@aws-solutions-constructs/aws-fargate-kinesisstreams 2.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/.eslintignore +4 -0
  2. package/.jsii +3760 -0
  3. package/README.md +119 -0
  4. package/architecture.png +0 -0
  5. package/lib/index.d.ts +129 -0
  6. package/lib/index.js +62 -0
  7. package/package.json +93 -0
  8. package/test/fargate-kinesisstreams.test.d.ts +13 -0
  9. package/test/fargate-kinesisstreams.test.js +518 -0
  10. package/test/integ.existingFargateService.d.ts +13 -0
  11. package/test/integ.existingFargateService.expected.json +1248 -0
  12. package/test/integ.existingFargateService.js +32 -0
  13. package/test/integ.existingStream.d.ts +13 -0
  14. package/test/integ.existingStream.expected.json +1247 -0
  15. package/test/integ.existingStream.js +35 -0
  16. package/test/integ.existingVpc.d.ts +13 -0
  17. package/test/integ.existingVpc.expected.json +1248 -0
  18. package/test/integ.existingVpc.js +33 -0
  19. package/test/integ.fargateServiceFromProps.d.ts +13 -0
  20. package/test/integ.fargateServiceFromProps.expected.json +1249 -0
  21. package/test/integ.fargateServiceFromProps.js +33 -0
  22. package/test/integ.noArguments.d.ts +13 -0
  23. package/test/integ.noArguments.expected.json +1248 -0
  24. package/test/integ.noArguments.js +29 -0
  25. package/test/integ.streamFromProps.d.ts +13 -0
  26. package/test/integ.streamFromProps.expected.json +1247 -0
  27. package/test/integ.streamFromProps.js +34 -0
  28. package/test/integ.vpcFromProps.d.ts +13 -0
  29. package/test/integ.vpcFromProps.expected.json +1248 -0
  30. package/test/integ.vpcFromProps.js +32 -0
package/test/integ.existingFargateService.expected.json ADDED
@@ -0,0 +1,1248 @@
1
+ {
2
+ "Resources": {
3
+ "Vpc8378EB38": {
4
+ "Type": "AWS::EC2::VPC",
5
+ "Properties": {
6
+ "CidrBlock": "172.168.0.0/16",
7
+ "EnableDnsHostnames": true,
8
+ "EnableDnsSupport": true,
9
+ "InstanceTenancy": "default",
10
+ "Tags": [
11
+ {
12
+ "Key": "Name",
13
+ "Value": "existingFargateService/Vpc"
14
+ }
15
+ ]
16
+ }
17
+ },
18
+ "VpcPublicSubnet1Subnet5C2D37C4": {
19
+ "Type": "AWS::EC2::Subnet",
20
+ "Properties": {
21
+ "VpcId": {
22
+ "Ref": "Vpc8378EB38"
23
+ },
24
+ "AvailabilityZone": "test-region-1a",
25
+ "CidrBlock": "172.168.0.0/19",
26
+ "MapPublicIpOnLaunch": true,
27
+ "Tags": [
28
+ {
29
+ "Key": "aws-cdk:subnet-name",
30
+ "Value": "Public"
31
+ },
32
+ {
33
+ "Key": "aws-cdk:subnet-type",
34
+ "Value": "Public"
35
+ },
36
+ {
37
+ "Key": "Name",
38
+ "Value": "existingFargateService/Vpc/PublicSubnet1"
39
+ }
40
+ ]
41
+ },
42
+ "Metadata": {
43
+ "cfn_nag": {
44
+ "rules_to_suppress": [
45
+ {
46
+ "id": "W33",
47
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
48
+ }
49
+ ]
50
+ }
51
+ }
52
+ },
53
+ "VpcPublicSubnet1RouteTable6C95E38E": {
54
+ "Type": "AWS::EC2::RouteTable",
55
+ "Properties": {
56
+ "VpcId": {
57
+ "Ref": "Vpc8378EB38"
58
+ },
59
+ "Tags": [
60
+ {
61
+ "Key": "Name",
62
+ "Value": "existingFargateService/Vpc/PublicSubnet1"
63
+ }
64
+ ]
65
+ }
66
+ },
67
+ "VpcPublicSubnet1RouteTableAssociation97140677": {
68
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
69
+ "Properties": {
70
+ "RouteTableId": {
71
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
72
+ },
73
+ "SubnetId": {
74
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
75
+ }
76
+ }
77
+ },
78
+ "VpcPublicSubnet1DefaultRoute3DA9E72A": {
79
+ "Type": "AWS::EC2::Route",
80
+ "Properties": {
81
+ "RouteTableId": {
82
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
83
+ },
84
+ "DestinationCidrBlock": "0.0.0.0/0",
85
+ "GatewayId": {
86
+ "Ref": "VpcIGWD7BA715C"
87
+ }
88
+ },
89
+ "DependsOn": [
90
+ "VpcVPCGWBF912B6E"
91
+ ]
92
+ },
93
+ "VpcPublicSubnet1EIPD7E02669": {
94
+ "Type": "AWS::EC2::EIP",
95
+ "Properties": {
96
+ "Domain": "vpc",
97
+ "Tags": [
98
+ {
99
+ "Key": "Name",
100
+ "Value": "existingFargateService/Vpc/PublicSubnet1"
101
+ }
102
+ ]
103
+ }
104
+ },
105
+ "VpcPublicSubnet1NATGateway4D7517AA": {
106
+ "Type": "AWS::EC2::NatGateway",
107
+ "Properties": {
108
+ "SubnetId": {
109
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
110
+ },
111
+ "AllocationId": {
112
+ "Fn::GetAtt": [
113
+ "VpcPublicSubnet1EIPD7E02669",
114
+ "AllocationId"
115
+ ]
116
+ },
117
+ "Tags": [
118
+ {
119
+ "Key": "Name",
120
+ "Value": "existingFargateService/Vpc/PublicSubnet1"
121
+ }
122
+ ]
123
+ },
124
+ "DependsOn": [
125
+ "VpcPublicSubnet1DefaultRoute3DA9E72A",
126
+ "VpcPublicSubnet1RouteTableAssociation97140677"
127
+ ]
128
+ },
129
+ "VpcPublicSubnet2Subnet691E08A3": {
130
+ "Type": "AWS::EC2::Subnet",
131
+ "Properties": {
132
+ "VpcId": {
133
+ "Ref": "Vpc8378EB38"
134
+ },
135
+ "AvailabilityZone": "test-region-1b",
136
+ "CidrBlock": "172.168.32.0/19",
137
+ "MapPublicIpOnLaunch": true,
138
+ "Tags": [
139
+ {
140
+ "Key": "aws-cdk:subnet-name",
141
+ "Value": "Public"
142
+ },
143
+ {
144
+ "Key": "aws-cdk:subnet-type",
145
+ "Value": "Public"
146
+ },
147
+ {
148
+ "Key": "Name",
149
+ "Value": "existingFargateService/Vpc/PublicSubnet2"
150
+ }
151
+ ]
152
+ },
153
+ "Metadata": {
154
+ "cfn_nag": {
155
+ "rules_to_suppress": [
156
+ {
157
+ "id": "W33",
158
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
159
+ }
160
+ ]
161
+ }
162
+ }
163
+ },
164
+ "VpcPublicSubnet2RouteTable94F7E489": {
165
+ "Type": "AWS::EC2::RouteTable",
166
+ "Properties": {
167
+ "VpcId": {
168
+ "Ref": "Vpc8378EB38"
169
+ },
170
+ "Tags": [
171
+ {
172
+ "Key": "Name",
173
+ "Value": "existingFargateService/Vpc/PublicSubnet2"
174
+ }
175
+ ]
176
+ }
177
+ },
178
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
179
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
180
+ "Properties": {
181
+ "RouteTableId": {
182
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
183
+ },
184
+ "SubnetId": {
185
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
186
+ }
187
+ }
188
+ },
189
+ "VpcPublicSubnet2DefaultRoute97F91067": {
190
+ "Type": "AWS::EC2::Route",
191
+ "Properties": {
192
+ "RouteTableId": {
193
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
194
+ },
195
+ "DestinationCidrBlock": "0.0.0.0/0",
196
+ "GatewayId": {
197
+ "Ref": "VpcIGWD7BA715C"
198
+ }
199
+ },
200
+ "DependsOn": [
201
+ "VpcVPCGWBF912B6E"
202
+ ]
203
+ },
204
+ "VpcPublicSubnet2EIP3C605A87": {
205
+ "Type": "AWS::EC2::EIP",
206
+ "Properties": {
207
+ "Domain": "vpc",
208
+ "Tags": [
209
+ {
210
+ "Key": "Name",
211
+ "Value": "existingFargateService/Vpc/PublicSubnet2"
212
+ }
213
+ ]
214
+ }
215
+ },
216
+ "VpcPublicSubnet2NATGateway9182C01D": {
217
+ "Type": "AWS::EC2::NatGateway",
218
+ "Properties": {
219
+ "SubnetId": {
220
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
221
+ },
222
+ "AllocationId": {
223
+ "Fn::GetAtt": [
224
+ "VpcPublicSubnet2EIP3C605A87",
225
+ "AllocationId"
226
+ ]
227
+ },
228
+ "Tags": [
229
+ {
230
+ "Key": "Name",
231
+ "Value": "existingFargateService/Vpc/PublicSubnet2"
232
+ }
233
+ ]
234
+ },
235
+ "DependsOn": [
236
+ "VpcPublicSubnet2DefaultRoute97F91067",
237
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8"
238
+ ]
239
+ },
240
+ "VpcPublicSubnet3SubnetBE12F0B6": {
241
+ "Type": "AWS::EC2::Subnet",
242
+ "Properties": {
243
+ "VpcId": {
244
+ "Ref": "Vpc8378EB38"
245
+ },
246
+ "AvailabilityZone": "test-region-1c",
247
+ "CidrBlock": "172.168.64.0/19",
248
+ "MapPublicIpOnLaunch": true,
249
+ "Tags": [
250
+ {
251
+ "Key": "aws-cdk:subnet-name",
252
+ "Value": "Public"
253
+ },
254
+ {
255
+ "Key": "aws-cdk:subnet-type",
256
+ "Value": "Public"
257
+ },
258
+ {
259
+ "Key": "Name",
260
+ "Value": "existingFargateService/Vpc/PublicSubnet3"
261
+ }
262
+ ]
263
+ },
264
+ "Metadata": {
265
+ "cfn_nag": {
266
+ "rules_to_suppress": [
267
+ {
268
+ "id": "W33",
269
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
270
+ }
271
+ ]
272
+ }
273
+ }
274
+ },
275
+ "VpcPublicSubnet3RouteTable93458DBB": {
276
+ "Type": "AWS::EC2::RouteTable",
277
+ "Properties": {
278
+ "VpcId": {
279
+ "Ref": "Vpc8378EB38"
280
+ },
281
+ "Tags": [
282
+ {
283
+ "Key": "Name",
284
+ "Value": "existingFargateService/Vpc/PublicSubnet3"
285
+ }
286
+ ]
287
+ }
288
+ },
289
+ "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
290
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
291
+ "Properties": {
292
+ "RouteTableId": {
293
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
294
+ },
295
+ "SubnetId": {
296
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
297
+ }
298
+ }
299
+ },
300
+ "VpcPublicSubnet3DefaultRoute4697774F": {
301
+ "Type": "AWS::EC2::Route",
302
+ "Properties": {
303
+ "RouteTableId": {
304
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
305
+ },
306
+ "DestinationCidrBlock": "0.0.0.0/0",
307
+ "GatewayId": {
308
+ "Ref": "VpcIGWD7BA715C"
309
+ }
310
+ },
311
+ "DependsOn": [
312
+ "VpcVPCGWBF912B6E"
313
+ ]
314
+ },
315
+ "VpcPublicSubnet3EIP3A666A23": {
316
+ "Type": "AWS::EC2::EIP",
317
+ "Properties": {
318
+ "Domain": "vpc",
319
+ "Tags": [
320
+ {
321
+ "Key": "Name",
322
+ "Value": "existingFargateService/Vpc/PublicSubnet3"
323
+ }
324
+ ]
325
+ }
326
+ },
327
+ "VpcPublicSubnet3NATGateway7640CD1D": {
328
+ "Type": "AWS::EC2::NatGateway",
329
+ "Properties": {
330
+ "SubnetId": {
331
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
332
+ },
333
+ "AllocationId": {
334
+ "Fn::GetAtt": [
335
+ "VpcPublicSubnet3EIP3A666A23",
336
+ "AllocationId"
337
+ ]
338
+ },
339
+ "Tags": [
340
+ {
341
+ "Key": "Name",
342
+ "Value": "existingFargateService/Vpc/PublicSubnet3"
343
+ }
344
+ ]
345
+ },
346
+ "DependsOn": [
347
+ "VpcPublicSubnet3DefaultRoute4697774F",
348
+ "VpcPublicSubnet3RouteTableAssociation1F1EDF02"
349
+ ]
350
+ },
351
+ "VpcPrivateSubnet1Subnet536B997A": {
352
+ "Type": "AWS::EC2::Subnet",
353
+ "Properties": {
354
+ "VpcId": {
355
+ "Ref": "Vpc8378EB38"
356
+ },
357
+ "AvailabilityZone": "test-region-1a",
358
+ "CidrBlock": "172.168.96.0/19",
359
+ "MapPublicIpOnLaunch": false,
360
+ "Tags": [
361
+ {
362
+ "Key": "aws-cdk:subnet-name",
363
+ "Value": "Private"
364
+ },
365
+ {
366
+ "Key": "aws-cdk:subnet-type",
367
+ "Value": "Private"
368
+ },
369
+ {
370
+ "Key": "Name",
371
+ "Value": "existingFargateService/Vpc/PrivateSubnet1"
372
+ }
373
+ ]
374
+ }
375
+ },
376
+ "VpcPrivateSubnet1RouteTableB2C5B500": {
377
+ "Type": "AWS::EC2::RouteTable",
378
+ "Properties": {
379
+ "VpcId": {
380
+ "Ref": "Vpc8378EB38"
381
+ },
382
+ "Tags": [
383
+ {
384
+ "Key": "Name",
385
+ "Value": "existingFargateService/Vpc/PrivateSubnet1"
386
+ }
387
+ ]
388
+ }
389
+ },
390
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
391
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
392
+ "Properties": {
393
+ "RouteTableId": {
394
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
395
+ },
396
+ "SubnetId": {
397
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
398
+ }
399
+ }
400
+ },
401
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
402
+ "Type": "AWS::EC2::Route",
403
+ "Properties": {
404
+ "RouteTableId": {
405
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
406
+ },
407
+ "DestinationCidrBlock": "0.0.0.0/0",
408
+ "NatGatewayId": {
409
+ "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
410
+ }
411
+ }
412
+ },
413
+ "VpcPrivateSubnet2Subnet3788AAA1": {
414
+ "Type": "AWS::EC2::Subnet",
415
+ "Properties": {
416
+ "VpcId": {
417
+ "Ref": "Vpc8378EB38"
418
+ },
419
+ "AvailabilityZone": "test-region-1b",
420
+ "CidrBlock": "172.168.128.0/19",
421
+ "MapPublicIpOnLaunch": false,
422
+ "Tags": [
423
+ {
424
+ "Key": "aws-cdk:subnet-name",
425
+ "Value": "Private"
426
+ },
427
+ {
428
+ "Key": "aws-cdk:subnet-type",
429
+ "Value": "Private"
430
+ },
431
+ {
432
+ "Key": "Name",
433
+ "Value": "existingFargateService/Vpc/PrivateSubnet2"
434
+ }
435
+ ]
436
+ }
437
+ },
438
+ "VpcPrivateSubnet2RouteTableA678073B": {
439
+ "Type": "AWS::EC2::RouteTable",
440
+ "Properties": {
441
+ "VpcId": {
442
+ "Ref": "Vpc8378EB38"
443
+ },
444
+ "Tags": [
445
+ {
446
+ "Key": "Name",
447
+ "Value": "existingFargateService/Vpc/PrivateSubnet2"
448
+ }
449
+ ]
450
+ }
451
+ },
452
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
453
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
454
+ "Properties": {
455
+ "RouteTableId": {
456
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
457
+ },
458
+ "SubnetId": {
459
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
460
+ }
461
+ }
462
+ },
463
+ "VpcPrivateSubnet2DefaultRoute060D2087": {
464
+ "Type": "AWS::EC2::Route",
465
+ "Properties": {
466
+ "RouteTableId": {
467
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
468
+ },
469
+ "DestinationCidrBlock": "0.0.0.0/0",
470
+ "NatGatewayId": {
471
+ "Ref": "VpcPublicSubnet2NATGateway9182C01D"
472
+ }
473
+ }
474
+ },
475
+ "VpcPrivateSubnet3SubnetF258B56E": {
476
+ "Type": "AWS::EC2::Subnet",
477
+ "Properties": {
478
+ "VpcId": {
479
+ "Ref": "Vpc8378EB38"
480
+ },
481
+ "AvailabilityZone": "test-region-1c",
482
+ "CidrBlock": "172.168.160.0/19",
483
+ "MapPublicIpOnLaunch": false,
484
+ "Tags": [
485
+ {
486
+ "Key": "aws-cdk:subnet-name",
487
+ "Value": "Private"
488
+ },
489
+ {
490
+ "Key": "aws-cdk:subnet-type",
491
+ "Value": "Private"
492
+ },
493
+ {
494
+ "Key": "Name",
495
+ "Value": "existingFargateService/Vpc/PrivateSubnet3"
496
+ }
497
+ ]
498
+ }
499
+ },
500
+ "VpcPrivateSubnet3RouteTableD98824C7": {
501
+ "Type": "AWS::EC2::RouteTable",
502
+ "Properties": {
503
+ "VpcId": {
504
+ "Ref": "Vpc8378EB38"
505
+ },
506
+ "Tags": [
507
+ {
508
+ "Key": "Name",
509
+ "Value": "existingFargateService/Vpc/PrivateSubnet3"
510
+ }
511
+ ]
512
+ }
513
+ },
514
+ "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
515
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
516
+ "Properties": {
517
+ "RouteTableId": {
518
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
519
+ },
520
+ "SubnetId": {
521
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
522
+ }
523
+ }
524
+ },
525
+ "VpcPrivateSubnet3DefaultRoute94B74F0D": {
526
+ "Type": "AWS::EC2::Route",
527
+ "Properties": {
528
+ "RouteTableId": {
529
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
530
+ },
531
+ "DestinationCidrBlock": "0.0.0.0/0",
532
+ "NatGatewayId": {
533
+ "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
534
+ }
535
+ }
536
+ },
537
+ "VpcIGWD7BA715C": {
538
+ "Type": "AWS::EC2::InternetGateway",
539
+ "Properties": {
540
+ "Tags": [
541
+ {
542
+ "Key": "Name",
543
+ "Value": "existingFargateService/Vpc"
544
+ }
545
+ ]
546
+ }
547
+ },
548
+ "VpcVPCGWBF912B6E": {
549
+ "Type": "AWS::EC2::VPCGatewayAttachment",
550
+ "Properties": {
551
+ "VpcId": {
552
+ "Ref": "Vpc8378EB38"
553
+ },
554
+ "InternetGatewayId": {
555
+ "Ref": "VpcIGWD7BA715C"
556
+ }
557
+ }
558
+ },
559
+ "VpcFlowLogIAMRole6A475D41": {
560
+ "Type": "AWS::IAM::Role",
561
+ "Properties": {
562
+ "AssumeRolePolicyDocument": {
563
+ "Statement": [
564
+ {
565
+ "Action": "sts:AssumeRole",
566
+ "Effect": "Allow",
567
+ "Principal": {
568
+ "Service": "vpc-flow-logs.amazonaws.com"
569
+ }
570
+ }
571
+ ],
572
+ "Version": "2012-10-17"
573
+ },
574
+ "Tags": [
575
+ {
576
+ "Key": "Name",
577
+ "Value": "existingFargateService/Vpc"
578
+ }
579
+ ]
580
+ }
581
+ },
582
+ "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
583
+ "Type": "AWS::IAM::Policy",
584
+ "Properties": {
585
+ "PolicyDocument": {
586
+ "Statement": [
587
+ {
588
+ "Action": [
589
+ "logs:CreateLogStream",
590
+ "logs:PutLogEvents",
591
+ "logs:DescribeLogStreams"
592
+ ],
593
+ "Effect": "Allow",
594
+ "Resource": {
595
+ "Fn::GetAtt": [
596
+ "VpcFlowLogLogGroup7B5C56B9",
597
+ "Arn"
598
+ ]
599
+ }
600
+ },
601
+ {
602
+ "Action": "iam:PassRole",
603
+ "Effect": "Allow",
604
+ "Resource": {
605
+ "Fn::GetAtt": [
606
+ "VpcFlowLogIAMRole6A475D41",
607
+ "Arn"
608
+ ]
609
+ }
610
+ }
611
+ ],
612
+ "Version": "2012-10-17"
613
+ },
614
+ "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
615
+ "Roles": [
616
+ {
617
+ "Ref": "VpcFlowLogIAMRole6A475D41"
618
+ }
619
+ ]
620
+ }
621
+ },
622
+ "VpcFlowLogLogGroup7B5C56B9": {
623
+ "Type": "AWS::Logs::LogGroup",
624
+ "Properties": {
625
+ "RetentionInDays": 731,
626
+ "Tags": [
627
+ {
628
+ "Key": "Name",
629
+ "Value": "existingFargateService/Vpc"
630
+ }
631
+ ]
632
+ },
633
+ "UpdateReplacePolicy": "Retain",
634
+ "DeletionPolicy": "Retain",
635
+ "Metadata": {
636
+ "cfn_nag": {
637
+ "rules_to_suppress": [
638
+ {
639
+ "id": "W84",
640
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
641
+ }
642
+ ]
643
+ }
644
+ }
645
+ },
646
+ "VpcFlowLog8FF33A73": {
647
+ "Type": "AWS::EC2::FlowLog",
648
+ "Properties": {
649
+ "ResourceId": {
650
+ "Ref": "Vpc8378EB38"
651
+ },
652
+ "ResourceType": "VPC",
653
+ "DeliverLogsPermissionArn": {
654
+ "Fn::GetAtt": [
655
+ "VpcFlowLogIAMRole6A475D41",
656
+ "Arn"
657
+ ]
658
+ },
659
+ "LogDestinationType": "cloud-watch-logs",
660
+ "LogGroupName": {
661
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
662
+ },
663
+ "Tags": [
664
+ {
665
+ "Key": "Name",
666
+ "Value": "existingFargateService/Vpc"
667
+ }
668
+ ],
669
+ "TrafficType": "ALL"
670
+ }
671
+ },
672
+ "VpcECRAPI9A3B6A2B": {
673
+ "Type": "AWS::EC2::VPCEndpoint",
674
+ "Properties": {
675
+ "ServiceName": {
676
+ "Fn::Join": [
677
+ "",
678
+ [
679
+ "com.amazonaws.",
680
+ {
681
+ "Ref": "AWS::Region"
682
+ },
683
+ ".ecr.api"
684
+ ]
685
+ ]
686
+ },
687
+ "VpcId": {
688
+ "Ref": "Vpc8378EB38"
689
+ },
690
+ "PrivateDnsEnabled": true,
691
+ "SecurityGroupIds": [
692
+ {
693
+ "Fn::GetAtt": [
694
+ "existingFargateServiceECRAPIsecuritygroup5EE2643E",
695
+ "GroupId"
696
+ ]
697
+ }
698
+ ],
699
+ "SubnetIds": [
700
+ {
701
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
702
+ },
703
+ {
704
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
705
+ },
706
+ {
707
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
708
+ }
709
+ ],
710
+ "VpcEndpointType": "Interface"
711
+ }
712
+ },
713
+ "VpcECRDKR604E039F": {
714
+ "Type": "AWS::EC2::VPCEndpoint",
715
+ "Properties": {
716
+ "ServiceName": {
717
+ "Fn::Join": [
718
+ "",
719
+ [
720
+ "com.amazonaws.",
721
+ {
722
+ "Ref": "AWS::Region"
723
+ },
724
+ ".ecr.dkr"
725
+ ]
726
+ ]
727
+ },
728
+ "VpcId": {
729
+ "Ref": "Vpc8378EB38"
730
+ },
731
+ "PrivateDnsEnabled": true,
732
+ "SecurityGroupIds": [
733
+ {
734
+ "Fn::GetAtt": [
735
+ "existingFargateServiceECRDKRsecuritygroup41F182BE",
736
+ "GroupId"
737
+ ]
738
+ }
739
+ ],
740
+ "SubnetIds": [
741
+ {
742
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
743
+ },
744
+ {
745
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
746
+ },
747
+ {
748
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
749
+ }
750
+ ],
751
+ "VpcEndpointType": "Interface"
752
+ }
753
+ },
754
+ "VpcS3A5408339": {
755
+ "Type": "AWS::EC2::VPCEndpoint",
756
+ "Properties": {
757
+ "ServiceName": {
758
+ "Fn::Join": [
759
+ "",
760
+ [
761
+ "com.amazonaws.",
762
+ {
763
+ "Ref": "AWS::Region"
764
+ },
765
+ ".s3"
766
+ ]
767
+ ]
768
+ },
769
+ "VpcId": {
770
+ "Ref": "Vpc8378EB38"
771
+ },
772
+ "RouteTableIds": [
773
+ {
774
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
775
+ },
776
+ {
777
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
778
+ },
779
+ {
780
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
781
+ },
782
+ {
783
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
784
+ },
785
+ {
786
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
787
+ },
788
+ {
789
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
790
+ }
791
+ ],
792
+ "VpcEndpointType": "Gateway"
793
+ }
794
+ },
795
+ "VpcKINESISSTREAMSC07D91B5": {
796
+ "Type": "AWS::EC2::VPCEndpoint",
797
+ "Properties": {
798
+ "ServiceName": {
799
+ "Fn::Join": [
800
+ "",
801
+ [
802
+ "com.amazonaws.",
803
+ {
804
+ "Ref": "AWS::Region"
805
+ },
806
+ ".kinesis-streams"
807
+ ]
808
+ ]
809
+ },
810
+ "VpcId": {
811
+ "Ref": "Vpc8378EB38"
812
+ },
813
+ "PrivateDnsEnabled": true,
814
+ "SecurityGroupIds": [
815
+ {
816
+ "Fn::GetAtt": [
817
+ "existingFargateServiceKINESISSTREAMSsecuritygroup182A19D5",
818
+ "GroupId"
819
+ ]
820
+ }
821
+ ],
822
+ "SubnetIds": [
823
+ {
824
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
825
+ },
826
+ {
827
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
828
+ },
829
+ {
830
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
831
+ }
832
+ ],
833
+ "VpcEndpointType": "Interface"
834
+ }
835
+ },
836
+ "existingFargateServiceECRAPIsecuritygroup5EE2643E": {
837
+ "Type": "AWS::EC2::SecurityGroup",
838
+ "Properties": {
839
+ "GroupDescription": "existingFargateService/existingFargateService-ECR_API-security-group",
840
+ "SecurityGroupEgress": [
841
+ {
842
+ "CidrIp": "0.0.0.0/0",
843
+ "Description": "Allow all outbound traffic by default",
844
+ "IpProtocol": "-1"
845
+ }
846
+ ],
847
+ "SecurityGroupIngress": [
848
+ {
849
+ "CidrIp": {
850
+ "Fn::GetAtt": [
851
+ "Vpc8378EB38",
852
+ "CidrBlock"
853
+ ]
854
+ },
855
+ "Description": {
856
+ "Fn::Join": [
857
+ "",
858
+ [
859
+ "from ",
860
+ {
861
+ "Fn::GetAtt": [
862
+ "Vpc8378EB38",
863
+ "CidrBlock"
864
+ ]
865
+ },
866
+ ":443"
867
+ ]
868
+ ]
869
+ },
870
+ "FromPort": 443,
871
+ "IpProtocol": "tcp",
872
+ "ToPort": 443
873
+ }
874
+ ],
875
+ "VpcId": {
876
+ "Ref": "Vpc8378EB38"
877
+ }
878
+ },
879
+ "Metadata": {
880
+ "cfn_nag": {
881
+ "rules_to_suppress": [
882
+ {
883
+ "id": "W5",
884
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
885
+ },
886
+ {
887
+ "id": "W40",
888
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
889
+ }
890
+ ]
891
+ }
892
+ }
893
+ },
894
+ "existingFargateServiceECRDKRsecuritygroup41F182BE": {
895
+ "Type": "AWS::EC2::SecurityGroup",
896
+ "Properties": {
897
+ "GroupDescription": "existingFargateService/existingFargateService-ECR_DKR-security-group",
898
+ "SecurityGroupEgress": [
899
+ {
900
+ "CidrIp": "0.0.0.0/0",
901
+ "Description": "Allow all outbound traffic by default",
902
+ "IpProtocol": "-1"
903
+ }
904
+ ],
905
+ "SecurityGroupIngress": [
906
+ {
907
+ "CidrIp": {
908
+ "Fn::GetAtt": [
909
+ "Vpc8378EB38",
910
+ "CidrBlock"
911
+ ]
912
+ },
913
+ "Description": {
914
+ "Fn::Join": [
915
+ "",
916
+ [
917
+ "from ",
918
+ {
919
+ "Fn::GetAtt": [
920
+ "Vpc8378EB38",
921
+ "CidrBlock"
922
+ ]
923
+ },
924
+ ":443"
925
+ ]
926
+ ]
927
+ },
928
+ "FromPort": 443,
929
+ "IpProtocol": "tcp",
930
+ "ToPort": 443
931
+ }
932
+ ],
933
+ "VpcId": {
934
+ "Ref": "Vpc8378EB38"
935
+ }
936
+ },
937
+ "Metadata": {
938
+ "cfn_nag": {
939
+ "rules_to_suppress": [
940
+ {
941
+ "id": "W5",
942
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
943
+ },
944
+ {
945
+ "id": "W40",
946
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
947
+ }
948
+ ]
949
+ }
950
+ }
951
+ },
952
+ "testclusterDF8B0D19": {
953
+ "Type": "AWS::ECS::Cluster"
954
+ },
955
+ "testtaskdefTaskRoleB2DEF113": {
956
+ "Type": "AWS::IAM::Role",
957
+ "Properties": {
958
+ "AssumeRolePolicyDocument": {
959
+ "Statement": [
960
+ {
961
+ "Action": "sts:AssumeRole",
962
+ "Effect": "Allow",
963
+ "Principal": {
964
+ "Service": "ecs-tasks.amazonaws.com"
965
+ }
966
+ }
967
+ ],
968
+ "Version": "2012-10-17"
969
+ }
970
+ }
971
+ },
972
+ "testtaskdefTaskRoleDefaultPolicy5D591D1C": {
973
+ "Type": "AWS::IAM::Policy",
974
+ "Properties": {
975
+ "PolicyDocument": {
976
+ "Statement": [
977
+ {
978
+ "Action": [
979
+ "kinesis:ListShards",
980
+ "kinesis:PutRecord",
981
+ "kinesis:PutRecords"
982
+ ],
983
+ "Effect": "Allow",
984
+ "Resource": {
985
+ "Fn::GetAtt": [
986
+ "testfargatekinesisstreamsKinesisStreamD31BD614",
987
+ "Arn"
988
+ ]
989
+ }
990
+ }
991
+ ],
992
+ "Version": "2012-10-17"
993
+ },
994
+ "PolicyName": "testtaskdefTaskRoleDefaultPolicy5D591D1C",
995
+ "Roles": [
996
+ {
997
+ "Ref": "testtaskdefTaskRoleB2DEF113"
998
+ }
999
+ ]
1000
+ }
1001
+ },
1002
+ "testtaskdefF924AD58": {
1003
+ "Type": "AWS::ECS::TaskDefinition",
1004
+ "Properties": {
1005
+ "ContainerDefinitions": [
1006
+ {
1007
+ "Environment": [
1008
+ {
1009
+ "Name": "KINESIS_DATASTREAM_NAME",
1010
+ "Value": {
1011
+ "Ref": "testfargatekinesisstreamsKinesisStreamD31BD614"
1012
+ }
1013
+ }
1014
+ ],
1015
+ "Essential": true,
1016
+ "Image": "nginx",
1017
+ "MemoryReservation": 512,
1018
+ "Name": "test-container",
1019
+ "PortMappings": [
1020
+ {
1021
+ "ContainerPort": 8080,
1022
+ "Protocol": "tcp"
1023
+ }
1024
+ ]
1025
+ }
1026
+ ],
1027
+ "Cpu": "256",
1028
+ "Family": "existingFargateServicetesttaskdef55189A31",
1029
+ "Memory": "512",
1030
+ "NetworkMode": "awsvpc",
1031
+ "RequiresCompatibilities": [
1032
+ "FARGATE"
1033
+ ],
1034
+ "TaskRoleArn": {
1035
+ "Fn::GetAtt": [
1036
+ "testtaskdefTaskRoleB2DEF113",
1037
+ "Arn"
1038
+ ]
1039
+ }
1040
+ }
1041
+ },
1042
+ "testsg872EB48A": {
1043
+ "Type": "AWS::EC2::SecurityGroup",
1044
+ "Properties": {
1045
+ "GroupDescription": "Construct created security group",
1046
+ "SecurityGroupEgress": [
1047
+ {
1048
+ "CidrIp": "0.0.0.0/0",
1049
+ "Description": "Allow all outbound traffic by default",
1050
+ "IpProtocol": "-1"
1051
+ }
1052
+ ],
1053
+ "VpcId": {
1054
+ "Ref": "Vpc8378EB38"
1055
+ }
1056
+ },
1057
+ "Metadata": {
1058
+ "cfn_nag": {
1059
+ "rules_to_suppress": [
1060
+ {
1061
+ "id": "W5",
1062
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1063
+ },
1064
+ {
1065
+ "id": "W40",
1066
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1067
+ }
1068
+ ]
1069
+ }
1070
+ }
1071
+ },
1072
+ "testserviceService2730C249": {
1073
+ "Type": "AWS::ECS::Service",
1074
+ "Properties": {
1075
+ "Cluster": {
1076
+ "Ref": "testclusterDF8B0D19"
1077
+ },
1078
+ "DeploymentConfiguration": {
1079
+ "MaximumPercent": 150,
1080
+ "MinimumHealthyPercent": 75
1081
+ },
1082
+ "DesiredCount": 2,
1083
+ "EnableECSManagedTags": false,
1084
+ "LaunchType": "FARGATE",
1085
+ "NetworkConfiguration": {
1086
+ "AwsvpcConfiguration": {
1087
+ "AssignPublicIp": "DISABLED",
1088
+ "SecurityGroups": [
1089
+ {
1090
+ "Fn::GetAtt": [
1091
+ "testsg872EB48A",
1092
+ "GroupId"
1093
+ ]
1094
+ }
1095
+ ],
1096
+ "Subnets": [
1097
+ {
1098
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
1099
+ },
1100
+ {
1101
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
1102
+ },
1103
+ {
1104
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
1105
+ }
1106
+ ]
1107
+ }
1108
+ },
1109
+ "PlatformVersion": "LATEST",
1110
+ "TaskDefinition": {
1111
+ "Ref": "testtaskdefF924AD58"
1112
+ }
1113
+ }
1114
+ },
1115
+ "testfargatekinesisstreamsKinesisStreamD31BD614": {
1116
+ "Type": "AWS::Kinesis::Stream",
1117
+ "Properties": {
1118
+ "RetentionPeriodHours": 24,
1119
+ "ShardCount": 1,
1120
+ "StreamEncryption": {
1121
+ "EncryptionType": "KMS",
1122
+ "KeyId": "alias/aws/kinesis"
1123
+ },
1124
+ "StreamModeDetails": {
1125
+ "StreamMode": "PROVISIONED"
1126
+ }
1127
+ }
1128
+ },
1129
+ "testfargatekinesisstreamsKinesisStreamGetRecordsIteratorAgeAlarm60755E90": {
1130
+ "Type": "AWS::CloudWatch::Alarm",
1131
+ "Properties": {
1132
+ "ComparisonOperator": "GreaterThanOrEqualToThreshold",
1133
+ "EvaluationPeriods": 1,
1134
+ "AlarmDescription": "Consumer Record Processing Falling Behind, there is risk for data loss due to record expiration.",
1135
+ "MetricName": "GetRecords.IteratorAgeMilliseconds",
1136
+ "Namespace": "AWS/Kinesis",
1137
+ "Period": 300,
1138
+ "Statistic": "Maximum",
1139
+ "Threshold": 43200000
1140
+ }
1141
+ },
1142
+ "testfargatekinesisstreamsKinesisStreamReadProvisionedThroughputExceededAlarmDE16A9F2": {
1143
+ "Type": "AWS::CloudWatch::Alarm",
1144
+ "Properties": {
1145
+ "ComparisonOperator": "GreaterThanThreshold",
1146
+ "EvaluationPeriods": 1,
1147
+ "AlarmDescription": "Consumer Application is Reading at a Slower Rate Than Expected.",
1148
+ "MetricName": "ReadProvisionedThroughputExceeded",
1149
+ "Namespace": "AWS/Kinesis",
1150
+ "Period": 300,
1151
+ "Statistic": "Average",
1152
+ "Threshold": 0
1153
+ }
1154
+ },
1155
+ "existingFargateServiceKINESISSTREAMSsecuritygroup182A19D5": {
1156
+ "Type": "AWS::EC2::SecurityGroup",
1157
+ "Properties": {
1158
+ "GroupDescription": "existingFargateService/existingFargateService-KINESIS_STREAMS-security-group",
1159
+ "SecurityGroupEgress": [
1160
+ {
1161
+ "CidrIp": "0.0.0.0/0",
1162
+ "Description": "Allow all outbound traffic by default",
1163
+ "IpProtocol": "-1"
1164
+ }
1165
+ ],
1166
+ "SecurityGroupIngress": [
1167
+ {
1168
+ "CidrIp": {
1169
+ "Fn::GetAtt": [
1170
+ "Vpc8378EB38",
1171
+ "CidrBlock"
1172
+ ]
1173
+ },
1174
+ "Description": {
1175
+ "Fn::Join": [
1176
+ "",
1177
+ [
1178
+ "from ",
1179
+ {
1180
+ "Fn::GetAtt": [
1181
+ "Vpc8378EB38",
1182
+ "CidrBlock"
1183
+ ]
1184
+ },
1185
+ ":443"
1186
+ ]
1187
+ ]
1188
+ },
1189
+ "FromPort": 443,
1190
+ "IpProtocol": "tcp",
1191
+ "ToPort": 443
1192
+ }
1193
+ ],
1194
+ "VpcId": {
1195
+ "Ref": "Vpc8378EB38"
1196
+ }
1197
+ },
1198
+ "Metadata": {
1199
+ "cfn_nag": {
1200
+ "rules_to_suppress": [
1201
+ {
1202
+ "id": "W5",
1203
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1204
+ },
1205
+ {
1206
+ "id": "W40",
1207
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1208
+ }
1209
+ ]
1210
+ }
1211
+ }
1212
+ }
1213
+ },
1214
+ "Parameters": {
1215
+ "BootstrapVersion": {
1216
+ "Type": "AWS::SSM::Parameter::Value<String>",
1217
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1218
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1219
+ }
1220
+ },
1221
+ "Rules": {
1222
+ "CheckBootstrapVersion": {
1223
+ "Assertions": [
1224
+ {
1225
+ "Assert": {
1226
+ "Fn::Not": [
1227
+ {
1228
+ "Fn::Contains": [
1229
+ [
1230
+ "1",
1231
+ "2",
1232
+ "3",
1233
+ "4",
1234
+ "5"
1235
+ ],
1236
+ {
1237
+ "Ref": "BootstrapVersion"
1238
+ }
1239
+ ]
1240
+ }
1241
+ ]
1242
+ },
1243
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1244
+ }
1245
+ ]
1246
+ }
1247
+ }
1248
+ }