@aws-solutions-constructs/aws-cloudfront-s3 2.96.0 → 2.98.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +4597 -233
- package/README.adoc +6 -8
- package/lib/index.d.ts +4 -2
- package/lib/index.js +2 -2
- package/package.json +8 -8
- package/test/integ.cfts3-additional-behavior.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-additional-behavior.js.snapshot/manifest.json +20 -11
- package/test/integ.cfts3-additional-behavior.js.snapshot/tree.json +1 -1
- package/test/{integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/framework.js +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +7 -7
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +7 -23
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1 -1
- package/test/{integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/framework.js +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +7 -7
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +7 -23
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.assets.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3nocloudfronts3accesslogsIntegDefaultTestDeployAssertAD28C87A.assets.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.assets.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.assets.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-logging.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-logging.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +0 -1
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +0 -19
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +0 -552
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +0 -19
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +0 -36
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +0 -12
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +0 -161
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +0 -746
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/cfn-response.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/consts.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/outbound.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/util.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/cfn-response.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/consts.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/outbound.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/util.js +0 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.206.0"},"children":{"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket":{"id":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket":{"id":"existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.206.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.206.0"}},"Role":{"id":"Role","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}},"Handler":{"id":"Handler","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}},"existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket":{"id":"existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","autoDeleteObjects":true},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3managedkeyCloudFrontDistributionE6431C62"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3managedkeyCloudFrontDistributionE6431C62"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"test-cloudfront-s3-managed-key":{"id":"test-cloudfront-s3-managed-key","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.86.0"},"children":{"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testd-key-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.206.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","RegionalDomainName"]},"id":"cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","RegionalDomainName"]}}}}}}}}}},"Integ":{"id":"Integ","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.206.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.206.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
1
|
+
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.233.0"},"children":{"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket":{"id":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket":{"id":"existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.233.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"Role":{"id":"Role","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}},"Handler":{"id":"Handler","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}},"existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket":{"id":"existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","autoDeleteObjects":true},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"existings3bucketencryptedwiths3managedkeyS3LoggingBucketF861F6B7"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3managedkeyCloudFrontDistributionE6431C62"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3managedkeyCloudFrontDistributionE6431C62"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","Arn"]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/existing-s3-bucket-encrypted-with-s3-managed-keyS3Bucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"test-cloudfront-s3-managed-key":{"id":"test-cloudfront-s3-managed-key","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.97.0"},"children":{"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucketAccessLog09A44955"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testd-key-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.233.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/test-cloudfront-s3-managed-key/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["existings3bucketencryptedwiths3managedkeyS3BucketA8C4BE9A","RegionalDomainName"]},"id":"cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3bucketencryptedwithmanagedkeyprovidedasexistingbuckettestcloudfronts3managedkeyCloudFrontDistributionOrigin17C5092B4","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3managedkeyCloudfrontLoggingBucket4F6525D7","RegionalDomainName"]}}}}}}}}}},"Integ":{"id":"Integ","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.233.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.233.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
"use strict";const cfnResponse=require("./cfn-response"),consts=require("./consts"),outbound_1=require("./outbound"),util_1=require("./util");async function onEvent(cfnRequest){const sanitizedRequest={...cfnRequest,ResponseURL:"..."};(0,util_1.log)("onEventHandler",sanitizedRequest),cfnRequest.ResourceProperties=cfnRequest.ResourceProperties||{};const onEventResult=await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV,sanitizedRequest,cfnRequest.ResponseURL);onEventResult?.NoEcho?(0,util_1.log)("redacted onEvent returned:",cfnResponse.redactDataFromPayload(onEventResult)):(0,util_1.log)("onEvent returned:",onEventResult);const resourceEvent=createResponseEvent(cfnRequest,onEventResult),sanitizedEvent={...resourceEvent,ResponseURL:"..."};if(onEventResult?.NoEcho?(0,util_1.log)("readacted event:",cfnResponse.redactDataFromPayload(sanitizedEvent)):(0,util_1.log)("event:",sanitizedEvent),!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV])return cfnResponse.submitResponse("SUCCESS",resourceEvent,{noEcho:resourceEvent.NoEcho});const waiter={stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV),
|
|
1
|
+
"use strict";const cfnResponse=require("./cfn-response"),consts=require("./consts"),outbound_1=require("./outbound"),util_1=require("./util");async function onEvent(cfnRequest){const sanitizedRequest={...cfnRequest,ResponseURL:"..."};(0,util_1.log)("onEventHandler",sanitizedRequest),cfnRequest.ResourceProperties=cfnRequest.ResourceProperties||{};const onEventResult=await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV,sanitizedRequest,cfnRequest.ResponseURL);onEventResult?.NoEcho?(0,util_1.log)("redacted onEvent returned:",cfnResponse.redactDataFromPayload(onEventResult)):(0,util_1.log)("onEvent returned:",onEventResult);const resourceEvent=createResponseEvent(cfnRequest,onEventResult),sanitizedEvent={...resourceEvent,ResponseURL:"..."};if(onEventResult?.NoEcho?(0,util_1.log)("readacted event:",cfnResponse.redactDataFromPayload(sanitizedEvent)):(0,util_1.log)("event:",sanitizedEvent),!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV])return cfnResponse.submitResponse("SUCCESS",resourceEvent,{noEcho:resourceEvent.NoEcho});const waiter={stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV),input:JSON.stringify(resourceEvent)};(0,util_1.log)("starting waiter",{stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV)}),await(0,outbound_1.startExecution)(waiter)}async function isComplete(event){const sanitizedRequest={...event,ResponseURL:"..."};event?.NoEcho?(0,util_1.log)("redacted isComplete request",cfnResponse.redactDataFromPayload(sanitizedRequest)):(0,util_1.log)("isComplete",sanitizedRequest);const isCompleteResult=await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV,sanitizedRequest,event.ResponseURL);if(event?.NoEcho?(0,util_1.log)("redacted user isComplete returned:",cfnResponse.redactDataFromPayload(isCompleteResult)):(0,util_1.log)("user isComplete returned:",isCompleteResult),!isCompleteResult.IsComplete)throw isCompleteResult.Data&&Object.keys(isCompleteResult.Data).length>0?new Error('"Data" is not allowed if "IsComplete" is "False"'):new cfnResponse.Retry(JSON.stringify(event));const response={...event,...isCompleteResult,Data:{...event.Data,...isCompleteResult.Data}};await cfnResponse.submitResponse("SUCCESS",response,{noEcho:event.NoEcho})}async function onTimeout(timeoutEvent){(0,util_1.log)("timeoutHandler",timeoutEvent);const isCompleteRequest=JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage);await cfnResponse.submitResponse("FAILED",isCompleteRequest,{reason:"Operation timed out"})}async function invokeUserFunction(functionArnEnv,sanitizedPayload,responseUrl){const functionArn=(0,util_1.getEnv)(functionArnEnv);(0,util_1.log)(`executing user function ${functionArn} with payload`,sanitizedPayload);const resp=await(0,outbound_1.invokeFunction)({FunctionName:functionArn,Payload:JSON.stringify({...sanitizedPayload,ResponseURL:responseUrl})});(0,util_1.log)("user function response:",resp,typeof resp);const jsonPayload=(0,util_1.parseJsonPayload)(resp.Payload);if(resp.FunctionError){(0,util_1.log)("user function threw an error:",resp.FunctionError);const errorMessage=jsonPayload.errorMessage||"error",arn=functionArn.split(":"),functionName=arn[arn.length-1],message=[errorMessage,"",`Logs: /aws/lambda/${functionName}`,""].join(`
|
|
2
2
|
`),e=new Error(message);throw jsonPayload.trace&&(e.stack=[message,...jsonPayload.trace.slice(1)].join(`
|
|
3
3
|
`)),e}return jsonPayload}function createResponseEvent(cfnRequest,onEventResult){onEventResult=onEventResult||{};const physicalResourceId=onEventResult.PhysicalResourceId||defaultPhysicalResourceId(cfnRequest);if(cfnRequest.RequestType==="Delete"&&physicalResourceId!==cfnRequest.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`);return cfnRequest.RequestType==="Update"&&physicalResourceId!==cfnRequest.PhysicalResourceId&&(0,util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`),{...cfnRequest,...onEventResult,PhysicalResourceId:physicalResourceId}}function defaultPhysicalResourceId(req){switch(req.RequestType){case"Create":return req.RequestId;case"Update":case"Delete":return req.PhysicalResourceId;default:throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`)}}module.exports={[consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]:cfnResponse.safeHandler(onEvent),[consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]:cfnResponse.safeHandler(isComplete),[consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]:onTimeout};
|
|
@@ -29,30 +29,30 @@
|
|
|
29
29
|
}
|
|
30
30
|
}
|
|
31
31
|
},
|
|
32
|
-
"
|
|
32
|
+
"07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57": {
|
|
33
33
|
"displayName": "test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code",
|
|
34
34
|
"source": {
|
|
35
|
-
"path": "asset.
|
|
35
|
+
"path": "asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57",
|
|
36
36
|
"packaging": "zip"
|
|
37
37
|
},
|
|
38
38
|
"destinations": {
|
|
39
|
-
"current_account-current_region-
|
|
39
|
+
"current_account-current_region-3e934f01": {
|
|
40
40
|
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
41
|
-
"objectKey": "
|
|
41
|
+
"objectKey": "07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57.zip",
|
|
42
42
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
43
43
|
}
|
|
44
44
|
}
|
|
45
45
|
},
|
|
46
|
-
"
|
|
46
|
+
"903dc12b1cb5ee0b71d641507b2c2a69b66e5632fc2c7f87eeec0ad6950d2641": {
|
|
47
47
|
"displayName": "cfts3-cmk-provided-as-bucket-prop Template",
|
|
48
48
|
"source": {
|
|
49
49
|
"path": "cfts3-cmk-provided-as-bucket-prop.template.json",
|
|
50
50
|
"packaging": "file"
|
|
51
51
|
},
|
|
52
52
|
"destinations": {
|
|
53
|
-
"current_account-current_region-
|
|
53
|
+
"current_account-current_region-bf254345": {
|
|
54
54
|
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
55
|
-
"objectKey": "
|
|
55
|
+
"objectKey": "903dc12b1cb5ee0b71d641507b2c2a69b66e5632fc2c7f87eeec0ad6950d2641.json",
|
|
56
56
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
57
57
|
}
|
|
58
58
|
}
|
|
@@ -1068,7 +1068,7 @@
|
|
|
1068
1068
|
"S3Bucket": {
|
|
1069
1069
|
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
|
|
1070
1070
|
},
|
|
1071
|
-
"S3Key": "
|
|
1071
|
+
"S3Key": "07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57.zip"
|
|
1072
1072
|
},
|
|
1073
1073
|
"Description": "AWS CDK resource provider framework - onEvent (cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider)",
|
|
1074
1074
|
"Environment": {
|
|
@@ -66,7 +66,7 @@
|
|
|
66
66
|
"validateOnSynth": false,
|
|
67
67
|
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
|
|
68
68
|
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
|
|
69
|
-
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/
|
|
69
|
+
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/903dc12b1cb5ee0b71d641507b2c2a69b66e5632fc2c7f87eeec0ad6950d2641.json",
|
|
70
70
|
"requiresBootstrapStackVersion": 6,
|
|
71
71
|
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
|
|
72
72
|
"additionalDependencies": [
|
|
@@ -516,18 +516,8 @@
|
|
|
516
516
|
],
|
|
517
517
|
"/cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole": [
|
|
518
518
|
{
|
|
519
|
-
"type": "aws:cdk:
|
|
520
|
-
"data":
|
|
521
|
-
"assumedBy": {
|
|
522
|
-
"principalAccount": "*",
|
|
523
|
-
"assumeRoleAction": "*"
|
|
524
|
-
},
|
|
525
|
-
"managedPolicies": [
|
|
526
|
-
{
|
|
527
|
-
"managedPolicyArn": "*"
|
|
528
|
-
}
|
|
529
|
-
]
|
|
530
|
-
}
|
|
519
|
+
"type": "aws:cdk:warning",
|
|
520
|
+
"data": "Failed to add construct metadata for node [ServiceRole]. Reason: ValidationError: The result of fromAwsManagedPolicyName can not be used in this API [ack: @aws-cdk/core:addConstructMetadataFailed]"
|
|
531
521
|
},
|
|
532
522
|
{
|
|
533
523
|
"type": "aws:cdk:analytics:method",
|
|
@@ -1034,16 +1024,6 @@
|
|
|
1034
1024
|
"recommendedValue": true,
|
|
1035
1025
|
"explanation": "When enabled, stack tags need to be assigned explicitly on a Stack."
|
|
1036
1026
|
},
|
|
1037
|
-
"@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": {
|
|
1038
|
-
"userValue": false,
|
|
1039
|
-
"recommendedValue": false,
|
|
1040
|
-
"explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**"
|
|
1041
|
-
},
|
|
1042
|
-
"@aws-cdk/aws-ecs:disableEcsImdsBlocking": {
|
|
1043
|
-
"userValue": true,
|
|
1044
|
-
"recommendedValue": true,
|
|
1045
|
-
"explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**"
|
|
1046
|
-
},
|
|
1047
1027
|
"@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": {
|
|
1048
1028
|
"userValue": true,
|
|
1049
1029
|
"recommendedValue": true,
|
|
@@ -1202,6 +1182,10 @@
|
|
|
1202
1182
|
"@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": {
|
|
1203
1183
|
"recommendedValue": true,
|
|
1204
1184
|
"explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement"
|
|
1185
|
+
},
|
|
1186
|
+
"@aws-cdk/aws-route53-patterns:useDistribution": {
|
|
1187
|
+
"recommendedValue": true,
|
|
1188
|
+
"explanation": "Use the `Distribution` resource instead of `CloudFrontWebDistribution`"
|
|
1205
1189
|
}
|
|
1206
1190
|
}
|
|
1207
1191
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.223.0"},"children":{"cfts3-cmk-provided-as-bucket-prop":{"id":"cfts3-cmk-provided-as-bucket-prop","path":"cfts3-cmk-provided-as-bucket-prop","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.223.0"},"children":{"cmkKey":{"id":"cmkKey","path":"cfts3-cmk-provided-as-bucket-prop/cmkKey","constructInfo":{"fqn":"aws-cdk-lib.aws_kms.Key","version":"2.223.0","metadata":[{"enableKeyRotation":true,"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/cmkKey/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_kms.CfnKey","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::KMS::Key","aws:cdk:cloudformation:props":{"enableKeyRotation":true,"keyPolicy":{"Statement":[{"Action":"kms:*","Effect":"Allow","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"}}}}}},"test-cloudfront-s3-cmk-encryption-key":{"id":"test-cloudfront-s3-cmk-encryption-key","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.95.1"},"children":{"S3LoggingBucket":{"id":"S3LoggingBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.223.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.223.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.223.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}}}}}},"S3Bucket":{"id":"S3Bucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.223.0","metadata":[{"encryption":"KMS","versioned":true,"blockPublicAccess":"*","removalPolicy":"retain","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","encryptionKey":"*"},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"aws:kms","kmsMasterKeyId":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.223.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]}}],"Version":"2012-10-17"}}}}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.223.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.223.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.223.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.223.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.223.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.223.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testn-key-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.223.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","RegionalDomainName"]},"id":"cfts3cmkprovidedasbucketproptestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin1FA4541E3","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3cmkprovidedasbucketproptestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin1FA4541E3","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","RegionalDomainName"]}}}}}}}},"LambdaFunctionServiceRole":{"id":"LambdaFunctionServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.223.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"inlinePolicies":"*"},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportLambdaFunctionServiceRole":{"id":"ImportLambdaFunctionServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/ImportLambdaFunctionServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.223.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"policies":[{"policyName":"LambdaFunctionServiceRolePolicy","policyDocument":{"Statement":[{"Action":["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":log-group:/aws/lambda/*"]]}}],"Version":"2012-10-17"}}]}}}}},"LambdaFunction":{"id":"LambdaFunction","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.223.0","metadata":[{"role":"*","tracing":"Active","runtime":"*","handler":"*","description":"*","timeout":"*","memorySize":"*","code":"*"},{"addEnvironment":["*","*",{"removeInEdge":true}]}]},"children":{"Code":{"id":"Code","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.223.0"},"children":{"Stage":{"id":"Stage","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.223.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.223.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"e97825c838d70ceb13ba2f6223a7d94ed35687b70bfb224a0b9128e698e3f28e.zip"},"description":"Custom resource function that updates a provided key policy to allow CloudFront access.","environment":{"variables":{"AWS_NODEJS_CONNECTION_REUSE_ENABLED":"1"}},"handler":"index.handler","role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D","Arn"]},"runtime":"nodejs22.x","tracingConfig":{"mode":"Active"}}}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.223.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["xray:PutTelemetryRecords","xray:PutTraceSegments"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}}}}}}},"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy":{"id":"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.223.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["kms:DescribeKey","kms:GetKeyPolicy","kms:PutKeyPolicy"],"Effect":"Allow","Resource":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeytestcloudfronts3cmkencryptionkeyResourceCmkPolicyBD4BA975","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}}}}},"KmsKeyPolicyUpdateProvider":{"id":"KmsKeyPolicyUpdateProvider","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"2.223.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.223.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","loggingFormat":"JSON","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.223.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.223.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.223.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},":*"]]}]}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}}}}}}},"Code":{"id":"Code","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.223.0"},"children":{"Stage":{"id":"Stage","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.223.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.223.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca.zip"},"description":"AWS CDK resource provider framework - onEvent (cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}},"handler":"framework.onEvent","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD","Arn"]},"runtime":"nodejs22.x","timeout":900}}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.223.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.223.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}}}}}}}}},"KmsKeyPolicyUpdater":{"id":"KmsKeyPolicyUpdater","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.223.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.223.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.223.0"}},"Role":{"id":"Role","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}},"Handler":{"id":"Handler","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.223.0"}}}},"Integ":{"id":"Integ","path":"cfts3-cmk-provided-as-bucket-prop/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.223.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.223.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.223.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.223.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.223.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.223.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.223.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
1
|
+
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.233.0"},"children":{"cfts3-cmk-provided-as-bucket-prop":{"id":"cfts3-cmk-provided-as-bucket-prop","path":"cfts3-cmk-provided-as-bucket-prop","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"cmkKey":{"id":"cmkKey","path":"cfts3-cmk-provided-as-bucket-prop/cmkKey","constructInfo":{"fqn":"aws-cdk-lib.aws_kms.Key","version":"2.233.0","metadata":[{"enableKeyRotation":true,"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/cmkKey/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_kms.CfnKey","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::KMS::Key","aws:cdk:cloudformation:props":{"enableKeyRotation":true,"keyPolicy":{"Statement":[{"Action":"kms:*","Effect":"Allow","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"}}}}}},"test-cloudfront-s3-cmk-encryption-key":{"id":"test-cloudfront-s3-cmk-encryption-key","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.97.0"},"children":{"S3LoggingBucket":{"id":"S3LoggingBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3LoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"S3Bucket":{"id":"S3Bucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"KMS","versioned":true,"blockPublicAccess":"*","removalPolicy":"retain","enforceSSL":true,"lifecycleRules":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]}],"serverAccessLogsBucket":"*","encryptionKey":"*"},{"addLifecycleRule":[{"noncurrentVersionTransitions":[{"storageClass":"*"}]},"*","*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"aws:kms","kmsMasterKeyId":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}}]},"lifecycleConfiguration":{"rules":[{"noncurrentVersionTransitions":[{"storageClass":"GLACIER","transitionInDays":90}],"status":"Enabled"}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3cmkencryptionkeyS3LoggingBucket5CE52209"}},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/S3Bucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3cmkencryptionkeyCloudFrontDistribution57C8A907"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","Arn"]}}],"Version":"2012-10-17"}}}}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucketAccessLog8863921C"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testn-key-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.233.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https"},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyS3Bucket0E74E5D2","RegionalDomainName"]},"id":"cfts3cmkprovidedasbucketproptestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin1FA4541E3","s3OriginConfig":{"originAccessIdentity":""}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3cmkprovidedasbucketproptestcloudfronts3cmkencryptionkeyCloudFrontDistributionOrigin1FA4541E3","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https"},"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyCloudfrontLoggingBucket7C1787CD","RegionalDomainName"]}}}}}}}},"LambdaFunctionServiceRole":{"id":"LambdaFunctionServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.233.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"inlinePolicies":"*"},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportLambdaFunctionServiceRole":{"id":"ImportLambdaFunctionServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/ImportLambdaFunctionServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.233.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunctionServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"policies":[{"policyName":"LambdaFunctionServiceRolePolicy","policyDocument":{"Statement":[{"Action":["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":log-group:/aws/lambda/*"]]}}],"Version":"2012-10-17"}}]}}}}},"LambdaFunction":{"id":"LambdaFunction","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.233.0","metadata":[{"role":"*","tracing":"Active","runtime":"*","handler":"*","description":"*","timeout":"*","memorySize":"*","code":"*"},{"addEnvironment":["*","*",{"removeInEdge":true}]}]},"children":{"Code":{"id":"Code","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.233.0"},"children":{"Stage":{"id":"Stage","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.233.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"e97825c838d70ceb13ba2f6223a7d94ed35687b70bfb224a0b9128e698e3f28e.zip"},"description":"Custom resource function that updates a provided key policy to allow CloudFront access.","environment":{"variables":{"AWS_NODEJS_CONNECTION_REUSE_ENABLED":"1"}},"handler":"index.handler","role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D","Arn"]},"runtime":"nodejs22.x","tracingConfig":{"mode":"Active"}}}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.233.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/LambdaFunction/inlinePolicyAddedToExecutionRole-0/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["xray:PutTelemetryRecords","xray:PutTraceSegments"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyLambdaFunctioninlinePolicyAddedToExecutionRole030BCEDF3","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}}}}}}},"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy":{"id":"test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.233.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/test-cloudfront-s3-cmk-encryption-keyResourceCmkPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["kms:DescribeKey","kms:GetKeyPolicy","kms:PutKeyPolicy"],"Effect":"Allow","Resource":{"Fn::GetAtt":["cmkKey598B20B2","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeytestcloudfronts3cmkencryptionkeyResourceCmkPolicyBD4BA975","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyLambdaFunctionServiceRole85783D1D"}]}}}}},"KmsKeyPolicyUpdateProvider":{"id":"KmsKeyPolicyUpdateProvider","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"2.233.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"2.233.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","loggingFormat":"JSON","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"2.233.0","metadata":[{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"2.233.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.233.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]},":*"]]}]}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRoleDefaultPolicy066CD751","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}}}}}}},"Code":{"id":"Code","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"2.233.0"},"children":{"Stage":{"id":"Stage","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"AssetBucket":{"id":"AssetBucket","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"2.233.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57.zip"},"description":"AWS CDK resource provider framework - onEvent (cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}},"handler":"framework.onEvent","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD","Arn"]},"runtime":"nodejs22.x","timeout":900}}},"inlinePolicyAddedToExecutionRole-0":{"id":"inlinePolicyAddedToExecutionRole-0","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"2.233.0","metadata":[{"statements":"*"},{"addStatements":[{}]},{"attachToRole":["*"]},{"attachToRole":["*"]}]},"children":{"Resource":{"id":"Resource","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdateProvider/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["testcloudfronts3cmkencryptionkeyLambdaFunction4DCD662E","Arn"]}}],"Version":"2012-10-17"},"policyName":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventinlinePolicyAddedToExecutionRole0055AB010","roles":[{"Ref":"testcloudfronts3cmkencryptionkeyKmsKeyPolicyUpdateProviderframeworkonEventServiceRole3D4040AD"}]}}}}}}}}},"KmsKeyPolicyUpdater":{"id":"KmsKeyPolicyUpdater","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/test-cloudfront-s3-cmk-encryption-key/KmsKeyPolicyUpdater/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.233.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"Role":{"id":"Role","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}},"Handler":{"id":"Handler","path":"cfts3-cmk-provided-as-bucket-prop/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}},"Integ":{"id":"Integ","path":"cfts3-cmk-provided-as-bucket-prop/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.233.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.233.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-cmk-provided-as-bucket-prop/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"
|
|
1
|
+
{"version":"48.0.0"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "
|
|
2
|
+
"version": "48.0.0",
|
|
3
3
|
"testCases": {
|
|
4
4
|
"cfts3-custom-headers/Integ/DefaultTest": {
|
|
5
5
|
"stacks": [
|
|
@@ -9,5 +9,5 @@
|
|
|
9
9
|
"assertionStackName": "cfts3customheadersIntegDefaultTestDeployAssert6EEC9973"
|
|
10
10
|
}
|
|
11
11
|
},
|
|
12
|
-
"minimumCliVersion": "2.
|
|
12
|
+
"minimumCliVersion": "2.1033.0"
|
|
13
13
|
}
|