@aws-solutions-constructs/aws-cloudfront-s3 2.51.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +50 -5
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +11 -10
  6. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +6 -3
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  9. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  10. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  11. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  12. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  13. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  14. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  15. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +45 -0
  16. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +960 -0
  17. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +19 -0
  18. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.template.json +36 -0
  19. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  20. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +221 -0
  21. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1326 -0
  22. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +6 -3
  23. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  24. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +19 -0
  25. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +594 -0
  26. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +19 -0
  27. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.template.json +36 -0
  28. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  29. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +167 -0
  30. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +790 -0
  31. package/test/integ.cfts3-bucket-with-http-origin.js +6 -3
  32. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +1 -0
  33. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +19 -0
  34. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +559 -0
  35. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +19 -0
  36. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +36 -0
  37. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +12 -0
  38. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +161 -0
  39. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +753 -0
  40. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +6 -3
  41. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  42. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  43. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  44. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  45. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  46. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  47. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  48. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -0
  49. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +45 -0
  50. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +960 -0
  51. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +19 -0
  52. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.template.json +36 -0
  53. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +12 -0
  54. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +221 -0
  55. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1326 -0
  56. package/test/integ.cfts3-custom-headers.js +6 -3
  57. package/test/integ.cfts3-custom-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  58. package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -0
  59. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +32 -0
  60. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +981 -0
  61. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +19 -0
  62. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.template.json +36 -0
  63. package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +12 -0
  64. package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +215 -0
  65. package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1167 -0
  66. package/test/integ.cfts3-custom-originPath.js +6 -3
  67. package/test/integ.cfts3-custom-originPath.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  68. package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -0
  69. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +32 -0
  70. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +950 -0
  71. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +19 -0
  72. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.template.json +36 -0
  73. package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +12 -0
  74. package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +209 -0
  75. package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1117 -0
  76. package/test/integ.cfts3-customLoggingBuckets.js +6 -3
  77. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  78. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  79. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +32 -0
  80. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +987 -0
  81. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +19 -0
  82. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.template.json +36 -0
  83. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  84. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +209 -0
  85. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1156 -0
  86. package/test/integ.cfts3-existing-bucket.js +6 -3
  87. package/test/integ.cfts3-existing-bucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  88. package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +32 -0
  90. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1014 -0
  91. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +19 -0
  92. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.template.json +36 -0
  93. package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +12 -0
  94. package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +221 -0
  95. package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1229 -0
  96. package/test/integ.cfts3-no-arguments.js +6 -3
  97. package/test/integ.cfts3-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  98. package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -0
  99. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +32 -0
  100. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +959 -0
  101. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +19 -0
  102. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.template.json +36 -0
  103. package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +12 -0
  104. package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +209 -0
  105. package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1117 -0
  106. package/test/integ.cfts3-no-security-headers.js +6 -3
  107. package/test/integ.cfts3-no-security-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  108. package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -0
  109. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +32 -0
  110. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +926 -0
  111. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +19 -0
  112. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.template.json +36 -0
  113. package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +12 -0
  114. package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +203 -0
  115. package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1076 -0
  116. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.expected.json +0 -960
  117. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.expected.json +0 -594
  118. package/test/integ.cfts3-bucket-with-http-origin.expected.json +0 -559
  119. package/test/integ.cfts3-cmk-encryption.expected.json +0 -527
  120. package/test/integ.cfts3-cmk-provided-as-bucket-prop.expected.json +0 -960
  121. package/test/integ.cfts3-custom-headers.expected.json +0 -981
  122. package/test/integ.cfts3-custom-originPath.expected.json +0 -950
  123. package/test/integ.cfts3-customCloudFrontLoggingBucket.expected.json +0 -700
  124. package/test/integ.cfts3-customLoggingBuckets.expected.json +0 -987
  125. package/test/integ.cfts3-existing-bucket.expected.json +0 -1014
  126. package/test/integ.cfts3-no-arguments.expected.json +0 -959
  127. package/test/integ.cfts3-no-security-headers.expected.json +0 -926
@@ -0,0 +1,987 @@
1
+ {
2
+ "Resources": {
3
+ "testcloudfronts3S3LoggingBucket90D239DD": {
4
+ "Type": "AWS::S3::Bucket",
5
+ "Properties": {
6
+ "BucketEncryption": {
7
+ "ServerSideEncryptionConfiguration": [
8
+ {
9
+ "ServerSideEncryptionByDefault": {
10
+ "SSEAlgorithm": "AES256"
11
+ }
12
+ }
13
+ ]
14
+ },
15
+ "LifecycleConfiguration": {
16
+ "Rules": [
17
+ {
18
+ "Status": "Enabled",
19
+ "Transitions": [
20
+ {
21
+ "StorageClass": "GLACIER",
22
+ "TransitionInDays": 7
23
+ }
24
+ ]
25
+ }
26
+ ]
27
+ },
28
+ "PublicAccessBlockConfiguration": {
29
+ "BlockPublicAcls": true,
30
+ "BlockPublicPolicy": true,
31
+ "IgnorePublicAcls": true,
32
+ "RestrictPublicBuckets": true
33
+ },
34
+ "Tags": [
35
+ {
36
+ "Key": "aws-cdk:auto-delete-objects",
37
+ "Value": "true"
38
+ }
39
+ ],
40
+ "VersioningConfiguration": {
41
+ "Status": "Enabled"
42
+ }
43
+ },
44
+ "UpdateReplacePolicy": "Delete",
45
+ "DeletionPolicy": "Delete",
46
+ "Metadata": {
47
+ "cfn_nag": {
48
+ "rules_to_suppress": [
49
+ {
50
+ "id": "W35",
51
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
52
+ }
53
+ ]
54
+ }
55
+ }
56
+ },
57
+ "testcloudfronts3S3LoggingBucketPolicy529D4CFF": {
58
+ "Type": "AWS::S3::BucketPolicy",
59
+ "Properties": {
60
+ "Bucket": {
61
+ "Ref": "testcloudfronts3S3LoggingBucket90D239DD"
62
+ },
63
+ "PolicyDocument": {
64
+ "Statement": [
65
+ {
66
+ "Action": "s3:*",
67
+ "Condition": {
68
+ "Bool": {
69
+ "aws:SecureTransport": "false"
70
+ }
71
+ },
72
+ "Effect": "Deny",
73
+ "Principal": {
74
+ "AWS": "*"
75
+ },
76
+ "Resource": [
77
+ {
78
+ "Fn::GetAtt": [
79
+ "testcloudfronts3S3LoggingBucket90D239DD",
80
+ "Arn"
81
+ ]
82
+ },
83
+ {
84
+ "Fn::Join": [
85
+ "",
86
+ [
87
+ {
88
+ "Fn::GetAtt": [
89
+ "testcloudfronts3S3LoggingBucket90D239DD",
90
+ "Arn"
91
+ ]
92
+ },
93
+ "/*"
94
+ ]
95
+ ]
96
+ }
97
+ ]
98
+ },
99
+ {
100
+ "Action": [
101
+ "s3:DeleteObject*",
102
+ "s3:GetBucket*",
103
+ "s3:List*",
104
+ "s3:PutBucketPolicy"
105
+ ],
106
+ "Effect": "Allow",
107
+ "Principal": {
108
+ "AWS": {
109
+ "Fn::GetAtt": [
110
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
111
+ "Arn"
112
+ ]
113
+ }
114
+ },
115
+ "Resource": [
116
+ {
117
+ "Fn::GetAtt": [
118
+ "testcloudfronts3S3LoggingBucket90D239DD",
119
+ "Arn"
120
+ ]
121
+ },
122
+ {
123
+ "Fn::Join": [
124
+ "",
125
+ [
126
+ {
127
+ "Fn::GetAtt": [
128
+ "testcloudfronts3S3LoggingBucket90D239DD",
129
+ "Arn"
130
+ ]
131
+ },
132
+ "/*"
133
+ ]
134
+ ]
135
+ }
136
+ ]
137
+ },
138
+ {
139
+ "Action": "s3:PutObject",
140
+ "Condition": {
141
+ "ArnLike": {
142
+ "aws:SourceArn": {
143
+ "Fn::GetAtt": [
144
+ "testcloudfronts3S3BucketE0C5F76E",
145
+ "Arn"
146
+ ]
147
+ }
148
+ },
149
+ "StringEquals": {
150
+ "aws:SourceAccount": {
151
+ "Ref": "AWS::AccountId"
152
+ }
153
+ }
154
+ },
155
+ "Effect": "Allow",
156
+ "Principal": {
157
+ "Service": "logging.s3.amazonaws.com"
158
+ },
159
+ "Resource": {
160
+ "Fn::Join": [
161
+ "",
162
+ [
163
+ {
164
+ "Fn::GetAtt": [
165
+ "testcloudfronts3S3LoggingBucket90D239DD",
166
+ "Arn"
167
+ ]
168
+ },
169
+ "/*"
170
+ ]
171
+ ]
172
+ }
173
+ }
174
+ ],
175
+ "Version": "2012-10-17"
176
+ }
177
+ }
178
+ },
179
+ "testcloudfronts3S3LoggingBucketAutoDeleteObjectsCustomResource6EE37727": {
180
+ "Type": "Custom::S3AutoDeleteObjects",
181
+ "Properties": {
182
+ "ServiceToken": {
183
+ "Fn::GetAtt": [
184
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
185
+ "Arn"
186
+ ]
187
+ },
188
+ "BucketName": {
189
+ "Ref": "testcloudfronts3S3LoggingBucket90D239DD"
190
+ }
191
+ },
192
+ "DependsOn": [
193
+ "testcloudfronts3S3LoggingBucketPolicy529D4CFF"
194
+ ],
195
+ "UpdateReplacePolicy": "Delete",
196
+ "DeletionPolicy": "Delete"
197
+ },
198
+ "testcloudfronts3S3BucketE0C5F76E": {
199
+ "Type": "AWS::S3::Bucket",
200
+ "Properties": {
201
+ "BucketEncryption": {
202
+ "ServerSideEncryptionConfiguration": [
203
+ {
204
+ "ServerSideEncryptionByDefault": {
205
+ "SSEAlgorithm": "AES256"
206
+ }
207
+ }
208
+ ]
209
+ },
210
+ "LifecycleConfiguration": {
211
+ "Rules": [
212
+ {
213
+ "NoncurrentVersionTransitions": [
214
+ {
215
+ "StorageClass": "GLACIER",
216
+ "TransitionInDays": 90
217
+ }
218
+ ],
219
+ "Status": "Enabled"
220
+ }
221
+ ]
222
+ },
223
+ "LoggingConfiguration": {
224
+ "DestinationBucketName": {
225
+ "Ref": "testcloudfronts3S3LoggingBucket90D239DD"
226
+ }
227
+ },
228
+ "PublicAccessBlockConfiguration": {
229
+ "BlockPublicAcls": true,
230
+ "BlockPublicPolicy": true,
231
+ "IgnorePublicAcls": true,
232
+ "RestrictPublicBuckets": true
233
+ },
234
+ "Tags": [
235
+ {
236
+ "Key": "aws-cdk:auto-delete-objects",
237
+ "Value": "true"
238
+ }
239
+ ],
240
+ "VersioningConfiguration": {
241
+ "Status": "Enabled"
242
+ }
243
+ },
244
+ "UpdateReplacePolicy": "Delete",
245
+ "DeletionPolicy": "Delete"
246
+ },
247
+ "testcloudfronts3S3BucketPolicy250F1F61": {
248
+ "Type": "AWS::S3::BucketPolicy",
249
+ "Properties": {
250
+ "Bucket": {
251
+ "Ref": "testcloudfronts3S3BucketE0C5F76E"
252
+ },
253
+ "PolicyDocument": {
254
+ "Statement": [
255
+ {
256
+ "Action": "s3:*",
257
+ "Condition": {
258
+ "Bool": {
259
+ "aws:SecureTransport": "false"
260
+ }
261
+ },
262
+ "Effect": "Deny",
263
+ "Principal": {
264
+ "AWS": "*"
265
+ },
266
+ "Resource": [
267
+ {
268
+ "Fn::GetAtt": [
269
+ "testcloudfronts3S3BucketE0C5F76E",
270
+ "Arn"
271
+ ]
272
+ },
273
+ {
274
+ "Fn::Join": [
275
+ "",
276
+ [
277
+ {
278
+ "Fn::GetAtt": [
279
+ "testcloudfronts3S3BucketE0C5F76E",
280
+ "Arn"
281
+ ]
282
+ },
283
+ "/*"
284
+ ]
285
+ ]
286
+ }
287
+ ]
288
+ },
289
+ {
290
+ "Action": [
291
+ "s3:DeleteObject*",
292
+ "s3:GetBucket*",
293
+ "s3:List*",
294
+ "s3:PutBucketPolicy"
295
+ ],
296
+ "Effect": "Allow",
297
+ "Principal": {
298
+ "AWS": {
299
+ "Fn::GetAtt": [
300
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
301
+ "Arn"
302
+ ]
303
+ }
304
+ },
305
+ "Resource": [
306
+ {
307
+ "Fn::GetAtt": [
308
+ "testcloudfronts3S3BucketE0C5F76E",
309
+ "Arn"
310
+ ]
311
+ },
312
+ {
313
+ "Fn::Join": [
314
+ "",
315
+ [
316
+ {
317
+ "Fn::GetAtt": [
318
+ "testcloudfronts3S3BucketE0C5F76E",
319
+ "Arn"
320
+ ]
321
+ },
322
+ "/*"
323
+ ]
324
+ ]
325
+ }
326
+ ]
327
+ },
328
+ {
329
+ "Action": "s3:GetObject",
330
+ "Condition": {
331
+ "StringEquals": {
332
+ "AWS:SourceArn": {
333
+ "Fn::Join": [
334
+ "",
335
+ [
336
+ "arn:aws:cloudfront::",
337
+ {
338
+ "Ref": "AWS::AccountId"
339
+ },
340
+ ":distribution/",
341
+ {
342
+ "Ref": "testcloudfronts3CloudFrontDistribution0565DEE8"
343
+ }
344
+ ]
345
+ ]
346
+ }
347
+ }
348
+ },
349
+ "Effect": "Allow",
350
+ "Principal": {
351
+ "Service": "cloudfront.amazonaws.com"
352
+ },
353
+ "Resource": {
354
+ "Fn::Join": [
355
+ "",
356
+ [
357
+ {
358
+ "Fn::GetAtt": [
359
+ "testcloudfronts3S3BucketE0C5F76E",
360
+ "Arn"
361
+ ]
362
+ },
363
+ "/*"
364
+ ]
365
+ ]
366
+ }
367
+ }
368
+ ],
369
+ "Version": "2012-10-17"
370
+ }
371
+ },
372
+ "Metadata": {
373
+ "cfn_nag": {
374
+ "rules_to_suppress": [
375
+ {
376
+ "id": "F16",
377
+ "reason": "Public website bucket policy requires a wildcard principal"
378
+ }
379
+ ]
380
+ }
381
+ }
382
+ },
383
+ "testcloudfronts3S3BucketAutoDeleteObjectsCustomResourceA13DD8F7": {
384
+ "Type": "Custom::S3AutoDeleteObjects",
385
+ "Properties": {
386
+ "ServiceToken": {
387
+ "Fn::GetAtt": [
388
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
389
+ "Arn"
390
+ ]
391
+ },
392
+ "BucketName": {
393
+ "Ref": "testcloudfronts3S3BucketE0C5F76E"
394
+ }
395
+ },
396
+ "DependsOn": [
397
+ "testcloudfronts3S3BucketPolicy250F1F61"
398
+ ],
399
+ "UpdateReplacePolicy": "Delete",
400
+ "DeletionPolicy": "Delete"
401
+ },
402
+ "testcloudfronts3SetHttpSecurityHeaders6C5A1E69": {
403
+ "Type": "AWS::CloudFront::Function",
404
+ "Properties": {
405
+ "AutoPublish": true,
406
+ "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }",
407
+ "FunctionConfig": {
408
+ "Comment": "SetHttpSecurityHeadersc844fcbc00f82925aea73bcda195f6b5551bdcf3d4",
409
+ "Runtime": "cloudfront-js-1.0"
410
+ },
411
+ "Name": "SetHttpSecurityHeadersc844fcbc00f82925aea73bcda195f6b5551bdcf3d4"
412
+ }
413
+ },
414
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58": {
415
+ "Type": "AWS::S3::Bucket",
416
+ "Properties": {
417
+ "BucketEncryption": {
418
+ "ServerSideEncryptionConfiguration": [
419
+ {
420
+ "ServerSideEncryptionByDefault": {
421
+ "SSEAlgorithm": "AES256"
422
+ }
423
+ }
424
+ ]
425
+ },
426
+ "LifecycleConfiguration": {
427
+ "Rules": [
428
+ {
429
+ "Status": "Enabled",
430
+ "Transitions": [
431
+ {
432
+ "StorageClass": "GLACIER",
433
+ "TransitionInDays": 7
434
+ }
435
+ ]
436
+ }
437
+ ]
438
+ },
439
+ "OwnershipControls": {
440
+ "Rules": [
441
+ {
442
+ "ObjectOwnership": "ObjectWriter"
443
+ }
444
+ ]
445
+ },
446
+ "PublicAccessBlockConfiguration": {
447
+ "BlockPublicAcls": true,
448
+ "BlockPublicPolicy": true,
449
+ "IgnorePublicAcls": true,
450
+ "RestrictPublicBuckets": true
451
+ },
452
+ "Tags": [
453
+ {
454
+ "Key": "aws-cdk:auto-delete-objects",
455
+ "Value": "true"
456
+ }
457
+ ],
458
+ "VersioningConfiguration": {
459
+ "Status": "Enabled"
460
+ }
461
+ },
462
+ "UpdateReplacePolicy": "Delete",
463
+ "DeletionPolicy": "Delete",
464
+ "Metadata": {
465
+ "cfn_nag": {
466
+ "rules_to_suppress": [
467
+ {
468
+ "id": "W35",
469
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
470
+ }
471
+ ]
472
+ }
473
+ }
474
+ },
475
+ "testcloudfronts3CloudfrontLoggingBucketAccessLogPolicy526F2E14": {
476
+ "Type": "AWS::S3::BucketPolicy",
477
+ "Properties": {
478
+ "Bucket": {
479
+ "Ref": "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"
480
+ },
481
+ "PolicyDocument": {
482
+ "Statement": [
483
+ {
484
+ "Action": "s3:*",
485
+ "Condition": {
486
+ "Bool": {
487
+ "aws:SecureTransport": "false"
488
+ }
489
+ },
490
+ "Effect": "Deny",
491
+ "Principal": {
492
+ "AWS": "*"
493
+ },
494
+ "Resource": [
495
+ {
496
+ "Fn::GetAtt": [
497
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58",
498
+ "Arn"
499
+ ]
500
+ },
501
+ {
502
+ "Fn::Join": [
503
+ "",
504
+ [
505
+ {
506
+ "Fn::GetAtt": [
507
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58",
508
+ "Arn"
509
+ ]
510
+ },
511
+ "/*"
512
+ ]
513
+ ]
514
+ }
515
+ ]
516
+ },
517
+ {
518
+ "Action": [
519
+ "s3:DeleteObject*",
520
+ "s3:GetBucket*",
521
+ "s3:List*",
522
+ "s3:PutBucketPolicy"
523
+ ],
524
+ "Effect": "Allow",
525
+ "Principal": {
526
+ "AWS": {
527
+ "Fn::GetAtt": [
528
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
529
+ "Arn"
530
+ ]
531
+ }
532
+ },
533
+ "Resource": [
534
+ {
535
+ "Fn::GetAtt": [
536
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58",
537
+ "Arn"
538
+ ]
539
+ },
540
+ {
541
+ "Fn::Join": [
542
+ "",
543
+ [
544
+ {
545
+ "Fn::GetAtt": [
546
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58",
547
+ "Arn"
548
+ ]
549
+ },
550
+ "/*"
551
+ ]
552
+ ]
553
+ }
554
+ ]
555
+ },
556
+ {
557
+ "Action": "s3:PutObject",
558
+ "Condition": {
559
+ "ArnLike": {
560
+ "aws:SourceArn": {
561
+ "Fn::GetAtt": [
562
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
563
+ "Arn"
564
+ ]
565
+ }
566
+ },
567
+ "StringEquals": {
568
+ "aws:SourceAccount": {
569
+ "Ref": "AWS::AccountId"
570
+ }
571
+ }
572
+ },
573
+ "Effect": "Allow",
574
+ "Principal": {
575
+ "Service": "logging.s3.amazonaws.com"
576
+ },
577
+ "Resource": {
578
+ "Fn::Join": [
579
+ "",
580
+ [
581
+ {
582
+ "Fn::GetAtt": [
583
+ "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58",
584
+ "Arn"
585
+ ]
586
+ },
587
+ "/*"
588
+ ]
589
+ ]
590
+ }
591
+ }
592
+ ],
593
+ "Version": "2012-10-17"
594
+ }
595
+ }
596
+ },
597
+ "testcloudfronts3CloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResourceE16E063D": {
598
+ "Type": "Custom::S3AutoDeleteObjects",
599
+ "Properties": {
600
+ "ServiceToken": {
601
+ "Fn::GetAtt": [
602
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
603
+ "Arn"
604
+ ]
605
+ },
606
+ "BucketName": {
607
+ "Ref": "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"
608
+ }
609
+ },
610
+ "DependsOn": [
611
+ "testcloudfronts3CloudfrontLoggingBucketAccessLogPolicy526F2E14"
612
+ ],
613
+ "UpdateReplacePolicy": "Delete",
614
+ "DeletionPolicy": "Delete"
615
+ },
616
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8": {
617
+ "Type": "AWS::S3::Bucket",
618
+ "Properties": {
619
+ "AccessControl": "LogDeliveryWrite",
620
+ "BucketEncryption": {
621
+ "ServerSideEncryptionConfiguration": [
622
+ {
623
+ "ServerSideEncryptionByDefault": {
624
+ "SSEAlgorithm": "AES256"
625
+ }
626
+ }
627
+ ]
628
+ },
629
+ "LifecycleConfiguration": {
630
+ "Rules": [
631
+ {
632
+ "Status": "Enabled",
633
+ "Transitions": [
634
+ {
635
+ "StorageClass": "GLACIER",
636
+ "TransitionInDays": 7
637
+ }
638
+ ]
639
+ }
640
+ ]
641
+ },
642
+ "LoggingConfiguration": {
643
+ "DestinationBucketName": {
644
+ "Ref": "testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"
645
+ }
646
+ },
647
+ "OwnershipControls": {
648
+ "Rules": [
649
+ {
650
+ "ObjectOwnership": "ObjectWriter"
651
+ }
652
+ ]
653
+ },
654
+ "PublicAccessBlockConfiguration": {
655
+ "BlockPublicAcls": true,
656
+ "BlockPublicPolicy": true,
657
+ "IgnorePublicAcls": true,
658
+ "RestrictPublicBuckets": true
659
+ },
660
+ "Tags": [
661
+ {
662
+ "Key": "aws-cdk:auto-delete-objects",
663
+ "Value": "true"
664
+ }
665
+ ],
666
+ "VersioningConfiguration": {
667
+ "Status": "Enabled"
668
+ }
669
+ },
670
+ "UpdateReplacePolicy": "Delete",
671
+ "DeletionPolicy": "Delete"
672
+ },
673
+ "testcloudfronts3CloudfrontLoggingBucketPolicyDF55851B": {
674
+ "Type": "AWS::S3::BucketPolicy",
675
+ "Properties": {
676
+ "Bucket": {
677
+ "Ref": "testcloudfronts3CloudfrontLoggingBucket985C0FE8"
678
+ },
679
+ "PolicyDocument": {
680
+ "Statement": [
681
+ {
682
+ "Action": "s3:*",
683
+ "Condition": {
684
+ "Bool": {
685
+ "aws:SecureTransport": "false"
686
+ }
687
+ },
688
+ "Effect": "Deny",
689
+ "Principal": {
690
+ "AWS": "*"
691
+ },
692
+ "Resource": [
693
+ {
694
+ "Fn::GetAtt": [
695
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
696
+ "Arn"
697
+ ]
698
+ },
699
+ {
700
+ "Fn::Join": [
701
+ "",
702
+ [
703
+ {
704
+ "Fn::GetAtt": [
705
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
706
+ "Arn"
707
+ ]
708
+ },
709
+ "/*"
710
+ ]
711
+ ]
712
+ }
713
+ ]
714
+ },
715
+ {
716
+ "Action": [
717
+ "s3:DeleteObject*",
718
+ "s3:GetBucket*",
719
+ "s3:List*",
720
+ "s3:PutBucketPolicy"
721
+ ],
722
+ "Effect": "Allow",
723
+ "Principal": {
724
+ "AWS": {
725
+ "Fn::GetAtt": [
726
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
727
+ "Arn"
728
+ ]
729
+ }
730
+ },
731
+ "Resource": [
732
+ {
733
+ "Fn::GetAtt": [
734
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
735
+ "Arn"
736
+ ]
737
+ },
738
+ {
739
+ "Fn::Join": [
740
+ "",
741
+ [
742
+ {
743
+ "Fn::GetAtt": [
744
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
745
+ "Arn"
746
+ ]
747
+ },
748
+ "/*"
749
+ ]
750
+ ]
751
+ }
752
+ ]
753
+ }
754
+ ],
755
+ "Version": "2012-10-17"
756
+ }
757
+ }
758
+ },
759
+ "testcloudfronts3CloudfrontLoggingBucketAutoDeleteObjectsCustomResource19604D88": {
760
+ "Type": "Custom::S3AutoDeleteObjects",
761
+ "Properties": {
762
+ "ServiceToken": {
763
+ "Fn::GetAtt": [
764
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
765
+ "Arn"
766
+ ]
767
+ },
768
+ "BucketName": {
769
+ "Ref": "testcloudfronts3CloudfrontLoggingBucket985C0FE8"
770
+ }
771
+ },
772
+ "DependsOn": [
773
+ "testcloudfronts3CloudfrontLoggingBucketPolicyDF55851B"
774
+ ],
775
+ "UpdateReplacePolicy": "Delete",
776
+ "DeletionPolicy": "Delete"
777
+ },
778
+ "testcloudfronts3CloudFrontOac7A951AA6": {
779
+ "Type": "AWS::CloudFront::OriginAccessControl",
780
+ "Properties": {
781
+ "OriginAccessControlConfig": {
782
+ "Description": "Origin access control provisioned by aws-cloudfront-s3",
783
+ "Name": {
784
+ "Fn::Join": [
785
+ "",
786
+ [
787
+ "aws-cloudfront-s3-testnt-s3-",
788
+ {
789
+ "Fn::Select": [
790
+ 2,
791
+ {
792
+ "Fn::Split": [
793
+ "/",
794
+ {
795
+ "Ref": "AWS::StackId"
796
+ }
797
+ ]
798
+ }
799
+ ]
800
+ }
801
+ ]
802
+ ]
803
+ },
804
+ "OriginAccessControlOriginType": "s3",
805
+ "SigningBehavior": "always",
806
+ "SigningProtocol": "sigv4"
807
+ }
808
+ }
809
+ },
810
+ "testcloudfronts3CloudFrontDistribution0565DEE8": {
811
+ "Type": "AWS::CloudFront::Distribution",
812
+ "Properties": {
813
+ "DistributionConfig": {
814
+ "DefaultCacheBehavior": {
815
+ "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
816
+ "Compress": true,
817
+ "FunctionAssociations": [
818
+ {
819
+ "EventType": "viewer-response",
820
+ "FunctionARN": {
821
+ "Fn::GetAtt": [
822
+ "testcloudfronts3SetHttpSecurityHeaders6C5A1E69",
823
+ "FunctionARN"
824
+ ]
825
+ }
826
+ }
827
+ ],
828
+ "TargetOriginId": "cfts3customLoggingBucketstestcloudfronts3CloudFrontDistributionOrigin1BBEA7E26",
829
+ "ViewerProtocolPolicy": "redirect-to-https"
830
+ },
831
+ "DefaultRootObject": "index.html",
832
+ "Enabled": true,
833
+ "HttpVersion": "http2",
834
+ "IPV6Enabled": true,
835
+ "Logging": {
836
+ "Bucket": {
837
+ "Fn::GetAtt": [
838
+ "testcloudfronts3CloudfrontLoggingBucket985C0FE8",
839
+ "RegionalDomainName"
840
+ ]
841
+ }
842
+ },
843
+ "Origins": [
844
+ {
845
+ "DomainName": {
846
+ "Fn::GetAtt": [
847
+ "testcloudfronts3S3BucketE0C5F76E",
848
+ "RegionalDomainName"
849
+ ]
850
+ },
851
+ "Id": "cfts3customLoggingBucketstestcloudfronts3CloudFrontDistributionOrigin1BBEA7E26",
852
+ "OriginAccessControlId": {
853
+ "Fn::GetAtt": [
854
+ "testcloudfronts3CloudFrontOac7A951AA6",
855
+ "Id"
856
+ ]
857
+ },
858
+ "S3OriginConfig": {
859
+ "OriginAccessIdentity": ""
860
+ }
861
+ }
862
+ ]
863
+ }
864
+ },
865
+ "Metadata": {
866
+ "cfn_nag": {
867
+ "rules_to_suppress": [
868
+ {
869
+ "id": "W70",
870
+ "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
871
+ }
872
+ ]
873
+ }
874
+ }
875
+ },
876
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
877
+ "Type": "AWS::IAM::Role",
878
+ "Properties": {
879
+ "AssumeRolePolicyDocument": {
880
+ "Version": "2012-10-17",
881
+ "Statement": [
882
+ {
883
+ "Action": "sts:AssumeRole",
884
+ "Effect": "Allow",
885
+ "Principal": {
886
+ "Service": "lambda.amazonaws.com"
887
+ }
888
+ }
889
+ ]
890
+ },
891
+ "ManagedPolicyArns": [
892
+ {
893
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
894
+ }
895
+ ]
896
+ }
897
+ },
898
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
899
+ "Type": "AWS::Lambda::Function",
900
+ "Properties": {
901
+ "Code": {
902
+ "S3Bucket": {
903
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
904
+ },
905
+ "S3Key": "b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6.zip"
906
+ },
907
+ "Timeout": 900,
908
+ "MemorySize": 128,
909
+ "Handler": "index.handler",
910
+ "Role": {
911
+ "Fn::GetAtt": [
912
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
913
+ "Arn"
914
+ ]
915
+ },
916
+ "Runtime": "nodejs18.x",
917
+ "Description": {
918
+ "Fn::Join": [
919
+ "",
920
+ [
921
+ "Lambda function for auto-deleting objects in ",
922
+ {
923
+ "Ref": "testcloudfronts3S3LoggingBucket90D239DD"
924
+ },
925
+ " S3 bucket."
926
+ ]
927
+ ]
928
+ }
929
+ },
930
+ "DependsOn": [
931
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
932
+ ],
933
+ "Metadata": {
934
+ "cfn_nag": {
935
+ "rules_to_suppress": [
936
+ {
937
+ "id": "W58",
938
+ "reason": "CDK generated custom resource"
939
+ },
940
+ {
941
+ "id": "W89",
942
+ "reason": "CDK generated custom resource"
943
+ },
944
+ {
945
+ "id": "W92",
946
+ "reason": "CDK generated custom resource"
947
+ }
948
+ ]
949
+ }
950
+ }
951
+ }
952
+ },
953
+ "Parameters": {
954
+ "BootstrapVersion": {
955
+ "Type": "AWS::SSM::Parameter::Value<String>",
956
+ "Default": "/cdk-bootstrap/hnb659fds/version",
957
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
958
+ }
959
+ },
960
+ "Rules": {
961
+ "CheckBootstrapVersion": {
962
+ "Assertions": [
963
+ {
964
+ "Assert": {
965
+ "Fn::Not": [
966
+ {
967
+ "Fn::Contains": [
968
+ [
969
+ "1",
970
+ "2",
971
+ "3",
972
+ "4",
973
+ "5"
974
+ ],
975
+ {
976
+ "Ref": "BootstrapVersion"
977
+ }
978
+ ]
979
+ }
980
+ ]
981
+ },
982
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
983
+ }
984
+ ]
985
+ }
986
+ }
987
+ }