@aws-solutions-constructs/aws-cloudfront-s3 2.50.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +51 -6
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +14 -13
  6. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +6 -3
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  9. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  10. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  11. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  12. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  13. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  14. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  15. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +45 -0
  16. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +960 -0
  17. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +19 -0
  18. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.template.json +36 -0
  19. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  20. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +221 -0
  21. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1326 -0
  22. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +6 -3
  23. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  24. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +19 -0
  25. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +594 -0
  26. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +19 -0
  27. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.template.json +36 -0
  28. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  29. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +167 -0
  30. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +790 -0
  31. package/test/integ.cfts3-bucket-with-http-origin.js +6 -3
  32. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +1 -0
  33. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +19 -0
  34. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +559 -0
  35. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +19 -0
  36. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +36 -0
  37. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +12 -0
  38. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +161 -0
  39. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +753 -0
  40. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +6 -3
  41. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  42. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  43. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  44. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  45. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  46. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  47. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  48. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -0
  49. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +45 -0
  50. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +960 -0
  51. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +19 -0
  52. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.template.json +36 -0
  53. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +12 -0
  54. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +221 -0
  55. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1326 -0
  56. package/test/integ.cfts3-custom-headers.js +6 -3
  57. package/test/integ.cfts3-custom-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  58. package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -0
  59. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +32 -0
  60. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +981 -0
  61. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +19 -0
  62. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.template.json +36 -0
  63. package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +12 -0
  64. package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +215 -0
  65. package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1167 -0
  66. package/test/integ.cfts3-custom-originPath.js +6 -3
  67. package/test/integ.cfts3-custom-originPath.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  68. package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -0
  69. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +32 -0
  70. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +950 -0
  71. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +19 -0
  72. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.template.json +36 -0
  73. package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +12 -0
  74. package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +209 -0
  75. package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1117 -0
  76. package/test/integ.cfts3-customLoggingBuckets.js +6 -3
  77. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  78. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  79. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +32 -0
  80. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +987 -0
  81. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +19 -0
  82. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.template.json +36 -0
  83. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  84. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +209 -0
  85. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1156 -0
  86. package/test/integ.cfts3-existing-bucket.js +6 -3
  87. package/test/integ.cfts3-existing-bucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  88. package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +32 -0
  90. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1014 -0
  91. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +19 -0
  92. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.template.json +36 -0
  93. package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +12 -0
  94. package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +221 -0
  95. package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1229 -0
  96. package/test/integ.cfts3-no-arguments.js +6 -3
  97. package/test/integ.cfts3-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  98. package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -0
  99. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +32 -0
  100. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +959 -0
  101. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +19 -0
  102. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.template.json +36 -0
  103. package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +12 -0
  104. package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +209 -0
  105. package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1117 -0
  106. package/test/integ.cfts3-no-security-headers.js +6 -3
  107. package/test/integ.cfts3-no-security-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  108. package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -0
  109. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +32 -0
  110. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +926 -0
  111. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +19 -0
  112. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.template.json +36 -0
  113. package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +12 -0
  114. package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +203 -0
  115. package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1076 -0
  116. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.expected.json +0 -960
  117. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.expected.json +0 -594
  118. package/test/integ.cfts3-bucket-with-http-origin.expected.json +0 -559
  119. package/test/integ.cfts3-cmk-encryption.expected.json +0 -527
  120. package/test/integ.cfts3-cmk-provided-as-bucket-prop.expected.json +0 -960
  121. package/test/integ.cfts3-custom-headers.expected.json +0 -981
  122. package/test/integ.cfts3-custom-originPath.expected.json +0 -950
  123. package/test/integ.cfts3-customCloudFrontLoggingBucket.expected.json +0 -700
  124. package/test/integ.cfts3-customLoggingBuckets.expected.json +0 -987
  125. package/test/integ.cfts3-existing-bucket.expected.json +0 -1014
  126. package/test/integ.cfts3-no-arguments.expected.json +0 -959
  127. package/test/integ.cfts3-no-security-headers.expected.json +0 -926
@@ -0,0 +1,790 @@
1
+ {
2
+ "version": "tree-0.1",
3
+ "tree": {
4
+ "id": "App",
5
+ "path": "",
6
+ "children": {
7
+ "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket": {
8
+ "id": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket",
9
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket",
10
+ "children": {
11
+ "existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket": {
12
+ "id": "existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket",
13
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket",
14
+ "children": {
15
+ "Resource": {
16
+ "id": "Resource",
17
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Resource",
18
+ "attributes": {
19
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
20
+ "aws:cdk:cloudformation:props": {
21
+ "bucketEncryption": {
22
+ "serverSideEncryptionConfiguration": [
23
+ {
24
+ "serverSideEncryptionByDefault": {
25
+ "sseAlgorithm": "AES256"
26
+ }
27
+ }
28
+ ]
29
+ },
30
+ "publicAccessBlockConfiguration": {
31
+ "blockPublicAcls": true,
32
+ "blockPublicPolicy": true,
33
+ "ignorePublicAcls": true,
34
+ "restrictPublicBuckets": true
35
+ },
36
+ "versioningConfiguration": {
37
+ "status": "Enabled"
38
+ }
39
+ }
40
+ },
41
+ "constructInfo": {
42
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
43
+ "version": "2.118.0"
44
+ }
45
+ },
46
+ "Policy": {
47
+ "id": "Policy",
48
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy",
49
+ "children": {
50
+ "Resource": {
51
+ "id": "Resource",
52
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy/Resource",
53
+ "attributes": {
54
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
55
+ "aws:cdk:cloudformation:props": {
56
+ "bucket": {
57
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
58
+ },
59
+ "policyDocument": {
60
+ "Statement": [
61
+ {
62
+ "Action": "s3:*",
63
+ "Condition": {
64
+ "Bool": {
65
+ "aws:SecureTransport": "false"
66
+ }
67
+ },
68
+ "Effect": "Deny",
69
+ "Principal": {
70
+ "AWS": "*"
71
+ },
72
+ "Resource": [
73
+ {
74
+ "Fn::GetAtt": [
75
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
76
+ "Arn"
77
+ ]
78
+ },
79
+ {
80
+ "Fn::Join": [
81
+ "",
82
+ [
83
+ {
84
+ "Fn::GetAtt": [
85
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
86
+ "Arn"
87
+ ]
88
+ },
89
+ "/*"
90
+ ]
91
+ ]
92
+ }
93
+ ]
94
+ },
95
+ {
96
+ "Action": "s3:PutObject",
97
+ "Condition": {
98
+ "ArnLike": {
99
+ "aws:SourceArn": {
100
+ "Fn::GetAtt": [
101
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
102
+ "Arn"
103
+ ]
104
+ }
105
+ },
106
+ "StringEquals": {
107
+ "aws:SourceAccount": {
108
+ "Ref": "AWS::AccountId"
109
+ }
110
+ }
111
+ },
112
+ "Effect": "Allow",
113
+ "Principal": {
114
+ "Service": "logging.s3.amazonaws.com"
115
+ },
116
+ "Resource": {
117
+ "Fn::Join": [
118
+ "",
119
+ [
120
+ {
121
+ "Fn::GetAtt": [
122
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
123
+ "Arn"
124
+ ]
125
+ },
126
+ "/*"
127
+ ]
128
+ ]
129
+ }
130
+ }
131
+ ],
132
+ "Version": "2012-10-17"
133
+ }
134
+ }
135
+ },
136
+ "constructInfo": {
137
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
138
+ "version": "2.118.0"
139
+ }
140
+ }
141
+ },
142
+ "constructInfo": {
143
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
144
+ "version": "2.118.0"
145
+ }
146
+ }
147
+ },
148
+ "constructInfo": {
149
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
150
+ "version": "2.118.0"
151
+ }
152
+ },
153
+ "existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket": {
154
+ "id": "existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket",
155
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket",
156
+ "children": {
157
+ "Resource": {
158
+ "id": "Resource",
159
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Resource",
160
+ "attributes": {
161
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
162
+ "aws:cdk:cloudformation:props": {
163
+ "bucketEncryption": {
164
+ "serverSideEncryptionConfiguration": [
165
+ {
166
+ "serverSideEncryptionByDefault": {
167
+ "sseAlgorithm": "AES256"
168
+ }
169
+ }
170
+ ]
171
+ },
172
+ "lifecycleConfiguration": {
173
+ "rules": [
174
+ {
175
+ "noncurrentVersionTransitions": [
176
+ {
177
+ "storageClass": "GLACIER",
178
+ "transitionInDays": 90
179
+ }
180
+ ],
181
+ "status": "Enabled"
182
+ }
183
+ ]
184
+ },
185
+ "loggingConfiguration": {
186
+ "destinationBucketName": {
187
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
188
+ }
189
+ },
190
+ "publicAccessBlockConfiguration": {
191
+ "blockPublicAcls": true,
192
+ "blockPublicPolicy": true,
193
+ "ignorePublicAcls": true,
194
+ "restrictPublicBuckets": true
195
+ },
196
+ "versioningConfiguration": {
197
+ "status": "Enabled"
198
+ }
199
+ }
200
+ },
201
+ "constructInfo": {
202
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
203
+ "version": "2.118.0"
204
+ }
205
+ },
206
+ "Policy": {
207
+ "id": "Policy",
208
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy",
209
+ "children": {
210
+ "Resource": {
211
+ "id": "Resource",
212
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy/Resource",
213
+ "attributes": {
214
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
215
+ "aws:cdk:cloudformation:props": {
216
+ "bucket": {
217
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A"
218
+ },
219
+ "policyDocument": {
220
+ "Statement": [
221
+ {
222
+ "Action": "s3:*",
223
+ "Condition": {
224
+ "Bool": {
225
+ "aws:SecureTransport": "false"
226
+ }
227
+ },
228
+ "Effect": "Deny",
229
+ "Principal": {
230
+ "AWS": "*"
231
+ },
232
+ "Resource": [
233
+ {
234
+ "Fn::GetAtt": [
235
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
236
+ "Arn"
237
+ ]
238
+ },
239
+ {
240
+ "Fn::Join": [
241
+ "",
242
+ [
243
+ {
244
+ "Fn::GetAtt": [
245
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
246
+ "Arn"
247
+ ]
248
+ },
249
+ "/*"
250
+ ]
251
+ ]
252
+ }
253
+ ]
254
+ },
255
+ {
256
+ "Action": "s3:GetObject",
257
+ "Condition": {
258
+ "StringEquals": {
259
+ "AWS:SourceArn": {
260
+ "Fn::Join": [
261
+ "",
262
+ [
263
+ "arn:aws:cloudfront::",
264
+ {
265
+ "Ref": "AWS::AccountId"
266
+ },
267
+ ":distribution/",
268
+ {
269
+ "Ref": "testcloudfronts3managedkeyCloudFrontDistributionE6431C62"
270
+ }
271
+ ]
272
+ ]
273
+ }
274
+ }
275
+ },
276
+ "Effect": "Allow",
277
+ "Principal": {
278
+ "Service": "cloudfront.amazonaws.com"
279
+ },
280
+ "Resource": {
281
+ "Fn::Join": [
282
+ "",
283
+ [
284
+ {
285
+ "Fn::GetAtt": [
286
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
287
+ "Arn"
288
+ ]
289
+ },
290
+ "/*"
291
+ ]
292
+ ]
293
+ }
294
+ }
295
+ ],
296
+ "Version": "2012-10-17"
297
+ }
298
+ }
299
+ },
300
+ "constructInfo": {
301
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
302
+ "version": "2.118.0"
303
+ }
304
+ }
305
+ },
306
+ "constructInfo": {
307
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
308
+ "version": "2.118.0"
309
+ }
310
+ }
311
+ },
312
+ "constructInfo": {
313
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
314
+ "version": "2.118.0"
315
+ }
316
+ },
317
+ "test-cloudfront-s3-managed-key": {
318
+ "id": "test-cloudfront-s3-managed-key",
319
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key",
320
+ "children": {
321
+ "CloudfrontLoggingBucketAccessLog": {
322
+ "id": "CloudfrontLoggingBucketAccessLog",
323
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog",
324
+ "children": {
325
+ "Resource": {
326
+ "id": "Resource",
327
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Resource",
328
+ "attributes": {
329
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
330
+ "aws:cdk:cloudformation:props": {
331
+ "bucketEncryption": {
332
+ "serverSideEncryptionConfiguration": [
333
+ {
334
+ "serverSideEncryptionByDefault": {
335
+ "sseAlgorithm": "AES256"
336
+ }
337
+ }
338
+ ]
339
+ },
340
+ "ownershipControls": {
341
+ "rules": [
342
+ {
343
+ "objectOwnership": "ObjectWriter"
344
+ }
345
+ ]
346
+ },
347
+ "publicAccessBlockConfiguration": {
348
+ "blockPublicAcls": true,
349
+ "blockPublicPolicy": true,
350
+ "ignorePublicAcls": true,
351
+ "restrictPublicBuckets": true
352
+ },
353
+ "versioningConfiguration": {
354
+ "status": "Enabled"
355
+ }
356
+ }
357
+ },
358
+ "constructInfo": {
359
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
360
+ "version": "2.118.0"
361
+ }
362
+ },
363
+ "Policy": {
364
+ "id": "Policy",
365
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy",
366
+ "children": {
367
+ "Resource": {
368
+ "id": "Resource",
369
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy/Resource",
370
+ "attributes": {
371
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
372
+ "aws:cdk:cloudformation:props": {
373
+ "bucket": {
374
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"
375
+ },
376
+ "policyDocument": {
377
+ "Statement": [
378
+ {
379
+ "Action": "s3:*",
380
+ "Condition": {
381
+ "Bool": {
382
+ "aws:SecureTransport": "false"
383
+ }
384
+ },
385
+ "Effect": "Deny",
386
+ "Principal": {
387
+ "AWS": "*"
388
+ },
389
+ "Resource": [
390
+ {
391
+ "Fn::GetAtt": [
392
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
393
+ "Arn"
394
+ ]
395
+ },
396
+ {
397
+ "Fn::Join": [
398
+ "",
399
+ [
400
+ {
401
+ "Fn::GetAtt": [
402
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
403
+ "Arn"
404
+ ]
405
+ },
406
+ "/*"
407
+ ]
408
+ ]
409
+ }
410
+ ]
411
+ },
412
+ {
413
+ "Action": "s3:PutObject",
414
+ "Condition": {
415
+ "ArnLike": {
416
+ "aws:SourceArn": {
417
+ "Fn::GetAtt": [
418
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
419
+ "Arn"
420
+ ]
421
+ }
422
+ },
423
+ "StringEquals": {
424
+ "aws:SourceAccount": {
425
+ "Ref": "AWS::AccountId"
426
+ }
427
+ }
428
+ },
429
+ "Effect": "Allow",
430
+ "Principal": {
431
+ "Service": "logging.s3.amazonaws.com"
432
+ },
433
+ "Resource": {
434
+ "Fn::Join": [
435
+ "",
436
+ [
437
+ {
438
+ "Fn::GetAtt": [
439
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
440
+ "Arn"
441
+ ]
442
+ },
443
+ "/*"
444
+ ]
445
+ ]
446
+ }
447
+ }
448
+ ],
449
+ "Version": "2012-10-17"
450
+ }
451
+ }
452
+ },
453
+ "constructInfo": {
454
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
455
+ "version": "2.118.0"
456
+ }
457
+ }
458
+ },
459
+ "constructInfo": {
460
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
461
+ "version": "2.118.0"
462
+ }
463
+ }
464
+ },
465
+ "constructInfo": {
466
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
467
+ "version": "2.118.0"
468
+ }
469
+ },
470
+ "CloudfrontLoggingBucket": {
471
+ "id": "CloudfrontLoggingBucket",
472
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket",
473
+ "children": {
474
+ "Resource": {
475
+ "id": "Resource",
476
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Resource",
477
+ "attributes": {
478
+ "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
479
+ "aws:cdk:cloudformation:props": {
480
+ "bucketEncryption": {
481
+ "serverSideEncryptionConfiguration": [
482
+ {
483
+ "serverSideEncryptionByDefault": {
484
+ "sseAlgorithm": "AES256"
485
+ }
486
+ }
487
+ ]
488
+ },
489
+ "loggingConfiguration": {
490
+ "destinationBucketName": {
491
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"
492
+ }
493
+ },
494
+ "ownershipControls": {
495
+ "rules": [
496
+ {
497
+ "objectOwnership": "ObjectWriter"
498
+ }
499
+ ]
500
+ },
501
+ "publicAccessBlockConfiguration": {
502
+ "blockPublicAcls": true,
503
+ "blockPublicPolicy": true,
504
+ "ignorePublicAcls": true,
505
+ "restrictPublicBuckets": true
506
+ },
507
+ "versioningConfiguration": {
508
+ "status": "Enabled"
509
+ }
510
+ }
511
+ },
512
+ "constructInfo": {
513
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
514
+ "version": "2.118.0"
515
+ }
516
+ },
517
+ "Policy": {
518
+ "id": "Policy",
519
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy",
520
+ "children": {
521
+ "Resource": {
522
+ "id": "Resource",
523
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy/Resource",
524
+ "attributes": {
525
+ "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
526
+ "aws:cdk:cloudformation:props": {
527
+ "bucket": {
528
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7"
529
+ },
530
+ "policyDocument": {
531
+ "Statement": [
532
+ {
533
+ "Action": "s3:*",
534
+ "Condition": {
535
+ "Bool": {
536
+ "aws:SecureTransport": "false"
537
+ }
538
+ },
539
+ "Effect": "Deny",
540
+ "Principal": {
541
+ "AWS": "*"
542
+ },
543
+ "Resource": [
544
+ {
545
+ "Fn::GetAtt": [
546
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
547
+ "Arn"
548
+ ]
549
+ },
550
+ {
551
+ "Fn::Join": [
552
+ "",
553
+ [
554
+ {
555
+ "Fn::GetAtt": [
556
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
557
+ "Arn"
558
+ ]
559
+ },
560
+ "/*"
561
+ ]
562
+ ]
563
+ }
564
+ ]
565
+ }
566
+ ],
567
+ "Version": "2012-10-17"
568
+ }
569
+ }
570
+ },
571
+ "constructInfo": {
572
+ "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
573
+ "version": "2.118.0"
574
+ }
575
+ }
576
+ },
577
+ "constructInfo": {
578
+ "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
579
+ "version": "2.118.0"
580
+ }
581
+ }
582
+ },
583
+ "constructInfo": {
584
+ "fqn": "aws-cdk-lib.aws_s3.Bucket",
585
+ "version": "2.118.0"
586
+ }
587
+ },
588
+ "CloudFrontOac": {
589
+ "id": "CloudFrontOac",
590
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontOac",
591
+ "attributes": {
592
+ "aws:cdk:cloudformation:type": "AWS::CloudFront::OriginAccessControl",
593
+ "aws:cdk:cloudformation:props": {
594
+ "originAccessControlConfig": {
595
+ "name": {
596
+ "Fn::Join": [
597
+ "",
598
+ [
599
+ "aws-cloudfront-s3-testd-key-",
600
+ {
601
+ "Fn::Select": [
602
+ 2,
603
+ {
604
+ "Fn::Split": [
605
+ "/",
606
+ {
607
+ "Ref": "AWS::StackId"
608
+ }
609
+ ]
610
+ }
611
+ ]
612
+ }
613
+ ]
614
+ ]
615
+ },
616
+ "originAccessControlOriginType": "s3",
617
+ "signingBehavior": "always",
618
+ "signingProtocol": "sigv4",
619
+ "description": "Origin access control provisioned by aws-cloudfront-s3"
620
+ }
621
+ }
622
+ },
623
+ "constructInfo": {
624
+ "fqn": "aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl",
625
+ "version": "2.118.0"
626
+ }
627
+ },
628
+ "CloudFrontDistribution": {
629
+ "id": "CloudFrontDistribution",
630
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution",
631
+ "children": {
632
+ "Origin1": {
633
+ "id": "Origin1",
634
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Origin1",
635
+ "constructInfo": {
636
+ "fqn": "constructs.Construct",
637
+ "version": "10.0.0"
638
+ }
639
+ },
640
+ "Resource": {
641
+ "id": "Resource",
642
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Resource",
643
+ "attributes": {
644
+ "aws:cdk:cloudformation:type": "AWS::CloudFront::Distribution",
645
+ "aws:cdk:cloudformation:props": {
646
+ "distributionConfig": {
647
+ "enabled": true,
648
+ "origins": [
649
+ {
650
+ "domainName": {
651
+ "Fn::GetAtt": [
652
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
653
+ "RegionalDomainName"
654
+ ]
655
+ },
656
+ "id": "cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4",
657
+ "s3OriginConfig": {
658
+ "originAccessIdentity": ""
659
+ }
660
+ }
661
+ ],
662
+ "defaultCacheBehavior": {
663
+ "pathPattern": "*",
664
+ "targetOriginId": "cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4",
665
+ "cachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
666
+ "compress": true,
667
+ "viewerProtocolPolicy": "redirect-to-https"
668
+ },
669
+ "defaultRootObject": "index.html",
670
+ "httpVersion": "http2",
671
+ "ipv6Enabled": true,
672
+ "logging": {
673
+ "bucket": {
674
+ "Fn::GetAtt": [
675
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
676
+ "RegionalDomainName"
677
+ ]
678
+ }
679
+ }
680
+ }
681
+ }
682
+ },
683
+ "constructInfo": {
684
+ "fqn": "aws-cdk-lib.aws_cloudfront.CfnDistribution",
685
+ "version": "2.118.0"
686
+ }
687
+ }
688
+ },
689
+ "constructInfo": {
690
+ "fqn": "aws-cdk-lib.aws_cloudfront.Distribution",
691
+ "version": "2.118.0"
692
+ }
693
+ }
694
+ },
695
+ "constructInfo": {
696
+ "fqn": "@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3",
697
+ "version": "2.50.0"
698
+ }
699
+ },
700
+ "Integ": {
701
+ "id": "Integ",
702
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ",
703
+ "children": {
704
+ "DefaultTest": {
705
+ "id": "DefaultTest",
706
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest",
707
+ "children": {
708
+ "Default": {
709
+ "id": "Default",
710
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/Default",
711
+ "constructInfo": {
712
+ "fqn": "constructs.Construct",
713
+ "version": "10.0.0"
714
+ }
715
+ },
716
+ "DeployAssert": {
717
+ "id": "DeployAssert",
718
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert",
719
+ "children": {
720
+ "BootstrapVersion": {
721
+ "id": "BootstrapVersion",
722
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion",
723
+ "constructInfo": {
724
+ "fqn": "aws-cdk-lib.CfnParameter",
725
+ "version": "2.118.0"
726
+ }
727
+ },
728
+ "CheckBootstrapVersion": {
729
+ "id": "CheckBootstrapVersion",
730
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion",
731
+ "constructInfo": {
732
+ "fqn": "aws-cdk-lib.CfnRule",
733
+ "version": "2.118.0"
734
+ }
735
+ }
736
+ },
737
+ "constructInfo": {
738
+ "fqn": "aws-cdk-lib.Stack",
739
+ "version": "2.118.0"
740
+ }
741
+ }
742
+ },
743
+ "constructInfo": {
744
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase",
745
+ "version": "2.118.0-alpha.0"
746
+ }
747
+ }
748
+ },
749
+ "constructInfo": {
750
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTest",
751
+ "version": "2.118.0-alpha.0"
752
+ }
753
+ },
754
+ "BootstrapVersion": {
755
+ "id": "BootstrapVersion",
756
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/BootstrapVersion",
757
+ "constructInfo": {
758
+ "fqn": "aws-cdk-lib.CfnParameter",
759
+ "version": "2.118.0"
760
+ }
761
+ },
762
+ "CheckBootstrapVersion": {
763
+ "id": "CheckBootstrapVersion",
764
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/CheckBootstrapVersion",
765
+ "constructInfo": {
766
+ "fqn": "aws-cdk-lib.CfnRule",
767
+ "version": "2.118.0"
768
+ }
769
+ }
770
+ },
771
+ "constructInfo": {
772
+ "fqn": "aws-cdk-lib.Stack",
773
+ "version": "2.118.0"
774
+ }
775
+ },
776
+ "Tree": {
777
+ "id": "Tree",
778
+ "path": "Tree",
779
+ "constructInfo": {
780
+ "fqn": "constructs.Construct",
781
+ "version": "10.0.0"
782
+ }
783
+ }
784
+ },
785
+ "constructInfo": {
786
+ "fqn": "aws-cdk-lib.App",
787
+ "version": "2.118.0"
788
+ }
789
+ }
790
+ }