@aws-solutions-constructs/aws-cloudfront-s3 2.51.0 → 2.52.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +50 -5
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +11 -10
  6. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +6 -3
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  9. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  10. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  11. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  12. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  13. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  14. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  15. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +45 -0
  16. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +960 -0
  17. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +19 -0
  18. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.template.json +36 -0
  19. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  20. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +221 -0
  21. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1326 -0
  22. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +6 -3
  23. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  24. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +19 -0
  25. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +594 -0
  26. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +19 -0
  27. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.template.json +36 -0
  28. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  29. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +167 -0
  30. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +790 -0
  31. package/test/integ.cfts3-bucket-with-http-origin.js +6 -3
  32. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +1 -0
  33. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +19 -0
  34. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +559 -0
  35. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +19 -0
  36. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +36 -0
  37. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +12 -0
  38. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +161 -0
  39. package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +753 -0
  40. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +6 -3
  41. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
  42. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
  43. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
  44. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
  45. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
  46. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
  47. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
  48. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -0
  49. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +45 -0
  50. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +960 -0
  51. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +19 -0
  52. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.template.json +36 -0
  53. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +12 -0
  54. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +221 -0
  55. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1326 -0
  56. package/test/integ.cfts3-custom-headers.js +6 -3
  57. package/test/integ.cfts3-custom-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  58. package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -0
  59. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +32 -0
  60. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +981 -0
  61. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +19 -0
  62. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.template.json +36 -0
  63. package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +12 -0
  64. package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +215 -0
  65. package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1167 -0
  66. package/test/integ.cfts3-custom-originPath.js +6 -3
  67. package/test/integ.cfts3-custom-originPath.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  68. package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -0
  69. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +32 -0
  70. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +950 -0
  71. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +19 -0
  72. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.template.json +36 -0
  73. package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +12 -0
  74. package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +209 -0
  75. package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1117 -0
  76. package/test/integ.cfts3-customLoggingBuckets.js +6 -3
  77. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  78. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  79. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +32 -0
  80. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +987 -0
  81. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +19 -0
  82. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.template.json +36 -0
  83. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  84. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +209 -0
  85. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1156 -0
  86. package/test/integ.cfts3-existing-bucket.js +6 -3
  87. package/test/integ.cfts3-existing-bucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  88. package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +32 -0
  90. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1014 -0
  91. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +19 -0
  92. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.template.json +36 -0
  93. package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +12 -0
  94. package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +221 -0
  95. package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1229 -0
  96. package/test/integ.cfts3-no-arguments.js +6 -3
  97. package/test/integ.cfts3-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  98. package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -0
  99. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +32 -0
  100. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +959 -0
  101. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +19 -0
  102. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.template.json +36 -0
  103. package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +12 -0
  104. package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +209 -0
  105. package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1117 -0
  106. package/test/integ.cfts3-no-security-headers.js +6 -3
  107. package/test/integ.cfts3-no-security-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
  108. package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -0
  109. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +32 -0
  110. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +926 -0
  111. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +19 -0
  112. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.template.json +36 -0
  113. package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +12 -0
  114. package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +203 -0
  115. package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1076 -0
  116. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.expected.json +0 -960
  117. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.expected.json +0 -594
  118. package/test/integ.cfts3-bucket-with-http-origin.expected.json +0 -559
  119. package/test/integ.cfts3-cmk-encryption.expected.json +0 -527
  120. package/test/integ.cfts3-cmk-provided-as-bucket-prop.expected.json +0 -960
  121. package/test/integ.cfts3-custom-headers.expected.json +0 -981
  122. package/test/integ.cfts3-custom-originPath.expected.json +0 -950
  123. package/test/integ.cfts3-customCloudFrontLoggingBucket.expected.json +0 -700
  124. package/test/integ.cfts3-customLoggingBuckets.expected.json +0 -987
  125. package/test/integ.cfts3-existing-bucket.expected.json +0 -1014
  126. package/test/integ.cfts3-no-arguments.expected.json +0 -959
  127. package/test/integ.cfts3-no-security-headers.expected.json +0 -926
@@ -17,6 +17,7 @@ const aws_cdk_lib_1 = require("aws-cdk-lib");
17
17
  const lib_1 = require("../lib");
18
18
  const core_1 = require("@aws-solutions-constructs/core");
19
19
  const aws_s3_1 = require("aws-cdk-lib/aws-s3");
20
+ const integ_tests_alpha_1 = require("@aws-cdk/integ-tests-alpha");
20
21
  // Setup
21
22
  const app = new aws_cdk_lib_1.App();
22
23
  const stack = new aws_cdk_lib_1.Stack(app, core_1.generateIntegStackName(__filename));
@@ -33,7 +34,9 @@ const props = {
33
34
  insertHttpSecurityHeaders: false
34
35
  };
35
36
  new lib_1.CloudFrontToS3(stack, 'test-cloudfront-s3-managed-key', props);
36
- core_1.suppressAutoDeleteHandlerWarnings(stack);
37
+ core_1.suppressCustomHandlerCfnNagWarnings(stack, 'Custom::S3AutoDeleteObjectsCustomResourceProvider');
37
38
  // Synth
38
- app.synth();
39
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcuY2Z0czMtYnVja2V0LWVuY3J5cHRlZC13aXRoLW1hbmFnZWQta2V5LXByb3ZpZGVkLWFzLWV4aXN0aW5nYnVja2V0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcuY2Z0czMtYnVja2V0LWVuY3J5cHRlZC13aXRoLW1hbmFnZWQta2V5LXByb3ZpZGVkLWFzLWV4aXN0aW5nYnVja2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFFSCxVQUFVO0FBQ1YsNkNBQXlDO0FBQ3pDLGdDQUE2RDtBQUM3RCx5REFBMEg7QUFDMUgsK0NBQXNEO0FBRXRELFFBQVE7QUFDUixNQUFNLEdBQUcsR0FBRyxJQUFJLGlCQUFHLEVBQUUsQ0FBQztBQUN0QixNQUFNLEtBQUssR0FBRyxJQUFJLG1CQUFLLENBQUMsR0FBRyxFQUFFLDZCQUFzQixDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUM7QUFDakUsS0FBSyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsaURBQWlELEVBQUUsSUFBSSxDQUFDLENBQUM7QUFDL0UsS0FBSyxDQUFDLGVBQWUsQ0FBQyxXQUFXLEdBQUcsd0NBQXdDLENBQUM7QUFFN0UsY0FBYztBQUNkLE1BQU0saUJBQWlCLEdBQUcsb0JBQWEsQ0FBQyxLQUFLLEVBQUU7SUFDN0MsV0FBVyxFQUFFO1FBQ1gsVUFBVSxFQUFFLHlCQUFnQixDQUFDLFVBQVU7S0FDeEM7Q0FDRixFQUFFLGtEQUFrRCxDQUFDLENBQUMsTUFBTSxDQUFDO0FBRTlELE1BQU0sS0FBSyxHQUF3QjtJQUNqQyxpQkFBaUI7SUFDakIseUJBQXlCLEVBQUUsS0FBSztDQUNqQyxDQUFDO0FBRUYsSUFBSSxvQkFBYyxDQUFDLEtBQUssRUFBRSxnQ0FBZ0MsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUVuRSx3Q0FBaUMsQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUV6QyxRQUFRO0FBQ1IsR0FBRyxDQUFDLEtBQUssRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiAgQ29weXJpZ2h0IEFtYXpvbi5jb20sIEluYy4gb3IgaXRzIGFmZmlsaWF0ZXMuIEFsbCBSaWdodHMgUmVzZXJ2ZWQuXG4gKlxuICogIExpY2Vuc2VkIHVuZGVyIHRoZSBBcGFjaGUgTGljZW5zZSwgVmVyc2lvbiAyLjAgKHRoZSBcIkxpY2Vuc2VcIikuIFlvdSBtYXkgbm90IHVzZSB0aGlzIGZpbGUgZXhjZXB0IGluIGNvbXBsaWFuY2VcbiAqICB3aXRoIHRoZSBMaWNlbnNlLiBBIGNvcHkgb2YgdGhlIExpY2Vuc2UgaXMgbG9jYXRlZCBhdFxuICpcbiAqICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzL0xJQ0VOU0UtMi4wXG4gKlxuICogIG9yIGluIHRoZSAnbGljZW5zZScgZmlsZSBhY2NvbXBhbnlpbmcgdGhpcyBmaWxlLiBUaGlzIGZpbGUgaXMgZGlzdHJpYnV0ZWQgb24gYW4gJ0FTIElTJyBCQVNJUywgV0lUSE9VVCBXQVJSQU5USUVTXG4gKiAgT1IgQ09ORElUSU9OUyBPRiBBTlkgS0lORCwgZXhwcmVzcyBvciBpbXBsaWVkLiBTZWUgdGhlIExpY2Vuc2UgZm9yIHRoZSBzcGVjaWZpYyBsYW5ndWFnZSBnb3Zlcm5pbmcgcGVybWlzc2lvbnNcbiAqICBhbmQgbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuLy8gSW1wb3J0c1xuaW1wb3J0IHsgQXBwLCBTdGFjayB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgQ2xvdWRGcm9udFRvUzMsIENsb3VkRnJvbnRUb1MzUHJvcHMgfSBmcm9tIFwiLi4vbGliXCI7XG5pbXBvcnQgeyBidWlsZFMzQnVja2V0LCBnZW5lcmF0ZUludGVnU3RhY2tOYW1lLCBzdXBwcmVzc0F1dG9EZWxldGVIYW5kbGVyV2FybmluZ3MgfSBmcm9tICdAYXdzLXNvbHV0aW9ucy1jb25zdHJ1Y3RzL2NvcmUnO1xuaW1wb3J0IHsgQnVja2V0RW5jcnlwdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcblxuLy8gU2V0dXBcbmNvbnN0IGFwcCA9IG5ldyBBcHAoKTtcbmNvbnN0IHN0YWNrID0gbmV3IFN0YWNrKGFwcCwgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZShfX2ZpbGVuYW1lKSk7XG5zdGFjay5ub2RlLnNldENvbnRleHQoXCJAYXdzLWNkay9hd3MtczM6c2VydmVyQWNjZXNzTG9nc1VzZUJ1Y2tldFBvbGljeVwiLCB0cnVlKTtcbnN0YWNrLnRlbXBsYXRlT3B0aW9ucy5kZXNjcmlwdGlvbiA9ICdJbnRlZ3JhdGlvbiBUZXN0IGZvciBhd3MtY2xvdWRmcm9udC1zMyc7XG5cbi8vIERlZmluaXRpb25zXG5jb25zdCBleGlzdGluZ0J1Y2tldE9iaiA9IGJ1aWxkUzNCdWNrZXQoc3RhY2ssIHtcbiAgYnVja2V0UHJvcHM6IHtcbiAgICBlbmNyeXB0aW9uOiBCdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRURcbiAgfVxufSwgJ2V4aXN0aW5nLXMzLWJ1Y2tldC1lbmNyeXB0ZWQtd2l0aC1zMy1tYW5hZ2VkLWtleScpLmJ1Y2tldDtcblxuY29uc3QgcHJvcHM6IENsb3VkRnJvbnRUb1MzUHJvcHMgPSB7XG4gIGV4aXN0aW5nQnVja2V0T2JqLFxuICBpbnNlcnRIdHRwU2VjdXJpdHlIZWFkZXJzOiBmYWxzZVxufTtcblxubmV3IENsb3VkRnJvbnRUb1MzKHN0YWNrLCAndGVzdC1jbG91ZGZyb250LXMzLW1hbmFnZWQta2V5JywgcHJvcHMpO1xuXG5zdXBwcmVzc0F1dG9EZWxldGVIYW5kbGVyV2FybmluZ3Moc3RhY2spO1xuXG4vLyBTeW50aFxuYXBwLnN5bnRoKCk7XG4iXX0=
39
+ new integ_tests_alpha_1.IntegTest(stack, 'Integ', { testCases: [
40
+ stack
41
+ ] });
42
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcuY2Z0czMtYnVja2V0LWVuY3J5cHRlZC13aXRoLW1hbmFnZWQta2V5LXByb3ZpZGVkLWFzLWV4aXN0aW5nYnVja2V0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcuY2Z0czMtYnVja2V0LWVuY3J5cHRlZC13aXRoLW1hbmFnZWQta2V5LXByb3ZpZGVkLWFzLWV4aXN0aW5nYnVja2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFFSCxVQUFVO0FBQ1YsNkNBQXlDO0FBQ3pDLGdDQUE2RDtBQUM3RCx5REFBNEg7QUFDNUgsK0NBQXNEO0FBQ3RELGtFQUF1RDtBQUV2RCxRQUFRO0FBQ1IsTUFBTSxHQUFHLEdBQUcsSUFBSSxpQkFBRyxFQUFFLENBQUM7QUFDdEIsTUFBTSxLQUFLLEdBQUcsSUFBSSxtQkFBSyxDQUFDLEdBQUcsRUFBRSw2QkFBc0IsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0FBQ2pFLEtBQUssQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLGlEQUFpRCxFQUFFLElBQUksQ0FBQyxDQUFDO0FBQy9FLEtBQUssQ0FBQyxlQUFlLENBQUMsV0FBVyxHQUFHLHdDQUF3QyxDQUFDO0FBRTdFLGNBQWM7QUFDZCxNQUFNLGlCQUFpQixHQUFHLG9CQUFhLENBQUMsS0FBSyxFQUFFO0lBQzdDLFdBQVcsRUFBRTtRQUNYLFVBQVUsRUFBRSx5QkFBZ0IsQ0FBQyxVQUFVO0tBQ3hDO0NBQ0YsRUFBRSxrREFBa0QsQ0FBQyxDQUFDLE1BQU0sQ0FBQztBQUU5RCxNQUFNLEtBQUssR0FBd0I7SUFDakMsaUJBQWlCO0lBQ2pCLHlCQUF5QixFQUFFLEtBQUs7Q0FDakMsQ0FBQztBQUVGLElBQUksb0JBQWMsQ0FBQyxLQUFLLEVBQUUsZ0NBQWdDLEVBQUUsS0FBSyxDQUFDLENBQUM7QUFFbkUsMENBQW1DLENBQUMsS0FBSyxFQUFFLG1EQUFtRCxDQUFDLENBQUM7QUFFaEcsUUFBUTtBQUNSLElBQUksNkJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBTyxFQUFFLEVBQUUsU0FBUyxFQUFFO1FBQ3pDLEtBQUs7S0FDTixFQUFFLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7IEFwcCwgU3RhY2sgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENsb3VkRnJvbnRUb1MzLCBDbG91ZEZyb250VG9TM1Byb3BzIH0gZnJvbSBcIi4uL2xpYlwiO1xuaW1wb3J0IHsgYnVpbGRTM0J1Y2tldCwgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZSwgc3VwcHJlc3NDdXN0b21IYW5kbGVyQ2ZuTmFnV2FybmluZ3MgfSBmcm9tICdAYXdzLXNvbHV0aW9ucy1jb25zdHJ1Y3RzL2NvcmUnO1xuaW1wb3J0IHsgQnVja2V0RW5jcnlwdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcbmltcG9ydCB7IEludGVnVGVzdCB9IGZyb20gJ0Bhd3MtY2RrL2ludGVnLXRlc3RzLWFscGhhJztcblxuLy8gU2V0dXBcbmNvbnN0IGFwcCA9IG5ldyBBcHAoKTtcbmNvbnN0IHN0YWNrID0gbmV3IFN0YWNrKGFwcCwgZ2VuZXJhdGVJbnRlZ1N0YWNrTmFtZShfX2ZpbGVuYW1lKSk7XG5zdGFjay5ub2RlLnNldENvbnRleHQoXCJAYXdzLWNkay9hd3MtczM6c2VydmVyQWNjZXNzTG9nc1VzZUJ1Y2tldFBvbGljeVwiLCB0cnVlKTtcbnN0YWNrLnRlbXBsYXRlT3B0aW9ucy5kZXNjcmlwdGlvbiA9ICdJbnRlZ3JhdGlvbiBUZXN0IGZvciBhd3MtY2xvdWRmcm9udC1zMyc7XG5cbi8vIERlZmluaXRpb25zXG5jb25zdCBleGlzdGluZ0J1Y2tldE9iaiA9IGJ1aWxkUzNCdWNrZXQoc3RhY2ssIHtcbiAgYnVja2V0UHJvcHM6IHtcbiAgICBlbmNyeXB0aW9uOiBCdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRURcbiAgfVxufSwgJ2V4aXN0aW5nLXMzLWJ1Y2tldC1lbmNyeXB0ZWQtd2l0aC1zMy1tYW5hZ2VkLWtleScpLmJ1Y2tldDtcblxuY29uc3QgcHJvcHM6IENsb3VkRnJvbnRUb1MzUHJvcHMgPSB7XG4gIGV4aXN0aW5nQnVja2V0T2JqLFxuICBpbnNlcnRIdHRwU2VjdXJpdHlIZWFkZXJzOiBmYWxzZVxufTtcblxubmV3IENsb3VkRnJvbnRUb1MzKHN0YWNrLCAndGVzdC1jbG91ZGZyb250LXMzLW1hbmFnZWQta2V5JywgcHJvcHMpO1xuXG5zdXBwcmVzc0N1c3RvbUhhbmRsZXJDZm5OYWdXYXJuaW5ncyhzdGFjaywgJ0N1c3RvbTo6UzNBdXRvRGVsZXRlT2JqZWN0c0N1c3RvbVJlc291cmNlUHJvdmlkZXInKTtcblxuLy8gU3ludGhcbm5ldyBJbnRlZ1Rlc3Qoc3RhY2ssICdJbnRlZycsIHsgdGVzdENhc2VzOiBbXG4gIHN0YWNrXG5dIH0pO1xuIl19
@@ -0,0 +1,19 @@
1
+ {
2
+ "version": "36.0.0",
3
+ "files": {
4
+ "e7b5a5ddb6c94e12fc7698e48ed97f29526e8a6f1d5b21ec0c99afff6a6cbd62": {
5
+ "source": {
6
+ "path": "cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json",
7
+ "packaging": "file"
8
+ },
9
+ "destinations": {
10
+ "current_account-current_region": {
11
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
12
+ "objectKey": "e7b5a5ddb6c94e12fc7698e48ed97f29526e8a6f1d5b21ec0c99afff6a6cbd62.json",
13
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
14
+ }
15
+ }
16
+ }
17
+ },
18
+ "dockerImages": {}
19
+ }
@@ -0,0 +1,594 @@
1
+ {
2
+ "Description": "Integration Test for aws-cloudfront-s3",
3
+ "Resources": {
4
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7": {
5
+ "Type": "AWS::S3::Bucket",
6
+ "Properties": {
7
+ "BucketEncryption": {
8
+ "ServerSideEncryptionConfiguration": [
9
+ {
10
+ "ServerSideEncryptionByDefault": {
11
+ "SSEAlgorithm": "AES256"
12
+ }
13
+ }
14
+ ]
15
+ },
16
+ "PublicAccessBlockConfiguration": {
17
+ "BlockPublicAcls": true,
18
+ "BlockPublicPolicy": true,
19
+ "IgnorePublicAcls": true,
20
+ "RestrictPublicBuckets": true
21
+ },
22
+ "VersioningConfiguration": {
23
+ "Status": "Enabled"
24
+ }
25
+ },
26
+ "UpdateReplacePolicy": "Retain",
27
+ "DeletionPolicy": "Retain",
28
+ "Metadata": {
29
+ "cfn_nag": {
30
+ "rules_to_suppress": [
31
+ {
32
+ "id": "W35",
33
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
34
+ }
35
+ ]
36
+ }
37
+ }
38
+ },
39
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketPolicy4358229C": {
40
+ "Type": "AWS::S3::BucketPolicy",
41
+ "Properties": {
42
+ "Bucket": {
43
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
44
+ },
45
+ "PolicyDocument": {
46
+ "Statement": [
47
+ {
48
+ "Action": "s3:*",
49
+ "Condition": {
50
+ "Bool": {
51
+ "aws:SecureTransport": "false"
52
+ }
53
+ },
54
+ "Effect": "Deny",
55
+ "Principal": {
56
+ "AWS": "*"
57
+ },
58
+ "Resource": [
59
+ {
60
+ "Fn::GetAtt": [
61
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
62
+ "Arn"
63
+ ]
64
+ },
65
+ {
66
+ "Fn::Join": [
67
+ "",
68
+ [
69
+ {
70
+ "Fn::GetAtt": [
71
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
72
+ "Arn"
73
+ ]
74
+ },
75
+ "/*"
76
+ ]
77
+ ]
78
+ }
79
+ ]
80
+ },
81
+ {
82
+ "Action": "s3:PutObject",
83
+ "Condition": {
84
+ "ArnLike": {
85
+ "aws:SourceArn": {
86
+ "Fn::GetAtt": [
87
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
88
+ "Arn"
89
+ ]
90
+ }
91
+ },
92
+ "StringEquals": {
93
+ "aws:SourceAccount": {
94
+ "Ref": "AWS::AccountId"
95
+ }
96
+ }
97
+ },
98
+ "Effect": "Allow",
99
+ "Principal": {
100
+ "Service": "logging.s3.amazonaws.com"
101
+ },
102
+ "Resource": {
103
+ "Fn::Join": [
104
+ "",
105
+ [
106
+ {
107
+ "Fn::GetAtt": [
108
+ "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7",
109
+ "Arn"
110
+ ]
111
+ },
112
+ "/*"
113
+ ]
114
+ ]
115
+ }
116
+ }
117
+ ],
118
+ "Version": "2012-10-17"
119
+ }
120
+ }
121
+ },
122
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A": {
123
+ "Type": "AWS::S3::Bucket",
124
+ "Properties": {
125
+ "BucketEncryption": {
126
+ "ServerSideEncryptionConfiguration": [
127
+ {
128
+ "ServerSideEncryptionByDefault": {
129
+ "SSEAlgorithm": "AES256"
130
+ }
131
+ }
132
+ ]
133
+ },
134
+ "LifecycleConfiguration": {
135
+ "Rules": [
136
+ {
137
+ "NoncurrentVersionTransitions": [
138
+ {
139
+ "StorageClass": "GLACIER",
140
+ "TransitionInDays": 90
141
+ }
142
+ ],
143
+ "Status": "Enabled"
144
+ }
145
+ ]
146
+ },
147
+ "LoggingConfiguration": {
148
+ "DestinationBucketName": {
149
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"
150
+ }
151
+ },
152
+ "PublicAccessBlockConfiguration": {
153
+ "BlockPublicAcls": true,
154
+ "BlockPublicPolicy": true,
155
+ "IgnorePublicAcls": true,
156
+ "RestrictPublicBuckets": true
157
+ },
158
+ "VersioningConfiguration": {
159
+ "Status": "Enabled"
160
+ }
161
+ },
162
+ "UpdateReplacePolicy": "Retain",
163
+ "DeletionPolicy": "Retain"
164
+ },
165
+ "existings3bucketencryptedwiths3managedkeyS3BucketPolicyFDA85248": {
166
+ "Type": "AWS::S3::BucketPolicy",
167
+ "Properties": {
168
+ "Bucket": {
169
+ "Ref": "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A"
170
+ },
171
+ "PolicyDocument": {
172
+ "Statement": [
173
+ {
174
+ "Action": "s3:*",
175
+ "Condition": {
176
+ "Bool": {
177
+ "aws:SecureTransport": "false"
178
+ }
179
+ },
180
+ "Effect": "Deny",
181
+ "Principal": {
182
+ "AWS": "*"
183
+ },
184
+ "Resource": [
185
+ {
186
+ "Fn::GetAtt": [
187
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
188
+ "Arn"
189
+ ]
190
+ },
191
+ {
192
+ "Fn::Join": [
193
+ "",
194
+ [
195
+ {
196
+ "Fn::GetAtt": [
197
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
198
+ "Arn"
199
+ ]
200
+ },
201
+ "/*"
202
+ ]
203
+ ]
204
+ }
205
+ ]
206
+ },
207
+ {
208
+ "Action": "s3:GetObject",
209
+ "Condition": {
210
+ "StringEquals": {
211
+ "AWS:SourceArn": {
212
+ "Fn::Join": [
213
+ "",
214
+ [
215
+ "arn:aws:cloudfront::",
216
+ {
217
+ "Ref": "AWS::AccountId"
218
+ },
219
+ ":distribution/",
220
+ {
221
+ "Ref": "testcloudfronts3managedkeyCloudFrontDistributionE6431C62"
222
+ }
223
+ ]
224
+ ]
225
+ }
226
+ }
227
+ },
228
+ "Effect": "Allow",
229
+ "Principal": {
230
+ "Service": "cloudfront.amazonaws.com"
231
+ },
232
+ "Resource": {
233
+ "Fn::Join": [
234
+ "",
235
+ [
236
+ {
237
+ "Fn::GetAtt": [
238
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
239
+ "Arn"
240
+ ]
241
+ },
242
+ "/*"
243
+ ]
244
+ ]
245
+ }
246
+ }
247
+ ],
248
+ "Version": "2012-10-17"
249
+ }
250
+ },
251
+ "Metadata": {
252
+ "cfn_nag": {
253
+ "rules_to_suppress": [
254
+ {
255
+ "id": "F16",
256
+ "reason": "Public website bucket policy requires a wildcard principal"
257
+ }
258
+ ]
259
+ }
260
+ }
261
+ },
262
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955": {
263
+ "Type": "AWS::S3::Bucket",
264
+ "Properties": {
265
+ "BucketEncryption": {
266
+ "ServerSideEncryptionConfiguration": [
267
+ {
268
+ "ServerSideEncryptionByDefault": {
269
+ "SSEAlgorithm": "AES256"
270
+ }
271
+ }
272
+ ]
273
+ },
274
+ "OwnershipControls": {
275
+ "Rules": [
276
+ {
277
+ "ObjectOwnership": "ObjectWriter"
278
+ }
279
+ ]
280
+ },
281
+ "PublicAccessBlockConfiguration": {
282
+ "BlockPublicAcls": true,
283
+ "BlockPublicPolicy": true,
284
+ "IgnorePublicAcls": true,
285
+ "RestrictPublicBuckets": true
286
+ },
287
+ "VersioningConfiguration": {
288
+ "Status": "Enabled"
289
+ }
290
+ },
291
+ "UpdateReplacePolicy": "Retain",
292
+ "DeletionPolicy": "Retain",
293
+ "Metadata": {
294
+ "cfn_nag": {
295
+ "rules_to_suppress": [
296
+ {
297
+ "id": "W35",
298
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
299
+ }
300
+ ]
301
+ }
302
+ }
303
+ },
304
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLogPolicy08C15592": {
305
+ "Type": "AWS::S3::BucketPolicy",
306
+ "Properties": {
307
+ "Bucket": {
308
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"
309
+ },
310
+ "PolicyDocument": {
311
+ "Statement": [
312
+ {
313
+ "Action": "s3:*",
314
+ "Condition": {
315
+ "Bool": {
316
+ "aws:SecureTransport": "false"
317
+ }
318
+ },
319
+ "Effect": "Deny",
320
+ "Principal": {
321
+ "AWS": "*"
322
+ },
323
+ "Resource": [
324
+ {
325
+ "Fn::GetAtt": [
326
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
327
+ "Arn"
328
+ ]
329
+ },
330
+ {
331
+ "Fn::Join": [
332
+ "",
333
+ [
334
+ {
335
+ "Fn::GetAtt": [
336
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
337
+ "Arn"
338
+ ]
339
+ },
340
+ "/*"
341
+ ]
342
+ ]
343
+ }
344
+ ]
345
+ },
346
+ {
347
+ "Action": "s3:PutObject",
348
+ "Condition": {
349
+ "ArnLike": {
350
+ "aws:SourceArn": {
351
+ "Fn::GetAtt": [
352
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
353
+ "Arn"
354
+ ]
355
+ }
356
+ },
357
+ "StringEquals": {
358
+ "aws:SourceAccount": {
359
+ "Ref": "AWS::AccountId"
360
+ }
361
+ }
362
+ },
363
+ "Effect": "Allow",
364
+ "Principal": {
365
+ "Service": "logging.s3.amazonaws.com"
366
+ },
367
+ "Resource": {
368
+ "Fn::Join": [
369
+ "",
370
+ [
371
+ {
372
+ "Fn::GetAtt": [
373
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955",
374
+ "Arn"
375
+ ]
376
+ },
377
+ "/*"
378
+ ]
379
+ ]
380
+ }
381
+ }
382
+ ],
383
+ "Version": "2012-10-17"
384
+ }
385
+ }
386
+ },
387
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7": {
388
+ "Type": "AWS::S3::Bucket",
389
+ "Properties": {
390
+ "AccessControl": "LogDeliveryWrite",
391
+ "BucketEncryption": {
392
+ "ServerSideEncryptionConfiguration": [
393
+ {
394
+ "ServerSideEncryptionByDefault": {
395
+ "SSEAlgorithm": "AES256"
396
+ }
397
+ }
398
+ ]
399
+ },
400
+ "LoggingConfiguration": {
401
+ "DestinationBucketName": {
402
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"
403
+ }
404
+ },
405
+ "OwnershipControls": {
406
+ "Rules": [
407
+ {
408
+ "ObjectOwnership": "ObjectWriter"
409
+ }
410
+ ]
411
+ },
412
+ "PublicAccessBlockConfiguration": {
413
+ "BlockPublicAcls": true,
414
+ "BlockPublicPolicy": true,
415
+ "IgnorePublicAcls": true,
416
+ "RestrictPublicBuckets": true
417
+ },
418
+ "VersioningConfiguration": {
419
+ "Status": "Enabled"
420
+ }
421
+ },
422
+ "UpdateReplacePolicy": "Retain",
423
+ "DeletionPolicy": "Retain"
424
+ },
425
+ "testcloudfronts3managedkeyCloudfrontLoggingBucketPolicy8952C83B": {
426
+ "Type": "AWS::S3::BucketPolicy",
427
+ "Properties": {
428
+ "Bucket": {
429
+ "Ref": "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7"
430
+ },
431
+ "PolicyDocument": {
432
+ "Statement": [
433
+ {
434
+ "Action": "s3:*",
435
+ "Condition": {
436
+ "Bool": {
437
+ "aws:SecureTransport": "false"
438
+ }
439
+ },
440
+ "Effect": "Deny",
441
+ "Principal": {
442
+ "AWS": "*"
443
+ },
444
+ "Resource": [
445
+ {
446
+ "Fn::GetAtt": [
447
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
448
+ "Arn"
449
+ ]
450
+ },
451
+ {
452
+ "Fn::Join": [
453
+ "",
454
+ [
455
+ {
456
+ "Fn::GetAtt": [
457
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
458
+ "Arn"
459
+ ]
460
+ },
461
+ "/*"
462
+ ]
463
+ ]
464
+ }
465
+ ]
466
+ }
467
+ ],
468
+ "Version": "2012-10-17"
469
+ }
470
+ }
471
+ },
472
+ "testcloudfronts3managedkeyCloudFrontOac1422B0A1": {
473
+ "Type": "AWS::CloudFront::OriginAccessControl",
474
+ "Properties": {
475
+ "OriginAccessControlConfig": {
476
+ "Description": "Origin access control provisioned by aws-cloudfront-s3",
477
+ "Name": {
478
+ "Fn::Join": [
479
+ "",
480
+ [
481
+ "aws-cloudfront-s3-testd-key-",
482
+ {
483
+ "Fn::Select": [
484
+ 2,
485
+ {
486
+ "Fn::Split": [
487
+ "/",
488
+ {
489
+ "Ref": "AWS::StackId"
490
+ }
491
+ ]
492
+ }
493
+ ]
494
+ }
495
+ ]
496
+ ]
497
+ },
498
+ "OriginAccessControlOriginType": "s3",
499
+ "SigningBehavior": "always",
500
+ "SigningProtocol": "sigv4"
501
+ }
502
+ }
503
+ },
504
+ "testcloudfronts3managedkeyCloudFrontDistributionE6431C62": {
505
+ "Type": "AWS::CloudFront::Distribution",
506
+ "Properties": {
507
+ "DistributionConfig": {
508
+ "DefaultCacheBehavior": {
509
+ "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
510
+ "Compress": true,
511
+ "TargetOriginId": "cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4",
512
+ "ViewerProtocolPolicy": "redirect-to-https"
513
+ },
514
+ "DefaultRootObject": "index.html",
515
+ "Enabled": true,
516
+ "HttpVersion": "http2",
517
+ "IPV6Enabled": true,
518
+ "Logging": {
519
+ "Bucket": {
520
+ "Fn::GetAtt": [
521
+ "testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7",
522
+ "RegionalDomainName"
523
+ ]
524
+ }
525
+ },
526
+ "Origins": [
527
+ {
528
+ "DomainName": {
529
+ "Fn::GetAtt": [
530
+ "existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A",
531
+ "RegionalDomainName"
532
+ ]
533
+ },
534
+ "Id": "cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4",
535
+ "OriginAccessControlId": {
536
+ "Fn::GetAtt": [
537
+ "testcloudfronts3managedkeyCloudFrontOac1422B0A1",
538
+ "Id"
539
+ ]
540
+ },
541
+ "S3OriginConfig": {
542
+ "OriginAccessIdentity": ""
543
+ }
544
+ }
545
+ ]
546
+ }
547
+ },
548
+ "Metadata": {
549
+ "cfn_nag": {
550
+ "rules_to_suppress": [
551
+ {
552
+ "id": "W70",
553
+ "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
554
+ }
555
+ ]
556
+ }
557
+ }
558
+ }
559
+ },
560
+ "Parameters": {
561
+ "BootstrapVersion": {
562
+ "Type": "AWS::SSM::Parameter::Value<String>",
563
+ "Default": "/cdk-bootstrap/hnb659fds/version",
564
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
565
+ }
566
+ },
567
+ "Rules": {
568
+ "CheckBootstrapVersion": {
569
+ "Assertions": [
570
+ {
571
+ "Assert": {
572
+ "Fn::Not": [
573
+ {
574
+ "Fn::Contains": [
575
+ [
576
+ "1",
577
+ "2",
578
+ "3",
579
+ "4",
580
+ "5"
581
+ ],
582
+ {
583
+ "Ref": "BootstrapVersion"
584
+ }
585
+ ]
586
+ }
587
+ ]
588
+ },
589
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
590
+ }
591
+ ]
592
+ }
593
+ }
594
+ }
@@ -0,0 +1,19 @@
1
+ {
2
+ "version": "36.0.0",
3
+ "files": {
4
+ "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
5
+ "source": {
6
+ "path": "cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.template.json",
7
+ "packaging": "file"
8
+ },
9
+ "destinations": {
10
+ "current_account-current_region": {
11
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
12
+ "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
13
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
14
+ }
15
+ }
16
+ }
17
+ },
18
+ "dockerImages": {}
19
+ }
@@ -0,0 +1,36 @@
1
+ {
2
+ "Parameters": {
3
+ "BootstrapVersion": {
4
+ "Type": "AWS::SSM::Parameter::Value<String>",
5
+ "Default": "/cdk-bootstrap/hnb659fds/version",
6
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
7
+ }
8
+ },
9
+ "Rules": {
10
+ "CheckBootstrapVersion": {
11
+ "Assertions": [
12
+ {
13
+ "Assert": {
14
+ "Fn::Not": [
15
+ {
16
+ "Fn::Contains": [
17
+ [
18
+ "1",
19
+ "2",
20
+ "3",
21
+ "4",
22
+ "5"
23
+ ],
24
+ {
25
+ "Ref": "BootstrapVersion"
26
+ }
27
+ ]
28
+ }
29
+ ]
30
+ },
31
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
32
+ }
33
+ ]
34
+ }
35
+ }
36
+ }