context.requestId\\",\\"ip\\":\\"$context.identity.sourceIp\\",\\"user\\":\\"$context.identity.user\\",\\"caller\\":\\"$context.identity.caller\\",\\"requestTime\\":\\"$context.requestTime\\",\\"httpMethod\\":\\"$context.httpMethod\\",\\"resourcePath\\":\\"$context.resourcePath\\",\\"status\\":\\"$context.status\\",\\"protocol\\":\\"$context.protocol\\",\\"responseLength\\":\\"$context.responseLength\\"}",
1709
- },
1710
- "DeploymentId": Object {
1711
- "Ref": "pattern1LambdaRestApiDeployment20DFD9B2573799e20d1a348378b393327f9c6e15",
1712
- },
1713
- "MethodSettings": Array [
1714
- Object {
1715
- "DataTraceEnabled": false,
1716
- "HttpMethod": "*",
1717
- "LoggingLevel": "INFO",
1718
- "ResourcePath": "/*",
1719
- },
1720
- ],
1721
- "RestApiId": Object {
1722
- "Ref": "pattern1LambdaRestApi6083801A",
1723
- },
1724
- "StageName": "prod",
1725
- "TracingEnabled": true,
1726
- },
1727
- "Type": "AWS::ApiGateway::Stage",
1728
- },
1729
- "pattern1LambdaRestApiUsagePlan77521F91": Object {
1730
- "Properties": Object {
1731
- "ApiStages": Array [
1732
- Object {
1733
- "ApiId": Object {
1734
- "Ref": "pattern1LambdaRestApi6083801A",
1735
- },
1736
- "Stage": Object {
1737
- "Ref": "pattern1LambdaRestApiDeploymentStageprodFF2B9A97",
1738
- },
1739
- "Throttle": Object {},
1740
- },
1741
- ],
1742
- },
1743
- "Type": "AWS::ApiGateway::UsagePlan",
1744
- },
1745
- "pattern1LambdaRestApiproxy6E65FF1B": Object {
1746
- "Properties": Object {
1747
- "ParentId": Object {
1748
- "Fn::GetAtt": Array [
1749
- "pattern1LambdaRestApi6083801A",
1750
- "RootResourceId",
1751
- ],
1752
- },
1753
- "PathPart": "{proxy+}",
1754
- "RestApiId": Object {
1755
- "Ref": "pattern1LambdaRestApi6083801A",
1756
- },
1757
- },
1758
- "Type": "AWS::ApiGateway::Resource",
1759
- },
1760
- "pattern1LambdaRestApiproxyANY9D2D185B": Object {
1761
- "Properties": Object {
1762
- "AuthorizationType": "AWS_IAM",
1763
- "HttpMethod": "ANY",
1764
- "Integration": Object {
1765
- "IntegrationHttpMethod": "POST",
1766
- "Type": "AWS_PROXY",
1767
- "Uri": Object {
1768
- "Fn::Join": Array [
1769
- "",
1770
- Array [
1771
- "arn:",
1772
- Object {
1773
- "Ref": "AWS::Partition",
1774
- },
1775
- ":apigateway:",
1776
- Object {
1777
- "Ref": "AWS::Region",
1778
- },
1779
- ":lambda:path/2015-03-31/functions/",
1780
- Object {
1781
- "Fn::GetAtt": Array [
1782
- "pattern1LambdaFunction4AE2BC2A",
1783
- "Arn",
1784
- ],
1785
- },
1786
- "/invocations",
1787
- ],
1788
- ],
1789
- },
1790
- },
1791
- "ResourceId": Object {
1792
- "Ref": "pattern1LambdaRestApiproxy6E65FF1B",
1793
- },
1794
- "RestApiId": Object {
1795
- "Ref": "pattern1LambdaRestApi6083801A",
1796
- },
1797
- },
1798
- "Type": "AWS::ApiGateway::Method",
1799
- },
1800
- "pattern1LambdaRestApiproxyANYApiPermissionTestpattern1LambdaRestApi3E9A122CANYproxy0211E18E": Object {
1801
- "Properties": Object {
1802
- "Action": "lambda:InvokeFunction",
1803
- "FunctionName": Object {
1804
- "Fn::GetAtt": Array [
1805
- "pattern1LambdaFunction4AE2BC2A",
1806
- "Arn",
1807
- ],
1808
- },
1809
- "Principal": "apigateway.amazonaws.com",
1810
- "SourceArn": Object {
1811
- "Fn::Join": Array [
1812
- "",
1813
- Array [
1814
- "arn:",
1815
- Object {
1816
- "Ref": "AWS::Partition",
1817
- },
1818
- ":execute-api:",
1819
- Object {
1820
- "Ref": "AWS::Region",
1821
- },
1822
- ":",
1823
- Object {
1824
- "Ref": "AWS::AccountId",
1825
- },
1826
- ":",
1827
- Object {
1828
- "Ref": "pattern1LambdaRestApi6083801A",
1829
- },
1830
- "/test-invoke-stage/*/*",
1831
- ],
1832
- ],
1833
- },
1834
- },
1835
- "Type": "AWS::Lambda::Permission",
1836
- },
1837
- "pattern1LambdaRestApiproxyANYApiPermissionpattern1LambdaRestApi3E9A122CANYproxy35F22AD4": Object {
1838
- "Properties": Object {
1839
- "Action": "lambda:InvokeFunction",
1840
- "FunctionName": Object {
1841
- "Fn::GetAtt": Array [
1842
- "pattern1LambdaFunction4AE2BC2A",
1843
- "Arn",
1844
- ],
1845
- },
1846
- "Principal": "apigateway.amazonaws.com",
1847
- "SourceArn": Object {
1848
- "Fn::Join": Array [
1849
- "",
1850
- Array [
1851
- "arn:",
1852
- Object {
1853
- "Ref": "AWS::Partition",
1854
- },
1855
- ":execute-api:",
1856
- Object {
1857
- "Ref": "AWS::Region",
1858
- },
1859
- ":",
1860
- Object {
1861
- "Ref": "AWS::AccountId",
1862
- },
1863
- ":",
1864
- Object {
1865
- "Ref": "pattern1LambdaRestApi6083801A",
1866
- },
1867
- "/",
1868
- Object {
1869
- "Ref": "pattern1LambdaRestApiDeploymentStageprodFF2B9A97",
1870
- },
1871
- "/*/*",
1872
- ],
1873
- ],
1874
- },
1875
- },
1876
- "Type": "AWS::Lambda::Permission",
1877
- },
1878
- "pattern2ApiAccessLogGroup6E2029E1": Object {
1879
- "DeletionPolicy": "Retain",
1880
- "Metadata": Object {
1881
- "cfn_nag": Object {
1882
- "rules_to_suppress": Array [
1883
- Object {
1884
- "id": "W86",
1885
- "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely",
1886
- },
1887
- Object {
1888
- "id": "W84",
1889
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)",
1890
- },
1891
- ],
1892
- },
1893
- },
1894
- "Type": "AWS::Logs::LogGroup",
1895
- "UpdateReplacePolicy": "Retain",
1896
- },
1897
- "pattern2LambdaFunction20E7E90C": Object {
1898
- "DependsOn": Array [
1899
- "pattern2LambdaFunctionServiceRoleDefaultPolicyB413F001",
1900
- "pattern2LambdaFunctionServiceRoleF8D0D0F1",
1901
- ],
1902
- "Metadata": Object {
1903
- "cfn_nag": Object {
1904
- "rules_to_suppress": Array [
1905
- Object {
1906
- "id": "W58",
1907
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.",
1908
- },
1909
- Object {
1910
- "id": "W89",
1911
- "reason": "This is not a rule for the general case, just for specific use cases/industries",
1912
- },
1913
- Object {
1914
- "id": "W92",
1915
- "reason": "Impossible for us to define the correct concurrency for clients",
1916
- },
1917
- ],
1918
- },
1919
- },
1920
- "Properties": Object {
1921
- "Code": Object {
1922
- "S3Bucket": Object {
1923
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3Bucket749AC458",
1924
- },
1925
- "S3Key": Object {
1926
- "Fn::Join": Array [
1927
- "",
1928
- Array [
1929
- Object {
1930
- "Fn::Select": Array [
1931
- 0,
1932
- Object {
1933
- "Fn::Split": Array [
1934
- "||",
1935
- Object {
1936
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
1937
- },
1938
- ],
1939
- },
1940
- ],
1941
- },
1942
- Object {
1943
- "Fn::Select": Array [
1944
- 1,
1945
- Object {
1946
- "Fn::Split": Array [
1947
- "||",
1948
- Object {
1949
- "Ref": "AssetParameters8efd3dd9643a4d64a128ad582cab718a1e464bcc719bbbcf0e7b0481188a0420S3VersionKeyFF5CC16D",
1950
- },
1951
- ],
1952
- },
1953
- ],
1954
- },
1955
- ],
1956
- ],
1957
- },
1958
- },
1959
- "Environment": Object {
1960
- "Variables": Object {
1961
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
1962
- },
1963
- },
1964
- "Handler": "index.handler",
1965
- "Role": Object {
1966
- "Fn::GetAtt": Array [
1967
- "pattern2LambdaFunctionServiceRoleF8D0D0F1",
1968
- "Arn",
1969
- ],
1970
- },
1971
- "Runtime": "nodejs10.x",
1972
- "TracingConfig": Object {
1973
- "Mode": "Active",
1974
- },
1975
- },
1976
- "Type": "AWS::Lambda::Function",
1977
- },
1978
- "pattern2LambdaFunctionServiceRoleDefaultPolicyB413F001": Object {
1979
- "Metadata": Object {
1980
- "cfn_nag": Object {
1981
- "rules_to_suppress": Array [
1982
- Object {
1983
- "id": "W12",
1984
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.",
1985
- },
1986
- ],
1987
- },
1988
- },
1989
- "Properties": Object {
1990
- "PolicyDocument": Object {
1991
- "Statement": Array [
1992
- Object {
1993
- "Action": Array [
1994
- "xray:PutTraceSegments",
1995
- "xray:PutTelemetryRecords",
1996
- ],
1997
- "Effect": "Allow",
1998
- "Resource": "*",
1999
- },
2000
- ],
2001
- "Version": "2012-10-17",
2002
- },
2003
- "PolicyName": "pattern2LambdaFunctionServiceRoleDefaultPolicyB413F001",
2004
- "Roles": Array [
2005
- Object {
2006
- "Ref": "pattern2LambdaFunctionServiceRoleF8D0D0F1",
2007
- },
2008
- ],
2009
- },
2010
- "Type": "AWS::IAM::Policy",
2011
- },
2012
- "pattern2LambdaFunctionServiceRoleF8D0D0F1": Object {
2013
- "Properties": Object {
2014
- "AssumeRolePolicyDocument": Object {
2015
- "Statement": Array [
2016
- Object {
2017
- "Action": "sts:AssumeRole",
2018
- "Effect": "Allow",
2019
- "Principal": Object {
2020
- "Service": "lambda.amazonaws.com",
2021
- },
2022
- },
2023
- ],
2024
- "Version": "2012-10-17",
2025
- },
2026
- "Policies": Array [
2027
- Object {
2028
- "PolicyDocument": Object {
2029
- "Statement": Array [
2030
- Object {
2031
- "Action": Array [
2032
- "logs:CreateLogGroup",
2033
- "logs:CreateLogStream",
2034
- "logs:PutLogEvents",
2035
- ],
2036
- "Effect": "Allow",
2037
- "Resource": Object {
2038
- "Fn::Join": Array [
2039
- "",
2040
- Array [
2041
- "arn:",
2042
- Object {
2043
- "Ref": "AWS::Partition",
2044
- },
2045
- ":logs:",
2046
- Object {
2047
- "Ref": "AWS::Region",
2048
- },
2049
- ":",
2050
- Object {
2051
- "Ref": "AWS::AccountId",
2052
- },
2053
- ":log-group:/aws/lambda/*",
2054
- ],
2055
- ],
2056
- },
2057
- },
2058
- ],
2059
- "Version": "2012-10-17",
2060
- },
2061
- "PolicyName": "LambdaFunctionServiceRolePolicy",
2062
- },
2063
- ],
2064
- },
2065
- "Type": "AWS::IAM::Role",
2066
- },
2067
- "pattern2LambdaRestApi7106C394": Object {
2068
- "Properties": Object {
2069
- "EndpointConfiguration": Object {
2070
- "Types": Array [
2071
- "EDGE",
2072
- ],
2073
- },
2074
- "Name": "LambdaRestApi",
2075
- },
2076
- "Type": "AWS::ApiGateway::RestApi",
2077
- },
2078
- "pattern2LambdaRestApiANY3965E74E": Object {
2079
- "Properties": Object {
2080
- "AuthorizationType": "AWS_IAM",
2081
- "HttpMethod": "ANY",
2082
- "Integration": Object {
2083
- "IntegrationHttpMethod": "POST",
2084
- "Type": "AWS_PROXY",
2085
- "Uri": Object {
2086
- "Fn::Join": Array [
2087
- "",
2088
- Array [
2089
- "arn:",
2090
- Object {
2091
- "Ref": "AWS::Partition",
2092
- },
2093
- ":apigateway:",
2094
- Object {
2095
- "Ref": "AWS::Region",
2096
- },
2097
- ":lambda:path/2015-03-31/functions/",
2098
- Object {
2099
- "Fn::GetAtt": Array [
2100
- "pattern2LambdaFunction20E7E90C",
2101
- "Arn",
2102
- ],
2103
- },
2104
- "/invocations",
2105
- ],
2106
- ],
2107
- },
2108
- },
2109
- "ResourceId": Object {
2110
- "Fn::GetAtt": Array [
2111
- "pattern2LambdaRestApi7106C394",
2112
- "RootResourceId",
2113
- ],
2114
- },
2115
- "RestApiId": Object {
2116
- "Ref": "pattern2LambdaRestApi7106C394",
2117
- },
2118
- },
2119
- "Type": "AWS::ApiGateway::Method",
2120
- },
2121
- "pattern2LambdaRestApiANYApiPermissionTestpattern2LambdaRestApiA2DE99CBANY576A0FE3": Object {
2122
- "Properties": Object {
2123
- "Action": "lambda:InvokeFunction",
2124
- "FunctionName": Object {
2125
- "Fn::GetAtt": Array [
2126
- "pattern2LambdaFunction20E7E90C",
2127
- "Arn",
2128
- ],
2129
- },
2130
- "Principal": "apigateway.amazonaws.com",
2131
- "SourceArn": Object {
2132
- "Fn::Join": Array [
2133
- "",
2134
- Array [
2135
- "arn:",
2136
- Object {
2137
- "Ref": "AWS::Partition",
2138
- },
2139
- ":execute-api:",
2140
- Object {
2141
- "Ref": "AWS::Region",
2142
- },
2143
- ":",
2144
- Object {
2145
- "Ref": "AWS::AccountId",
2146
- },
2147
- ":",
2148
- Object {
2149
- "Ref": "pattern2LambdaRestApi7106C394",
2150
- },
2151
- "/test-invoke-stage/*/",
2152
- ],
2153
- ],
2154
- },
2155
- },
2156
- "Type": "AWS::Lambda::Permission",
2157
- },
2158
- "pattern2LambdaRestApiANYApiPermissionpattern2LambdaRestApiA2DE99CBANYBCC44A2F": Object {
2159
- "Properties": Object {
2160
- "Action": "lambda:InvokeFunction",
2161
- "FunctionName": Object {
2162
- "Fn::GetAtt": Array [
2163
- "pattern2LambdaFunction20E7E90C",
2164
- "Arn",
2165
- ],
2166
- },
2167
- "Principal": "apigateway.amazonaws.com",
2168
- "SourceArn": Object {
2169
- "Fn::Join": Array [
2170
- "",
2171
- Array [
2172
- "arn:",
2173
- Object {
2174
- "Ref": "AWS::Partition",
2175
- },
2176
- ":execute-api:",
2177
- Object {
2178
- "Ref": "AWS::Region",
2179
- },
2180
- ":",
2181
- Object {
2182
- "Ref": "AWS::AccountId",
2183
- },
2184
- ":",
2185
- Object {
2186
- "Ref": "pattern2LambdaRestApi7106C394",
2187
- },
2188
- "/",
2189
- Object {
2190
- "Ref": "pattern2LambdaRestApiDeploymentStageprod134BC514",
2191
- },
2192
- "/*/",
2193
- ],
2194
- ],
2195
- },
2196
- },
2197
- "Type": "AWS::Lambda::Permission",
2198
- },
2199
- "pattern2LambdaRestApiAccount4E75931C": Object {
2200
- "DependsOn": Array [
2201
- "pattern2LambdaRestApi7106C394",
2202
- ],
2203
- "Properties": Object {
2204
- "CloudWatchRoleArn": Object {
2205
- "Fn::GetAtt": Array [
2206
- "pattern2LambdaRestApiCloudWatchRoleCF2A5520",
2207
- "Arn",
2208
- ],
2209
- },
2210
- },
2211
- "Type": "AWS::ApiGateway::Account",
2212
- },
2213
- "pattern2LambdaRestApiCloudWatchRoleCF2A5520": Object {
2214
- "Properties": Object {
2215
- "AssumeRolePolicyDocument": Object {
2216
- "Statement": Array [
2217
- Object {
2218
- "Action": "sts:AssumeRole",
2219
- "Effect": "Allow",
2220
- "Principal": Object {
2221
- "Service": "apigateway.amazonaws.com",
2222
- },
2223
- },
2224
- ],
2225
- "Version": "2012-10-17",
2226
- },
2227
- "Policies": Array [
2228
- Object {
2229
- "PolicyDocument": Object {
2230
- "Statement": Array [
2231
- Object {
2232
- "Action": Array [
2233
- "logs:CreateLogGroup",
2234
- "logs:CreateLogStream",
2235
- "logs:DescribeLogGroups",
2236
- "logs:DescribeLogStreams",
2237
- "logs:PutLogEvents",
2238
- "logs:GetLogEvents",
2239
- "logs:FilterLogEvents",
2240
- ],
2241
- "Effect": "Allow",
2242
- "Resource": Object {
2243
- "Fn::Join": Array [
2244
- "",
2245
- Array [
2246
- "arn:",
2247
- Object {
2248
- "Ref": "AWS::Partition",
2249
- },
2250
- ":logs:",
2251
- Object {
2252
- "Ref": "AWS::Region",
2253
- },
2254
- ":",
2255
- Object {
2256
- "Ref": "AWS::AccountId",
2257
- },
2258
- ":*",
2259
- ],
2260
- ],
2261
- },
2262
- },
2263
- ],
2264
- "Version": "2012-10-17",
2265
- },
2266
- "PolicyName": "LambdaRestApiCloudWatchRolePolicy",
2267
- },
2268
- ],
2269
- },
2270
- "Type": "AWS::IAM::Role",
2271
- },
2272
- "pattern2LambdaRestApiDeployment016BF0A2ac361352807d6a8d0a15c582caf0e0e8": Object {
2273
- "DependsOn": Array [
2274
- "pattern2LambdaRestApiproxyANY4C5559C6",
2275
- "pattern2LambdaRestApiproxy541AAB3E",
2276
- "pattern2LambdaRestApiANY3965E74E",
2277
- ],
2278
- "Metadata": Object {
2279
- "cfn_nag": Object {
2280
- "rules_to_suppress": Array [
2281
- Object {
2282
- "id": "W45",
2283
- "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checkes for it in AWS::ApiGateway::Deployment resource",
2284
- },
2285
- ],
2286
- },
2287
- },
2288
- "Properties": Object {
2289
- "Description": "Automatically created by the RestApi construct",
2290
- "RestApiId": Object {
2291
- "Ref": "pattern2LambdaRestApi7106C394",
2292
- },
2293
- },
2294
- "Type": "AWS::ApiGateway::Deployment",
2295
- },
2296
- "pattern2LambdaRestApiDeploymentStageprod134BC514": Object {
2297
- "Properties": Object {
2298
- "AccessLogSetting": Object {
2299
- "DestinationArn": Object {
2300
- "Fn::GetAtt": Array [
2301
- "pattern2ApiAccessLogGroup6E2029E1",
2302
- "Arn",
2303
- ],
2304
- },
2305
- "Format": "{\\"requestId\\":\\"$context.requestId\\",\\"ip\\":\\"$context.identity.sourceIp\\",\\"user\\":\\"$context.identity.user\\",\\"caller\\":\\"$context.identity.caller\\",\\"requestTime\\":\\"$context.requestTime\\",\\"httpMethod\\":\\"$context.httpMethod\\",\\"resourcePath\\":\\"$context.resourcePath\\",\\"status\\":\\"$context.status\\",\\"protocol\\":\\"$context.protocol\\",\\"responseLength\\":\\"$context.responseLength\\"}",
2306
- },
2307
- "DeploymentId": Object {
2308
- "Ref": "pattern2LambdaRestApiDeployment016BF0A2ac361352807d6a8d0a15c582caf0e0e8",
2309
- },
2310
- "MethodSettings": Array [
2311
- Object {
2312
- "DataTraceEnabled": false,
2313
- "HttpMethod": "*",
2314
- "LoggingLevel": "INFO",
2315
- "ResourcePath": "/*",
2316
- },
2317
- ],
2318
- "RestApiId": Object {
2319
- "Ref": "pattern2LambdaRestApi7106C394",
2320
- },
2321
- "StageName": "prod",
2322
- "TracingEnabled": true,
2323
- },
2324
- "Type": "AWS::ApiGateway::Stage",
2325
- },
2326
- "pattern2LambdaRestApiUsagePlanBA5CA2BD": Object {
2327
- "Properties": Object {
2328
- "ApiStages": Array [
2329
- Object {
2330
- "ApiId": Object {
2331
- "Ref": "pattern2LambdaRestApi7106C394",
2332
- },
2333
- "Stage": Object {
2334
- "Ref": "pattern2LambdaRestApiDeploymentStageprod134BC514",
2335
- },
2336
- "Throttle": Object {},
2337
- },
2338
- ],
2339
- },
2340
- "Type": "AWS::ApiGateway::UsagePlan",
2341
- },
2342
- "pattern2LambdaRestApiproxy541AAB3E": Object {
2343
- "Properties": Object {
2344
- "ParentId": Object {
2345
- "Fn::GetAtt": Array [
2346
- "pattern2LambdaRestApi7106C394",
2347
- "RootResourceId",
2348
- ],
2349
- },
2350
- "PathPart": "{proxy+}",
2351
- "RestApiId": Object {
2352
- "Ref": "pattern2LambdaRestApi7106C394",
2353
- },
2354
- },
2355
- "Type": "AWS::ApiGateway::Resource",
2356
- },
2357
- "pattern2LambdaRestApiproxyANY4C5559C6": Object {
2358
- "Properties": Object {
2359
- "AuthorizationType": "AWS_IAM",
2360
- "HttpMethod": "ANY",
2361
- "Integration": Object {
2362
- "IntegrationHttpMethod": "POST",
2363
- "Type": "AWS_PROXY",
2364
- "Uri": Object {
2365
- "Fn::Join": Array [
2366
- "",
2367
- Array [
2368
- "arn:",
2369
- Object {
2370
- "Ref": "AWS::Partition",
2371
- },
2372
- ":apigateway:",
2373
- Object {
2374
- "Ref": "AWS::Region",
2375
- },
2376
- ":lambda:path/2015-03-31/functions/",
2377
- Object {
2378
- "Fn::GetAtt": Array [
2379
- "pattern2LambdaFunction20E7E90C",
2380
- "Arn",
2381
- ],
2382
- },
2383
- "/invocations",
2384
- ],
2385
- ],
2386
- },
2387
- },
2388
- "ResourceId": Object {
2389
- "Ref": "pattern2LambdaRestApiproxy541AAB3E",
2390
- },
2391
- "RestApiId": Object {
2392
- "Ref": "pattern2LambdaRestApi7106C394",
2393
- },
2394
- },
2395
- "Type": "AWS::ApiGateway::Method",
2396
- },
2397
- "pattern2LambdaRestApiproxyANYApiPermissionTestpattern2LambdaRestApiA2DE99CBANYproxy309B7F1D": Object {
2398
- "Properties": Object {
2399
- "Action": "lambda:InvokeFunction",
2400
- "FunctionName": Object {
2401
- "Fn::GetAtt": Array [
2402
- "pattern2LambdaFunction20E7E90C",
2403
- "Arn",
2404
- ],
2405
- },
2406
- "Principal": "apigateway.amazonaws.com",
2407
- "SourceArn": Object {
2408
- "Fn::Join": Array [
2409
- "",
2410
- Array [
2411
- "arn:",
2412
- Object {
2413
- "Ref": "AWS::Partition",
2414
- },
2415
- ":execute-api:",
2416
- Object {
2417
- "Ref": "AWS::Region",
2418
- },
2419
- ":",
2420
- Object {
2421
- "Ref": "AWS::AccountId",
2422
- },
2423
- ":",
2424
- Object {
2425
- "Ref": "pattern2LambdaRestApi7106C394",
2426
- },
2427
- "/test-invoke-stage/*/*",
2428
- ],
2429
- ],
2430
- },
2431
- },
2432
- "Type": "AWS::Lambda::Permission",
2433
- },
2434
- "pattern2LambdaRestApiproxyANYApiPermissionpattern2LambdaRestApiA2DE99CBANYproxyD2FED300": Object {
2435
- "Properties": Object {
2436
- "Action": "lambda:InvokeFunction",
2437
- "FunctionName": Object {
2438
- "Fn::GetAtt": Array [
2439
- "pattern2LambdaFunction20E7E90C",
2440
- "Arn",
2441
- ],
2442
- },
2443
- "Principal": "apigateway.amazonaws.com",
2444
- "SourceArn": Object {
2445
- "Fn::Join": Array [
2446
- "",
2447
- Array [
2448
- "arn:",
2449
- Object {
2450
- "Ref": "AWS::Partition",
2451
- },
2452
- ":execute-api:",
2453
- Object {
2454
- "Ref": "AWS::Region",
2455
- },
2456
- ":",
2457
- Object {
2458
- "Ref": "AWS::AccountId",
2459
- },
2460
- ":",
2461
- Object {
2462
- "Ref": "pattern2LambdaRestApi7106C394",
2463
- },
2464
- "/",
2465
- Object {
2466
- "Ref": "pattern2LambdaRestApiDeploymentStageprod134BC514",
2467
- },
2468
- "/*/*",
2469
- ],
2470
- ],
2471
- },
2472
- },
2473
- "Type": "AWS::Lambda::Permission",
2474
- },
2475
- },
2476
- }
2477
- `;