@aws-solutions-constructs/aws-fargate-kinesisstreams 2.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/.eslintignore +4 -0
  2. package/.jsii +3760 -0
  3. package/README.md +119 -0
  4. package/architecture.png +0 -0
  5. package/lib/index.d.ts +129 -0
  6. package/lib/index.js +62 -0
  7. package/package.json +93 -0
  8. package/test/fargate-kinesisstreams.test.d.ts +13 -0
  9. package/test/fargate-kinesisstreams.test.js +518 -0
  10. package/test/integ.existingFargateService.d.ts +13 -0
  11. package/test/integ.existingFargateService.expected.json +1248 -0
  12. package/test/integ.existingFargateService.js +32 -0
  13. package/test/integ.existingStream.d.ts +13 -0
  14. package/test/integ.existingStream.expected.json +1247 -0
  15. package/test/integ.existingStream.js +35 -0
  16. package/test/integ.existingVpc.d.ts +13 -0
  17. package/test/integ.existingVpc.expected.json +1248 -0
  18. package/test/integ.existingVpc.js +33 -0
  19. package/test/integ.fargateServiceFromProps.d.ts +13 -0
  20. package/test/integ.fargateServiceFromProps.expected.json +1249 -0
  21. package/test/integ.fargateServiceFromProps.js +33 -0
  22. package/test/integ.noArguments.d.ts +13 -0
  23. package/test/integ.noArguments.expected.json +1248 -0
  24. package/test/integ.noArguments.js +29 -0
  25. package/test/integ.streamFromProps.d.ts +13 -0
  26. package/test/integ.streamFromProps.expected.json +1247 -0
  27. package/test/integ.streamFromProps.js +34 -0
  28. package/test/integ.vpcFromProps.d.ts +13 -0
  29. package/test/integ.vpcFromProps.expected.json +1248 -0
  30. package/test/integ.vpcFromProps.js +32 -0
package/test/integ.streamFromProps.expected.json ADDED
@@ -0,0 +1,1247 @@
1
+ {
2
+ "Resources": {
3
+ "testfargatekinesisstreamsKinesisStreamD31BD614": {
4
+ "Type": "AWS::Kinesis::Stream",
5
+ "Properties": {
6
+ "RetentionPeriodHours": 24,
7
+ "StreamEncryption": {
8
+ "EncryptionType": "KMS",
9
+ "KeyId": "alias/aws/kinesis"
10
+ },
11
+ "StreamModeDetails": {
12
+ "StreamMode": "ON_DEMAND"
13
+ }
14
+ }
15
+ },
16
+ "testfargatekinesisstreamsKinesisStreamGetRecordsIteratorAgeAlarm60755E90": {
17
+ "Type": "AWS::CloudWatch::Alarm",
18
+ "Properties": {
19
+ "ComparisonOperator": "GreaterThanOrEqualToThreshold",
20
+ "EvaluationPeriods": 1,
21
+ "AlarmDescription": "Consumer Record Processing Falling Behind, there is risk for data loss due to record expiration.",
22
+ "MetricName": "GetRecords.IteratorAgeMilliseconds",
23
+ "Namespace": "AWS/Kinesis",
24
+ "Period": 300,
25
+ "Statistic": "Maximum",
26
+ "Threshold": 43200000
27
+ }
28
+ },
29
+ "testfargatekinesisstreamsKinesisStreamReadProvisionedThroughputExceededAlarmDE16A9F2": {
30
+ "Type": "AWS::CloudWatch::Alarm",
31
+ "Properties": {
32
+ "ComparisonOperator": "GreaterThanThreshold",
33
+ "EvaluationPeriods": 1,
34
+ "AlarmDescription": "Consumer Application is Reading at a Slower Rate Than Expected.",
35
+ "MetricName": "ReadProvisionedThroughputExceeded",
36
+ "Namespace": "AWS/Kinesis",
37
+ "Period": 300,
38
+ "Statistic": "Average",
39
+ "Threshold": 0
40
+ }
41
+ },
42
+ "Vpc8378EB38": {
43
+ "Type": "AWS::EC2::VPC",
44
+ "Properties": {
45
+ "CidrBlock": "10.0.0.0/16",
46
+ "EnableDnsHostnames": true,
47
+ "EnableDnsSupport": true,
48
+ "InstanceTenancy": "default",
49
+ "Tags": [
50
+ {
51
+ "Key": "Name",
52
+ "Value": "streamFromProps/Vpc"
53
+ }
54
+ ]
55
+ }
56
+ },
57
+ "VpcPublicSubnet1Subnet5C2D37C4": {
58
+ "Type": "AWS::EC2::Subnet",
59
+ "Properties": {
60
+ "VpcId": {
61
+ "Ref": "Vpc8378EB38"
62
+ },
63
+ "AvailabilityZone": "test-region-1a",
64
+ "CidrBlock": "10.0.0.0/19",
65
+ "MapPublicIpOnLaunch": true,
66
+ "Tags": [
67
+ {
68
+ "Key": "aws-cdk:subnet-name",
69
+ "Value": "Public"
70
+ },
71
+ {
72
+ "Key": "aws-cdk:subnet-type",
73
+ "Value": "Public"
74
+ },
75
+ {
76
+ "Key": "Name",
77
+ "Value": "streamFromProps/Vpc/PublicSubnet1"
78
+ }
79
+ ]
80
+ },
81
+ "Metadata": {
82
+ "cfn_nag": {
83
+ "rules_to_suppress": [
84
+ {
85
+ "id": "W33",
86
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
87
+ }
88
+ ]
89
+ }
90
+ }
91
+ },
92
+ "VpcPublicSubnet1RouteTable6C95E38E": {
93
+ "Type": "AWS::EC2::RouteTable",
94
+ "Properties": {
95
+ "VpcId": {
96
+ "Ref": "Vpc8378EB38"
97
+ },
98
+ "Tags": [
99
+ {
100
+ "Key": "Name",
101
+ "Value": "streamFromProps/Vpc/PublicSubnet1"
102
+ }
103
+ ]
104
+ }
105
+ },
106
+ "VpcPublicSubnet1RouteTableAssociation97140677": {
107
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
108
+ "Properties": {
109
+ "RouteTableId": {
110
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
111
+ },
112
+ "SubnetId": {
113
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
114
+ }
115
+ }
116
+ },
117
+ "VpcPublicSubnet1DefaultRoute3DA9E72A": {
118
+ "Type": "AWS::EC2::Route",
119
+ "Properties": {
120
+ "RouteTableId": {
121
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
122
+ },
123
+ "DestinationCidrBlock": "0.0.0.0/0",
124
+ "GatewayId": {
125
+ "Ref": "VpcIGWD7BA715C"
126
+ }
127
+ },
128
+ "DependsOn": [
129
+ "VpcVPCGWBF912B6E"
130
+ ]
131
+ },
132
+ "VpcPublicSubnet1EIPD7E02669": {
133
+ "Type": "AWS::EC2::EIP",
134
+ "Properties": {
135
+ "Domain": "vpc",
136
+ "Tags": [
137
+ {
138
+ "Key": "Name",
139
+ "Value": "streamFromProps/Vpc/PublicSubnet1"
140
+ }
141
+ ]
142
+ }
143
+ },
144
+ "VpcPublicSubnet1NATGateway4D7517AA": {
145
+ "Type": "AWS::EC2::NatGateway",
146
+ "Properties": {
147
+ "SubnetId": {
148
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
149
+ },
150
+ "AllocationId": {
151
+ "Fn::GetAtt": [
152
+ "VpcPublicSubnet1EIPD7E02669",
153
+ "AllocationId"
154
+ ]
155
+ },
156
+ "Tags": [
157
+ {
158
+ "Key": "Name",
159
+ "Value": "streamFromProps/Vpc/PublicSubnet1"
160
+ }
161
+ ]
162
+ },
163
+ "DependsOn": [
164
+ "VpcPublicSubnet1DefaultRoute3DA9E72A",
165
+ "VpcPublicSubnet1RouteTableAssociation97140677"
166
+ ]
167
+ },
168
+ "VpcPublicSubnet2Subnet691E08A3": {
169
+ "Type": "AWS::EC2::Subnet",
170
+ "Properties": {
171
+ "VpcId": {
172
+ "Ref": "Vpc8378EB38"
173
+ },
174
+ "AvailabilityZone": "test-region-1b",
175
+ "CidrBlock": "10.0.32.0/19",
176
+ "MapPublicIpOnLaunch": true,
177
+ "Tags": [
178
+ {
179
+ "Key": "aws-cdk:subnet-name",
180
+ "Value": "Public"
181
+ },
182
+ {
183
+ "Key": "aws-cdk:subnet-type",
184
+ "Value": "Public"
185
+ },
186
+ {
187
+ "Key": "Name",
188
+ "Value": "streamFromProps/Vpc/PublicSubnet2"
189
+ }
190
+ ]
191
+ },
192
+ "Metadata": {
193
+ "cfn_nag": {
194
+ "rules_to_suppress": [
195
+ {
196
+ "id": "W33",
197
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
198
+ }
199
+ ]
200
+ }
201
+ }
202
+ },
203
+ "VpcPublicSubnet2RouteTable94F7E489": {
204
+ "Type": "AWS::EC2::RouteTable",
205
+ "Properties": {
206
+ "VpcId": {
207
+ "Ref": "Vpc8378EB38"
208
+ },
209
+ "Tags": [
210
+ {
211
+ "Key": "Name",
212
+ "Value": "streamFromProps/Vpc/PublicSubnet2"
213
+ }
214
+ ]
215
+ }
216
+ },
217
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
218
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
219
+ "Properties": {
220
+ "RouteTableId": {
221
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
222
+ },
223
+ "SubnetId": {
224
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
225
+ }
226
+ }
227
+ },
228
+ "VpcPublicSubnet2DefaultRoute97F91067": {
229
+ "Type": "AWS::EC2::Route",
230
+ "Properties": {
231
+ "RouteTableId": {
232
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
233
+ },
234
+ "DestinationCidrBlock": "0.0.0.0/0",
235
+ "GatewayId": {
236
+ "Ref": "VpcIGWD7BA715C"
237
+ }
238
+ },
239
+ "DependsOn": [
240
+ "VpcVPCGWBF912B6E"
241
+ ]
242
+ },
243
+ "VpcPublicSubnet2EIP3C605A87": {
244
+ "Type": "AWS::EC2::EIP",
245
+ "Properties": {
246
+ "Domain": "vpc",
247
+ "Tags": [
248
+ {
249
+ "Key": "Name",
250
+ "Value": "streamFromProps/Vpc/PublicSubnet2"
251
+ }
252
+ ]
253
+ }
254
+ },
255
+ "VpcPublicSubnet2NATGateway9182C01D": {
256
+ "Type": "AWS::EC2::NatGateway",
257
+ "Properties": {
258
+ "SubnetId": {
259
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
260
+ },
261
+ "AllocationId": {
262
+ "Fn::GetAtt": [
263
+ "VpcPublicSubnet2EIP3C605A87",
264
+ "AllocationId"
265
+ ]
266
+ },
267
+ "Tags": [
268
+ {
269
+ "Key": "Name",
270
+ "Value": "streamFromProps/Vpc/PublicSubnet2"
271
+ }
272
+ ]
273
+ },
274
+ "DependsOn": [
275
+ "VpcPublicSubnet2DefaultRoute97F91067",
276
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8"
277
+ ]
278
+ },
279
+ "VpcPublicSubnet3SubnetBE12F0B6": {
280
+ "Type": "AWS::EC2::Subnet",
281
+ "Properties": {
282
+ "VpcId": {
283
+ "Ref": "Vpc8378EB38"
284
+ },
285
+ "AvailabilityZone": "test-region-1c",
286
+ "CidrBlock": "10.0.64.0/19",
287
+ "MapPublicIpOnLaunch": true,
288
+ "Tags": [
289
+ {
290
+ "Key": "aws-cdk:subnet-name",
291
+ "Value": "Public"
292
+ },
293
+ {
294
+ "Key": "aws-cdk:subnet-type",
295
+ "Value": "Public"
296
+ },
297
+ {
298
+ "Key": "Name",
299
+ "Value": "streamFromProps/Vpc/PublicSubnet3"
300
+ }
301
+ ]
302
+ },
303
+ "Metadata": {
304
+ "cfn_nag": {
305
+ "rules_to_suppress": [
306
+ {
307
+ "id": "W33",
308
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
309
+ }
310
+ ]
311
+ }
312
+ }
313
+ },
314
+ "VpcPublicSubnet3RouteTable93458DBB": {
315
+ "Type": "AWS::EC2::RouteTable",
316
+ "Properties": {
317
+ "VpcId": {
318
+ "Ref": "Vpc8378EB38"
319
+ },
320
+ "Tags": [
321
+ {
322
+ "Key": "Name",
323
+ "Value": "streamFromProps/Vpc/PublicSubnet3"
324
+ }
325
+ ]
326
+ }
327
+ },
328
+ "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
329
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
330
+ "Properties": {
331
+ "RouteTableId": {
332
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
333
+ },
334
+ "SubnetId": {
335
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
336
+ }
337
+ }
338
+ },
339
+ "VpcPublicSubnet3DefaultRoute4697774F": {
340
+ "Type": "AWS::EC2::Route",
341
+ "Properties": {
342
+ "RouteTableId": {
343
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
344
+ },
345
+ "DestinationCidrBlock": "0.0.0.0/0",
346
+ "GatewayId": {
347
+ "Ref": "VpcIGWD7BA715C"
348
+ }
349
+ },
350
+ "DependsOn": [
351
+ "VpcVPCGWBF912B6E"
352
+ ]
353
+ },
354
+ "VpcPublicSubnet3EIP3A666A23": {
355
+ "Type": "AWS::EC2::EIP",
356
+ "Properties": {
357
+ "Domain": "vpc",
358
+ "Tags": [
359
+ {
360
+ "Key": "Name",
361
+ "Value": "streamFromProps/Vpc/PublicSubnet3"
362
+ }
363
+ ]
364
+ }
365
+ },
366
+ "VpcPublicSubnet3NATGateway7640CD1D": {
367
+ "Type": "AWS::EC2::NatGateway",
368
+ "Properties": {
369
+ "SubnetId": {
370
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
371
+ },
372
+ "AllocationId": {
373
+ "Fn::GetAtt": [
374
+ "VpcPublicSubnet3EIP3A666A23",
375
+ "AllocationId"
376
+ ]
377
+ },
378
+ "Tags": [
379
+ {
380
+ "Key": "Name",
381
+ "Value": "streamFromProps/Vpc/PublicSubnet3"
382
+ }
383
+ ]
384
+ },
385
+ "DependsOn": [
386
+ "VpcPublicSubnet3DefaultRoute4697774F",
387
+ "VpcPublicSubnet3RouteTableAssociation1F1EDF02"
388
+ ]
389
+ },
390
+ "VpcPrivateSubnet1Subnet536B997A": {
391
+ "Type": "AWS::EC2::Subnet",
392
+ "Properties": {
393
+ "VpcId": {
394
+ "Ref": "Vpc8378EB38"
395
+ },
396
+ "AvailabilityZone": "test-region-1a",
397
+ "CidrBlock": "10.0.96.0/19",
398
+ "MapPublicIpOnLaunch": false,
399
+ "Tags": [
400
+ {
401
+ "Key": "aws-cdk:subnet-name",
402
+ "Value": "Private"
403
+ },
404
+ {
405
+ "Key": "aws-cdk:subnet-type",
406
+ "Value": "Private"
407
+ },
408
+ {
409
+ "Key": "Name",
410
+ "Value": "streamFromProps/Vpc/PrivateSubnet1"
411
+ }
412
+ ]
413
+ }
414
+ },
415
+ "VpcPrivateSubnet1RouteTableB2C5B500": {
416
+ "Type": "AWS::EC2::RouteTable",
417
+ "Properties": {
418
+ "VpcId": {
419
+ "Ref": "Vpc8378EB38"
420
+ },
421
+ "Tags": [
422
+ {
423
+ "Key": "Name",
424
+ "Value": "streamFromProps/Vpc/PrivateSubnet1"
425
+ }
426
+ ]
427
+ }
428
+ },
429
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
430
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
431
+ "Properties": {
432
+ "RouteTableId": {
433
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
434
+ },
435
+ "SubnetId": {
436
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
437
+ }
438
+ }
439
+ },
440
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
441
+ "Type": "AWS::EC2::Route",
442
+ "Properties": {
443
+ "RouteTableId": {
444
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
445
+ },
446
+ "DestinationCidrBlock": "0.0.0.0/0",
447
+ "NatGatewayId": {
448
+ "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
449
+ }
450
+ }
451
+ },
452
+ "VpcPrivateSubnet2Subnet3788AAA1": {
453
+ "Type": "AWS::EC2::Subnet",
454
+ "Properties": {
455
+ "VpcId": {
456
+ "Ref": "Vpc8378EB38"
457
+ },
458
+ "AvailabilityZone": "test-region-1b",
459
+ "CidrBlock": "10.0.128.0/19",
460
+ "MapPublicIpOnLaunch": false,
461
+ "Tags": [
462
+ {
463
+ "Key": "aws-cdk:subnet-name",
464
+ "Value": "Private"
465
+ },
466
+ {
467
+ "Key": "aws-cdk:subnet-type",
468
+ "Value": "Private"
469
+ },
470
+ {
471
+ "Key": "Name",
472
+ "Value": "streamFromProps/Vpc/PrivateSubnet2"
473
+ }
474
+ ]
475
+ }
476
+ },
477
+ "VpcPrivateSubnet2RouteTableA678073B": {
478
+ "Type": "AWS::EC2::RouteTable",
479
+ "Properties": {
480
+ "VpcId": {
481
+ "Ref": "Vpc8378EB38"
482
+ },
483
+ "Tags": [
484
+ {
485
+ "Key": "Name",
486
+ "Value": "streamFromProps/Vpc/PrivateSubnet2"
487
+ }
488
+ ]
489
+ }
490
+ },
491
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
492
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
493
+ "Properties": {
494
+ "RouteTableId": {
495
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
496
+ },
497
+ "SubnetId": {
498
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
499
+ }
500
+ }
501
+ },
502
+ "VpcPrivateSubnet2DefaultRoute060D2087": {
503
+ "Type": "AWS::EC2::Route",
504
+ "Properties": {
505
+ "RouteTableId": {
506
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
507
+ },
508
+ "DestinationCidrBlock": "0.0.0.0/0",
509
+ "NatGatewayId": {
510
+ "Ref": "VpcPublicSubnet2NATGateway9182C01D"
511
+ }
512
+ }
513
+ },
514
+ "VpcPrivateSubnet3SubnetF258B56E": {
515
+ "Type": "AWS::EC2::Subnet",
516
+ "Properties": {
517
+ "VpcId": {
518
+ "Ref": "Vpc8378EB38"
519
+ },
520
+ "AvailabilityZone": "test-region-1c",
521
+ "CidrBlock": "10.0.160.0/19",
522
+ "MapPublicIpOnLaunch": false,
523
+ "Tags": [
524
+ {
525
+ "Key": "aws-cdk:subnet-name",
526
+ "Value": "Private"
527
+ },
528
+ {
529
+ "Key": "aws-cdk:subnet-type",
530
+ "Value": "Private"
531
+ },
532
+ {
533
+ "Key": "Name",
534
+ "Value": "streamFromProps/Vpc/PrivateSubnet3"
535
+ }
536
+ ]
537
+ }
538
+ },
539
+ "VpcPrivateSubnet3RouteTableD98824C7": {
540
+ "Type": "AWS::EC2::RouteTable",
541
+ "Properties": {
542
+ "VpcId": {
543
+ "Ref": "Vpc8378EB38"
544
+ },
545
+ "Tags": [
546
+ {
547
+ "Key": "Name",
548
+ "Value": "streamFromProps/Vpc/PrivateSubnet3"
549
+ }
550
+ ]
551
+ }
552
+ },
553
+ "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
554
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
555
+ "Properties": {
556
+ "RouteTableId": {
557
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
558
+ },
559
+ "SubnetId": {
560
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
561
+ }
562
+ }
563
+ },
564
+ "VpcPrivateSubnet3DefaultRoute94B74F0D": {
565
+ "Type": "AWS::EC2::Route",
566
+ "Properties": {
567
+ "RouteTableId": {
568
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
569
+ },
570
+ "DestinationCidrBlock": "0.0.0.0/0",
571
+ "NatGatewayId": {
572
+ "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
573
+ }
574
+ }
575
+ },
576
+ "VpcIGWD7BA715C": {
577
+ "Type": "AWS::EC2::InternetGateway",
578
+ "Properties": {
579
+ "Tags": [
580
+ {
581
+ "Key": "Name",
582
+ "Value": "streamFromProps/Vpc"
583
+ }
584
+ ]
585
+ }
586
+ },
587
+ "VpcVPCGWBF912B6E": {
588
+ "Type": "AWS::EC2::VPCGatewayAttachment",
589
+ "Properties": {
590
+ "VpcId": {
591
+ "Ref": "Vpc8378EB38"
592
+ },
593
+ "InternetGatewayId": {
594
+ "Ref": "VpcIGWD7BA715C"
595
+ }
596
+ }
597
+ },
598
+ "VpcFlowLogIAMRole6A475D41": {
599
+ "Type": "AWS::IAM::Role",
600
+ "Properties": {
601
+ "AssumeRolePolicyDocument": {
602
+ "Statement": [
603
+ {
604
+ "Action": "sts:AssumeRole",
605
+ "Effect": "Allow",
606
+ "Principal": {
607
+ "Service": "vpc-flow-logs.amazonaws.com"
608
+ }
609
+ }
610
+ ],
611
+ "Version": "2012-10-17"
612
+ },
613
+ "Tags": [
614
+ {
615
+ "Key": "Name",
616
+ "Value": "streamFromProps/Vpc"
617
+ }
618
+ ]
619
+ }
620
+ },
621
+ "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
622
+ "Type": "AWS::IAM::Policy",
623
+ "Properties": {
624
+ "PolicyDocument": {
625
+ "Statement": [
626
+ {
627
+ "Action": [
628
+ "logs:CreateLogStream",
629
+ "logs:PutLogEvents",
630
+ "logs:DescribeLogStreams"
631
+ ],
632
+ "Effect": "Allow",
633
+ "Resource": {
634
+ "Fn::GetAtt": [
635
+ "VpcFlowLogLogGroup7B5C56B9",
636
+ "Arn"
637
+ ]
638
+ }
639
+ },
640
+ {
641
+ "Action": "iam:PassRole",
642
+ "Effect": "Allow",
643
+ "Resource": {
644
+ "Fn::GetAtt": [
645
+ "VpcFlowLogIAMRole6A475D41",
646
+ "Arn"
647
+ ]
648
+ }
649
+ }
650
+ ],
651
+ "Version": "2012-10-17"
652
+ },
653
+ "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
654
+ "Roles": [
655
+ {
656
+ "Ref": "VpcFlowLogIAMRole6A475D41"
657
+ }
658
+ ]
659
+ }
660
+ },
661
+ "VpcFlowLogLogGroup7B5C56B9": {
662
+ "Type": "AWS::Logs::LogGroup",
663
+ "Properties": {
664
+ "RetentionInDays": 731,
665
+ "Tags": [
666
+ {
667
+ "Key": "Name",
668
+ "Value": "streamFromProps/Vpc"
669
+ }
670
+ ]
671
+ },
672
+ "UpdateReplacePolicy": "Retain",
673
+ "DeletionPolicy": "Retain",
674
+ "Metadata": {
675
+ "cfn_nag": {
676
+ "rules_to_suppress": [
677
+ {
678
+ "id": "W84",
679
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
680
+ }
681
+ ]
682
+ }
683
+ }
684
+ },
685
+ "VpcFlowLog8FF33A73": {
686
+ "Type": "AWS::EC2::FlowLog",
687
+ "Properties": {
688
+ "ResourceId": {
689
+ "Ref": "Vpc8378EB38"
690
+ },
691
+ "ResourceType": "VPC",
692
+ "DeliverLogsPermissionArn": {
693
+ "Fn::GetAtt": [
694
+ "VpcFlowLogIAMRole6A475D41",
695
+ "Arn"
696
+ ]
697
+ },
698
+ "LogDestinationType": "cloud-watch-logs",
699
+ "LogGroupName": {
700
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
701
+ },
702
+ "Tags": [
703
+ {
704
+ "Key": "Name",
705
+ "Value": "streamFromProps/Vpc"
706
+ }
707
+ ],
708
+ "TrafficType": "ALL"
709
+ }
710
+ },
711
+ "VpcKINESISSTREAMSC07D91B5": {
712
+ "Type": "AWS::EC2::VPCEndpoint",
713
+ "Properties": {
714
+ "ServiceName": {
715
+ "Fn::Join": [
716
+ "",
717
+ [
718
+ "com.amazonaws.",
719
+ {
720
+ "Ref": "AWS::Region"
721
+ },
722
+ ".kinesis-streams"
723
+ ]
724
+ ]
725
+ },
726
+ "VpcId": {
727
+ "Ref": "Vpc8378EB38"
728
+ },
729
+ "PrivateDnsEnabled": true,
730
+ "SecurityGroupIds": [
731
+ {
732
+ "Fn::GetAtt": [
733
+ "streamFromPropsKINESISSTREAMSsecuritygroup68986EDF",
734
+ "GroupId"
735
+ ]
736
+ }
737
+ ],
738
+ "SubnetIds": [
739
+ {
740
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
741
+ },
742
+ {
743
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
744
+ },
745
+ {
746
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
747
+ }
748
+ ],
749
+ "VpcEndpointType": "Interface"
750
+ }
751
+ },
752
+ "VpcECRAPI9A3B6A2B": {
753
+ "Type": "AWS::EC2::VPCEndpoint",
754
+ "Properties": {
755
+ "ServiceName": {
756
+ "Fn::Join": [
757
+ "",
758
+ [
759
+ "com.amazonaws.",
760
+ {
761
+ "Ref": "AWS::Region"
762
+ },
763
+ ".ecr.api"
764
+ ]
765
+ ]
766
+ },
767
+ "VpcId": {
768
+ "Ref": "Vpc8378EB38"
769
+ },
770
+ "PrivateDnsEnabled": true,
771
+ "SecurityGroupIds": [
772
+ {
773
+ "Fn::GetAtt": [
774
+ "streamFromPropsECRAPIsecuritygroupFDB580C0",
775
+ "GroupId"
776
+ ]
777
+ }
778
+ ],
779
+ "SubnetIds": [
780
+ {
781
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
782
+ },
783
+ {
784
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
785
+ },
786
+ {
787
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
788
+ }
789
+ ],
790
+ "VpcEndpointType": "Interface"
791
+ }
792
+ },
793
+ "VpcECRDKR604E039F": {
794
+ "Type": "AWS::EC2::VPCEndpoint",
795
+ "Properties": {
796
+ "ServiceName": {
797
+ "Fn::Join": [
798
+ "",
799
+ [
800
+ "com.amazonaws.",
801
+ {
802
+ "Ref": "AWS::Region"
803
+ },
804
+ ".ecr.dkr"
805
+ ]
806
+ ]
807
+ },
808
+ "VpcId": {
809
+ "Ref": "Vpc8378EB38"
810
+ },
811
+ "PrivateDnsEnabled": true,
812
+ "SecurityGroupIds": [
813
+ {
814
+ "Fn::GetAtt": [
815
+ "streamFromPropsECRDKRsecuritygroupEB1BC2F0",
816
+ "GroupId"
817
+ ]
818
+ }
819
+ ],
820
+ "SubnetIds": [
821
+ {
822
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
823
+ },
824
+ {
825
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
826
+ },
827
+ {
828
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
829
+ }
830
+ ],
831
+ "VpcEndpointType": "Interface"
832
+ }
833
+ },
834
+ "VpcS3A5408339": {
835
+ "Type": "AWS::EC2::VPCEndpoint",
836
+ "Properties": {
837
+ "ServiceName": {
838
+ "Fn::Join": [
839
+ "",
840
+ [
841
+ "com.amazonaws.",
842
+ {
843
+ "Ref": "AWS::Region"
844
+ },
845
+ ".s3"
846
+ ]
847
+ ]
848
+ },
849
+ "VpcId": {
850
+ "Ref": "Vpc8378EB38"
851
+ },
852
+ "RouteTableIds": [
853
+ {
854
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
855
+ },
856
+ {
857
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
858
+ },
859
+ {
860
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
861
+ },
862
+ {
863
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
864
+ },
865
+ {
866
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
867
+ },
868
+ {
869
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
870
+ }
871
+ ],
872
+ "VpcEndpointType": "Gateway"
873
+ }
874
+ },
875
+ "streamFromPropsKINESISSTREAMSsecuritygroup68986EDF": {
876
+ "Type": "AWS::EC2::SecurityGroup",
877
+ "Properties": {
878
+ "GroupDescription": "streamFromProps/streamFromProps-KINESIS_STREAMS-security-group",
879
+ "SecurityGroupEgress": [
880
+ {
881
+ "CidrIp": "0.0.0.0/0",
882
+ "Description": "Allow all outbound traffic by default",
883
+ "IpProtocol": "-1"
884
+ }
885
+ ],
886
+ "SecurityGroupIngress": [
887
+ {
888
+ "CidrIp": {
889
+ "Fn::GetAtt": [
890
+ "Vpc8378EB38",
891
+ "CidrBlock"
892
+ ]
893
+ },
894
+ "Description": {
895
+ "Fn::Join": [
896
+ "",
897
+ [
898
+ "from ",
899
+ {
900
+ "Fn::GetAtt": [
901
+ "Vpc8378EB38",
902
+ "CidrBlock"
903
+ ]
904
+ },
905
+ ":443"
906
+ ]
907
+ ]
908
+ },
909
+ "FromPort": 443,
910
+ "IpProtocol": "tcp",
911
+ "ToPort": 443
912
+ }
913
+ ],
914
+ "VpcId": {
915
+ "Ref": "Vpc8378EB38"
916
+ }
917
+ },
918
+ "Metadata": {
919
+ "cfn_nag": {
920
+ "rules_to_suppress": [
921
+ {
922
+ "id": "W5",
923
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
924
+ },
925
+ {
926
+ "id": "W40",
927
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
928
+ }
929
+ ]
930
+ }
931
+ }
932
+ },
933
+ "streamFromPropsECRAPIsecuritygroupFDB580C0": {
934
+ "Type": "AWS::EC2::SecurityGroup",
935
+ "Properties": {
936
+ "GroupDescription": "streamFromProps/streamFromProps-ECR_API-security-group",
937
+ "SecurityGroupEgress": [
938
+ {
939
+ "CidrIp": "0.0.0.0/0",
940
+ "Description": "Allow all outbound traffic by default",
941
+ "IpProtocol": "-1"
942
+ }
943
+ ],
944
+ "SecurityGroupIngress": [
945
+ {
946
+ "CidrIp": {
947
+ "Fn::GetAtt": [
948
+ "Vpc8378EB38",
949
+ "CidrBlock"
950
+ ]
951
+ },
952
+ "Description": {
953
+ "Fn::Join": [
954
+ "",
955
+ [
956
+ "from ",
957
+ {
958
+ "Fn::GetAtt": [
959
+ "Vpc8378EB38",
960
+ "CidrBlock"
961
+ ]
962
+ },
963
+ ":443"
964
+ ]
965
+ ]
966
+ },
967
+ "FromPort": 443,
968
+ "IpProtocol": "tcp",
969
+ "ToPort": 443
970
+ }
971
+ ],
972
+ "VpcId": {
973
+ "Ref": "Vpc8378EB38"
974
+ }
975
+ },
976
+ "Metadata": {
977
+ "cfn_nag": {
978
+ "rules_to_suppress": [
979
+ {
980
+ "id": "W5",
981
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
982
+ },
983
+ {
984
+ "id": "W40",
985
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
986
+ }
987
+ ]
988
+ }
989
+ }
990
+ },
991
+ "streamFromPropsECRDKRsecuritygroupEB1BC2F0": {
992
+ "Type": "AWS::EC2::SecurityGroup",
993
+ "Properties": {
994
+ "GroupDescription": "streamFromProps/streamFromProps-ECR_DKR-security-group",
995
+ "SecurityGroupEgress": [
996
+ {
997
+ "CidrIp": "0.0.0.0/0",
998
+ "Description": "Allow all outbound traffic by default",
999
+ "IpProtocol": "-1"
1000
+ }
1001
+ ],
1002
+ "SecurityGroupIngress": [
1003
+ {
1004
+ "CidrIp": {
1005
+ "Fn::GetAtt": [
1006
+ "Vpc8378EB38",
1007
+ "CidrBlock"
1008
+ ]
1009
+ },
1010
+ "Description": {
1011
+ "Fn::Join": [
1012
+ "",
1013
+ [
1014
+ "from ",
1015
+ {
1016
+ "Fn::GetAtt": [
1017
+ "Vpc8378EB38",
1018
+ "CidrBlock"
1019
+ ]
1020
+ },
1021
+ ":443"
1022
+ ]
1023
+ ]
1024
+ },
1025
+ "FromPort": 443,
1026
+ "IpProtocol": "tcp",
1027
+ "ToPort": 443
1028
+ }
1029
+ ],
1030
+ "VpcId": {
1031
+ "Ref": "Vpc8378EB38"
1032
+ }
1033
+ },
1034
+ "Metadata": {
1035
+ "cfn_nag": {
1036
+ "rules_to_suppress": [
1037
+ {
1038
+ "id": "W5",
1039
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1040
+ },
1041
+ {
1042
+ "id": "W40",
1043
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1044
+ }
1045
+ ]
1046
+ }
1047
+ }
1048
+ },
1049
+ "testfargatekinesisstreamsclusterEA5A2AD7": {
1050
+ "Type": "AWS::ECS::Cluster"
1051
+ },
1052
+ "testfargatekinesisstreamstaskdefTaskRole9811F3BE": {
1053
+ "Type": "AWS::IAM::Role",
1054
+ "Properties": {
1055
+ "AssumeRolePolicyDocument": {
1056
+ "Statement": [
1057
+ {
1058
+ "Action": "sts:AssumeRole",
1059
+ "Effect": "Allow",
1060
+ "Principal": {
1061
+ "Service": "ecs-tasks.amazonaws.com"
1062
+ }
1063
+ }
1064
+ ],
1065
+ "Version": "2012-10-17"
1066
+ }
1067
+ }
1068
+ },
1069
+ "testfargatekinesisstreamstaskdefTaskRoleDefaultPolicyAE7EF3E4": {
1070
+ "Type": "AWS::IAM::Policy",
1071
+ "Properties": {
1072
+ "PolicyDocument": {
1073
+ "Statement": [
1074
+ {
1075
+ "Action": [
1076
+ "kinesis:ListShards",
1077
+ "kinesis:PutRecord",
1078
+ "kinesis:PutRecords"
1079
+ ],
1080
+ "Effect": "Allow",
1081
+ "Resource": {
1082
+ "Fn::GetAtt": [
1083
+ "testfargatekinesisstreamsKinesisStreamD31BD614",
1084
+ "Arn"
1085
+ ]
1086
+ }
1087
+ }
1088
+ ],
1089
+ "Version": "2012-10-17"
1090
+ },
1091
+ "PolicyName": "testfargatekinesisstreamstaskdefTaskRoleDefaultPolicyAE7EF3E4",
1092
+ "Roles": [
1093
+ {
1094
+ "Ref": "testfargatekinesisstreamstaskdefTaskRole9811F3BE"
1095
+ }
1096
+ ]
1097
+ }
1098
+ },
1099
+ "testfargatekinesisstreamstaskdef402FE0B3": {
1100
+ "Type": "AWS::ECS::TaskDefinition",
1101
+ "Properties": {
1102
+ "ContainerDefinitions": [
1103
+ {
1104
+ "Environment": [
1105
+ {
1106
+ "Name": "KINESIS_DATASTREAM_NAME",
1107
+ "Value": {
1108
+ "Ref": "testfargatekinesisstreamsKinesisStreamD31BD614"
1109
+ }
1110
+ }
1111
+ ],
1112
+ "Essential": true,
1113
+ "Image": "nginx",
1114
+ "MemoryReservation": 512,
1115
+ "Name": "test-fargate-kinesisstreams-container",
1116
+ "PortMappings": [
1117
+ {
1118
+ "ContainerPort": 8080,
1119
+ "Protocol": "tcp"
1120
+ }
1121
+ ]
1122
+ }
1123
+ ],
1124
+ "Cpu": "256",
1125
+ "Family": "streamFromPropstestfargatekinesisstreamstaskdef639261D4",
1126
+ "Memory": "512",
1127
+ "NetworkMode": "awsvpc",
1128
+ "RequiresCompatibilities": [
1129
+ "FARGATE"
1130
+ ],
1131
+ "TaskRoleArn": {
1132
+ "Fn::GetAtt": [
1133
+ "testfargatekinesisstreamstaskdefTaskRole9811F3BE",
1134
+ "Arn"
1135
+ ]
1136
+ }
1137
+ }
1138
+ },
1139
+ "testfargatekinesisstreamssgBA506AC6": {
1140
+ "Type": "AWS::EC2::SecurityGroup",
1141
+ "Properties": {
1142
+ "GroupDescription": "Construct created security group",
1143
+ "SecurityGroupEgress": [
1144
+ {
1145
+ "CidrIp": "0.0.0.0/0",
1146
+ "Description": "Allow all outbound traffic by default",
1147
+ "IpProtocol": "-1"
1148
+ }
1149
+ ],
1150
+ "VpcId": {
1151
+ "Ref": "Vpc8378EB38"
1152
+ }
1153
+ },
1154
+ "Metadata": {
1155
+ "cfn_nag": {
1156
+ "rules_to_suppress": [
1157
+ {
1158
+ "id": "W5",
1159
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1160
+ },
1161
+ {
1162
+ "id": "W40",
1163
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1164
+ }
1165
+ ]
1166
+ }
1167
+ }
1168
+ },
1169
+ "testfargatekinesisstreamsserviceService5AE7AADF": {
1170
+ "Type": "AWS::ECS::Service",
1171
+ "Properties": {
1172
+ "Cluster": {
1173
+ "Ref": "testfargatekinesisstreamsclusterEA5A2AD7"
1174
+ },
1175
+ "DeploymentConfiguration": {
1176
+ "MaximumPercent": 150,
1177
+ "MinimumHealthyPercent": 75
1178
+ },
1179
+ "DesiredCount": 2,
1180
+ "EnableECSManagedTags": false,
1181
+ "LaunchType": "FARGATE",
1182
+ "NetworkConfiguration": {
1183
+ "AwsvpcConfiguration": {
1184
+ "AssignPublicIp": "DISABLED",
1185
+ "SecurityGroups": [
1186
+ {
1187
+ "Fn::GetAtt": [
1188
+ "testfargatekinesisstreamssgBA506AC6",
1189
+ "GroupId"
1190
+ ]
1191
+ }
1192
+ ],
1193
+ "Subnets": [
1194
+ {
1195
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
1196
+ },
1197
+ {
1198
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
1199
+ },
1200
+ {
1201
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
1202
+ }
1203
+ ]
1204
+ }
1205
+ },
1206
+ "PlatformVersion": "LATEST",
1207
+ "TaskDefinition": {
1208
+ "Ref": "testfargatekinesisstreamstaskdef402FE0B3"
1209
+ }
1210
+ }
1211
+ }
1212
+ },
1213
+ "Parameters": {
1214
+ "BootstrapVersion": {
1215
+ "Type": "AWS::SSM::Parameter::Value<String>",
1216
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1217
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1218
+ }
1219
+ },
1220
+ "Rules": {
1221
+ "CheckBootstrapVersion": {
1222
+ "Assertions": [
1223
+ {
1224
+ "Assert": {
1225
+ "Fn::Not": [
1226
+ {
1227
+ "Fn::Contains": [
1228
+ [
1229
+ "1",
1230
+ "2",
1231
+ "3",
1232
+ "4",
1233
+ "5"
1234
+ ],
1235
+ {
1236
+ "Ref": "BootstrapVersion"
1237
+ }
1238
+ ]
1239
+ }
1240
+ ]
1241
+ },
1242
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1243
+ }
1244
+ ]
1245
+ }
1246
+ }
1247
+ }