@aws-solutions-constructs/aws-cloudfront-s3 2.2.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -32,6 +32,12 @@
32
32
  "IgnorePublicAcls": true,
33
33
  "RestrictPublicBuckets": true
34
34
  },
35
+ "Tags": [
36
+ {
37
+ "Key": "aws-cdk:auto-delete-objects",
38
+ "Value": "true"
39
+ }
40
+ ],
35
41
  "VersioningConfiguration": {
36
42
  "Status": "Enabled"
37
43
  }
@@ -91,6 +97,44 @@
91
97
  }
92
98
  ]
93
99
  },
100
+ {
101
+ "Action": [
102
+ "s3:GetBucket*",
103
+ "s3:List*",
104
+ "s3:DeleteObject*"
105
+ ],
106
+ "Effect": "Allow",
107
+ "Principal": {
108
+ "AWS": {
109
+ "Fn::GetAtt": [
110
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
111
+ "Arn"
112
+ ]
113
+ }
114
+ },
115
+ "Resource": [
116
+ {
117
+ "Fn::GetAtt": [
118
+ "testcloudfronts3S3BucketE0C5F76E",
119
+ "Arn"
120
+ ]
121
+ },
122
+ {
123
+ "Fn::Join": [
124
+ "",
125
+ [
126
+ {
127
+ "Fn::GetAtt": [
128
+ "testcloudfronts3S3BucketE0C5F76E",
129
+ "Arn"
130
+ ]
131
+ },
132
+ "/*"
133
+ ]
134
+ ]
135
+ }
136
+ ]
137
+ },
94
138
  {
95
139
  "Action": "s3:GetObject",
96
140
  "Effect": "Allow",
@@ -132,6 +176,25 @@
132
176
  }
133
177
  }
134
178
  },
179
+ "testcloudfronts3S3BucketAutoDeleteObjectsCustomResourceA13DD8F7": {
180
+ "Type": "Custom::S3AutoDeleteObjects",
181
+ "Properties": {
182
+ "ServiceToken": {
183
+ "Fn::GetAtt": [
184
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
185
+ "Arn"
186
+ ]
187
+ },
188
+ "BucketName": {
189
+ "Ref": "testcloudfronts3S3BucketE0C5F76E"
190
+ }
191
+ },
192
+ "DependsOn": [
193
+ "testcloudfronts3S3BucketPolicy250F1F61"
194
+ ],
195
+ "UpdateReplacePolicy": "Delete",
196
+ "DeletionPolicy": "Delete"
197
+ },
135
198
  "testcloudfronts3SetHttpSecurityHeaders6C5A1E69": {
136
199
  "Type": "AWS::CloudFront::Function",
137
200
  "Properties": {
@@ -163,12 +226,18 @@
163
226
  "IgnorePublicAcls": true,
164
227
  "RestrictPublicBuckets": true
165
228
  },
229
+ "Tags": [
230
+ {
231
+ "Key": "aws-cdk:auto-delete-objects",
232
+ "Value": "true"
233
+ }
234
+ ],
166
235
  "VersioningConfiguration": {
167
236
  "Status": "Enabled"
168
237
  }
169
238
  },
170
- "UpdateReplacePolicy": "Retain",
171
- "DeletionPolicy": "Retain",
239
+ "UpdateReplacePolicy": "Delete",
240
+ "DeletionPolicy": "Delete",
172
241
  "Metadata": {
173
242
  "cfn_nag": {
174
243
  "rules_to_suppress": [
@@ -221,12 +290,69 @@
221
290
  ]
222
291
  }
223
292
  ]
293
+ },
294
+ {
295
+ "Action": [
296
+ "s3:GetBucket*",
297
+ "s3:List*",
298
+ "s3:DeleteObject*"
299
+ ],
300
+ "Effect": "Allow",
301
+ "Principal": {
302
+ "AWS": {
303
+ "Fn::GetAtt": [
304
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
305
+ "Arn"
306
+ ]
307
+ }
308
+ },
309
+ "Resource": [
310
+ {
311
+ "Fn::GetAtt": [
312
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
313
+ "Arn"
314
+ ]
315
+ },
316
+ {
317
+ "Fn::Join": [
318
+ "",
319
+ [
320
+ {
321
+ "Fn::GetAtt": [
322
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
323
+ "Arn"
324
+ ]
325
+ },
326
+ "/*"
327
+ ]
328
+ ]
329
+ }
330
+ ]
224
331
  }
225
332
  ],
226
333
  "Version": "2012-10-17"
227
334
  }
228
335
  }
229
336
  },
337
+ "testcloudfronts3CloudfrontLoggingBucketAutoDeleteObjectsCustomResource19604D88": {
338
+ "Type": "Custom::S3AutoDeleteObjects",
339
+ "Properties": {
340
+ "ServiceToken": {
341
+ "Fn::GetAtt": [
342
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
343
+ "Arn"
344
+ ]
345
+ },
346
+ "BucketName": {
347
+ "Ref": "testcloudfronts3CloudfrontLoggingBucket985C0FE8"
348
+ }
349
+ },
350
+ "DependsOn": [
351
+ "testcloudfronts3CloudfrontLoggingBucketPolicyDF55851B"
352
+ ],
353
+ "UpdateReplacePolicy": "Delete",
354
+ "DeletionPolicy": "Delete"
355
+ },
230
356
  "testcloudfronts3CloudFrontDistributionOrigin1S3Origin4695F058": {
231
357
  "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
232
358
  "Properties": {
@@ -304,6 +430,82 @@
304
430
  ]
305
431
  }
306
432
  }
433
+ },
434
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
435
+ "Type": "AWS::IAM::Role",
436
+ "Properties": {
437
+ "AssumeRolePolicyDocument": {
438
+ "Version": "2012-10-17",
439
+ "Statement": [
440
+ {
441
+ "Action": "sts:AssumeRole",
442
+ "Effect": "Allow",
443
+ "Principal": {
444
+ "Service": "lambda.amazonaws.com"
445
+ }
446
+ }
447
+ ]
448
+ },
449
+ "ManagedPolicyArns": [
450
+ {
451
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
452
+ }
453
+ ]
454
+ }
455
+ },
456
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
457
+ "Type": "AWS::Lambda::Function",
458
+ "Properties": {
459
+ "Code": {
460
+ "S3Bucket": {
461
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
462
+ },
463
+ "S3Key": "15684a15d07860e99d2a8079150ad33dd2cb743677fcd7016dd07345e1b69538.zip"
464
+ },
465
+ "Timeout": 900,
466
+ "MemorySize": 128,
467
+ "Handler": "__entrypoint__.handler",
468
+ "Role": {
469
+ "Fn::GetAtt": [
470
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
471
+ "Arn"
472
+ ]
473
+ },
474
+ "Runtime": "nodejs12.x",
475
+ "Description": {
476
+ "Fn::Join": [
477
+ "",
478
+ [
479
+ "Lambda function for auto-deleting objects in ",
480
+ {
481
+ "Ref": "testcloudfronts3S3BucketE0C5F76E"
482
+ },
483
+ " S3 bucket."
484
+ ]
485
+ ]
486
+ }
487
+ },
488
+ "DependsOn": [
489
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
490
+ ],
491
+ "Metadata": {
492
+ "cfn_nag": {
493
+ "rules_to_suppress": [
494
+ {
495
+ "id": "W58",
496
+ "reason": "CDK generated custom resource"
497
+ },
498
+ {
499
+ "id": "W89",
500
+ "reason": "CDK generated custom resource"
501
+ },
502
+ {
503
+ "id": "W92",
504
+ "reason": "CDK generated custom resource"
505
+ }
506
+ ]
507
+ }
508
+ }
307
509
  }
308
510
  },
309
511
  "Parameters": {
@@ -22,8 +22,13 @@ const app = new aws_cdk_lib_1.App();
22
22
  const stack = new aws_cdk_lib_1.Stack(app, core_1.generateIntegStackName(__filename));
23
23
  stack.templateOptions.description = 'Integration Test for aws-cloudfront-s3';
24
24
  const construct = new lib_1.CloudFrontToS3(stack, 'test-cloudfront-s3', {
25
+ cloudFrontLoggingBucketProps: {
26
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
27
+ autoDeleteObjects: true
28
+ },
25
29
  bucketProps: {
26
30
  removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
31
+ autoDeleteObjects: true
27
32
  },
28
33
  logS3AccessLogs: false
29
34
  });
@@ -32,6 +37,7 @@ defaults.addCfnSuppressRules(s3Bucket, [
32
37
  { id: 'W35',
33
38
  reason: 'This S3 bucket is created for unit/ integration testing purposes only.' },
34
39
  ]);
40
+ defaults.suppressAutoDeleteHandlerWarnings(stack);
35
41
  // Synth
36
42
  app.synth();
37
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcubm8tYXJndW1lbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcubm8tYXJndW1lbnRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFFSCxVQUFVO0FBQ1YsNkNBQXdEO0FBQ3hELGdDQUF3QztBQUN4Qyx5REFBd0U7QUFFeEUsMkRBQTJEO0FBRTNELFFBQVE7QUFDUixNQUFNLEdBQUcsR0FBRyxJQUFJLGlCQUFHLEVBQUUsQ0FBQztBQUN0QixNQUFNLEtBQUssR0FBRyxJQUFJLG1CQUFLLENBQUMsR0FBRyxFQUFFLDZCQUFzQixDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUM7QUFDakUsS0FBSyxDQUFDLGVBQWUsQ0FBQyxXQUFXLEdBQUcsd0NBQXdDLENBQUM7QUFFN0UsTUFBTSxTQUFTLEdBQUcsSUFBSSxvQkFBYyxDQUFDLEtBQUssRUFBRSxvQkFBb0IsRUFBRTtJQUNoRSxXQUFXLEVBQUU7UUFDWCxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO0tBQ3JDO0lBQ0QsZUFBZSxFQUFFLEtBQUs7Q0FDdkIsQ0FBQyxDQUFDO0FBRUgsTUFBTSxRQUFRLEdBQUcsU0FBUyxDQUFDLFFBQXFCLENBQUM7QUFFakQsUUFBUSxDQUFDLG1CQUFtQixDQUFDLFFBQVEsRUFBRTtJQUNyQyxFQUFFLEVBQUUsRUFBRSxLQUFLO1FBQ1QsTUFBTSxFQUFFLHdFQUF3RSxFQUFFO0NBQ3JGLENBQUMsQ0FBQztBQUVILFFBQVE7QUFDUixHQUFHLENBQUMsS0FBSyxFQUFFLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqICBDb3B5cmlnaHQgMjAyMiBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7IEFwcCwgU3RhY2ssIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENsb3VkRnJvbnRUb1MzIH0gZnJvbSBcIi4uL2xpYlwiO1xuaW1wb3J0IHsgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZSB9IGZyb20gJ0Bhd3Mtc29sdXRpb25zLWNvbnN0cnVjdHMvY29yZSc7XG5pbXBvcnQgKiBhcyBzMyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXMzXCI7XG5pbXBvcnQgKiBhcyBkZWZhdWx0cyBmcm9tICdAYXdzLXNvbHV0aW9ucy1jb25zdHJ1Y3RzL2NvcmUnO1xuXG4vLyBTZXR1cFxuY29uc3QgYXBwID0gbmV3IEFwcCgpO1xuY29uc3Qgc3RhY2sgPSBuZXcgU3RhY2soYXBwLCBnZW5lcmF0ZUludGVnU3RhY2tOYW1lKF9fZmlsZW5hbWUpKTtcbnN0YWNrLnRlbXBsYXRlT3B0aW9ucy5kZXNjcmlwdGlvbiA9ICdJbnRlZ3JhdGlvbiBUZXN0IGZvciBhd3MtY2xvdWRmcm9udC1zMyc7XG5cbmNvbnN0IGNvbnN0cnVjdCA9IG5ldyBDbG91ZEZyb250VG9TMyhzdGFjaywgJ3Rlc3QtY2xvdWRmcm9udC1zMycsIHtcbiAgYnVja2V0UHJvcHM6IHtcbiAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1ksXG4gIH0sXG4gIGxvZ1MzQWNjZXNzTG9nczogZmFsc2Vcbn0pO1xuXG5jb25zdCBzM0J1Y2tldCA9IGNvbnN0cnVjdC5zM0J1Y2tldCBhcyBzMy5CdWNrZXQ7XG5cbmRlZmF1bHRzLmFkZENmblN1cHByZXNzUnVsZXMoczNCdWNrZXQsIFtcbiAgeyBpZDogJ1czNScsXG4gICAgcmVhc29uOiAnVGhpcyBTMyBidWNrZXQgaXMgY3JlYXRlZCBmb3IgdW5pdC8gaW50ZWdyYXRpb24gdGVzdGluZyBwdXJwb3NlcyBvbmx5LicgfSxcbl0pO1xuXG4vLyBTeW50aFxuYXBwLnN5bnRoKCk7XG4iXX0=
43
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcubm8tYXJndW1lbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcubm8tYXJndW1lbnRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFFSCxVQUFVO0FBQ1YsNkNBQXdEO0FBQ3hELGdDQUF3QztBQUN4Qyx5REFBd0U7QUFFeEUsMkRBQTJEO0FBRTNELFFBQVE7QUFDUixNQUFNLEdBQUcsR0FBRyxJQUFJLGlCQUFHLEVBQUUsQ0FBQztBQUN0QixNQUFNLEtBQUssR0FBRyxJQUFJLG1CQUFLLENBQUMsR0FBRyxFQUFFLDZCQUFzQixDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUM7QUFDakUsS0FBSyxDQUFDLGVBQWUsQ0FBQyxXQUFXLEdBQUcsd0NBQXdDLENBQUM7QUFFN0UsTUFBTSxTQUFTLEdBQUcsSUFBSSxvQkFBYyxDQUFDLEtBQUssRUFBRSxvQkFBb0IsRUFBRTtJQUNoRSw0QkFBNEIsRUFBRTtRQUM1QixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1FBQ3BDLGlCQUFpQixFQUFFLElBQUk7S0FDeEI7SUFDRCxXQUFXLEVBQUU7UUFDWCxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1FBQ3BDLGlCQUFpQixFQUFFLElBQUk7S0FDeEI7SUFDRCxlQUFlLEVBQUUsS0FBSztDQUN2QixDQUFDLENBQUM7QUFFSCxNQUFNLFFBQVEsR0FBRyxTQUFTLENBQUMsUUFBcUIsQ0FBQztBQUVqRCxRQUFRLENBQUMsbUJBQW1CLENBQUMsUUFBUSxFQUFFO0lBQ3JDLEVBQUUsRUFBRSxFQUFFLEtBQUs7UUFDVCxNQUFNLEVBQUUsd0VBQXdFLEVBQUU7Q0FDckYsQ0FBQyxDQUFDO0FBRUgsUUFBUSxDQUFDLGlDQUFpQyxDQUFDLEtBQUssQ0FBQyxDQUFDO0FBQ2xELFFBQVE7QUFDUixHQUFHLENBQUMsS0FBSyxFQUFFLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqICBDb3B5cmlnaHQgMjAyMiBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7IEFwcCwgU3RhY2ssIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENsb3VkRnJvbnRUb1MzIH0gZnJvbSBcIi4uL2xpYlwiO1xuaW1wb3J0IHsgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZSB9IGZyb20gJ0Bhd3Mtc29sdXRpb25zLWNvbnN0cnVjdHMvY29yZSc7XG5pbXBvcnQgKiBhcyBzMyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXMzXCI7XG5pbXBvcnQgKiBhcyBkZWZhdWx0cyBmcm9tICdAYXdzLXNvbHV0aW9ucy1jb25zdHJ1Y3RzL2NvcmUnO1xuXG4vLyBTZXR1cFxuY29uc3QgYXBwID0gbmV3IEFwcCgpO1xuY29uc3Qgc3RhY2sgPSBuZXcgU3RhY2soYXBwLCBnZW5lcmF0ZUludGVnU3RhY2tOYW1lKF9fZmlsZW5hbWUpKTtcbnN0YWNrLnRlbXBsYXRlT3B0aW9ucy5kZXNjcmlwdGlvbiA9ICdJbnRlZ3JhdGlvbiBUZXN0IGZvciBhd3MtY2xvdWRmcm9udC1zMyc7XG5cbmNvbnN0IGNvbnN0cnVjdCA9IG5ldyBDbG91ZEZyb250VG9TMyhzdGFjaywgJ3Rlc3QtY2xvdWRmcm9udC1zMycsIHtcbiAgY2xvdWRGcm9udExvZ2dpbmdCdWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICBhdXRvRGVsZXRlT2JqZWN0czogdHJ1ZVxuICB9LFxuICBidWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICBhdXRvRGVsZXRlT2JqZWN0czogdHJ1ZVxuICB9LFxuICBsb2dTM0FjY2Vzc0xvZ3M6IGZhbHNlXG59KTtcblxuY29uc3QgczNCdWNrZXQgPSBjb25zdHJ1Y3QuczNCdWNrZXQgYXMgczMuQnVja2V0O1xuXG5kZWZhdWx0cy5hZGRDZm5TdXBwcmVzc1J1bGVzKHMzQnVja2V0LCBbXG4gIHsgaWQ6ICdXMzUnLFxuICAgIHJlYXNvbjogJ1RoaXMgUzMgYnVja2V0IGlzIGNyZWF0ZWQgZm9yIHVuaXQvIGludGVncmF0aW9uIHRlc3RpbmcgcHVycG9zZXMgb25seS4nIH0sXG5dKTtcblxuZGVmYXVsdHMuc3VwcHJlc3NBdXRvRGVsZXRlSGFuZGxlcldhcm5pbmdzKHN0YWNrKTtcbi8vIFN5bnRoXG5hcHAuc3ludGgoKTtcbiJdfQ==
@@ -120,6 +120,12 @@
120
120
  "IgnorePublicAcls": true,
121
121
  "RestrictPublicBuckets": true
122
122
  },
123
+ "Tags": [
124
+ {
125
+ "Key": "aws-cdk:auto-delete-objects",
126
+ "Value": "true"
127
+ }
128
+ ],
123
129
  "VersioningConfiguration": {
124
130
  "Status": "Enabled"
125
131
  }
@@ -169,6 +175,44 @@
169
175
  }
170
176
  ]
171
177
  },
178
+ {
179
+ "Action": [
180
+ "s3:GetBucket*",
181
+ "s3:List*",
182
+ "s3:DeleteObject*"
183
+ ],
184
+ "Effect": "Allow",
185
+ "Principal": {
186
+ "AWS": {
187
+ "Fn::GetAtt": [
188
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
189
+ "Arn"
190
+ ]
191
+ }
192
+ },
193
+ "Resource": [
194
+ {
195
+ "Fn::GetAtt": [
196
+ "testcloudfronts3nosecurityheadersS3Bucket4D06173D",
197
+ "Arn"
198
+ ]
199
+ },
200
+ {
201
+ "Fn::Join": [
202
+ "",
203
+ [
204
+ {
205
+ "Fn::GetAtt": [
206
+ "testcloudfronts3nosecurityheadersS3Bucket4D06173D",
207
+ "Arn"
208
+ ]
209
+ },
210
+ "/*"
211
+ ]
212
+ ]
213
+ }
214
+ ]
215
+ },
172
216
  {
173
217
  "Action": "s3:GetObject",
174
218
  "Effect": "Allow",
@@ -210,6 +254,25 @@
210
254
  }
211
255
  }
212
256
  },
257
+ "testcloudfronts3nosecurityheadersS3BucketAutoDeleteObjectsCustomResource7011F955": {
258
+ "Type": "Custom::S3AutoDeleteObjects",
259
+ "Properties": {
260
+ "ServiceToken": {
261
+ "Fn::GetAtt": [
262
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
263
+ "Arn"
264
+ ]
265
+ },
266
+ "BucketName": {
267
+ "Ref": "testcloudfronts3nosecurityheadersS3Bucket4D06173D"
268
+ }
269
+ },
270
+ "DependsOn": [
271
+ "testcloudfronts3nosecurityheadersS3BucketPolicy99D27ED1"
272
+ ],
273
+ "UpdateReplacePolicy": "Delete",
274
+ "DeletionPolicy": "Delete"
275
+ },
213
276
  "testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5": {
214
277
  "Type": "AWS::S3::Bucket",
215
278
  "Properties": {
@@ -229,12 +292,18 @@
229
292
  "IgnorePublicAcls": true,
230
293
  "RestrictPublicBuckets": true
231
294
  },
295
+ "Tags": [
296
+ {
297
+ "Key": "aws-cdk:auto-delete-objects",
298
+ "Value": "true"
299
+ }
300
+ ],
232
301
  "VersioningConfiguration": {
233
302
  "Status": "Enabled"
234
303
  }
235
304
  },
236
- "UpdateReplacePolicy": "Retain",
237
- "DeletionPolicy": "Retain",
305
+ "UpdateReplacePolicy": "Delete",
306
+ "DeletionPolicy": "Delete",
238
307
  "Metadata": {
239
308
  "cfn_nag": {
240
309
  "rules_to_suppress": [
@@ -287,12 +356,69 @@
287
356
  ]
288
357
  }
289
358
  ]
359
+ },
360
+ {
361
+ "Action": [
362
+ "s3:GetBucket*",
363
+ "s3:List*",
364
+ "s3:DeleteObject*"
365
+ ],
366
+ "Effect": "Allow",
367
+ "Principal": {
368
+ "AWS": {
369
+ "Fn::GetAtt": [
370
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
371
+ "Arn"
372
+ ]
373
+ }
374
+ },
375
+ "Resource": [
376
+ {
377
+ "Fn::GetAtt": [
378
+ "testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5",
379
+ "Arn"
380
+ ]
381
+ },
382
+ {
383
+ "Fn::Join": [
384
+ "",
385
+ [
386
+ {
387
+ "Fn::GetAtt": [
388
+ "testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5",
389
+ "Arn"
390
+ ]
391
+ },
392
+ "/*"
393
+ ]
394
+ ]
395
+ }
396
+ ]
290
397
  }
291
398
  ],
292
399
  "Version": "2012-10-17"
293
400
  }
294
401
  }
295
402
  },
403
+ "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketAutoDeleteObjectsCustomResource5BEC5CA0": {
404
+ "Type": "Custom::S3AutoDeleteObjects",
405
+ "Properties": {
406
+ "ServiceToken": {
407
+ "Fn::GetAtt": [
408
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
409
+ "Arn"
410
+ ]
411
+ },
412
+ "BucketName": {
413
+ "Ref": "testcloudfronts3nosecurityheadersCloudfrontLoggingBucket92A5E2A5"
414
+ }
415
+ },
416
+ "DependsOn": [
417
+ "testcloudfronts3nosecurityheadersCloudfrontLoggingBucketPolicy7D709982"
418
+ ],
419
+ "UpdateReplacePolicy": "Delete",
420
+ "DeletionPolicy": "Delete"
421
+ },
296
422
  "testcloudfronts3nosecurityheadersCloudFrontDistributionOrigin1S3Origin38CFDB89": {
297
423
  "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
298
424
  "Properties": {
@@ -359,6 +485,82 @@
359
485
  ]
360
486
  }
361
487
  }
488
+ },
489
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
490
+ "Type": "AWS::IAM::Role",
491
+ "Properties": {
492
+ "AssumeRolePolicyDocument": {
493
+ "Version": "2012-10-17",
494
+ "Statement": [
495
+ {
496
+ "Action": "sts:AssumeRole",
497
+ "Effect": "Allow",
498
+ "Principal": {
499
+ "Service": "lambda.amazonaws.com"
500
+ }
501
+ }
502
+ ]
503
+ },
504
+ "ManagedPolicyArns": [
505
+ {
506
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
507
+ }
508
+ ]
509
+ }
510
+ },
511
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
512
+ "Type": "AWS::Lambda::Function",
513
+ "Properties": {
514
+ "Code": {
515
+ "S3Bucket": {
516
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
517
+ },
518
+ "S3Key": "15684a15d07860e99d2a8079150ad33dd2cb743677fcd7016dd07345e1b69538.zip"
519
+ },
520
+ "Timeout": 900,
521
+ "MemorySize": 128,
522
+ "Handler": "__entrypoint__.handler",
523
+ "Role": {
524
+ "Fn::GetAtt": [
525
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
526
+ "Arn"
527
+ ]
528
+ },
529
+ "Runtime": "nodejs12.x",
530
+ "Description": {
531
+ "Fn::Join": [
532
+ "",
533
+ [
534
+ "Lambda function for auto-deleting objects in ",
535
+ {
536
+ "Ref": "testcloudfronts3nosecurityheadersS3Bucket4D06173D"
537
+ },
538
+ " S3 bucket."
539
+ ]
540
+ ]
541
+ }
542
+ },
543
+ "DependsOn": [
544
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
545
+ ],
546
+ "Metadata": {
547
+ "cfn_nag": {
548
+ "rules_to_suppress": [
549
+ {
550
+ "id": "W58",
551
+ "reason": "CDK generated custom resource"
552
+ },
553
+ {
554
+ "id": "W89",
555
+ "reason": "CDK generated custom resource"
556
+ },
557
+ {
558
+ "id": "W92",
559
+ "reason": "CDK generated custom resource"
560
+ }
561
+ ]
562
+ }
563
+ }
362
564
  }
363
565
  },
364
566
  "Parameters": {
@@ -22,12 +22,18 @@ const stack = new aws_cdk_lib_1.Stack(app, core_1.generateIntegStackName(__filen
22
22
  stack.templateOptions.description = 'Integration Test for aws-cloudfront-s3';
23
23
  // Definitions
24
24
  const props = {
25
+ cloudFrontLoggingBucketProps: {
26
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
27
+ autoDeleteObjects: true
28
+ },
25
29
  insertHttpSecurityHeaders: false,
26
30
  bucketProps: {
27
31
  removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
28
- }
32
+ autoDeleteObjects: true
33
+ },
29
34
  };
30
35
  new lib_1.CloudFrontToS3(stack, 'test-cloudfront-s3-no-security-headers', props);
36
+ core_1.suppressAutoDeleteHandlerWarnings(stack);
31
37
  // Synth
32
38
  app.synth();
33
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcubm8tc2VjdXJpdHktaGVhZGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImludGVnLm5vLXNlY3VyaXR5LWhlYWRlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7Ozs7Ozs7OztHQVdHOztBQUVILFVBQVU7QUFDViw2Q0FBd0Q7QUFDeEQsZ0NBQTZEO0FBQzdELHlEQUF3RTtBQUV4RSxRQUFRO0FBQ1IsTUFBTSxHQUFHLEdBQUcsSUFBSSxpQkFBRyxFQUFFLENBQUM7QUFDdEIsTUFBTSxLQUFLLEdBQUcsSUFBSSxtQkFBSyxDQUFDLEdBQUcsRUFBRSw2QkFBc0IsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0FBQ2pFLEtBQUssQ0FBQyxlQUFlLENBQUMsV0FBVyxHQUFHLHdDQUF3QyxDQUFDO0FBRTdFLGNBQWM7QUFDZCxNQUFNLEtBQUssR0FBd0I7SUFDakMseUJBQXlCLEVBQUUsS0FBSztJQUNoQyxXQUFXLEVBQUU7UUFDWCxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO0tBQ3JDO0NBQ0YsQ0FBQztBQUVGLElBQUksb0JBQWMsQ0FBQyxLQUFLLEVBQUUsd0NBQXdDLEVBQUUsS0FBSyxDQUFDLENBQUM7QUFFM0UsUUFBUTtBQUNSLEdBQUcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCAyMDIyIEFtYXpvbi5jb20sIEluYy4gb3IgaXRzIGFmZmlsaWF0ZXMuIEFsbCBSaWdodHMgUmVzZXJ2ZWQuXG4gKlxuICogIExpY2Vuc2VkIHVuZGVyIHRoZSBBcGFjaGUgTGljZW5zZSwgVmVyc2lvbiAyLjAgKHRoZSBcIkxpY2Vuc2VcIikuIFlvdSBtYXkgbm90IHVzZSB0aGlzIGZpbGUgZXhjZXB0IGluIGNvbXBsaWFuY2VcbiAqICB3aXRoIHRoZSBMaWNlbnNlLiBBIGNvcHkgb2YgdGhlIExpY2Vuc2UgaXMgbG9jYXRlZCBhdFxuICpcbiAqICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzL0xJQ0VOU0UtMi4wXG4gKlxuICogIG9yIGluIHRoZSAnbGljZW5zZScgZmlsZSBhY2NvbXBhbnlpbmcgdGhpcyBmaWxlLiBUaGlzIGZpbGUgaXMgZGlzdHJpYnV0ZWQgb24gYW4gJ0FTIElTJyBCQVNJUywgV0lUSE9VVCBXQVJSQU5USUVTXG4gKiAgT1IgQ09ORElUSU9OUyBPRiBBTlkgS0lORCwgZXhwcmVzcyBvciBpbXBsaWVkLiBTZWUgdGhlIExpY2Vuc2UgZm9yIHRoZSBzcGVjaWZpYyBsYW5ndWFnZSBnb3Zlcm5pbmcgcGVybWlzc2lvbnNcbiAqICBhbmQgbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuLy8gSW1wb3J0c1xuaW1wb3J0IHsgQXBwLCBTdGFjaywgUmVtb3ZhbFBvbGljeSB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgQ2xvdWRGcm9udFRvUzMsIENsb3VkRnJvbnRUb1MzUHJvcHMgfSBmcm9tIFwiLi4vbGliXCI7XG5pbXBvcnQgeyBnZW5lcmF0ZUludGVnU3RhY2tOYW1lIH0gZnJvbSAnQGF3cy1zb2x1dGlvbnMtY29uc3RydWN0cy9jb3JlJztcblxuLy8gU2V0dXBcbmNvbnN0IGFwcCA9IG5ldyBBcHAoKTtcbmNvbnN0IHN0YWNrID0gbmV3IFN0YWNrKGFwcCwgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZShfX2ZpbGVuYW1lKSk7XG5zdGFjay50ZW1wbGF0ZU9wdGlvbnMuZGVzY3JpcHRpb24gPSAnSW50ZWdyYXRpb24gVGVzdCBmb3IgYXdzLWNsb3VkZnJvbnQtczMnO1xuXG4vLyBEZWZpbml0aW9uc1xuY29uc3QgcHJvcHM6IENsb3VkRnJvbnRUb1MzUHJvcHMgPSB7XG4gIGluc2VydEh0dHBTZWN1cml0eUhlYWRlcnM6IGZhbHNlLFxuICBidWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgfVxufTtcblxubmV3IENsb3VkRnJvbnRUb1MzKHN0YWNrLCAndGVzdC1jbG91ZGZyb250LXMzLW5vLXNlY3VyaXR5LWhlYWRlcnMnLCBwcm9wcyk7XG5cbi8vIFN5bnRoXG5hcHAuc3ludGgoKTtcbiJdfQ==
39
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcubm8tc2VjdXJpdHktaGVhZGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImludGVnLm5vLXNlY3VyaXR5LWhlYWRlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7Ozs7Ozs7OztHQVdHOztBQUVILFVBQVU7QUFDViw2Q0FBd0Q7QUFDeEQsZ0NBQTZEO0FBQzdELHlEQUEyRztBQUUzRyxRQUFRO0FBQ1IsTUFBTSxHQUFHLEdBQUcsSUFBSSxpQkFBRyxFQUFFLENBQUM7QUFDdEIsTUFBTSxLQUFLLEdBQUcsSUFBSSxtQkFBSyxDQUFDLEdBQUcsRUFBRSw2QkFBc0IsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0FBQ2pFLEtBQUssQ0FBQyxlQUFlLENBQUMsV0FBVyxHQUFHLHdDQUF3QyxDQUFDO0FBRTdFLGNBQWM7QUFDZCxNQUFNLEtBQUssR0FBd0I7SUFDakMsNEJBQTRCLEVBQUU7UUFDNUIsYUFBYSxFQUFFLDJCQUFhLENBQUMsT0FBTztRQUNwQyxpQkFBaUIsRUFBRSxJQUFJO0tBQ3hCO0lBQ0QseUJBQXlCLEVBQUUsS0FBSztJQUNoQyxXQUFXLEVBQUU7UUFDWCxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1FBQ3BDLGlCQUFpQixFQUFFLElBQUk7S0FDeEI7Q0FDRixDQUFDO0FBRUYsSUFBSSxvQkFBYyxDQUFDLEtBQUssRUFBRSx3Q0FBd0MsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUUzRSx3Q0FBaUMsQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUN6QyxRQUFRO0FBQ1IsR0FBRyxDQUFDLEtBQUssRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiAgQ29weXJpZ2h0IDIwMjIgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbiAqXG4gKiAgTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlIFwiTGljZW5zZVwiKS4gWW91IG1heSBub3QgdXNlIHRoaXMgZmlsZSBleGNlcHQgaW4gY29tcGxpYW5jZVxuICogIHdpdGggdGhlIExpY2Vuc2UuIEEgY29weSBvZiB0aGUgTGljZW5zZSBpcyBsb2NhdGVkIGF0XG4gKlxuICogICAgICBodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvTElDRU5TRS0yLjBcbiAqXG4gKiAgb3IgaW4gdGhlICdsaWNlbnNlJyBmaWxlIGFjY29tcGFueWluZyB0aGlzIGZpbGUuIFRoaXMgZmlsZSBpcyBkaXN0cmlidXRlZCBvbiBhbiAnQVMgSVMnIEJBU0lTLCBXSVRIT1VUIFdBUlJBTlRJRVNcbiAqICBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBleHByZXNzIG9yIGltcGxpZWQuIFNlZSB0aGUgTGljZW5zZSBmb3IgdGhlIHNwZWNpZmljIGxhbmd1YWdlIGdvdmVybmluZyBwZXJtaXNzaW9uc1xuICogIGFuZCBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS5cbiAqL1xuXG4vLyBJbXBvcnRzXG5pbXBvcnQgeyBBcHAsIFN0YWNrLCBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBDbG91ZEZyb250VG9TMywgQ2xvdWRGcm9udFRvUzNQcm9wcyB9IGZyb20gXCIuLi9saWJcIjtcbmltcG9ydCB7IGdlbmVyYXRlSW50ZWdTdGFja05hbWUsIHN1cHByZXNzQXV0b0RlbGV0ZUhhbmRsZXJXYXJuaW5ncyB9IGZyb20gJ0Bhd3Mtc29sdXRpb25zLWNvbnN0cnVjdHMvY29yZSc7XG5cbi8vIFNldHVwXG5jb25zdCBhcHAgPSBuZXcgQXBwKCk7XG5jb25zdCBzdGFjayA9IG5ldyBTdGFjayhhcHAsIGdlbmVyYXRlSW50ZWdTdGFja05hbWUoX19maWxlbmFtZSkpO1xuc3RhY2sudGVtcGxhdGVPcHRpb25zLmRlc2NyaXB0aW9uID0gJ0ludGVncmF0aW9uIFRlc3QgZm9yIGF3cy1jbG91ZGZyb250LXMzJztcblxuLy8gRGVmaW5pdGlvbnNcbmNvbnN0IHByb3BzOiBDbG91ZEZyb250VG9TM1Byb3BzID0ge1xuICBjbG91ZEZyb250TG9nZ2luZ0J1Y2tldFByb3BzOiB7XG4gICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICAgIGF1dG9EZWxldGVPYmplY3RzOiB0cnVlXG4gIH0sXG4gIGluc2VydEh0dHBTZWN1cml0eUhlYWRlcnM6IGZhbHNlLFxuICBidWNrZXRQcm9wczoge1xuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICBhdXRvRGVsZXRlT2JqZWN0czogdHJ1ZVxuICB9LFxufTtcblxubmV3IENsb3VkRnJvbnRUb1MzKHN0YWNrLCAndGVzdC1jbG91ZGZyb250LXMzLW5vLXNlY3VyaXR5LWhlYWRlcnMnLCBwcm9wcyk7XG5cbnN1cHByZXNzQXV0b0RlbGV0ZUhhbmRsZXJXYXJuaW5ncyhzdGFjayk7XG4vLyBTeW50aFxuYXBwLnN5bnRoKCk7XG4iXX0=