@aws-solutions-constructs/aws-cloudfront-s3 2.101.0 → 2.103.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (111) hide show
  1. package/.jsii +253 -5
  2. package/lib/index.js +1 -1
  3. package/package.json +8 -8
  4. package/test/integ.cfts3-additional-behavior.js.snapshot/cdk.out +1 -1
  5. package/test/integ.cfts3-additional-behavior.js.snapshot/cfts3-additional-behavior.assets.json +4 -4
  6. package/test/integ.cfts3-additional-behavior.js.snapshot/cfts3-additional-behavior.template.json +1 -1
  7. package/test/integ.cfts3-additional-behavior.js.snapshot/cfts3additionalbehaviorIntegDefaultTestDeployAssert95755C01.assets.json +1 -1
  8. package/test/integ.cfts3-additional-behavior.js.snapshot/integ.json +2 -2
  9. package/test/integ.cfts3-additional-behavior.js.snapshot/manifest.json +24 -3
  10. package/test/integ.cfts3-additional-behavior.js.snapshot/tree.json +1 -1
  11. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/cfn-response.js +1 -0
  12. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/framework.js +3 -0
  13. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/outbound.js +1 -0
  14. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
  15. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +8 -8
  16. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.metadata.json +685 -0
  17. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +3 -3
  18. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +1 -1
  19. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.metadata.json +14 -0
  20. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +2 -2
  21. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +53 -644
  22. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1 -1
  23. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
  24. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +4 -4
  25. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.metadata.json +314 -0
  26. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +1 -1
  27. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +1 -1
  28. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.metadata.json +14 -0
  29. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +2 -2
  30. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +53 -283
  31. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1 -1
  32. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/cfn-response.js +1 -0
  33. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/framework.js +3 -0
  34. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63/outbound.js +1 -0
  35. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -1
  36. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +8 -8
  37. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.metadata.json +660 -0
  38. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +3 -3
  39. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +1 -1
  40. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.metadata.json +14 -0
  41. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +2 -2
  42. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +53 -631
  43. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1 -1
  44. package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -1
  45. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +4 -4
  46. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +1 -1
  47. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +1 -1
  48. package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +2 -2
  49. package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +24 -3
  50. package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1 -1
  51. package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -1
  52. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +4 -4
  53. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +1 -1
  54. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +1 -1
  55. package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +2 -2
  56. package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +24 -3
  57. package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1 -1
  58. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -1
  59. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +4 -4
  60. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +1 -1
  61. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +1 -1
  62. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +2 -2
  63. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +24 -3
  64. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1 -1
  65. package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -1
  66. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +4 -4
  67. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1 -1
  68. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +1 -1
  69. package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +2 -2
  70. package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +24 -3
  71. package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1 -1
  72. package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -1
  73. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +4 -4
  74. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +1 -1
  75. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +1 -1
  76. package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +2 -2
  77. package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +24 -3
  78. package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1 -1
  79. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -1
  80. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.assets.json +4 -4
  81. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.template.json +1 -1
  82. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3nocloudfronts3accesslogsIntegDefaultTestDeployAssertAD28C87A.assets.json +1 -1
  83. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +2 -2
  84. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +24 -3
  85. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +1 -1
  86. package/test/integ.cfts3-no-logging.js.snapshot/cdk.out +1 -1
  87. package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.assets.json +4 -4
  88. package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.template.json +1 -1
  89. package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.assets.json +1 -1
  90. package/test/integ.cfts3-no-logging.js.snapshot/integ.json +2 -2
  91. package/test/integ.cfts3-no-logging.js.snapshot/manifest.json +24 -3
  92. package/test/integ.cfts3-no-logging.js.snapshot/tree.json +1 -1
  93. package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -1
  94. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +4 -4
  95. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.metadata.json +314 -0
  96. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +1 -1
  97. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +1 -1
  98. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.metadata.json +14 -0
  99. package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +2 -2
  100. package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +53 -283
  101. package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1 -1
  102. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/cfn-response.js +0 -1
  103. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/framework.js +0 -3
  104. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/outbound.js +0 -1
  105. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/cfn-response.js +0 -1
  106. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/framework.js +0 -3
  107. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57/outbound.js +0 -1
  108. /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57 → asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63}/consts.js +0 -0
  109. /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57 → asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63}/util.js +0 -0
  110. /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57 → asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63}/consts.js +0 -0
  111. /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57 → asset.e16ffb3b34af185b8b30c88fdb19faa13b6c42bb38580485c4e84b384ee48b63}/util.js +0 -0
@@ -0,0 +1,14 @@
1
+ {
2
+ "/cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/BootstrapVersion": [
3
+ {
4
+ "type": "aws:cdk:logicalId",
5
+ "data": "BootstrapVersion"
6
+ }
7
+ ],
8
+ "/cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [
9
+ {
10
+ "type": "aws:cdk:logicalId",
11
+ "data": "CheckBootstrapVersion"
12
+ }
13
+ ]
14
+ }
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "48.0.0",
2
+ "version": "54.0.0",
3
3
  "testCases": {
4
4
  "cfts3-no-security-headers/Integ/DefaultTest": {
5
5
  "stacks": [
@@ -9,5 +9,5 @@
9
9
  "assertionStackName": "cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE"
10
10
  }
11
11
  },
12
- "minimumCliVersion": "2.1033.0"
12
+ "minimumCliVersion": "2.1128.1"
13
13
  }
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "48.0.0",
2
+ "version": "54.0.0",
3
3
  "artifacts": {
4
4
  "cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets": {
5
5
  "type": "cdk:asset-manifest",
@@ -33,20 +33,7 @@
33
33
  "dependencies": [
34
34
  "cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets"
35
35
  ],
36
- "metadata": {
37
- "/cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/BootstrapVersion": [
38
- {
39
- "type": "aws:cdk:logicalId",
40
- "data": "BootstrapVersion"
41
- }
42
- ],
43
- "/cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [
44
- {
45
- "type": "aws:cdk:logicalId",
46
- "data": "CheckBootstrapVersion"
47
- }
48
- ]
49
- },
36
+ "additionalMetadataFile": "cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.metadata.json",
50
37
  "displayName": "cfts3-no-security-headers/Integ/DefaultTest/DeployAssert"
51
38
  },
52
39
  "cfts3-no-security-headers.assets": {
@@ -66,7 +53,7 @@
66
53
  "validateOnSynth": false,
67
54
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
68
55
  "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
69
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b656789990ea52bba01d07f73e8f7d9b0a0f85f95e609abe4118689685ca263c.json",
56
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0c6d540ef7c7149affc6b1d593928b51567cb406895083118fee723096a92d21.json",
70
57
  "requiresBootstrapStackVersion": 6,
71
58
  "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
72
59
  "additionalDependencies": [
@@ -81,272 +68,7 @@
81
68
  "dependencies": [
82
69
  "cfts3-no-security-headers.assets"
83
70
  ],
84
- "metadata": {
85
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket": [
86
- {
87
- "type": "aws:cdk:analytics:construct",
88
- "data": {
89
- "encryption": "S3_MANAGED",
90
- "versioned": true,
91
- "blockPublicAccess": "*",
92
- "removalPolicy": "destroy",
93
- "enforceSSL": true,
94
- "autoDeleteObjects": true
95
- }
96
- }
97
- ],
98
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Resource": [
99
- {
100
- "type": "aws:cdk:logicalId",
101
- "data": "testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F"
102
- }
103
- ],
104
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy": [
105
- {
106
- "type": "aws:cdk:analytics:construct",
107
- "data": {
108
- "bucket": "*"
109
- }
110
- }
111
- ],
112
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy/Resource": [
113
- {
114
- "type": "aws:cdk:logicalId",
115
- "data": "testcloudfronts3nosecurityheadersS3LoggingBucketPolicy264DE8B6"
116
- }
117
- ],
118
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource": [
119
- {
120
- "type": "aws:cdk:analytics:construct",
121
- "data": "*"
122
- }
123
- ],
124
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default": [
125
- {
126
- "type": "aws:cdk:logicalId",
127
- "data": "testcloudfronts3nosecurityheadersS3LoggingBucketAutoDeleteObjectsCustomResourceB6D397D3"
128
- }
129
- ],
130
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket": [
131
- {
132
- "type": "aws:cdk:analytics:construct",
133
- "data": {
134
- "encryption": "S3_MANAGED",
135
- "versioned": true,
136
- "blockPublicAccess": "*",
137
- "removalPolicy": "destroy",
138
- "enforceSSL": true,
139
- "lifecycleRules": [
140
- {
141
- "noncurrentVersionTransitions": [
142
- {
143
- "storageClass": "*"
144
- }
145
- ]
146
- }
147
- ],
148
- "serverAccessLogsBucket": "*",
149
- "autoDeleteObjects": true
150
- }
151
- },
152
- {
153
- "type": "aws:cdk:analytics:method",
154
- "data": {
155
- "addLifecycleRule": [
156
- {
157
- "noncurrentVersionTransitions": [
158
- {
159
- "storageClass": "*"
160
- }
161
- ]
162
- },
163
- "*",
164
- "*"
165
- ]
166
- }
167
- }
168
- ],
169
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Resource": [
170
- {
171
- "type": "aws:cdk:logicalId",
172
- "data": "testcloudfronts3nosecurityheadersS3Bucket4D06173D"
173
- }
174
- ],
175
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy": [
176
- {
177
- "type": "aws:cdk:analytics:construct",
178
- "data": {
179
- "bucket": "*"
180
- }
181
- }
182
- ],
183
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy/Resource": [
184
- {
185
- "type": "aws:cdk:logicalId",
186
- "data": "testcloudfronts3nosecurityheadersS3BucketPolicy99D27ED1"
187
- }
188
- ],
189
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource": [
190
- {
191
- "type": "aws:cdk:analytics:construct",
192
- "data": "*"
193
- }
194
- ],
195
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource/Default": [
196
- {
197
- "type": "aws:cdk:logicalId",
198
- "data": "testcloudfronts3nosecurityheadersS3BucketAutoDeleteObjectsCustomResource7011F955"
199
- }
200
- ],
201
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog": [
202
- {
203
- "type": "aws:cdk:analytics:construct",
204
- "data": {
205
- "encryption": "S3_MANAGED",
206
- "versioned": true,
207
- "blockPublicAccess": "*",
208
- "removalPolicy": "destroy",
209
- "enforceSSL": true,
210
- "autoDeleteObjects": true
211
- }
212
- }
213
- ],
214
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Resource": [
215
- {
216
- "type": "aws:cdk:logicalId",
217
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1"
218
- }
219
- ],
220
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy": [
221
- {
222
- "type": "aws:cdk:analytics:construct",
223
- "data": {
224
- "bucket": "*"
225
- }
226
- }
227
- ],
228
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy/Resource": [
229
- {
230
- "type": "aws:cdk:logicalId",
231
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogPolicy3DF5F522"
232
- }
233
- ],
234
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource": [
235
- {
236
- "type": "aws:cdk:analytics:construct",
237
- "data": "*"
238
- }
239
- ],
240
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default": [
241
- {
242
- "type": "aws:cdk:logicalId",
243
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResource20738403"
244
- }
245
- ],
246
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket": [
247
- {
248
- "type": "aws:cdk:analytics:construct",
249
- "data": {
250
- "encryption": "S3_MANAGED",
251
- "versioned": true,
252
- "blockPublicAccess": "*",
253
- "removalPolicy": "destroy",
254
- "enforceSSL": true,
255
- "autoDeleteObjects": true,
256
- "objectOwnership": "ObjectWriter",
257
- "serverAccessLogsBucket": "*"
258
- }
259
- }
260
- ],
261
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Resource": [
262
- {
263
- "type": "aws:cdk:logicalId",
264
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5"
265
- }
266
- ],
267
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy": [
268
- {
269
- "type": "aws:cdk:analytics:construct",
270
- "data": {
271
- "bucket": "*"
272
- }
273
- }
274
- ],
275
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy/Resource": [
276
- {
277
- "type": "aws:cdk:logicalId",
278
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketPolicy7D709982"
279
- }
280
- ],
281
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource": [
282
- {
283
- "type": "aws:cdk:analytics:construct",
284
- "data": "*"
285
- }
286
- ],
287
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default": [
288
- {
289
- "type": "aws:cdk:logicalId",
290
- "data": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAutoDeleteObjectsCustomResource5BEC5CA0"
291
- }
292
- ],
293
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontOac": [
294
- {
295
- "type": "aws:cdk:logicalId",
296
- "data": "testcloudfronts3nosecurityheadersCloudFrontOac7954FB73"
297
- }
298
- ],
299
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution": [
300
- {
301
- "type": "aws:cdk:analytics:construct",
302
- "data": {
303
- "defaultBehavior": {
304
- "origin": "*",
305
- "viewerProtocolPolicy": "redirect-to-https"
306
- },
307
- "enableLogging": true,
308
- "logBucket": "*",
309
- "defaultRootObject": "*"
310
- }
311
- }
312
- ],
313
- "/cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution/Resource": [
314
- {
315
- "type": "aws:cdk:logicalId",
316
- "data": "testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED"
317
- }
318
- ],
319
- "/cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider": [
320
- {
321
- "type": "aws:cdk:is-custom-resource-handler-customResourceProvider",
322
- "data": true
323
- }
324
- ],
325
- "/cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [
326
- {
327
- "type": "aws:cdk:logicalId",
328
- "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
329
- }
330
- ],
331
- "/cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [
332
- {
333
- "type": "aws:cdk:logicalId",
334
- "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F"
335
- }
336
- ],
337
- "/cfts3-no-security-headers/BootstrapVersion": [
338
- {
339
- "type": "aws:cdk:logicalId",
340
- "data": "BootstrapVersion"
341
- }
342
- ],
343
- "/cfts3-no-security-headers/CheckBootstrapVersion": [
344
- {
345
- "type": "aws:cdk:logicalId",
346
- "data": "CheckBootstrapVersion"
347
- }
348
- ]
349
- },
71
+ "additionalMetadataFile": "cfts3-no-security-headers.metadata.json",
350
72
  "displayName": "cfts3-no-security-headers"
351
73
  },
352
74
  "Tree": {
@@ -361,6 +83,7 @@
361
83
  "module": "aws-cdk-lib",
362
84
  "flags": {
363
85
  "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": {
86
+ "userValue": true,
364
87
  "recommendedValue": true,
365
88
  "explanation": "Pass signingProfileName to CfnSigningProfile"
366
89
  },
@@ -379,6 +102,7 @@
379
102
  }
380
103
  },
381
104
  "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": {
105
+ "userValue": true,
382
106
  "recommendedValue": true,
383
107
  "explanation": "Disable implicit openListener when custom security groups are provided"
384
108
  },
@@ -644,6 +368,11 @@
644
368
  "recommendedValue": true,
645
369
  "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix."
646
370
  },
371
+ "@aws-cdk/aws-eks:useNativeOidcProvider": {
372
+ "userValue": true,
373
+ "recommendedValue": true,
374
+ "explanation": "When enabled, EKS V2 clusters will use the native OIDC provider resource AWS::IAM::OIDCProvider instead of creating the OIDCProvider with a custom resource (iam.OpenIDConnectProvider)."
375
+ },
647
376
  "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": {
648
377
  "userValue": true,
649
378
  "recommendedValue": true,
@@ -821,6 +550,7 @@
821
550
  "explanation": "When enabled, CDK creates and manages loggroup for the lambda function"
822
551
  },
823
552
  "@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": {
553
+ "userValue": true,
824
554
  "recommendedValue": true,
825
555
  "explanation": "When enabled, Network Load Balancer will be created with a security group by default."
826
556
  },
@@ -832,16 +562,56 @@
832
562
  }
833
563
  },
834
564
  "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": {
565
+ "userValue": true,
835
566
  "recommendedValue": true,
836
567
  "explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement"
837
568
  },
838
569
  "@aws-cdk/aws-route53-patterns:useDistribution": {
570
+ "userValue": true,
839
571
  "recommendedValue": true,
840
572
  "explanation": "Use the `Distribution` resource instead of `CloudFrontWebDistribution`"
573
+ },
574
+ "@aws-cdk/aws-cloudfront:defaultFunctionRuntimeV2_0": {
575
+ "userValue": true,
576
+ "recommendedValue": true,
577
+ "explanation": "Use cloudfront-js-2.0 as the default runtime for CloudFront Functions"
578
+ },
579
+ "@aws-cdk/aws-elasticloadbalancingv2:usePostQuantumTlsPolicy": {
580
+ "userValue": true,
581
+ "recommendedValue": true,
582
+ "explanation": "When enabled, HTTPS/TLS listeners use post-quantum TLS policy by default"
583
+ },
584
+ "@aws-cdk/core:automaticL1Traits": {
585
+ "recommendedValue": true,
586
+ "explanation": "Automatically use the default L1 traits for L1 constructs`",
587
+ "unconfiguredBehavesLike": {
588
+ "v2": true
589
+ }
590
+ },
591
+ "@aws-cdk/aws-batch:defaultToAL2023": {
592
+ "userValue": true,
593
+ "recommendedValue": true,
594
+ "explanation": "Use AL2023 as the default imageType for EC2 Batch compute environments instead of the deprecated AL2"
595
+ },
596
+ "@aws-cdk/aws-eks:defaultToAL2023": {
597
+ "recommendedValue": true,
598
+ "explanation": "Use AL2023 as the default AMI type for EKS managed node groups using non-GPU instance types instead of the deprecated AL2"
599
+ },
600
+ "@aws-cdk/core:annotationsInValidationReport": {
601
+ "userValue": true,
602
+ "recommendedValue": true,
603
+ "explanation": "Include construct annotations (warnings and errors) in the policy validation report"
604
+ },
605
+ "@aws-cdk/core:defaultCrossStackReferences": {
606
+ "recommendedValue": "weak",
607
+ "explanation": "Controls whether cross-region stack references are strong, weak, or both",
608
+ "unconfiguredBehavesLike": {
609
+ "v2": "strong"
610
+ }
841
611
  }
842
612
  }
843
613
  }
844
614
  }
845
615
  },
846
- "minimumCliVersion": "2.1021.0"
616
+ "minimumCliVersion": "2.1128.1"
847
617
  }
@@ -1 +1 @@
1
- {"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.233.0"},"children":{"cfts3-no-security-headers":{"id":"cfts3-no-security-headers","path":"cfts3-no-security-headers","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"test-cloudfront-s3-no-security-headers":{"id":"test-cloudfront-s3-no-security-headers","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.97.0"},"children":{"S3LoggingBucket":{"id":"S3LoggingBucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"S3Bucket":{"id":"S3Bucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","autoDeleteObjects":true},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersS3Bucket4D06173D"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testaders-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.233.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","RegionalDomainName"]},"id":"cfts3nosecurityheaderstestcloudfronts3nosecurityheadersCloudFrontDistributionOrigin1A0125E27","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3nosecurityheaderstestcloudfronts3nosecurityheadersCloudFrontDistributionOrigin1A0125E27","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","RegionalDomainName"]}}}}}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.233.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"Role":{"id":"Role","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}},"Handler":{"id":"Handler","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}},"Integ":{"id":"Integ","path":"cfts3-no-security-headers/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.233.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-no-security-headers/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.233.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-no-security-headers/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-no-security-headers/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
1
+ {"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.259.0"},"children":{"cfts3-no-security-headers":{"id":"cfts3-no-security-headers","path":"cfts3-no-security-headers","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.259.0"},"children":{"test-cloudfront-s3-no-security-headers":{"id":"test-cloudfront-s3-no-security-headers","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.102.0"},"children":{"S3LoggingBucket":{"id":"S3LoggingBucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersS3LoggingBucketPolicy264DE8B6","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.259.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}}}}}},"S3Bucket":{"id":"S3Bucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersS3Bucket4D06173D","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersS3BucketPolicy99D27ED1","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersS3Bucket4D06173D"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","Arn"]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.259.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/S3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogPolicy3DF5F522","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.259.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAccessLogA3FF51B1"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.259.0"},"children":{"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucketPolicy7D709982","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.259.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudFrontOac7954FB73","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testaders-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.259.0"},"children":{"Origin1":{"id":"Origin1","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}},"Resource":{"id":"Resource","path":"cfts3-no-security-headers/test-cloudfront-s3-no-security-headers/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.259.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:logicalId":"testcloudfronts3nosecurityheadersCloudFrontDistribution3BC8CDED","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersS3Bucket4D06173D","RegionalDomainName"]},"id":"cfts3nosecurityheaderstestcloudfronts3nosecurityheadersCloudFrontDistributionOrigin1A0125E27","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3nosecurityheaderstestcloudfronts3nosecurityheadersCloudFrontDistributionOrigin1A0125E27","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5","RegionalDomainName"]}}}}}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.259.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.259.0"}},"Role":{"id":"Role","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}},"Handler":{"id":"Handler","path":"cfts3-no-security-headers/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.259.0"}}}},"Integ":{"id":"Integ","path":"cfts3-no-security-headers/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.259.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-no-security-headers/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.259.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-no-security-headers/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.259.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.259.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-no-security-headers/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.259.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-no-security-headers/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.259.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-no-security-headers/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.259.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.5.1"}}}}}
@@ -1 +0,0 @@
1
- "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Retry=exports.includeStackTraces=exports.MISSING_PHYSICAL_ID_MARKER=exports.CREATE_FAILED_PHYSICAL_ID_MARKER=void 0,exports.submitResponse=submitResponse,exports.safeHandler=safeHandler,exports.redactDataFromPayload=redactDataFromPayload;const url=require("url"),outbound_1=require("./outbound"),util_1=require("./util");exports.CREATE_FAILED_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",exports.MISSING_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";async function submitResponse(status,event,options={}){const json={Status:status,Reason:options.reason||status,StackId:event.StackId,RequestId:event.RequestId,PhysicalResourceId:event.PhysicalResourceId||exports.MISSING_PHYSICAL_ID_MARKER,LogicalResourceId:event.LogicalResourceId,NoEcho:options.noEcho,Data:event.Data},responseBody=JSON.stringify(json),parsedUrl=url.parse(event.ResponseURL),loggingSafeUrl=`${parsedUrl.protocol}//${parsedUrl.hostname}/${parsedUrl.pathname}?***`;options?.noEcho?(0,util_1.log)("submit redacted response to cloudformation",loggingSafeUrl,redactDataFromPayload(json)):(0,util_1.log)("submit response to cloudformation",loggingSafeUrl,json);const retryOptions={attempts:5,sleep:1e3};await(0,util_1.withRetries)(retryOptions,outbound_1.httpRequest)({hostname:parsedUrl.hostname,path:parsedUrl.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(responseBody,"utf8")}},responseBody)}exports.includeStackTraces=!0;function safeHandler(block){return async event=>{if(event.RequestType==="Delete"&&event.PhysicalResourceId===exports.CREATE_FAILED_PHYSICAL_ID_MARKER){(0,util_1.log)("ignoring DELETE event caused by a failed CREATE event"),await submitResponse("SUCCESS",event);return}try{await block(event)}catch(e){if(e instanceof Retry)throw(0,util_1.log)("retry requested by handler"),e;event.PhysicalResourceId||(event.RequestType==="Create"?((0,util_1.log)("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),event.PhysicalResourceId=exports.CREATE_FAILED_PHYSICAL_ID_MARKER):(0,util_1.log)(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify({...event,ResponseURL:"..."})}`)),await submitResponse("FAILED",event,{reason:exports.includeStackTraces?e.stack:e.message})}}}function redactDataFromPayload(payload){const redactedPayload=JSON.parse(JSON.stringify(payload));if(redactedPayload.Data){const keys=Object.keys(redactedPayload.Data);for(const key of keys)redactedPayload.Data[key]="*****"}return redactedPayload}class Retry extends Error{}exports.Retry=Retry;
@@ -1,3 +0,0 @@
1
- "use strict";const cfnResponse=require("./cfn-response"),consts=require("./consts"),outbound_1=require("./outbound"),util_1=require("./util");async function onEvent(cfnRequest){const sanitizedRequest={...cfnRequest,ResponseURL:"..."};(0,util_1.log)("onEventHandler",sanitizedRequest),cfnRequest.ResourceProperties=cfnRequest.ResourceProperties||{};const onEventResult=await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV,sanitizedRequest,cfnRequest.ResponseURL);onEventResult?.NoEcho?(0,util_1.log)("redacted onEvent returned:",cfnResponse.redactDataFromPayload(onEventResult)):(0,util_1.log)("onEvent returned:",onEventResult);const resourceEvent=createResponseEvent(cfnRequest,onEventResult),sanitizedEvent={...resourceEvent,ResponseURL:"..."};if(onEventResult?.NoEcho?(0,util_1.log)("readacted event:",cfnResponse.redactDataFromPayload(sanitizedEvent)):(0,util_1.log)("event:",sanitizedEvent),!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV])return cfnResponse.submitResponse("SUCCESS",resourceEvent,{noEcho:resourceEvent.NoEcho});const waiter={stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV),input:JSON.stringify(resourceEvent)};(0,util_1.log)("starting waiter",{stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV)}),await(0,outbound_1.startExecution)(waiter)}async function isComplete(event){const sanitizedRequest={...event,ResponseURL:"..."};event?.NoEcho?(0,util_1.log)("redacted isComplete request",cfnResponse.redactDataFromPayload(sanitizedRequest)):(0,util_1.log)("isComplete",sanitizedRequest);const isCompleteResult=await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV,sanitizedRequest,event.ResponseURL);if(event?.NoEcho?(0,util_1.log)("redacted user isComplete returned:",cfnResponse.redactDataFromPayload(isCompleteResult)):(0,util_1.log)("user isComplete returned:",isCompleteResult),!isCompleteResult.IsComplete)throw isCompleteResult.Data&&Object.keys(isCompleteResult.Data).length>0?new Error('"Data" is not allowed if "IsComplete" is "False"'):new cfnResponse.Retry(JSON.stringify(event));const response={...event,...isCompleteResult,Data:{...event.Data,...isCompleteResult.Data}};await cfnResponse.submitResponse("SUCCESS",response,{noEcho:event.NoEcho})}async function onTimeout(timeoutEvent){(0,util_1.log)("timeoutHandler",timeoutEvent);const isCompleteRequest=JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage);await cfnResponse.submitResponse("FAILED",isCompleteRequest,{reason:"Operation timed out"})}async function invokeUserFunction(functionArnEnv,sanitizedPayload,responseUrl){const functionArn=(0,util_1.getEnv)(functionArnEnv);(0,util_1.log)(`executing user function ${functionArn} with payload`,sanitizedPayload);const resp=await(0,outbound_1.invokeFunction)({FunctionName:functionArn,Payload:JSON.stringify({...sanitizedPayload,ResponseURL:responseUrl})});(0,util_1.log)("user function response:",resp,typeof resp);const jsonPayload=(0,util_1.parseJsonPayload)(resp.Payload);if(resp.FunctionError){(0,util_1.log)("user function threw an error:",resp.FunctionError);const errorMessage=jsonPayload.errorMessage||"error",arn=functionArn.split(":"),functionName=arn[arn.length-1],message=[errorMessage,"",`Logs: /aws/lambda/${functionName}`,""].join(`
2
- `),e=new Error(message);throw jsonPayload.trace&&(e.stack=[message,...jsonPayload.trace.slice(1)].join(`
3
- `)),e}return jsonPayload}function createResponseEvent(cfnRequest,onEventResult){onEventResult=onEventResult||{};const physicalResourceId=onEventResult.PhysicalResourceId||defaultPhysicalResourceId(cfnRequest);if(cfnRequest.RequestType==="Delete"&&physicalResourceId!==cfnRequest.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`);return cfnRequest.RequestType==="Update"&&physicalResourceId!==cfnRequest.PhysicalResourceId&&(0,util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`),{...cfnRequest,...onEventResult,PhysicalResourceId:physicalResourceId}}function defaultPhysicalResourceId(req){switch(req.RequestType){case"Create":return req.RequestId;case"Update":case"Delete":return req.PhysicalResourceId;default:throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`)}}module.exports={[consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]:cfnResponse.safeHandler(onEvent),[consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]:cfnResponse.safeHandler(isComplete),[consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]:onTimeout};
@@ -1 +0,0 @@
1
- "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.httpRequest=exports.invokeFunction=exports.startExecution=void 0;const https=require("https"),client_lambda_1=require("@aws-sdk/client-lambda"),client_sfn_1=require("@aws-sdk/client-sfn"),FRAMEWORK_HANDLER_TIMEOUT=9e5,awsSdkConfig={httpOptions:{timeout:FRAMEWORK_HANDLER_TIMEOUT}};async function defaultHttpRequest(options,requestBody){return new Promise((resolve,reject)=>{try{const request=https.request(options,response=>{response.resume(),!response.statusCode||response.statusCode>=400?reject(new Error(`Unsuccessful HTTP response: ${response.statusCode}`)):resolve()});request.on("error",reject),request.write(requestBody),request.end()}catch(e){reject(e)}})}let sfn,lambda;async function defaultStartExecution(req){return sfn||(sfn=new client_sfn_1.SFN(awsSdkConfig)),sfn.startExecution(req)}async function defaultInvokeFunction(req){lambda||(lambda=new client_lambda_1.Lambda(awsSdkConfig));try{return await lambda.invoke(req)}catch{return await(0,client_lambda_1.waitUntilFunctionActiveV2)({client:lambda,maxWaitTime:300},{FunctionName:req.FunctionName}),lambda.invoke(req)}}exports.startExecution=defaultStartExecution,exports.invokeFunction=defaultInvokeFunction,exports.httpRequest=defaultHttpRequest;
@@ -1 +0,0 @@
1
- "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Retry=exports.includeStackTraces=exports.MISSING_PHYSICAL_ID_MARKER=exports.CREATE_FAILED_PHYSICAL_ID_MARKER=void 0,exports.submitResponse=submitResponse,exports.safeHandler=safeHandler,exports.redactDataFromPayload=redactDataFromPayload;const url=require("url"),outbound_1=require("./outbound"),util_1=require("./util");exports.CREATE_FAILED_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",exports.MISSING_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";async function submitResponse(status,event,options={}){const json={Status:status,Reason:options.reason||status,StackId:event.StackId,RequestId:event.RequestId,PhysicalResourceId:event.PhysicalResourceId||exports.MISSING_PHYSICAL_ID_MARKER,LogicalResourceId:event.LogicalResourceId,NoEcho:options.noEcho,Data:event.Data},responseBody=JSON.stringify(json),parsedUrl=url.parse(event.ResponseURL),loggingSafeUrl=`${parsedUrl.protocol}//${parsedUrl.hostname}/${parsedUrl.pathname}?***`;options?.noEcho?(0,util_1.log)("submit redacted response to cloudformation",loggingSafeUrl,redactDataFromPayload(json)):(0,util_1.log)("submit response to cloudformation",loggingSafeUrl,json);const retryOptions={attempts:5,sleep:1e3};await(0,util_1.withRetries)(retryOptions,outbound_1.httpRequest)({hostname:parsedUrl.hostname,path:parsedUrl.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(responseBody,"utf8")}},responseBody)}exports.includeStackTraces=!0;function safeHandler(block){return async event=>{if(event.RequestType==="Delete"&&event.PhysicalResourceId===exports.CREATE_FAILED_PHYSICAL_ID_MARKER){(0,util_1.log)("ignoring DELETE event caused by a failed CREATE event"),await submitResponse("SUCCESS",event);return}try{await block(event)}catch(e){if(e instanceof Retry)throw(0,util_1.log)("retry requested by handler"),e;event.PhysicalResourceId||(event.RequestType==="Create"?((0,util_1.log)("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),event.PhysicalResourceId=exports.CREATE_FAILED_PHYSICAL_ID_MARKER):(0,util_1.log)(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify({...event,ResponseURL:"..."})}`)),await submitResponse("FAILED",event,{reason:exports.includeStackTraces?e.stack:e.message})}}}function redactDataFromPayload(payload){const redactedPayload=JSON.parse(JSON.stringify(payload));if(redactedPayload.Data){const keys=Object.keys(redactedPayload.Data);for(const key of keys)redactedPayload.Data[key]="*****"}return redactedPayload}class Retry extends Error{}exports.Retry=Retry;
@@ -1,3 +0,0 @@
1
- "use strict";const cfnResponse=require("./cfn-response"),consts=require("./consts"),outbound_1=require("./outbound"),util_1=require("./util");async function onEvent(cfnRequest){const sanitizedRequest={...cfnRequest,ResponseURL:"..."};(0,util_1.log)("onEventHandler",sanitizedRequest),cfnRequest.ResourceProperties=cfnRequest.ResourceProperties||{};const onEventResult=await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV,sanitizedRequest,cfnRequest.ResponseURL);onEventResult?.NoEcho?(0,util_1.log)("redacted onEvent returned:",cfnResponse.redactDataFromPayload(onEventResult)):(0,util_1.log)("onEvent returned:",onEventResult);const resourceEvent=createResponseEvent(cfnRequest,onEventResult),sanitizedEvent={...resourceEvent,ResponseURL:"..."};if(onEventResult?.NoEcho?(0,util_1.log)("readacted event:",cfnResponse.redactDataFromPayload(sanitizedEvent)):(0,util_1.log)("event:",sanitizedEvent),!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV])return cfnResponse.submitResponse("SUCCESS",resourceEvent,{noEcho:resourceEvent.NoEcho});const waiter={stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV),input:JSON.stringify(resourceEvent)};(0,util_1.log)("starting waiter",{stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV)}),await(0,outbound_1.startExecution)(waiter)}async function isComplete(event){const sanitizedRequest={...event,ResponseURL:"..."};event?.NoEcho?(0,util_1.log)("redacted isComplete request",cfnResponse.redactDataFromPayload(sanitizedRequest)):(0,util_1.log)("isComplete",sanitizedRequest);const isCompleteResult=await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV,sanitizedRequest,event.ResponseURL);if(event?.NoEcho?(0,util_1.log)("redacted user isComplete returned:",cfnResponse.redactDataFromPayload(isCompleteResult)):(0,util_1.log)("user isComplete returned:",isCompleteResult),!isCompleteResult.IsComplete)throw isCompleteResult.Data&&Object.keys(isCompleteResult.Data).length>0?new Error('"Data" is not allowed if "IsComplete" is "False"'):new cfnResponse.Retry(JSON.stringify(event));const response={...event,...isCompleteResult,Data:{...event.Data,...isCompleteResult.Data}};await cfnResponse.submitResponse("SUCCESS",response,{noEcho:event.NoEcho})}async function onTimeout(timeoutEvent){(0,util_1.log)("timeoutHandler",timeoutEvent);const isCompleteRequest=JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage);await cfnResponse.submitResponse("FAILED",isCompleteRequest,{reason:"Operation timed out"})}async function invokeUserFunction(functionArnEnv,sanitizedPayload,responseUrl){const functionArn=(0,util_1.getEnv)(functionArnEnv);(0,util_1.log)(`executing user function ${functionArn} with payload`,sanitizedPayload);const resp=await(0,outbound_1.invokeFunction)({FunctionName:functionArn,Payload:JSON.stringify({...sanitizedPayload,ResponseURL:responseUrl})});(0,util_1.log)("user function response:",resp,typeof resp);const jsonPayload=(0,util_1.parseJsonPayload)(resp.Payload);if(resp.FunctionError){(0,util_1.log)("user function threw an error:",resp.FunctionError);const errorMessage=jsonPayload.errorMessage||"error",arn=functionArn.split(":"),functionName=arn[arn.length-1],message=[errorMessage,"",`Logs: /aws/lambda/${functionName}`,""].join(`
2
- `),e=new Error(message);throw jsonPayload.trace&&(e.stack=[message,...jsonPayload.trace.slice(1)].join(`
3
- `)),e}return jsonPayload}function createResponseEvent(cfnRequest,onEventResult){onEventResult=onEventResult||{};const physicalResourceId=onEventResult.PhysicalResourceId||defaultPhysicalResourceId(cfnRequest);if(cfnRequest.RequestType==="Delete"&&physicalResourceId!==cfnRequest.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`);return cfnRequest.RequestType==="Update"&&physicalResourceId!==cfnRequest.PhysicalResourceId&&(0,util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`),{...cfnRequest,...onEventResult,PhysicalResourceId:physicalResourceId}}function defaultPhysicalResourceId(req){switch(req.RequestType){case"Create":return req.RequestId;case"Update":case"Delete":return req.PhysicalResourceId;default:throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`)}}module.exports={[consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]:cfnResponse.safeHandler(onEvent),[consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]:cfnResponse.safeHandler(isComplete),[consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]:onTimeout};
@@ -1 +0,0 @@
1
- "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.httpRequest=exports.invokeFunction=exports.startExecution=void 0;const https=require("https"),client_lambda_1=require("@aws-sdk/client-lambda"),client_sfn_1=require("@aws-sdk/client-sfn"),FRAMEWORK_HANDLER_TIMEOUT=9e5,awsSdkConfig={httpOptions:{timeout:FRAMEWORK_HANDLER_TIMEOUT}};async function defaultHttpRequest(options,requestBody){return new Promise((resolve,reject)=>{try{const request=https.request(options,response=>{response.resume(),!response.statusCode||response.statusCode>=400?reject(new Error(`Unsuccessful HTTP response: ${response.statusCode}`)):resolve()});request.on("error",reject),request.write(requestBody),request.end()}catch(e){reject(e)}})}let sfn,lambda;async function defaultStartExecution(req){return sfn||(sfn=new client_sfn_1.SFN(awsSdkConfig)),sfn.startExecution(req)}async function defaultInvokeFunction(req){lambda||(lambda=new client_lambda_1.Lambda(awsSdkConfig));try{return await lambda.invoke(req)}catch{return await(0,client_lambda_1.waitUntilFunctionActiveV2)({client:lambda,maxWaitTime:300},{FunctionName:req.FunctionName}),lambda.invoke(req)}}exports.startExecution=defaultStartExecution,exports.invokeFunction=defaultInvokeFunction,exports.httpRequest=defaultHttpRequest;