@aws-solutions-constructs/aws-cloudfront-apigateway-lambda 2.50.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +51 -6
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +14 -13
  6. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js +6 -3
  7. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +10 -0
  8. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  9. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cdk.out +1 -0
  10. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplam-customCloudfrontLoggingBucket.assets.json +45 -0
  11. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplam-customCloudfrontLoggingBucket.template.json +1348 -0
  12. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplamcustomCloudfrontLoggingBucketIntegDefaultTestDeployAssert35A683E0.assets.json +19 -0
  13. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplamcustomCloudfrontLoggingBucketIntegDefaultTestDeployAssert35A683E0.template.json +36 -0
  14. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/integ.json +12 -0
  15. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/manifest.json +299 -0
  16. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/tree.json +1775 -0
  17. package/test/integ.cftaplam-no-arguments.js +6 -3
  18. package/test/integ.cftaplam-no-arguments.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +10 -0
  19. package/test/integ.cftaplam-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  20. package/test/integ.cftaplam-no-arguments.js.snapshot/cdk.out +1 -0
  21. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplam-no-arguments.assets.json +45 -0
  22. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplam-no-arguments.template.json +1348 -0
  23. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplamnoargumentsIntegDefaultTestDeployAssertACC32F59.assets.json +19 -0
  24. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplamnoargumentsIntegDefaultTestDeployAssertACC32F59.template.json +36 -0
  25. package/test/integ.cftaplam-no-arguments.js.snapshot/integ.json +12 -0
  26. package/test/integ.cftaplam-no-arguments.js.snapshot/manifest.json +299 -0
  27. package/test/integ.cftaplam-no-arguments.js.snapshot/tree.json +1775 -0
  28. package/test/integ.cftaplam-override-behavior.js +6 -3
  29. package/test/integ.cftaplam-override-behavior.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +10 -0
  30. package/test/integ.cftaplam-override-behavior.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  31. package/test/integ.cftaplam-override-behavior.js.snapshot/cdk.out +1 -0
  32. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplam-override-behavior.assets.json +45 -0
  33. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplam-override-behavior.template.json +1407 -0
  34. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplamoverridebehaviorIntegDefaultTestDeployAssert3DC30427.assets.json +19 -0
  35. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplamoverridebehaviorIntegDefaultTestDeployAssert3DC30427.template.json +36 -0
  36. package/test/integ.cftaplam-override-behavior.js.snapshot/integ.json +12 -0
  37. package/test/integ.cftaplam-override-behavior.js.snapshot/manifest.json +305 -0
  38. package/test/integ.cftaplam-override-behavior.js.snapshot/tree.json +1859 -0
  39. package/test/integ.cftaplam-customCloudfrontLoggingBucket.expected.json +0 -1347
  40. package/test/integ.cftaplam-no-arguments.expected.json +0 -1347
  41. package/test/integ.cftaplam-override-behavior.expected.json +0 -1406
package/test/integ.cftaplam-customCloudfrontLoggingBucket.expected.json DELETED
@@ -1,1347 +0,0 @@
1
- {
2
- "Description": "Integration Test for aws-cloudfront-apigateway-lambda custom Cloudfront Logging Bucket",
3
- "Resources": {
4
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunctionServiceRole00AAA44C": {
5
- "Type": "AWS::IAM::Role",
6
- "Properties": {
7
- "AssumeRolePolicyDocument": {
8
- "Statement": [
9
- {
10
- "Action": "sts:AssumeRole",
11
- "Effect": "Allow",
12
- "Principal": {
13
- "Service": "lambda.amazonaws.com"
14
- }
15
- }
16
- ],
17
- "Version": "2012-10-17"
18
- },
19
- "ManagedPolicyArns": [
20
- {
21
- "Fn::Join": [
22
- "",
23
- [
24
- "arn:",
25
- {
26
- "Ref": "AWS::Partition"
27
- },
28
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
29
- ]
30
- ]
31
- }
32
- ]
33
- }
34
- },
35
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunction86ECA8C3": {
36
- "Type": "AWS::Lambda::Function",
37
- "Properties": {
38
- "Code": {
39
- "S3Bucket": {
40
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
41
- },
42
- "S3Key": "42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c.zip"
43
- },
44
- "Handler": ".handler",
45
- "Role": {
46
- "Fn::GetAtt": [
47
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunctionServiceRole00AAA44C",
48
- "Arn"
49
- ]
50
- },
51
- "Runtime": "nodejs16.x"
52
- },
53
- "DependsOn": [
54
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunctionServiceRole00AAA44C"
55
- ],
56
- "Metadata": {
57
- "cfn_nag": {
58
- "rules_to_suppress": [
59
- {
60
- "id": "W58",
61
- "reason": "Test Resource"
62
- },
63
- {
64
- "id": "W89",
65
- "reason": "Test Resource"
66
- },
67
- {
68
- "id": "W92",
69
- "reason": "Test Resource"
70
- }
71
- ]
72
- }
73
- }
74
- },
75
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunctioncftaplamcustomCloudfrontLoggingBucketcftaplamcustomCloudfrontLoggingBucketauthorizer02C97B0FPermissionsBF8A1A3B": {
76
- "Type": "AWS::Lambda::Permission",
77
- "Properties": {
78
- "Action": "lambda:InvokeFunction",
79
- "FunctionName": {
80
- "Fn::GetAtt": [
81
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunction86ECA8C3",
82
- "Arn"
83
- ]
84
- },
85
- "Principal": "apigateway.amazonaws.com",
86
- "SourceArn": {
87
- "Fn::Join": [
88
- "",
89
- [
90
- "arn:",
91
- {
92
- "Ref": "AWS::Partition"
93
- },
94
- ":execute-api:",
95
- {
96
- "Ref": "AWS::Region"
97
- },
98
- ":",
99
- {
100
- "Ref": "AWS::AccountId"
101
- },
102
- ":",
103
- {
104
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
105
- },
106
- "/authorizers/",
107
- {
108
- "Ref": "cftaplamcustomCloudfrontLoggingBucketauthorizer4D180075"
109
- }
110
- ]
111
- ]
112
- }
113
- }
114
- },
115
- "cftaplamcustomCloudfrontLoggingBucketauthorizer4D180075": {
116
- "Type": "AWS::ApiGateway::Authorizer",
117
- "Properties": {
118
- "AuthorizerResultTtlInSeconds": 300,
119
- "AuthorizerUri": {
120
- "Fn::Join": [
121
- "",
122
- [
123
- "arn:",
124
- {
125
- "Fn::Select": [
126
- 1,
127
- {
128
- "Fn::Split": [
129
- ":",
130
- {
131
- "Fn::GetAtt": [
132
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunction86ECA8C3",
133
- "Arn"
134
- ]
135
- }
136
- ]
137
- }
138
- ]
139
- },
140
- ":apigateway:",
141
- {
142
- "Fn::Select": [
143
- 3,
144
- {
145
- "Fn::Split": [
146
- ":",
147
- {
148
- "Fn::GetAtt": [
149
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunction86ECA8C3",
150
- "Arn"
151
- ]
152
- }
153
- ]
154
- }
155
- ]
156
- },
157
- ":lambda:path/2015-03-31/functions/",
158
- {
159
- "Fn::GetAtt": [
160
- "cftaplamcustomCloudfrontLoggingBucketauthorizerAuthFunction86ECA8C3",
161
- "Arn"
162
- ]
163
- },
164
- "/invocations"
165
- ]
166
- ]
167
- },
168
- "IdentitySource": "method.request.header.Authorization",
169
- "Name": "cftaplamcustomCloudfrontLoggingBucketcftaplamcustomCloudfrontLoggingBucketauthorizer02C97B0F",
170
- "RestApiId": {
171
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
172
- },
173
- "Type": "REQUEST"
174
- }
175
- },
176
- "cfapigwlambdaLambdaFunctionServiceRole9B40D826": {
177
- "Type": "AWS::IAM::Role",
178
- "Properties": {
179
- "AssumeRolePolicyDocument": {
180
- "Statement": [
181
- {
182
- "Action": "sts:AssumeRole",
183
- "Effect": "Allow",
184
- "Principal": {
185
- "Service": "lambda.amazonaws.com"
186
- }
187
- }
188
- ],
189
- "Version": "2012-10-17"
190
- },
191
- "Policies": [
192
- {
193
- "PolicyDocument": {
194
- "Statement": [
195
- {
196
- "Action": [
197
- "logs:CreateLogGroup",
198
- "logs:CreateLogStream",
199
- "logs:PutLogEvents"
200
- ],
201
- "Effect": "Allow",
202
- "Resource": {
203
- "Fn::Join": [
204
- "",
205
- [
206
- "arn:",
207
- {
208
- "Ref": "AWS::Partition"
209
- },
210
- ":logs:",
211
- {
212
- "Ref": "AWS::Region"
213
- },
214
- ":",
215
- {
216
- "Ref": "AWS::AccountId"
217
- },
218
- ":log-group:/aws/lambda/*"
219
- ]
220
- ]
221
- }
222
- }
223
- ],
224
- "Version": "2012-10-17"
225
- },
226
- "PolicyName": "LambdaFunctionServiceRolePolicy"
227
- }
228
- ]
229
- }
230
- },
231
- "cfapigwlambdaLambdaFunctionServiceRoleDefaultPolicy388158BB": {
232
- "Type": "AWS::IAM::Policy",
233
- "Properties": {
234
- "PolicyDocument": {
235
- "Statement": [
236
- {
237
- "Action": [
238
- "xray:PutTraceSegments",
239
- "xray:PutTelemetryRecords"
240
- ],
241
- "Effect": "Allow",
242
- "Resource": "*"
243
- }
244
- ],
245
- "Version": "2012-10-17"
246
- },
247
- "PolicyName": "cfapigwlambdaLambdaFunctionServiceRoleDefaultPolicy388158BB",
248
- "Roles": [
249
- {
250
- "Ref": "cfapigwlambdaLambdaFunctionServiceRole9B40D826"
251
- }
252
- ]
253
- },
254
- "Metadata": {
255
- "cfn_nag": {
256
- "rules_to_suppress": [
257
- {
258
- "id": "W12",
259
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
260
- }
261
- ]
262
- }
263
- }
264
- },
265
- "cfapigwlambdaLambdaFunction10C09D31": {
266
- "Type": "AWS::Lambda::Function",
267
- "Properties": {
268
- "Code": {
269
- "S3Bucket": {
270
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
271
- },
272
- "S3Key": "42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c.zip"
273
- },
274
- "Environment": {
275
- "Variables": {
276
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
277
- }
278
- },
279
- "Handler": "index.handler",
280
- "Role": {
281
- "Fn::GetAtt": [
282
- "cfapigwlambdaLambdaFunctionServiceRole9B40D826",
283
- "Arn"
284
- ]
285
- },
286
- "Runtime": "nodejs16.x",
287
- "TracingConfig": {
288
- "Mode": "Active"
289
- }
290
- },
291
- "DependsOn": [
292
- "cfapigwlambdaLambdaFunctionServiceRoleDefaultPolicy388158BB",
293
- "cfapigwlambdaLambdaFunctionServiceRole9B40D826"
294
- ],
295
- "Metadata": {
296
- "cfn_nag": {
297
- "rules_to_suppress": [
298
- {
299
- "id": "W58",
300
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
301
- },
302
- {
303
- "id": "W89",
304
- "reason": "This is not a rule for the general case, just for specific use cases/industries"
305
- },
306
- {
307
- "id": "W92",
308
- "reason": "Impossible for us to define the correct concurrency for clients"
309
- }
310
- ]
311
- }
312
- }
313
- },
314
- "cfapigwlambdaApiAccessLogGroup16C73450": {
315
- "Type": "AWS::Logs::LogGroup",
316
- "UpdateReplacePolicy": "Retain",
317
- "DeletionPolicy": "Retain",
318
- "Metadata": {
319
- "cfn_nag": {
320
- "rules_to_suppress": [
321
- {
322
- "id": "W86",
323
- "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely"
324
- },
325
- {
326
- "id": "W84",
327
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
328
- }
329
- ]
330
- }
331
- }
332
- },
333
- "cfapigwlambdaLambdaRestApi775C255B": {
334
- "Type": "AWS::ApiGateway::RestApi",
335
- "Properties": {
336
- "EndpointConfiguration": {
337
- "Types": [
338
- "REGIONAL"
339
- ]
340
- },
341
- "Name": "LambdaRestApi"
342
- }
343
- },
344
- "cfapigwlambdaLambdaRestApiDeployment33C24C7D41e6d6ff15b0c6d292b31cce930b3216": {
345
- "Type": "AWS::ApiGateway::Deployment",
346
- "Properties": {
347
- "Description": "Automatically created by the RestApi construct",
348
- "RestApiId": {
349
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
350
- }
351
- },
352
- "DependsOn": [
353
- "cfapigwlambdaLambdaRestApiproxyANY68181290",
354
- "cfapigwlambdaLambdaRestApiproxy6A768910",
355
- "cfapigwlambdaLambdaRestApiANY81C176E9"
356
- ],
357
- "Metadata": {
358
- "cfn_nag": {
359
- "rules_to_suppress": [
360
- {
361
- "id": "W45",
362
- "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checks for it in AWS::ApiGateway::Deployment resource"
363
- }
364
- ]
365
- }
366
- }
367
- },
368
- "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011": {
369
- "Type": "AWS::ApiGateway::Stage",
370
- "Properties": {
371
- "AccessLogSetting": {
372
- "DestinationArn": {
373
- "Fn::GetAtt": [
374
- "cfapigwlambdaApiAccessLogGroup16C73450",
375
- "Arn"
376
- ]
377
- },
378
- "Format": "{\"requestId\":\"$context.requestId\",\"ip\":\"$context.identity.sourceIp\",\"user\":\"$context.identity.user\",\"caller\":\"$context.identity.caller\",\"requestTime\":\"$context.requestTime\",\"httpMethod\":\"$context.httpMethod\",\"resourcePath\":\"$context.resourcePath\",\"status\":\"$context.status\",\"protocol\":\"$context.protocol\",\"responseLength\":\"$context.responseLength\"}"
379
- },
380
- "DeploymentId": {
381
- "Ref": "cfapigwlambdaLambdaRestApiDeployment33C24C7D41e6d6ff15b0c6d292b31cce930b3216"
382
- },
383
- "MethodSettings": [
384
- {
385
- "DataTraceEnabled": false,
386
- "HttpMethod": "*",
387
- "LoggingLevel": "INFO",
388
- "ResourcePath": "/*"
389
- }
390
- ],
391
- "RestApiId": {
392
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
393
- },
394
- "StageName": "prod",
395
- "TracingEnabled": true
396
- }
397
- },
398
- "cfapigwlambdaLambdaRestApiproxy6A768910": {
399
- "Type": "AWS::ApiGateway::Resource",
400
- "Properties": {
401
- "ParentId": {
402
- "Fn::GetAtt": [
403
- "cfapigwlambdaLambdaRestApi775C255B",
404
- "RootResourceId"
405
- ]
406
- },
407
- "PathPart": "{proxy+}",
408
- "RestApiId": {
409
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
410
- }
411
- }
412
- },
413
- "cfapigwlambdaLambdaRestApiproxyANYApiPermissioncftaplamcustomCloudfrontLoggingBucketcfapigwlambdaLambdaRestApi92F6CCCCANYproxy3A68AEF4": {
414
- "Type": "AWS::Lambda::Permission",
415
- "Properties": {
416
- "Action": "lambda:InvokeFunction",
417
- "FunctionName": {
418
- "Fn::GetAtt": [
419
- "cfapigwlambdaLambdaFunction10C09D31",
420
- "Arn"
421
- ]
422
- },
423
- "Principal": "apigateway.amazonaws.com",
424
- "SourceArn": {
425
- "Fn::Join": [
426
- "",
427
- [
428
- "arn:",
429
- {
430
- "Ref": "AWS::Partition"
431
- },
432
- ":execute-api:",
433
- {
434
- "Ref": "AWS::Region"
435
- },
436
- ":",
437
- {
438
- "Ref": "AWS::AccountId"
439
- },
440
- ":",
441
- {
442
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
443
- },
444
- "/",
445
- {
446
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
447
- },
448
- "/*/*"
449
- ]
450
- ]
451
- }
452
- }
453
- },
454
- "cfapigwlambdaLambdaRestApiproxyANYApiPermissionTestcftaplamcustomCloudfrontLoggingBucketcfapigwlambdaLambdaRestApi92F6CCCCANYproxyCDE7366D": {
455
- "Type": "AWS::Lambda::Permission",
456
- "Properties": {
457
- "Action": "lambda:InvokeFunction",
458
- "FunctionName": {
459
- "Fn::GetAtt": [
460
- "cfapigwlambdaLambdaFunction10C09D31",
461
- "Arn"
462
- ]
463
- },
464
- "Principal": "apigateway.amazonaws.com",
465
- "SourceArn": {
466
- "Fn::Join": [
467
- "",
468
- [
469
- "arn:",
470
- {
471
- "Ref": "AWS::Partition"
472
- },
473
- ":execute-api:",
474
- {
475
- "Ref": "AWS::Region"
476
- },
477
- ":",
478
- {
479
- "Ref": "AWS::AccountId"
480
- },
481
- ":",
482
- {
483
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
484
- },
485
- "/test-invoke-stage/*/*"
486
- ]
487
- ]
488
- }
489
- }
490
- },
491
- "cfapigwlambdaLambdaRestApiproxyANY68181290": {
492
- "Type": "AWS::ApiGateway::Method",
493
- "Properties": {
494
- "AuthorizationType": "CUSTOM",
495
- "AuthorizerId": {
496
- "Ref": "cftaplamcustomCloudfrontLoggingBucketauthorizer4D180075"
497
- },
498
- "HttpMethod": "ANY",
499
- "Integration": {
500
- "IntegrationHttpMethod": "POST",
501
- "Type": "AWS_PROXY",
502
- "Uri": {
503
- "Fn::Join": [
504
- "",
505
- [
506
- "arn:",
507
- {
508
- "Ref": "AWS::Partition"
509
- },
510
- ":apigateway:",
511
- {
512
- "Ref": "AWS::Region"
513
- },
514
- ":lambda:path/2015-03-31/functions/",
515
- {
516
- "Fn::GetAtt": [
517
- "cfapigwlambdaLambdaFunction10C09D31",
518
- "Arn"
519
- ]
520
- },
521
- "/invocations"
522
- ]
523
- ]
524
- }
525
- },
526
- "ResourceId": {
527
- "Ref": "cfapigwlambdaLambdaRestApiproxy6A768910"
528
- },
529
- "RestApiId": {
530
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
531
- }
532
- }
533
- },
534
- "cfapigwlambdaLambdaRestApiANYApiPermissioncftaplamcustomCloudfrontLoggingBucketcfapigwlambdaLambdaRestApi92F6CCCCANY63987F12": {
535
- "Type": "AWS::Lambda::Permission",
536
- "Properties": {
537
- "Action": "lambda:InvokeFunction",
538
- "FunctionName": {
539
- "Fn::GetAtt": [
540
- "cfapigwlambdaLambdaFunction10C09D31",
541
- "Arn"
542
- ]
543
- },
544
- "Principal": "apigateway.amazonaws.com",
545
- "SourceArn": {
546
- "Fn::Join": [
547
- "",
548
- [
549
- "arn:",
550
- {
551
- "Ref": "AWS::Partition"
552
- },
553
- ":execute-api:",
554
- {
555
- "Ref": "AWS::Region"
556
- },
557
- ":",
558
- {
559
- "Ref": "AWS::AccountId"
560
- },
561
- ":",
562
- {
563
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
564
- },
565
- "/",
566
- {
567
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
568
- },
569
- "/*/"
570
- ]
571
- ]
572
- }
573
- }
574
- },
575
- "cfapigwlambdaLambdaRestApiANYApiPermissionTestcftaplamcustomCloudfrontLoggingBucketcfapigwlambdaLambdaRestApi92F6CCCCANYA05B319C": {
576
- "Type": "AWS::Lambda::Permission",
577
- "Properties": {
578
- "Action": "lambda:InvokeFunction",
579
- "FunctionName": {
580
- "Fn::GetAtt": [
581
- "cfapigwlambdaLambdaFunction10C09D31",
582
- "Arn"
583
- ]
584
- },
585
- "Principal": "apigateway.amazonaws.com",
586
- "SourceArn": {
587
- "Fn::Join": [
588
- "",
589
- [
590
- "arn:",
591
- {
592
- "Ref": "AWS::Partition"
593
- },
594
- ":execute-api:",
595
- {
596
- "Ref": "AWS::Region"
597
- },
598
- ":",
599
- {
600
- "Ref": "AWS::AccountId"
601
- },
602
- ":",
603
- {
604
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
605
- },
606
- "/test-invoke-stage/*/"
607
- ]
608
- ]
609
- }
610
- }
611
- },
612
- "cfapigwlambdaLambdaRestApiANY81C176E9": {
613
- "Type": "AWS::ApiGateway::Method",
614
- "Properties": {
615
- "AuthorizationType": "CUSTOM",
616
- "AuthorizerId": {
617
- "Ref": "cftaplamcustomCloudfrontLoggingBucketauthorizer4D180075"
618
- },
619
- "HttpMethod": "ANY",
620
- "Integration": {
621
- "IntegrationHttpMethod": "POST",
622
- "Type": "AWS_PROXY",
623
- "Uri": {
624
- "Fn::Join": [
625
- "",
626
- [
627
- "arn:",
628
- {
629
- "Ref": "AWS::Partition"
630
- },
631
- ":apigateway:",
632
- {
633
- "Ref": "AWS::Region"
634
- },
635
- ":lambda:path/2015-03-31/functions/",
636
- {
637
- "Fn::GetAtt": [
638
- "cfapigwlambdaLambdaFunction10C09D31",
639
- "Arn"
640
- ]
641
- },
642
- "/invocations"
643
- ]
644
- ]
645
- }
646
- },
647
- "ResourceId": {
648
- "Fn::GetAtt": [
649
- "cfapigwlambdaLambdaRestApi775C255B",
650
- "RootResourceId"
651
- ]
652
- },
653
- "RestApiId": {
654
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
655
- }
656
- }
657
- },
658
- "cfapigwlambdaLambdaRestApiUsagePlan11CE9748": {
659
- "Type": "AWS::ApiGateway::UsagePlan",
660
- "Properties": {
661
- "ApiStages": [
662
- {
663
- "ApiId": {
664
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
665
- },
666
- "Stage": {
667
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
668
- },
669
- "Throttle": {}
670
- }
671
- ]
672
- }
673
- },
674
- "cfapigwlambdaLambdaRestApiCloudWatchRole76F5ABDF": {
675
- "Type": "AWS::IAM::Role",
676
- "Properties": {
677
- "AssumeRolePolicyDocument": {
678
- "Statement": [
679
- {
680
- "Action": "sts:AssumeRole",
681
- "Effect": "Allow",
682
- "Principal": {
683
- "Service": "apigateway.amazonaws.com"
684
- }
685
- }
686
- ],
687
- "Version": "2012-10-17"
688
- },
689
- "Policies": [
690
- {
691
- "PolicyDocument": {
692
- "Statement": [
693
- {
694
- "Action": [
695
- "logs:CreateLogGroup",
696
- "logs:CreateLogStream",
697
- "logs:DescribeLogGroups",
698
- "logs:DescribeLogStreams",
699
- "logs:PutLogEvents",
700
- "logs:GetLogEvents",
701
- "logs:FilterLogEvents"
702
- ],
703
- "Effect": "Allow",
704
- "Resource": {
705
- "Fn::Join": [
706
- "",
707
- [
708
- "arn:",
709
- {
710
- "Ref": "AWS::Partition"
711
- },
712
- ":logs:",
713
- {
714
- "Ref": "AWS::Region"
715
- },
716
- ":",
717
- {
718
- "Ref": "AWS::AccountId"
719
- },
720
- ":*"
721
- ]
722
- ]
723
- }
724
- }
725
- ],
726
- "Version": "2012-10-17"
727
- },
728
- "PolicyName": "LambdaRestApiCloudWatchRolePolicy"
729
- }
730
- ]
731
- }
732
- },
733
- "cfapigwlambdaLambdaRestApiAccountB2390110": {
734
- "Type": "AWS::ApiGateway::Account",
735
- "Properties": {
736
- "CloudWatchRoleArn": {
737
- "Fn::GetAtt": [
738
- "cfapigwlambdaLambdaRestApiCloudWatchRole76F5ABDF",
739
- "Arn"
740
- ]
741
- }
742
- },
743
- "DependsOn": [
744
- "cfapigwlambdaLambdaRestApi775C255B"
745
- ]
746
- },
747
- "cfapigwlambdaCloudFrontToApiGatewaySetHttpSecurityHeadersE20F2933": {
748
- "Type": "AWS::CloudFront::Function",
749
- "Properties": {
750
- "AutoPublish": true,
751
- "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }",
752
- "FunctionConfig": {
753
- "Comment": "SetHttpSecurityHeadersc860b559e82562b55d86431c32566a0eb839407df7",
754
- "Runtime": "cloudfront-js-1.0"
755
- },
756
- "Name": "SetHttpSecurityHeadersc860b559e82562b55d86431c32566a0eb839407df7"
757
- }
758
- },
759
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A": {
760
- "Type": "AWS::S3::Bucket",
761
- "Properties": {
762
- "BucketEncryption": {
763
- "ServerSideEncryptionConfiguration": [
764
- {
765
- "ServerSideEncryptionByDefault": {
766
- "SSEAlgorithm": "AES256"
767
- }
768
- }
769
- ]
770
- },
771
- "OwnershipControls": {
772
- "Rules": [
773
- {
774
- "ObjectOwnership": "ObjectWriter"
775
- }
776
- ]
777
- },
778
- "PublicAccessBlockConfiguration": {
779
- "BlockPublicAcls": true,
780
- "BlockPublicPolicy": true,
781
- "IgnorePublicAcls": true,
782
- "RestrictPublicBuckets": true
783
- },
784
- "Tags": [
785
- {
786
- "Key": "aws-cdk:auto-delete-objects",
787
- "Value": "true"
788
- }
789
- ],
790
- "VersioningConfiguration": {
791
- "Status": "Enabled"
792
- }
793
- },
794
- "UpdateReplacePolicy": "Delete",
795
- "DeletionPolicy": "Delete",
796
- "Metadata": {
797
- "cfn_nag": {
798
- "rules_to_suppress": [
799
- {
800
- "id": "W35",
801
- "reason": "This S3 bucket is used as the access logging bucket for another bucket"
802
- }
803
- ]
804
- }
805
- }
806
- },
807
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLogPolicyC05E1C71": {
808
- "Type": "AWS::S3::BucketPolicy",
809
- "Properties": {
810
- "Bucket": {
811
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A"
812
- },
813
- "PolicyDocument": {
814
- "Statement": [
815
- {
816
- "Action": "s3:*",
817
- "Condition": {
818
- "Bool": {
819
- "aws:SecureTransport": "false"
820
- }
821
- },
822
- "Effect": "Deny",
823
- "Principal": {
824
- "AWS": "*"
825
- },
826
- "Resource": [
827
- {
828
- "Fn::GetAtt": [
829
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A",
830
- "Arn"
831
- ]
832
- },
833
- {
834
- "Fn::Join": [
835
- "",
836
- [
837
- {
838
- "Fn::GetAtt": [
839
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A",
840
- "Arn"
841
- ]
842
- },
843
- "/*"
844
- ]
845
- ]
846
- }
847
- ]
848
- },
849
- {
850
- "Action": [
851
- "s3:PutBucketPolicy",
852
- "s3:GetBucket*",
853
- "s3:List*",
854
- "s3:DeleteObject*"
855
- ],
856
- "Effect": "Allow",
857
- "Principal": {
858
- "AWS": {
859
- "Fn::GetAtt": [
860
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
861
- "Arn"
862
- ]
863
- }
864
- },
865
- "Resource": [
866
- {
867
- "Fn::GetAtt": [
868
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A",
869
- "Arn"
870
- ]
871
- },
872
- {
873
- "Fn::Join": [
874
- "",
875
- [
876
- {
877
- "Fn::GetAtt": [
878
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A",
879
- "Arn"
880
- ]
881
- },
882
- "/*"
883
- ]
884
- ]
885
- }
886
- ]
887
- },
888
- {
889
- "Action": "s3:PutObject",
890
- "Condition": {
891
- "ArnLike": {
892
- "aws:SourceArn": {
893
- "Fn::GetAtt": [
894
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
895
- "Arn"
896
- ]
897
- }
898
- },
899
- "StringEquals": {
900
- "aws:SourceAccount": {
901
- "Ref": "AWS::AccountId"
902
- }
903
- }
904
- },
905
- "Effect": "Allow",
906
- "Principal": {
907
- "Service": "logging.s3.amazonaws.com"
908
- },
909
- "Resource": {
910
- "Fn::Join": [
911
- "",
912
- [
913
- {
914
- "Fn::GetAtt": [
915
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A",
916
- "Arn"
917
- ]
918
- },
919
- "/*"
920
- ]
921
- ]
922
- }
923
- }
924
- ],
925
- "Version": "2012-10-17"
926
- }
927
- }
928
- },
929
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResource296BC002": {
930
- "Type": "Custom::S3AutoDeleteObjects",
931
- "Properties": {
932
- "ServiceToken": {
933
- "Fn::GetAtt": [
934
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
935
- "Arn"
936
- ]
937
- },
938
- "BucketName": {
939
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A"
940
- }
941
- },
942
- "DependsOn": [
943
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLogPolicyC05E1C71"
944
- ],
945
- "UpdateReplacePolicy": "Delete",
946
- "DeletionPolicy": "Delete"
947
- },
948
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2": {
949
- "Type": "AWS::S3::Bucket",
950
- "Properties": {
951
- "AccessControl": "LogDeliveryWrite",
952
- "BucketEncryption": {
953
- "ServerSideEncryptionConfiguration": [
954
- {
955
- "ServerSideEncryptionByDefault": {
956
- "SSEAlgorithm": "AES256"
957
- }
958
- }
959
- ]
960
- },
961
- "LoggingConfiguration": {
962
- "DestinationBucketName": {
963
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A"
964
- }
965
- },
966
- "OwnershipControls": {
967
- "Rules": [
968
- {
969
- "ObjectOwnership": "ObjectWriter"
970
- }
971
- ]
972
- },
973
- "PublicAccessBlockConfiguration": {
974
- "BlockPublicAcls": true,
975
- "BlockPublicPolicy": true,
976
- "IgnorePublicAcls": true,
977
- "RestrictPublicBuckets": true
978
- },
979
- "Tags": [
980
- {
981
- "Key": "aws-cdk:auto-delete-objects",
982
- "Value": "true"
983
- }
984
- ],
985
- "VersioningConfiguration": {
986
- "Status": "Enabled"
987
- }
988
- },
989
- "UpdateReplacePolicy": "Delete",
990
- "DeletionPolicy": "Delete"
991
- },
992
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketPolicy416A95E3": {
993
- "Type": "AWS::S3::BucketPolicy",
994
- "Properties": {
995
- "Bucket": {
996
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2"
997
- },
998
- "PolicyDocument": {
999
- "Statement": [
1000
- {
1001
- "Action": "s3:*",
1002
- "Condition": {
1003
- "Bool": {
1004
- "aws:SecureTransport": "false"
1005
- }
1006
- },
1007
- "Effect": "Deny",
1008
- "Principal": {
1009
- "AWS": "*"
1010
- },
1011
- "Resource": [
1012
- {
1013
- "Fn::GetAtt": [
1014
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
1015
- "Arn"
1016
- ]
1017
- },
1018
- {
1019
- "Fn::Join": [
1020
- "",
1021
- [
1022
- {
1023
- "Fn::GetAtt": [
1024
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
1025
- "Arn"
1026
- ]
1027
- },
1028
- "/*"
1029
- ]
1030
- ]
1031
- }
1032
- ]
1033
- },
1034
- {
1035
- "Action": [
1036
- "s3:PutBucketPolicy",
1037
- "s3:GetBucket*",
1038
- "s3:List*",
1039
- "s3:DeleteObject*"
1040
- ],
1041
- "Effect": "Allow",
1042
- "Principal": {
1043
- "AWS": {
1044
- "Fn::GetAtt": [
1045
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1046
- "Arn"
1047
- ]
1048
- }
1049
- },
1050
- "Resource": [
1051
- {
1052
- "Fn::GetAtt": [
1053
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
1054
- "Arn"
1055
- ]
1056
- },
1057
- {
1058
- "Fn::Join": [
1059
- "",
1060
- [
1061
- {
1062
- "Fn::GetAtt": [
1063
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
1064
- "Arn"
1065
- ]
1066
- },
1067
- "/*"
1068
- ]
1069
- ]
1070
- }
1071
- ]
1072
- }
1073
- ],
1074
- "Version": "2012-10-17"
1075
- }
1076
- }
1077
- },
1078
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAutoDeleteObjectsCustomResource4AC22AEE": {
1079
- "Type": "Custom::S3AutoDeleteObjects",
1080
- "Properties": {
1081
- "ServiceToken": {
1082
- "Fn::GetAtt": [
1083
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
1084
- "Arn"
1085
- ]
1086
- },
1087
- "BucketName": {
1088
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2"
1089
- }
1090
- },
1091
- "DependsOn": [
1092
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketPolicy416A95E3"
1093
- ],
1094
- "UpdateReplacePolicy": "Delete",
1095
- "DeletionPolicy": "Delete"
1096
- },
1097
- "cfapigwlambdaCloudFrontToApiGatewayCloudFrontDistributionF8B75200": {
1098
- "Type": "AWS::CloudFront::Distribution",
1099
- "Properties": {
1100
- "DistributionConfig": {
1101
- "DefaultCacheBehavior": {
1102
- "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
1103
- "Compress": true,
1104
- "FunctionAssociations": [
1105
- {
1106
- "EventType": "viewer-response",
1107
- "FunctionARN": {
1108
- "Fn::GetAtt": [
1109
- "cfapigwlambdaCloudFrontToApiGatewaySetHttpSecurityHeadersE20F2933",
1110
- "FunctionARN"
1111
- ]
1112
- }
1113
- }
1114
- ],
1115
- "TargetOriginId": "cftaplamcustomCloudfrontLoggingBucketcfapigwlambdaCloudFrontToApiGatewayCloudFrontDistributionOrigin169FDD6AF",
1116
- "ViewerProtocolPolicy": "redirect-to-https"
1117
- },
1118
- "Enabled": true,
1119
- "HttpVersion": "http2",
1120
- "IPV6Enabled": true,
1121
- "Logging": {
1122
- "Bucket": {
1123
- "Fn::GetAtt": [
1124
- "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucket2E8E3DC2",
1125
- "RegionalDomainName"
1126
- ]
1127
- }
1128
- },
1129
- "Origins": [
1130
- {
1131
- "CustomOriginConfig": {
1132
- "OriginProtocolPolicy": "https-only",
1133
- "OriginSSLProtocols": [
1134
- "TLSv1.2"
1135
- ]
1136
- },
1137
- "DomainName": {
1138
- "Fn::Select": [
1139
- 0,
1140
- {
1141
- "Fn::Split": [
1142
- "/",
1143
- {
1144
- "Fn::Select": [
1145
- 1,
1146
- {
1147
- "Fn::Split": [
1148
- "://",
1149
- {
1150
- "Fn::Join": [
1151
- "",
1152
- [
1153
- "https://",
1154
- {
1155
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
1156
- },
1157
- ".execute-api.",
1158
- {
1159
- "Ref": "AWS::Region"
1160
- },
1161
- ".",
1162
- {
1163
- "Ref": "AWS::URLSuffix"
1164
- },
1165
- "/",
1166
- {
1167
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
1168
- },
1169
- "/"
1170
- ]
1171
- ]
1172
- }
1173
- ]
1174
- }
1175
- ]
1176
- }
1177
- ]
1178
- }
1179
- ]
1180
- },
1181
- "Id": "cftaplamcustomCloudfrontLoggingBucketcfapigwlambdaCloudFrontToApiGatewayCloudFrontDistributionOrigin169FDD6AF",
1182
- "OriginPath": {
1183
- "Fn::Join": [
1184
- "",
1185
- [
1186
- "/",
1187
- {
1188
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
1189
- }
1190
- ]
1191
- ]
1192
- }
1193
- }
1194
- ]
1195
- }
1196
- },
1197
- "Metadata": {
1198
- "cfn_nag": {
1199
- "rules_to_suppress": [
1200
- {
1201
- "id": "W70",
1202
- "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
1203
- }
1204
- ]
1205
- }
1206
- }
1207
- },
1208
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
1209
- "Type": "AWS::IAM::Role",
1210
- "Properties": {
1211
- "AssumeRolePolicyDocument": {
1212
- "Version": "2012-10-17",
1213
- "Statement": [
1214
- {
1215
- "Action": "sts:AssumeRole",
1216
- "Effect": "Allow",
1217
- "Principal": {
1218
- "Service": "lambda.amazonaws.com"
1219
- }
1220
- }
1221
- ]
1222
- },
1223
- "ManagedPolicyArns": [
1224
- {
1225
- "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
1226
- }
1227
- ]
1228
- }
1229
- },
1230
- "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
1231
- "Type": "AWS::Lambda::Function",
1232
- "Properties": {
1233
- "Code": {
1234
- "S3Bucket": {
1235
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
1236
- },
1237
- "S3Key": "b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6.zip"
1238
- },
1239
- "Timeout": 900,
1240
- "MemorySize": 128,
1241
- "Handler": "index.handler",
1242
- "Role": {
1243
- "Fn::GetAtt": [
1244
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1245
- "Arn"
1246
- ]
1247
- },
1248
- "Runtime": "nodejs18.x",
1249
- "Description": {
1250
- "Fn::Join": [
1251
- "",
1252
- [
1253
- "Lambda function for auto-deleting objects in ",
1254
- {
1255
- "Ref": "cfapigwlambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog48BE423A"
1256
- },
1257
- " S3 bucket."
1258
- ]
1259
- ]
1260
- }
1261
- },
1262
- "DependsOn": [
1263
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
1264
- ],
1265
- "Metadata": {
1266
- "cfn_nag": {
1267
- "rules_to_suppress": [
1268
- {
1269
- "id": "W58",
1270
- "reason": "CDK generated custom resource"
1271
- },
1272
- {
1273
- "id": "W89",
1274
- "reason": "CDK generated custom resource"
1275
- },
1276
- {
1277
- "id": "W92",
1278
- "reason": "CDK generated custom resource"
1279
- }
1280
- ]
1281
- }
1282
- }
1283
- }
1284
- },
1285
- "Outputs": {
1286
- "cfapigwlambdaLambdaRestApiEndpoint1004A97F": {
1287
- "Value": {
1288
- "Fn::Join": [
1289
- "",
1290
- [
1291
- "https://",
1292
- {
1293
- "Ref": "cfapigwlambdaLambdaRestApi775C255B"
1294
- },
1295
- ".execute-api.",
1296
- {
1297
- "Ref": "AWS::Region"
1298
- },
1299
- ".",
1300
- {
1301
- "Ref": "AWS::URLSuffix"
1302
- },
1303
- "/",
1304
- {
1305
- "Ref": "cfapigwlambdaLambdaRestApiDeploymentStageprod83104011"
1306
- },
1307
- "/"
1308
- ]
1309
- ]
1310
- }
1311
- }
1312
- },
1313
- "Parameters": {
1314
- "BootstrapVersion": {
1315
- "Type": "AWS::SSM::Parameter::Value<String>",
1316
- "Default": "/cdk-bootstrap/hnb659fds/version",
1317
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1318
- }
1319
- },
1320
- "Rules": {
1321
- "CheckBootstrapVersion": {
1322
- "Assertions": [
1323
- {
1324
- "Assert": {
1325
- "Fn::Not": [
1326
- {
1327
- "Fn::Contains": [
1328
- [
1329
- "1",
1330
- "2",
1331
- "3",
1332
- "4",
1333
- "5"
1334
- ],
1335
- {
1336
- "Ref": "BootstrapVersion"
1337
- }
1338
- ]
1339
- }
1340
- ]
1341
- },
1342
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1343
- }
1344
- ]
1345
- }
1346
- }
1347
- }