npm - @aws-solutions-constructs/aws-lambda-dynamodb - Versions diffs - 2.51.0 → 2.52.0 - Mend

@aws-solutions-constructs/aws-lambda-dynamodb 2.51.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

package/test/integ.lamddb-deployFunctionWithVpc.expected.json DELETED Viewed

@@ -1,609 +0,0 @@
-{
-  "Description": "Integration Test for aws-lambda-dynamodb",
-  "Resources": {
-    "testlambdadynamodbstackLambdaFunctionServiceRole758347A1": {
-      "Type": "AWS::IAM::Role",
-      "Properties": {
-        "AssumeRolePolicyDocument": {
-          "Statement": [
-            {
-              "Action": "sts:AssumeRole",
-              "Effect": "Allow",
-              "Principal": {
-                "Service": "lambda.amazonaws.com"
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "Policies": [
-          {
-            "PolicyDocument": {
-              "Statement": [
-                {
-                  "Action": [
-                    "logs:CreateLogGroup",
-                    "logs:CreateLogStream",
-                    "logs:PutLogEvents"
-                  ],
-                  "Effect": "Allow",
-                  "Resource": {
-                    "Fn::Join": [
-                      "",
-                      [
-                        "arn:",
-                        {
-                          "Ref": "AWS::Partition"
-                        },
-                        ":logs:",
-                        {
-                          "Ref": "AWS::Region"
-                        },
-                        ":",
-                        {
-                          "Ref": "AWS::AccountId"
-                        },
-                        ":log-group:/aws/lambda/*"
-                      ]
-                    ]
-                  }
-                }
-              ],
-              "Version": "2012-10-17"
-            },
-            "PolicyName": "LambdaFunctionServiceRolePolicy"
-          }
-        ]
-      }
-    },
-    "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4": {
-      "Type": "AWS::IAM::Policy",
-      "Properties": {
-        "PolicyDocument": {
-          "Statement": [
-            {
-              "Action": [
-                "ec2:CreateNetworkInterface",
-                "ec2:DescribeNetworkInterfaces",
-                "ec2:DeleteNetworkInterface",
-                "ec2:AssignPrivateIpAddresses",
-                "ec2:UnassignPrivateIpAddresses"
-              ],
-              "Effect": "Allow",
-              "Resource": "*"
-            },
-            {
-              "Action": [
-                "xray:PutTraceSegments",
-                "xray:PutTelemetryRecords"
-              ],
-              "Effect": "Allow",
-              "Resource": "*"
-            },
-            {
-              "Action": [
-                "dynamodb:BatchGetItem",
-                "dynamodb:GetRecords",
-                "dynamodb:GetShardIterator",
-                "dynamodb:Query",
-                "dynamodb:GetItem",
-                "dynamodb:Scan",
-                "dynamodb:ConditionCheckItem",
-                "dynamodb:BatchWriteItem",
-                "dynamodb:PutItem",
-                "dynamodb:UpdateItem",
-                "dynamodb:DeleteItem",
-                "dynamodb:DescribeTable"
-              ],
-              "Effect": "Allow",
-              "Resource": [
-                {
-                  "Fn::GetAtt": [
-                    "testlambdadynamodbstackDynamoTable8138E93B",
-                    "Arn"
-                  ]
-                },
-                {
-                  "Ref": "AWS::NoValue"
-                }
-              ]
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "PolicyName": "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4",
-        "Roles": [
-          {
-            "Ref": "testlambdadynamodbstackLambdaFunctionServiceRole758347A1"
-          }
-        ]
-      },
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W12",
-              "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
-            }
-          ]
-        }
-      }
-    },
-    "testlambdadynamodbstackReplaceDefaultSecurityGroupsecuritygroup15025C82": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "lamddb-deployFunctionWithVpc/test-lambda-dynamodb-stack/ReplaceDefaultSecurityGroup-security-group",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "Allow all outbound traffic by default",
-            "IpProtocol": "-1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      },
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W5",
-              "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
-            },
-            {
-              "id": "W40",
-              "reason": "Egress IPProtocol of -1 is default and generally considered OK"
-            }
-          ]
-        }
-      }
-    },
-    "testlambdadynamodbstackLambdaFunction5DDB3E8D": {
-      "Type": "AWS::Lambda::Function",
-      "Properties": {
-        "Code": {
-          "S3Bucket": {
-            "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
-          },
-          "S3Key": "0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8.zip"
-        },
-        "Environment": {
-          "Variables": {
-            "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
-            "DDB_TABLE_NAME": {
-              "Ref": "testlambdadynamodbstackDynamoTable8138E93B"
-            }
-          }
-        },
-        "Handler": "index.handler",
-        "Role": {
-          "Fn::GetAtt": [
-            "testlambdadynamodbstackLambdaFunctionServiceRole758347A1",
-            "Arn"
-          ]
-        },
-        "Runtime": "nodejs16.x",
-        "TracingConfig": {
-          "Mode": "Active"
-        },
-        "VpcConfig": {
-          "SecurityGroupIds": [
-            {
-              "Fn::GetAtt": [
-                "testlambdadynamodbstackReplaceDefaultSecurityGroupsecuritygroup15025C82",
-                "GroupId"
-              ]
-            }
-          ],
-          "SubnetIds": [
-            {
-              "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
-            },
-            {
-              "Ref": "VpcisolatedSubnet2Subnet39217055"
-            },
-            {
-              "Ref": "VpcisolatedSubnet3Subnet44F2537D"
-            }
-          ]
-        }
-      },
-      "DependsOn": [
-        "testlambdadynamodbstackLambdaFunctionServiceRoleDefaultPolicy547FB7F4",
-        "testlambdadynamodbstackLambdaFunctionServiceRole758347A1",
-        "VpcisolatedSubnet1RouteTableAssociationD259E31A",
-        "VpcisolatedSubnet2RouteTableAssociation25A4716F",
-        "VpcisolatedSubnet3RouteTableAssociationDC010BEB"
-      ],
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W58",
-              "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
-            },
-            {
-              "id": "W89",
-              "reason": "This is not a rule for the general case, just for specific use cases/industries"
-            },
-            {
-              "id": "W92",
-              "reason": "Impossible for us to define the correct concurrency for clients"
-            }
-          ]
-        }
-      }
-    },
-    "testlambdadynamodbstackDynamoTable8138E93B": {
-      "Type": "AWS::DynamoDB::Table",
-      "Properties": {
-        "AttributeDefinitions": [
-          {
-            "AttributeName": "id",
-            "AttributeType": "S"
-          }
-        ],
-        "BillingMode": "PAY_PER_REQUEST",
-        "KeySchema": [
-          {
-            "AttributeName": "id",
-            "KeyType": "HASH"
-          }
-        ],
-        "PointInTimeRecoverySpecification": {
-          "PointInTimeRecoveryEnabled": true
-        },
-        "SSESpecification": {
-          "SSEEnabled": true
-        }
-      },
-      "UpdateReplacePolicy": "Retain",
-      "DeletionPolicy": "Retain"
-    },
-    "Vpc8378EB38": {
-      "Type": "AWS::EC2::VPC",
-      "Properties": {
-        "CidrBlock": "10.0.0.0/16",
-        "EnableDnsHostnames": true,
-        "EnableDnsSupport": true,
-        "InstanceTenancy": "default",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc"
-          }
-        ]
-      }
-    },
-    "VpcisolatedSubnet1SubnetE62B1B9B": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1a",
-        "CidrBlock": "10.0.0.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet1RouteTableE442650B": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet1RouteTableE442650B"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
-        }
-      }
-    },
-    "VpcisolatedSubnet2Subnet39217055": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1b",
-        "CidrBlock": "10.0.64.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet2"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet2RouteTable334F9764": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet2"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet2RouteTable334F9764"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet2Subnet39217055"
-        }
-      }
-    },
-    "VpcisolatedSubnet3Subnet44F2537D": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1c",
-        "CidrBlock": "10.0.128.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet3"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet3RouteTableA2F6BBC0": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/isolatedSubnet3"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet3Subnet44F2537D"
-        }
-      }
-    },
-    "VpcFlowLogIAMRole6A475D41": {
-      "Type": "AWS::IAM::Role",
-      "Properties": {
-        "AssumeRolePolicyDocument": {
-          "Statement": [
-            {
-              "Action": "sts:AssumeRole",
-              "Effect": "Allow",
-              "Principal": {
-                "Service": "vpc-flow-logs.amazonaws.com"
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/FlowLog"
-          }
-        ]
-      }
-    },
-    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
-      "Type": "AWS::IAM::Policy",
-      "Properties": {
-        "PolicyDocument": {
-          "Statement": [
-            {
-              "Action": [
-                "logs:CreateLogStream",
-                "logs:PutLogEvents",
-                "logs:DescribeLogStreams"
-              ],
-              "Effect": "Allow",
-              "Resource": {
-                "Fn::GetAtt": [
-                  "VpcFlowLogLogGroup7B5C56B9",
-                  "Arn"
-                ]
-              }
-            },
-            {
-              "Action": "iam:PassRole",
-              "Effect": "Allow",
-              "Resource": {
-                "Fn::GetAtt": [
-                  "VpcFlowLogIAMRole6A475D41",
-                  "Arn"
-                ]
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
-        "Roles": [
-          {
-            "Ref": "VpcFlowLogIAMRole6A475D41"
-          }
-        ]
-      }
-    },
-    "VpcFlowLogLogGroup7B5C56B9": {
-      "Type": "AWS::Logs::LogGroup",
-      "Properties": {
-        "RetentionInDays": 731,
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/FlowLog"
-          }
-        ]
-      },
-      "UpdateReplacePolicy": "Retain",
-      "DeletionPolicy": "Retain",
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W84",
-              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
-            }
-          ]
-        }
-      }
-    },
-    "VpcFlowLog8FF33A73": {
-      "Type": "AWS::EC2::FlowLog",
-      "Properties": {
-        "DeliverLogsPermissionArn": {
-          "Fn::GetAtt": [
-            "VpcFlowLogIAMRole6A475D41",
-            "Arn"
-          ]
-        },
-        "LogDestinationType": "cloud-watch-logs",
-        "LogGroupName": {
-          "Ref": "VpcFlowLogLogGroup7B5C56B9"
-        },
-        "ResourceId": {
-          "Ref": "Vpc8378EB38"
-        },
-        "ResourceType": "VPC",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamddb-deployFunctionWithVpc/Vpc/FlowLog"
-          }
-        ],
-        "TrafficType": "ALL"
-      }
-    },
-    "VpcDDB49FBEC5F": {
-      "Type": "AWS::EC2::VPCEndpoint",
-      "Properties": {
-        "RouteTableIds": [
-          {
-            "Ref": "VpcisolatedSubnet1RouteTableE442650B"
-          },
-          {
-            "Ref": "VpcisolatedSubnet2RouteTable334F9764"
-          },
-          {
-            "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
-          }
-        ],
-        "ServiceName": {
-          "Fn::Join": [
-            "",
-            [
-              "com.amazonaws.",
-              {
-                "Ref": "AWS::Region"
-              },
-              ".dynamodb"
-            ]
-          ]
-        },
-        "VpcEndpointType": "Gateway",
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    }
-  },
-  "Parameters": {
-    "BootstrapVersion": {
-      "Type": "AWS::SSM::Parameter::Value<String>",
-      "Default": "/cdk-bootstrap/hnb659fds/version",
-      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
-    }
-  },
-  "Rules": {
-    "CheckBootstrapVersion": {
-      "Assertions": [
-        {
-          "Assert": {
-            "Fn::Not": [
-              {
-                "Fn::Contains": [
-                  [
-                    "1",
-                    "2",
-                    "3",
-                    "4",
-                    "5"
-                  ],
-                  {
-                    "Ref": "BootstrapVersion"
-                  }
-                ]
-              }
-            ]
-          },
-          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
-        }
-      ]
-    }
-  }
-}