@aws-solutions-constructs/aws-cloudfront-oai-s3 2.79.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/.jsii +4403 -0
  2. package/README.md +109 -0
  3. package/architecture.png +0 -0
  4. package/integ.config.json +7 -0
  5. package/lib/index.d.ts +118 -0
  6. package/lib/index.js +106 -0
  7. package/package.json +95 -0
  8. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.d.ts +13 -0
  9. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +56 -0
  10. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  11. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  12. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +32 -0
  13. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +1061 -0
  14. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.assets.json +19 -0
  15. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.template.json +36 -0
  16. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  17. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +215 -0
  18. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1105 -0
  19. package/test/integ.cftoais3-custom-headers.d.ts +13 -0
  20. package/test/integ.cftoais3-custom-headers.js +71 -0
  21. package/test/integ.cftoais3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  22. package/test/integ.cftoais3-custom-headers.js.snapshot/cdk.out +1 -0
  23. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.assets.json +32 -0
  24. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.template.json +1116 -0
  25. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.assets.json +19 -0
  26. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.template.json +36 -0
  27. package/test/integ.cftoais3-custom-headers.js.snapshot/integ.json +12 -0
  28. package/test/integ.cftoais3-custom-headers.js.snapshot/manifest.json +227 -0
  29. package/test/integ.cftoais3-custom-headers.js.snapshot/tree.json +1196 -0
  30. package/test/integ.cftoais3-custom-originPath.d.ts +13 -0
  31. package/test/integ.cftoais3-custom-originPath.js +48 -0
  32. package/test/integ.cftoais3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  33. package/test/integ.cftoais3-custom-originPath.js.snapshot/cdk.out +1 -0
  34. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.assets.json +32 -0
  35. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.template.json +1085 -0
  36. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.assets.json +19 -0
  37. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.template.json +36 -0
  38. package/test/integ.cftoais3-custom-originPath.js.snapshot/integ.json +12 -0
  39. package/test/integ.cftoais3-custom-originPath.js.snapshot/manifest.json +221 -0
  40. package/test/integ.cftoais3-custom-originPath.js.snapshot/tree.json +1147 -0
  41. package/test/integ.cftoais3-customLoggingBuckets.d.ts +13 -0
  42. package/test/integ.cftoais3-customLoggingBuckets.js +64 -0
  43. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  44. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  45. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.assets.json +32 -0
  46. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.template.json +1109 -0
  47. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.assets.json +19 -0
  48. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.template.json +36 -0
  49. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  50. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/manifest.json +221 -0
  51. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/tree.json +1172 -0
  52. package/test/integ.cftoais3-existing-bucket.d.ts +13 -0
  53. package/test/integ.cftoais3-existing-bucket.js +59 -0
  54. package/test/integ.cftoais3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  55. package/test/integ.cftoais3-existing-bucket.js.snapshot/cdk.out +1 -0
  56. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.assets.json +32 -0
  57. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.template.json +1131 -0
  58. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.assets.json +19 -0
  59. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.template.json +36 -0
  60. package/test/integ.cftoais3-existing-bucket.js.snapshot/integ.json +12 -0
  61. package/test/integ.cftoais3-existing-bucket.js.snapshot/manifest.json +233 -0
  62. package/test/integ.cftoais3-existing-bucket.js.snapshot/tree.json +1240 -0
  63. package/test/integ.cftoais3-no-arguments.d.ts +13 -0
  64. package/test/integ.cftoais3-no-arguments.js +53 -0
  65. package/test/integ.cftoais3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  66. package/test/integ.cftoais3-no-arguments.js.snapshot/cdk.out +1 -0
  67. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.assets.json +32 -0
  68. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.template.json +1094 -0
  69. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.assets.json +19 -0
  70. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.template.json +36 -0
  71. package/test/integ.cftoais3-no-arguments.js.snapshot/integ.json +12 -0
  72. package/test/integ.cftoais3-no-arguments.js.snapshot/manifest.json +356 -0
  73. package/test/integ.cftoais3-no-arguments.js.snapshot/tree.json +1146 -0
  74. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.d.ts +13 -0
  75. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js +60 -0
  76. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  77. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -0
  78. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.assets.json +32 -0
  79. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.template.json +743 -0
  80. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets.json +19 -0
  81. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.template.json +36 -0
  82. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +12 -0
  83. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +185 -0
  84. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +726 -0
  85. package/test/integ.cftoais3-no-logging.d.ts +13 -0
  86. package/test/integ.cftoais3-no-logging.js +56 -0
  87. package/test/integ.cftoais3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  88. package/test/integ.cftoais3-no-logging.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.assets.json +32 -0
  90. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.template.json +576 -0
  91. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.assets.json +19 -0
  92. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.template.json +36 -0
  93. package/test/integ.cftoais3-no-logging.js.snapshot/integ.json +12 -0
  94. package/test/integ.cftoais3-no-logging.js.snapshot/manifest.json +167 -0
  95. package/test/integ.cftoais3-no-logging.js.snapshot/tree.json +542 -0
  96. package/test/integ.cftoais3-no-security-headers.d.ts +13 -0
  97. package/test/integ.cftoais3-no-security-headers.js +50 -0
  98. package/test/integ.cftoais3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  99. package/test/integ.cftoais3-no-security-headers.js.snapshot/cdk.out +1 -0
  100. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.assets.json +32 -0
  101. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.template.json +1061 -0
  102. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.assets.json +19 -0
  103. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.template.json +36 -0
  104. package/test/integ.cftoais3-no-security-headers.js.snapshot/integ.json +12 -0
  105. package/test/integ.cftoais3-no-security-headers.js.snapshot/manifest.json +215 -0
  106. package/test/integ.cftoais3-no-security-headers.js.snapshot/tree.json +1105 -0
  107. package/test/test.cloudfront-oai-s3.test.d.ts +13 -0
  108. package/test/test.cloudfront-oai-s3.test.js +702 -0
@@ -0,0 +1,13 @@
1
+ /**
2
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3
+ *
4
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
5
+ * with the License. A copy of the License is located at
6
+ *
7
+ * http://www.apache.org/licenses/LICENSE-2.0
8
+ *
9
+ * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
10
+ * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
11
+ * and limitations under the License.
12
+ */
13
+ export {};
@@ -0,0 +1,56 @@
1
+ "use strict";
2
+ /**
3
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
6
+ * with the License. A copy of the License is located at
7
+ *
8
+ * http://www.apache.org/licenses/LICENSE-2.0
9
+ *
10
+ * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
11
+ * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
12
+ * and limitations under the License.
13
+ */
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ // Imports
16
+ const aws_cdk_lib_1 = require("aws-cdk-lib");
17
+ const lib_1 = require("../lib");
18
+ const core_1 = require("@aws-solutions-constructs/core");
19
+ const integ_tests_alpha_1 = require("@aws-cdk/integ-tests-alpha");
20
+ const defaults = require("@aws-solutions-constructs/core");
21
+ // Setup
22
+ const app = new aws_cdk_lib_1.App();
23
+ const stack = new aws_cdk_lib_1.Stack(app, (0, core_1.generateIntegStackName)(__filename));
24
+ stack.templateOptions.description = 'Integration Test for aws-cloudfront-oai-s3';
25
+ const construct = new lib_1.CloudFrontToOaiToS3(stack, 'test-cloudfront-oai-s3', {
26
+ logS3AccessLogs: false,
27
+ cloudFrontDistributionProps: {
28
+ enableLogging: false
29
+ },
30
+ cloudFrontLoggingBucketProps: {
31
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
32
+ autoDeleteObjects: true
33
+ },
34
+ bucketProps: {
35
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
36
+ autoDeleteObjects: true
37
+ }
38
+ });
39
+ defaults.addCfnSuppressRules(construct.cloudFrontWebDistribution, [
40
+ { id: 'W10',
41
+ reason: 'Test case only' },
42
+ ]);
43
+ defaults.addCfnSuppressRules(construct.s3Bucket, [
44
+ { id: 'W35',
45
+ reason: 'Test case only' },
46
+ ]);
47
+ defaults.addCfnSuppressRules(construct.cloudFrontWebDistribution, [
48
+ { id: 'W35',
49
+ reason: 'Test case only' },
50
+ ]);
51
+ defaults.suppressCustomHandlerCfnNagWarnings(stack, 'Custom::S3AutoDeleteObjectsCustomResourceProvider');
52
+ // Synth
53
+ new integ_tests_alpha_1.IntegTest(stack, 'Integ', { testCases: [
54
+ stack
55
+ ] });
56
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcuY2Z0b2FpczMtbm8tbG9nZ2luZy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImludGVnLmNmdG9haXMzLW5vLWxvZ2dpbmcudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7Ozs7Ozs7OztHQVdHOztBQUVILFVBQVU7QUFDViw2Q0FBd0Q7QUFDeEQsZ0NBQTZDO0FBQzdDLHlEQUF3RTtBQUN4RSxrRUFBdUQ7QUFDdkQsMkRBQTJEO0FBRTNELFFBQVE7QUFDUixNQUFNLEdBQUcsR0FBRyxJQUFJLGlCQUFHLEVBQUUsQ0FBQztBQUN0QixNQUFNLEtBQUssR0FBRyxJQUFJLG1CQUFLLENBQUMsR0FBRyxFQUFFLElBQUEsNkJBQXNCLEVBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQztBQUNqRSxLQUFLLENBQUMsZUFBZSxDQUFDLFdBQVcsR0FBRyw0Q0FBNEMsQ0FBQztBQUVqRixNQUFNLFNBQVMsR0FBRyxJQUFJLHlCQUFtQixDQUFDLEtBQUssRUFBRSx3QkFBd0IsRUFBRTtJQUN6RSxlQUFlLEVBQUUsS0FBSztJQUN0QiwyQkFBMkIsRUFBRTtRQUMzQixhQUFhLEVBQUUsS0FBSztLQUNyQjtJQUNELDRCQUE0QixFQUFFO1FBQzVCLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87UUFDcEMsaUJBQWlCLEVBQUUsSUFBSTtLQUN4QjtJQUNELFdBQVcsRUFBRTtRQUNYLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87UUFDcEMsaUJBQWlCLEVBQUUsSUFBSTtLQUN4QjtDQUNGLENBQUMsQ0FBQztBQUVILFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQyxTQUFTLENBQUMseUJBQXlCLEVBQUU7SUFDaEUsRUFBRSxFQUFFLEVBQUUsS0FBSztRQUNULE1BQU0sRUFBRSxnQkFBZ0IsRUFBRTtDQUM3QixDQUFDLENBQUM7QUFFSCxRQUFRLENBQUMsbUJBQW1CLENBQUMsU0FBUyxDQUFDLFFBQVMsRUFBRTtJQUNoRCxFQUFFLEVBQUUsRUFBRSxLQUFLO1FBQ1QsTUFBTSxFQUFFLGdCQUFnQixFQUFFO0NBQzdCLENBQUMsQ0FBQztBQUVILFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQyxTQUFTLENBQUMseUJBQXlCLEVBQUU7SUFDaEUsRUFBRSxFQUFFLEVBQUUsS0FBSztRQUNULE1BQU0sRUFBRSxnQkFBZ0IsRUFBRTtDQUM3QixDQUFDLENBQUM7QUFFSCxRQUFRLENBQUMsbUNBQW1DLENBQUMsS0FBSyxFQUFFLG1EQUFtRCxDQUFDLENBQUM7QUFDekcsUUFBUTtBQUNSLElBQUksNkJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBTyxFQUFFLEVBQUUsU0FBUyxFQUFFO1FBQ3pDLEtBQUs7S0FDTixFQUFFLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7IEFwcCwgU3RhY2ssIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENsb3VkRnJvbnRUb09haVRvUzMgfSBmcm9tIFwiLi4vbGliXCI7XG5pbXBvcnQgeyBnZW5lcmF0ZUludGVnU3RhY2tOYW1lIH0gZnJvbSAnQGF3cy1zb2x1dGlvbnMtY29uc3RydWN0cy9jb3JlJztcbmltcG9ydCB7IEludGVnVGVzdCB9IGZyb20gJ0Bhd3MtY2RrL2ludGVnLXRlc3RzLWFscGhhJztcbmltcG9ydCAqIGFzIGRlZmF1bHRzIGZyb20gJ0Bhd3Mtc29sdXRpb25zLWNvbnN0cnVjdHMvY29yZSc7XG5cbi8vIFNldHVwXG5jb25zdCBhcHAgPSBuZXcgQXBwKCk7XG5jb25zdCBzdGFjayA9IG5ldyBTdGFjayhhcHAsIGdlbmVyYXRlSW50ZWdTdGFja05hbWUoX19maWxlbmFtZSkpO1xuc3RhY2sudGVtcGxhdGVPcHRpb25zLmRlc2NyaXB0aW9uID0gJ0ludGVncmF0aW9uIFRlc3QgZm9yIGF3cy1jbG91ZGZyb250LW9haS1zMyc7XG5cbmNvbnN0IGNvbnN0cnVjdCA9IG5ldyBDbG91ZEZyb250VG9PYWlUb1MzKHN0YWNrLCAndGVzdC1jbG91ZGZyb250LW9haS1zMycsIHtcbiAgbG9nUzNBY2Nlc3NMb2dzOiBmYWxzZSxcbiAgY2xvdWRGcm9udERpc3RyaWJ1dGlvblByb3BzOiB7XG4gICAgZW5hYmxlTG9nZ2luZzogZmFsc2VcbiAgfSxcbiAgY2xvdWRGcm9udExvZ2dpbmdCdWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICBhdXRvRGVsZXRlT2JqZWN0czogdHJ1ZVxuICB9LFxuICBidWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICBhdXRvRGVsZXRlT2JqZWN0czogdHJ1ZVxuICB9XG59KTtcblxuZGVmYXVsdHMuYWRkQ2ZuU3VwcHJlc3NSdWxlcyhjb25zdHJ1Y3QuY2xvdWRGcm9udFdlYkRpc3RyaWJ1dGlvbiwgW1xuICB7IGlkOiAnVzEwJyxcbiAgICByZWFzb246ICdUZXN0IGNhc2Ugb25seScgfSxcbl0pO1xuXG5kZWZhdWx0cy5hZGRDZm5TdXBwcmVzc1J1bGVzKGNvbnN0cnVjdC5zM0J1Y2tldCEsIFtcbiAgeyBpZDogJ1czNScsXG4gICAgcmVhc29uOiAnVGVzdCBjYXNlIG9ubHknIH0sXG5dKTtcblxuZGVmYXVsdHMuYWRkQ2ZuU3VwcHJlc3NSdWxlcyhjb25zdHJ1Y3QuY2xvdWRGcm9udFdlYkRpc3RyaWJ1dGlvbiwgW1xuICB7IGlkOiAnVzM1JyxcbiAgICByZWFzb246ICdUZXN0IGNhc2Ugb25seScgfSxcbl0pO1xuXG5kZWZhdWx0cy5zdXBwcmVzc0N1c3RvbUhhbmRsZXJDZm5OYWdXYXJuaW5ncyhzdGFjaywgJ0N1c3RvbTo6UzNBdXRvRGVsZXRlT2JqZWN0c0N1c3RvbVJlc291cmNlUHJvdmlkZXInKTtcbi8vIFN5bnRoXG5uZXcgSW50ZWdUZXN0KHN0YWNrLCAnSW50ZWcnLCB7IHRlc3RDYXNlczogW1xuICBzdGFja1xuXSB9KTtcbiJdfQ==
@@ -0,0 +1 @@
1
+ "use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}
@@ -0,0 +1 @@
1
+ {"version":"39.0.0"}
@@ -0,0 +1,32 @@
1
+ {
2
+ "version": "39.0.0",
3
+ "files": {
4
+ "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6": {
5
+ "source": {
6
+ "path": "asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6",
7
+ "packaging": "zip"
8
+ },
9
+ "destinations": {
10
+ "current_account-current_region": {
11
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
12
+ "objectKey": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip",
13
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
14
+ }
15
+ }
16
+ },
17
+ "0c7d8cce0facd93ab3c22e880d1eded43e781b59978f0dd485f728ac02cc0596": {
18
+ "source": {
19
+ "path": "cftoais3-no-logging.template.json",
20
+ "packaging": "file"
21
+ },
22
+ "destinations": {
23
+ "current_account-current_region": {
24
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
25
+ "objectKey": "0c7d8cce0facd93ab3c22e880d1eded43e781b59978f0dd485f728ac02cc0596.json",
26
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
27
+ }
28
+ }
29
+ }
30
+ },
31
+ "dockerImages": {}
32
+ }
@@ -0,0 +1,576 @@
1
+ {
2
+ "Description": "Integration Test for aws-cloudfront-oai-s3",
3
+ "Resources": {
4
+ "testcloudfrontoais3S3Bucket578AB9F3": {
5
+ "Type": "AWS::S3::Bucket",
6
+ "Properties": {
7
+ "BucketEncryption": {
8
+ "ServerSideEncryptionConfiguration": [
9
+ {
10
+ "ServerSideEncryptionByDefault": {
11
+ "SSEAlgorithm": "AES256"
12
+ }
13
+ }
14
+ ]
15
+ },
16
+ "LifecycleConfiguration": {
17
+ "Rules": [
18
+ {
19
+ "NoncurrentVersionTransitions": [
20
+ {
21
+ "StorageClass": "GLACIER",
22
+ "TransitionInDays": 90
23
+ }
24
+ ],
25
+ "Status": "Enabled"
26
+ }
27
+ ]
28
+ },
29
+ "PublicAccessBlockConfiguration": {
30
+ "BlockPublicAcls": true,
31
+ "BlockPublicPolicy": true,
32
+ "IgnorePublicAcls": true,
33
+ "RestrictPublicBuckets": true
34
+ },
35
+ "Tags": [
36
+ {
37
+ "Key": "aws-cdk:auto-delete-objects",
38
+ "Value": "true"
39
+ }
40
+ ],
41
+ "VersioningConfiguration": {
42
+ "Status": "Enabled"
43
+ }
44
+ },
45
+ "UpdateReplacePolicy": "Delete",
46
+ "DeletionPolicy": "Delete",
47
+ "Metadata": {
48
+ "cfn_nag": {
49
+ "rules_to_suppress": [
50
+ {
51
+ "id": "W35",
52
+ "reason": "Test case only"
53
+ }
54
+ ]
55
+ }
56
+ }
57
+ },
58
+ "testcloudfrontoais3S3BucketPolicyD2322CC3": {
59
+ "Type": "AWS::S3::BucketPolicy",
60
+ "Properties": {
61
+ "Bucket": {
62
+ "Ref": "testcloudfrontoais3S3Bucket578AB9F3"
63
+ },
64
+ "PolicyDocument": {
65
+ "Statement": [
66
+ {
67
+ "Action": "s3:*",
68
+ "Condition": {
69
+ "Bool": {
70
+ "aws:SecureTransport": "false"
71
+ }
72
+ },
73
+ "Effect": "Deny",
74
+ "Principal": {
75
+ "AWS": "*"
76
+ },
77
+ "Resource": [
78
+ {
79
+ "Fn::GetAtt": [
80
+ "testcloudfrontoais3S3Bucket578AB9F3",
81
+ "Arn"
82
+ ]
83
+ },
84
+ {
85
+ "Fn::Join": [
86
+ "",
87
+ [
88
+ {
89
+ "Fn::GetAtt": [
90
+ "testcloudfrontoais3S3Bucket578AB9F3",
91
+ "Arn"
92
+ ]
93
+ },
94
+ "/*"
95
+ ]
96
+ ]
97
+ }
98
+ ]
99
+ },
100
+ {
101
+ "Action": [
102
+ "s3:DeleteObject*",
103
+ "s3:GetBucket*",
104
+ "s3:List*",
105
+ "s3:PutBucketPolicy"
106
+ ],
107
+ "Effect": "Allow",
108
+ "Principal": {
109
+ "AWS": {
110
+ "Fn::GetAtt": [
111
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
112
+ "Arn"
113
+ ]
114
+ }
115
+ },
116
+ "Resource": [
117
+ {
118
+ "Fn::GetAtt": [
119
+ "testcloudfrontoais3S3Bucket578AB9F3",
120
+ "Arn"
121
+ ]
122
+ },
123
+ {
124
+ "Fn::Join": [
125
+ "",
126
+ [
127
+ {
128
+ "Fn::GetAtt": [
129
+ "testcloudfrontoais3S3Bucket578AB9F3",
130
+ "Arn"
131
+ ]
132
+ },
133
+ "/*"
134
+ ]
135
+ ]
136
+ }
137
+ ]
138
+ },
139
+ {
140
+ "Action": "s3:GetObject",
141
+ "Effect": "Allow",
142
+ "Principal": {
143
+ "CanonicalUser": {
144
+ "Fn::GetAtt": [
145
+ "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1",
146
+ "S3CanonicalUserId"
147
+ ]
148
+ }
149
+ },
150
+ "Resource": {
151
+ "Fn::Join": [
152
+ "",
153
+ [
154
+ {
155
+ "Fn::GetAtt": [
156
+ "testcloudfrontoais3S3Bucket578AB9F3",
157
+ "Arn"
158
+ ]
159
+ },
160
+ "/*"
161
+ ]
162
+ ]
163
+ }
164
+ },
165
+ {
166
+ "Action": "s3:GetObject",
167
+ "Condition": {
168
+ "StringEquals": {
169
+ "AWS:SourceArn": {
170
+ "Fn::Join": [
171
+ "",
172
+ [
173
+ "arn:",
174
+ {
175
+ "Ref": "AWS::Partition"
176
+ },
177
+ ":cloudfront::",
178
+ {
179
+ "Ref": "AWS::AccountId"
180
+ },
181
+ ":distribution/",
182
+ {
183
+ "Ref": "testcloudfrontoais3CloudFrontDistribution0E089CC5"
184
+ }
185
+ ]
186
+ ]
187
+ }
188
+ }
189
+ },
190
+ "Effect": "Allow",
191
+ "Principal": {
192
+ "Service": "cloudfront.amazonaws.com"
193
+ },
194
+ "Resource": {
195
+ "Fn::Join": [
196
+ "",
197
+ [
198
+ {
199
+ "Fn::GetAtt": [
200
+ "testcloudfrontoais3S3Bucket578AB9F3",
201
+ "Arn"
202
+ ]
203
+ },
204
+ "/*"
205
+ ]
206
+ ]
207
+ }
208
+ }
209
+ ],
210
+ "Version": "2012-10-17"
211
+ }
212
+ },
213
+ "Metadata": {
214
+ "cfn_nag": {
215
+ "rules_to_suppress": [
216
+ {
217
+ "id": "F16",
218
+ "reason": "Public website bucket policy requires a wildcard principal"
219
+ }
220
+ ]
221
+ }
222
+ }
223
+ },
224
+ "testcloudfrontoais3S3BucketAutoDeleteObjectsCustomResourceA2545EE1": {
225
+ "Type": "Custom::S3AutoDeleteObjects",
226
+ "Properties": {
227
+ "ServiceToken": {
228
+ "Fn::GetAtt": [
229
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
230
+ "Arn"
231
+ ]
232
+ },
233
+ "BucketName": {
234
+ "Ref": "testcloudfrontoais3S3Bucket578AB9F3"
235
+ }
236
+ },
237
+ "DependsOn": [
238
+ "testcloudfrontoais3S3BucketPolicyD2322CC3"
239
+ ],
240
+ "UpdateReplacePolicy": "Delete",
241
+ "DeletionPolicy": "Delete"
242
+ },
243
+ "testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B": {
244
+ "Type": "AWS::CloudFront::Function",
245
+ "Properties": {
246
+ "AutoPublish": true,
247
+ "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }",
248
+ "FunctionConfig": {
249
+ "Comment": "SetHttpSecurityHeadersc8ef3112652a2611d5eff9255f981ddb83b0566ae4",
250
+ "Runtime": "cloudfront-js-1.0"
251
+ },
252
+ "Name": "SetHttpSecurityHeadersc8ef3112652a2611d5eff9255f981ddb83b0566ae4"
253
+ }
254
+ },
255
+ "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1": {
256
+ "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
257
+ "Properties": {
258
+ "CloudFrontOriginAccessIdentityConfig": {
259
+ "Comment": "Identity for cftoais3nologgingtestcloudfrontoais3CloudFrontDistributionOrigin18473615C"
260
+ }
261
+ }
262
+ },
263
+ "testcloudfrontoais3CloudFrontDistribution0E089CC5": {
264
+ "Type": "AWS::CloudFront::Distribution",
265
+ "Properties": {
266
+ "DistributionConfig": {
267
+ "DefaultCacheBehavior": {
268
+ "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
269
+ "Compress": true,
270
+ "FunctionAssociations": [
271
+ {
272
+ "EventType": "viewer-response",
273
+ "FunctionARN": {
274
+ "Fn::GetAtt": [
275
+ "testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B",
276
+ "FunctionARN"
277
+ ]
278
+ }
279
+ }
280
+ ],
281
+ "TargetOriginId": "cftoais3nologgingtestcloudfrontoais3CloudFrontDistributionOrigin18473615C",
282
+ "ViewerProtocolPolicy": "redirect-to-https"
283
+ },
284
+ "DefaultRootObject": "index.html",
285
+ "Enabled": true,
286
+ "HttpVersion": "http2",
287
+ "IPV6Enabled": true,
288
+ "Origins": [
289
+ {
290
+ "DomainName": {
291
+ "Fn::GetAtt": [
292
+ "testcloudfrontoais3S3Bucket578AB9F3",
293
+ "RegionalDomainName"
294
+ ]
295
+ },
296
+ "Id": "cftoais3nologgingtestcloudfrontoais3CloudFrontDistributionOrigin18473615C",
297
+ "S3OriginConfig": {
298
+ "OriginAccessIdentity": {
299
+ "Fn::Join": [
300
+ "",
301
+ [
302
+ "origin-access-identity/cloudfront/",
303
+ {
304
+ "Ref": "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1"
305
+ }
306
+ ]
307
+ ]
308
+ }
309
+ }
310
+ }
311
+ ]
312
+ }
313
+ },
314
+ "Metadata": {
315
+ "cfn_nag": {
316
+ "rules_to_suppress": [
317
+ {
318
+ "id": "W70",
319
+ "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
320
+ },
321
+ {
322
+ "id": "W10",
323
+ "reason": "Test case only"
324
+ },
325
+ {
326
+ "id": "W35",
327
+ "reason": "Test case only"
328
+ }
329
+ ]
330
+ }
331
+ }
332
+ },
333
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
334
+ "Type": "AWS::IAM::Role",
335
+ "Properties": {
336
+ "AssumeRolePolicyDocument": {
337
+ "Version": "2012-10-17",
338
+ "Statement": [
339
+ {
340
+ "Action": "sts:AssumeRole",
341
+ "Effect": "Allow",
342
+ "Principal": {
343
+ "Service": "lambda.amazonaws.com"
344
+ }
345
+ }
346
+ ]
347
+ },
348
+ "ManagedPolicyArns": [
349
+ {
350
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
351
+ }
352
+ ]
353
+ }
354
+ },
355
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
356
+ "Type": "AWS::Lambda::Function",
357
+ "Properties": {
358
+ "Code": {
359
+ "S3Bucket": {
360
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
361
+ },
362
+ "S3Key": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip"
363
+ },
364
+ "Timeout": 900,
365
+ "MemorySize": 128,
366
+ "Handler": "index.handler",
367
+ "Role": {
368
+ "Fn::GetAtt": [
369
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
370
+ "Arn"
371
+ ]
372
+ },
373
+ "Runtime": {
374
+ "Fn::FindInMap": [
375
+ "LatestNodeRuntimeMap",
376
+ {
377
+ "Ref": "AWS::Region"
378
+ },
379
+ "value"
380
+ ]
381
+ },
382
+ "Description": {
383
+ "Fn::Join": [
384
+ "",
385
+ [
386
+ "Lambda function for auto-deleting objects in ",
387
+ {
388
+ "Ref": "testcloudfrontoais3S3Bucket578AB9F3"
389
+ },
390
+ " S3 bucket."
391
+ ]
392
+ ]
393
+ }
394
+ },
395
+ "DependsOn": [
396
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
397
+ ],
398
+ "Metadata": {
399
+ "cfn_nag": {
400
+ "rules_to_suppress": [
401
+ {
402
+ "id": "W58",
403
+ "reason": "CDK generated custom resource"
404
+ },
405
+ {
406
+ "id": "W89",
407
+ "reason": "CDK generated custom resource"
408
+ },
409
+ {
410
+ "id": "W92",
411
+ "reason": "CDK generated custom resource"
412
+ }
413
+ ]
414
+ }
415
+ }
416
+ }
417
+ },
418
+ "Mappings": {
419
+ "LatestNodeRuntimeMap": {
420
+ "af-south-1": {
421
+ "value": "nodejs20.x"
422
+ },
423
+ "ap-east-1": {
424
+ "value": "nodejs20.x"
425
+ },
426
+ "ap-northeast-1": {
427
+ "value": "nodejs20.x"
428
+ },
429
+ "ap-northeast-2": {
430
+ "value": "nodejs20.x"
431
+ },
432
+ "ap-northeast-3": {
433
+ "value": "nodejs20.x"
434
+ },
435
+ "ap-south-1": {
436
+ "value": "nodejs20.x"
437
+ },
438
+ "ap-south-2": {
439
+ "value": "nodejs20.x"
440
+ },
441
+ "ap-southeast-1": {
442
+ "value": "nodejs20.x"
443
+ },
444
+ "ap-southeast-2": {
445
+ "value": "nodejs20.x"
446
+ },
447
+ "ap-southeast-3": {
448
+ "value": "nodejs20.x"
449
+ },
450
+ "ap-southeast-4": {
451
+ "value": "nodejs20.x"
452
+ },
453
+ "ap-southeast-5": {
454
+ "value": "nodejs20.x"
455
+ },
456
+ "ap-southeast-7": {
457
+ "value": "nodejs20.x"
458
+ },
459
+ "ca-central-1": {
460
+ "value": "nodejs20.x"
461
+ },
462
+ "ca-west-1": {
463
+ "value": "nodejs20.x"
464
+ },
465
+ "cn-north-1": {
466
+ "value": "nodejs18.x"
467
+ },
468
+ "cn-northwest-1": {
469
+ "value": "nodejs18.x"
470
+ },
471
+ "eu-central-1": {
472
+ "value": "nodejs20.x"
473
+ },
474
+ "eu-central-2": {
475
+ "value": "nodejs20.x"
476
+ },
477
+ "eu-isoe-west-1": {
478
+ "value": "nodejs18.x"
479
+ },
480
+ "eu-north-1": {
481
+ "value": "nodejs20.x"
482
+ },
483
+ "eu-south-1": {
484
+ "value": "nodejs20.x"
485
+ },
486
+ "eu-south-2": {
487
+ "value": "nodejs20.x"
488
+ },
489
+ "eu-west-1": {
490
+ "value": "nodejs20.x"
491
+ },
492
+ "eu-west-2": {
493
+ "value": "nodejs20.x"
494
+ },
495
+ "eu-west-3": {
496
+ "value": "nodejs20.x"
497
+ },
498
+ "il-central-1": {
499
+ "value": "nodejs20.x"
500
+ },
501
+ "me-central-1": {
502
+ "value": "nodejs20.x"
503
+ },
504
+ "me-south-1": {
505
+ "value": "nodejs20.x"
506
+ },
507
+ "mx-central-1": {
508
+ "value": "nodejs20.x"
509
+ },
510
+ "sa-east-1": {
511
+ "value": "nodejs20.x"
512
+ },
513
+ "us-east-1": {
514
+ "value": "nodejs20.x"
515
+ },
516
+ "us-east-2": {
517
+ "value": "nodejs20.x"
518
+ },
519
+ "us-gov-east-1": {
520
+ "value": "nodejs18.x"
521
+ },
522
+ "us-gov-west-1": {
523
+ "value": "nodejs18.x"
524
+ },
525
+ "us-iso-east-1": {
526
+ "value": "nodejs18.x"
527
+ },
528
+ "us-iso-west-1": {
529
+ "value": "nodejs18.x"
530
+ },
531
+ "us-isob-east-1": {
532
+ "value": "nodejs18.x"
533
+ },
534
+ "us-west-1": {
535
+ "value": "nodejs20.x"
536
+ },
537
+ "us-west-2": {
538
+ "value": "nodejs20.x"
539
+ }
540
+ }
541
+ },
542
+ "Parameters": {
543
+ "BootstrapVersion": {
544
+ "Type": "AWS::SSM::Parameter::Value<String>",
545
+ "Default": "/cdk-bootstrap/hnb659fds/version",
546
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
547
+ }
548
+ },
549
+ "Rules": {
550
+ "CheckBootstrapVersion": {
551
+ "Assertions": [
552
+ {
553
+ "Assert": {
554
+ "Fn::Not": [
555
+ {
556
+ "Fn::Contains": [
557
+ [
558
+ "1",
559
+ "2",
560
+ "3",
561
+ "4",
562
+ "5"
563
+ ],
564
+ {
565
+ "Ref": "BootstrapVersion"
566
+ }
567
+ ]
568
+ }
569
+ ]
570
+ },
571
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
572
+ }
573
+ ]
574
+ }
575
+ }
576
+ }