@aws-solutions-constructs/aws-cloudfront-apigateway-lambda 2.79.1 → 2.81.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/.jsii +76 -58
  2. package/lib/index.d.ts +7 -0
  3. package/lib/index.js +4 -3
  4. package/package.json +8 -8
  5. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/asset.3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f/index.js +23 -0
  6. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cdk.out +1 -1
  7. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplam-customCloudfrontLoggingBucket.assets.json +6 -6
  8. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplam-customCloudfrontLoggingBucket.template.json +30 -41
  9. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/cftaplamcustomCloudfrontLoggingBucketIntegDefaultTestDeployAssert35A683E0.assets.json +1 -1
  10. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/integ.json +1 -1
  11. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/manifest.json +429 -6
  12. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/tree.json +1 -1713
  13. package/test/integ.cftaplam-no-arguments.js.snapshot/asset.3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f/index.js +23 -0
  14. package/test/integ.cftaplam-no-arguments.js.snapshot/cdk.out +1 -1
  15. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplam-no-arguments.assets.json +6 -6
  16. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplam-no-arguments.template.json +30 -41
  17. package/test/integ.cftaplam-no-arguments.js.snapshot/cftaplamnoargumentsIntegDefaultTestDeployAssertACC32F59.assets.json +1 -1
  18. package/test/integ.cftaplam-no-arguments.js.snapshot/integ.json +1 -1
  19. package/test/integ.cftaplam-no-arguments.js.snapshot/manifest.json +429 -6
  20. package/test/integ.cftaplam-no-arguments.js.snapshot/tree.json +1 -1713
  21. package/test/integ.cftaplam-no-usage-plan.d.ts +13 -0
  22. package/test/integ.cftaplam-no-usage-plan.js +50 -0
  23. package/test/integ.cftaplam-no-usage-plan.js.snapshot/asset.3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f/index.js +23 -0
  24. package/test/integ.cftaplam-no-usage-plan.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  25. package/test/integ.cftaplam-no-usage-plan.js.snapshot/cdk.out +1 -0
  26. package/test/integ.cftaplam-no-usage-plan.js.snapshot/cftaplam-no-usage-plan.assets.json +45 -0
  27. package/test/integ.cftaplam-no-usage-plan.js.snapshot/cftaplam-no-usage-plan.template.json +1403 -0
  28. package/test/integ.cftaplam-no-usage-plan.js.snapshot/cftaplamnousageplanIntegDefaultTestDeployAssertABA4F4C5.assets.json +19 -0
  29. package/test/integ.cftaplam-no-usage-plan.js.snapshot/cftaplamnousageplanIntegDefaultTestDeployAssertABA4F4C5.template.json +36 -0
  30. package/test/integ.cftaplam-no-usage-plan.js.snapshot/integ.json +12 -0
  31. package/test/integ.cftaplam-no-usage-plan.js.snapshot/manifest.json +704 -0
  32. package/test/integ.cftaplam-no-usage-plan.js.snapshot/tree.json +1 -0
  33. package/test/integ.cftaplam-override-behavior.js.snapshot/asset.3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f/index.js +23 -0
  34. package/test/integ.cftaplam-override-behavior.js.snapshot/cdk.out +1 -1
  35. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplam-override-behavior.assets.json +6 -6
  36. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplam-override-behavior.template.json +30 -41
  37. package/test/integ.cftaplam-override-behavior.js.snapshot/cftaplamoverridebehaviorIntegDefaultTestDeployAssert3DC30427.assets.json +1 -1
  38. package/test/integ.cftaplam-override-behavior.js.snapshot/integ.json +1 -1
  39. package/test/integ.cftaplam-override-behavior.js.snapshot/manifest.json +468 -6
  40. package/test/integ.cftaplam-override-behavior.js.snapshot/tree.json +1 -1797
  41. package/test/test.cloudfront-apigateway-lambda.test.js +42 -1
  42. package/test/integ.cftaplam-customCloudfrontLoggingBucket.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +0 -10
  43. package/test/integ.cftaplam-no-arguments.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +0 -10
  44. package/test/integ.cftaplam-override-behavior.js.snapshot/asset.42a35bbf0dec9ef0ac5b0dde87e71a1b8929e8d2d178dd09ccfb2c928ec0198c/index.js +0 -10
package/test/integ.cftaplam-no-usage-plan.js.snapshot/cftaplam-no-usage-plan.template.json ADDED
@@ -0,0 +1,1403 @@
1
+ {
2
+ "Description": "Integration Test for aws-cloudfront-apigateway-lambda",
3
+ "Resources": {
4
+ "cftaplamnousageplanauthorizerAuthFunctionServiceRoleD960FE23": {
5
+ "Type": "AWS::IAM::Role",
6
+ "Properties": {
7
+ "AssumeRolePolicyDocument": {
8
+ "Statement": [
9
+ {
10
+ "Action": "sts:AssumeRole",
11
+ "Effect": "Allow",
12
+ "Principal": {
13
+ "Service": "lambda.amazonaws.com"
14
+ }
15
+ }
16
+ ],
17
+ "Version": "2012-10-17"
18
+ },
19
+ "ManagedPolicyArns": [
20
+ {
21
+ "Fn::Join": [
22
+ "",
23
+ [
24
+ "arn:",
25
+ {
26
+ "Ref": "AWS::Partition"
27
+ },
28
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
29
+ ]
30
+ ]
31
+ }
32
+ ]
33
+ }
34
+ },
35
+ "cftaplamnousageplanauthorizerAuthFunctionC756EB1A": {
36
+ "Type": "AWS::Lambda::Function",
37
+ "Properties": {
38
+ "Code": {
39
+ "S3Bucket": {
40
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
41
+ },
42
+ "S3Key": "3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f.zip"
43
+ },
44
+ "Handler": ".handler",
45
+ "Role": {
46
+ "Fn::GetAtt": [
47
+ "cftaplamnousageplanauthorizerAuthFunctionServiceRoleD960FE23",
48
+ "Arn"
49
+ ]
50
+ },
51
+ "Runtime": "nodejs20.x"
52
+ },
53
+ "DependsOn": [
54
+ "cftaplamnousageplanauthorizerAuthFunctionServiceRoleD960FE23"
55
+ ],
56
+ "Metadata": {
57
+ "cfn_nag": {
58
+ "rules_to_suppress": [
59
+ {
60
+ "id": "W58",
61
+ "reason": "Test Resource"
62
+ },
63
+ {
64
+ "id": "W89",
65
+ "reason": "Test Resource"
66
+ },
67
+ {
68
+ "id": "W92",
69
+ "reason": "Test Resource"
70
+ }
71
+ ]
72
+ }
73
+ }
74
+ },
75
+ "cftaplamnousageplanauthorizerAuthFunctioncftaplamnousageplancftaplamnousageplanauthorizerB8C63521Permissions5697B0FF": {
76
+ "Type": "AWS::Lambda::Permission",
77
+ "Properties": {
78
+ "Action": "lambda:InvokeFunction",
79
+ "FunctionName": {
80
+ "Fn::GetAtt": [
81
+ "cftaplamnousageplanauthorizerAuthFunctionC756EB1A",
82
+ "Arn"
83
+ ]
84
+ },
85
+ "Principal": "apigateway.amazonaws.com",
86
+ "SourceArn": {
87
+ "Fn::Join": [
88
+ "",
89
+ [
90
+ "arn:",
91
+ {
92
+ "Ref": "AWS::Partition"
93
+ },
94
+ ":execute-api:",
95
+ {
96
+ "Ref": "AWS::Region"
97
+ },
98
+ ":",
99
+ {
100
+ "Ref": "AWS::AccountId"
101
+ },
102
+ ":",
103
+ {
104
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
105
+ },
106
+ "/authorizers/",
107
+ {
108
+ "Ref": "cftaplamnousageplanauthorizerB177A4F9"
109
+ }
110
+ ]
111
+ ]
112
+ }
113
+ }
114
+ },
115
+ "cftaplamnousageplanauthorizerB177A4F9": {
116
+ "Type": "AWS::ApiGateway::Authorizer",
117
+ "Properties": {
118
+ "AuthorizerResultTtlInSeconds": 300,
119
+ "AuthorizerUri": {
120
+ "Fn::Join": [
121
+ "",
122
+ [
123
+ "arn:",
124
+ {
125
+ "Fn::Select": [
126
+ 1,
127
+ {
128
+ "Fn::Split": [
129
+ ":",
130
+ {
131
+ "Fn::GetAtt": [
132
+ "cftaplamnousageplanauthorizerAuthFunctionC756EB1A",
133
+ "Arn"
134
+ ]
135
+ }
136
+ ]
137
+ }
138
+ ]
139
+ },
140
+ ":apigateway:",
141
+ {
142
+ "Fn::Select": [
143
+ 3,
144
+ {
145
+ "Fn::Split": [
146
+ ":",
147
+ {
148
+ "Fn::GetAtt": [
149
+ "cftaplamnousageplanauthorizerAuthFunctionC756EB1A",
150
+ "Arn"
151
+ ]
152
+ }
153
+ ]
154
+ }
155
+ ]
156
+ },
157
+ ":lambda:path/2015-03-31/functions/",
158
+ {
159
+ "Fn::GetAtt": [
160
+ "cftaplamnousageplanauthorizerAuthFunctionC756EB1A",
161
+ "Arn"
162
+ ]
163
+ },
164
+ "/invocations"
165
+ ]
166
+ ]
167
+ },
168
+ "IdentitySource": "method.request.header.Authorization",
169
+ "Name": "cftaplamnousageplancftaplamnousageplanauthorizerB8C63521",
170
+ "RestApiId": {
171
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
172
+ },
173
+ "Type": "REQUEST"
174
+ }
175
+ },
176
+ "testcloudfrontapigatewaylambdaLambdaFunctionServiceRoleCB74590F": {
177
+ "Type": "AWS::IAM::Role",
178
+ "Properties": {
179
+ "AssumeRolePolicyDocument": {
180
+ "Statement": [
181
+ {
182
+ "Action": "sts:AssumeRole",
183
+ "Effect": "Allow",
184
+ "Principal": {
185
+ "Service": "lambda.amazonaws.com"
186
+ }
187
+ }
188
+ ],
189
+ "Version": "2012-10-17"
190
+ },
191
+ "Policies": [
192
+ {
193
+ "PolicyDocument": {
194
+ "Statement": [
195
+ {
196
+ "Action": [
197
+ "logs:CreateLogGroup",
198
+ "logs:CreateLogStream",
199
+ "logs:PutLogEvents"
200
+ ],
201
+ "Effect": "Allow",
202
+ "Resource": {
203
+ "Fn::Join": [
204
+ "",
205
+ [
206
+ "arn:",
207
+ {
208
+ "Ref": "AWS::Partition"
209
+ },
210
+ ":logs:",
211
+ {
212
+ "Ref": "AWS::Region"
213
+ },
214
+ ":",
215
+ {
216
+ "Ref": "AWS::AccountId"
217
+ },
218
+ ":log-group:/aws/lambda/*"
219
+ ]
220
+ ]
221
+ }
222
+ }
223
+ ],
224
+ "Version": "2012-10-17"
225
+ },
226
+ "PolicyName": "LambdaFunctionServiceRolePolicy"
227
+ }
228
+ ]
229
+ },
230
+ "Metadata": {
231
+ "guard": {
232
+ "SuppressedRules": [
233
+ "IAM_NO_INLINE_POLICY_CHECK"
234
+ ]
235
+ }
236
+ }
237
+ },
238
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65": {
239
+ "Type": "AWS::Lambda::Function",
240
+ "Properties": {
241
+ "Code": {
242
+ "S3Bucket": {
243
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
244
+ },
245
+ "S3Key": "3a18fd3de4803f72260a058823accffd4f8d69986c6862a23cd86265f6cafa0f.zip"
246
+ },
247
+ "Environment": {
248
+ "Variables": {
249
+ "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
250
+ }
251
+ },
252
+ "Handler": "index.handler",
253
+ "Role": {
254
+ "Fn::GetAtt": [
255
+ "testcloudfrontapigatewaylambdaLambdaFunctionServiceRoleCB74590F",
256
+ "Arn"
257
+ ]
258
+ },
259
+ "Runtime": "nodejs20.x",
260
+ "TracingConfig": {
261
+ "Mode": "Active"
262
+ }
263
+ },
264
+ "DependsOn": [
265
+ "testcloudfrontapigatewaylambdaLambdaFunctionServiceRoleCB74590F"
266
+ ],
267
+ "Metadata": {
268
+ "cfn_nag": {
269
+ "rules_to_suppress": [
270
+ {
271
+ "id": "W58",
272
+ "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
273
+ },
274
+ {
275
+ "id": "W89",
276
+ "reason": "This is not a rule for the general case, just for specific use cases/industries"
277
+ },
278
+ {
279
+ "id": "W92",
280
+ "reason": "Impossible for us to define the correct concurrency for clients"
281
+ }
282
+ ]
283
+ }
284
+ }
285
+ },
286
+ "testcloudfrontapigatewaylambdaLambdaFunctioninlinePolicyAddedToExecutionRole010F5D55C": {
287
+ "Type": "AWS::IAM::Policy",
288
+ "Properties": {
289
+ "PolicyDocument": {
290
+ "Statement": [
291
+ {
292
+ "Action": [
293
+ "xray:PutTelemetryRecords",
294
+ "xray:PutTraceSegments"
295
+ ],
296
+ "Effect": "Allow",
297
+ "Resource": "*"
298
+ }
299
+ ],
300
+ "Version": "2012-10-17"
301
+ },
302
+ "PolicyName": "testcloudfrontapigatewaylambdaLambdaFunctioninlinePolicyAddedToExecutionRole010F5D55C",
303
+ "Roles": [
304
+ {
305
+ "Ref": "testcloudfrontapigatewaylambdaLambdaFunctionServiceRoleCB74590F"
306
+ }
307
+ ]
308
+ }
309
+ },
310
+ "testcloudfrontapigatewaylambdaApiAccessLogGroup97EB2E40": {
311
+ "Type": "AWS::Logs::LogGroup",
312
+ "UpdateReplacePolicy": "Retain",
313
+ "DeletionPolicy": "Retain",
314
+ "Metadata": {
315
+ "cfn_nag": {
316
+ "rules_to_suppress": [
317
+ {
318
+ "id": "W86",
319
+ "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely"
320
+ },
321
+ {
322
+ "id": "W84",
323
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
324
+ }
325
+ ]
326
+ }
327
+ }
328
+ },
329
+ "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44": {
330
+ "Type": "AWS::ApiGateway::RestApi",
331
+ "Properties": {
332
+ "EndpointConfiguration": {
333
+ "Types": [
334
+ "REGIONAL"
335
+ ]
336
+ },
337
+ "Name": "LambdaRestApi"
338
+ }
339
+ },
340
+ "testcloudfrontapigatewaylambdaLambdaRestApiDeployment0C4661C0d9c4123459f0cf4d3f3c0bde215f7fe1": {
341
+ "Type": "AWS::ApiGateway::Deployment",
342
+ "Properties": {
343
+ "Description": "Automatically created by the RestApi construct",
344
+ "RestApiId": {
345
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
346
+ }
347
+ },
348
+ "DependsOn": [
349
+ "cftaplamnousageplanauthorizerB177A4F9",
350
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyANYAE500A13",
351
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyBC09D86F",
352
+ "testcloudfrontapigatewaylambdaLambdaRestApiANYBC435DFD"
353
+ ],
354
+ "Metadata": {
355
+ "cfn_nag": {
356
+ "rules_to_suppress": [
357
+ {
358
+ "id": "W45",
359
+ "reason": "ApiGateway has AccessLogging enabled in AWS::ApiGateway::Stage resource, but cfn_nag checks for it in AWS::ApiGateway::Deployment resource"
360
+ }
361
+ ]
362
+ }
363
+ }
364
+ },
365
+ "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7": {
366
+ "Type": "AWS::ApiGateway::Stage",
367
+ "Properties": {
368
+ "AccessLogSetting": {
369
+ "DestinationArn": {
370
+ "Fn::GetAtt": [
371
+ "testcloudfrontapigatewaylambdaApiAccessLogGroup97EB2E40",
372
+ "Arn"
373
+ ]
374
+ },
375
+ "Format": "{\"requestId\":\"$context.requestId\",\"ip\":\"$context.identity.sourceIp\",\"user\":\"$context.identity.user\",\"caller\":\"$context.identity.caller\",\"requestTime\":\"$context.requestTime\",\"httpMethod\":\"$context.httpMethod\",\"resourcePath\":\"$context.resourcePath\",\"status\":\"$context.status\",\"protocol\":\"$context.protocol\",\"responseLength\":\"$context.responseLength\"}"
376
+ },
377
+ "DeploymentId": {
378
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeployment0C4661C0d9c4123459f0cf4d3f3c0bde215f7fe1"
379
+ },
380
+ "MethodSettings": [
381
+ {
382
+ "DataTraceEnabled": false,
383
+ "HttpMethod": "*",
384
+ "LoggingLevel": "INFO",
385
+ "ResourcePath": "/*"
386
+ }
387
+ ],
388
+ "RestApiId": {
389
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
390
+ },
391
+ "StageName": "prod",
392
+ "TracingEnabled": true
393
+ },
394
+ "Metadata": {
395
+ "guard": {
396
+ "SuppressedRules": [
397
+ "API_GW_CACHE_ENABLED_AND_ENCRYPTED"
398
+ ]
399
+ }
400
+ }
401
+ },
402
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyBC09D86F": {
403
+ "Type": "AWS::ApiGateway::Resource",
404
+ "Properties": {
405
+ "ParentId": {
406
+ "Fn::GetAtt": [
407
+ "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44",
408
+ "RootResourceId"
409
+ ]
410
+ },
411
+ "PathPart": "{proxy+}",
412
+ "RestApiId": {
413
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
414
+ }
415
+ }
416
+ },
417
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyANYApiPermissioncftaplamnousageplantestcloudfrontapigatewaylambdaLambdaRestApiB0E151E3ANYproxyAA0B8F51": {
418
+ "Type": "AWS::Lambda::Permission",
419
+ "Properties": {
420
+ "Action": "lambda:InvokeFunction",
421
+ "FunctionName": {
422
+ "Fn::GetAtt": [
423
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
424
+ "Arn"
425
+ ]
426
+ },
427
+ "Principal": "apigateway.amazonaws.com",
428
+ "SourceArn": {
429
+ "Fn::Join": [
430
+ "",
431
+ [
432
+ "arn:",
433
+ {
434
+ "Ref": "AWS::Partition"
435
+ },
436
+ ":execute-api:",
437
+ {
438
+ "Ref": "AWS::Region"
439
+ },
440
+ ":",
441
+ {
442
+ "Ref": "AWS::AccountId"
443
+ },
444
+ ":",
445
+ {
446
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
447
+ },
448
+ "/",
449
+ {
450
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7"
451
+ },
452
+ "/*/*"
453
+ ]
454
+ ]
455
+ }
456
+ }
457
+ },
458
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyANYApiPermissionTestcftaplamnousageplantestcloudfrontapigatewaylambdaLambdaRestApiB0E151E3ANYproxy80E1CD41": {
459
+ "Type": "AWS::Lambda::Permission",
460
+ "Properties": {
461
+ "Action": "lambda:InvokeFunction",
462
+ "FunctionName": {
463
+ "Fn::GetAtt": [
464
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
465
+ "Arn"
466
+ ]
467
+ },
468
+ "Principal": "apigateway.amazonaws.com",
469
+ "SourceArn": {
470
+ "Fn::Join": [
471
+ "",
472
+ [
473
+ "arn:",
474
+ {
475
+ "Ref": "AWS::Partition"
476
+ },
477
+ ":execute-api:",
478
+ {
479
+ "Ref": "AWS::Region"
480
+ },
481
+ ":",
482
+ {
483
+ "Ref": "AWS::AccountId"
484
+ },
485
+ ":",
486
+ {
487
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
488
+ },
489
+ "/test-invoke-stage/*/*"
490
+ ]
491
+ ]
492
+ }
493
+ }
494
+ },
495
+ "testcloudfrontapigatewaylambdaLambdaRestApiproxyANYAE500A13": {
496
+ "Type": "AWS::ApiGateway::Method",
497
+ "Properties": {
498
+ "AuthorizationType": "CUSTOM",
499
+ "AuthorizerId": {
500
+ "Ref": "cftaplamnousageplanauthorizerB177A4F9"
501
+ },
502
+ "HttpMethod": "ANY",
503
+ "Integration": {
504
+ "IntegrationHttpMethod": "POST",
505
+ "Type": "AWS_PROXY",
506
+ "Uri": {
507
+ "Fn::Join": [
508
+ "",
509
+ [
510
+ "arn:",
511
+ {
512
+ "Ref": "AWS::Partition"
513
+ },
514
+ ":apigateway:",
515
+ {
516
+ "Ref": "AWS::Region"
517
+ },
518
+ ":lambda:path/2015-03-31/functions/",
519
+ {
520
+ "Fn::GetAtt": [
521
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
522
+ "Arn"
523
+ ]
524
+ },
525
+ "/invocations"
526
+ ]
527
+ ]
528
+ }
529
+ },
530
+ "ResourceId": {
531
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiproxyBC09D86F"
532
+ },
533
+ "RestApiId": {
534
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
535
+ }
536
+ }
537
+ },
538
+ "testcloudfrontapigatewaylambdaLambdaRestApiANYApiPermissioncftaplamnousageplantestcloudfrontapigatewaylambdaLambdaRestApiB0E151E3ANY1F699A3F": {
539
+ "Type": "AWS::Lambda::Permission",
540
+ "Properties": {
541
+ "Action": "lambda:InvokeFunction",
542
+ "FunctionName": {
543
+ "Fn::GetAtt": [
544
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
545
+ "Arn"
546
+ ]
547
+ },
548
+ "Principal": "apigateway.amazonaws.com",
549
+ "SourceArn": {
550
+ "Fn::Join": [
551
+ "",
552
+ [
553
+ "arn:",
554
+ {
555
+ "Ref": "AWS::Partition"
556
+ },
557
+ ":execute-api:",
558
+ {
559
+ "Ref": "AWS::Region"
560
+ },
561
+ ":",
562
+ {
563
+ "Ref": "AWS::AccountId"
564
+ },
565
+ ":",
566
+ {
567
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
568
+ },
569
+ "/",
570
+ {
571
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7"
572
+ },
573
+ "/*/"
574
+ ]
575
+ ]
576
+ }
577
+ }
578
+ },
579
+ "testcloudfrontapigatewaylambdaLambdaRestApiANYApiPermissionTestcftaplamnousageplantestcloudfrontapigatewaylambdaLambdaRestApiB0E151E3ANY6015C6F7": {
580
+ "Type": "AWS::Lambda::Permission",
581
+ "Properties": {
582
+ "Action": "lambda:InvokeFunction",
583
+ "FunctionName": {
584
+ "Fn::GetAtt": [
585
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
586
+ "Arn"
587
+ ]
588
+ },
589
+ "Principal": "apigateway.amazonaws.com",
590
+ "SourceArn": {
591
+ "Fn::Join": [
592
+ "",
593
+ [
594
+ "arn:",
595
+ {
596
+ "Ref": "AWS::Partition"
597
+ },
598
+ ":execute-api:",
599
+ {
600
+ "Ref": "AWS::Region"
601
+ },
602
+ ":",
603
+ {
604
+ "Ref": "AWS::AccountId"
605
+ },
606
+ ":",
607
+ {
608
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
609
+ },
610
+ "/test-invoke-stage/*/"
611
+ ]
612
+ ]
613
+ }
614
+ }
615
+ },
616
+ "testcloudfrontapigatewaylambdaLambdaRestApiANYBC435DFD": {
617
+ "Type": "AWS::ApiGateway::Method",
618
+ "Properties": {
619
+ "AuthorizationType": "CUSTOM",
620
+ "AuthorizerId": {
621
+ "Ref": "cftaplamnousageplanauthorizerB177A4F9"
622
+ },
623
+ "HttpMethod": "ANY",
624
+ "Integration": {
625
+ "IntegrationHttpMethod": "POST",
626
+ "Type": "AWS_PROXY",
627
+ "Uri": {
628
+ "Fn::Join": [
629
+ "",
630
+ [
631
+ "arn:",
632
+ {
633
+ "Ref": "AWS::Partition"
634
+ },
635
+ ":apigateway:",
636
+ {
637
+ "Ref": "AWS::Region"
638
+ },
639
+ ":lambda:path/2015-03-31/functions/",
640
+ {
641
+ "Fn::GetAtt": [
642
+ "testcloudfrontapigatewaylambdaLambdaFunction17A55E65",
643
+ "Arn"
644
+ ]
645
+ },
646
+ "/invocations"
647
+ ]
648
+ ]
649
+ }
650
+ },
651
+ "ResourceId": {
652
+ "Fn::GetAtt": [
653
+ "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44",
654
+ "RootResourceId"
655
+ ]
656
+ },
657
+ "RestApiId": {
658
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
659
+ }
660
+ }
661
+ },
662
+ "testcloudfrontapigatewaylambdaLambdaRestApiCloudWatchRole7A327F48": {
663
+ "Type": "AWS::IAM::Role",
664
+ "Properties": {
665
+ "AssumeRolePolicyDocument": {
666
+ "Statement": [
667
+ {
668
+ "Action": "sts:AssumeRole",
669
+ "Effect": "Allow",
670
+ "Principal": {
671
+ "Service": "apigateway.amazonaws.com"
672
+ }
673
+ }
674
+ ],
675
+ "Version": "2012-10-17"
676
+ },
677
+ "Policies": [
678
+ {
679
+ "PolicyDocument": {
680
+ "Statement": [
681
+ {
682
+ "Action": [
683
+ "logs:CreateLogGroup",
684
+ "logs:CreateLogStream",
685
+ "logs:DescribeLogGroups",
686
+ "logs:DescribeLogStreams",
687
+ "logs:FilterLogEvents",
688
+ "logs:GetLogEvents",
689
+ "logs:PutLogEvents"
690
+ ],
691
+ "Effect": "Allow",
692
+ "Resource": {
693
+ "Fn::Join": [
694
+ "",
695
+ [
696
+ "arn:",
697
+ {
698
+ "Ref": "AWS::Partition"
699
+ },
700
+ ":logs:",
701
+ {
702
+ "Ref": "AWS::Region"
703
+ },
704
+ ":",
705
+ {
706
+ "Ref": "AWS::AccountId"
707
+ },
708
+ ":*"
709
+ ]
710
+ ]
711
+ }
712
+ }
713
+ ],
714
+ "Version": "2012-10-17"
715
+ },
716
+ "PolicyName": "LambdaRestApiCloudWatchRolePolicy"
717
+ }
718
+ ]
719
+ },
720
+ "Metadata": {
721
+ "guard": {
722
+ "SuppressedRules": [
723
+ "IAM_NO_INLINE_POLICY_CHECK"
724
+ ]
725
+ }
726
+ }
727
+ },
728
+ "testcloudfrontapigatewaylambdaLambdaRestApiAccount1A4578BB": {
729
+ "Type": "AWS::ApiGateway::Account",
730
+ "Properties": {
731
+ "CloudWatchRoleArn": {
732
+ "Fn::GetAtt": [
733
+ "testcloudfrontapigatewaylambdaLambdaRestApiCloudWatchRole7A327F48",
734
+ "Arn"
735
+ ]
736
+ }
737
+ },
738
+ "DependsOn": [
739
+ "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
740
+ ]
741
+ },
742
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewaySetHttpSecurityHeaders6945414A": {
743
+ "Type": "AWS::CloudFront::Function",
744
+ "Properties": {
745
+ "AutoPublish": true,
746
+ "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }",
747
+ "FunctionConfig": {
748
+ "Comment": "SetHttpSecurityHeadersc86ff048e47765694444f7bb321137eed6f5db5665",
749
+ "Runtime": "cloudfront-js-1.0"
750
+ },
751
+ "Name": "SetHttpSecurityHeadersc86ff048e47765694444f7bb321137eed6f5db5665"
752
+ }
753
+ },
754
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57": {
755
+ "Type": "AWS::S3::Bucket",
756
+ "Properties": {
757
+ "BucketEncryption": {
758
+ "ServerSideEncryptionConfiguration": [
759
+ {
760
+ "ServerSideEncryptionByDefault": {
761
+ "SSEAlgorithm": "AES256"
762
+ }
763
+ }
764
+ ]
765
+ },
766
+ "PublicAccessBlockConfiguration": {
767
+ "BlockPublicAcls": true,
768
+ "BlockPublicPolicy": true,
769
+ "IgnorePublicAcls": true,
770
+ "RestrictPublicBuckets": true
771
+ },
772
+ "VersioningConfiguration": {
773
+ "Status": "Enabled"
774
+ }
775
+ },
776
+ "UpdateReplacePolicy": "Retain",
777
+ "DeletionPolicy": "Retain",
778
+ "Metadata": {
779
+ "cfn_nag": {
780
+ "rules_to_suppress": [
781
+ {
782
+ "id": "W35",
783
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
784
+ }
785
+ ]
786
+ }
787
+ }
788
+ },
789
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLogPolicy521355D8": {
790
+ "Type": "AWS::S3::BucketPolicy",
791
+ "Properties": {
792
+ "Bucket": {
793
+ "Ref": "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57"
794
+ },
795
+ "PolicyDocument": {
796
+ "Statement": [
797
+ {
798
+ "Action": "s3:*",
799
+ "Condition": {
800
+ "Bool": {
801
+ "aws:SecureTransport": "false"
802
+ }
803
+ },
804
+ "Effect": "Deny",
805
+ "Principal": {
806
+ "AWS": "*"
807
+ },
808
+ "Resource": [
809
+ {
810
+ "Fn::GetAtt": [
811
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57",
812
+ "Arn"
813
+ ]
814
+ },
815
+ {
816
+ "Fn::Join": [
817
+ "",
818
+ [
819
+ {
820
+ "Fn::GetAtt": [
821
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57",
822
+ "Arn"
823
+ ]
824
+ },
825
+ "/*"
826
+ ]
827
+ ]
828
+ }
829
+ ]
830
+ },
831
+ {
832
+ "Action": "s3:PutObject",
833
+ "Condition": {
834
+ "ArnLike": {
835
+ "aws:SourceArn": {
836
+ "Fn::GetAtt": [
837
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
838
+ "Arn"
839
+ ]
840
+ }
841
+ },
842
+ "StringEquals": {
843
+ "aws:SourceAccount": {
844
+ "Ref": "AWS::AccountId"
845
+ }
846
+ }
847
+ },
848
+ "Effect": "Allow",
849
+ "Principal": {
850
+ "Service": "logging.s3.amazonaws.com"
851
+ },
852
+ "Resource": {
853
+ "Fn::Join": [
854
+ "",
855
+ [
856
+ {
857
+ "Fn::GetAtt": [
858
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57",
859
+ "Arn"
860
+ ]
861
+ },
862
+ "/*"
863
+ ]
864
+ ]
865
+ }
866
+ }
867
+ ],
868
+ "Version": "2012-10-17"
869
+ }
870
+ }
871
+ },
872
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421": {
873
+ "Type": "AWS::S3::Bucket",
874
+ "Properties": {
875
+ "AccessControl": "LogDeliveryWrite",
876
+ "BucketEncryption": {
877
+ "ServerSideEncryptionConfiguration": [
878
+ {
879
+ "ServerSideEncryptionByDefault": {
880
+ "SSEAlgorithm": "AES256"
881
+ }
882
+ }
883
+ ]
884
+ },
885
+ "LoggingConfiguration": {
886
+ "DestinationBucketName": {
887
+ "Ref": "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAccessLog347EED57"
888
+ }
889
+ },
890
+ "OwnershipControls": {
891
+ "Rules": [
892
+ {
893
+ "ObjectOwnership": "ObjectWriter"
894
+ }
895
+ ]
896
+ },
897
+ "PublicAccessBlockConfiguration": {
898
+ "BlockPublicAcls": true,
899
+ "BlockPublicPolicy": true,
900
+ "IgnorePublicAcls": true,
901
+ "RestrictPublicBuckets": true
902
+ },
903
+ "Tags": [
904
+ {
905
+ "Key": "aws-cdk:auto-delete-objects",
906
+ "Value": "true"
907
+ }
908
+ ],
909
+ "VersioningConfiguration": {
910
+ "Status": "Enabled"
911
+ }
912
+ },
913
+ "UpdateReplacePolicy": "Delete",
914
+ "DeletionPolicy": "Delete"
915
+ },
916
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketPolicy4A551B79": {
917
+ "Type": "AWS::S3::BucketPolicy",
918
+ "Properties": {
919
+ "Bucket": {
920
+ "Ref": "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421"
921
+ },
922
+ "PolicyDocument": {
923
+ "Statement": [
924
+ {
925
+ "Action": "s3:*",
926
+ "Condition": {
927
+ "Bool": {
928
+ "aws:SecureTransport": "false"
929
+ }
930
+ },
931
+ "Effect": "Deny",
932
+ "Principal": {
933
+ "AWS": "*"
934
+ },
935
+ "Resource": [
936
+ {
937
+ "Fn::GetAtt": [
938
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
939
+ "Arn"
940
+ ]
941
+ },
942
+ {
943
+ "Fn::Join": [
944
+ "",
945
+ [
946
+ {
947
+ "Fn::GetAtt": [
948
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
949
+ "Arn"
950
+ ]
951
+ },
952
+ "/*"
953
+ ]
954
+ ]
955
+ }
956
+ ]
957
+ },
958
+ {
959
+ "Action": [
960
+ "s3:DeleteObject*",
961
+ "s3:GetBucket*",
962
+ "s3:List*",
963
+ "s3:PutBucketPolicy"
964
+ ],
965
+ "Effect": "Allow",
966
+ "Principal": {
967
+ "AWS": {
968
+ "Fn::GetAtt": [
969
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
970
+ "Arn"
971
+ ]
972
+ }
973
+ },
974
+ "Resource": [
975
+ {
976
+ "Fn::GetAtt": [
977
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
978
+ "Arn"
979
+ ]
980
+ },
981
+ {
982
+ "Fn::Join": [
983
+ "",
984
+ [
985
+ {
986
+ "Fn::GetAtt": [
987
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
988
+ "Arn"
989
+ ]
990
+ },
991
+ "/*"
992
+ ]
993
+ ]
994
+ }
995
+ ]
996
+ }
997
+ ],
998
+ "Version": "2012-10-17"
999
+ }
1000
+ }
1001
+ },
1002
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketAutoDeleteObjectsCustomResourceD4126D01": {
1003
+ "Type": "Custom::S3AutoDeleteObjects",
1004
+ "Properties": {
1005
+ "ServiceToken": {
1006
+ "Fn::GetAtt": [
1007
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
1008
+ "Arn"
1009
+ ]
1010
+ },
1011
+ "BucketName": {
1012
+ "Ref": "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421"
1013
+ }
1014
+ },
1015
+ "DependsOn": [
1016
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucketPolicy4A551B79"
1017
+ ],
1018
+ "UpdateReplacePolicy": "Delete",
1019
+ "DeletionPolicy": "Delete"
1020
+ },
1021
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudFrontDistribution0AFC98FC": {
1022
+ "Type": "AWS::CloudFront::Distribution",
1023
+ "Properties": {
1024
+ "DistributionConfig": {
1025
+ "DefaultCacheBehavior": {
1026
+ "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
1027
+ "Compress": true,
1028
+ "FunctionAssociations": [
1029
+ {
1030
+ "EventType": "viewer-response",
1031
+ "FunctionARN": {
1032
+ "Fn::GetAtt": [
1033
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewaySetHttpSecurityHeaders6945414A",
1034
+ "FunctionARN"
1035
+ ]
1036
+ }
1037
+ }
1038
+ ],
1039
+ "TargetOriginId": "cftaplamnousageplantestcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudFrontDistributionOrigin1079FB863",
1040
+ "ViewerProtocolPolicy": "redirect-to-https"
1041
+ },
1042
+ "Enabled": true,
1043
+ "HttpVersion": "http2",
1044
+ "IPV6Enabled": true,
1045
+ "Logging": {
1046
+ "Bucket": {
1047
+ "Fn::GetAtt": [
1048
+ "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421",
1049
+ "RegionalDomainName"
1050
+ ]
1051
+ }
1052
+ },
1053
+ "Origins": [
1054
+ {
1055
+ "CustomOriginConfig": {
1056
+ "OriginProtocolPolicy": "https-only",
1057
+ "OriginSSLProtocols": [
1058
+ "TLSv1.2"
1059
+ ]
1060
+ },
1061
+ "DomainName": {
1062
+ "Fn::Select": [
1063
+ 0,
1064
+ {
1065
+ "Fn::Split": [
1066
+ "/",
1067
+ {
1068
+ "Fn::Select": [
1069
+ 1,
1070
+ {
1071
+ "Fn::Split": [
1072
+ "://",
1073
+ {
1074
+ "Fn::Join": [
1075
+ "",
1076
+ [
1077
+ "https://",
1078
+ {
1079
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
1080
+ },
1081
+ ".execute-api.",
1082
+ {
1083
+ "Ref": "AWS::Region"
1084
+ },
1085
+ ".",
1086
+ {
1087
+ "Ref": "AWS::URLSuffix"
1088
+ },
1089
+ "/",
1090
+ {
1091
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7"
1092
+ },
1093
+ "/"
1094
+ ]
1095
+ ]
1096
+ }
1097
+ ]
1098
+ }
1099
+ ]
1100
+ }
1101
+ ]
1102
+ }
1103
+ ]
1104
+ },
1105
+ "Id": "cftaplamnousageplantestcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudFrontDistributionOrigin1079FB863",
1106
+ "OriginPath": {
1107
+ "Fn::Join": [
1108
+ "",
1109
+ [
1110
+ "/",
1111
+ {
1112
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7"
1113
+ }
1114
+ ]
1115
+ ]
1116
+ }
1117
+ }
1118
+ ]
1119
+ }
1120
+ },
1121
+ "Metadata": {
1122
+ "cfn_nag": {
1123
+ "rules_to_suppress": [
1124
+ {
1125
+ "id": "W70",
1126
+ "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
1127
+ }
1128
+ ]
1129
+ }
1130
+ }
1131
+ },
1132
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
1133
+ "Type": "AWS::IAM::Role",
1134
+ "Properties": {
1135
+ "AssumeRolePolicyDocument": {
1136
+ "Version": "2012-10-17",
1137
+ "Statement": [
1138
+ {
1139
+ "Action": "sts:AssumeRole",
1140
+ "Effect": "Allow",
1141
+ "Principal": {
1142
+ "Service": "lambda.amazonaws.com"
1143
+ }
1144
+ }
1145
+ ]
1146
+ },
1147
+ "ManagedPolicyArns": [
1148
+ {
1149
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
1150
+ }
1151
+ ]
1152
+ }
1153
+ },
1154
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
1155
+ "Type": "AWS::Lambda::Function",
1156
+ "Properties": {
1157
+ "Code": {
1158
+ "S3Bucket": {
1159
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
1160
+ },
1161
+ "S3Key": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip"
1162
+ },
1163
+ "Timeout": 900,
1164
+ "MemorySize": 128,
1165
+ "Handler": "index.handler",
1166
+ "Role": {
1167
+ "Fn::GetAtt": [
1168
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
1169
+ "Arn"
1170
+ ]
1171
+ },
1172
+ "Runtime": {
1173
+ "Fn::FindInMap": [
1174
+ "LatestNodeRuntimeMap",
1175
+ {
1176
+ "Ref": "AWS::Region"
1177
+ },
1178
+ "value"
1179
+ ]
1180
+ },
1181
+ "Description": {
1182
+ "Fn::Join": [
1183
+ "",
1184
+ [
1185
+ "Lambda function for auto-deleting objects in ",
1186
+ {
1187
+ "Ref": "testcloudfrontapigatewaylambdaCloudFrontToApiGatewayCloudfrontLoggingBucket7F467421"
1188
+ },
1189
+ " S3 bucket."
1190
+ ]
1191
+ ]
1192
+ }
1193
+ },
1194
+ "DependsOn": [
1195
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
1196
+ ],
1197
+ "Metadata": {
1198
+ "cfn_nag": {
1199
+ "rules_to_suppress": [
1200
+ {
1201
+ "id": "W58",
1202
+ "reason": "CDK generated custom resource"
1203
+ },
1204
+ {
1205
+ "id": "W89",
1206
+ "reason": "CDK generated custom resource"
1207
+ },
1208
+ {
1209
+ "id": "W92",
1210
+ "reason": "CDK generated custom resource"
1211
+ }
1212
+ ]
1213
+ }
1214
+ }
1215
+ }
1216
+ },
1217
+ "Outputs": {
1218
+ "testcloudfrontapigatewaylambdaLambdaRestApiEndpoint83FD8F0F": {
1219
+ "Value": {
1220
+ "Fn::Join": [
1221
+ "",
1222
+ [
1223
+ "https://",
1224
+ {
1225
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApi6A4CBD44"
1226
+ },
1227
+ ".execute-api.",
1228
+ {
1229
+ "Ref": "AWS::Region"
1230
+ },
1231
+ ".",
1232
+ {
1233
+ "Ref": "AWS::URLSuffix"
1234
+ },
1235
+ "/",
1236
+ {
1237
+ "Ref": "testcloudfrontapigatewaylambdaLambdaRestApiDeploymentStageprod4617A7B7"
1238
+ },
1239
+ "/"
1240
+ ]
1241
+ ]
1242
+ }
1243
+ }
1244
+ },
1245
+ "Mappings": {
1246
+ "LatestNodeRuntimeMap": {
1247
+ "af-south-1": {
1248
+ "value": "nodejs20.x"
1249
+ },
1250
+ "ap-east-1": {
1251
+ "value": "nodejs20.x"
1252
+ },
1253
+ "ap-northeast-1": {
1254
+ "value": "nodejs20.x"
1255
+ },
1256
+ "ap-northeast-2": {
1257
+ "value": "nodejs20.x"
1258
+ },
1259
+ "ap-northeast-3": {
1260
+ "value": "nodejs20.x"
1261
+ },
1262
+ "ap-south-1": {
1263
+ "value": "nodejs20.x"
1264
+ },
1265
+ "ap-south-2": {
1266
+ "value": "nodejs20.x"
1267
+ },
1268
+ "ap-southeast-1": {
1269
+ "value": "nodejs20.x"
1270
+ },
1271
+ "ap-southeast-2": {
1272
+ "value": "nodejs20.x"
1273
+ },
1274
+ "ap-southeast-3": {
1275
+ "value": "nodejs20.x"
1276
+ },
1277
+ "ap-southeast-4": {
1278
+ "value": "nodejs20.x"
1279
+ },
1280
+ "ap-southeast-5": {
1281
+ "value": "nodejs20.x"
1282
+ },
1283
+ "ap-southeast-7": {
1284
+ "value": "nodejs20.x"
1285
+ },
1286
+ "ca-central-1": {
1287
+ "value": "nodejs20.x"
1288
+ },
1289
+ "ca-west-1": {
1290
+ "value": "nodejs20.x"
1291
+ },
1292
+ "cn-north-1": {
1293
+ "value": "nodejs20.x"
1294
+ },
1295
+ "cn-northwest-1": {
1296
+ "value": "nodejs20.x"
1297
+ },
1298
+ "eu-central-1": {
1299
+ "value": "nodejs20.x"
1300
+ },
1301
+ "eu-central-2": {
1302
+ "value": "nodejs20.x"
1303
+ },
1304
+ "eu-isoe-west-1": {
1305
+ "value": "nodejs18.x"
1306
+ },
1307
+ "eu-north-1": {
1308
+ "value": "nodejs20.x"
1309
+ },
1310
+ "eu-south-1": {
1311
+ "value": "nodejs20.x"
1312
+ },
1313
+ "eu-south-2": {
1314
+ "value": "nodejs20.x"
1315
+ },
1316
+ "eu-west-1": {
1317
+ "value": "nodejs20.x"
1318
+ },
1319
+ "eu-west-2": {
1320
+ "value": "nodejs20.x"
1321
+ },
1322
+ "eu-west-3": {
1323
+ "value": "nodejs20.x"
1324
+ },
1325
+ "il-central-1": {
1326
+ "value": "nodejs20.x"
1327
+ },
1328
+ "me-central-1": {
1329
+ "value": "nodejs20.x"
1330
+ },
1331
+ "me-south-1": {
1332
+ "value": "nodejs20.x"
1333
+ },
1334
+ "mx-central-1": {
1335
+ "value": "nodejs20.x"
1336
+ },
1337
+ "sa-east-1": {
1338
+ "value": "nodejs20.x"
1339
+ },
1340
+ "us-east-1": {
1341
+ "value": "nodejs20.x"
1342
+ },
1343
+ "us-east-2": {
1344
+ "value": "nodejs20.x"
1345
+ },
1346
+ "us-gov-east-1": {
1347
+ "value": "nodejs20.x"
1348
+ },
1349
+ "us-gov-west-1": {
1350
+ "value": "nodejs20.x"
1351
+ },
1352
+ "us-iso-east-1": {
1353
+ "value": "nodejs18.x"
1354
+ },
1355
+ "us-iso-west-1": {
1356
+ "value": "nodejs18.x"
1357
+ },
1358
+ "us-isob-east-1": {
1359
+ "value": "nodejs18.x"
1360
+ },
1361
+ "us-west-1": {
1362
+ "value": "nodejs20.x"
1363
+ },
1364
+ "us-west-2": {
1365
+ "value": "nodejs20.x"
1366
+ }
1367
+ }
1368
+ },
1369
+ "Parameters": {
1370
+ "BootstrapVersion": {
1371
+ "Type": "AWS::SSM::Parameter::Value<String>",
1372
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1373
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1374
+ }
1375
+ },
1376
+ "Rules": {
1377
+ "CheckBootstrapVersion": {
1378
+ "Assertions": [
1379
+ {
1380
+ "Assert": {
1381
+ "Fn::Not": [
1382
+ {
1383
+ "Fn::Contains": [
1384
+ [
1385
+ "1",
1386
+ "2",
1387
+ "3",
1388
+ "4",
1389
+ "5"
1390
+ ],
1391
+ {
1392
+ "Ref": "BootstrapVersion"
1393
+ }
1394
+ ]
1395
+ }
1396
+ ]
1397
+ },
1398
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1399
+ }
1400
+ ]
1401
+ }
1402
+ }
1403
+ }