@aws-solutions-constructs/aws-cloudfront-oai-s3 2.100.0 → 2.101.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +269 -5
- package/lib/index.js +1 -1
- package/package.json +9 -9
- package/test/integ.cftoais3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-custom-headers.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.assets.json +4 -4
- package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.metadata.json +355 -0
- package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.template.json +2 -2
- package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.assets.json +1 -1
- package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.metadata.json +14 -0
- package/test/integ.cftoais3-custom-headers.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-custom-headers.js.snapshot/manifest.json +100 -374
- package/test/integ.cftoais3-custom-headers.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.assets.json +4 -4
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.metadata.json +341 -0
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.template.json +1 -1
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.assets.json +1 -1
- package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.metadata.json +14 -0
- package/test/integ.cftoais3-custom-originPath.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-custom-originPath.js.snapshot/manifest.json +100 -360
- package/test/integ.cftoais3-custom-originPath.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.assets.json +4 -4
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.metadata.json +379 -0
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.template.json +1 -1
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.assets.json +1 -1
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.metadata.json +14 -0
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/manifest.json +100 -398
- package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.assets.json +4 -4
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.metadata.json +355 -0
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.template.json +1 -1
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.assets.json +1 -1
- package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.metadata.json +14 -0
- package/test/integ.cftoais3-existing-bucket.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-existing-bucket.js.snapshot/manifest.json +100 -374
- package/test/integ.cftoais3-existing-bucket.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-no-arguments.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.assets.json +4 -4
- package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.metadata.json +341 -0
- package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.template.json +1 -1
- package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.assets.json +1 -1
- package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.metadata.json +14 -0
- package/test/integ.cftoais3-no-arguments.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-no-arguments.js.snapshot/manifest.json +100 -360
- package/test/integ.cftoais3-no-arguments.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.assets.json +4 -4
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.metadata.json +225 -0
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.template.json +1 -1
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets.json +1 -1
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.metadata.json +14 -0
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +100 -268
- package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +1 -1
- package/test/integ.cftoais3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cftoais3-no-logging.js.snapshot/cdk.out +1 -1
- package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.assets.json +4 -4
- package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.metadata.json +167 -0
- package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.template.json +1 -1
- package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.assets.json +1 -1
- package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.metadata.json +14 -0
- package/test/integ.cftoais3-no-logging.js.snapshot/integ.json +2 -2
- package/test/integ.cftoais3-no-logging.js.snapshot/manifest.json +100 -222
- package/test/integ.cftoais3-no-logging.js.snapshot/tree.json +1 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "
|
|
2
|
+
"version": "53.0.0",
|
|
3
3
|
"artifacts": {
|
|
4
4
|
"cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets": {
|
|
5
5
|
"type": "cdk:asset-manifest",
|
|
@@ -33,20 +33,7 @@
|
|
|
33
33
|
"dependencies": [
|
|
34
34
|
"cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets"
|
|
35
35
|
],
|
|
36
|
-
"
|
|
37
|
-
"/cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/BootstrapVersion": [
|
|
38
|
-
{
|
|
39
|
-
"type": "aws:cdk:logicalId",
|
|
40
|
-
"data": "BootstrapVersion"
|
|
41
|
-
}
|
|
42
|
-
],
|
|
43
|
-
"/cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [
|
|
44
|
-
{
|
|
45
|
-
"type": "aws:cdk:logicalId",
|
|
46
|
-
"data": "CheckBootstrapVersion"
|
|
47
|
-
}
|
|
48
|
-
]
|
|
49
|
-
},
|
|
36
|
+
"additionalMetadataFile": "cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.metadata.json",
|
|
50
37
|
"displayName": "cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert"
|
|
51
38
|
},
|
|
52
39
|
"cftoais3-no-cloudfront-s3-access-logs.assets": {
|
|
@@ -66,7 +53,7 @@
|
|
|
66
53
|
"validateOnSynth": false,
|
|
67
54
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
|
|
68
55
|
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
|
|
69
|
-
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/
|
|
56
|
+
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8ba62360268d097f3c04003b896a854bd9206f1e37d13c9c8cd31f2fb231c89a.json",
|
|
70
57
|
"requiresBootstrapStackVersion": 6,
|
|
71
58
|
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
|
|
72
59
|
"additionalDependencies": [
|
|
@@ -81,207 +68,7 @@
|
|
|
81
68
|
"dependencies": [
|
|
82
69
|
"cftoais3-no-cloudfront-s3-access-logs.assets"
|
|
83
70
|
],
|
|
84
|
-
"
|
|
85
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket": [
|
|
86
|
-
{
|
|
87
|
-
"type": "aws:cdk:analytics:construct",
|
|
88
|
-
"data": {
|
|
89
|
-
"encryption": "S3_MANAGED",
|
|
90
|
-
"versioned": true,
|
|
91
|
-
"blockPublicAccess": "*",
|
|
92
|
-
"removalPolicy": "destroy",
|
|
93
|
-
"enforceSSL": true,
|
|
94
|
-
"lifecycleRules": [
|
|
95
|
-
{
|
|
96
|
-
"noncurrentVersionTransitions": [
|
|
97
|
-
{
|
|
98
|
-
"storageClass": "*"
|
|
99
|
-
}
|
|
100
|
-
]
|
|
101
|
-
}
|
|
102
|
-
],
|
|
103
|
-
"autoDeleteObjects": true
|
|
104
|
-
}
|
|
105
|
-
},
|
|
106
|
-
{
|
|
107
|
-
"type": "aws:cdk:analytics:method",
|
|
108
|
-
"data": {
|
|
109
|
-
"addLifecycleRule": [
|
|
110
|
-
{
|
|
111
|
-
"noncurrentVersionTransitions": [
|
|
112
|
-
{
|
|
113
|
-
"storageClass": "*"
|
|
114
|
-
}
|
|
115
|
-
]
|
|
116
|
-
},
|
|
117
|
-
"*",
|
|
118
|
-
"*"
|
|
119
|
-
]
|
|
120
|
-
}
|
|
121
|
-
}
|
|
122
|
-
],
|
|
123
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Resource": [
|
|
124
|
-
{
|
|
125
|
-
"type": "aws:cdk:logicalId",
|
|
126
|
-
"data": "testcloudfrontoais3S3Bucket578AB9F3"
|
|
127
|
-
}
|
|
128
|
-
],
|
|
129
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy": [
|
|
130
|
-
{
|
|
131
|
-
"type": "aws:cdk:analytics:construct",
|
|
132
|
-
"data": {
|
|
133
|
-
"bucket": "*"
|
|
134
|
-
}
|
|
135
|
-
}
|
|
136
|
-
],
|
|
137
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy/Resource": [
|
|
138
|
-
{
|
|
139
|
-
"type": "aws:cdk:logicalId",
|
|
140
|
-
"data": "testcloudfrontoais3S3BucketPolicyD2322CC3"
|
|
141
|
-
}
|
|
142
|
-
],
|
|
143
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource": [
|
|
144
|
-
{
|
|
145
|
-
"type": "aws:cdk:analytics:construct",
|
|
146
|
-
"data": "*"
|
|
147
|
-
}
|
|
148
|
-
],
|
|
149
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource/Default": [
|
|
150
|
-
{
|
|
151
|
-
"type": "aws:cdk:logicalId",
|
|
152
|
-
"data": "testcloudfrontoais3S3BucketAutoDeleteObjectsCustomResourceA2545EE1"
|
|
153
|
-
}
|
|
154
|
-
],
|
|
155
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders": [
|
|
156
|
-
{
|
|
157
|
-
"type": "aws:cdk:analytics:construct",
|
|
158
|
-
"data": {
|
|
159
|
-
"functionName": "*",
|
|
160
|
-
"code": "*"
|
|
161
|
-
}
|
|
162
|
-
}
|
|
163
|
-
],
|
|
164
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders/Resource": [
|
|
165
|
-
{
|
|
166
|
-
"type": "aws:cdk:logicalId",
|
|
167
|
-
"data": "testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B"
|
|
168
|
-
}
|
|
169
|
-
],
|
|
170
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket": [
|
|
171
|
-
{
|
|
172
|
-
"type": "aws:cdk:analytics:construct",
|
|
173
|
-
"data": {
|
|
174
|
-
"encryption": "S3_MANAGED",
|
|
175
|
-
"versioned": true,
|
|
176
|
-
"blockPublicAccess": "*",
|
|
177
|
-
"removalPolicy": "destroy",
|
|
178
|
-
"enforceSSL": true,
|
|
179
|
-
"autoDeleteObjects": true,
|
|
180
|
-
"objectOwnership": "ObjectWriter"
|
|
181
|
-
}
|
|
182
|
-
}
|
|
183
|
-
],
|
|
184
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Resource": [
|
|
185
|
-
{
|
|
186
|
-
"type": "aws:cdk:logicalId",
|
|
187
|
-
"data": "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC"
|
|
188
|
-
}
|
|
189
|
-
],
|
|
190
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy": [
|
|
191
|
-
{
|
|
192
|
-
"type": "aws:cdk:analytics:construct",
|
|
193
|
-
"data": {
|
|
194
|
-
"bucket": "*"
|
|
195
|
-
}
|
|
196
|
-
}
|
|
197
|
-
],
|
|
198
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy/Resource": [
|
|
199
|
-
{
|
|
200
|
-
"type": "aws:cdk:logicalId",
|
|
201
|
-
"data": "testcloudfrontoais3CloudfrontLoggingBucketPolicy2130EE92"
|
|
202
|
-
}
|
|
203
|
-
],
|
|
204
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource": [
|
|
205
|
-
{
|
|
206
|
-
"type": "aws:cdk:analytics:construct",
|
|
207
|
-
"data": "*"
|
|
208
|
-
}
|
|
209
|
-
],
|
|
210
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default": [
|
|
211
|
-
{
|
|
212
|
-
"type": "aws:cdk:logicalId",
|
|
213
|
-
"data": "testcloudfrontoais3CloudfrontLoggingBucketAutoDeleteObjectsCustomResourceE88BD625"
|
|
214
|
-
}
|
|
215
|
-
],
|
|
216
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai": [
|
|
217
|
-
{
|
|
218
|
-
"type": "aws:cdk:analytics:construct",
|
|
219
|
-
"data": "*"
|
|
220
|
-
}
|
|
221
|
-
],
|
|
222
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai/Resource": [
|
|
223
|
-
{
|
|
224
|
-
"type": "aws:cdk:logicalId",
|
|
225
|
-
"data": "testcloudfrontoais3constructsGeneratedOaiA468F478"
|
|
226
|
-
}
|
|
227
|
-
],
|
|
228
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution": [
|
|
229
|
-
{
|
|
230
|
-
"type": "aws:cdk:analytics:construct",
|
|
231
|
-
"data": {
|
|
232
|
-
"defaultBehavior": {
|
|
233
|
-
"origin": "*",
|
|
234
|
-
"viewerProtocolPolicy": "redirect-to-https",
|
|
235
|
-
"functionAssociations": [
|
|
236
|
-
{
|
|
237
|
-
"eventType": "viewer-response",
|
|
238
|
-
"function": "*"
|
|
239
|
-
}
|
|
240
|
-
]
|
|
241
|
-
},
|
|
242
|
-
"enableLogging": true,
|
|
243
|
-
"logBucket": "*",
|
|
244
|
-
"defaultRootObject": "*"
|
|
245
|
-
}
|
|
246
|
-
}
|
|
247
|
-
],
|
|
248
|
-
"/cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution/Resource": [
|
|
249
|
-
{
|
|
250
|
-
"type": "aws:cdk:logicalId",
|
|
251
|
-
"data": "testcloudfrontoais3CloudFrontDistribution0E089CC5"
|
|
252
|
-
}
|
|
253
|
-
],
|
|
254
|
-
"/cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider": [
|
|
255
|
-
{
|
|
256
|
-
"type": "aws:cdk:is-custom-resource-handler-customResourceProvider",
|
|
257
|
-
"data": true
|
|
258
|
-
}
|
|
259
|
-
],
|
|
260
|
-
"/cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [
|
|
261
|
-
{
|
|
262
|
-
"type": "aws:cdk:logicalId",
|
|
263
|
-
"data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
|
|
264
|
-
}
|
|
265
|
-
],
|
|
266
|
-
"/cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [
|
|
267
|
-
{
|
|
268
|
-
"type": "aws:cdk:logicalId",
|
|
269
|
-
"data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F"
|
|
270
|
-
}
|
|
271
|
-
],
|
|
272
|
-
"/cftoais3-no-cloudfront-s3-access-logs/BootstrapVersion": [
|
|
273
|
-
{
|
|
274
|
-
"type": "aws:cdk:logicalId",
|
|
275
|
-
"data": "BootstrapVersion"
|
|
276
|
-
}
|
|
277
|
-
],
|
|
278
|
-
"/cftoais3-no-cloudfront-s3-access-logs/CheckBootstrapVersion": [
|
|
279
|
-
{
|
|
280
|
-
"type": "aws:cdk:logicalId",
|
|
281
|
-
"data": "CheckBootstrapVersion"
|
|
282
|
-
}
|
|
283
|
-
]
|
|
284
|
-
},
|
|
71
|
+
"additionalMetadataFile": "cftoais3-no-cloudfront-s3-access-logs.metadata.json",
|
|
285
72
|
"displayName": "cftoais3-no-cloudfront-s3-access-logs"
|
|
286
73
|
},
|
|
287
74
|
"Tree": {
|
|
@@ -295,57 +82,50 @@
|
|
|
295
82
|
"properties": {
|
|
296
83
|
"module": "aws-cdk-lib",
|
|
297
84
|
"flags": {
|
|
298
|
-
"@aws-cdk/
|
|
299
|
-
"
|
|
300
|
-
"explanation": "Allow multiple stacks with the same name"
|
|
301
|
-
},
|
|
302
|
-
"aws-cdk:enableDiffNoFail": {
|
|
85
|
+
"@aws-cdk/aws-signer:signingProfileNamePassedToCfn": {
|
|
86
|
+
"userValue": true,
|
|
303
87
|
"recommendedValue": true,
|
|
304
|
-
"explanation": "
|
|
88
|
+
"explanation": "Pass signingProfileName to CfnSigningProfile"
|
|
305
89
|
},
|
|
306
90
|
"@aws-cdk/core:newStyleStackSynthesis": {
|
|
307
91
|
"recommendedValue": true,
|
|
308
|
-
"explanation": "Switch to new stack synthesis method which enables CI/CD"
|
|
92
|
+
"explanation": "Switch to new stack synthesis method which enables CI/CD",
|
|
93
|
+
"unconfiguredBehavesLike": {
|
|
94
|
+
"v2": true
|
|
95
|
+
}
|
|
309
96
|
},
|
|
310
97
|
"@aws-cdk/core:stackRelativeExports": {
|
|
311
98
|
"recommendedValue": true,
|
|
312
|
-
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path"
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
"explanation": "DockerImageAsset properly supports `.dockerignore` files by default"
|
|
317
|
-
},
|
|
318
|
-
"@aws-cdk/aws-secretsmanager:parseOwnedSecretName": {
|
|
319
|
-
"recommendedValue": true,
|
|
320
|
-
"explanation": "Fix the referencing of SecretsManager names from ARNs"
|
|
321
|
-
},
|
|
322
|
-
"@aws-cdk/aws-kms:defaultKeyPolicies": {
|
|
323
|
-
"recommendedValue": true,
|
|
324
|
-
"explanation": "Tighten default KMS key policies"
|
|
325
|
-
},
|
|
326
|
-
"@aws-cdk/aws-s3:grantWriteWithoutAcl": {
|
|
327
|
-
"recommendedValue": true,
|
|
328
|
-
"explanation": "Remove `PutObjectAcl` from Bucket.grantWrite"
|
|
99
|
+
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path",
|
|
100
|
+
"unconfiguredBehavesLike": {
|
|
101
|
+
"v2": true
|
|
102
|
+
}
|
|
329
103
|
},
|
|
330
|
-
"@aws-cdk/aws-ecs-patterns:
|
|
104
|
+
"@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": {
|
|
105
|
+
"userValue": true,
|
|
331
106
|
"recommendedValue": true,
|
|
332
|
-
"explanation": "
|
|
107
|
+
"explanation": "Disable implicit openListener when custom security groups are provided"
|
|
333
108
|
},
|
|
334
109
|
"@aws-cdk/aws-rds:lowercaseDbIdentifier": {
|
|
335
110
|
"recommendedValue": true,
|
|
336
|
-
"explanation": "Force lowercasing of RDS Cluster names in CDK"
|
|
111
|
+
"explanation": "Force lowercasing of RDS Cluster names in CDK",
|
|
112
|
+
"unconfiguredBehavesLike": {
|
|
113
|
+
"v2": true
|
|
114
|
+
}
|
|
337
115
|
},
|
|
338
116
|
"@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": {
|
|
339
117
|
"recommendedValue": true,
|
|
340
|
-
"explanation": "Allow adding/removing multiple UsagePlanKeys independently"
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
"explanation": "Enable this feature flag to have elastic file systems encrypted at rest by default."
|
|
118
|
+
"explanation": "Allow adding/removing multiple UsagePlanKeys independently",
|
|
119
|
+
"unconfiguredBehavesLike": {
|
|
120
|
+
"v2": true
|
|
121
|
+
}
|
|
345
122
|
},
|
|
346
123
|
"@aws-cdk/aws-lambda:recognizeVersionProps": {
|
|
347
124
|
"recommendedValue": true,
|
|
348
|
-
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`."
|
|
125
|
+
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.",
|
|
126
|
+
"unconfiguredBehavesLike": {
|
|
127
|
+
"v2": true
|
|
128
|
+
}
|
|
349
129
|
},
|
|
350
130
|
"@aws-cdk/aws-lambda:recognizeLayerVersion": {
|
|
351
131
|
"userValue": true,
|
|
@@ -354,7 +134,10 @@
|
|
|
354
134
|
},
|
|
355
135
|
"@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": {
|
|
356
136
|
"recommendedValue": true,
|
|
357
|
-
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default."
|
|
137
|
+
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.",
|
|
138
|
+
"unconfiguredBehavesLike": {
|
|
139
|
+
"v2": true
|
|
140
|
+
}
|
|
358
141
|
},
|
|
359
142
|
"@aws-cdk/core:checkSecretUsage": {
|
|
360
143
|
"userValue": true,
|
|
@@ -431,7 +214,7 @@
|
|
|
431
214
|
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": {
|
|
432
215
|
"userValue": true,
|
|
433
216
|
"recommendedValue": true,
|
|
434
|
-
"explanation": "Enable this feature to
|
|
217
|
+
"explanation": "Enable this feature to create default policy names for imported roles that depend on the stack the role is in."
|
|
435
218
|
},
|
|
436
219
|
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": {
|
|
437
220
|
"userValue": true,
|
|
@@ -575,13 +358,21 @@
|
|
|
575
358
|
},
|
|
576
359
|
"@aws-cdk/pipelines:reduceAssetRoleTrustScope": {
|
|
577
360
|
"recommendedValue": true,
|
|
578
|
-
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy"
|
|
361
|
+
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy",
|
|
362
|
+
"unconfiguredBehavesLike": {
|
|
363
|
+
"v2": true
|
|
364
|
+
}
|
|
579
365
|
},
|
|
580
366
|
"@aws-cdk/aws-eks:nodegroupNameAttribute": {
|
|
581
367
|
"userValue": true,
|
|
582
368
|
"recommendedValue": true,
|
|
583
369
|
"explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix."
|
|
584
370
|
},
|
|
371
|
+
"@aws-cdk/aws-eks:useNativeOidcProvider": {
|
|
372
|
+
"userValue": true,
|
|
373
|
+
"recommendedValue": true,
|
|
374
|
+
"explanation": "When enabled, EKS V2 clusters will use the native OIDC provider resource AWS::IAM::OIDCProvider instead of creating the OIDCProvider with a custom resource (iam.OpenIDConnectProvider)."
|
|
375
|
+
},
|
|
585
376
|
"@aws-cdk/aws-ec2:ebsDefaultGp3Volume": {
|
|
586
377
|
"userValue": true,
|
|
587
378
|
"recommendedValue": true,
|
|
@@ -604,23 +395,16 @@
|
|
|
604
395
|
},
|
|
605
396
|
"@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": {
|
|
606
397
|
"recommendedValue": true,
|
|
607
|
-
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model."
|
|
398
|
+
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.",
|
|
399
|
+
"unconfiguredBehavesLike": {
|
|
400
|
+
"v2": true
|
|
401
|
+
}
|
|
608
402
|
},
|
|
609
403
|
"@aws-cdk/core:explicitStackTags": {
|
|
610
404
|
"userValue": true,
|
|
611
405
|
"recommendedValue": true,
|
|
612
406
|
"explanation": "When enabled, stack tags need to be assigned explicitly on a Stack."
|
|
613
407
|
},
|
|
614
|
-
"@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": {
|
|
615
|
-
"userValue": false,
|
|
616
|
-
"recommendedValue": false,
|
|
617
|
-
"explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**"
|
|
618
|
-
},
|
|
619
|
-
"@aws-cdk/aws-ecs:disableEcsImdsBlocking": {
|
|
620
|
-
"userValue": true,
|
|
621
|
-
"recommendedValue": true,
|
|
622
|
-
"explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**"
|
|
623
|
-
},
|
|
624
408
|
"@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": {
|
|
625
409
|
"userValue": true,
|
|
626
410
|
"recommendedValue": true,
|
|
@@ -668,7 +452,10 @@
|
|
|
668
452
|
},
|
|
669
453
|
"@aws-cdk/core:aspectStabilization": {
|
|
670
454
|
"recommendedValue": true,
|
|
671
|
-
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis."
|
|
455
|
+
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.",
|
|
456
|
+
"unconfiguredBehavesLike": {
|
|
457
|
+
"v2": true
|
|
458
|
+
}
|
|
672
459
|
},
|
|
673
460
|
"@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": {
|
|
674
461
|
"userValue": true,
|
|
@@ -702,7 +489,10 @@
|
|
|
702
489
|
},
|
|
703
490
|
"@aws-cdk/pipelines:reduceStageRoleTrustScope": {
|
|
704
491
|
"recommendedValue": true,
|
|
705
|
-
"explanation": "Remove the root account principal from Stage addActions trust policy"
|
|
492
|
+
"explanation": "Remove the root account principal from Stage addActions trust policy",
|
|
493
|
+
"unconfiguredBehavesLike": {
|
|
494
|
+
"v2": true
|
|
495
|
+
}
|
|
706
496
|
},
|
|
707
497
|
"@aws-cdk/aws-events:requireEventBusPolicySid": {
|
|
708
498
|
"userValue": true,
|
|
@@ -725,7 +515,10 @@
|
|
|
725
515
|
},
|
|
726
516
|
"@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": {
|
|
727
517
|
"recommendedValue": true,
|
|
728
|
-
"explanation": "When enabled, scopes down the trust policy for the cross-account action role"
|
|
518
|
+
"explanation": "When enabled, scopes down the trust policy for the cross-account action role",
|
|
519
|
+
"unconfiguredBehavesLike": {
|
|
520
|
+
"v2": true
|
|
521
|
+
}
|
|
729
522
|
},
|
|
730
523
|
"@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": {
|
|
731
524
|
"userValue": true,
|
|
@@ -755,10 +548,49 @@
|
|
|
755
548
|
"userValue": true,
|
|
756
549
|
"recommendedValue": true,
|
|
757
550
|
"explanation": "When enabled, CDK creates and manages loggroup for the lambda function"
|
|
551
|
+
},
|
|
552
|
+
"@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": {
|
|
553
|
+
"userValue": true,
|
|
554
|
+
"recommendedValue": true,
|
|
555
|
+
"explanation": "When enabled, Network Load Balancer will be created with a security group by default."
|
|
556
|
+
},
|
|
557
|
+
"@aws-cdk/aws-stepfunctions-tasks:httpInvokeDynamicJsonPathEndpoint": {
|
|
558
|
+
"recommendedValue": true,
|
|
559
|
+
"explanation": "When enabled, allows using a dynamic apiEndpoint with JSONPath format in HttpInvoke tasks.",
|
|
560
|
+
"unconfiguredBehavesLike": {
|
|
561
|
+
"v2": true
|
|
562
|
+
}
|
|
563
|
+
},
|
|
564
|
+
"@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": {
|
|
565
|
+
"userValue": true,
|
|
566
|
+
"recommendedValue": true,
|
|
567
|
+
"explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement"
|
|
568
|
+
},
|
|
569
|
+
"@aws-cdk/aws-route53-patterns:useDistribution": {
|
|
570
|
+
"userValue": true,
|
|
571
|
+
"recommendedValue": true,
|
|
572
|
+
"explanation": "Use the `Distribution` resource instead of `CloudFrontWebDistribution`"
|
|
573
|
+
},
|
|
574
|
+
"@aws-cdk/aws-cloudfront:defaultFunctionRuntimeV2_0": {
|
|
575
|
+
"userValue": true,
|
|
576
|
+
"recommendedValue": true,
|
|
577
|
+
"explanation": "Use cloudfront-js-2.0 as the default runtime for CloudFront Functions"
|
|
578
|
+
},
|
|
579
|
+
"@aws-cdk/aws-elasticloadbalancingv2:usePostQuantumTlsPolicy": {
|
|
580
|
+
"userValue": true,
|
|
581
|
+
"recommendedValue": true,
|
|
582
|
+
"explanation": "When enabled, HTTPS/TLS listeners use post-quantum TLS policy by default"
|
|
583
|
+
},
|
|
584
|
+
"@aws-cdk/core:automaticL1Traits": {
|
|
585
|
+
"recommendedValue": true,
|
|
586
|
+
"explanation": "Automatically use the default L1 traits for L1 constructs`",
|
|
587
|
+
"unconfiguredBehavesLike": {
|
|
588
|
+
"v2": true
|
|
589
|
+
}
|
|
758
590
|
}
|
|
759
591
|
}
|
|
760
592
|
}
|
|
761
593
|
}
|
|
762
594
|
},
|
|
763
|
-
"minimumCliVersion": "2.
|
|
595
|
+
"minimumCliVersion": "2.1117.0"
|
|
764
596
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.206.0"},"children":{"cftoais3-no-cloudfront-s3-access-logs":{"id":"cftoais3-no-cloudfront-s3-access-logs","path":"cftoais3-no-cloudfront-s3-access-logs","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"test-cloudfront-oai-s3":{"id":"test-cloudfront-oai-s3","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-oai-s3.CloudFrontToOaiToS3","version":"2.86.0"},"children":{"S3Bucket":{"id":"S3Bucket","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"autoDeleteObjects":true},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfrontoais3S3Bucket578AB9F3"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Effect":"Allow","Principal":{"CanonicalUser":{"Fn::GetAtt":["testcloudfrontoais3constructsGeneratedOaiA468F478","S3CanonicalUserId"]}},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfrontoais3CloudFrontDistribution0E089CC5"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"SetHttpSecurityHeaders":{"id":"SetHttpSecurityHeaders","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Function","version":"2.206.0","metadata":[{"functionName":"*","code":"*"}]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnFunction","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Function","aws:cdk:cloudformation:props":{"autoPublish":true,"functionCode":"function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }","functionConfig":{"comment":"SetHttpSecurityHeadersc8f7f4bd284e0dfe896b4ee5e3002830ae26040096","runtime":"cloudfront-js-1.0"},"name":"SetHttpSecurityHeadersc8f7f4bd284e0dfe896b4ee5e3002830ae26040096"}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter"}]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfrontoais3CloudfrontLoggingBucket55AA79FC"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"constructsGeneratedOai":{"id":"constructsGeneratedOai","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.OriginAccessIdentity","version":"2.206.0","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCloudFrontOriginAccessIdentity","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CloudFrontOriginAccessIdentity","aws:cdk:cloudformation:props":{"cloudFrontOriginAccessIdentityConfig":{"comment":"Allows CloudFront to reach the bucket"}}}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.206.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"eventType":"viewer-response","function":"*"}]},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","RegionalDomainName"]},"id":"cftoais3nocloudfronts3accesslogstestcloudfrontoais3CloudFrontDistributionOrigin19941995A","s3OriginConfig":{"originAccessIdentity":{"Fn::Join":["",["origin-access-identity/cloudfront/",{"Ref":"testcloudfrontoais3constructsGeneratedOaiA468F478"}]]}}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cftoais3nocloudfronts3accesslogstestcloudfrontoais3CloudFrontDistributionOrigin19941995A","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"functionArn":{"Fn::GetAtt":["testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B","FunctionARN"]},"eventType":"viewer-response"}]},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","RegionalDomainName"]}}}}}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.206.0"},"children":{"Staging":{"id":"Staging","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.206.0"}},"Role":{"id":"Role","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}},"Handler":{"id":"Handler","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}},"Integ":{"id":"Integ","path":"cftoais3-no-cloudfront-s3-access-logs/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.206.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.206.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
1
|
+
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.246.0"},"children":{"cftoais3-no-cloudfront-s3-access-logs":{"id":"cftoais3-no-cloudfront-s3-access-logs","path":"cftoais3-no-cloudfront-s3-access-logs","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.246.0"},"children":{"test-cloudfront-oai-s3":{"id":"test-cloudfront-oai-s3","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-oai-s3.CloudFrontToOaiToS3","version":"2.100.1"},"children":{"S3Bucket":{"id":"S3Bucket","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfrontoais3S3Bucket578AB9F3"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Effect":"Allow","Principal":{"CanonicalUser":{"Fn::GetAtt":["testcloudfrontoais3constructsGeneratedOaiA468F478","S3CanonicalUserId"]}},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfrontoais3CloudFrontDistribution0E089CC5"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.246.0"},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/S3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.246.0"}}}}}},"SetHttpSecurityHeaders":{"id":"SetHttpSecurityHeaders","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Function","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/SetHttpSecurityHeaders/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnFunction","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Function","aws:cdk:cloudformation:props":{"autoPublish":true,"functionCode":"function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }","functionConfig":{"comment":"SetHttpSecurityHeadersc8f7f4bd284e0dfe896b4ee5e3002830ae26040096","runtime":"cloudfront-js-2.0"},"name":"SetHttpSecurityHeadersc8f7f4bd284e0dfe896b4ee5e3002830ae26040096"}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfrontoais3CloudfrontLoggingBucket55AA79FC"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.246.0"},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.246.0"}}}}}},"constructsGeneratedOai":{"id":"constructsGeneratedOai","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.OriginAccessIdentity","version":"2.246.0"},"children":{"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/constructsGeneratedOai/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCloudFrontOriginAccessIdentity","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CloudFrontOriginAccessIdentity","aws:cdk:cloudformation:props":{"cloudFrontOriginAccessIdentityConfig":{"comment":"Allows CloudFront to reach the bucket"}}}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.246.0"},"children":{"Origin1":{"id":"Origin1","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}},"Resource":{"id":"Resource","path":"cftoais3-no-cloudfront-s3-access-logs/test-cloudfront-oai-s3/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.246.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfrontoais3S3Bucket578AB9F3","RegionalDomainName"]},"id":"cftoais3nocloudfronts3accesslogstestcloudfrontoais3CloudFrontDistributionOrigin19941995A","s3OriginConfig":{"originAccessIdentity":{"Fn::Join":["",["origin-access-identity/cloudfront/",{"Ref":"testcloudfrontoais3constructsGeneratedOaiA468F478"}]]}}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cftoais3nocloudfronts3accesslogstestcloudfrontoais3CloudFrontDistributionOrigin19941995A","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"functionArn":{"Fn::GetAtt":["testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B","FunctionARN"]},"eventType":"viewer-response"}]},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfrontoais3CloudfrontLoggingBucket55AA79FC","RegionalDomainName"]}}}}}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.246.0"},"children":{"Staging":{"id":"Staging","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.246.0"}},"Role":{"id":"Role","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.246.0"}},"Handler":{"id":"Handler","path":"cftoais3-no-cloudfront-s3-access-logs/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.246.0"}}}},"Integ":{"id":"Integ","path":"cftoais3-no-cloudfront-s3-access-logs/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.246.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.246.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}},"DeployAssert":{"id":"DeployAssert","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.246.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.246.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.246.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.246.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cftoais3-no-cloudfront-s3-access-logs/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.246.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}}}}}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"
|
|
1
|
+
{"version":"53.0.0"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "
|
|
2
|
+
"version": "53.0.0",
|
|
3
3
|
"files": {
|
|
4
4
|
"faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6": {
|
|
5
5
|
"displayName": "cftoais3-no-logging/Custom::S3AutoDeleteObjectsCustomResourceProvider Code",
|
|
@@ -15,16 +15,16 @@
|
|
|
15
15
|
}
|
|
16
16
|
}
|
|
17
17
|
},
|
|
18
|
-
"
|
|
18
|
+
"ba526bad46e8a87af260def9e66fadff9e4059ca879e99f46767138387dab042": {
|
|
19
19
|
"displayName": "cftoais3-no-logging Template",
|
|
20
20
|
"source": {
|
|
21
21
|
"path": "cftoais3-no-logging.template.json",
|
|
22
22
|
"packaging": "file"
|
|
23
23
|
},
|
|
24
24
|
"destinations": {
|
|
25
|
-
"current_account-current_region-
|
|
25
|
+
"current_account-current_region-d858332a": {
|
|
26
26
|
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
27
|
-
"objectKey": "
|
|
27
|
+
"objectKey": "ba526bad46e8a87af260def9e66fadff9e4059ca879e99f46767138387dab042.json",
|
|
28
28
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
29
29
|
}
|
|
30
30
|
}
|