@aws-solutions-constructs/aws-cloudfront-oai-s3 2.79.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/.jsii +4403 -0
  2. package/README.md +109 -0
  3. package/architecture.png +0 -0
  4. package/integ.config.json +7 -0
  5. package/lib/index.d.ts +118 -0
  6. package/lib/index.js +106 -0
  7. package/package.json +95 -0
  8. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.d.ts +13 -0
  9. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +56 -0
  10. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  11. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  12. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +32 -0
  13. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +1061 -0
  14. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.assets.json +19 -0
  15. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.template.json +36 -0
  16. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  17. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +215 -0
  18. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1105 -0
  19. package/test/integ.cftoais3-custom-headers.d.ts +13 -0
  20. package/test/integ.cftoais3-custom-headers.js +71 -0
  21. package/test/integ.cftoais3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  22. package/test/integ.cftoais3-custom-headers.js.snapshot/cdk.out +1 -0
  23. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.assets.json +32 -0
  24. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.template.json +1116 -0
  25. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.assets.json +19 -0
  26. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.template.json +36 -0
  27. package/test/integ.cftoais3-custom-headers.js.snapshot/integ.json +12 -0
  28. package/test/integ.cftoais3-custom-headers.js.snapshot/manifest.json +227 -0
  29. package/test/integ.cftoais3-custom-headers.js.snapshot/tree.json +1196 -0
  30. package/test/integ.cftoais3-custom-originPath.d.ts +13 -0
  31. package/test/integ.cftoais3-custom-originPath.js +48 -0
  32. package/test/integ.cftoais3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  33. package/test/integ.cftoais3-custom-originPath.js.snapshot/cdk.out +1 -0
  34. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.assets.json +32 -0
  35. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.template.json +1085 -0
  36. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.assets.json +19 -0
  37. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.template.json +36 -0
  38. package/test/integ.cftoais3-custom-originPath.js.snapshot/integ.json +12 -0
  39. package/test/integ.cftoais3-custom-originPath.js.snapshot/manifest.json +221 -0
  40. package/test/integ.cftoais3-custom-originPath.js.snapshot/tree.json +1147 -0
  41. package/test/integ.cftoais3-customLoggingBuckets.d.ts +13 -0
  42. package/test/integ.cftoais3-customLoggingBuckets.js +64 -0
  43. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  44. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  45. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.assets.json +32 -0
  46. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.template.json +1109 -0
  47. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.assets.json +19 -0
  48. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.template.json +36 -0
  49. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  50. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/manifest.json +221 -0
  51. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/tree.json +1172 -0
  52. package/test/integ.cftoais3-existing-bucket.d.ts +13 -0
  53. package/test/integ.cftoais3-existing-bucket.js +59 -0
  54. package/test/integ.cftoais3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  55. package/test/integ.cftoais3-existing-bucket.js.snapshot/cdk.out +1 -0
  56. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.assets.json +32 -0
  57. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.template.json +1131 -0
  58. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.assets.json +19 -0
  59. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.template.json +36 -0
  60. package/test/integ.cftoais3-existing-bucket.js.snapshot/integ.json +12 -0
  61. package/test/integ.cftoais3-existing-bucket.js.snapshot/manifest.json +233 -0
  62. package/test/integ.cftoais3-existing-bucket.js.snapshot/tree.json +1240 -0
  63. package/test/integ.cftoais3-no-arguments.d.ts +13 -0
  64. package/test/integ.cftoais3-no-arguments.js +53 -0
  65. package/test/integ.cftoais3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  66. package/test/integ.cftoais3-no-arguments.js.snapshot/cdk.out +1 -0
  67. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.assets.json +32 -0
  68. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.template.json +1094 -0
  69. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.assets.json +19 -0
  70. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.template.json +36 -0
  71. package/test/integ.cftoais3-no-arguments.js.snapshot/integ.json +12 -0
  72. package/test/integ.cftoais3-no-arguments.js.snapshot/manifest.json +356 -0
  73. package/test/integ.cftoais3-no-arguments.js.snapshot/tree.json +1146 -0
  74. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.d.ts +13 -0
  75. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js +60 -0
  76. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  77. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -0
  78. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.assets.json +32 -0
  79. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.template.json +743 -0
  80. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets.json +19 -0
  81. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.template.json +36 -0
  82. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +12 -0
  83. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +185 -0
  84. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +726 -0
  85. package/test/integ.cftoais3-no-logging.d.ts +13 -0
  86. package/test/integ.cftoais3-no-logging.js +56 -0
  87. package/test/integ.cftoais3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  88. package/test/integ.cftoais3-no-logging.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.assets.json +32 -0
  90. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.template.json +576 -0
  91. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.assets.json +19 -0
  92. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.template.json +36 -0
  93. package/test/integ.cftoais3-no-logging.js.snapshot/integ.json +12 -0
  94. package/test/integ.cftoais3-no-logging.js.snapshot/manifest.json +167 -0
  95. package/test/integ.cftoais3-no-logging.js.snapshot/tree.json +542 -0
  96. package/test/integ.cftoais3-no-security-headers.d.ts +13 -0
  97. package/test/integ.cftoais3-no-security-headers.js +50 -0
  98. package/test/integ.cftoais3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  99. package/test/integ.cftoais3-no-security-headers.js.snapshot/cdk.out +1 -0
  100. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.assets.json +32 -0
  101. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.template.json +1061 -0
  102. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.assets.json +19 -0
  103. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.template.json +36 -0
  104. package/test/integ.cftoais3-no-security-headers.js.snapshot/integ.json +12 -0
  105. package/test/integ.cftoais3-no-security-headers.js.snapshot/manifest.json +215 -0
  106. package/test/integ.cftoais3-no-security-headers.js.snapshot/tree.json +1105 -0
  107. package/test/test.cloudfront-oai-s3.test.d.ts +13 -0
  108. package/test/test.cloudfront-oai-s3.test.js +702 -0
@@ -0,0 +1,1105 @@
1
+ {
2
+ "version": "tree-0.1",
3
+ "tree": {
4
+ "id": "App",
5
+ "path": "",
6
+ "children": {
7
+ "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket": {
8
+ "id": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket",
9
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket",
10
+ "children": {
11
+ "existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket": {
12
+ "id": "existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket",
13
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket",
14
+ "children": {
15
+ "Resource": {
16
+ "id": "Resource",
17
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Resource",
18
+ "attributes": {
19
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
20
+ "aws:cdk:cloudformation:props": {
21
+ "bucketEncryption": {
22
+ "serverSideEncryptionConfiguration": [
23
+ {
24
+ "serverSideEncryptionByDefault": {
25
+ "sseAlgorithm": "AES256"
26
+ }
27
+ }
28
+ ]
29
+ },
30
+ "publicAccessBlockConfiguration": {
31
+ "blockPublicAcls": true,
32
+ "blockPublicPolicy": true,
33
+ "ignorePublicAcls": true,
34
+ "restrictPublicBuckets": true
35
+ },
36
+ "tags": [
37
+ {
38
+ "key": "aws-cdk:auto-delete-objects",
39
+ "value": "true"
40
+ }
41
+ ],
42
+ "versioningConfiguration": {
43
+ "status": "Enabled"
44
+ }
45
+ }
46
+ },
47
+ "constructInfo": {
48
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
49
+ "version": "2.177.0"
50
+ }
51
+ },
52
+ "Policy": {
53
+ "id": "Policy",
54
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy",
55
+ "children": {
56
+ "Resource": {
57
+ "id": "Resource",
58
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy/Resource",
59
+ "attributes": {
60
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
61
+ "aws:cdk:cloudformation:props": {
62
+ "bucket": {
63
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
64
+ },
65
+ "policyDocument": {
66
+ "Statement": [
67
+ {
68
+ "Action": "s3:*",
69
+ "Condition": {
70
+ "Bool": {
71
+ "aws:SecureTransport": "false"
72
+ }
73
+ },
74
+ "Effect": "Deny",
75
+ "Principal": {
76
+ "AWS": "*"
77
+ },
78
+ "Resource": [
79
+ {
80
+ "Fn::GetAtt": [
81
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
82
+ "Arn"
83
+ ]
84
+ },
85
+ {
86
+ "Fn::Join": [
87
+ "",
88
+ [
89
+ {
90
+ "Fn::GetAtt": [
91
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
92
+ "Arn"
93
+ ]
94
+ },
95
+ "/*"
96
+ ]
97
+ ]
98
+ }
99
+ ]
100
+ },
101
+ {
102
+ "Action": [
103
+ "s3:DeleteObject*",
104
+ "s3:GetBucket*",
105
+ "s3:List*",
106
+ "s3:PutBucketPolicy"
107
+ ],
108
+ "Effect": "Allow",
109
+ "Principal": {
110
+ "AWS": {
111
+ "Fn::GetAtt": [
112
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
113
+ "Arn"
114
+ ]
115
+ }
116
+ },
117
+ "Resource": [
118
+ {
119
+ "Fn::GetAtt": [
120
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
121
+ "Arn"
122
+ ]
123
+ },
124
+ {
125
+ "Fn::Join": [
126
+ "",
127
+ [
128
+ {
129
+ "Fn::GetAtt": [
130
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
131
+ "Arn"
132
+ ]
133
+ },
134
+ "/*"
135
+ ]
136
+ ]
137
+ }
138
+ ]
139
+ },
140
+ {
141
+ "Action": "s3:PutObject",
142
+ "Condition": {
143
+ "ArnLike": {
144
+ "aws:SourceArn": {
145
+ "Fn::GetAtt": [
146
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
147
+ "Arn"
148
+ ]
149
+ }
150
+ },
151
+ "StringEquals": {
152
+ "aws:SourceAccount": {
153
+ "Ref": "AWS::AccountId"
154
+ }
155
+ }
156
+ },
157
+ "Effect": "Allow",
158
+ "Principal": {
159
+ "Service": "logging.s3.amazonaws.com"
160
+ },
161
+ "Resource": {
162
+ "Fn::Join": [
163
+ "",
164
+ [
165
+ {
166
+ "Fn::GetAtt": [
167
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
168
+ "Arn"
169
+ ]
170
+ },
171
+ "/*"
172
+ ]
173
+ ]
174
+ }
175
+ }
176
+ ],
177
+ "Version": "2012-10-17"
178
+ }
179
+ }
180
+ },
181
+ "constructInfo": {
182
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
183
+ "version": "2.177.0"
184
+ }
185
+ }
186
+ },
187
+ "constructInfo": {
188
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
189
+ "version": "2.177.0"
190
+ }
191
+ },
192
+ "AutoDeleteObjectsCustomResource": {
193
+ "id": "AutoDeleteObjectsCustomResource",
194
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource",
195
+ "children": {
196
+ "Default": {
197
+ "id": "Default",
198
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource/Default",
199
+ "constructInfo": {
200
+ "fqn": "aws-cdk-lib.CfnResource",
201
+ "version": "2.177.0"
202
+ }
203
+ }
204
+ },
205
+ "constructInfo": {
206
+ "fqn": "aws-cdk-lib.CustomResource",
207
+ "version": "2.177.0"
208
+ }
209
+ }
210
+ },
211
+ "constructInfo": {
212
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
213
+ "version": "2.177.0"
214
+ }
215
+ },
216
+ "LatestNodeRuntimeMap": {
217
+ "id": "LatestNodeRuntimeMap",
218
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/LatestNodeRuntimeMap",
219
+ "constructInfo": {
220
+ "fqn": "aws-cdk-lib.CfnMapping",
221
+ "version": "2.177.0"
222
+ }
223
+ },
224
+ "Custom::S3AutoDeleteObjectsCustomResourceProvider": {
225
+ "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider",
226
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider",
227
+ "children": {
228
+ "Staging": {
229
+ "id": "Staging",
230
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging",
231
+ "constructInfo": {
232
+ "fqn": "aws-cdk-lib.AssetStaging",
233
+ "version": "2.177.0"
234
+ }
235
+ },
236
+ "Role": {
237
+ "id": "Role",
238
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role",
239
+ "constructInfo": {
240
+ "fqn": "aws-cdk-lib.CfnResource",
241
+ "version": "2.177.0"
242
+ }
243
+ },
244
+ "Handler": {
245
+ "id": "Handler",
246
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler",
247
+ "constructInfo": {
248
+ "fqn": "aws-cdk-lib.CfnResource",
249
+ "version": "2.177.0"
250
+ }
251
+ }
252
+ },
253
+ "constructInfo": {
254
+ "fqn": "aws-cdk-lib.CustomResourceProviderBase",
255
+ "version": "2.177.0"
256
+ }
257
+ },
258
+ "existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket": {
259
+ "id": "existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket",
260
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket",
261
+ "children": {
262
+ "Resource": {
263
+ "id": "Resource",
264
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Resource",
265
+ "attributes": {
266
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
267
+ "aws:cdk:cloudformation:props": {
268
+ "bucketEncryption": {
269
+ "serverSideEncryptionConfiguration": [
270
+ {
271
+ "serverSideEncryptionByDefault": {
272
+ "sseAlgorithm": "AES256"
273
+ }
274
+ }
275
+ ]
276
+ },
277
+ "lifecycleConfiguration": {
278
+ "rules": [
279
+ {
280
+ "noncurrentVersionTransitions": [
281
+ {
282
+ "storageClass": "GLACIER",
283
+ "transitionInDays": 90
284
+ }
285
+ ],
286
+ "status": "Enabled"
287
+ }
288
+ ]
289
+ },
290
+ "loggingConfiguration": {
291
+ "destinationBucketName": {
292
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
293
+ }
294
+ },
295
+ "publicAccessBlockConfiguration": {
296
+ "blockPublicAcls": true,
297
+ "blockPublicPolicy": true,
298
+ "ignorePublicAcls": true,
299
+ "restrictPublicBuckets": true
300
+ },
301
+ "tags": [
302
+ {
303
+ "key": "aws-cdk:auto-delete-objects",
304
+ "value": "true"
305
+ }
306
+ ],
307
+ "versioningConfiguration": {
308
+ "status": "Enabled"
309
+ }
310
+ }
311
+ },
312
+ "constructInfo": {
313
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
314
+ "version": "2.177.0"
315
+ }
316
+ },
317
+ "Policy": {
318
+ "id": "Policy",
319
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy",
320
+ "children": {
321
+ "Resource": {
322
+ "id": "Resource",
323
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy/Resource",
324
+ "attributes": {
325
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
326
+ "aws:cdk:cloudformation:props": {
327
+ "bucket": {
328
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A"
329
+ },
330
+ "policyDocument": {
331
+ "Statement": [
332
+ {
333
+ "Action": "s3:*",
334
+ "Condition": {
335
+ "Bool": {
336
+ "aws:SecureTransport": "false"
337
+ }
338
+ },
339
+ "Effect": "Deny",
340
+ "Principal": {
341
+ "AWS": "*"
342
+ },
343
+ "Resource": [
344
+ {
345
+ "Fn::GetAtt": [
346
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
347
+ "Arn"
348
+ ]
349
+ },
350
+ {
351
+ "Fn::Join": [
352
+ "",
353
+ [
354
+ {
355
+ "Fn::GetAtt": [
356
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
357
+ "Arn"
358
+ ]
359
+ },
360
+ "/*"
361
+ ]
362
+ ]
363
+ }
364
+ ]
365
+ },
366
+ {
367
+ "Action": [
368
+ "s3:DeleteObject*",
369
+ "s3:GetBucket*",
370
+ "s3:List*",
371
+ "s3:PutBucketPolicy"
372
+ ],
373
+ "Effect": "Allow",
374
+ "Principal": {
375
+ "AWS": {
376
+ "Fn::GetAtt": [
377
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
378
+ "Arn"
379
+ ]
380
+ }
381
+ },
382
+ "Resource": [
383
+ {
384
+ "Fn::GetAtt": [
385
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
386
+ "Arn"
387
+ ]
388
+ },
389
+ {
390
+ "Fn::Join": [
391
+ "",
392
+ [
393
+ {
394
+ "Fn::GetAtt": [
395
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
396
+ "Arn"
397
+ ]
398
+ },
399
+ "/*"
400
+ ]
401
+ ]
402
+ }
403
+ ]
404
+ },
405
+ {
406
+ "Action": "s3:GetObject",
407
+ "Effect": "Allow",
408
+ "Principal": {
409
+ "CanonicalUser": {
410
+ "Fn::GetAtt": [
411
+ "testcloudfrontoais3managedkeyCloudFrontDistributionOrigin1S3OriginFC894C0D",
412
+ "S3CanonicalUserId"
413
+ ]
414
+ }
415
+ },
416
+ "Resource": {
417
+ "Fn::Join": [
418
+ "",
419
+ [
420
+ {
421
+ "Fn::GetAtt": [
422
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
423
+ "Arn"
424
+ ]
425
+ },
426
+ "/*"
427
+ ]
428
+ ]
429
+ }
430
+ },
431
+ {
432
+ "Action": "s3:GetObject",
433
+ "Condition": {
434
+ "StringEquals": {
435
+ "AWS:SourceArn": {
436
+ "Fn::Join": [
437
+ "",
438
+ [
439
+ "arn:",
440
+ {
441
+ "Ref": "AWS::Partition"
442
+ },
443
+ ":cloudfront::",
444
+ {
445
+ "Ref": "AWS::AccountId"
446
+ },
447
+ ":distribution/",
448
+ {
449
+ "Ref": "testcloudfrontoais3managedkeyCloudFrontDistributionD7203FE7"
450
+ }
451
+ ]
452
+ ]
453
+ }
454
+ }
455
+ },
456
+ "Effect": "Allow",
457
+ "Principal": {
458
+ "Service": "cloudfront.amazonaws.com"
459
+ },
460
+ "Resource": {
461
+ "Fn::Join": [
462
+ "",
463
+ [
464
+ {
465
+ "Fn::GetAtt": [
466
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
467
+ "Arn"
468
+ ]
469
+ },
470
+ "/*"
471
+ ]
472
+ ]
473
+ }
474
+ }
475
+ ],
476
+ "Version": "2012-10-17"
477
+ }
478
+ }
479
+ },
480
+ "constructInfo": {
481
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
482
+ "version": "2.177.0"
483
+ }
484
+ }
485
+ },
486
+ "constructInfo": {
487
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
488
+ "version": "2.177.0"
489
+ }
490
+ },
491
+ "AutoDeleteObjectsCustomResource": {
492
+ "id": "AutoDeleteObjectsCustomResource",
493
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource",
494
+ "children": {
495
+ "Default": {
496
+ "id": "Default",
497
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource/Default",
498
+ "constructInfo": {
499
+ "fqn": "aws-cdk-lib.CfnResource",
500
+ "version": "2.177.0"
501
+ }
502
+ }
503
+ },
504
+ "constructInfo": {
505
+ "fqn": "aws-cdk-lib.CustomResource",
506
+ "version": "2.177.0"
507
+ }
508
+ }
509
+ },
510
+ "constructInfo": {
511
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
512
+ "version": "2.177.0"
513
+ }
514
+ },
515
+ "test-cloudfront-oai-s3-managed-key": {
516
+ "id": "test-cloudfront-oai-s3-managed-key",
517
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key",
518
+ "children": {
519
+ "CloudfrontLoggingBucketAccessLog": {
520
+ "id": "CloudfrontLoggingBucketAccessLog",
521
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog",
522
+ "children": {
523
+ "Resource": {
524
+ "id": "Resource",
525
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog/Resource",
526
+ "attributes": {
527
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
528
+ "aws:cdk:cloudformation:props": {
529
+ "bucketEncryption": {
530
+ "serverSideEncryptionConfiguration": [
531
+ {
532
+ "serverSideEncryptionByDefault": {
533
+ "sseAlgorithm": "AES256"
534
+ }
535
+ }
536
+ ]
537
+ },
538
+ "publicAccessBlockConfiguration": {
539
+ "blockPublicAcls": true,
540
+ "blockPublicPolicy": true,
541
+ "ignorePublicAcls": true,
542
+ "restrictPublicBuckets": true
543
+ },
544
+ "tags": [
545
+ {
546
+ "key": "aws-cdk:auto-delete-objects",
547
+ "value": "true"
548
+ }
549
+ ],
550
+ "versioningConfiguration": {
551
+ "status": "Enabled"
552
+ }
553
+ }
554
+ },
555
+ "constructInfo": {
556
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
557
+ "version": "2.177.0"
558
+ }
559
+ },
560
+ "Policy": {
561
+ "id": "Policy",
562
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy",
563
+ "children": {
564
+ "Resource": {
565
+ "id": "Resource",
566
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy/Resource",
567
+ "attributes": {
568
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
569
+ "aws:cdk:cloudformation:props": {
570
+ "bucket": {
571
+ "Ref": "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9"
572
+ },
573
+ "policyDocument": {
574
+ "Statement": [
575
+ {
576
+ "Action": "s3:*",
577
+ "Condition": {
578
+ "Bool": {
579
+ "aws:SecureTransport": "false"
580
+ }
581
+ },
582
+ "Effect": "Deny",
583
+ "Principal": {
584
+ "AWS": "*"
585
+ },
586
+ "Resource": [
587
+ {
588
+ "Fn::GetAtt": [
589
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9",
590
+ "Arn"
591
+ ]
592
+ },
593
+ {
594
+ "Fn::Join": [
595
+ "",
596
+ [
597
+ {
598
+ "Fn::GetAtt": [
599
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9",
600
+ "Arn"
601
+ ]
602
+ },
603
+ "/*"
604
+ ]
605
+ ]
606
+ }
607
+ ]
608
+ },
609
+ {
610
+ "Action": [
611
+ "s3:DeleteObject*",
612
+ "s3:GetBucket*",
613
+ "s3:List*",
614
+ "s3:PutBucketPolicy"
615
+ ],
616
+ "Effect": "Allow",
617
+ "Principal": {
618
+ "AWS": {
619
+ "Fn::GetAtt": [
620
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
621
+ "Arn"
622
+ ]
623
+ }
624
+ },
625
+ "Resource": [
626
+ {
627
+ "Fn::GetAtt": [
628
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9",
629
+ "Arn"
630
+ ]
631
+ },
632
+ {
633
+ "Fn::Join": [
634
+ "",
635
+ [
636
+ {
637
+ "Fn::GetAtt": [
638
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9",
639
+ "Arn"
640
+ ]
641
+ },
642
+ "/*"
643
+ ]
644
+ ]
645
+ }
646
+ ]
647
+ },
648
+ {
649
+ "Action": "s3:PutObject",
650
+ "Condition": {
651
+ "ArnLike": {
652
+ "aws:SourceArn": {
653
+ "Fn::GetAtt": [
654
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
655
+ "Arn"
656
+ ]
657
+ }
658
+ },
659
+ "StringEquals": {
660
+ "aws:SourceAccount": {
661
+ "Ref": "AWS::AccountId"
662
+ }
663
+ }
664
+ },
665
+ "Effect": "Allow",
666
+ "Principal": {
667
+ "Service": "logging.s3.amazonaws.com"
668
+ },
669
+ "Resource": {
670
+ "Fn::Join": [
671
+ "",
672
+ [
673
+ {
674
+ "Fn::GetAtt": [
675
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9",
676
+ "Arn"
677
+ ]
678
+ },
679
+ "/*"
680
+ ]
681
+ ]
682
+ }
683
+ }
684
+ ],
685
+ "Version": "2012-10-17"
686
+ }
687
+ }
688
+ },
689
+ "constructInfo": {
690
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
691
+ "version": "2.177.0"
692
+ }
693
+ }
694
+ },
695
+ "constructInfo": {
696
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
697
+ "version": "2.177.0"
698
+ }
699
+ },
700
+ "AutoDeleteObjectsCustomResource": {
701
+ "id": "AutoDeleteObjectsCustomResource",
702
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource",
703
+ "children": {
704
+ "Default": {
705
+ "id": "Default",
706
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default",
707
+ "constructInfo": {
708
+ "fqn": "aws-cdk-lib.CfnResource",
709
+ "version": "2.177.0"
710
+ }
711
+ }
712
+ },
713
+ "constructInfo": {
714
+ "fqn": "aws-cdk-lib.CustomResource",
715
+ "version": "2.177.0"
716
+ }
717
+ }
718
+ },
719
+ "constructInfo": {
720
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
721
+ "version": "2.177.0"
722
+ }
723
+ },
724
+ "CloudfrontLoggingBucket": {
725
+ "id": "CloudfrontLoggingBucket",
726
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket",
727
+ "children": {
728
+ "Resource": {
729
+ "id": "Resource",
730
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket/Resource",
731
+ "attributes": {
732
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
733
+ "aws:cdk:cloudformation:props": {
734
+ "bucketEncryption": {
735
+ "serverSideEncryptionConfiguration": [
736
+ {
737
+ "serverSideEncryptionByDefault": {
738
+ "sseAlgorithm": "AES256"
739
+ }
740
+ }
741
+ ]
742
+ },
743
+ "loggingConfiguration": {
744
+ "destinationBucketName": {
745
+ "Ref": "testcloudfrontoais3managedkeyCloudfrontLoggingBucketAccessLog2E3935E9"
746
+ }
747
+ },
748
+ "ownershipControls": {
749
+ "rules": [
750
+ {
751
+ "objectOwnership": "ObjectWriter"
752
+ }
753
+ ]
754
+ },
755
+ "publicAccessBlockConfiguration": {
756
+ "blockPublicAcls": true,
757
+ "blockPublicPolicy": true,
758
+ "ignorePublicAcls": true,
759
+ "restrictPublicBuckets": true
760
+ },
761
+ "tags": [
762
+ {
763
+ "key": "aws-cdk:auto-delete-objects",
764
+ "value": "true"
765
+ }
766
+ ],
767
+ "versioningConfiguration": {
768
+ "status": "Enabled"
769
+ }
770
+ }
771
+ },
772
+ "constructInfo": {
773
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
774
+ "version": "2.177.0"
775
+ }
776
+ },
777
+ "Policy": {
778
+ "id": "Policy",
779
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket/Policy",
780
+ "children": {
781
+ "Resource": {
782
+ "id": "Resource",
783
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket/Policy/Resource",
784
+ "attributes": {
785
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
786
+ "aws:cdk:cloudformation:props": {
787
+ "bucket": {
788
+ "Ref": "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72"
789
+ },
790
+ "policyDocument": {
791
+ "Statement": [
792
+ {
793
+ "Action": "s3:*",
794
+ "Condition": {
795
+ "Bool": {
796
+ "aws:SecureTransport": "false"
797
+ }
798
+ },
799
+ "Effect": "Deny",
800
+ "Principal": {
801
+ "AWS": "*"
802
+ },
803
+ "Resource": [
804
+ {
805
+ "Fn::GetAtt": [
806
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
807
+ "Arn"
808
+ ]
809
+ },
810
+ {
811
+ "Fn::Join": [
812
+ "",
813
+ [
814
+ {
815
+ "Fn::GetAtt": [
816
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
817
+ "Arn"
818
+ ]
819
+ },
820
+ "/*"
821
+ ]
822
+ ]
823
+ }
824
+ ]
825
+ },
826
+ {
827
+ "Action": [
828
+ "s3:DeleteObject*",
829
+ "s3:GetBucket*",
830
+ "s3:List*",
831
+ "s3:PutBucketPolicy"
832
+ ],
833
+ "Effect": "Allow",
834
+ "Principal": {
835
+ "AWS": {
836
+ "Fn::GetAtt": [
837
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
838
+ "Arn"
839
+ ]
840
+ }
841
+ },
842
+ "Resource": [
843
+ {
844
+ "Fn::GetAtt": [
845
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
846
+ "Arn"
847
+ ]
848
+ },
849
+ {
850
+ "Fn::Join": [
851
+ "",
852
+ [
853
+ {
854
+ "Fn::GetAtt": [
855
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
856
+ "Arn"
857
+ ]
858
+ },
859
+ "/*"
860
+ ]
861
+ ]
862
+ }
863
+ ]
864
+ }
865
+ ],
866
+ "Version": "2012-10-17"
867
+ }
868
+ }
869
+ },
870
+ "constructInfo": {
871
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
872
+ "version": "2.177.0"
873
+ }
874
+ }
875
+ },
876
+ "constructInfo": {
877
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
878
+ "version": "2.177.0"
879
+ }
880
+ },
881
+ "AutoDeleteObjectsCustomResource": {
882
+ "id": "AutoDeleteObjectsCustomResource",
883
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource",
884
+ "children": {
885
+ "Default": {
886
+ "id": "Default",
887
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default",
888
+ "constructInfo": {
889
+ "fqn": "aws-cdk-lib.CfnResource",
890
+ "version": "2.177.0"
891
+ }
892
+ }
893
+ },
894
+ "constructInfo": {
895
+ "fqn": "aws-cdk-lib.CustomResource",
896
+ "version": "2.177.0"
897
+ }
898
+ }
899
+ },
900
+ "constructInfo": {
901
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
902
+ "version": "2.177.0"
903
+ }
904
+ },
905
+ "CloudFrontDistribution": {
906
+ "id": "CloudFrontDistribution",
907
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudFrontDistribution",
908
+ "children": {
909
+ "Origin1": {
910
+ "id": "Origin1",
911
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudFrontDistribution/Origin1",
912
+ "children": {
913
+ "S3Origin": {
914
+ "id": "S3Origin",
915
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudFrontDistribution/Origin1/S3Origin",
916
+ "children": {
917
+ "Resource": {
918
+ "id": "Resource",
919
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudFrontDistribution/Origin1/S3Origin/Resource",
920
+ "attributes": {
921
+ "aws:cdk:cloudformation:type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
922
+ "aws:cdk:cloudformation:props": {
923
+ "cloudFrontOriginAccessIdentityConfig": {
924
+ "comment": "Identity for cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfrontoais3managedkeyCloudFrontDistributionOri"
925
+ }
926
+ }
927
+ },
928
+ "constructInfo": {
929
+ "fqn": "aws-cdk-lib.aws_cloudfront.CfnCloudFrontOriginAccessIdentity",
930
+ "version": "2.177.0"
931
+ }
932
+ }
933
+ },
934
+ "constructInfo": {
935
+ "fqn": "aws-cdk-lib.aws_cloudfront.OriginAccessIdentity",
936
+ "version": "2.177.0"
937
+ }
938
+ }
939
+ },
940
+ "constructInfo": {
941
+ "fqn": "constructs.Construct",
942
+ "version": "10.4.2"
943
+ }
944
+ },
945
+ "Resource": {
946
+ "id": "Resource",
947
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-oai-s3-managed-key/CloudFrontDistribution/Resource",
948
+ "attributes": {
949
+ "aws:cdk:cloudformation:type": "AWS::CloudFront::Distribution",
950
+ "aws:cdk:cloudformation:props": {
951
+ "distributionConfig": {
952
+ "enabled": true,
953
+ "origins": [
954
+ {
955
+ "domainName": {
956
+ "Fn::GetAtt": [
957
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
958
+ "RegionalDomainName"
959
+ ]
960
+ },
961
+ "id": "cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfrontoais3managedkeyCloudFrontDistributionOrigin1B257510C",
962
+ "s3OriginConfig": {
963
+ "originAccessIdentity": {
964
+ "Fn::Join": [
965
+ "",
966
+ [
967
+ "origin-access-identity/cloudfront/",
968
+ {
969
+ "Ref": "testcloudfrontoais3managedkeyCloudFrontDistributionOrigin1S3OriginFC894C0D"
970
+ }
971
+ ]
972
+ ]
973
+ }
974
+ }
975
+ }
976
+ ],
977
+ "defaultCacheBehavior": {
978
+ "pathPattern": "*",
979
+ "targetOriginId": "cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfrontoais3managedkeyCloudFrontDistributionOrigin1B257510C",
980
+ "cachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
981
+ "compress": true,
982
+ "viewerProtocolPolicy": "redirect-to-https"
983
+ },
984
+ "defaultRootObject": "index.html",
985
+ "httpVersion": "http2",
986
+ "ipv6Enabled": true,
987
+ "logging": {
988
+ "bucket": {
989
+ "Fn::GetAtt": [
990
+ "testcloudfrontoais3managedkeyCloudfrontLoggingBucketE6FDAA72",
991
+ "RegionalDomainName"
992
+ ]
993
+ }
994
+ }
995
+ }
996
+ }
997
+ },
998
+ "constructInfo": {
999
+ "fqn": "aws-cdk-lib.aws_cloudfront.CfnDistribution",
1000
+ "version": "2.177.0"
1001
+ }
1002
+ }
1003
+ },
1004
+ "constructInfo": {
1005
+ "fqn": "aws-cdk-lib.aws_cloudfront.Distribution",
1006
+ "version": "2.177.0"
1007
+ }
1008
+ }
1009
+ },
1010
+ "constructInfo": {
1011
+ "fqn": "@aws-solutions-constructs/aws-cloudfront-oai-s3.CloudFrontToOaiToS3",
1012
+ "version": "2.78.1"
1013
+ }
1014
+ },
1015
+ "Integ": {
1016
+ "id": "Integ",
1017
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ",
1018
+ "children": {
1019
+ "DefaultTest": {
1020
+ "id": "DefaultTest",
1021
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest",
1022
+ "children": {
1023
+ "Default": {
1024
+ "id": "Default",
1025
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/Default",
1026
+ "constructInfo": {
1027
+ "fqn": "constructs.Construct",
1028
+ "version": "10.4.2"
1029
+ }
1030
+ },
1031
+ "DeployAssert": {
1032
+ "id": "DeployAssert",
1033
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert",
1034
+ "children": {
1035
+ "BootstrapVersion": {
1036
+ "id": "BootstrapVersion",
1037
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion",
1038
+ "constructInfo": {
1039
+ "fqn": "aws-cdk-lib.CfnParameter",
1040
+ "version": "2.177.0"
1041
+ }
1042
+ },
1043
+ "CheckBootstrapVersion": {
1044
+ "id": "CheckBootstrapVersion",
1045
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion",
1046
+ "constructInfo": {
1047
+ "fqn": "aws-cdk-lib.CfnRule",
1048
+ "version": "2.177.0"
1049
+ }
1050
+ }
1051
+ },
1052
+ "constructInfo": {
1053
+ "fqn": "aws-cdk-lib.Stack",
1054
+ "version": "2.177.0"
1055
+ }
1056
+ }
1057
+ },
1058
+ "constructInfo": {
1059
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase",
1060
+ "version": "2.177.0-alpha.0"
1061
+ }
1062
+ }
1063
+ },
1064
+ "constructInfo": {
1065
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTest",
1066
+ "version": "2.177.0-alpha.0"
1067
+ }
1068
+ },
1069
+ "BootstrapVersion": {
1070
+ "id": "BootstrapVersion",
1071
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/BootstrapVersion",
1072
+ "constructInfo": {
1073
+ "fqn": "aws-cdk-lib.CfnParameter",
1074
+ "version": "2.177.0"
1075
+ }
1076
+ },
1077
+ "CheckBootstrapVersion": {
1078
+ "id": "CheckBootstrapVersion",
1079
+ "path": "cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket/CheckBootstrapVersion",
1080
+ "constructInfo": {
1081
+ "fqn": "aws-cdk-lib.CfnRule",
1082
+ "version": "2.177.0"
1083
+ }
1084
+ }
1085
+ },
1086
+ "constructInfo": {
1087
+ "fqn": "aws-cdk-lib.Stack",
1088
+ "version": "2.177.0"
1089
+ }
1090
+ },
1091
+ "Tree": {
1092
+ "id": "Tree",
1093
+ "path": "Tree",
1094
+ "constructInfo": {
1095
+ "fqn": "constructs.Construct",
1096
+ "version": "10.4.2"
1097
+ }
1098
+ }
1099
+ },
1100
+ "constructInfo": {
1101
+ "fqn": "aws-cdk-lib.App",
1102
+ "version": "2.177.0"
1103
+ }
1104
+ }
1105
+ }