@aws-solutions-constructs/aws-lambda-dynamodb 2.50.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +50 -5
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +12 -11
  6. package/test/integ.lamddb-add-secondary-index.js +5 -2
  7. package/test/integ.lamddb-add-secondary-index.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  8. package/test/integ.lamddb-add-secondary-index.js.snapshot/cdk.out +1 -0
  9. package/test/integ.lamddb-add-secondary-index.js.snapshot/integ.json +12 -0
  10. package/test/integ.lamddb-add-secondary-index.js.snapshot/lamddb-add-secondary-index.assets.json +32 -0
  11. package/test/integ.lamddb-add-secondary-index.js.snapshot/lamddb-add-secondary-index.template.json +262 -0
  12. package/test/integ.lamddb-add-secondary-index.js.snapshot/lamddbaddsecondaryindexIntegDefaultTestDeployAssert3193B4D9.assets.json +19 -0
  13. package/test/integ.lamddb-add-secondary-index.js.snapshot/lamddbaddsecondaryindexIntegDefaultTestDeployAssert3193B4D9.template.json +36 -0
  14. package/test/integ.lamddb-add-secondary-index.js.snapshot/manifest.json +131 -0
  15. package/test/integ.lamddb-add-secondary-index.js.snapshot/tree.json +415 -0
  16. package/test/integ.lamddb-deployFunctionWithExistingVpc.js +6 -2
  17. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  18. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  19. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  20. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/cdk.out +1 -0
  21. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/integ.json +12 -0
  22. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/lamddb-deployFunctionWithExistingVpc.assets.json +45 -0
  23. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/lamddb-deployFunctionWithExistingVpc.template.json +984 -0
  24. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/lamddbdeployFunctionWithExistingVpcIntegDefaultTestDeployAssertEE08E38E.assets.json +19 -0
  25. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/lamddbdeployFunctionWithExistingVpcIntegDefaultTestDeployAssertEE08E38E.template.json +36 -0
  26. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/manifest.json +323 -0
  27. package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/tree.json +1372 -0
  28. package/test/integ.lamddb-deployFunctionWithVpc.js +6 -2
  29. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  30. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  31. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  32. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/cdk.out +1 -0
  33. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/integ.json +12 -0
  34. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/lamddb-deployFunctionWithVpc.assets.json +45 -0
  35. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/lamddb-deployFunctionWithVpc.template.json +694 -0
  36. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/lamddbdeployFunctionWithVpcIntegDefaultTestDeployAssert0AB8275C.assets.json +19 -0
  37. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/lamddbdeployFunctionWithVpcIntegDefaultTestDeployAssert0AB8275C.template.json +36 -0
  38. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/manifest.json +227 -0
  39. package/test/integ.lamddb-deployFunctionWithVpc.js.snapshot/tree.json +954 -0
  40. package/test/integ.lamddb-no-arguments.js +5 -2
  41. package/test/integ.lamddb-no-arguments.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  42. package/test/integ.lamddb-no-arguments.js.snapshot/cdk.out +1 -0
  43. package/test/integ.lamddb-no-arguments.js.snapshot/integ.json +12 -0
  44. package/test/integ.lamddb-no-arguments.js.snapshot/lamddb-no-arguments.assets.json +32 -0
  45. package/test/integ.lamddb-no-arguments.js.snapshot/lamddb-no-arguments.template.json +233 -0
  46. package/test/integ.lamddb-no-arguments.js.snapshot/lamddbnoargumentsIntegDefaultTestDeployAssert248B75D0.assets.json +19 -0
  47. package/test/integ.lamddb-no-arguments.js.snapshot/lamddbnoargumentsIntegDefaultTestDeployAssert248B75D0.template.json +36 -0
  48. package/test/integ.lamddb-no-arguments.js.snapshot/manifest.json +131 -0
  49. package/test/integ.lamddb-no-arguments.js.snapshot/tree.json +386 -0
  50. package/test/integ.lamddb-set-billing-mode.js +5 -2
  51. package/test/integ.lamddb-set-billing-mode.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  52. package/test/integ.lamddb-set-billing-mode.js.snapshot/cdk.out +1 -0
  53. package/test/integ.lamddb-set-billing-mode.js.snapshot/integ.json +12 -0
  54. package/test/integ.lamddb-set-billing-mode.js.snapshot/lamddb-set-billing-mode.assets.json +32 -0
  55. package/test/integ.lamddb-set-billing-mode.js.snapshot/lamddb-set-billing-mode.template.json +246 -0
  56. package/test/integ.lamddb-set-billing-mode.js.snapshot/lamddbsetbillingmodeIntegDefaultTestDeployAssertDAE32272.assets.json +19 -0
  57. package/test/integ.lamddb-set-billing-mode.js.snapshot/lamddbsetbillingmodeIntegDefaultTestDeployAssertDAE32272.template.json +36 -0
  58. package/test/integ.lamddb-set-billing-mode.js.snapshot/manifest.json +131 -0
  59. package/test/integ.lamddb-set-billing-mode.js.snapshot/tree.json +389 -0
  60. package/test/integ.lamddb-use-existing-func.js +5 -2
  61. package/test/integ.lamddb-use-existing-func.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  62. package/test/integ.lamddb-use-existing-func.js.snapshot/cdk.out +1 -0
  63. package/test/integ.lamddb-use-existing-func.js.snapshot/integ.json +12 -0
  64. package/test/integ.lamddb-use-existing-func.js.snapshot/lamddb-use-existing-func.assets.json +32 -0
  65. package/test/integ.lamddb-use-existing-func.js.snapshot/lamddb-use-existing-func.template.json +233 -0
  66. package/test/integ.lamddb-use-existing-func.js.snapshot/lamddbuseexistingfuncIntegDefaultTestDeployAssert48D284DD.assets.json +19 -0
  67. package/test/integ.lamddb-use-existing-func.js.snapshot/lamddbuseexistingfuncIntegDefaultTestDeployAssert48D284DD.template.json +36 -0
  68. package/test/integ.lamddb-use-existing-func.js.snapshot/manifest.json +131 -0
  69. package/test/integ.lamddb-use-existing-func.js.snapshot/tree.json +386 -0
  70. package/test/integ.lamddb-add-secondary-index.expected.json +0 -262
  71. package/test/integ.lamddb-deployFunctionWithExistingVpc.expected.json +0 -1012
  72. package/test/integ.lamddb-deployFunctionWithVpc.expected.json +0 -609
  73. package/test/integ.lamddb-no-arguments.expected.json +0 -233
  74. package/test/integ.lamddb-set-billing-mode.expected.json +0 -246
  75. package/test/integ.lamddb-use-existing-func.expected.json +0 -233
package/test/integ.lamddb-deployFunctionWithExistingVpc.js.snapshot/lamddb-deployFunctionWithExistingVpc.template.json ADDED
@@ -0,0 +1,984 @@
1
+ {
2
+ "Description": "Integration Test for aws-lambda-dynamodb",
3
+ "Resources": {
4
+ "Vpc8378EB38": {
5
+ "Type": "AWS::EC2::VPC",
6
+ "Properties": {
7
+ "CidrBlock": "10.0.0.0/16",
8
+ "EnableDnsHostnames": true,
9
+ "EnableDnsSupport": true,
10
+ "InstanceTenancy": "default",
11
+ "Tags": [
12
+ {
13
+ "Key": "Name",
14
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc"
15
+ }
16
+ ]
17
+ }
18
+ },
19
+ "VpcPublicSubnet1Subnet5C2D37C4": {
20
+ "Type": "AWS::EC2::Subnet",
21
+ "Properties": {
22
+ "AvailabilityZone": {
23
+ "Fn::Select": [
24
+ 0,
25
+ {
26
+ "Fn::GetAZs": ""
27
+ }
28
+ ]
29
+ },
30
+ "CidrBlock": "10.0.0.0/18",
31
+ "MapPublicIpOnLaunch": true,
32
+ "Tags": [
33
+ {
34
+ "Key": "aws-cdk:subnet-name",
35
+ "Value": "Public"
36
+ },
37
+ {
38
+ "Key": "aws-cdk:subnet-type",
39
+ "Value": "Public"
40
+ },
41
+ {
42
+ "Key": "Name",
43
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet1"
44
+ }
45
+ ],
46
+ "VpcId": {
47
+ "Ref": "Vpc8378EB38"
48
+ }
49
+ },
50
+ "Metadata": {
51
+ "cfn_nag": {
52
+ "rules_to_suppress": [
53
+ {
54
+ "id": "W33",
55
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
56
+ }
57
+ ]
58
+ }
59
+ }
60
+ },
61
+ "VpcPublicSubnet1RouteTable6C95E38E": {
62
+ "Type": "AWS::EC2::RouteTable",
63
+ "Properties": {
64
+ "Tags": [
65
+ {
66
+ "Key": "Name",
67
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet1"
68
+ }
69
+ ],
70
+ "VpcId": {
71
+ "Ref": "Vpc8378EB38"
72
+ }
73
+ }
74
+ },
75
+ "VpcPublicSubnet1RouteTableAssociation97140677": {
76
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
77
+ "Properties": {
78
+ "RouteTableId": {
79
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
80
+ },
81
+ "SubnetId": {
82
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
83
+ }
84
+ }
85
+ },
86
+ "VpcPublicSubnet1DefaultRoute3DA9E72A": {
87
+ "Type": "AWS::EC2::Route",
88
+ "Properties": {
89
+ "DestinationCidrBlock": "0.0.0.0/0",
90
+ "GatewayId": {
91
+ "Ref": "VpcIGWD7BA715C"
92
+ },
93
+ "RouteTableId": {
94
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
95
+ }
96
+ },
97
+ "DependsOn": [
98
+ "VpcVPCGWBF912B6E"
99
+ ]
100
+ },
101
+ "VpcPublicSubnet1EIPD7E02669": {
102
+ "Type": "AWS::EC2::EIP",
103
+ "Properties": {
104
+ "Domain": "vpc",
105
+ "Tags": [
106
+ {
107
+ "Key": "Name",
108
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet1"
109
+ }
110
+ ]
111
+ }
112
+ },
113
+ "VpcPublicSubnet1NATGateway4D7517AA": {
114
+ "Type": "AWS::EC2::NatGateway",
115
+ "Properties": {
116
+ "AllocationId": {
117
+ "Fn::GetAtt": [
118
+ "VpcPublicSubnet1EIPD7E02669",
119
+ "AllocationId"
120
+ ]
121
+ },
122
+ "SubnetId": {
123
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
124
+ },
125
+ "Tags": [
126
+ {
127
+ "Key": "Name",
128
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet1"
129
+ }
130
+ ]
131
+ },
132
+ "DependsOn": [
133
+ "VpcPublicSubnet1DefaultRoute3DA9E72A",
134
+ "VpcPublicSubnet1RouteTableAssociation97140677"
135
+ ]
136
+ },
137
+ "VpcPublicSubnet2Subnet691E08A3": {
138
+ "Type": "AWS::EC2::Subnet",
139
+ "Properties": {
140
+ "AvailabilityZone": {
141
+ "Fn::Select": [
142
+ 1,
143
+ {
144
+ "Fn::GetAZs": ""
145
+ }
146
+ ]
147
+ },
148
+ "CidrBlock": "10.0.64.0/18",
149
+ "MapPublicIpOnLaunch": true,
150
+ "Tags": [
151
+ {
152
+ "Key": "aws-cdk:subnet-name",
153
+ "Value": "Public"
154
+ },
155
+ {
156
+ "Key": "aws-cdk:subnet-type",
157
+ "Value": "Public"
158
+ },
159
+ {
160
+ "Key": "Name",
161
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet2"
162
+ }
163
+ ],
164
+ "VpcId": {
165
+ "Ref": "Vpc8378EB38"
166
+ }
167
+ },
168
+ "Metadata": {
169
+ "cfn_nag": {
170
+ "rules_to_suppress": [
171
+ {
172
+ "id": "W33",
173
+ "reason": "Allow Public Subnets to have MapPublicIpOnLaunch set to true"
174
+ }
175
+ ]
176
+ }
177
+ }
178
+ },
179
+ "VpcPublicSubnet2RouteTable94F7E489": {
180
+ "Type": "AWS::EC2::RouteTable",
181
+ "Properties": {
182
+ "Tags": [
183
+ {
184
+ "Key": "Name",
185
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet2"
186
+ }
187
+ ],
188
+ "VpcId": {
189
+ "Ref": "Vpc8378EB38"
190
+ }
191
+ }
192
+ },
193
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8": {
194
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
195
+ "Properties": {
196
+ "RouteTableId": {
197
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
198
+ },
199
+ "SubnetId": {
200
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
201
+ }
202
+ }
203
+ },
204
+ "VpcPublicSubnet2DefaultRoute97F91067": {
205
+ "Type": "AWS::EC2::Route",
206
+ "Properties": {
207
+ "DestinationCidrBlock": "0.0.0.0/0",
208
+ "GatewayId": {
209
+ "Ref": "VpcIGWD7BA715C"
210
+ },
211
+ "RouteTableId": {
212
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
213
+ }
214
+ },
215
+ "DependsOn": [
216
+ "VpcVPCGWBF912B6E"
217
+ ]
218
+ },
219
+ "VpcPublicSubnet2EIP3C605A87": {
220
+ "Type": "AWS::EC2::EIP",
221
+ "Properties": {
222
+ "Domain": "vpc",
223
+ "Tags": [
224
+ {
225
+ "Key": "Name",
226
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet2"
227
+ }
228
+ ]
229
+ }
230
+ },
231
+ "VpcPublicSubnet2NATGateway9182C01D": {
232
+ "Type": "AWS::EC2::NatGateway",
233
+ "Properties": {
234
+ "AllocationId": {
235
+ "Fn::GetAtt": [
236
+ "VpcPublicSubnet2EIP3C605A87",
237
+ "AllocationId"
238
+ ]
239
+ },
240
+ "SubnetId": {
241
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
242
+ },
243
+ "Tags": [
244
+ {
245
+ "Key": "Name",
246
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PublicSubnet2"
247
+ }
248
+ ]
249
+ },
250
+ "DependsOn": [
251
+ "VpcPublicSubnet2DefaultRoute97F91067",
252
+ "VpcPublicSubnet2RouteTableAssociationDD5762D8"
253
+ ]
254
+ },
255
+ "VpcPrivateSubnet1Subnet536B997A": {
256
+ "Type": "AWS::EC2::Subnet",
257
+ "Properties": {
258
+ "AvailabilityZone": {
259
+ "Fn::Select": [
260
+ 0,
261
+ {
262
+ "Fn::GetAZs": ""
263
+ }
264
+ ]
265
+ },
266
+ "CidrBlock": "10.0.128.0/18",
267
+ "MapPublicIpOnLaunch": false,
268
+ "Tags": [
269
+ {
270
+ "Key": "aws-cdk:subnet-name",
271
+ "Value": "Private"
272
+ },
273
+ {
274
+ "Key": "aws-cdk:subnet-type",
275
+ "Value": "Private"
276
+ },
277
+ {
278
+ "Key": "Name",
279
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PrivateSubnet1"
280
+ }
281
+ ],
282
+ "VpcId": {
283
+ "Ref": "Vpc8378EB38"
284
+ }
285
+ }
286
+ },
287
+ "VpcPrivateSubnet1RouteTableB2C5B500": {
288
+ "Type": "AWS::EC2::RouteTable",
289
+ "Properties": {
290
+ "Tags": [
291
+ {
292
+ "Key": "Name",
293
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PrivateSubnet1"
294
+ }
295
+ ],
296
+ "VpcId": {
297
+ "Ref": "Vpc8378EB38"
298
+ }
299
+ }
300
+ },
301
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
302
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
303
+ "Properties": {
304
+ "RouteTableId": {
305
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
306
+ },
307
+ "SubnetId": {
308
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
309
+ }
310
+ }
311
+ },
312
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED": {
313
+ "Type": "AWS::EC2::Route",
314
+ "Properties": {
315
+ "DestinationCidrBlock": "0.0.0.0/0",
316
+ "NatGatewayId": {
317
+ "Ref": "VpcPublicSubnet1NATGateway4D7517AA"
318
+ },
319
+ "RouteTableId": {
320
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
321
+ }
322
+ }
323
+ },
324
+ "VpcPrivateSubnet2Subnet3788AAA1": {
325
+ "Type": "AWS::EC2::Subnet",
326
+ "Properties": {
327
+ "AvailabilityZone": {
328
+ "Fn::Select": [
329
+ 1,
330
+ {
331
+ "Fn::GetAZs": ""
332
+ }
333
+ ]
334
+ },
335
+ "CidrBlock": "10.0.192.0/18",
336
+ "MapPublicIpOnLaunch": false,
337
+ "Tags": [
338
+ {
339
+ "Key": "aws-cdk:subnet-name",
340
+ "Value": "Private"
341
+ },
342
+ {
343
+ "Key": "aws-cdk:subnet-type",
344
+ "Value": "Private"
345
+ },
346
+ {
347
+ "Key": "Name",
348
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PrivateSubnet2"
349
+ }
350
+ ],
351
+ "VpcId": {
352
+ "Ref": "Vpc8378EB38"
353
+ }
354
+ }
355
+ },
356
+ "VpcPrivateSubnet2RouteTableA678073B": {
357
+ "Type": "AWS::EC2::RouteTable",
358
+ "Properties": {
359
+ "Tags": [
360
+ {
361
+ "Key": "Name",
362
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/PrivateSubnet2"
363
+ }
364
+ ],
365
+ "VpcId": {
366
+ "Ref": "Vpc8378EB38"
367
+ }
368
+ }
369
+ },
370
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
371
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
372
+ "Properties": {
373
+ "RouteTableId": {
374
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
375
+ },
376
+ "SubnetId": {
377
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
378
+ }
379
+ }
380
+ },
381
+ "VpcPrivateSubnet2DefaultRoute060D2087": {
382
+ "Type": "AWS::EC2::Route",
383
+ "Properties": {
384
+ "DestinationCidrBlock": "0.0.0.0/0",
385
+ "NatGatewayId": {
386
+ "Ref": "VpcPublicSubnet2NATGateway9182C01D"
387
+ },
388
+ "RouteTableId": {
389
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
390
+ }
391
+ }
392
+ },
393
+ "VpcIGWD7BA715C": {
394
+ "Type": "AWS::EC2::InternetGateway",
395
+ "Properties": {
396
+ "Tags": [
397
+ {
398
+ "Key": "Name",
399
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc"
400
+ }
401
+ ]
402
+ }
403
+ },
404
+ "VpcVPCGWBF912B6E": {
405
+ "Type": "AWS::EC2::VPCGatewayAttachment",
406
+ "Properties": {
407
+ "InternetGatewayId": {
408
+ "Ref": "VpcIGWD7BA715C"
409
+ },
410
+ "VpcId": {
411
+ "Ref": "Vpc8378EB38"
412
+ }
413
+ }
414
+ },
415
+ "VpcRestrictDefaultSecurityGroupCustomResourceC73DA2BE": {
416
+ "Type": "Custom::VpcRestrictDefaultSG",
417
+ "Properties": {
418
+ "ServiceToken": {
419
+ "Fn::GetAtt": [
420
+ "CustomVpcRestrictDefaultSGCustomResourceProviderHandlerDC833E5E",
421
+ "Arn"
422
+ ]
423
+ },
424
+ "DefaultSecurityGroupId": {
425
+ "Fn::GetAtt": [
426
+ "Vpc8378EB38",
427
+ "DefaultSecurityGroup"
428
+ ]
429
+ },
430
+ "Account": {
431
+ "Ref": "AWS::AccountId"
432
+ }
433
+ },
434
+ "UpdateReplacePolicy": "Delete",
435
+ "DeletionPolicy": "Delete"
436
+ },
437
+ "VpcFlowLogIAMRole6A475D41": {
438
+ "Type": "AWS::IAM::Role",
439
+ "Properties": {
440
+ "AssumeRolePolicyDocument": {
441
+ "Statement": [
442
+ {
443
+ "Action": "sts:AssumeRole",
444
+ "Effect": "Allow",
445
+ "Principal": {
446
+ "Service": "vpc-flow-logs.amazonaws.com"
447
+ }
448
+ }
449
+ ],
450
+ "Version": "2012-10-17"
451
+ },
452
+ "Tags": [
453
+ {
454
+ "Key": "Name",
455
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/FlowLog"
456
+ }
457
+ ]
458
+ }
459
+ },
460
+ "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
461
+ "Type": "AWS::IAM::Policy",
462
+ "Properties": {
463
+ "PolicyDocument": {
464
+ "Statement": [
465
+ {
466
+ "Action": [
467
+ "logs:CreateLogStream",
468
+ "logs:DescribeLogStreams",
469
+ "logs:PutLogEvents"
470
+ ],
471
+ "Effect": "Allow",
472
+ "Resource": {
473
+ "Fn::GetAtt": [
474
+ "VpcFlowLogLogGroup7B5C56B9",
475
+ "Arn"
476
+ ]
477
+ }
478
+ },
479
+ {
480
+ "Action": "iam:PassRole",
481
+ "Effect": "Allow",
482
+ "Resource": {
483
+ "Fn::GetAtt": [
484
+ "VpcFlowLogIAMRole6A475D41",
485
+ "Arn"
486
+ ]
487
+ }
488
+ }
489
+ ],
490
+ "Version": "2012-10-17"
491
+ },
492
+ "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
493
+ "Roles": [
494
+ {
495
+ "Ref": "VpcFlowLogIAMRole6A475D41"
496
+ }
497
+ ]
498
+ }
499
+ },
500
+ "VpcFlowLogLogGroup7B5C56B9": {
501
+ "Type": "AWS::Logs::LogGroup",
502
+ "Properties": {
503
+ "RetentionInDays": 731,
504
+ "Tags": [
505
+ {
506
+ "Key": "Name",
507
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/FlowLog"
508
+ }
509
+ ]
510
+ },
511
+ "UpdateReplacePolicy": "Retain",
512
+ "DeletionPolicy": "Retain",
513
+ "Metadata": {
514
+ "cfn_nag": {
515
+ "rules_to_suppress": [
516
+ {
517
+ "id": "W84",
518
+ "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
519
+ }
520
+ ]
521
+ }
522
+ }
523
+ },
524
+ "VpcFlowLog8FF33A73": {
525
+ "Type": "AWS::EC2::FlowLog",
526
+ "Properties": {
527
+ "DeliverLogsPermissionArn": {
528
+ "Fn::GetAtt": [
529
+ "VpcFlowLogIAMRole6A475D41",
530
+ "Arn"
531
+ ]
532
+ },
533
+ "LogDestinationType": "cloud-watch-logs",
534
+ "LogGroupName": {
535
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
536
+ },
537
+ "ResourceId": {
538
+ "Ref": "Vpc8378EB38"
539
+ },
540
+ "ResourceType": "VPC",
541
+ "Tags": [
542
+ {
543
+ "Key": "Name",
544
+ "Value": "lamddb-deployFunctionWithExistingVpc/Vpc/FlowLog"
545
+ }
546
+ ],
547
+ "TrafficType": "ALL"
548
+ }
549
+ },
550
+ "VpcDDB49FBEC5F": {
551
+ "Type": "AWS::EC2::VPCEndpoint",
552
+ "Properties": {
553
+ "RouteTableIds": [
554
+ {
555
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
556
+ },
557
+ {
558
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
559
+ },
560
+ {
561
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
562
+ },
563
+ {
564
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
565
+ }
566
+ ],
567
+ "ServiceName": {
568
+ "Fn::Join": [
569
+ "",
570
+ [
571
+ "com.amazonaws.",
572
+ {
573
+ "Ref": "AWS::Region"
574
+ },
575
+ ".dynamodb"
576
+ ]
577
+ ]
578
+ },
579
+ "VpcEndpointType": "Gateway",
580
+ "VpcId": {
581
+ "Ref": "Vpc8378EB38"
582
+ }
583
+ }
584
+ },
585
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0": {
586
+ "Type": "AWS::IAM::Role",
587
+ "Properties": {
588
+ "AssumeRolePolicyDocument": {
589
+ "Version": "2012-10-17",
590
+ "Statement": [
591
+ {
592
+ "Action": "sts:AssumeRole",
593
+ "Effect": "Allow",
594
+ "Principal": {
595
+ "Service": "lambda.amazonaws.com"
596
+ }
597
+ }
598
+ ]
599
+ },
600
+ "ManagedPolicyArns": [
601
+ {
602
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
603
+ }
604
+ ],
605
+ "Policies": [
606
+ {
607
+ "PolicyName": "Inline",
608
+ "PolicyDocument": {
609
+ "Version": "2012-10-17",
610
+ "Statement": [
611
+ {
612
+ "Effect": "Allow",
613
+ "Action": [
614
+ "ec2:AuthorizeSecurityGroupIngress",
615
+ "ec2:AuthorizeSecurityGroupEgress",
616
+ "ec2:RevokeSecurityGroupIngress",
617
+ "ec2:RevokeSecurityGroupEgress"
618
+ ],
619
+ "Resource": [
620
+ {
621
+ "Fn::Join": [
622
+ "",
623
+ [
624
+ "arn:",
625
+ {
626
+ "Ref": "AWS::Partition"
627
+ },
628
+ ":ec2:",
629
+ {
630
+ "Ref": "AWS::Region"
631
+ },
632
+ ":",
633
+ {
634
+ "Ref": "AWS::AccountId"
635
+ },
636
+ ":security-group/",
637
+ {
638
+ "Fn::GetAtt": [
639
+ "Vpc8378EB38",
640
+ "DefaultSecurityGroup"
641
+ ]
642
+ }
643
+ ]
644
+ ]
645
+ }
646
+ ]
647
+ }
648
+ ]
649
+ }
650
+ }
651
+ ]
652
+ }
653
+ },
654
+ "CustomVpcRestrictDefaultSGCustomResourceProviderHandlerDC833E5E": {
655
+ "Type": "AWS::Lambda::Function",
656
+ "Properties": {
657
+ "Code": {
658
+ "S3Bucket": {
659
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
660
+ },
661
+ "S3Key": "dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e.zip"
662
+ },
663
+ "Timeout": 900,
664
+ "MemorySize": 128,
665
+ "Handler": "__entrypoint__.handler",
666
+ "Role": {
667
+ "Fn::GetAtt": [
668
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0",
669
+ "Arn"
670
+ ]
671
+ },
672
+ "Runtime": "nodejs18.x",
673
+ "Description": "Lambda function for removing all inbound/outbound rules from the VPC default security group"
674
+ },
675
+ "DependsOn": [
676
+ "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0"
677
+ ],
678
+ "Metadata": {
679
+ "cfn_nag": {
680
+ "rules_to_suppress": [
681
+ {
682
+ "id": "W58",
683
+ "reason": "CDK generated custom resource"
684
+ },
685
+ {
686
+ "id": "W89",
687
+ "reason": "CDK generated custom resource"
688
+ },
689
+ {
690
+ "id": "W92",
691
+ "reason": "CDK generated custom resource"
692
+ }
693
+ ]
694
+ }
695
+ }
696
+ },
697
+ "testlambdadynamodbstackLambdaFunctionServiceRole758347A1": {
698
+ "Type": "AWS::IAM::Role",
699
+ "Properties": {
700
+ "AssumeRolePolicyDocument": {
701
+ "Statement": [
702
+ {
703
+ "Action": "sts:AssumeRole",
704
+ "Effect": "Allow",
705
+ "Principal": {
706
+ "Service": "lambda.amazonaws.com"
707
+ }
708
+ }
709
+ ],
710
+ "Version": "2012-10-17"
711
+ },
712
+ "Policies": [
713
+ {
714
+ "PolicyDocument": {
715
+ "Statement": [
716
+ {
717
+ "Action": [
718
+ "logs:CreateLogGroup",
719
+ "logs:CreateLogStream",
720
+ "logs:PutLogEvents"
721
+ ],
722
+ "Effect": "Allow",
723
+ "Resource": {
724
+ "Fn::Join": [
725
+ "",
726
+ [
727
+ "arn:",
728
+ {
729
+ "Ref": "AWS::Partition"
730
+ },
731
+ ":logs:",
732
+ {
733
+ "Ref": "AWS::Region"
734
+ },
735
+ ":",
736
+ {
737
+ "Ref": "AWS::AccountId"
738
+ },
739
+ ":log-group:/aws/lambda/*"
740
+ ]
741
+ ]
742
+ }
743
+ }
744
+ ],
745
+ "Version": "2012-10-17"
746
+ },
747
+ "PolicyName": "LambdaFunctionServiceRolePolicy"
748
+ }
749
+ ]
750
+ }
751
+ },
752
+ "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4": {
753
+ "Type": "AWS::IAM::Policy",
754
+ "Properties": {
755
+ "PolicyDocument": {
756
+ "Statement": [
757
+ {
758
+ "Action": [
759
+ "ec2:AssignPrivateIpAddresses",
760
+ "ec2:CreateNetworkInterface",
761
+ "ec2:DeleteNetworkInterface",
762
+ "ec2:DescribeNetworkInterfaces",
763
+ "ec2:UnassignPrivateIpAddresses",
764
+ "xray:PutTelemetryRecords",
765
+ "xray:PutTraceSegments"
766
+ ],
767
+ "Effect": "Allow",
768
+ "Resource": "*"
769
+ },
770
+ {
771
+ "Action": [
772
+ "dynamodb:BatchGetItem",
773
+ "dynamodb:BatchWriteItem",
774
+ "dynamodb:ConditionCheckItem",
775
+ "dynamodb:DeleteItem",
776
+ "dynamodb:DescribeTable",
777
+ "dynamodb:GetItem",
778
+ "dynamodb:GetRecords",
779
+ "dynamodb:GetShardIterator",
780
+ "dynamodb:PutItem",
781
+ "dynamodb:Query",
782
+ "dynamodb:Scan",
783
+ "dynamodb:UpdateItem"
784
+ ],
785
+ "Effect": "Allow",
786
+ "Resource": [
787
+ {
788
+ "Fn::GetAtt": [
789
+ "testlambdadynamodbstackDynamoTable8138E93B",
790
+ "Arn"
791
+ ]
792
+ },
793
+ {
794
+ "Ref": "AWS::NoValue"
795
+ }
796
+ ]
797
+ }
798
+ ],
799
+ "Version": "2012-10-17"
800
+ },
801
+ "PolicyName": "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4",
802
+ "Roles": [
803
+ {
804
+ "Ref": "testlambdadynamodbstackLambdaFunctionServiceRole758347A1"
805
+ }
806
+ ]
807
+ },
808
+ "Metadata": {
809
+ "cfn_nag": {
810
+ "rules_to_suppress": [
811
+ {
812
+ "id": "W12",
813
+ "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
814
+ }
815
+ ]
816
+ }
817
+ }
818
+ },
819
+ "testlambdadynamodbstackReplaceDefaultSecurityGroupsecuritygroup15025C82": {
820
+ "Type": "AWS::EC2::SecurityGroup",
821
+ "Properties": {
822
+ "GroupDescription": "lamddb-deployFunctionWithExistingVpc/test-lambda-dynamodb-stack/ReplaceDefaultSecurityGroup-security-group",
823
+ "SecurityGroupEgress": [
824
+ {
825
+ "CidrIp": "0.0.0.0/0",
826
+ "Description": "Allow all outbound traffic by default",
827
+ "IpProtocol": "-1"
828
+ }
829
+ ],
830
+ "VpcId": {
831
+ "Ref": "Vpc8378EB38"
832
+ }
833
+ },
834
+ "Metadata": {
835
+ "cfn_nag": {
836
+ "rules_to_suppress": [
837
+ {
838
+ "id": "W5",
839
+ "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
840
+ },
841
+ {
842
+ "id": "W40",
843
+ "reason": "Egress IPProtocol of -1 is default and generally considered OK"
844
+ }
845
+ ]
846
+ }
847
+ }
848
+ },
849
+ "testlambdadynamodbstackLambdaFunction5DDB3E8D": {
850
+ "Type": "AWS::Lambda::Function",
851
+ "Properties": {
852
+ "Code": {
853
+ "S3Bucket": {
854
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
855
+ },
856
+ "S3Key": "0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8.zip"
857
+ },
858
+ "Environment": {
859
+ "Variables": {
860
+ "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
861
+ "DDB_TABLE_NAME": {
862
+ "Ref": "testlambdadynamodbstackDynamoTable8138E93B"
863
+ }
864
+ }
865
+ },
866
+ "Handler": "index.handler",
867
+ "Role": {
868
+ "Fn::GetAtt": [
869
+ "testlambdadynamodbstackLambdaFunctionServiceRole758347A1",
870
+ "Arn"
871
+ ]
872
+ },
873
+ "Runtime": "nodejs16.x",
874
+ "TracingConfig": {
875
+ "Mode": "Active"
876
+ },
877
+ "VpcConfig": {
878
+ "SecurityGroupIds": [
879
+ {
880
+ "Fn::GetAtt": [
881
+ "testlambdadynamodbstackReplaceDefaultSecurityGroupsecuritygroup15025C82",
882
+ "GroupId"
883
+ ]
884
+ }
885
+ ],
886
+ "SubnetIds": [
887
+ {
888
+ "Ref": "VpcPrivateSubnet1Subnet536B997A"
889
+ },
890
+ {
891
+ "Ref": "VpcPrivateSubnet2Subnet3788AAA1"
892
+ }
893
+ ]
894
+ }
895
+ },
896
+ "DependsOn": [
897
+ "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4",
898
+ "testlambdadynamodbstackLambdaFunctionServiceRole758347A1",
899
+ "VpcPrivateSubnet1DefaultRouteBE02A9ED",
900
+ "VpcPrivateSubnet1RouteTableAssociation70C59FA6",
901
+ "VpcPrivateSubnet2DefaultRoute060D2087",
902
+ "VpcPrivateSubnet2RouteTableAssociationA89CAD56"
903
+ ],
904
+ "Metadata": {
905
+ "cfn_nag": {
906
+ "rules_to_suppress": [
907
+ {
908
+ "id": "W58",
909
+ "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
910
+ },
911
+ {
912
+ "id": "W89",
913
+ "reason": "This is not a rule for the general case, just for specific use cases/industries"
914
+ },
915
+ {
916
+ "id": "W92",
917
+ "reason": "Impossible for us to define the correct concurrency for clients"
918
+ }
919
+ ]
920
+ }
921
+ }
922
+ },
923
+ "testlambdadynamodbstackDynamoTable8138E93B": {
924
+ "Type": "AWS::DynamoDB::Table",
925
+ "Properties": {
926
+ "AttributeDefinitions": [
927
+ {
928
+ "AttributeName": "id",
929
+ "AttributeType": "S"
930
+ }
931
+ ],
932
+ "BillingMode": "PAY_PER_REQUEST",
933
+ "KeySchema": [
934
+ {
935
+ "AttributeName": "id",
936
+ "KeyType": "HASH"
937
+ }
938
+ ],
939
+ "PointInTimeRecoverySpecification": {
940
+ "PointInTimeRecoveryEnabled": true
941
+ },
942
+ "SSESpecification": {
943
+ "SSEEnabled": true
944
+ }
945
+ },
946
+ "UpdateReplacePolicy": "Retain",
947
+ "DeletionPolicy": "Retain"
948
+ }
949
+ },
950
+ "Parameters": {
951
+ "BootstrapVersion": {
952
+ "Type": "AWS::SSM::Parameter::Value<String>",
953
+ "Default": "/cdk-bootstrap/hnb659fds/version",
954
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
955
+ }
956
+ },
957
+ "Rules": {
958
+ "CheckBootstrapVersion": {
959
+ "Assertions": [
960
+ {
961
+ "Assert": {
962
+ "Fn::Not": [
963
+ {
964
+ "Fn::Contains": [
965
+ [
966
+ "1",
967
+ "2",
968
+ "3",
969
+ "4",
970
+ "5"
971
+ ],
972
+ {
973
+ "Ref": "BootstrapVersion"
974
+ }
975
+ ]
976
+ }
977
+ ]
978
+ },
979
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
980
+ }
981
+ ]
982
+ }
983
+ }
984
+ }