@aws-solutions-constructs/aws-fargate-stepfunctions 1.155.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,1292 @@
1
+ {
2
+ "Description": "Integration Test with new VPC, Service and a state machine with no CloudWatch alarms",
3
+ "Resources": {
4
+ "Vpc8378EB38": {
5
+ "Type": "AWS::EC2::VPC",
6
+ "Properties": {
7
+ "CidrBlock": "172.168.0.0/16",
8
+ "EnableDnsHostnames": true,
9
+ "EnableDnsSupport": true,
10
+ "InstanceTenancy": "default",
11
+ "Tags": [
12
+ {
13
+ "Key": "Name",
14
+ "Value": "no-cloudwatch-alarms/Vpc"
15
+ }
16
+ ]
17
+ }
18
+ },
19
+ "VpcPublicSubnet1Subnet5C2D37C4": {
20
+ "Type": "AWS::EC2::Subnet",
21
+ "Properties": {
22
+ "VpcId": {
23
+ "Ref": "Vpc8378EB38"
24
+ },
25
+ "AvailabilityZone": "test-region-1a",
26
+ "CidrBlock": "172.168.0.0/19",
27
+ "MapPublicIpOnLaunch": true,
28
+ "Tags": [
29
+ {
30
+ "Key": "aws-cdk:subnet-name",
31
+ "Value": "Public"
32
+ },
33
+ {
34
+ "Key": "aws-cdk:subnet-type",
35
+ "Value": "Public"
36
+ },
37
+ {
38
+ "Key": "Name",
39
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet1"
40
+ }
41
+ ]
42
+ },
43
+ "Metadata": {
44
+ "cfn_nag": {
45
+ "rules_to_suppress": [
46
+ {
47
+ "id": "W33",
48
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
49
+ }
50
+ ]
51
+ }
52
+ }
53
+ },
54
+ "VpcPublicSubnet1RouteTable6C95E38E": {
55
+ "Type": "AWS::EC2::RouteTable",
56
+ "Properties": {
57
+ "VpcId": {
58
+ "Ref": "Vpc8378EB38"
59
+ },
60
+ "Tags": [
61
+ {
62
+ "Key": "Name",
63
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet1"
64
+ }
65
+ ]
66
+ }
67
+ },
68
+ "VpcPublicSubnet1RouteTableAssociation97140677": {
69
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
70
+ "Properties": {
71
+ "RouteTableId": {
72
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
73
+ },
74
+ "SubnetId": {
75
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
76
+ }
77
+ }
78
+ },
79
+ "VpcPublicSubnet1DefaultRoute3DA9E72A": {
80
+ "Type": "AWS::EC2::Route",
81
+ "Properties": {
82
+ "RouteTableId": {
83
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
84
+ },
85
+ "DestinationCidrBlock": "0.0.0.0/0",
86
+ "GatewayId": {
87
+ "Ref": "VpcIGWD7BA715C"
88
+ }
89
+ },
90
+ "DependsOn": [
91
+ "VpcVPCGWBF912B6E"
92
+ ]
93
+ },
94
+ "VpcPublicSubnet1EIPD7E02669": {
95
+ "Type": "AWS::EC2::EIP",
96
+ "Properties": {
97
+ "Domain": "vpc",
98
+ "Tags": [
99
+ {
100
+ "Key": "Name",
101
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet1"
102
+ }
103
+ ]
104
+ }
105
+ },
106
+ "VpcPublicSubnet1NATGateway4D7517AA": {
107
+ "Type": "AWS::EC2::NatGateway",
108
+ "Properties": {
109
+ "SubnetId": {
110
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
111
+ },
112
+ "AllocationId": {
113
+ "Fn::GetAtt": [
114
+ "VpcPublicSubnet1EIPD7E02669",
115
+ "AllocationId"
116
+ ]
117
+ },
118
+ "Tags": [
119
+ {
120
+ "Key": "Name",
121
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet1"
122
+ }
123
+ ]
124
+ }
125
+ },
126
+ "VpcPublicSubnet2Subnet691E08A3": {
127
+ "Type": "AWS::EC2::Subnet",
128
+ "Properties": {
129
+ "VpcId": {
130
+ "Ref": "Vpc8378EB38"
131
+ },
132
+ "AvailabilityZone": "test-region-1b",
133
+ "CidrBlock": "172.168.32.0/19",
134
+ "MapPublicIpOnLaunch": true,
135
+ "Tags": [
136
+ {
137
+ "Key": "aws-cdk:subnet-name",
138
+ "Value": "Public"
139
+ },
140
+ {
141
+ "Key": "aws-cdk:subnet-type",
142
+ "Value": "Public"
143
+ },
144
+ {
145
+ "Key": "Name",
146
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet2"
147
+ }
148
+ ]
149
+ },
150
+ "Metadata": {
151
+ "cfn_nag": {
152
+ "rules_to_suppress": [
153
+ {
154
+ "id": "W33",
155
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
156
+ }
157
+ ]
158
+ }
159
+ }
160
+ },
161
+ "VpcPublicSubnet2RouteTable94F7E489": {
162
+ "Type": "AWS::EC2::RouteTable",
163
+ "Properties": {
164
+ "VpcId": {
165
+ "Ref": "Vpc8378EB38"
166
+ },
167
+ "Tags": [
168
+ {
169
+ "Key": "Name",
170
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet2"
171
+ }
172
+ ]
173
+ }
174
+ },
175
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
176
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
177
+ "Properties": {
178
+ "RouteTableId": {
179
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
180
+ },
181
+ "SubnetId": {
182
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
183
+ }
184
+ }
185
+ },
186
+ "VpcPublicSubnet2DefaultRoute97F91067": {
187
+ "Type": "AWS::EC2::Route",
188
+ "Properties": {
189
+ "RouteTableId": {
190
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
191
+ },
192
+ "DestinationCidrBlock": "0.0.0.0/0",
193
+ "GatewayId": {
194
+ "Ref": "VpcIGWD7BA715C"
195
+ }
196
+ },
197
+ "DependsOn": [
198
+ "VpcVPCGWBF912B6E"
199
+ ]
200
+ },
201
+ "VpcPublicSubnet2EIP3C605A87": {
202
+ "Type": "AWS::EC2::EIP",
203
+ "Properties": {
204
+ "Domain": "vpc",
205
+ "Tags": [
206
+ {
207
+ "Key": "Name",
208
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet2"
209
+ }
210
+ ]
211
+ }
212
+ },
213
+ "VpcPublicSubnet2NATGateway9182C01D": {
214
+ "Type": "AWS::EC2::NatGateway",
215
+ "Properties": {
216
+ "SubnetId": {
217
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
218
+ },
219
+ "AllocationId": {
220
+ "Fn::GetAtt": [
221
+ "VpcPublicSubnet2EIP3C605A87",
222
+ "AllocationId"
223
+ ]
224
+ },
225
+ "Tags": [
226
+ {
227
+ "Key": "Name",
228
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet2"
229
+ }
230
+ ]
231
+ }
232
+ },
233
+ "VpcPublicSubnet3SubnetBE12F0B6": {
234
+ "Type": "AWS::EC2::Subnet",
235
+ "Properties": {
236
+ "VpcId": {
237
+ "Ref": "Vpc8378EB38"
238
+ },
239
+ "AvailabilityZone": "test-region-1c",
240
+ "CidrBlock": "172.168.64.0/19",
241
+ "MapPublicIpOnLaunch": true,
242
+ "Tags": [
243
+ {
244
+ "Key": "aws-cdk:subnet-name",
245
+ "Value": "Public"
246
+ },
247
+ {
248
+ "Key": "aws-cdk:subnet-type",
249
+ "Value": "Public"
250
+ },
251
+ {
252
+ "Key": "Name",
253
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet3"
254
+ }
255
+ ]
256
+ },
257
+ "Metadata": {
258
+ "cfn_nag": {
259
+ "rules_to_suppress": [
260
+ {
261
+ "id": "W33",
262
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
263
+ }
264
+ ]
265
+ }
266
+ }
267
+ },
268
+ "VpcPublicSubnet3RouteTable93458DBB": {
269
+ "Type": "AWS::EC2::RouteTable",
270
+ "Properties": {
271
+ "VpcId": {
272
+ "Ref": "Vpc8378EB38"
273
+ },
274
+ "Tags": [
275
+ {
276
+ "Key": "Name",
277
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet3"
278
+ }
279
+ ]
280
+ }
281
+ },
282
+ "VpcPublicSubnet3RouteTableAssociation1F1EDF02": {
283
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
284
+ "Properties": {
285
+ "RouteTableId": {
286
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
287
+ },
288
+ "SubnetId": {
289
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
290
+ }
291
+ }
292
+ },
293
+ "VpcPublicSubnet3DefaultRoute4697774F": {
294
+ "Type": "AWS::EC2::Route",
295
+ "Properties": {
296
+ "RouteTableId": {
297
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
298
+ },
299
+ "DestinationCidrBlock": "0.0.0.0/0",
300
+ "GatewayId": {
301
+ "Ref": "VpcIGWD7BA715C"
302
+ }
303
+ },
304
+ "DependsOn": [
305
+ "VpcVPCGWBF912B6E"
306
+ ]
307
+ },
308
+ "VpcPublicSubnet3EIP3A666A23": {
309
+ "Type": "AWS::EC2::EIP",
310
+ "Properties": {
311
+ "Domain": "vpc",
312
+ "Tags": [
313
+ {
314
+ "Key": "Name",
315
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet3"
316
+ }
317
+ ]
318
+ }
319
+ },
320
+ "VpcPublicSubnet3NATGateway7640CD1D": {
321
+ "Type": "AWS::EC2::NatGateway",
322
+ "Properties": {
323
+ "SubnetId": {
324
+ "Ref": "VpcPublicSubnet3SubnetBE12F0B6"
325
+ },
326
+ "AllocationId": {
327
+ "Fn::GetAtt": [
328
+ "VpcPublicSubnet3EIP3A666A23",
329
+ "AllocationId"
330
+ ]
331
+ },
332
+ "Tags": [
333
+ {
334
+ "Key": "Name",
335
+ "Value": "no-cloudwatch-alarms/Vpc/PublicSubnet3"
336
+ }
337
+ ]
338
+ }
339
+ },
340
+ "VpcPrivateSubnet1Subnet536B997A": {
341
+ "Type": "AWS::EC2::Subnet",
342
+ "Properties": {
343
+ "VpcId": {
344
+ "Ref": "Vpc8378EB38"
345
+ },
346
+ "AvailabilityZone": "test-region-1a",
347
+ "CidrBlock": "172.168.96.0/19",
348
+ "MapPublicIpOnLaunch": false,
349
+ "Tags": [
350
+ {
351
+ "Key": "aws-cdk:subnet-name",
352
+ "Value": "Private"
353
+ },
354
+ {
355
+ "Key": "aws-cdk:subnet-type",
356
+ "Value": "Private"
357
+ },
358
+ {
359
+ "Key": "Name",
360
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet1"
361
+ }
362
+ ]
363
+ }
364
+ },
365
+ "VpcPrivateSubnet1RouteTableB2C5B500": {
366
+ "Type": "AWS::EC2::RouteTable",
367
+ "Properties": {
368
+ "VpcId": {
369
+ "Ref": "Vpc8378EB38"
370
+ },
371
+ "Tags": [
372
+ {
373
+ "Key": "Name",
374
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet1"
375
+ }
376
+ ]
377
+ }
378
+ },
379
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
380
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
381
+ "Properties": {
382
+ "RouteTableId": {
383
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
384
+ },
385
+ "SubnetId": {
386
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
387
+ }
388
+ }
389
+ },
390
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
391
+ "Type": "AWS::EC2::Route",
392
+ "Properties": {
393
+ "RouteTableId": {
394
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
395
+ },
396
+ "DestinationCidrBlock": "0.0.0.0/0",
397
+ "NatGatewayId": {
398
+ "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
399
+ }
400
+ }
401
+ },
402
+ "VpcPrivateSubnet2Subnet3788AAA1": {
403
+ "Type": "AWS::EC2::Subnet",
404
+ "Properties": {
405
+ "VpcId": {
406
+ "Ref": "Vpc8378EB38"
407
+ },
408
+ "AvailabilityZone": "test-region-1b",
409
+ "CidrBlock": "172.168.128.0/19",
410
+ "MapPublicIpOnLaunch": false,
411
+ "Tags": [
412
+ {
413
+ "Key": "aws-cdk:subnet-name",
414
+ "Value": "Private"
415
+ },
416
+ {
417
+ "Key": "aws-cdk:subnet-type",
418
+ "Value": "Private"
419
+ },
420
+ {
421
+ "Key": "Name",
422
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet2"
423
+ }
424
+ ]
425
+ }
426
+ },
427
+ "VpcPrivateSubnet2RouteTableA678073B": {
428
+ "Type": "AWS::EC2::RouteTable",
429
+ "Properties": {
430
+ "VpcId": {
431
+ "Ref": "Vpc8378EB38"
432
+ },
433
+ "Tags": [
434
+ {
435
+ "Key": "Name",
436
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet2"
437
+ }
438
+ ]
439
+ }
440
+ },
441
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
442
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
443
+ "Properties": {
444
+ "RouteTableId": {
445
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
446
+ },
447
+ "SubnetId": {
448
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
449
+ }
450
+ }
451
+ },
452
+ "VpcPrivateSubnet2DefaultRoute060D2087": {
453
+ "Type": "AWS::EC2::Route",
454
+ "Properties": {
455
+ "RouteTableId": {
456
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
457
+ },
458
+ "DestinationCidrBlock": "0.0.0.0/0",
459
+ "NatGatewayId": {
460
+ "Ref": "VpcPublicSubnet2NATGateway9182C01D"
461
+ }
462
+ }
463
+ },
464
+ "VpcPrivateSubnet3SubnetF258B56E": {
465
+ "Type": "AWS::EC2::Subnet",
466
+ "Properties": {
467
+ "VpcId": {
468
+ "Ref": "Vpc8378EB38"
469
+ },
470
+ "AvailabilityZone": "test-region-1c",
471
+ "CidrBlock": "172.168.160.0/19",
472
+ "MapPublicIpOnLaunch": false,
473
+ "Tags": [
474
+ {
475
+ "Key": "aws-cdk:subnet-name",
476
+ "Value": "Private"
477
+ },
478
+ {
479
+ "Key": "aws-cdk:subnet-type",
480
+ "Value": "Private"
481
+ },
482
+ {
483
+ "Key": "Name",
484
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet3"
485
+ }
486
+ ]
487
+ }
488
+ },
489
+ "VpcPrivateSubnet3RouteTableD98824C7": {
490
+ "Type": "AWS::EC2::RouteTable",
491
+ "Properties": {
492
+ "VpcId": {
493
+ "Ref": "Vpc8378EB38"
494
+ },
495
+ "Tags": [
496
+ {
497
+ "Key": "Name",
498
+ "Value": "no-cloudwatch-alarms/Vpc/PrivateSubnet3"
499
+ }
500
+ ]
501
+ }
502
+ },
503
+ "VpcPrivateSubnet3RouteTableAssociation16BDDC43": {
504
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
505
+ "Properties": {
506
+ "RouteTableId": {
507
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
508
+ },
509
+ "SubnetId": {
510
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
511
+ }
512
+ }
513
+ },
514
+ "VpcPrivateSubnet3DefaultRoute94B74F0D": {
515
+ "Type": "AWS::EC2::Route",
516
+ "Properties": {
517
+ "RouteTableId": {
518
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
519
+ },
520
+ "DestinationCidrBlock": "0.0.0.0/0",
521
+ "NatGatewayId": {
522
+ "Ref": "VpcPublicSubnet3NATGateway7640CD1D"
523
+ }
524
+ }
525
+ },
526
+ "VpcIGWD7BA715C": {
527
+ "Type": "AWS::EC2::InternetGateway",
528
+ "Properties": {
529
+ "Tags": [
530
+ {
531
+ "Key": "Name",
532
+ "Value": "no-cloudwatch-alarms/Vpc"
533
+ }
534
+ ]
535
+ }
536
+ },
537
+ "VpcVPCGWBF912B6E": {
538
+ "Type": "AWS::EC2::VPCGatewayAttachment",
539
+ "Properties": {
540
+ "VpcId": {
541
+ "Ref": "Vpc8378EB38"
542
+ },
543
+ "InternetGatewayId": {
544
+ "Ref": "VpcIGWD7BA715C"
545
+ }
546
+ }
547
+ },
548
+ "VpcFlowLogIAMRole6A475D41": {
549
+ "Type": "AWS::IAM::Role",
550
+ "Properties": {
551
+ "AssumeRolePolicyDocument": {
552
+ "Statement": [
553
+ {
554
+ "Action": "sts:AssumeRole",
555
+ "Effect": "Allow",
556
+ "Principal": {
557
+ "Service": "vpc-flow-logs.amazonaws.com"
558
+ }
559
+ }
560
+ ],
561
+ "Version": "2012-10-17"
562
+ },
563
+ "Tags": [
564
+ {
565
+ "Key": "Name",
566
+ "Value": "no-cloudwatch-alarms/Vpc"
567
+ }
568
+ ]
569
+ }
570
+ },
571
+ "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
572
+ "Type": "AWS::IAM::Policy",
573
+ "Properties": {
574
+ "PolicyDocument": {
575
+ "Statement": [
576
+ {
577
+ "Action": [
578
+ "logs:CreateLogStream",
579
+ "logs:PutLogEvents",
580
+ "logs:DescribeLogStreams"
581
+ ],
582
+ "Effect": "Allow",
583
+ "Resource": {
584
+ "Fn::GetAtt": [
585
+ "VpcFlowLogLogGroup7B5C56B9",
586
+ "Arn"
587
+ ]
588
+ }
589
+ },
590
+ {
591
+ "Action": "iam:PassRole",
592
+ "Effect": "Allow",
593
+ "Resource": {
594
+ "Fn::GetAtt": [
595
+ "VpcFlowLogIAMRole6A475D41",
596
+ "Arn"
597
+ ]
598
+ }
599
+ }
600
+ ],
601
+ "Version": "2012-10-17"
602
+ },
603
+ "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
604
+ "Roles": [
605
+ {
606
+ "Ref": "VpcFlowLogIAMRole6A475D41"
607
+ }
608
+ ]
609
+ }
610
+ },
611
+ "VpcFlowLogLogGroup7B5C56B9": {
612
+ "Type": "AWS::Logs::LogGroup",
613
+ "Properties": {
614
+ "RetentionInDays": 731,
615
+ "Tags": [
616
+ {
617
+ "Key": "Name",
618
+ "Value": "no-cloudwatch-alarms/Vpc"
619
+ }
620
+ ]
621
+ },
622
+ "UpdateReplacePolicy": "Retain",
623
+ "DeletionPolicy": "Retain",
624
+ "Metadata": {
625
+ "cfn_nag": {
626
+ "rules_to_suppress": [
627
+ {
628
+ "id": "W84",
629
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
630
+ }
631
+ ]
632
+ }
633
+ }
634
+ },
635
+ "VpcFlowLog8FF33A73": {
636
+ "Type": "AWS::EC2::FlowLog",
637
+ "Properties": {
638
+ "ResourceId": {
639
+ "Ref": "Vpc8378EB38"
640
+ },
641
+ "ResourceType": "VPC",
642
+ "TrafficType": "ALL",
643
+ "DeliverLogsPermissionArn": {
644
+ "Fn::GetAtt": [
645
+ "VpcFlowLogIAMRole6A475D41",
646
+ "Arn"
647
+ ]
648
+ },
649
+ "LogDestinationType": "cloud-watch-logs",
650
+ "LogGroupName": {
651
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
652
+ },
653
+ "Tags": [
654
+ {
655
+ "Key": "Name",
656
+ "Value": "no-cloudwatch-alarms/Vpc"
657
+ }
658
+ ]
659
+ }
660
+ },
661
+ "VpcECRAPI9A3B6A2B": {
662
+ "Type": "AWS::EC2::VPCEndpoint",
663
+ "Properties": {
664
+ "ServiceName": "com.amazonaws.us-east-1.ecr.api",
665
+ "VpcId": {
666
+ "Ref": "Vpc8378EB38"
667
+ },
668
+ "PrivateDnsEnabled": true,
669
+ "SecurityGroupIds": [
670
+ {
671
+ "Fn::GetAtt": [
672
+ "nocloudwatchalarmsECRAPIsecuritygroupA72029F8",
673
+ "GroupId"
674
+ ]
675
+ }
676
+ ],
677
+ "SubnetIds": [
678
+ {
679
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
680
+ },
681
+ {
682
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
683
+ },
684
+ {
685
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
686
+ }
687
+ ],
688
+ "VpcEndpointType": "Interface"
689
+ }
690
+ },
691
+ "VpcECRDKR604E039F": {
692
+ "Type": "AWS::EC2::VPCEndpoint",
693
+ "Properties": {
694
+ "ServiceName": "com.amazonaws.us-east-1.ecr.dkr",
695
+ "VpcId": {
696
+ "Ref": "Vpc8378EB38"
697
+ },
698
+ "PrivateDnsEnabled": true,
699
+ "SecurityGroupIds": [
700
+ {
701
+ "Fn::GetAtt": [
702
+ "nocloudwatchalarmsECRDKRsecuritygroup11863825",
703
+ "GroupId"
704
+ ]
705
+ }
706
+ ],
707
+ "SubnetIds": [
708
+ {
709
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
710
+ },
711
+ {
712
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
713
+ },
714
+ {
715
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
716
+ }
717
+ ],
718
+ "VpcEndpointType": "Interface"
719
+ }
720
+ },
721
+ "VpcS3A5408339": {
722
+ "Type": "AWS::EC2::VPCEndpoint",
723
+ "Properties": {
724
+ "ServiceName": {
725
+ "Fn::Join": [
726
+ "",
727
+ [
728
+ "com.amazonaws.",
729
+ {
730
+ "Ref": "AWS::Region"
731
+ },
732
+ ".s3"
733
+ ]
734
+ ]
735
+ },
736
+ "VpcId": {
737
+ "Ref": "Vpc8378EB38"
738
+ },
739
+ "RouteTableIds": [
740
+ {
741
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
742
+ },
743
+ {
744
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
745
+ },
746
+ {
747
+ "Ref": "VpcPrivateSubnet3RouteTableD98824C7"
748
+ },
749
+ {
750
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
751
+ },
752
+ {
753
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
754
+ },
755
+ {
756
+ "Ref": "VpcPublicSubnet3RouteTable93458DBB"
757
+ }
758
+ ],
759
+ "VpcEndpointType": "Gateway"
760
+ }
761
+ },
762
+ "VpcSTEPFUNCTIONS550F8CB6": {
763
+ "Type": "AWS::EC2::VPCEndpoint",
764
+ "Properties": {
765
+ "ServiceName": "com.amazonaws.us-east-1.states",
766
+ "VpcId": {
767
+ "Ref": "Vpc8378EB38"
768
+ },
769
+ "PrivateDnsEnabled": true,
770
+ "SecurityGroupIds": [
771
+ {
772
+ "Fn::GetAtt": [
773
+ "nocloudwatchalarmsSTEPFUNCTIONSsecuritygroupE67433DC",
774
+ "GroupId"
775
+ ]
776
+ }
777
+ ],
778
+ "SubnetIds": [
779
+ {
780
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
781
+ },
782
+ {
783
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
784
+ },
785
+ {
786
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
787
+ }
788
+ ],
789
+ "VpcEndpointType": "Interface"
790
+ }
791
+ },
792
+ "nocloudwatchalarmsECRAPIsecuritygroupA72029F8": {
793
+ "Type": "AWS::EC2::SecurityGroup",
794
+ "Properties": {
795
+ "GroupDescription": "no-cloudwatch-alarms/no-cloudwatch-alarms-ECR_API-security-group",
796
+ "SecurityGroupEgress": [
797
+ {
798
+ "CidrIp": "0.0.0.0/0",
799
+ "Description": "Allow all outbound traffic by default",
800
+ "IpProtocol": "-1"
801
+ }
802
+ ],
803
+ "SecurityGroupIngress": [
804
+ {
805
+ "CidrIp": {
806
+ "Fn::GetAtt": [
807
+ "Vpc8378EB38",
808
+ "CidrBlock"
809
+ ]
810
+ },
811
+ "Description": {
812
+ "Fn::Join": [
813
+ "",
814
+ [
815
+ "from ",
816
+ {
817
+ "Fn::GetAtt": [
818
+ "Vpc8378EB38",
819
+ "CidrBlock"
820
+ ]
821
+ },
822
+ ":443"
823
+ ]
824
+ ]
825
+ },
826
+ "FromPort": 443,
827
+ "IpProtocol": "tcp",
828
+ "ToPort": 443
829
+ }
830
+ ],
831
+ "VpcId": {
832
+ "Ref": "Vpc8378EB38"
833
+ }
834
+ },
835
+ "Metadata": {
836
+ "cfn_nag": {
837
+ "rules_to_suppress": [
838
+ {
839
+ "id": "W5",
840
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
841
+ },
842
+ {
843
+ "id": "W40",
844
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
845
+ }
846
+ ]
847
+ }
848
+ }
849
+ },
850
+ "nocloudwatchalarmsECRDKRsecuritygroup11863825": {
851
+ "Type": "AWS::EC2::SecurityGroup",
852
+ "Properties": {
853
+ "GroupDescription": "no-cloudwatch-alarms/no-cloudwatch-alarms-ECR_DKR-security-group",
854
+ "SecurityGroupEgress": [
855
+ {
856
+ "CidrIp": "0.0.0.0/0",
857
+ "Description": "Allow all outbound traffic by default",
858
+ "IpProtocol": "-1"
859
+ }
860
+ ],
861
+ "SecurityGroupIngress": [
862
+ {
863
+ "CidrIp": {
864
+ "Fn::GetAtt": [
865
+ "Vpc8378EB38",
866
+ "CidrBlock"
867
+ ]
868
+ },
869
+ "Description": {
870
+ "Fn::Join": [
871
+ "",
872
+ [
873
+ "from ",
874
+ {
875
+ "Fn::GetAtt": [
876
+ "Vpc8378EB38",
877
+ "CidrBlock"
878
+ ]
879
+ },
880
+ ":443"
881
+ ]
882
+ ]
883
+ },
884
+ "FromPort": 443,
885
+ "IpProtocol": "tcp",
886
+ "ToPort": 443
887
+ }
888
+ ],
889
+ "VpcId": {
890
+ "Ref": "Vpc8378EB38"
891
+ }
892
+ },
893
+ "Metadata": {
894
+ "cfn_nag": {
895
+ "rules_to_suppress": [
896
+ {
897
+ "id": "W5",
898
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
899
+ },
900
+ {
901
+ "id": "W40",
902
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
903
+ }
904
+ ]
905
+ }
906
+ }
907
+ },
908
+ "testclusterDF8B0D19": {
909
+ "Type": "AWS::ECS::Cluster"
910
+ },
911
+ "testtaskdefTaskRoleB2DEF113": {
912
+ "Type": "AWS::IAM::Role",
913
+ "Properties": {
914
+ "AssumeRolePolicyDocument": {
915
+ "Statement": [
916
+ {
917
+ "Action": "sts:AssumeRole",
918
+ "Effect": "Allow",
919
+ "Principal": {
920
+ "Service": "ecs-tasks.amazonaws.com"
921
+ }
922
+ }
923
+ ],
924
+ "Version": "2012-10-17"
925
+ }
926
+ }
927
+ },
928
+ "testtaskdefTaskRoleDefaultPolicy5D591D1C": {
929
+ "Type": "AWS::IAM::Policy",
930
+ "Properties": {
931
+ "PolicyDocument": {
932
+ "Statement": [
933
+ {
934
+ "Action": "states:StartExecution",
935
+ "Effect": "Allow",
936
+ "Resource": {
937
+ "Ref": "testconstructStateMachine3333AAA9"
938
+ }
939
+ }
940
+ ],
941
+ "Version": "2012-10-17"
942
+ },
943
+ "PolicyName": "testtaskdefTaskRoleDefaultPolicy5D591D1C",
944
+ "Roles": [
945
+ {
946
+ "Ref": "testtaskdefTaskRoleB2DEF113"
947
+ }
948
+ ]
949
+ }
950
+ },
951
+ "testtaskdefF924AD58": {
952
+ "Type": "AWS::ECS::TaskDefinition",
953
+ "Properties": {
954
+ "ContainerDefinitions": [
955
+ {
956
+ "Environment": [
957
+ {
958
+ "Name": "STATE_MACHINE_ARN",
959
+ "Value": {
960
+ "Ref": "testconstructStateMachine3333AAA9"
961
+ }
962
+ }
963
+ ],
964
+ "Essential": true,
965
+ "Image": "nginx",
966
+ "MemoryReservation": 512,
967
+ "Name": "test-container",
968
+ "PortMappings": [
969
+ {
970
+ "ContainerPort": 8080,
971
+ "Protocol": "tcp"
972
+ }
973
+ ]
974
+ }
975
+ ],
976
+ "Cpu": "256",
977
+ "Family": "nocloudwatchalarmstesttaskdef18D90B7C",
978
+ "Memory": "512",
979
+ "NetworkMode": "awsvpc",
980
+ "RequiresCompatibilities": [
981
+ "FARGATE"
982
+ ],
983
+ "TaskRoleArn": {
984
+ "Fn::GetAtt": [
985
+ "testtaskdefTaskRoleB2DEF113",
986
+ "Arn"
987
+ ]
988
+ }
989
+ }
990
+ },
991
+ "testsg872EB48A": {
992
+ "Type": "AWS::EC2::SecurityGroup",
993
+ "Properties": {
994
+ "GroupDescription": "Construct created security group",
995
+ "SecurityGroupEgress": [
996
+ {
997
+ "CidrIp": "0.0.0.0/0",
998
+ "Description": "Allow all outbound traffic by default",
999
+ "IpProtocol": "-1"
1000
+ }
1001
+ ],
1002
+ "VpcId": {
1003
+ "Ref": "Vpc8378EB38"
1004
+ }
1005
+ },
1006
+ "Metadata": {
1007
+ "cfn_nag": {
1008
+ "rules_to_suppress": [
1009
+ {
1010
+ "id": "W5",
1011
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1012
+ },
1013
+ {
1014
+ "id": "W40",
1015
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1016
+ }
1017
+ ]
1018
+ }
1019
+ }
1020
+ },
1021
+ "testserviceService2730C249": {
1022
+ "Type": "AWS::ECS::Service",
1023
+ "Properties": {
1024
+ "Cluster": {
1025
+ "Ref": "testclusterDF8B0D19"
1026
+ },
1027
+ "DeploymentConfiguration": {
1028
+ "MaximumPercent": 150,
1029
+ "MinimumHealthyPercent": 75
1030
+ },
1031
+ "DesiredCount": 2,
1032
+ "EnableECSManagedTags": false,
1033
+ "LaunchType": "FARGATE",
1034
+ "NetworkConfiguration": {
1035
+ "AwsvpcConfiguration": {
1036
+ "AssignPublicIp": "DISABLED",
1037
+ "SecurityGroups": [
1038
+ {
1039
+ "Fn::GetAtt": [
1040
+ "testsg872EB48A",
1041
+ "GroupId"
1042
+ ]
1043
+ }
1044
+ ],
1045
+ "Subnets": [
1046
+ {
1047
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
1048
+ },
1049
+ {
1050
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
1051
+ },
1052
+ {
1053
+ "Ref": "VpcPrivateSubnet3SubnetF258B56E"
1054
+ }
1055
+ ]
1056
+ }
1057
+ },
1058
+ "PlatformVersion": "LATEST",
1059
+ "TaskDefinition": {
1060
+ "Ref": "testtaskdefF924AD58"
1061
+ }
1062
+ }
1063
+ },
1064
+ "testconstructStateMachineLogGroup2EB4F48B": {
1065
+ "Type": "AWS::Logs::LogGroup",
1066
+ "Properties": {
1067
+ "LogGroupName": "/aws/vendedlogs/states/nocloudwatchalarmstestconstructstatemachinelogdbb9902b27ea"
1068
+ },
1069
+ "UpdateReplacePolicy": "Delete",
1070
+ "DeletionPolicy": "Delete",
1071
+ "Metadata": {
1072
+ "cfn_nag": {
1073
+ "rules_to_suppress": [
1074
+ {
1075
+ "id": "W86",
1076
+ "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely"
1077
+ },
1078
+ {
1079
+ "id": "W84",
1080
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
1081
+ }
1082
+ ]
1083
+ }
1084
+ }
1085
+ },
1086
+ "testconstructStateMachineRoleA396E5D3": {
1087
+ "Type": "AWS::IAM::Role",
1088
+ "Properties": {
1089
+ "AssumeRolePolicyDocument": {
1090
+ "Statement": [
1091
+ {
1092
+ "Action": "sts:AssumeRole",
1093
+ "Effect": "Allow",
1094
+ "Principal": {
1095
+ "Service": "states.us-east-1.amazonaws.com"
1096
+ }
1097
+ }
1098
+ ],
1099
+ "Version": "2012-10-17"
1100
+ }
1101
+ }
1102
+ },
1103
+ "testconstructStateMachineRoleDefaultPolicyF10A684E": {
1104
+ "Type": "AWS::IAM::Policy",
1105
+ "Properties": {
1106
+ "PolicyDocument": {
1107
+ "Statement": [
1108
+ {
1109
+ "Action": [
1110
+ "logs:CreateLogDelivery",
1111
+ "logs:GetLogDelivery",
1112
+ "logs:UpdateLogDelivery",
1113
+ "logs:DeleteLogDelivery",
1114
+ "logs:ListLogDeliveries"
1115
+ ],
1116
+ "Effect": "Allow",
1117
+ "Resource": "*"
1118
+ },
1119
+ {
1120
+ "Action": [
1121
+ "logs:PutResourcePolicy",
1122
+ "logs:DescribeResourcePolicies",
1123
+ "logs:DescribeLogGroups"
1124
+ ],
1125
+ "Effect": "Allow",
1126
+ "Resource": {
1127
+ "Fn::Join": [
1128
+ "",
1129
+ [
1130
+ "arn:",
1131
+ {
1132
+ "Ref": "AWS::Partition"
1133
+ },
1134
+ ":logs:",
1135
+ {
1136
+ "Ref": "AWS::Region"
1137
+ },
1138
+ ":",
1139
+ {
1140
+ "Ref": "AWS::AccountId"
1141
+ },
1142
+ ":*"
1143
+ ]
1144
+ ]
1145
+ }
1146
+ }
1147
+ ],
1148
+ "Version": "2012-10-17"
1149
+ },
1150
+ "PolicyName": "testconstructStateMachineRoleDefaultPolicyF10A684E",
1151
+ "Roles": [
1152
+ {
1153
+ "Ref": "testconstructStateMachineRoleA396E5D3"
1154
+ }
1155
+ ]
1156
+ },
1157
+ "Metadata": {
1158
+ "cfn_nag": {
1159
+ "rules_to_suppress": [
1160
+ {
1161
+ "id": "W12",
1162
+ "reason": "The 'LogDelivery' actions do not support resource-level authorizations"
1163
+ }
1164
+ ]
1165
+ }
1166
+ }
1167
+ },
1168
+ "testconstructStateMachine3333AAA9": {
1169
+ "Type": "AWS::StepFunctions::StateMachine",
1170
+ "Properties": {
1171
+ "RoleArn": {
1172
+ "Fn::GetAtt": [
1173
+ "testconstructStateMachineRoleA396E5D3",
1174
+ "Arn"
1175
+ ]
1176
+ },
1177
+ "DefinitionString": "{\"StartAt\":\"StartState\",\"States\":{\"StartState\":{\"Type\":\"Pass\",\"End\":true}}}",
1178
+ "LoggingConfiguration": {
1179
+ "Destinations": [
1180
+ {
1181
+ "CloudWatchLogsLogGroup": {
1182
+ "LogGroupArn": {
1183
+ "Fn::GetAtt": [
1184
+ "testconstructStateMachineLogGroup2EB4F48B",
1185
+ "Arn"
1186
+ ]
1187
+ }
1188
+ }
1189
+ }
1190
+ ],
1191
+ "Level": "ERROR"
1192
+ }
1193
+ },
1194
+ "DependsOn": [
1195
+ "testconstructStateMachineRoleDefaultPolicyF10A684E",
1196
+ "testconstructStateMachineRoleA396E5D3"
1197
+ ]
1198
+ },
1199
+ "nocloudwatchalarmsSTEPFUNCTIONSsecuritygroupE67433DC": {
1200
+ "Type": "AWS::EC2::SecurityGroup",
1201
+ "Properties": {
1202
+ "GroupDescription": "no-cloudwatch-alarms/no-cloudwatch-alarms-STEP_FUNCTIONS-security-group",
1203
+ "SecurityGroupEgress": [
1204
+ {
1205
+ "CidrIp": "0.0.0.0/0",
1206
+ "Description": "Allow all outbound traffic by default",
1207
+ "IpProtocol": "-1"
1208
+ }
1209
+ ],
1210
+ "SecurityGroupIngress": [
1211
+ {
1212
+ "CidrIp": {
1213
+ "Fn::GetAtt": [
1214
+ "Vpc8378EB38",
1215
+ "CidrBlock"
1216
+ ]
1217
+ },
1218
+ "Description": {
1219
+ "Fn::Join": [
1220
+ "",
1221
+ [
1222
+ "from ",
1223
+ {
1224
+ "Fn::GetAtt": [
1225
+ "Vpc8378EB38",
1226
+ "CidrBlock"
1227
+ ]
1228
+ },
1229
+ ":443"
1230
+ ]
1231
+ ]
1232
+ },
1233
+ "FromPort": 443,
1234
+ "IpProtocol": "tcp",
1235
+ "ToPort": 443
1236
+ }
1237
+ ],
1238
+ "VpcId": {
1239
+ "Ref": "Vpc8378EB38"
1240
+ }
1241
+ },
1242
+ "Metadata": {
1243
+ "cfn_nag": {
1244
+ "rules_to_suppress": [
1245
+ {
1246
+ "id": "W5",
1247
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
1248
+ },
1249
+ {
1250
+ "id": "W40",
1251
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
1252
+ }
1253
+ ]
1254
+ }
1255
+ }
1256
+ }
1257
+ },
1258
+ "Parameters": {
1259
+ "BootstrapVersion": {
1260
+ "Type": "AWS::SSM::Parameter::Value<String>",
1261
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1262
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1263
+ }
1264
+ },
1265
+ "Rules": {
1266
+ "CheckBootstrapVersion": {
1267
+ "Assertions": [
1268
+ {
1269
+ "Assert": {
1270
+ "Fn::Not": [
1271
+ {
1272
+ "Fn::Contains": [
1273
+ [
1274
+ "1",
1275
+ "2",
1276
+ "3",
1277
+ "4",
1278
+ "5"
1279
+ ],
1280
+ {
1281
+ "Ref": "BootstrapVersion"
1282
+ }
1283
+ ]
1284
+ }
1285
+ ]
1286
+ },
1287
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1288
+ }
1289
+ ]
1290
+ }
1291
+ }
1292
+ }