@aws-solutions-constructs/aws-cloudfront-s3 2.79.1 → 2.81.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. package/.jsii +44 -44
  2. package/lib/index.js +1 -1
  3. package/package.json +8 -8
  4. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca/cfn-response.js +1 -0
  5. package/test/{integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/outbound.js +1 -1
  6. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca/util.js +1 -0
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +6 -6
  9. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +55 -40
  10. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +1 -1
  11. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +1 -1
  12. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +481 -8
  13. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1 -1610
  14. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
  15. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +3 -3
  16. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +4 -4
  17. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +1 -1
  18. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +1 -1
  19. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +152 -4
  20. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +153 -45
  21. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca/cfn-response.js +1 -0
  22. package/test/{integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/outbound.js +1 -1
  23. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca/util.js +1 -0
  24. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -1
  25. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +6 -6
  26. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +55 -40
  27. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +1 -1
  28. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +1 -1
  29. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +474 -8
  30. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1 -1547
  31. package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -1
  32. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +3 -3
  33. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +4 -4
  34. package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +1 -1
  35. package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +1 -1
  36. package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +175 -4
  37. package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +174 -49
  38. package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -1
  39. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +3 -3
  40. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +4 -4
  41. package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +1 -1
  42. package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +1 -1
  43. package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +167 -4
  44. package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +167 -47
  45. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -1
  46. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +3 -3
  47. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +4 -4
  48. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +1 -1
  49. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +1 -1
  50. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +205 -4
  51. package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +199 -47
  52. package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -1
  53. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +3 -3
  54. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +4 -4
  55. package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +1 -1
  56. package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +1 -1
  57. package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +169 -4
  58. package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +168 -52
  59. package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -1
  60. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +3 -3
  61. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +4 -4
  62. package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +1 -1
  63. package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +1 -1
  64. package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +167 -4
  65. package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +167 -47
  66. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -1
  67. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.assets.json +3 -3
  68. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.template.json +4 -4
  69. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3nocloudfronts3accesslogsIntegDefaultTestDeployAssertAD28C87A.assets.json +1 -1
  70. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +1 -1
  71. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +111 -4
  72. package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +117 -35
  73. package/test/integ.cfts3-no-logging.js.snapshot/cdk.out +1 -1
  74. package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.assets.json +3 -3
  75. package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.template.json +4 -4
  76. package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.assets.json +1 -1
  77. package/test/integ.cfts3-no-logging.js.snapshot/integ.json +1 -1
  78. package/test/integ.cfts3-no-logging.js.snapshot/manifest.json +83 -4
  79. package/test/integ.cfts3-no-logging.js.snapshot/tree.json +92 -29
  80. package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -1
  81. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +3 -3
  82. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +4 -4
  83. package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +1 -1
  84. package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +1 -1
  85. package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +152 -4
  86. package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +153 -45
  87. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e/cfn-response.js +0 -1
  88. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e/util.js +0 -1
  89. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e/cfn-response.js +0 -1
  90. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e/util.js +0 -1
  91. /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/consts.js +0 -0
  92. /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/framework.js +0 -0
  93. /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/consts.js +0 -0
  94. /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e → asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca}/framework.js +0 -0
@@ -1,1610 +1 @@
1
- {
2
- "version": "tree-0.1",
3
- "tree": {
4
- "id": "App",
5
- "path": "",
6
- "children": {
7
- "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket": {
8
- "id": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket",
9
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket",
10
- "children": {
11
- "cmkKey": {
12
- "id": "cmkKey",
13
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/cmkKey",
14
- "children": {
15
- "Resource": {
16
- "id": "Resource",
17
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/cmkKey/Resource",
18
- "attributes": {
19
- "aws:cdk:cloudformation:type": "AWS::KMS::Key",
20
- "aws:cdk:cloudformation:props": {
21
- "enableKeyRotation": true,
22
- "keyPolicy": {
23
- "Statement": [
24
- {
25
- "Action": "kms:*",
26
- "Effect": "Allow",
27
- "Principal": {
28
- "AWS": {
29
- "Fn::Join": [
30
- "",
31
- [
32
- "arn:",
33
- {
34
- "Ref": "AWS::Partition"
35
- },
36
- ":iam::",
37
- {
38
- "Ref": "AWS::AccountId"
39
- },
40
- ":root"
41
- ]
42
- ]
43
- }
44
- },
45
- "Resource": "*"
46
- }
47
- ],
48
- "Version": "2012-10-17"
49
- }
50
- }
51
- },
52
- "constructInfo": {
53
- "fqn": "aws-cdk-lib.aws_kms.CfnKey",
54
- "version": "2.160.0"
55
- }
56
- }
57
- },
58
- "constructInfo": {
59
- "fqn": "aws-cdk-lib.aws_kms.Key",
60
- "version": "2.160.0"
61
- }
62
- },
63
- "existing-s3-bucket-encrypted-with-cmkS3LoggingBucket": {
64
- "id": "existing-s3-bucket-encrypted-with-cmkS3LoggingBucket",
65
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket",
66
- "children": {
67
- "Resource": {
68
- "id": "Resource",
69
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Resource",
70
- "attributes": {
71
- "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
72
- "aws:cdk:cloudformation:props": {
73
- "bucketEncryption": {
74
- "serverSideEncryptionConfiguration": [
75
- {
76
- "serverSideEncryptionByDefault": {
77
- "sseAlgorithm": "AES256"
78
- }
79
- }
80
- ]
81
- },
82
- "publicAccessBlockConfiguration": {
83
- "blockPublicAcls": true,
84
- "blockPublicPolicy": true,
85
- "ignorePublicAcls": true,
86
- "restrictPublicBuckets": true
87
- },
88
- "tags": [
89
- {
90
- "key": "aws-cdk:auto-delete-objects",
91
- "value": "true"
92
- }
93
- ],
94
- "versioningConfiguration": {
95
- "status": "Enabled"
96
- }
97
- }
98
- },
99
- "constructInfo": {
100
- "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
101
- "version": "2.160.0"
102
- }
103
- },
104
- "Policy": {
105
- "id": "Policy",
106
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Policy",
107
- "children": {
108
- "Resource": {
109
- "id": "Resource",
110
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Policy/Resource",
111
- "attributes": {
112
- "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
113
- "aws:cdk:cloudformation:props": {
114
- "bucket": {
115
- "Ref": "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B"
116
- },
117
- "policyDocument": {
118
- "Statement": [
119
- {
120
- "Action": "s3:*",
121
- "Condition": {
122
- "Bool": {
123
- "aws:SecureTransport": "false"
124
- }
125
- },
126
- "Effect": "Deny",
127
- "Principal": {
128
- "AWS": "*"
129
- },
130
- "Resource": [
131
- {
132
- "Fn::GetAtt": [
133
- "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B",
134
- "Arn"
135
- ]
136
- },
137
- {
138
- "Fn::Join": [
139
- "",
140
- [
141
- {
142
- "Fn::GetAtt": [
143
- "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B",
144
- "Arn"
145
- ]
146
- },
147
- "/*"
148
- ]
149
- ]
150
- }
151
- ]
152
- },
153
- {
154
- "Action": [
155
- "s3:DeleteObject*",
156
- "s3:GetBucket*",
157
- "s3:List*",
158
- "s3:PutBucketPolicy"
159
- ],
160
- "Effect": "Allow",
161
- "Principal": {
162
- "AWS": {
163
- "Fn::GetAtt": [
164
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
165
- "Arn"
166
- ]
167
- }
168
- },
169
- "Resource": [
170
- {
171
- "Fn::GetAtt": [
172
- "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B",
173
- "Arn"
174
- ]
175
- },
176
- {
177
- "Fn::Join": [
178
- "",
179
- [
180
- {
181
- "Fn::GetAtt": [
182
- "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B",
183
- "Arn"
184
- ]
185
- },
186
- "/*"
187
- ]
188
- ]
189
- }
190
- ]
191
- },
192
- {
193
- "Action": "s3:PutObject",
194
- "Condition": {
195
- "ArnLike": {
196
- "aws:SourceArn": {
197
- "Fn::GetAtt": [
198
- "existings3bucketencryptedwithcmkS3BucketCC461491",
199
- "Arn"
200
- ]
201
- }
202
- },
203
- "StringEquals": {
204
- "aws:SourceAccount": {
205
- "Ref": "AWS::AccountId"
206
- }
207
- }
208
- },
209
- "Effect": "Allow",
210
- "Principal": {
211
- "Service": "logging.s3.amazonaws.com"
212
- },
213
- "Resource": {
214
- "Fn::Join": [
215
- "",
216
- [
217
- {
218
- "Fn::GetAtt": [
219
- "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B",
220
- "Arn"
221
- ]
222
- },
223
- "/*"
224
- ]
225
- ]
226
- }
227
- }
228
- ],
229
- "Version": "2012-10-17"
230
- }
231
- }
232
- },
233
- "constructInfo": {
234
- "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
235
- "version": "2.160.0"
236
- }
237
- }
238
- },
239
- "constructInfo": {
240
- "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
241
- "version": "2.160.0"
242
- }
243
- },
244
- "AutoDeleteObjectsCustomResource": {
245
- "id": "AutoDeleteObjectsCustomResource",
246
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/AutoDeleteObjectsCustomResource",
247
- "children": {
248
- "Default": {
249
- "id": "Default",
250
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/AutoDeleteObjectsCustomResource/Default",
251
- "constructInfo": {
252
- "fqn": "aws-cdk-lib.CfnResource",
253
- "version": "2.160.0"
254
- }
255
- }
256
- },
257
- "constructInfo": {
258
- "fqn": "aws-cdk-lib.CustomResource",
259
- "version": "2.160.0"
260
- }
261
- }
262
- },
263
- "constructInfo": {
264
- "fqn": "aws-cdk-lib.aws_s3.Bucket",
265
- "version": "2.160.0"
266
- }
267
- },
268
- "LatestNodeRuntimeMap": {
269
- "id": "LatestNodeRuntimeMap",
270
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/LatestNodeRuntimeMap",
271
- "constructInfo": {
272
- "fqn": "aws-cdk-lib.CfnMapping",
273
- "version": "2.160.0"
274
- }
275
- },
276
- "Custom::S3AutoDeleteObjectsCustomResourceProvider": {
277
- "id": "Custom::S3AutoDeleteObjectsCustomResourceProvider",
278
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider",
279
- "children": {
280
- "Staging": {
281
- "id": "Staging",
282
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging",
283
- "constructInfo": {
284
- "fqn": "aws-cdk-lib.AssetStaging",
285
- "version": "2.160.0"
286
- }
287
- },
288
- "Role": {
289
- "id": "Role",
290
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role",
291
- "constructInfo": {
292
- "fqn": "aws-cdk-lib.CfnResource",
293
- "version": "2.160.0"
294
- }
295
- },
296
- "Handler": {
297
- "id": "Handler",
298
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler",
299
- "constructInfo": {
300
- "fqn": "aws-cdk-lib.CfnResource",
301
- "version": "2.160.0"
302
- }
303
- }
304
- },
305
- "constructInfo": {
306
- "fqn": "aws-cdk-lib.CustomResourceProviderBase",
307
- "version": "2.160.0"
308
- }
309
- },
310
- "existing-s3-bucket-encrypted-with-cmkS3Bucket": {
311
- "id": "existing-s3-bucket-encrypted-with-cmkS3Bucket",
312
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket",
313
- "children": {
314
- "Resource": {
315
- "id": "Resource",
316
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Resource",
317
- "attributes": {
318
- "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
319
- "aws:cdk:cloudformation:props": {
320
- "bucketEncryption": {
321
- "serverSideEncryptionConfiguration": [
322
- {
323
- "serverSideEncryptionByDefault": {
324
- "sseAlgorithm": "aws:kms",
325
- "kmsMasterKeyId": {
326
- "Fn::GetAtt": [
327
- "cmkKey598B20B2",
328
- "Arn"
329
- ]
330
- }
331
- }
332
- }
333
- ]
334
- },
335
- "lifecycleConfiguration": {
336
- "rules": [
337
- {
338
- "noncurrentVersionTransitions": [
339
- {
340
- "storageClass": "GLACIER",
341
- "transitionInDays": 90
342
- }
343
- ],
344
- "status": "Enabled"
345
- }
346
- ]
347
- },
348
- "loggingConfiguration": {
349
- "destinationBucketName": {
350
- "Ref": "existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B"
351
- }
352
- },
353
- "publicAccessBlockConfiguration": {
354
- "blockPublicAcls": true,
355
- "blockPublicPolicy": true,
356
- "ignorePublicAcls": true,
357
- "restrictPublicBuckets": true
358
- },
359
- "tags": [
360
- {
361
- "key": "aws-cdk:auto-delete-objects",
362
- "value": "true"
363
- }
364
- ],
365
- "versioningConfiguration": {
366
- "status": "Enabled"
367
- }
368
- }
369
- },
370
- "constructInfo": {
371
- "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
372
- "version": "2.160.0"
373
- }
374
- },
375
- "Policy": {
376
- "id": "Policy",
377
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Policy",
378
- "children": {
379
- "Resource": {
380
- "id": "Resource",
381
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Policy/Resource",
382
- "attributes": {
383
- "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
384
- "aws:cdk:cloudformation:props": {
385
- "bucket": {
386
- "Ref": "existings3bucketencryptedwithcmkS3BucketCC461491"
387
- },
388
- "policyDocument": {
389
- "Statement": [
390
- {
391
- "Action": "s3:*",
392
- "Condition": {
393
- "Bool": {
394
- "aws:SecureTransport": "false"
395
- }
396
- },
397
- "Effect": "Deny",
398
- "Principal": {
399
- "AWS": "*"
400
- },
401
- "Resource": [
402
- {
403
- "Fn::GetAtt": [
404
- "existings3bucketencryptedwithcmkS3BucketCC461491",
405
- "Arn"
406
- ]
407
- },
408
- {
409
- "Fn::Join": [
410
- "",
411
- [
412
- {
413
- "Fn::GetAtt": [
414
- "existings3bucketencryptedwithcmkS3BucketCC461491",
415
- "Arn"
416
- ]
417
- },
418
- "/*"
419
- ]
420
- ]
421
- }
422
- ]
423
- },
424
- {
425
- "Action": [
426
- "s3:DeleteObject*",
427
- "s3:GetBucket*",
428
- "s3:List*",
429
- "s3:PutBucketPolicy"
430
- ],
431
- "Effect": "Allow",
432
- "Principal": {
433
- "AWS": {
434
- "Fn::GetAtt": [
435
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
436
- "Arn"
437
- ]
438
- }
439
- },
440
- "Resource": [
441
- {
442
- "Fn::GetAtt": [
443
- "existings3bucketencryptedwithcmkS3BucketCC461491",
444
- "Arn"
445
- ]
446
- },
447
- {
448
- "Fn::Join": [
449
- "",
450
- [
451
- {
452
- "Fn::GetAtt": [
453
- "existings3bucketencryptedwithcmkS3BucketCC461491",
454
- "Arn"
455
- ]
456
- },
457
- "/*"
458
- ]
459
- ]
460
- }
461
- ]
462
- },
463
- {
464
- "Action": "s3:GetObject",
465
- "Condition": {
466
- "StringEquals": {
467
- "AWS:SourceArn": {
468
- "Fn::Join": [
469
- "",
470
- [
471
- "arn:",
472
- {
473
- "Ref": "AWS::Partition"
474
- },
475
- ":cloudfront::",
476
- {
477
- "Ref": "AWS::AccountId"
478
- },
479
- ":distribution/",
480
- {
481
- "Ref": "testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"
482
- }
483
- ]
484
- ]
485
- }
486
- }
487
- },
488
- "Effect": "Allow",
489
- "Principal": {
490
- "Service": "cloudfront.amazonaws.com"
491
- },
492
- "Resource": {
493
- "Fn::Join": [
494
- "",
495
- [
496
- {
497
- "Fn::GetAtt": [
498
- "existings3bucketencryptedwithcmkS3BucketCC461491",
499
- "Arn"
500
- ]
501
- },
502
- "/*"
503
- ]
504
- ]
505
- }
506
- }
507
- ],
508
- "Version": "2012-10-17"
509
- }
510
- }
511
- },
512
- "constructInfo": {
513
- "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
514
- "version": "2.160.0"
515
- }
516
- }
517
- },
518
- "constructInfo": {
519
- "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
520
- "version": "2.160.0"
521
- }
522
- },
523
- "AutoDeleteObjectsCustomResource": {
524
- "id": "AutoDeleteObjectsCustomResource",
525
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/AutoDeleteObjectsCustomResource",
526
- "children": {
527
- "Default": {
528
- "id": "Default",
529
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/AutoDeleteObjectsCustomResource/Default",
530
- "constructInfo": {
531
- "fqn": "aws-cdk-lib.CfnResource",
532
- "version": "2.160.0"
533
- }
534
- }
535
- },
536
- "constructInfo": {
537
- "fqn": "aws-cdk-lib.CustomResource",
538
- "version": "2.160.0"
539
- }
540
- }
541
- },
542
- "constructInfo": {
543
- "fqn": "aws-cdk-lib.aws_s3.Bucket",
544
- "version": "2.160.0"
545
- }
546
- },
547
- "test-cloudfront-s3-cmk-encryption-key": {
548
- "id": "test-cloudfront-s3-cmk-encryption-key",
549
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key",
550
- "children": {
551
- "CloudfrontLoggingBucketAccessLog": {
552
- "id": "CloudfrontLoggingBucketAccessLog",
553
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog",
554
- "children": {
555
- "Resource": {
556
- "id": "Resource",
557
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Resource",
558
- "attributes": {
559
- "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
560
- "aws:cdk:cloudformation:props": {
561
- "bucketEncryption": {
562
- "serverSideEncryptionConfiguration": [
563
- {
564
- "serverSideEncryptionByDefault": {
565
- "sseAlgorithm": "AES256"
566
- }
567
- }
568
- ]
569
- },
570
- "publicAccessBlockConfiguration": {
571
- "blockPublicAcls": true,
572
- "blockPublicPolicy": true,
573
- "ignorePublicAcls": true,
574
- "restrictPublicBuckets": true
575
- },
576
- "tags": [
577
- {
578
- "key": "aws-cdk:auto-delete-objects",
579
- "value": "true"
580
- }
581
- ],
582
- "versioningConfiguration": {
583
- "status": "Enabled"
584
- }
585
- }
586
- },
587
- "constructInfo": {
588
- "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
589
- "version": "2.160.0"
590
- }
591
- },
592
- "Policy": {
593
- "id": "Policy",
594
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy",
595
- "children": {
596
- "Resource": {
597
- "id": "Resource",
598
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy/Resource",
599
- "attributes": {
600
- "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
601
- "aws:cdk:cloudformation:props": {
602
- "bucket": {
603
- "Ref": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"
604
- },
605
- "policyDocument": {
606
- "Statement": [
607
- {
608
- "Action": "s3:*",
609
- "Condition": {
610
- "Bool": {
611
- "aws:SecureTransport": "false"
612
- }
613
- },
614
- "Effect": "Deny",
615
- "Principal": {
616
- "AWS": "*"
617
- },
618
- "Resource": [
619
- {
620
- "Fn::GetAtt": [
621
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
622
- "Arn"
623
- ]
624
- },
625
- {
626
- "Fn::Join": [
627
- "",
628
- [
629
- {
630
- "Fn::GetAtt": [
631
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
632
- "Arn"
633
- ]
634
- },
635
- "/*"
636
- ]
637
- ]
638
- }
639
- ]
640
- },
641
- {
642
- "Action": [
643
- "s3:DeleteObject*",
644
- "s3:GetBucket*",
645
- "s3:List*",
646
- "s3:PutBucketPolicy"
647
- ],
648
- "Effect": "Allow",
649
- "Principal": {
650
- "AWS": {
651
- "Fn::GetAtt": [
652
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
653
- "Arn"
654
- ]
655
- }
656
- },
657
- "Resource": [
658
- {
659
- "Fn::GetAtt": [
660
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
661
- "Arn"
662
- ]
663
- },
664
- {
665
- "Fn::Join": [
666
- "",
667
- [
668
- {
669
- "Fn::GetAtt": [
670
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
671
- "Arn"
672
- ]
673
- },
674
- "/*"
675
- ]
676
- ]
677
- }
678
- ]
679
- },
680
- {
681
- "Action": "s3:PutObject",
682
- "Condition": {
683
- "ArnLike": {
684
- "aws:SourceArn": {
685
- "Fn::GetAtt": [
686
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
687
- "Arn"
688
- ]
689
- }
690
- },
691
- "StringEquals": {
692
- "aws:SourceAccount": {
693
- "Ref": "AWS::AccountId"
694
- }
695
- }
696
- },
697
- "Effect": "Allow",
698
- "Principal": {
699
- "Service": "logging.s3.amazonaws.com"
700
- },
701
- "Resource": {
702
- "Fn::Join": [
703
- "",
704
- [
705
- {
706
- "Fn::GetAtt": [
707
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C",
708
- "Arn"
709
- ]
710
- },
711
- "/*"
712
- ]
713
- ]
714
- }
715
- }
716
- ],
717
- "Version": "2012-10-17"
718
- }
719
- }
720
- },
721
- "constructInfo": {
722
- "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
723
- "version": "2.160.0"
724
- }
725
- }
726
- },
727
- "constructInfo": {
728
- "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
729
- "version": "2.160.0"
730
- }
731
- },
732
- "AutoDeleteObjectsCustomResource": {
733
- "id": "AutoDeleteObjectsCustomResource",
734
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource",
735
- "children": {
736
- "Default": {
737
- "id": "Default",
738
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default",
739
- "constructInfo": {
740
- "fqn": "aws-cdk-lib.CfnResource",
741
- "version": "2.160.0"
742
- }
743
- }
744
- },
745
- "constructInfo": {
746
- "fqn": "aws-cdk-lib.CustomResource",
747
- "version": "2.160.0"
748
- }
749
- }
750
- },
751
- "constructInfo": {
752
- "fqn": "aws-cdk-lib.aws_s3.Bucket",
753
- "version": "2.160.0"
754
- }
755
- },
756
- "CloudfrontLoggingBucket": {
757
- "id": "CloudfrontLoggingBucket",
758
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket",
759
- "children": {
760
- "Resource": {
761
- "id": "Resource",
762
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Resource",
763
- "attributes": {
764
- "aws:cdk:cloudformation:type": "AWS::S3::Bucket",
765
- "aws:cdk:cloudformation:props": {
766
- "bucketEncryption": {
767
- "serverSideEncryptionConfiguration": [
768
- {
769
- "serverSideEncryptionByDefault": {
770
- "sseAlgorithm": "AES256"
771
- }
772
- }
773
- ]
774
- },
775
- "loggingConfiguration": {
776
- "destinationBucketName": {
777
- "Ref": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"
778
- }
779
- },
780
- "ownershipControls": {
781
- "rules": [
782
- {
783
- "objectOwnership": "ObjectWriter"
784
- }
785
- ]
786
- },
787
- "publicAccessBlockConfiguration": {
788
- "blockPublicAcls": true,
789
- "blockPublicPolicy": true,
790
- "ignorePublicAcls": true,
791
- "restrictPublicBuckets": true
792
- },
793
- "tags": [
794
- {
795
- "key": "aws-cdk:auto-delete-objects",
796
- "value": "true"
797
- }
798
- ],
799
- "versioningConfiguration": {
800
- "status": "Enabled"
801
- }
802
- }
803
- },
804
- "constructInfo": {
805
- "fqn": "aws-cdk-lib.aws_s3.CfnBucket",
806
- "version": "2.160.0"
807
- }
808
- },
809
- "Policy": {
810
- "id": "Policy",
811
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy",
812
- "children": {
813
- "Resource": {
814
- "id": "Resource",
815
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy/Resource",
816
- "attributes": {
817
- "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy",
818
- "aws:cdk:cloudformation:props": {
819
- "bucket": {
820
- "Ref": "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD"
821
- },
822
- "policyDocument": {
823
- "Statement": [
824
- {
825
- "Action": "s3:*",
826
- "Condition": {
827
- "Bool": {
828
- "aws:SecureTransport": "false"
829
- }
830
- },
831
- "Effect": "Deny",
832
- "Principal": {
833
- "AWS": "*"
834
- },
835
- "Resource": [
836
- {
837
- "Fn::GetAtt": [
838
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
839
- "Arn"
840
- ]
841
- },
842
- {
843
- "Fn::Join": [
844
- "",
845
- [
846
- {
847
- "Fn::GetAtt": [
848
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
849
- "Arn"
850
- ]
851
- },
852
- "/*"
853
- ]
854
- ]
855
- }
856
- ]
857
- },
858
- {
859
- "Action": [
860
- "s3:DeleteObject*",
861
- "s3:GetBucket*",
862
- "s3:List*",
863
- "s3:PutBucketPolicy"
864
- ],
865
- "Effect": "Allow",
866
- "Principal": {
867
- "AWS": {
868
- "Fn::GetAtt": [
869
- "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
870
- "Arn"
871
- ]
872
- }
873
- },
874
- "Resource": [
875
- {
876
- "Fn::GetAtt": [
877
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
878
- "Arn"
879
- ]
880
- },
881
- {
882
- "Fn::Join": [
883
- "",
884
- [
885
- {
886
- "Fn::GetAtt": [
887
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
888
- "Arn"
889
- ]
890
- },
891
- "/*"
892
- ]
893
- ]
894
- }
895
- ]
896
- }
897
- ],
898
- "Version": "2012-10-17"
899
- }
900
- }
901
- },
902
- "constructInfo": {
903
- "fqn": "aws-cdk-lib.aws_s3.CfnBucketPolicy",
904
- "version": "2.160.0"
905
- }
906
- }
907
- },
908
- "constructInfo": {
909
- "fqn": "aws-cdk-lib.aws_s3.BucketPolicy",
910
- "version": "2.160.0"
911
- }
912
- },
913
- "AutoDeleteObjectsCustomResource": {
914
- "id": "AutoDeleteObjectsCustomResource",
915
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource",
916
- "children": {
917
- "Default": {
918
- "id": "Default",
919
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default",
920
- "constructInfo": {
921
- "fqn": "aws-cdk-lib.CfnResource",
922
- "version": "2.160.0"
923
- }
924
- }
925
- },
926
- "constructInfo": {
927
- "fqn": "aws-cdk-lib.CustomResource",
928
- "version": "2.160.0"
929
- }
930
- }
931
- },
932
- "constructInfo": {
933
- "fqn": "aws-cdk-lib.aws_s3.Bucket",
934
- "version": "2.160.0"
935
- }
936
- },
937
- "CloudFrontOac": {
938
- "id": "CloudFrontOac",
939
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontOac",
940
- "attributes": {
941
- "aws:cdk:cloudformation:type": "AWS::CloudFront::OriginAccessControl",
942
- "aws:cdk:cloudformation:props": {
943
- "originAccessControlConfig": {
944
- "name": {
945
- "Fn::Join": [
946
- "",
947
- [
948
- "aws-cloudfront-s3-testn-key-",
949
- {
950
- "Fn::Select": [
951
- 2,
952
- {
953
- "Fn::Split": [
954
- "/",
955
- {
956
- "Ref": "AWS::StackId"
957
- }
958
- ]
959
- }
960
- ]
961
- }
962
- ]
963
- ]
964
- },
965
- "originAccessControlOriginType": "s3",
966
- "signingBehavior": "always",
967
- "signingProtocol": "sigv4",
968
- "description": "Origin access control provisioned by aws-cloudfront-s3"
969
- }
970
- }
971
- },
972
- "constructInfo": {
973
- "fqn": "aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl",
974
- "version": "2.160.0"
975
- }
976
- },
977
- "CloudFrontDistribution": {
978
- "id": "CloudFrontDistribution",
979
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution",
980
- "children": {
981
- "Origin1": {
982
- "id": "Origin1",
983
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Origin1",
984
- "constructInfo": {
985
- "fqn": "constructs.Construct",
986
- "version": "10.3.0"
987
- }
988
- },
989
- "Resource": {
990
- "id": "Resource",
991
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Resource",
992
- "attributes": {
993
- "aws:cdk:cloudformation:type": "AWS::CloudFront::Distribution",
994
- "aws:cdk:cloudformation:props": {
995
- "distributionConfig": {
996
- "enabled": true,
997
- "origins": [
998
- {
999
- "domainName": {
1000
- "Fn::GetAtt": [
1001
- "existings3bucketencryptedwithcmkS3BucketCC461491",
1002
- "RegionalDomainName"
1003
- ]
1004
- },
1005
- "id": "cfts3bucketencryptedwithcmkprovidedasexistingbuckettestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin128E2E2A5",
1006
- "s3OriginConfig": {
1007
- "originAccessIdentity": ""
1008
- }
1009
- }
1010
- ],
1011
- "defaultCacheBehavior": {
1012
- "pathPattern": "*",
1013
- "targetOriginId": "cfts3bucketencryptedwithcmkprovidedasexistingbuckettestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin128E2E2A5",
1014
- "cachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
1015
- "compress": true,
1016
- "viewerProtocolPolicy": "redirect-to-https"
1017
- },
1018
- "defaultRootObject": "index.html",
1019
- "httpVersion": "http2",
1020
- "ipv6Enabled": true,
1021
- "logging": {
1022
- "bucket": {
1023
- "Fn::GetAtt": [
1024
- "testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD",
1025
- "RegionalDomainName"
1026
- ]
1027
- }
1028
- }
1029
- }
1030
- }
1031
- },
1032
- "constructInfo": {
1033
- "fqn": "aws-cdk-lib.aws_cloudfront.CfnDistribution",
1034
- "version": "2.160.0"
1035
- }
1036
- }
1037
- },
1038
- "constructInfo": {
1039
- "fqn": "aws-cdk-lib.aws_cloudfront.Distribution",
1040
- "version": "2.160.0"
1041
- }
1042
- },
1043
- "LambdaFunctionServiceRole": {
1044
- "id": "LambdaFunctionServiceRole",
1045
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole",
1046
- "children": {
1047
- "ImportLambdaFunctionServiceRole": {
1048
- "id": "ImportLambdaFunctionServiceRole",
1049
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/ImportLambdaFunctionServiceRole",
1050
- "constructInfo": {
1051
- "fqn": "aws-cdk-lib.Resource",
1052
- "version": "2.160.0"
1053
- }
1054
- },
1055
- "Resource": {
1056
- "id": "Resource",
1057
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/Resource",
1058
- "attributes": {
1059
- "aws:cdk:cloudformation:type": "AWS::IAM::Role",
1060
- "aws:cdk:cloudformation:props": {
1061
- "assumeRolePolicyDocument": {
1062
- "Statement": [
1063
- {
1064
- "Action": "sts:AssumeRole",
1065
- "Effect": "Allow",
1066
- "Principal": {
1067
- "Service": "lambda.amazonaws.com"
1068
- }
1069
- }
1070
- ],
1071
- "Version": "2012-10-17"
1072
- },
1073
- "policies": [
1074
- {
1075
- "policyName": "LambdaFunctionServiceRolePolicy",
1076
- "policyDocument": {
1077
- "Statement": [
1078
- {
1079
- "Action": [
1080
- "logs:CreateLogGroup",
1081
- "logs:CreateLogStream",
1082
- "logs:PutLogEvents"
1083
- ],
1084
- "Effect": "Allow",
1085
- "Resource": {
1086
- "Fn::Join": [
1087
- "",
1088
- [
1089
- "arn:",
1090
- {
1091
- "Ref": "AWS::Partition"
1092
- },
1093
- ":logs:",
1094
- {
1095
- "Ref": "AWS::Region"
1096
- },
1097
- ":",
1098
- {
1099
- "Ref": "AWS::AccountId"
1100
- },
1101
- ":log-group:/aws/lambda/*"
1102
- ]
1103
- ]
1104
- }
1105
- }
1106
- ],
1107
- "Version": "2012-10-17"
1108
- }
1109
- }
1110
- ]
1111
- }
1112
- },
1113
- "constructInfo": {
1114
- "fqn": "aws-cdk-lib.aws_iam.CfnRole",
1115
- "version": "2.160.0"
1116
- }
1117
- },
1118
- "DefaultPolicy": {
1119
- "id": "DefaultPolicy",
1120
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/DefaultPolicy",
1121
- "children": {
1122
- "Resource": {
1123
- "id": "Resource",
1124
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/DefaultPolicy/Resource",
1125
- "attributes": {
1126
- "aws:cdk:cloudformation:type": "AWS::IAM::Policy",
1127
- "aws:cdk:cloudformation:props": {
1128
- "policyDocument": {
1129
- "Statement": [
1130
- {
1131
- "Action": [
1132
- "xray:PutTelemetryRecords",
1133
- "xray:PutTraceSegments"
1134
- ],
1135
- "Effect": "Allow",
1136
- "Resource": "*"
1137
- }
1138
- ],
1139
- "Version": "2012-10-17"
1140
- },
1141
- "policyName": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43",
1142
- "roles": [
1143
- {
1144
- "Ref": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
1145
- }
1146
- ]
1147
- }
1148
- },
1149
- "constructInfo": {
1150
- "fqn": "aws-cdk-lib.aws_iam.CfnPolicy",
1151
- "version": "2.160.0"
1152
- }
1153
- }
1154
- },
1155
- "constructInfo": {
1156
- "fqn": "aws-cdk-lib.aws_iam.Policy",
1157
- "version": "2.160.0"
1158
- }
1159
- }
1160
- },
1161
- "constructInfo": {
1162
- "fqn": "aws-cdk-lib.aws_iam.Role",
1163
- "version": "2.160.0"
1164
- }
1165
- },
1166
- "LambdaFunction": {
1167
- "id": "LambdaFunction",
1168
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction",
1169
- "children": {
1170
- "Code": {
1171
- "id": "Code",
1172
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code",
1173
- "children": {
1174
- "Stage": {
1175
- "id": "Stage",
1176
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/Stage",
1177
- "constructInfo": {
1178
- "fqn": "aws-cdk-lib.AssetStaging",
1179
- "version": "2.160.0"
1180
- }
1181
- },
1182
- "AssetBucket": {
1183
- "id": "AssetBucket",
1184
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/AssetBucket",
1185
- "constructInfo": {
1186
- "fqn": "aws-cdk-lib.aws_s3.BucketBase",
1187
- "version": "2.160.0"
1188
- }
1189
- }
1190
- },
1191
- "constructInfo": {
1192
- "fqn": "aws-cdk-lib.aws_s3_assets.Asset",
1193
- "version": "2.160.0"
1194
- }
1195
- },
1196
- "Resource": {
1197
- "id": "Resource",
1198
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource",
1199
- "attributes": {
1200
- "aws:cdk:cloudformation:type": "AWS::Lambda::Function",
1201
- "aws:cdk:cloudformation:props": {
1202
- "code": {
1203
- "s3Bucket": {
1204
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
1205
- },
1206
- "s3Key": "e97825c838d70ceb13ba2f6223a7d94ed35687b70bfb224a0b9128e698e3f28e.zip"
1207
- },
1208
- "description": "Custom resource function that updates a provided key policy to allow CloudFront access.",
1209
- "environment": {
1210
- "variables": {
1211
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
1212
- }
1213
- },
1214
- "handler": "index.handler",
1215
- "role": {
1216
- "Fn::GetAtt": [
1217
- "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D",
1218
- "Arn"
1219
- ]
1220
- },
1221
- "runtime": "nodejs20.x",
1222
- "tracingConfig": {
1223
- "mode": "Active"
1224
- }
1225
- }
1226
- },
1227
- "constructInfo": {
1228
- "fqn": "aws-cdk-lib.aws_lambda.CfnFunction",
1229
- "version": "2.160.0"
1230
- }
1231
- }
1232
- },
1233
- "constructInfo": {
1234
- "fqn": "aws-cdk-lib.aws_lambda.Function",
1235
- "version": "2.160.0"
1236
- }
1237
- },
1238
- "test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy": {
1239
- "id": "test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy",
1240
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy",
1241
- "children": {
1242
- "Resource": {
1243
- "id": "Resource",
1244
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy/Resource",
1245
- "attributes": {
1246
- "aws:cdk:cloudformation:type": "AWS::IAM::Policy",
1247
- "aws:cdk:cloudformation:props": {
1248
- "policyDocument": {
1249
- "Statement": [
1250
- {
1251
- "Action": [
1252
- "kms:DescribeKey",
1253
- "kms:GetKeyPolicy",
1254
- "kms:PutKeyPolicy"
1255
- ],
1256
- "Effect": "Allow",
1257
- "Resource": {
1258
- "Fn::GetAtt": [
1259
- "cmkKey598B20B2",
1260
- "Arn"
1261
- ]
1262
- }
1263
- }
1264
- ],
1265
- "Version": "2012-10-17"
1266
- },
1267
- "policyName": "testcloudfronts3cmkencryptionkeytestcloudfronts3cmkencryptionkeyResourceCmkPolicyBD4BA975",
1268
- "roles": [
1269
- {
1270
- "Ref": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
1271
- }
1272
- ]
1273
- }
1274
- },
1275
- "constructInfo": {
1276
- "fqn": "aws-cdk-lib.aws_iam.CfnPolicy",
1277
- "version": "2.160.0"
1278
- }
1279
- }
1280
- },
1281
- "constructInfo": {
1282
- "fqn": "aws-cdk-lib.aws_iam.Policy",
1283
- "version": "2.160.0"
1284
- }
1285
- },
1286
- "KmsKeyPolicyUpdateProvider": {
1287
- "id": "KmsKeyPolicyUpdateProvider",
1288
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider",
1289
- "children": {
1290
- "framework-onEvent": {
1291
- "id": "framework-onEvent",
1292
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent",
1293
- "children": {
1294
- "ServiceRole": {
1295
- "id": "ServiceRole",
1296
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole",
1297
- "children": {
1298
- "ImportServiceRole": {
1299
- "id": "ImportServiceRole",
1300
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/ImportServiceRole",
1301
- "constructInfo": {
1302
- "fqn": "aws-cdk-lib.Resource",
1303
- "version": "2.160.0"
1304
- }
1305
- },
1306
- "Resource": {
1307
- "id": "Resource",
1308
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/Resource",
1309
- "attributes": {
1310
- "aws:cdk:cloudformation:type": "AWS::IAM::Role",
1311
- "aws:cdk:cloudformation:props": {
1312
- "assumeRolePolicyDocument": {
1313
- "Statement": [
1314
- {
1315
- "Action": "sts:AssumeRole",
1316
- "Effect": "Allow",
1317
- "Principal": {
1318
- "Service": "lambda.amazonaws.com"
1319
- }
1320
- }
1321
- ],
1322
- "Version": "2012-10-17"
1323
- },
1324
- "managedPolicyArns": [
1325
- {
1326
- "Fn::Join": [
1327
- "",
1328
- [
1329
- "arn:",
1330
- {
1331
- "Ref": "AWS::Partition"
1332
- },
1333
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
1334
- ]
1335
- ]
1336
- }
1337
- ]
1338
- }
1339
- },
1340
- "constructInfo": {
1341
- "fqn": "aws-cdk-lib.aws_iam.CfnRole",
1342
- "version": "2.160.0"
1343
- }
1344
- },
1345
- "DefaultPolicy": {
1346
- "id": "DefaultPolicy",
1347
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy",
1348
- "children": {
1349
- "Resource": {
1350
- "id": "Resource",
1351
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource",
1352
- "attributes": {
1353
- "aws:cdk:cloudformation:type": "AWS::IAM::Policy",
1354
- "aws:cdk:cloudformation:props": {
1355
- "policyDocument": {
1356
- "Statement": [
1357
- {
1358
- "Action": "lambda:InvokeFunction",
1359
- "Effect": "Allow",
1360
- "Resource": [
1361
- {
1362
- "Fn::GetAtt": [
1363
- "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E",
1364
- "Arn"
1365
- ]
1366
- },
1367
- {
1368
- "Fn::Join": [
1369
- "",
1370
- [
1371
- {
1372
- "Fn::GetAtt": [
1373
- "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E",
1374
- "Arn"
1375
- ]
1376
- },
1377
- ":*"
1378
- ]
1379
- ]
1380
- }
1381
- ]
1382
- }
1383
- ],
1384
- "Version": "2012-10-17"
1385
- },
1386
- "policyName": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751",
1387
- "roles": [
1388
- {
1389
- "Ref": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"
1390
- }
1391
- ]
1392
- }
1393
- },
1394
- "constructInfo": {
1395
- "fqn": "aws-cdk-lib.aws_iam.CfnPolicy",
1396
- "version": "2.160.0"
1397
- }
1398
- }
1399
- },
1400
- "constructInfo": {
1401
- "fqn": "aws-cdk-lib.aws_iam.Policy",
1402
- "version": "2.160.0"
1403
- }
1404
- }
1405
- },
1406
- "constructInfo": {
1407
- "fqn": "aws-cdk-lib.aws_iam.Role",
1408
- "version": "2.160.0"
1409
- }
1410
- },
1411
- "Code": {
1412
- "id": "Code",
1413
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code",
1414
- "children": {
1415
- "Stage": {
1416
- "id": "Stage",
1417
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/Stage",
1418
- "constructInfo": {
1419
- "fqn": "aws-cdk-lib.AssetStaging",
1420
- "version": "2.160.0"
1421
- }
1422
- },
1423
- "AssetBucket": {
1424
- "id": "AssetBucket",
1425
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/AssetBucket",
1426
- "constructInfo": {
1427
- "fqn": "aws-cdk-lib.aws_s3.BucketBase",
1428
- "version": "2.160.0"
1429
- }
1430
- }
1431
- },
1432
- "constructInfo": {
1433
- "fqn": "aws-cdk-lib.aws_s3_assets.Asset",
1434
- "version": "2.160.0"
1435
- }
1436
- },
1437
- "Resource": {
1438
- "id": "Resource",
1439
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource",
1440
- "attributes": {
1441
- "aws:cdk:cloudformation:type": "AWS::Lambda::Function",
1442
- "aws:cdk:cloudformation:props": {
1443
- "code": {
1444
- "s3Bucket": {
1445
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
1446
- },
1447
- "s3Key": "4dc48ffba382f93077a1e6824599bbd4ceb6f91eb3d9442eca3b85bdb1a20b1e.zip"
1448
- },
1449
- "description": "AWS CDK resource provider framework - onEvent (cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider)",
1450
- "environment": {
1451
- "variables": {
1452
- "USER_ON_EVENT_FUNCTION_ARN": {
1453
- "Fn::GetAtt": [
1454
- "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E",
1455
- "Arn"
1456
- ]
1457
- }
1458
- }
1459
- },
1460
- "handler": "framework.onEvent",
1461
- "role": {
1462
- "Fn::GetAtt": [
1463
- "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD",
1464
- "Arn"
1465
- ]
1466
- },
1467
- "runtime": {
1468
- "Fn::FindInMap": [
1469
- "LatestNodeRuntimeMap",
1470
- {
1471
- "Ref": "AWS::Region"
1472
- },
1473
- "value"
1474
- ]
1475
- },
1476
- "timeout": 900
1477
- }
1478
- },
1479
- "constructInfo": {
1480
- "fqn": "aws-cdk-lib.aws_lambda.CfnFunction",
1481
- "version": "2.160.0"
1482
- }
1483
- }
1484
- },
1485
- "constructInfo": {
1486
- "fqn": "aws-cdk-lib.aws_lambda.Function",
1487
- "version": "2.160.0"
1488
- }
1489
- }
1490
- },
1491
- "constructInfo": {
1492
- "fqn": "aws-cdk-lib.custom_resources.Provider",
1493
- "version": "2.160.0"
1494
- }
1495
- },
1496
- "KmsKeyPolicyUpdater": {
1497
- "id": "KmsKeyPolicyUpdater",
1498
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater",
1499
- "children": {
1500
- "Default": {
1501
- "id": "Default",
1502
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater/Default",
1503
- "constructInfo": {
1504
- "fqn": "aws-cdk-lib.CfnResource",
1505
- "version": "2.160.0"
1506
- }
1507
- }
1508
- },
1509
- "constructInfo": {
1510
- "fqn": "aws-cdk-lib.CustomResource",
1511
- "version": "2.160.0"
1512
- }
1513
- }
1514
- },
1515
- "constructInfo": {
1516
- "fqn": "@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3",
1517
- "version": "2.71.0"
1518
- }
1519
- },
1520
- "Integ": {
1521
- "id": "Integ",
1522
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ",
1523
- "children": {
1524
- "DefaultTest": {
1525
- "id": "DefaultTest",
1526
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest",
1527
- "children": {
1528
- "Default": {
1529
- "id": "Default",
1530
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/Default",
1531
- "constructInfo": {
1532
- "fqn": "constructs.Construct",
1533
- "version": "10.3.0"
1534
- }
1535
- },
1536
- "DeployAssert": {
1537
- "id": "DeployAssert",
1538
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert",
1539
- "children": {
1540
- "BootstrapVersion": {
1541
- "id": "BootstrapVersion",
1542
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion",
1543
- "constructInfo": {
1544
- "fqn": "aws-cdk-lib.CfnParameter",
1545
- "version": "2.160.0"
1546
- }
1547
- },
1548
- "CheckBootstrapVersion": {
1549
- "id": "CheckBootstrapVersion",
1550
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion",
1551
- "constructInfo": {
1552
- "fqn": "aws-cdk-lib.CfnRule",
1553
- "version": "2.160.0"
1554
- }
1555
- }
1556
- },
1557
- "constructInfo": {
1558
- "fqn": "aws-cdk-lib.Stack",
1559
- "version": "2.160.0"
1560
- }
1561
- }
1562
- },
1563
- "constructInfo": {
1564
- "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase",
1565
- "version": "2.160.0-alpha.0"
1566
- }
1567
- }
1568
- },
1569
- "constructInfo": {
1570
- "fqn": "@aws-cdk/integ-tests-alpha.IntegTest",
1571
- "version": "2.160.0-alpha.0"
1572
- }
1573
- },
1574
- "BootstrapVersion": {
1575
- "id": "BootstrapVersion",
1576
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/BootstrapVersion",
1577
- "constructInfo": {
1578
- "fqn": "aws-cdk-lib.CfnParameter",
1579
- "version": "2.160.0"
1580
- }
1581
- },
1582
- "CheckBootstrapVersion": {
1583
- "id": "CheckBootstrapVersion",
1584
- "path": "cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/CheckBootstrapVersion",
1585
- "constructInfo": {
1586
- "fqn": "aws-cdk-lib.CfnRule",
1587
- "version": "2.160.0"
1588
- }
1589
- }
1590
- },
1591
- "constructInfo": {
1592
- "fqn": "aws-cdk-lib.Stack",
1593
- "version": "2.160.0"
1594
- }
1595
- },
1596
- "Tree": {
1597
- "id": "Tree",
1598
- "path": "Tree",
1599
- "constructInfo": {
1600
- "fqn": "constructs.Construct",
1601
- "version": "10.3.0"
1602
- }
1603
- }
1604
- },
1605
- "constructInfo": {
1606
- "fqn": "aws-cdk-lib.App",
1607
- "version": "2.160.0"
1608
- }
1609
- }
1610
- }
1
+ {"version":"tree-0.1","tree":{"id":"App","path":"","children":{"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket":{"id":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket","children":{"cmkKey":{"id":"cmkKey","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/cmkKey","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/cmkKey/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::KMS::Key","aws:cdk:cloudformation:props":{"enableKeyRotation":true,"keyPolicy":{"Statement":[{"Action":"kms:*","Effect":"Allow","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_kms.CfnKey","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_kms.Key","version":"2.186.0","metadata":[{"enableKeyRotation":true,"removalPolicy":"destroy"}]}},"existing-s3-bucket-encrypted-with-cmkS3LoggingBucket":{"id":"existing-s3-bucket-encrypted-with-cmkS3LoggingBucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.186.0"}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Policy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/Policy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.186.0","metadata":[{"bucket":"*"}]}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/AutoDeleteObjectsCustomResource","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.186.0","metadata":["*"]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.186.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"2.186.0"}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider","children":{"Staging":{"id":"Staging","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.186.0"}},"Role":{"id":"Role","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}},"Handler":{"id":"Handler","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.186.0"}},"existing-s3-bucket-encrypted-with-cmkS3Bucket":{"id":"existing-s3-bucket-encrypted-with-cmkS3Bucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"aws:kms","kmsMasterKeyId":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"existings3bucketencryptedwithcmkS3LoggingBucket2B2DE39B"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.186.0"}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Policy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/Policy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwithcmkS3BucketCC461491"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.186.0","metadata":[{"bucket":"*"}]}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/AutoDeleteObjectsCustomResource","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/existing-s3-bucket-encrypted-with-cmkS3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.186.0","metadata":["*"]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.186.0","metadata":[{"encryption":"KMS","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","encryptionKey":"*","autoDeleteObjects":true},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]}},"test-cloudfront-s3-cmk-encryption-key":{"id":"test-cloudfront-s3-cmk-encryption-key","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key","children":{"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.186.0"}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.186.0","metadata":[{"bucket":"*"}]}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.186.0","metadata":["*"]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.186.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.186.0"}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.186.0","metadata":[{"bucket":"*"}]}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.186.0","metadata":["*"]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.186.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontOac","attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testn-key-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.186.0"}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution","children":{"Origin1":{"id":"Origin1","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["existings3bucketencryptedwithcmkS3BucketCC461491","RegionalDomainName"]},"id":"cfts3bucketencryptedwithcmkprovidedasexistingbuckettestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin128E2E2A5","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3bucketencryptedwithcmkprovidedasexistingbuckettestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin128E2E2A5","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","RegionalDomainName"]}}}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.186.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]}},"LambdaFunctionServiceRole":{"id":"LambdaFunctionServiceRole","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole","children":{"ImportLambdaFunctionServiceRole":{"id":"ImportLambdaFunctionServiceRole","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/ImportLambdaFunctionServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.186.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"policies":[{"policyName":"LambdaFunctionServiceRolePolicy","policyDocument":{"Statement":[{"Action":["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":log-group:/aws/lambda/*"]]}}],"Version":"2012-10-17"}}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.186.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"inlinePolicies":"*"},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]}},"LambdaFunction":{"id":"LambdaFunction","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction","children":{"Code":{"id":"Code","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code","children":{"Stage":{"id":"Stage","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.186.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.186.0","metadata":[]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.186.0"}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"e97825c838d70ceb13ba2f6223a7d94ed35687b70bfb224a0b9128e698e3f28e.zip"},"description":"Custom resource function that updates a provided key policy to allow CloudFront access.","environment":{"variables":{"AWS_NODEJS_CONNECTION_REUSE_ENABLED":"1"}},"handler":"index.handler","role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D","Arn"]},"runtime":"nodejs20.x","tracingConfig":{"mode":"Active"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.186.0"}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["xray:PutTelemetryRecords","xray:PutTraceSegments"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.186.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.186.0","metadata":[{"role":"*","tracing":"Active","runtime":"*","handler":"*","description":"*","timeout":"*","memorySize":"*","code":"*"},{"addEnvironment":["*","*",{"removeInEdge":true}]}]}},"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy":{"id":"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["kms:DescribeKey","kms:GetKeyPolicy","kms:PutKeyPolicy"],"Effect":"Allow","Resource":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeytestcloudfronts3cmkencryptionkeyResourceCmkPolicyBD4BA975","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.186.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]}},"KmsKeyPolicyUpdateProvider":{"id":"KmsKeyPolicyUpdateProvider","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider","children":{"framework-onEvent":{"id":"framework-onEvent","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent","children":{"ServiceRole":{"id":"ServiceRole","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole","children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.186.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.186.0"}},"DefaultPolicy":{"id":"DefaultPolicy","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},":*"]]}]}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.186.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.186.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]}},"Code":{"id":"Code","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code","children":{"Stage":{"id":"Stage","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.186.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.186.0","metadata":[]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.186.0"}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca.zip"},"description":"AWS CDK resource provider framework - onEvent (cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}},"handler":"framework.onEvent","role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}},"constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.186.0"}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0","children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource","attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.186.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]}}},"constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.186.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]}}},"constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"2.186.0"}},"KmsKeyPolicyUpdater":{"id":"KmsKeyPolicyUpdater","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.186.0","metadata":["*"]}}},"constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.80.0"}},"Integ":{"id":"Integ","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ","children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest","children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert","children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.186.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.186.0"}}},"constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.186.0-alpha.0"}}},"constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.186.0-alpha.0"}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.186.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.186.0"}}},"constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.186.0"}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}},"constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.186.0"}}}