@aws-solutions-constructs/aws-cloudfront-s3 2.80.0 → 2.82.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/.jsii +44 -5
  2. package/lib/index.js +1 -1
  3. package/package.json +8 -8
  4. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
  5. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +3 -3
  6. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +50 -45
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +1 -1
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +1 -1
  9. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +97 -55
  10. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1 -1917
  11. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -1
  12. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +3 -3
  13. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +50 -45
  14. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +1 -1
  15. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +1 -1
  16. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +97 -55
  17. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1 -1850
@@ -1 +1 @@
1
- {"version":"39.0.0"}
1
+ {"version":"40.0.0"}
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "39.0.0",
2
+ "version": "40.0.0",
3
3
  "files": {
4
4
  "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6": {
5
5
  "source": {
@@ -40,7 +40,7 @@
40
40
  }
41
41
  }
42
42
  },
43
- "4190e21590a33906d553643f1e5367652891d2131a7a7016d55b70395174b887": {
43
+ "daf2f7cf5337e2ab5094a2566cfb95e2fdff3b366ae075b9fd987342517eb3af": {
44
44
  "source": {
45
45
  "path": "cfts3-cmk-provided-as-bucket-prop.template.json",
46
46
  "packaging": "file"
@@ -48,7 +48,7 @@
48
48
  "destinations": {
49
49
  "current_account-current_region": {
50
50
  "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
51
- "objectKey": "4190e21590a33906d553643f1e5367652891d2131a7a7016d55b70395174b887.json",
51
+ "objectKey": "daf2f7cf5337e2ab5094a2566cfb95e2fdff3b366ae075b9fd987342517eb3af.json",
52
52
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
53
53
  }
54
54
  }
@@ -849,40 +849,6 @@
849
849
  }
850
850
  }
851
851
  },
852
- "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43": {
853
- "Type": "AWS::IAM::Policy",
854
- "Properties": {
855
- "PolicyDocument": {
856
- "Statement": [
857
- {
858
- "Action": [
859
- "xray:PutTelemetryRecords",
860
- "xray:PutTraceSegments"
861
- ],
862
- "Effect": "Allow",
863
- "Resource": "*"
864
- }
865
- ],
866
- "Version": "2012-10-17"
867
- },
868
- "PolicyName": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43",
869
- "Roles": [
870
- {
871
- "Ref": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
872
- }
873
- ]
874
- },
875
- "Metadata": {
876
- "cfn_nag": {
877
- "rules_to_suppress": [
878
- {
879
- "id": "W12",
880
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
881
- }
882
- ]
883
- }
884
- }
885
- },
886
852
  "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E": {
887
853
  "Type": "AWS::Lambda::Function",
888
854
  "Properties": {
@@ -911,7 +877,6 @@
911
877
  }
912
878
  },
913
879
  "DependsOn": [
914
- "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43",
915
880
  "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
916
881
  ],
917
882
  "Metadata": {
@@ -933,6 +898,30 @@
933
898
  }
934
899
  }
935
900
  },
901
+ "testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3": {
902
+ "Type": "AWS::IAM::Policy",
903
+ "Properties": {
904
+ "PolicyDocument": {
905
+ "Statement": [
906
+ {
907
+ "Action": [
908
+ "xray:PutTelemetryRecords",
909
+ "xray:PutTraceSegments"
910
+ ],
911
+ "Effect": "Allow",
912
+ "Resource": "*"
913
+ }
914
+ ],
915
+ "Version": "2012-10-17"
916
+ },
917
+ "PolicyName": "testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3",
918
+ "Roles": [
919
+ {
920
+ "Ref": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
921
+ }
922
+ ]
923
+ }
924
+ },
936
925
  "testcloudfronts3cmkencryptionkeytestcloudfronts3cmkencryptionkeyResourceCmkPolicyBD4BA975": {
937
926
  "Type": "AWS::IAM::Policy",
938
927
  "Properties": {
@@ -1024,16 +1013,6 @@
1024
1013
  ]
1025
1014
  }
1026
1015
  ]
1027
- },
1028
- {
1029
- "Action": "lambda:GetFunction",
1030
- "Effect": "Allow",
1031
- "Resource": {
1032
- "Fn::GetAtt": [
1033
- "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E",
1034
- "Arn"
1035
- ]
1036
- }
1037
1016
  }
1038
1017
  ],
1039
1018
  "Version": "2012-10-17"
@@ -1107,6 +1086,32 @@
1107
1086
  }
1108
1087
  }
1109
1088
  },
1089
+ "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010": {
1090
+ "Type": "AWS::IAM::Policy",
1091
+ "Properties": {
1092
+ "PolicyDocument": {
1093
+ "Statement": [
1094
+ {
1095
+ "Action": "lambda:GetFunction",
1096
+ "Effect": "Allow",
1097
+ "Resource": {
1098
+ "Fn::GetAtt": [
1099
+ "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E",
1100
+ "Arn"
1101
+ ]
1102
+ }
1103
+ }
1104
+ ],
1105
+ "Version": "2012-10-17"
1106
+ },
1107
+ "PolicyName": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010",
1108
+ "Roles": [
1109
+ {
1110
+ "Ref": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"
1111
+ }
1112
+ ]
1113
+ }
1114
+ },
1110
1115
  "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdaterFAFEBF0F": {
1111
1116
  "Type": "Custom::KmsKeyPolicyUpdater",
1112
1117
  "Properties": {
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "39.0.0",
2
+ "version": "40.0.0",
3
3
  "files": {
4
4
  "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
5
5
  "source": {
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "39.0.0",
2
+ "version": "40.0.0",
3
3
  "testCases": {
4
4
  "cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest": {
5
5
  "stacks": [
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "40.0.0",
2
+ "version": "42.0.0",
3
3
  "artifacts": {
4
4
  "cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets": {
5
5
  "type": "cdk:asset-manifest",
@@ -66,7 +66,7 @@
66
66
  "validateOnSynth": false,
67
67
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
68
68
  "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
69
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4190e21590a33906d553643f1e5367652891d2131a7a7016d55b70395174b887.json",
69
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/daf2f7cf5337e2ab5094a2566cfb95e2fdff3b366ae075b9fd987342517eb3af.json",
70
70
  "requiresBootstrapStackVersion": 6,
71
71
  "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
72
72
  "additionalDependencies": [
@@ -330,14 +330,6 @@
330
330
  "inlinePolicies": "*"
331
331
  }
332
332
  },
333
- {
334
- "type": "aws:cdk:analytics:method",
335
- "data": {
336
- "addToPrincipalPolicy": [
337
- {}
338
- ]
339
- }
340
- },
341
333
  {
342
334
  "type": "aws:cdk:analytics:method",
343
335
  "data": {
@@ -383,25 +375,44 @@
383
375
  "data": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"
384
376
  }
385
377
  ],
386
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/DefaultPolicy": [
378
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction": [
387
379
  {
388
380
  "type": "aws:cdk:analytics:construct",
389
- "data": "*"
381
+ "data": {
382
+ "role": "*",
383
+ "tracing": "Active",
384
+ "runtime": "*",
385
+ "handler": "*",
386
+ "description": "*",
387
+ "timeout": "*",
388
+ "memorySize": "*",
389
+ "code": "*"
390
+ }
390
391
  },
391
392
  {
392
393
  "type": "aws:cdk:analytics:method",
393
394
  "data": {
394
- "attachToRole": [
395
- "*"
395
+ "addEnvironment": [
396
+ "*",
397
+ "*",
398
+ {
399
+ "removeInEdge": true
400
+ }
396
401
  ]
397
402
  }
398
- },
403
+ }
404
+ ],
405
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource": [
399
406
  {
400
- "type": "aws:cdk:analytics:method",
407
+ "type": "aws:cdk:logicalId",
408
+ "data": "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E"
409
+ }
410
+ ],
411
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0": [
412
+ {
413
+ "type": "aws:cdk:analytics:construct",
401
414
  "data": {
402
- "attachToRole": [
403
- "*"
404
- ]
415
+ "statements": "*"
405
416
  }
406
417
  },
407
418
  {
@@ -411,45 +422,28 @@
411
422
  {}
412
423
  ]
413
424
  }
414
- }
415
- ],
416
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/DefaultPolicy/Resource": [
417
- {
418
- "type": "aws:cdk:logicalId",
419
- "data": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43"
420
- }
421
- ],
422
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction": [
425
+ },
423
426
  {
424
- "type": "aws:cdk:analytics:construct",
427
+ "type": "aws:cdk:analytics:method",
425
428
  "data": {
426
- "role": "*",
427
- "tracing": "Active",
428
- "runtime": "*",
429
- "handler": "*",
430
- "description": "*",
431
- "timeout": "*",
432
- "memorySize": "*",
433
- "code": "*"
429
+ "attachToRole": [
430
+ "*"
431
+ ]
434
432
  }
435
433
  },
436
434
  {
437
435
  "type": "aws:cdk:analytics:method",
438
436
  "data": {
439
- "addEnvironment": [
440
- "*",
441
- "*",
442
- {
443
- "removeInEdge": true
444
- }
437
+ "attachToRole": [
438
+ "*"
445
439
  ]
446
440
  }
447
441
  }
448
442
  ],
449
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource": [
443
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0/Resource": [
450
444
  {
451
445
  "type": "aws:cdk:logicalId",
452
- "data": "testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E"
446
+ "data": "testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3"
453
447
  }
454
448
  ],
455
449
  "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy": [
@@ -560,8 +554,16 @@
560
554
  {
561
555
  "type": "aws:cdk:analytics:method",
562
556
  "data": {
563
- "addToPrincipalPolicy": [
564
- {}
557
+ "attachInlinePolicy": [
558
+ "*"
559
+ ]
560
+ }
561
+ },
562
+ {
563
+ "type": "aws:cdk:analytics:method",
564
+ "data": {
565
+ "attachInlinePolicy": [
566
+ "*"
565
567
  ]
566
568
  }
567
569
  }
@@ -606,6 +608,26 @@
606
608
  {}
607
609
  ]
608
610
  }
611
+ }
612
+ ],
613
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource": [
614
+ {
615
+ "type": "aws:cdk:logicalId",
616
+ "data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751"
617
+ }
618
+ ],
619
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource": [
620
+ {
621
+ "type": "aws:cdk:logicalId",
622
+ "data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEvent8BCBFC59"
623
+ }
624
+ ],
625
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0": [
626
+ {
627
+ "type": "aws:cdk:analytics:construct",
628
+ "data": {
629
+ "statements": "*"
630
+ }
609
631
  },
610
632
  {
611
633
  "type": "aws:cdk:analytics:method",
@@ -614,18 +636,28 @@
614
636
  {}
615
637
  ]
616
638
  }
617
- }
618
- ],
619
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource": [
639
+ },
620
640
  {
621
- "type": "aws:cdk:logicalId",
622
- "data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751"
641
+ "type": "aws:cdk:analytics:method",
642
+ "data": {
643
+ "attachToRole": [
644
+ "*"
645
+ ]
646
+ }
647
+ },
648
+ {
649
+ "type": "aws:cdk:analytics:method",
650
+ "data": {
651
+ "attachToRole": [
652
+ "*"
653
+ ]
654
+ }
623
655
  }
624
656
  ],
625
- "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource": [
657
+ "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource": [
626
658
  {
627
659
  "type": "aws:cdk:logicalId",
628
- "data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEvent8BCBFC59"
660
+ "data": "testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010"
629
661
  }
630
662
  ],
631
663
  "/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater": [
@@ -675,6 +707,15 @@
675
707
  "type": "aws:cdk:logicalId",
676
708
  "data": "CheckBootstrapVersion"
677
709
  }
710
+ ],
711
+ "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43": [
712
+ {
713
+ "type": "aws:cdk:logicalId",
714
+ "data": "testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRoleDefaultPolicyE566BC43",
715
+ "trace": [
716
+ "!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
717
+ ]
718
+ }
678
719
  ]
679
720
  },
680
721
  "displayName": "cfts3-cmk-provided-as-bucket-prop"
@@ -685,5 +726,6 @@
685
726
  "file": "tree.json"
686
727
  }
687
728
  }
688
- }
729
+ },
730
+ "minimumCliVersion": "2.1006.0"
689
731
  }