@aws-solutions-constructs/aws-lambda-kinesisstreams 2.50.0 → 2.52.0

package/test/integ.lamkin-newVpc.expected.json

@@ -1,671 +0,0 @@
-{
-  "Resources": {
-    "testlambdakinesisstreamsLambdaFunctionServiceRole95206CF3": {
-      "Type": "AWS::IAM::Role",
-      "Properties": {
-        "AssumeRolePolicyDocument": {
-          "Statement": [
-            {
-              "Action": "sts:AssumeRole",
-              "Effect": "Allow",
-              "Principal": {
-                "Service": "lambda.amazonaws.com"
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "Policies": [
-          {
-            "PolicyDocument": {
-              "Statement": [
-                {
-                  "Action": [
-                    "logs:CreateLogGroup",
-                    "logs:CreateLogStream",
-                    "logs:PutLogEvents"
-                  ],
-                  "Effect": "Allow",
-                  "Resource": {
-                    "Fn::Join": [
-                      "",
-                      [
-                        "arn:",
-                        {
-                          "Ref": "AWS::Partition"
-                        },
-                        ":logs:",
-                        {
-                          "Ref": "AWS::Region"
-                        },
-                        ":",
-                        {
-                          "Ref": "AWS::AccountId"
-                        },
-                        ":log-group:/aws/lambda/*"
-                      ]
-                    ]
-                  }
-                }
-              ],
-              "Version": "2012-10-17"
-            },
-            "PolicyName": "LambdaFunctionServiceRolePolicy"
-          }
-        ]
-      }
-    },
-    "testlambdakinesisstreamsLambdaFunctionServiceRoleDefaultPolicyED972043": {
-      "Type": "AWS::IAM::Policy",
-      "Properties": {
-        "PolicyDocument": {
-          "Statement": [
-            {
-              "Action": [
-                "ec2:CreateNetworkInterface",
-                "ec2:DescribeNetworkInterfaces",
-                "ec2:DeleteNetworkInterface",
-                "ec2:AssignPrivateIpAddresses",
-                "ec2:UnassignPrivateIpAddresses"
-              ],
-              "Effect": "Allow",
-              "Resource": "*"
-            },
-            {
-              "Action": [
-                "xray:PutTraceSegments",
-                "xray:PutTelemetryRecords"
-              ],
-              "Effect": "Allow",
-              "Resource": "*"
-            },
-            {
-              "Action": [
-                "kinesis:ListShards",
-                "kinesis:PutRecord",
-                "kinesis:PutRecords"
-              ],
-              "Effect": "Allow",
-              "Resource": {
-                "Fn::GetAtt": [
-                  "testlambdakinesisstreamsKinesisStream11A82116",
-                  "Arn"
-                ]
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "PolicyName": "testlambdakinesisstreamsLambdaFunctionServiceRoleDefaultPolicyED972043",
-        "Roles": [
-          {
-            "Ref": "testlambdakinesisstreamsLambdaFunctionServiceRole95206CF3"
-          }
-        ]
-      },
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W12",
-              "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
-            }
-          ]
-        }
-      }
-    },
-    "testlambdakinesisstreamsReplaceDefaultSecurityGroupsecuritygroupFB22266C": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "lamkin-newVpc/test-lambda-kinesisstreams/ReplaceDefaultSecurityGroup-security-group",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "Allow all outbound traffic by default",
-            "IpProtocol": "-1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      },
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W5",
-              "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
-            },
-            {
-              "id": "W40",
-              "reason": "Egress IPProtocol of -1 is default and generally considered OK"
-            }
-          ]
-        }
-      }
-    },
-    "testlambdakinesisstreamsLambdaFunction4348B6E4": {
-      "Type": "AWS::Lambda::Function",
-      "Properties": {
-        "Code": {
-          "S3Bucket": {
-            "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
-          },
-          "S3Key": "c7dc0cc1b24bda1d2a5345f61897eee32184906649fdb1de93853c512e129dbf.zip"
-        },
-        "Environment": {
-          "Variables": {
-            "KINESIS_DATASTREAM_NAME": {
-              "Ref": "testlambdakinesisstreamsKinesisStream11A82116"
-            }
-          }
-        },
-        "Handler": "index.handler",
-        "Role": {
-          "Fn::GetAtt": [
-            "testlambdakinesisstreamsLambdaFunctionServiceRole95206CF3",
-            "Arn"
-          ]
-        },
-        "Runtime": "nodejs18.x",
-        "TracingConfig": {
-          "Mode": "Active"
-        },
-        "VpcConfig": {
-          "SecurityGroupIds": [
-            {
-              "Fn::GetAtt": [
-                "testlambdakinesisstreamsReplaceDefaultSecurityGroupsecuritygroupFB22266C",
-                "GroupId"
-              ]
-            }
-          ],
-          "SubnetIds": [
-            {
-              "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
-            },
-            {
-              "Ref": "VpcisolatedSubnet2Subnet39217055"
-            },
-            {
-              "Ref": "VpcisolatedSubnet3Subnet44F2537D"
-            }
-          ]
-        }
-      },
-      "DependsOn": [
-        "testlambdakinesisstreamsLambdaFunctionServiceRoleDefaultPolicyED972043",
-        "testlambdakinesisstreamsLambdaFunctionServiceRole95206CF3",
-        "VpcisolatedSubnet1RouteTableAssociationD259E31A",
-        "VpcisolatedSubnet2RouteTableAssociation25A4716F",
-        "VpcisolatedSubnet3RouteTableAssociationDC010BEB"
-      ],
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W58",
-              "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
-            },
-            {
-              "id": "W89",
-              "reason": "This is not a rule for the general case, just for specific use cases/industries"
-            },
-            {
-              "id": "W92",
-              "reason": "Impossible for us to define the correct concurrency for clients"
-            }
-          ]
-        }
-      }
-    },
-    "testlambdakinesisstreamsKinesisStream11A82116": {
-      "Type": "AWS::Kinesis::Stream",
-      "Properties": {
-        "RetentionPeriodHours": 24,
-        "ShardCount": 1,
-        "StreamEncryption": {
-          "EncryptionType": "KMS",
-          "KeyId": "alias/aws/kinesis"
-        }
-      }
-    },
-    "testlambdakinesisstreamsKinesisStreamGetRecordsIteratorAgeAlarmC4A0FF00": {
-      "Type": "AWS::CloudWatch::Alarm",
-      "Properties": {
-        "AlarmDescription": "Consumer Record Processing Falling Behind, there is risk for data loss due to record expiration.",
-        "ComparisonOperator": "GreaterThanOrEqualToThreshold",
-        "EvaluationPeriods": 1,
-        "MetricName": "GetRecords.IteratorAgeMilliseconds",
-        "Namespace": "AWS/Kinesis",
-        "Period": 300,
-        "Statistic": "Maximum",
-        "Threshold": 43200000
-      }
-    },
-    "testlambdakinesisstreamsKinesisStreamReadProvisionedThroughputExceededAlarm9732E188": {
-      "Type": "AWS::CloudWatch::Alarm",
-      "Properties": {
-        "AlarmDescription": "Consumer Application is Reading at a Slower Rate Than Expected.",
-        "ComparisonOperator": "GreaterThanThreshold",
-        "EvaluationPeriods": 1,
-        "MetricName": "ReadProvisionedThroughputExceeded",
-        "Namespace": "AWS/Kinesis",
-        "Period": 300,
-        "Statistic": "Average",
-        "Threshold": 0
-      }
-    },
-    "Vpc8378EB38": {
-      "Type": "AWS::EC2::VPC",
-      "Properties": {
-        "CidrBlock": "10.0.0.0/16",
-        "EnableDnsHostnames": true,
-        "EnableDnsSupport": true,
-        "InstanceTenancy": "default",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc"
-          }
-        ]
-      }
-    },
-    "VpcisolatedSubnet1SubnetE62B1B9B": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1a",
-        "CidrBlock": "10.0.0.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet1RouteTableE442650B": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet1"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet1RouteTableE442650B"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
-        }
-      }
-    },
-    "VpcisolatedSubnet2Subnet39217055": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1b",
-        "CidrBlock": "10.0.64.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet2"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet2RouteTable334F9764": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet2"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet2RouteTable334F9764"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet2Subnet39217055"
-        }
-      }
-    },
-    "VpcisolatedSubnet3Subnet44F2537D": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "test-region-1c",
-        "CidrBlock": "10.0.128.0/18",
-        "MapPublicIpOnLaunch": false,
-        "Tags": [
-          {
-            "Key": "aws-cdk:subnet-name",
-            "Value": "isolated"
-          },
-          {
-            "Key": "aws-cdk:subnet-type",
-            "Value": "Isolated"
-          },
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet3"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet3RouteTableA2F6BBC0": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/isolatedSubnet3"
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
-        },
-        "SubnetId": {
-          "Ref": "VpcisolatedSubnet3Subnet44F2537D"
-        }
-      }
-    },
-    "VpcFlowLogIAMRole6A475D41": {
-      "Type": "AWS::IAM::Role",
-      "Properties": {
-        "AssumeRolePolicyDocument": {
-          "Statement": [
-            {
-              "Action": "sts:AssumeRole",
-              "Effect": "Allow",
-              "Principal": {
-                "Service": "vpc-flow-logs.amazonaws.com"
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/FlowLog"
-          }
-        ]
-      }
-    },
-    "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
-      "Type": "AWS::IAM::Policy",
-      "Properties": {
-        "PolicyDocument": {
-          "Statement": [
-            {
-              "Action": [
-                "logs:CreateLogStream",
-                "logs:PutLogEvents",
-                "logs:DescribeLogStreams"
-              ],
-              "Effect": "Allow",
-              "Resource": {
-                "Fn::GetAtt": [
-                  "VpcFlowLogLogGroup7B5C56B9",
-                  "Arn"
-                ]
-              }
-            },
-            {
-              "Action": "iam:PassRole",
-              "Effect": "Allow",
-              "Resource": {
-                "Fn::GetAtt": [
-                  "VpcFlowLogIAMRole6A475D41",
-                  "Arn"
-                ]
-              }
-            }
-          ],
-          "Version": "2012-10-17"
-        },
-        "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
-        "Roles": [
-          {
-            "Ref": "VpcFlowLogIAMRole6A475D41"
-          }
-        ]
-      }
-    },
-    "VpcFlowLogLogGroup7B5C56B9": {
-      "Type": "AWS::Logs::LogGroup",
-      "Properties": {
-        "RetentionInDays": 731,
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/FlowLog"
-          }
-        ]
-      },
-      "UpdateReplacePolicy": "Retain",
-      "DeletionPolicy": "Retain",
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W84",
-              "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
-            }
-          ]
-        }
-      }
-    },
-    "VpcFlowLog8FF33A73": {
-      "Type": "AWS::EC2::FlowLog",
-      "Properties": {
-        "DeliverLogsPermissionArn": {
-          "Fn::GetAtt": [
-            "VpcFlowLogIAMRole6A475D41",
-            "Arn"
-          ]
-        },
-        "LogDestinationType": "cloud-watch-logs",
-        "LogGroupName": {
-          "Ref": "VpcFlowLogLogGroup7B5C56B9"
-        },
-        "ResourceId": {
-          "Ref": "Vpc8378EB38"
-        },
-        "ResourceType": "VPC",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "lamkin-newVpc/Vpc/FlowLog"
-          }
-        ],
-        "TrafficType": "ALL"
-      }
-    },
-    "VpcKINESISSTREAMSC07D91B5": {
-      "Type": "AWS::EC2::VPCEndpoint",
-      "Properties": {
-        "PrivateDnsEnabled": true,
-        "SecurityGroupIds": [
-          {
-            "Fn::GetAtt": [
-              "lamkinnewVpcKINESISSTREAMSsecuritygroup5C800E5E",
-              "GroupId"
-            ]
-          }
-        ],
-        "ServiceName": {
-          "Fn::Join": [
-            "",
-            [
-              "com.amazonaws.",
-              {
-                "Ref": "AWS::Region"
-              },
-              ".kinesis-streams"
-            ]
-          ]
-        },
-        "SubnetIds": [
-          {
-            "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
-          },
-          {
-            "Ref": "VpcisolatedSubnet2Subnet39217055"
-          },
-          {
-            "Ref": "VpcisolatedSubnet3Subnet44F2537D"
-          }
-        ],
-        "VpcEndpointType": "Interface",
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      }
-    },
-    "lamkinnewVpcKINESISSTREAMSsecuritygroup5C800E5E": {
-      "Type": "AWS::EC2::SecurityGroup",
-      "Properties": {
-        "GroupDescription": "lamkin-newVpc/lamkin-newVpc-KINESIS_STREAMS-security-group",
-        "SecurityGroupEgress": [
-          {
-            "CidrIp": "0.0.0.0/0",
-            "Description": "Allow all outbound traffic by default",
-            "IpProtocol": "-1"
-          }
-        ],
-        "SecurityGroupIngress": [
-          {
-            "CidrIp": {
-              "Fn::GetAtt": [
-                "Vpc8378EB38",
-                "CidrBlock"
-              ]
-            },
-            "Description": {
-              "Fn::Join": [
-                "",
-                [
-                  "from ",
-                  {
-                    "Fn::GetAtt": [
-                      "Vpc8378EB38",
-                      "CidrBlock"
-                    ]
-                  },
-                  ":443"
-                ]
-              ]
-            },
-            "FromPort": 443,
-            "IpProtocol": "tcp",
-            "ToPort": 443
-          }
-        ],
-        "VpcId": {
-          "Ref": "Vpc8378EB38"
-        }
-      },
-      "Metadata": {
-        "cfn_nag": {
-          "rules_to_suppress": [
-            {
-              "id": "W5",
-              "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
-            },
-            {
-              "id": "W40",
-              "reason": "Egress IPProtocol of -1 is default and generally considered OK"
-            }
-          ]
-        }
-      }
-    }
-  },
-  "Parameters": {
-    "BootstrapVersion": {
-      "Type": "AWS::SSM::Parameter::Value<String>",
-      "Default": "/cdk-bootstrap/hnb659fds/version",
-      "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
-    }
-  },
-  "Rules": {
-    "CheckBootstrapVersion": {
-      "Assertions": [
-        {
-          "Assert": {
-            "Fn::Not": [
-              {
-                "Fn::Contains": [
-                  [
-                    "1",
-                    "2",
-                    "3",
-                    "4",
-                    "5"
-                  ],
-                  {
-                    "Ref": "BootstrapVersion"
-                  }
-                ]
-              }
-            ]
-          },
-          "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
-        }
-      ]
-    }
-  }
-}