@aws-solutions-constructs/aws-cloudfront-s3 2.97.0 → 2.99.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +64 -6
- package/README.adoc +3 -3
- package/lib/index.d.ts +1 -1
- package/lib/index.js +2 -2
- package/package.json +8 -8
- package/test/integ.cfts3-additional-behavior.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-additional-behavior.js.snapshot/manifest.json +20 -11
- package/test/integ.cfts3-additional-behavior.js.snapshot/tree.json +1 -1
- package/test/{integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/framework.js +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +7 -7
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +7 -23
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +1 -1
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1 -1
- package/test/{integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/framework.js +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +7 -7
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +1 -1
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +7 -23
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +1 -1
- package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +1 -1
- package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +1 -1
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +1 -1
- package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +1 -1
- package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3-no-cloudfront-s3-access-logs.assets.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/cfts3nocloudfronts3accesslogsIntegDefaultTestDeployAssertAD28C87A.assets.json +1 -1
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-logging.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3-no-logging.assets.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/cfts3nologgingIntegDefaultTestDeployAssert18393DDB.assets.json +1 -1
- package/test/integ.cfts3-no-logging.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-logging.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-logging.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +1 -1
- package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +2 -2
- package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +68 -50
- package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1 -1
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +0 -1
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +0 -19
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +0 -552
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +0 -19
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +0 -36
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +0 -12
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +0 -161
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +0 -746
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/cfn-response.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/consts.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/outbound.js +0 -0
- /package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/util.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/cfn-response.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/consts.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/outbound.js +0 -0
- /package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/{asset.bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca → asset.07a90cc3efdfc34da22208dcd9d211f06f5b0e01b21e778edc7c3966b1f61d57}/util.js +0 -0
|
@@ -395,57 +395,48 @@
|
|
|
395
395
|
"properties": {
|
|
396
396
|
"module": "aws-cdk-lib",
|
|
397
397
|
"flags": {
|
|
398
|
-
"@aws-cdk/
|
|
398
|
+
"@aws-cdk/aws-signer:signingProfileNamePassedToCfn": {
|
|
399
399
|
"recommendedValue": true,
|
|
400
|
-
"explanation": "
|
|
401
|
-
},
|
|
402
|
-
"aws-cdk:enableDiffNoFail": {
|
|
403
|
-
"recommendedValue": true,
|
|
404
|
-
"explanation": "Make `cdk diff` not fail when there are differences"
|
|
400
|
+
"explanation": "Pass signingProfileName to CfnSigningProfile"
|
|
405
401
|
},
|
|
406
402
|
"@aws-cdk/core:newStyleStackSynthesis": {
|
|
407
403
|
"recommendedValue": true,
|
|
408
|
-
"explanation": "Switch to new stack synthesis method which enables CI/CD"
|
|
404
|
+
"explanation": "Switch to new stack synthesis method which enables CI/CD",
|
|
405
|
+
"unconfiguredBehavesLike": {
|
|
406
|
+
"v2": true
|
|
407
|
+
}
|
|
409
408
|
},
|
|
410
409
|
"@aws-cdk/core:stackRelativeExports": {
|
|
411
410
|
"recommendedValue": true,
|
|
412
|
-
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path"
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
"explanation": "DockerImageAsset properly supports `.dockerignore` files by default"
|
|
417
|
-
},
|
|
418
|
-
"@aws-cdk/aws-secretsmanager:parseOwnedSecretName": {
|
|
419
|
-
"recommendedValue": true,
|
|
420
|
-
"explanation": "Fix the referencing of SecretsManager names from ARNs"
|
|
421
|
-
},
|
|
422
|
-
"@aws-cdk/aws-kms:defaultKeyPolicies": {
|
|
423
|
-
"recommendedValue": true,
|
|
424
|
-
"explanation": "Tighten default KMS key policies"
|
|
425
|
-
},
|
|
426
|
-
"@aws-cdk/aws-s3:grantWriteWithoutAcl": {
|
|
427
|
-
"recommendedValue": true,
|
|
428
|
-
"explanation": "Remove `PutObjectAcl` from Bucket.grantWrite"
|
|
411
|
+
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path",
|
|
412
|
+
"unconfiguredBehavesLike": {
|
|
413
|
+
"v2": true
|
|
414
|
+
}
|
|
429
415
|
},
|
|
430
|
-
"@aws-cdk/aws-ecs-patterns:
|
|
416
|
+
"@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": {
|
|
431
417
|
"recommendedValue": true,
|
|
432
|
-
"explanation": "
|
|
418
|
+
"explanation": "Disable implicit openListener when custom security groups are provided"
|
|
433
419
|
},
|
|
434
420
|
"@aws-cdk/aws-rds:lowercaseDbIdentifier": {
|
|
435
421
|
"recommendedValue": true,
|
|
436
|
-
"explanation": "Force lowercasing of RDS Cluster names in CDK"
|
|
422
|
+
"explanation": "Force lowercasing of RDS Cluster names in CDK",
|
|
423
|
+
"unconfiguredBehavesLike": {
|
|
424
|
+
"v2": true
|
|
425
|
+
}
|
|
437
426
|
},
|
|
438
427
|
"@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": {
|
|
439
428
|
"recommendedValue": true,
|
|
440
|
-
"explanation": "Allow adding/removing multiple UsagePlanKeys independently"
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
"explanation": "Enable this feature flag to have elastic file systems encrypted at rest by default."
|
|
429
|
+
"explanation": "Allow adding/removing multiple UsagePlanKeys independently",
|
|
430
|
+
"unconfiguredBehavesLike": {
|
|
431
|
+
"v2": true
|
|
432
|
+
}
|
|
445
433
|
},
|
|
446
434
|
"@aws-cdk/aws-lambda:recognizeVersionProps": {
|
|
447
435
|
"recommendedValue": true,
|
|
448
|
-
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`."
|
|
436
|
+
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.",
|
|
437
|
+
"unconfiguredBehavesLike": {
|
|
438
|
+
"v2": true
|
|
439
|
+
}
|
|
449
440
|
},
|
|
450
441
|
"@aws-cdk/aws-lambda:recognizeLayerVersion": {
|
|
451
442
|
"userValue": true,
|
|
@@ -454,7 +445,10 @@
|
|
|
454
445
|
},
|
|
455
446
|
"@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": {
|
|
456
447
|
"recommendedValue": true,
|
|
457
|
-
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default."
|
|
448
|
+
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.",
|
|
449
|
+
"unconfiguredBehavesLike": {
|
|
450
|
+
"v2": true
|
|
451
|
+
}
|
|
458
452
|
},
|
|
459
453
|
"@aws-cdk/core:checkSecretUsage": {
|
|
460
454
|
"userValue": true,
|
|
@@ -531,7 +525,7 @@
|
|
|
531
525
|
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": {
|
|
532
526
|
"userValue": true,
|
|
533
527
|
"recommendedValue": true,
|
|
534
|
-
"explanation": "Enable this feature to
|
|
528
|
+
"explanation": "Enable this feature to create default policy names for imported roles that depend on the stack the role is in."
|
|
535
529
|
},
|
|
536
530
|
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": {
|
|
537
531
|
"userValue": true,
|
|
@@ -675,7 +669,10 @@
|
|
|
675
669
|
},
|
|
676
670
|
"@aws-cdk/pipelines:reduceAssetRoleTrustScope": {
|
|
677
671
|
"recommendedValue": true,
|
|
678
|
-
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy"
|
|
672
|
+
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy",
|
|
673
|
+
"unconfiguredBehavesLike": {
|
|
674
|
+
"v2": true
|
|
675
|
+
}
|
|
679
676
|
},
|
|
680
677
|
"@aws-cdk/aws-eks:nodegroupNameAttribute": {
|
|
681
678
|
"userValue": true,
|
|
@@ -704,23 +701,16 @@
|
|
|
704
701
|
},
|
|
705
702
|
"@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": {
|
|
706
703
|
"recommendedValue": true,
|
|
707
|
-
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model."
|
|
704
|
+
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.",
|
|
705
|
+
"unconfiguredBehavesLike": {
|
|
706
|
+
"v2": true
|
|
707
|
+
}
|
|
708
708
|
},
|
|
709
709
|
"@aws-cdk/core:explicitStackTags": {
|
|
710
710
|
"userValue": true,
|
|
711
711
|
"recommendedValue": true,
|
|
712
712
|
"explanation": "When enabled, stack tags need to be assigned explicitly on a Stack."
|
|
713
713
|
},
|
|
714
|
-
"@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": {
|
|
715
|
-
"userValue": false,
|
|
716
|
-
"recommendedValue": false,
|
|
717
|
-
"explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**"
|
|
718
|
-
},
|
|
719
|
-
"@aws-cdk/aws-ecs:disableEcsImdsBlocking": {
|
|
720
|
-
"userValue": true,
|
|
721
|
-
"recommendedValue": true,
|
|
722
|
-
"explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**"
|
|
723
|
-
},
|
|
724
714
|
"@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": {
|
|
725
715
|
"userValue": true,
|
|
726
716
|
"recommendedValue": true,
|
|
@@ -768,7 +758,10 @@
|
|
|
768
758
|
},
|
|
769
759
|
"@aws-cdk/core:aspectStabilization": {
|
|
770
760
|
"recommendedValue": true,
|
|
771
|
-
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis."
|
|
761
|
+
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.",
|
|
762
|
+
"unconfiguredBehavesLike": {
|
|
763
|
+
"v2": true
|
|
764
|
+
}
|
|
772
765
|
},
|
|
773
766
|
"@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": {
|
|
774
767
|
"userValue": true,
|
|
@@ -802,7 +795,10 @@
|
|
|
802
795
|
},
|
|
803
796
|
"@aws-cdk/pipelines:reduceStageRoleTrustScope": {
|
|
804
797
|
"recommendedValue": true,
|
|
805
|
-
"explanation": "Remove the root account principal from Stage addActions trust policy"
|
|
798
|
+
"explanation": "Remove the root account principal from Stage addActions trust policy",
|
|
799
|
+
"unconfiguredBehavesLike": {
|
|
800
|
+
"v2": true
|
|
801
|
+
}
|
|
806
802
|
},
|
|
807
803
|
"@aws-cdk/aws-events:requireEventBusPolicySid": {
|
|
808
804
|
"userValue": true,
|
|
@@ -825,7 +821,10 @@
|
|
|
825
821
|
},
|
|
826
822
|
"@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": {
|
|
827
823
|
"recommendedValue": true,
|
|
828
|
-
"explanation": "When enabled, scopes down the trust policy for the cross-account action role"
|
|
824
|
+
"explanation": "When enabled, scopes down the trust policy for the cross-account action role",
|
|
825
|
+
"unconfiguredBehavesLike": {
|
|
826
|
+
"v2": true
|
|
827
|
+
}
|
|
829
828
|
},
|
|
830
829
|
"@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": {
|
|
831
830
|
"userValue": true,
|
|
@@ -855,6 +854,25 @@
|
|
|
855
854
|
"userValue": true,
|
|
856
855
|
"recommendedValue": true,
|
|
857
856
|
"explanation": "When enabled, CDK creates and manages loggroup for the lambda function"
|
|
857
|
+
},
|
|
858
|
+
"@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": {
|
|
859
|
+
"recommendedValue": true,
|
|
860
|
+
"explanation": "When enabled, Network Load Balancer will be created with a security group by default."
|
|
861
|
+
},
|
|
862
|
+
"@aws-cdk/aws-stepfunctions-tasks:httpInvokeDynamicJsonPathEndpoint": {
|
|
863
|
+
"recommendedValue": true,
|
|
864
|
+
"explanation": "When enabled, allows using a dynamic apiEndpoint with JSONPath format in HttpInvoke tasks.",
|
|
865
|
+
"unconfiguredBehavesLike": {
|
|
866
|
+
"v2": true
|
|
867
|
+
}
|
|
868
|
+
},
|
|
869
|
+
"@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": {
|
|
870
|
+
"recommendedValue": true,
|
|
871
|
+
"explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement"
|
|
872
|
+
},
|
|
873
|
+
"@aws-cdk/aws-route53-patterns:useDistribution": {
|
|
874
|
+
"recommendedValue": true,
|
|
875
|
+
"explanation": "Use the `Distribution` resource instead of `CloudFrontWebDistribution`"
|
|
858
876
|
}
|
|
859
877
|
}
|
|
860
878
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.206.0"},"children":{"cfts3-existing-bucket":{"id":"cfts3-existing-bucket","path":"cfts3-existing-bucket","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"scrapBucketLog":{"id":"scrapBucketLog","path":"cfts3-existing-bucket/scrapBucketLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"versioned":true,"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED","enforceSSL":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucketLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/scrapBucketLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucketLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"scrapBucketLog7B53B25C"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/scrapBucketLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/scrapBucketLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.206.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.206.0"}},"Role":{"id":"Role","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}},"Handler":{"id":"Handler","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}},"scrapBucket":{"id":"scrapBucket","path":"cfts3-existing-bucket/scrapBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"versioned":true,"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED","enforceSSL":true,"serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"scrapBucketLog7B53B25C"}},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/scrapBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"scrapBucketB11863B7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3CloudFrontDistribution0565DEE8"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3CloudFrontDistribution0565DEE8"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]}},{"Action":"s3:GetObject","Effect":"Allow","Principal":{"CanonicalUser":{"Fn::GetAtt":["testcloudfronts3CloudFrontDistributionOrigin2S3OriginC54B5C65","S3CanonicalUserId"]}},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/scrapBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/scrapBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"test-cloudfront-s3":{"id":"test-cloudfront-s3","path":"cfts3-existing-bucket/test-cloudfront-s3","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.86.0"},"children":{"SetHttpSecurityHeaders":{"id":"SetHttpSecurityHeaders","path":"cfts3-existing-bucket/test-cloudfront-s3/SetHttpSecurityHeaders","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Function","version":"2.206.0","metadata":[{"functionName":"*","code":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/SetHttpSecurityHeaders/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnFunction","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Function","aws:cdk:cloudformation:props":{"autoPublish":true,"functionCode":"function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }","functionConfig":{"comment":"SetHttpSecurityHeadersc8321a2c9fa54d380831d390bfbd7aff27f99fd427","runtime":"cloudfront-js-1.0"},"name":"SetHttpSecurityHeadersc8321a2c9fa54d380831d390bfbd7aff27f99fd427"}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.206.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.206.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3CloudfrontLoggingBucket985C0FE8"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.206.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.206.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testnt-s3-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.206.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"eventType":"viewer-response","function":"*"}]},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"},{"addBehavior":["*",{},{"cachePolicy":"*"}]}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["scrapBucketB11863B7","RegionalDomainName"]},"id":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin10617473F","s3OriginConfig":{"originAccessIdentity":""}},{"domainName":{"Fn::GetAtt":["scrapBucketB11863B7","RegionalDomainName"]},"id":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F","s3OriginConfig":{"originAccessIdentity":{"Fn::Join":["",["origin-access-identity/cloudfront/",{"Ref":"testcloudfronts3CloudFrontDistributionOrigin2S3OriginC54B5C65"}]]}}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin10617473F","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"functionArn":{"Fn::GetAtt":["testcloudfronts3SetHttpSecurityHeaders6C5A1E69","FunctionARN"]},"eventType":"viewer-response"}]},"cacheBehaviors":[{"pathPattern":"/images/*.jpg","targetOriginId":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F","cachePolicyId":{"Ref":"myCachePolicy16CE2FCF"},"compress":true,"viewerProtocolPolicy":"allow-all"}],"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","RegionalDomainName"]}}}}}},"Origin2":{"id":"Origin2","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"S3Origin":{"id":"S3Origin","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2/S3Origin","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.OriginAccessIdentity","version":"2.206.0","metadata":[{}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2/S3Origin/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCloudFrontOriginAccessIdentity","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CloudFrontOriginAccessIdentity","aws:cdk:cloudformation:props":{"cloudFrontOriginAccessIdentityConfig":{"comment":"Identity for cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F"}}}}}}}}}}}},"myCachePolicy":{"id":"myCachePolicy","path":"cfts3-existing-bucket/myCachePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CachePolicy","version":"2.206.0","metadata":[{"cachePolicyName":"*","defaultTtl":"*","minTtl":"*","maxTtl":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/myCachePolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCachePolicy","version":"2.206.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CachePolicy","aws:cdk:cloudformation:props":{"cachePolicyConfig":{"name":"MyPolicy","minTtl":0,"maxTtl":0,"defaultTtl":0,"parametersInCacheKeyAndForwardedToOrigin":{"cookiesConfig":{"cookieBehavior":"none"},"headersConfig":{"headerBehavior":"none"},"enableAcceptEncodingGzip":false,"enableAcceptEncodingBrotli":false,"queryStringsConfig":{"queryStringBehavior":"none"}}}}}}}},"Integ":{"id":"Integ","path":"cfts3-existing-bucket/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.206.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-existing-bucket/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.206.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.206.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-existing-bucket/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.206.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-existing-bucket/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.206.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
1
|
+
{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"2.233.0"},"children":{"cfts3-existing-bucket":{"id":"cfts3-existing-bucket","path":"cfts3-existing-bucket","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"scrapBucketLog":{"id":"scrapBucketLog","path":"cfts3-existing-bucket/scrapBucketLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"versioned":true,"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED","enforceSSL":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucketLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/scrapBucketLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucketLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"scrapBucketLog7B53B25C"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketLog7B53B25C","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/scrapBucketLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/scrapBucketLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"2.233.0"},"children":{"Staging":{"id":"Staging","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"2.233.0"}},"Role":{"id":"Role","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}},"Handler":{"id":"Handler","path":"cfts3-existing-bucket/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}},"scrapBucket":{"id":"scrapBucket","path":"cfts3-existing-bucket/scrapBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"versioned":true,"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED","enforceSSL":true,"serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"scrapBucketLog7B53B25C"}},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/scrapBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/scrapBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"scrapBucketB11863B7"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3CloudFrontDistribution0565DEE8"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}},{"Action":"s3:ListBucket","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"testcloudfronts3CloudFrontDistribution0565DEE8"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]}},{"Action":"s3:GetObject","Effect":"Allow","Principal":{"CanonicalUser":{"Fn::GetAtt":["testcloudfronts3CloudFrontDistributionOrigin2S3OriginC54B5C65","S3CanonicalUserId"]}},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["scrapBucketB11863B7","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/scrapBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/scrapBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"test-cloudfront-s3":{"id":"test-cloudfront-s3","path":"cfts3-existing-bucket/test-cloudfront-s3","constructInfo":{"fqn":"@aws-solutions-constructs/aws-cloudfront-s3.CloudFrontToS3","version":"2.97.0"},"children":{"SetHttpSecurityHeaders":{"id":"SetHttpSecurityHeaders","path":"cfts3-existing-bucket/test-cloudfront-s3/SetHttpSecurityHeaders","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Function","version":"2.233.0","metadata":[{"functionName":"*","code":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/SetHttpSecurityHeaders/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnFunction","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Function","aws:cdk:cloudformation:props":{"autoPublish":true,"functionCode":"function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }","functionConfig":{"comment":"SetHttpSecurityHeadersc8321a2c9fa54d380831d390bfbd7aff27f99fd427","runtime":"cloudfront-js-1.0"},"name":"SetHttpSecurityHeadersc8321a2c9fa54d380831d390bfbd7aff27f99fd427"}}}}},"CloudfrontLoggingBucketAccessLog":{"id":"CloudfrontLoggingBucketAccessLog","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"ArnLike":{"aws:SourceArn":{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]}},"StringEquals":{"aws:SourceAccount":{"Ref":"AWS::AccountId"}}},"Effect":"Allow","Principal":{"Service":"logging.s3.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucketAccessLog/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudfrontLoggingBucket":{"id":"CloudfrontLoggingBucket","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"2.233.0","metadata":[{"encryption":"S3_MANAGED","versioned":true,"blockPublicAccess":"*","removalPolicy":"destroy","enforceSSL":true,"autoDeleteObjects":true,"objectOwnership":"ObjectWriter","serverAccessLogsBucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"loggingConfiguration":{"destinationBucketName":{"Ref":"testcloudfronts3CloudfrontLoggingBucketAccessLog2E738D58"}},"ownershipControls":{"rules":[{"objectOwnership":"ObjectWriter"}]},"publicAccessBlockConfiguration":{"blockPublicAcls":true,"blockPublicPolicy":true,"ignorePublicAcls":true,"restrictPublicBuckets":true},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}],"versioningConfiguration":{"status":"Enabled"}}}},"Policy":{"id":"Policy","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"2.233.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"testcloudfronts3CloudfrontLoggingBucket985C0FE8"},"policyDocument":{"Statement":[{"Action":"s3:*","Condition":{"Bool":{"aws:SecureTransport":"false"}},"Effect":"Deny","Principal":{"AWS":"*"},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},"/*"]]}]},{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"2.233.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudfrontLoggingBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"2.233.0"}}}}}},"CloudFrontOac":{"id":"CloudFrontOac","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontOac","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":{"Fn::Join":["",["aws-cloudfront-s3-testnt-s3-",{"Fn::Select":[2,{"Fn::Split":["/",{"Ref":"AWS::StackId"}]}]}]]},"originAccessControlOriginType":"s3","signingBehavior":"always","signingProtocol":"sigv4","description":"Origin access control provisioned by aws-cloudfront-s3"}}}},"CloudFrontDistribution":{"id":"CloudFrontDistribution","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"2.233.0","metadata":[{"defaultBehavior":{"origin":"*","viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"eventType":"viewer-response","function":"*"}]},"enableLogging":true,"logBucket":"*","defaultRootObject":"*"},{"addBehavior":["*",{},{"cachePolicy":"*"}]}]},"children":{"Origin1":{"id":"Origin1","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["scrapBucketB11863B7","RegionalDomainName"]},"id":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin10617473F","s3OriginConfig":{"originAccessIdentity":""}},{"domainName":{"Fn::GetAtt":["scrapBucketB11863B7","RegionalDomainName"]},"id":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F","s3OriginConfig":{"originAccessIdentity":{"Fn::Join":["",["origin-access-identity/cloudfront/",{"Ref":"testcloudfronts3CloudFrontDistributionOrigin2S3OriginC54B5C65"}]]}}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin10617473F","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"redirect-to-https","functionAssociations":[{"functionArn":{"Fn::GetAtt":["testcloudfronts3SetHttpSecurityHeaders6C5A1E69","FunctionARN"]},"eventType":"viewer-response"}]},"cacheBehaviors":[{"pathPattern":"/images/*.jpg","targetOriginId":"cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F","cachePolicyId":{"Ref":"myCachePolicy16CE2FCF"},"compress":true,"viewerProtocolPolicy":"allow-all"}],"defaultRootObject":"index.html","httpVersion":"http2","ipv6Enabled":true,"logging":{"bucket":{"Fn::GetAtt":["testcloudfronts3CloudfrontLoggingBucket985C0FE8","RegionalDomainName"]}}}}}},"Origin2":{"id":"Origin2","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"S3Origin":{"id":"S3Origin","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2/S3Origin","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.OriginAccessIdentity","version":"2.233.0","metadata":[{}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/test-cloudfront-s3/CloudFrontDistribution/Origin2/S3Origin/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCloudFrontOriginAccessIdentity","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CloudFrontOriginAccessIdentity","aws:cdk:cloudformation:props":{"cloudFrontOriginAccessIdentityConfig":{"comment":"Identity for cfts3existingbuckettestcloudfronts3CloudFrontDistributionOrigin28690577F"}}}}}}}}}}}},"myCachePolicy":{"id":"myCachePolicy","path":"cfts3-existing-bucket/myCachePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CachePolicy","version":"2.233.0","metadata":[{"cachePolicyName":"*","defaultTtl":"*","minTtl":"*","maxTtl":"*"}]},"children":{"Resource":{"id":"Resource","path":"cfts3-existing-bucket/myCachePolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnCachePolicy","version":"2.233.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::CachePolicy","aws:cdk:cloudformation:props":{"cachePolicyConfig":{"name":"MyPolicy","minTtl":0,"maxTtl":0,"defaultTtl":0,"parametersInCacheKeyAndForwardedToOrigin":{"cookiesConfig":{"cookieBehavior":"none"},"headersConfig":{"headerBehavior":"none"},"enableAcceptEncodingGzip":false,"enableAcceptEncodingBrotli":false,"queryStringsConfig":{"queryStringBehavior":"none"}}}}}}}},"Integ":{"id":"Integ","path":"cfts3-existing-bucket/Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"2.233.0-alpha.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"cfts3-existing-bucket/Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"2.233.0-alpha.0"},"children":{"Default":{"id":"Default","path":"cfts3-existing-bucket/Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"2.233.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-existing-bucket/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cfts3-existing-bucket/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"2.233.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cfts3-existing-bucket/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"2.233.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"
|
|
1
|
+
{"version":"48.0.0"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "
|
|
2
|
+
"version": "48.0.0",
|
|
3
3
|
"testCases": {
|
|
4
4
|
"cfts3-no-arguments/Integ/DefaultTest": {
|
|
5
5
|
"stacks": [
|
|
@@ -9,5 +9,5 @@
|
|
|
9
9
|
"assertionStackName": "cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25"
|
|
10
10
|
}
|
|
11
11
|
},
|
|
12
|
-
"minimumCliVersion": "2.
|
|
12
|
+
"minimumCliVersion": "2.1033.0"
|
|
13
13
|
}
|
|
@@ -381,57 +381,48 @@
|
|
|
381
381
|
"properties": {
|
|
382
382
|
"module": "aws-cdk-lib",
|
|
383
383
|
"flags": {
|
|
384
|
-
"@aws-cdk/
|
|
384
|
+
"@aws-cdk/aws-signer:signingProfileNamePassedToCfn": {
|
|
385
385
|
"recommendedValue": true,
|
|
386
|
-
"explanation": "
|
|
387
|
-
},
|
|
388
|
-
"aws-cdk:enableDiffNoFail": {
|
|
389
|
-
"recommendedValue": true,
|
|
390
|
-
"explanation": "Make `cdk diff` not fail when there are differences"
|
|
386
|
+
"explanation": "Pass signingProfileName to CfnSigningProfile"
|
|
391
387
|
},
|
|
392
388
|
"@aws-cdk/core:newStyleStackSynthesis": {
|
|
393
389
|
"recommendedValue": true,
|
|
394
|
-
"explanation": "Switch to new stack synthesis method which enables CI/CD"
|
|
390
|
+
"explanation": "Switch to new stack synthesis method which enables CI/CD",
|
|
391
|
+
"unconfiguredBehavesLike": {
|
|
392
|
+
"v2": true
|
|
393
|
+
}
|
|
395
394
|
},
|
|
396
395
|
"@aws-cdk/core:stackRelativeExports": {
|
|
397
396
|
"recommendedValue": true,
|
|
398
|
-
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path"
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
"explanation": "DockerImageAsset properly supports `.dockerignore` files by default"
|
|
403
|
-
},
|
|
404
|
-
"@aws-cdk/aws-secretsmanager:parseOwnedSecretName": {
|
|
405
|
-
"recommendedValue": true,
|
|
406
|
-
"explanation": "Fix the referencing of SecretsManager names from ARNs"
|
|
407
|
-
},
|
|
408
|
-
"@aws-cdk/aws-kms:defaultKeyPolicies": {
|
|
409
|
-
"recommendedValue": true,
|
|
410
|
-
"explanation": "Tighten default KMS key policies"
|
|
411
|
-
},
|
|
412
|
-
"@aws-cdk/aws-s3:grantWriteWithoutAcl": {
|
|
413
|
-
"recommendedValue": true,
|
|
414
|
-
"explanation": "Remove `PutObjectAcl` from Bucket.grantWrite"
|
|
397
|
+
"explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path",
|
|
398
|
+
"unconfiguredBehavesLike": {
|
|
399
|
+
"v2": true
|
|
400
|
+
}
|
|
415
401
|
},
|
|
416
|
-
"@aws-cdk/aws-ecs-patterns:
|
|
402
|
+
"@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": {
|
|
417
403
|
"recommendedValue": true,
|
|
418
|
-
"explanation": "
|
|
404
|
+
"explanation": "Disable implicit openListener when custom security groups are provided"
|
|
419
405
|
},
|
|
420
406
|
"@aws-cdk/aws-rds:lowercaseDbIdentifier": {
|
|
421
407
|
"recommendedValue": true,
|
|
422
|
-
"explanation": "Force lowercasing of RDS Cluster names in CDK"
|
|
408
|
+
"explanation": "Force lowercasing of RDS Cluster names in CDK",
|
|
409
|
+
"unconfiguredBehavesLike": {
|
|
410
|
+
"v2": true
|
|
411
|
+
}
|
|
423
412
|
},
|
|
424
413
|
"@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": {
|
|
425
414
|
"recommendedValue": true,
|
|
426
|
-
"explanation": "Allow adding/removing multiple UsagePlanKeys independently"
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
"explanation": "Enable this feature flag to have elastic file systems encrypted at rest by default."
|
|
415
|
+
"explanation": "Allow adding/removing multiple UsagePlanKeys independently",
|
|
416
|
+
"unconfiguredBehavesLike": {
|
|
417
|
+
"v2": true
|
|
418
|
+
}
|
|
431
419
|
},
|
|
432
420
|
"@aws-cdk/aws-lambda:recognizeVersionProps": {
|
|
433
421
|
"recommendedValue": true,
|
|
434
|
-
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`."
|
|
422
|
+
"explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.",
|
|
423
|
+
"unconfiguredBehavesLike": {
|
|
424
|
+
"v2": true
|
|
425
|
+
}
|
|
435
426
|
},
|
|
436
427
|
"@aws-cdk/aws-lambda:recognizeLayerVersion": {
|
|
437
428
|
"userValue": true,
|
|
@@ -440,7 +431,10 @@
|
|
|
440
431
|
},
|
|
441
432
|
"@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": {
|
|
442
433
|
"recommendedValue": true,
|
|
443
|
-
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default."
|
|
434
|
+
"explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.",
|
|
435
|
+
"unconfiguredBehavesLike": {
|
|
436
|
+
"v2": true
|
|
437
|
+
}
|
|
444
438
|
},
|
|
445
439
|
"@aws-cdk/core:checkSecretUsage": {
|
|
446
440
|
"userValue": true,
|
|
@@ -517,7 +511,7 @@
|
|
|
517
511
|
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": {
|
|
518
512
|
"userValue": true,
|
|
519
513
|
"recommendedValue": true,
|
|
520
|
-
"explanation": "Enable this feature to
|
|
514
|
+
"explanation": "Enable this feature to create default policy names for imported roles that depend on the stack the role is in."
|
|
521
515
|
},
|
|
522
516
|
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": {
|
|
523
517
|
"userValue": true,
|
|
@@ -661,7 +655,10 @@
|
|
|
661
655
|
},
|
|
662
656
|
"@aws-cdk/pipelines:reduceAssetRoleTrustScope": {
|
|
663
657
|
"recommendedValue": true,
|
|
664
|
-
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy"
|
|
658
|
+
"explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy",
|
|
659
|
+
"unconfiguredBehavesLike": {
|
|
660
|
+
"v2": true
|
|
661
|
+
}
|
|
665
662
|
},
|
|
666
663
|
"@aws-cdk/aws-eks:nodegroupNameAttribute": {
|
|
667
664
|
"userValue": true,
|
|
@@ -690,23 +687,16 @@
|
|
|
690
687
|
},
|
|
691
688
|
"@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": {
|
|
692
689
|
"recommendedValue": true,
|
|
693
|
-
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model."
|
|
690
|
+
"explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.",
|
|
691
|
+
"unconfiguredBehavesLike": {
|
|
692
|
+
"v2": true
|
|
693
|
+
}
|
|
694
694
|
},
|
|
695
695
|
"@aws-cdk/core:explicitStackTags": {
|
|
696
696
|
"userValue": true,
|
|
697
697
|
"recommendedValue": true,
|
|
698
698
|
"explanation": "When enabled, stack tags need to be assigned explicitly on a Stack."
|
|
699
699
|
},
|
|
700
|
-
"@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": {
|
|
701
|
-
"userValue": false,
|
|
702
|
-
"recommendedValue": false,
|
|
703
|
-
"explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**"
|
|
704
|
-
},
|
|
705
|
-
"@aws-cdk/aws-ecs:disableEcsImdsBlocking": {
|
|
706
|
-
"userValue": true,
|
|
707
|
-
"recommendedValue": true,
|
|
708
|
-
"explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**"
|
|
709
|
-
},
|
|
710
700
|
"@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": {
|
|
711
701
|
"userValue": true,
|
|
712
702
|
"recommendedValue": true,
|
|
@@ -754,7 +744,10 @@
|
|
|
754
744
|
},
|
|
755
745
|
"@aws-cdk/core:aspectStabilization": {
|
|
756
746
|
"recommendedValue": true,
|
|
757
|
-
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis."
|
|
747
|
+
"explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.",
|
|
748
|
+
"unconfiguredBehavesLike": {
|
|
749
|
+
"v2": true
|
|
750
|
+
}
|
|
758
751
|
},
|
|
759
752
|
"@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": {
|
|
760
753
|
"userValue": true,
|
|
@@ -788,7 +781,10 @@
|
|
|
788
781
|
},
|
|
789
782
|
"@aws-cdk/pipelines:reduceStageRoleTrustScope": {
|
|
790
783
|
"recommendedValue": true,
|
|
791
|
-
"explanation": "Remove the root account principal from Stage addActions trust policy"
|
|
784
|
+
"explanation": "Remove the root account principal from Stage addActions trust policy",
|
|
785
|
+
"unconfiguredBehavesLike": {
|
|
786
|
+
"v2": true
|
|
787
|
+
}
|
|
792
788
|
},
|
|
793
789
|
"@aws-cdk/aws-events:requireEventBusPolicySid": {
|
|
794
790
|
"userValue": true,
|
|
@@ -811,7 +807,10 @@
|
|
|
811
807
|
},
|
|
812
808
|
"@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": {
|
|
813
809
|
"recommendedValue": true,
|
|
814
|
-
"explanation": "When enabled, scopes down the trust policy for the cross-account action role"
|
|
810
|
+
"explanation": "When enabled, scopes down the trust policy for the cross-account action role",
|
|
811
|
+
"unconfiguredBehavesLike": {
|
|
812
|
+
"v2": true
|
|
813
|
+
}
|
|
815
814
|
},
|
|
816
815
|
"@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": {
|
|
817
816
|
"userValue": true,
|
|
@@ -841,6 +840,25 @@
|
|
|
841
840
|
"userValue": true,
|
|
842
841
|
"recommendedValue": true,
|
|
843
842
|
"explanation": "When enabled, CDK creates and manages loggroup for the lambda function"
|
|
843
|
+
},
|
|
844
|
+
"@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": {
|
|
845
|
+
"recommendedValue": true,
|
|
846
|
+
"explanation": "When enabled, Network Load Balancer will be created with a security group by default."
|
|
847
|
+
},
|
|
848
|
+
"@aws-cdk/aws-stepfunctions-tasks:httpInvokeDynamicJsonPathEndpoint": {
|
|
849
|
+
"recommendedValue": true,
|
|
850
|
+
"explanation": "When enabled, allows using a dynamic apiEndpoint with JSONPath format in HttpInvoke tasks.",
|
|
851
|
+
"unconfiguredBehavesLike": {
|
|
852
|
+
"v2": true
|
|
853
|
+
}
|
|
854
|
+
},
|
|
855
|
+
"@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": {
|
|
856
|
+
"recommendedValue": true,
|
|
857
|
+
"explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement"
|
|
858
|
+
},
|
|
859
|
+
"@aws-cdk/aws-route53-patterns:useDistribution": {
|
|
860
|
+
"recommendedValue": true,
|
|
861
|
+
"explanation": "Use the `Distribution` resource instead of `CloudFrontWebDistribution`"
|
|
844
862
|
}
|
|
845
863
|
}
|
|
846
864
|
}
|