@aws-solutions-constructs/aws-cloudfront-s3 2.58.1 → 2.59.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +77 -30
- package/README.md +10 -7
- package/lib/index.d.ts +32 -17
- package/lib/index.js +33 -3
- package/package.json +5 -5
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +16 -2
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +15 -2
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +340 -15
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +37 -19
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +342 -63
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +16 -2
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +15 -2
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +340 -15
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +37 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +318 -39
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +2 -2
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +0 -7
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +31 -38
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +13 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +15 -2
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +274 -13
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +27 -15
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +279 -63
- package/test/integ.cfts3-custom-headers.js +5 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +5 -5
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +1 -8
- package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +48 -55
- package/test/integ.cfts3-custom-originPath.js +5 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +5 -5
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +1 -8
- package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +46 -53
- package/test/integ.cfts3-customLoggingBuckets.js +6 -2
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +5 -5
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +1 -21
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +46 -66
- package/test/integ.cfts3-existing-bucket.js +5 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +5 -5
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1 -8
- package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +51 -58
- package/test/integ.cfts3-no-arguments.js +5 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +5 -5
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +1 -8
- package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +46 -53
- package/test/integ.cfts3-no-logging.js +56 -0
- package/test/integ.cfts3-no-logging.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.assets.json +32 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.template.json +434 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.assets.json +19 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.template.json +36 -0
- package/test/integ.cfts3-no-logging.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-no-logging.js.snapshot/manifest.json +155 -0
- package/test/integ.cfts3-no-logging.js.snapshot/tree.json +506 -0
- package/test/integ.cfts3-no-security-headers.js +5 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/asset.2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4/index.js +1 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +5 -5
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +1 -8
- package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +44 -51
- package/test/test.cloudfront-s3.test.js +288 -52
- package/test/integ.cfts3-bucket-with-http-origin.js +0 -47
- package/test/integ.cfts3-custom-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +0 -1
- /package/test/{integ.cfts3-bucket-with-http-origin.d.ts → integ.cfts3-no-logging.d.ts} +0 -0
|
@@ -55,12 +55,18 @@
|
|
|
55
55
|
"IgnorePublicAcls": true,
|
|
56
56
|
"RestrictPublicBuckets": true
|
|
57
57
|
},
|
|
58
|
+
"Tags": [
|
|
59
|
+
{
|
|
60
|
+
"Key": "aws-cdk:auto-delete-objects",
|
|
61
|
+
"Value": "true"
|
|
62
|
+
}
|
|
63
|
+
],
|
|
58
64
|
"VersioningConfiguration": {
|
|
59
65
|
"Status": "Enabled"
|
|
60
66
|
}
|
|
61
67
|
},
|
|
62
|
-
"UpdateReplacePolicy": "
|
|
63
|
-
"DeletionPolicy": "
|
|
68
|
+
"UpdateReplacePolicy": "Delete",
|
|
69
|
+
"DeletionPolicy": "Delete",
|
|
64
70
|
"Metadata": {
|
|
65
71
|
"cfn_nag": {
|
|
66
72
|
"rules_to_suppress": [
|
|
@@ -114,6 +120,45 @@
|
|
|
114
120
|
}
|
|
115
121
|
]
|
|
116
122
|
},
|
|
123
|
+
{
|
|
124
|
+
"Action": [
|
|
125
|
+
"s3:DeleteObject*",
|
|
126
|
+
"s3:GetBucket*",
|
|
127
|
+
"s3:List*",
|
|
128
|
+
"s3:PutBucketPolicy"
|
|
129
|
+
],
|
|
130
|
+
"Effect": "Allow",
|
|
131
|
+
"Principal": {
|
|
132
|
+
"AWS": {
|
|
133
|
+
"Fn::GetAtt": [
|
|
134
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
|
|
135
|
+
"Arn"
|
|
136
|
+
]
|
|
137
|
+
}
|
|
138
|
+
},
|
|
139
|
+
"Resource": [
|
|
140
|
+
{
|
|
141
|
+
"Fn::GetAtt": [
|
|
142
|
+
"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209",
|
|
143
|
+
"Arn"
|
|
144
|
+
]
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
"Fn::Join": [
|
|
148
|
+
"",
|
|
149
|
+
[
|
|
150
|
+
{
|
|
151
|
+
"Fn::GetAtt": [
|
|
152
|
+
"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209",
|
|
153
|
+
"Arn"
|
|
154
|
+
]
|
|
155
|
+
},
|
|
156
|
+
"/*"
|
|
157
|
+
]
|
|
158
|
+
]
|
|
159
|
+
}
|
|
160
|
+
]
|
|
161
|
+
},
|
|
117
162
|
{
|
|
118
163
|
"Action": "s3:PutObject",
|
|
119
164
|
"Condition": {
|
|
@@ -155,6 +200,25 @@
|
|
|
155
200
|
}
|
|
156
201
|
}
|
|
157
202
|
},
|
|
203
|
+
"testcloudfronts3cmkencryptionkeyS3LoggingBucketAutoDeleteObjectsCustomResource69EF1373": {
|
|
204
|
+
"Type": "Custom::S3AutoDeleteObjects",
|
|
205
|
+
"Properties": {
|
|
206
|
+
"ServiceToken": {
|
|
207
|
+
"Fn::GetAtt": [
|
|
208
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
|
|
209
|
+
"Arn"
|
|
210
|
+
]
|
|
211
|
+
},
|
|
212
|
+
"BucketName": {
|
|
213
|
+
"Ref": "testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"
|
|
214
|
+
}
|
|
215
|
+
},
|
|
216
|
+
"DependsOn": [
|
|
217
|
+
"testcloudfronts3cmkencryptionkeyS3LoggingBucketPolicyF38CB6DD"
|
|
218
|
+
],
|
|
219
|
+
"UpdateReplacePolicy": "Delete",
|
|
220
|
+
"DeletionPolicy": "Delete"
|
|
221
|
+
},
|
|
158
222
|
"testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2": {
|
|
159
223
|
"Type": "AWS::S3::Bucket",
|
|
160
224
|
"Properties": {
|
|
@@ -313,25 +377,24 @@
|
|
|
313
377
|
}
|
|
314
378
|
]
|
|
315
379
|
},
|
|
316
|
-
"OwnershipControls": {
|
|
317
|
-
"Rules": [
|
|
318
|
-
{
|
|
319
|
-
"ObjectOwnership": "ObjectWriter"
|
|
320
|
-
}
|
|
321
|
-
]
|
|
322
|
-
},
|
|
323
380
|
"PublicAccessBlockConfiguration": {
|
|
324
381
|
"BlockPublicAcls": true,
|
|
325
382
|
"BlockPublicPolicy": true,
|
|
326
383
|
"IgnorePublicAcls": true,
|
|
327
384
|
"RestrictPublicBuckets": true
|
|
328
385
|
},
|
|
386
|
+
"Tags": [
|
|
387
|
+
{
|
|
388
|
+
"Key": "aws-cdk:auto-delete-objects",
|
|
389
|
+
"Value": "true"
|
|
390
|
+
}
|
|
391
|
+
],
|
|
329
392
|
"VersioningConfiguration": {
|
|
330
393
|
"Status": "Enabled"
|
|
331
394
|
}
|
|
332
395
|
},
|
|
333
|
-
"UpdateReplacePolicy": "
|
|
334
|
-
"DeletionPolicy": "
|
|
396
|
+
"UpdateReplacePolicy": "Delete",
|
|
397
|
+
"DeletionPolicy": "Delete",
|
|
335
398
|
"Metadata": {
|
|
336
399
|
"cfn_nag": {
|
|
337
400
|
"rules_to_suppress": [
|
|
@@ -385,6 +448,45 @@
|
|
|
385
448
|
}
|
|
386
449
|
]
|
|
387
450
|
},
|
|
451
|
+
{
|
|
452
|
+
"Action": [
|
|
453
|
+
"s3:DeleteObject*",
|
|
454
|
+
"s3:GetBucket*",
|
|
455
|
+
"s3:List*",
|
|
456
|
+
"s3:PutBucketPolicy"
|
|
457
|
+
],
|
|
458
|
+
"Effect": "Allow",
|
|
459
|
+
"Principal": {
|
|
460
|
+
"AWS": {
|
|
461
|
+
"Fn::GetAtt": [
|
|
462
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
|
|
463
|
+
"Arn"
|
|
464
|
+
]
|
|
465
|
+
}
|
|
466
|
+
},
|
|
467
|
+
"Resource": [
|
|
468
|
+
{
|
|
469
|
+
"Fn::GetAtt": [
|
|
470
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
|
|
471
|
+
"Arn"
|
|
472
|
+
]
|
|
473
|
+
},
|
|
474
|
+
{
|
|
475
|
+
"Fn::Join": [
|
|
476
|
+
"",
|
|
477
|
+
[
|
|
478
|
+
{
|
|
479
|
+
"Fn::GetAtt": [
|
|
480
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
|
|
481
|
+
"Arn"
|
|
482
|
+
]
|
|
483
|
+
},
|
|
484
|
+
"/*"
|
|
485
|
+
]
|
|
486
|
+
]
|
|
487
|
+
}
|
|
488
|
+
]
|
|
489
|
+
},
|
|
388
490
|
{
|
|
389
491
|
"Action": "s3:PutObject",
|
|
390
492
|
"Condition": {
|
|
@@ -426,6 +528,25 @@
|
|
|
426
528
|
}
|
|
427
529
|
}
|
|
428
530
|
},
|
|
531
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResource4FF8A4C5": {
|
|
532
|
+
"Type": "Custom::S3AutoDeleteObjects",
|
|
533
|
+
"Properties": {
|
|
534
|
+
"ServiceToken": {
|
|
535
|
+
"Fn::GetAtt": [
|
|
536
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
|
|
537
|
+
"Arn"
|
|
538
|
+
]
|
|
539
|
+
},
|
|
540
|
+
"BucketName": {
|
|
541
|
+
"Ref": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"
|
|
542
|
+
}
|
|
543
|
+
},
|
|
544
|
+
"DependsOn": [
|
|
545
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLogPolicy8F931BD7"
|
|
546
|
+
],
|
|
547
|
+
"UpdateReplacePolicy": "Delete",
|
|
548
|
+
"DeletionPolicy": "Delete"
|
|
549
|
+
},
|
|
429
550
|
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD": {
|
|
430
551
|
"Type": "AWS::S3::Bucket",
|
|
431
552
|
"Properties": {
|
|
@@ -457,12 +578,18 @@
|
|
|
457
578
|
"IgnorePublicAcls": true,
|
|
458
579
|
"RestrictPublicBuckets": true
|
|
459
580
|
},
|
|
581
|
+
"Tags": [
|
|
582
|
+
{
|
|
583
|
+
"Key": "aws-cdk:auto-delete-objects",
|
|
584
|
+
"Value": "true"
|
|
585
|
+
}
|
|
586
|
+
],
|
|
460
587
|
"VersioningConfiguration": {
|
|
461
588
|
"Status": "Enabled"
|
|
462
589
|
}
|
|
463
590
|
},
|
|
464
|
-
"UpdateReplacePolicy": "
|
|
465
|
-
"DeletionPolicy": "
|
|
591
|
+
"UpdateReplacePolicy": "Delete",
|
|
592
|
+
"DeletionPolicy": "Delete"
|
|
466
593
|
},
|
|
467
594
|
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketPolicy5E737735": {
|
|
468
595
|
"Type": "AWS::S3::BucketPolicy",
|
|
@@ -505,12 +632,70 @@
|
|
|
505
632
|
]
|
|
506
633
|
}
|
|
507
634
|
]
|
|
635
|
+
},
|
|
636
|
+
{
|
|
637
|
+
"Action": [
|
|
638
|
+
"s3:DeleteObject*",
|
|
639
|
+
"s3:GetBucket*",
|
|
640
|
+
"s3:List*",
|
|
641
|
+
"s3:PutBucketPolicy"
|
|
642
|
+
],
|
|
643
|
+
"Effect": "Allow",
|
|
644
|
+
"Principal": {
|
|
645
|
+
"AWS": {
|
|
646
|
+
"Fn::GetAtt": [
|
|
647
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
|
|
648
|
+
"Arn"
|
|
649
|
+
]
|
|
650
|
+
}
|
|
651
|
+
},
|
|
652
|
+
"Resource": [
|
|
653
|
+
{
|
|
654
|
+
"Fn::GetAtt": [
|
|
655
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
|
|
656
|
+
"Arn"
|
|
657
|
+
]
|
|
658
|
+
},
|
|
659
|
+
{
|
|
660
|
+
"Fn::Join": [
|
|
661
|
+
"",
|
|
662
|
+
[
|
|
663
|
+
{
|
|
664
|
+
"Fn::GetAtt": [
|
|
665
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
|
|
666
|
+
"Arn"
|
|
667
|
+
]
|
|
668
|
+
},
|
|
669
|
+
"/*"
|
|
670
|
+
]
|
|
671
|
+
]
|
|
672
|
+
}
|
|
673
|
+
]
|
|
508
674
|
}
|
|
509
675
|
],
|
|
510
676
|
"Version": "2012-10-17"
|
|
511
677
|
}
|
|
512
678
|
}
|
|
513
679
|
},
|
|
680
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAutoDeleteObjectsCustomResourceB088BCC7": {
|
|
681
|
+
"Type": "Custom::S3AutoDeleteObjects",
|
|
682
|
+
"Properties": {
|
|
683
|
+
"ServiceToken": {
|
|
684
|
+
"Fn::GetAtt": [
|
|
685
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
|
|
686
|
+
"Arn"
|
|
687
|
+
]
|
|
688
|
+
},
|
|
689
|
+
"BucketName": {
|
|
690
|
+
"Ref": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD"
|
|
691
|
+
}
|
|
692
|
+
},
|
|
693
|
+
"DependsOn": [
|
|
694
|
+
"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketPolicy5E737735"
|
|
695
|
+
],
|
|
696
|
+
"UpdateReplacePolicy": "Delete",
|
|
697
|
+
"DeletionPolicy": "Delete"
|
|
698
|
+
},
|
|
514
699
|
"testcloudfronts3cmkencryptionkeyCloudFrontOac4EFECBD9": {
|
|
515
700
|
"Type": "AWS::CloudFront::OriginAccessControl",
|
|
516
701
|
"Properties": {
|
|
@@ -909,6 +1094,82 @@
|
|
|
909
1094
|
},
|
|
910
1095
|
"UpdateReplacePolicy": "Delete",
|
|
911
1096
|
"DeletionPolicy": "Delete"
|
|
1097
|
+
},
|
|
1098
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
|
|
1099
|
+
"Type": "AWS::IAM::Role",
|
|
1100
|
+
"Properties": {
|
|
1101
|
+
"AssumeRolePolicyDocument": {
|
|
1102
|
+
"Version": "2012-10-17",
|
|
1103
|
+
"Statement": [
|
|
1104
|
+
{
|
|
1105
|
+
"Action": "sts:AssumeRole",
|
|
1106
|
+
"Effect": "Allow",
|
|
1107
|
+
"Principal": {
|
|
1108
|
+
"Service": "lambda.amazonaws.com"
|
|
1109
|
+
}
|
|
1110
|
+
}
|
|
1111
|
+
]
|
|
1112
|
+
},
|
|
1113
|
+
"ManagedPolicyArns": [
|
|
1114
|
+
{
|
|
1115
|
+
"Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
|
|
1116
|
+
}
|
|
1117
|
+
]
|
|
1118
|
+
}
|
|
1119
|
+
},
|
|
1120
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
|
|
1121
|
+
"Type": "AWS::Lambda::Function",
|
|
1122
|
+
"Properties": {
|
|
1123
|
+
"Code": {
|
|
1124
|
+
"S3Bucket": {
|
|
1125
|
+
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
|
|
1126
|
+
},
|
|
1127
|
+
"S3Key": "2eb6a831b107939f63cfebf68e6316e1a40f79fc99cae0fee9b333bac8d29bc4.zip"
|
|
1128
|
+
},
|
|
1129
|
+
"Timeout": 900,
|
|
1130
|
+
"MemorySize": 128,
|
|
1131
|
+
"Handler": "index.handler",
|
|
1132
|
+
"Role": {
|
|
1133
|
+
"Fn::GetAtt": [
|
|
1134
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
|
|
1135
|
+
"Arn"
|
|
1136
|
+
]
|
|
1137
|
+
},
|
|
1138
|
+
"Runtime": "nodejs18.x",
|
|
1139
|
+
"Description": {
|
|
1140
|
+
"Fn::Join": [
|
|
1141
|
+
"",
|
|
1142
|
+
[
|
|
1143
|
+
"Lambda function for auto-deleting objects in ",
|
|
1144
|
+
{
|
|
1145
|
+
"Ref": "testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"
|
|
1146
|
+
},
|
|
1147
|
+
" S3 bucket."
|
|
1148
|
+
]
|
|
1149
|
+
]
|
|
1150
|
+
}
|
|
1151
|
+
},
|
|
1152
|
+
"DependsOn": [
|
|
1153
|
+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
|
|
1154
|
+
],
|
|
1155
|
+
"Metadata": {
|
|
1156
|
+
"cfn_nag": {
|
|
1157
|
+
"rules_to_suppress": [
|
|
1158
|
+
{
|
|
1159
|
+
"id": "W58",
|
|
1160
|
+
"reason": "CDK generated custom resource"
|
|
1161
|
+
},
|
|
1162
|
+
{
|
|
1163
|
+
"id": "W89",
|
|
1164
|
+
"reason": "CDK generated custom resource"
|
|
1165
|
+
},
|
|
1166
|
+
{
|
|
1167
|
+
"id": "W92",
|
|
1168
|
+
"reason": "CDK generated custom resource"
|
|
1169
|
+
}
|
|
1170
|
+
]
|
|
1171
|
+
}
|
|
1172
|
+
}
|
|
912
1173
|
}
|
|
913
1174
|
},
|
|
914
1175
|
"Parameters": {
|
|
@@ -66,7 +66,7 @@
|
|
|
66
66
|
"validateOnSynth": false,
|
|
67
67
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
|
|
68
68
|
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
|
|
69
|
-
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/
|
|
69
|
+
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b600c632d91d6de51136e0e11d2d67dc6ae69d623784688738a75e56ccf845bf.json",
|
|
70
70
|
"requiresBootstrapStackVersion": 6,
|
|
71
71
|
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
|
|
72
72
|
"additionalDependencies": [
|
|
@@ -100,6 +100,12 @@
|
|
|
100
100
|
"data": "testcloudfronts3cmkencryptionkeyS3LoggingBucketPolicyF38CB6DD"
|
|
101
101
|
}
|
|
102
102
|
],
|
|
103
|
+
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default": [
|
|
104
|
+
{
|
|
105
|
+
"type": "aws:cdk:logicalId",
|
|
106
|
+
"data": "testcloudfronts3cmkencryptionkeyS3LoggingBucketAutoDeleteObjectsCustomResource69EF1373"
|
|
107
|
+
}
|
|
108
|
+
],
|
|
103
109
|
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Resource": [
|
|
104
110
|
{
|
|
105
111
|
"type": "aws:cdk:logicalId",
|
|
@@ -124,6 +130,12 @@
|
|
|
124
130
|
"data": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLogPolicy8F931BD7"
|
|
125
131
|
}
|
|
126
132
|
],
|
|
133
|
+
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default": [
|
|
134
|
+
{
|
|
135
|
+
"type": "aws:cdk:logicalId",
|
|
136
|
+
"data": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResource4FF8A4C5"
|
|
137
|
+
}
|
|
138
|
+
],
|
|
127
139
|
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Resource": [
|
|
128
140
|
{
|
|
129
141
|
"type": "aws:cdk:logicalId",
|
|
@@ -136,6 +148,12 @@
|
|
|
136
148
|
"data": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketPolicy5E737735"
|
|
137
149
|
}
|
|
138
150
|
],
|
|
151
|
+
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default": [
|
|
152
|
+
{
|
|
153
|
+
"type": "aws:cdk:logicalId",
|
|
154
|
+
"data": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAutoDeleteObjectsCustomResourceB088BCC7"
|
|
155
|
+
}
|
|
156
|
+
],
|
|
139
157
|
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontOac": [
|
|
140
158
|
{
|
|
141
159
|
"type": "aws:cdk:logicalId",
|
|
@@ -196,34 +214,28 @@
|
|
|
196
214
|
"data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdaterFAFEBF0F"
|
|
197
215
|
}
|
|
198
216
|
],
|
|
199
|
-
"/cfts3-cmk-provided-as-bucket-prop/
|
|
217
|
+
"/cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [
|
|
200
218
|
{
|
|
201
219
|
"type": "aws:cdk:logicalId",
|
|
202
|
-
"data": "
|
|
220
|
+
"data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
|
|
203
221
|
}
|
|
204
222
|
],
|
|
205
|
-
"/cfts3-cmk-provided-as-bucket-prop/
|
|
223
|
+
"/cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [
|
|
206
224
|
{
|
|
207
225
|
"type": "aws:cdk:logicalId",
|
|
208
|
-
"data": "
|
|
226
|
+
"data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F"
|
|
209
227
|
}
|
|
210
228
|
],
|
|
211
|
-
"
|
|
229
|
+
"/cfts3-cmk-provided-as-bucket-prop/BootstrapVersion": [
|
|
212
230
|
{
|
|
213
231
|
"type": "aws:cdk:logicalId",
|
|
214
|
-
"data": "
|
|
215
|
-
"trace": [
|
|
216
|
-
"!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
|
|
217
|
-
]
|
|
232
|
+
"data": "BootstrapVersion"
|
|
218
233
|
}
|
|
219
234
|
],
|
|
220
|
-
"
|
|
235
|
+
"/cfts3-cmk-provided-as-bucket-prop/CheckBootstrapVersion": [
|
|
221
236
|
{
|
|
222
237
|
"type": "aws:cdk:logicalId",
|
|
223
|
-
"data": "
|
|
224
|
-
"trace": [
|
|
225
|
-
"!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
|
|
226
|
-
]
|
|
238
|
+
"data": "CheckBootstrapVersion"
|
|
227
239
|
}
|
|
228
240
|
]
|
|
229
241
|
},
|