@aws-solutions-constructs/aws-lambda-secretsmanager 2.50.0 → 2.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +50 -5
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +12 -11
  6. package/test/integ.lamsec-deployFunction.js +5 -2
  7. package/test/integ.lamsec-deployFunction.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  8. package/test/integ.lamsec-deployFunction.js.snapshot/cdk.out +1 -0
  9. package/test/integ.lamsec-deployFunction.js.snapshot/integ.json +12 -0
  10. package/test/integ.lamsec-deployFunction.js.snapshot/lamsec-deployFunction.assets.json +32 -0
  11. package/test/integ.lamsec-deployFunction.js.snapshot/lamsec-deployFunction.template.json +208 -0
  12. package/test/integ.lamsec-deployFunction.js.snapshot/lamsecdeployFunctionIntegDefaultTestDeployAssert7322BEEA.assets.json +19 -0
  13. package/test/integ.lamsec-deployFunction.js.snapshot/lamsecdeployFunctionIntegDefaultTestDeployAssert7322BEEA.template.json +36 -0
  14. package/test/integ.lamsec-deployFunction.js.snapshot/manifest.json +131 -0
  15. package/test/integ.lamsec-deployFunction.js.snapshot/tree.json +342 -0
  16. package/test/integ.lamsec-deployFunctionWithExistingVpc.js +6 -2
  17. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  18. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  19. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  20. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/cdk.out +1 -0
  21. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/integ.json +12 -0
  22. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/lamsec-deployFunctionWithExistingVpc.assets.json +45 -0
  23. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/lamsec-deployFunctionWithExistingVpc.template.json +1019 -0
  24. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/lamsecdeployFunctionWithExistingVpcIntegDefaultTestDeployAssert647243A7.assets.json +19 -0
  25. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/lamsecdeployFunctionWithExistingVpcIntegDefaultTestDeployAssert647243A7.template.json +36 -0
  26. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/manifest.json +329 -0
  27. package/test/integ.lamsec-deployFunctionWithExistingVpc.js.snapshot/tree.json +1393 -0
  28. package/test/integ.lamsec-deployFunctionWithVpc.js +6 -2
  29. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  30. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  31. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  32. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/cdk.out +1 -0
  33. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/integ.json +12 -0
  34. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/lamsec-deployFunctionWithVpc.assets.json +45 -0
  35. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/lamsec-deployFunctionWithVpc.template.json +735 -0
  36. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/lamsecdeployFunctionWithVpcIntegDefaultTestDeployAssert66148FF5.assets.json +19 -0
  37. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/lamsecdeployFunctionWithVpcIntegDefaultTestDeployAssert66148FF5.template.json +36 -0
  38. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/manifest.json +233 -0
  39. package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/tree.json +981 -0
  40. package/test/integ.lamsec-existingFunction.js +5 -2
  41. package/test/integ.lamsec-existingFunction.js.snapshot/asset.0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8/index.js +8 -0
  42. package/test/integ.lamsec-existingFunction.js.snapshot/cdk.out +1 -0
  43. package/test/integ.lamsec-existingFunction.js.snapshot/integ.json +12 -0
  44. package/test/integ.lamsec-existingFunction.js.snapshot/lamsec-existingFunction.assets.json +32 -0
  45. package/test/integ.lamsec-existingFunction.js.snapshot/lamsec-existingFunction.template.json +208 -0
  46. package/test/integ.lamsec-existingFunction.js.snapshot/lamsecexistingFunctionIntegDefaultTestDeployAssert295B352B.assets.json +19 -0
  47. package/test/integ.lamsec-existingFunction.js.snapshot/lamsecexistingFunctionIntegDefaultTestDeployAssert295B352B.template.json +36 -0
  48. package/test/integ.lamsec-existingFunction.js.snapshot/manifest.json +131 -0
  49. package/test/integ.lamsec-existingFunction.js.snapshot/tree.json +342 -0
  50. package/test/integ.lamsec-deployFunction.expected.json +0 -208
  51. package/test/integ.lamsec-deployFunctionWithExistingVpc.expected.json +0 -1044
  52. package/test/integ.lamsec-deployFunctionWithVpc.expected.json +0 -650
  53. package/test/integ.lamsec-existingFunction.expected.json +0 -208
package/test/integ.lamsec-deployFunctionWithVpc.js.snapshot/tree.json ADDED
@@ -0,0 +1,981 @@
1
+ {
2
+ "version": "tree-0.1",
3
+ "tree": {
4
+ "id": "App",
5
+ "path": "",
6
+ "children": {
7
+ "lamsec-deployFunctionWithVpc": {
8
+ "id": "lamsec-deployFunctionWithVpc",
9
+ "path": "lamsec-deployFunctionWithVpc",
10
+ "children": {
11
+ "test-lambda-secretsmanager": {
12
+ "id": "test-lambda-secretsmanager",
13
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager",
14
+ "children": {
15
+ "LambdaFunctionServiceRole": {
16
+ "id": "LambdaFunctionServiceRole",
17
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunctionServiceRole",
18
+ "children": {
19
+ "ImportLambdaFunctionServiceRole": {
20
+ "id": "ImportLambdaFunctionServiceRole",
21
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunctionServiceRole/ImportLambdaFunctionServiceRole",
22
+ "constructInfo": {
23
+ "fqn": "aws-cdk-lib.Resource",
24
+ "version": "2.118.0"
25
+ }
26
+ },
27
+ "Resource": {
28
+ "id": "Resource",
29
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunctionServiceRole/Resource",
30
+ "attributes": {
31
+ "aws:cdk:cloudformation:type": "AWS::IAM::Role",
32
+ "aws:cdk:cloudformation:props": {
33
+ "assumeRolePolicyDocument": {
34
+ "Statement": [
35
+ {
36
+ "Action": "sts:AssumeRole",
37
+ "Effect": "Allow",
38
+ "Principal": {
39
+ "Service": "lambda.amazonaws.com"
40
+ }
41
+ }
42
+ ],
43
+ "Version": "2012-10-17"
44
+ },
45
+ "policies": [
46
+ {
47
+ "policyName": "LambdaFunctionServiceRolePolicy",
48
+ "policyDocument": {
49
+ "Statement": [
50
+ {
51
+ "Action": [
52
+ "logs:CreateLogGroup",
53
+ "logs:CreateLogStream",
54
+ "logs:PutLogEvents"
55
+ ],
56
+ "Effect": "Allow",
57
+ "Resource": {
58
+ "Fn::Join": [
59
+ "",
60
+ [
61
+ "arn:",
62
+ {
63
+ "Ref": "AWS::Partition"
64
+ },
65
+ ":logs:",
66
+ {
67
+ "Ref": "AWS::Region"
68
+ },
69
+ ":",
70
+ {
71
+ "Ref": "AWS::AccountId"
72
+ },
73
+ ":log-group:/aws/lambda/*"
74
+ ]
75
+ ]
76
+ }
77
+ }
78
+ ],
79
+ "Version": "2012-10-17"
80
+ }
81
+ }
82
+ ]
83
+ }
84
+ },
85
+ "constructInfo": {
86
+ "fqn": "aws-cdk-lib.aws_iam.CfnRole",
87
+ "version": "2.118.0"
88
+ }
89
+ },
90
+ "DefaultPolicy": {
91
+ "id": "DefaultPolicy",
92
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunctionServiceRole/DefaultPolicy",
93
+ "children": {
94
+ "Resource": {
95
+ "id": "Resource",
96
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunctionServiceRole/DefaultPolicy/Resource",
97
+ "attributes": {
98
+ "aws:cdk:cloudformation:type": "AWS::IAM::Policy",
99
+ "aws:cdk:cloudformation:props": {
100
+ "policyDocument": {
101
+ "Statement": [
102
+ {
103
+ "Action": [
104
+ "ec2:AssignPrivateIpAddresses",
105
+ "ec2:CreateNetworkInterface",
106
+ "ec2:DeleteNetworkInterface",
107
+ "ec2:DescribeNetworkInterfaces",
108
+ "ec2:UnassignPrivateIpAddresses",
109
+ "xray:PutTelemetryRecords",
110
+ "xray:PutTraceSegments"
111
+ ],
112
+ "Effect": "Allow",
113
+ "Resource": "*"
114
+ },
115
+ {
116
+ "Action": [
117
+ "secretsmanager:DescribeSecret",
118
+ "secretsmanager:GetSecretValue"
119
+ ],
120
+ "Effect": "Allow",
121
+ "Resource": {
122
+ "Ref": "testlambdasecretsmanagersecret4C99E6BF"
123
+ }
124
+ }
125
+ ],
126
+ "Version": "2012-10-17"
127
+ },
128
+ "policyName": "testlambdasecretsmanagerLambdaFunctionServiceRoleDefaultPolicyF24BF460",
129
+ "roles": [
130
+ {
131
+ "Ref": "testlambdasecretsmanagerLambdaFunctionServiceRole92CE007F"
132
+ }
133
+ ]
134
+ }
135
+ },
136
+ "constructInfo": {
137
+ "fqn": "aws-cdk-lib.aws_iam.CfnPolicy",
138
+ "version": "2.118.0"
139
+ }
140
+ }
141
+ },
142
+ "constructInfo": {
143
+ "fqn": "aws-cdk-lib.aws_iam.Policy",
144
+ "version": "2.118.0"
145
+ }
146
+ }
147
+ },
148
+ "constructInfo": {
149
+ "fqn": "aws-cdk-lib.aws_iam.Role",
150
+ "version": "2.118.0"
151
+ }
152
+ },
153
+ "ReplaceDefaultSecurityGroup-security-group": {
154
+ "id": "ReplaceDefaultSecurityGroup-security-group",
155
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/ReplaceDefaultSecurityGroup-security-group",
156
+ "children": {
157
+ "Resource": {
158
+ "id": "Resource",
159
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/ReplaceDefaultSecurityGroup-security-group/Resource",
160
+ "attributes": {
161
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup",
162
+ "aws:cdk:cloudformation:props": {
163
+ "groupDescription": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/ReplaceDefaultSecurityGroup-security-group",
164
+ "securityGroupEgress": [
165
+ {
166
+ "cidrIp": "0.0.0.0/0",
167
+ "description": "Allow all outbound traffic by default",
168
+ "ipProtocol": "-1"
169
+ }
170
+ ],
171
+ "vpcId": {
172
+ "Ref": "Vpc8378EB38"
173
+ }
174
+ }
175
+ },
176
+ "constructInfo": {
177
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup",
178
+ "version": "2.118.0"
179
+ }
180
+ }
181
+ },
182
+ "constructInfo": {
183
+ "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup",
184
+ "version": "2.118.0"
185
+ }
186
+ },
187
+ "LambdaFunction": {
188
+ "id": "LambdaFunction",
189
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunction",
190
+ "children": {
191
+ "Code": {
192
+ "id": "Code",
193
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunction/Code",
194
+ "children": {
195
+ "Stage": {
196
+ "id": "Stage",
197
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunction/Code/Stage",
198
+ "constructInfo": {
199
+ "fqn": "aws-cdk-lib.AssetStaging",
200
+ "version": "2.118.0"
201
+ }
202
+ },
203
+ "AssetBucket": {
204
+ "id": "AssetBucket",
205
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunction/Code/AssetBucket",
206
+ "constructInfo": {
207
+ "fqn": "aws-cdk-lib.aws_s3.BucketBase",
208
+ "version": "2.118.0"
209
+ }
210
+ }
211
+ },
212
+ "constructInfo": {
213
+ "fqn": "aws-cdk-lib.aws_s3_assets.Asset",
214
+ "version": "2.118.0"
215
+ }
216
+ },
217
+ "Resource": {
218
+ "id": "Resource",
219
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/LambdaFunction/Resource",
220
+ "attributes": {
221
+ "aws:cdk:cloudformation:type": "AWS::Lambda::Function",
222
+ "aws:cdk:cloudformation:props": {
223
+ "code": {
224
+ "s3Bucket": {
225
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
226
+ },
227
+ "s3Key": "0c3255e93ffe7a906c7422e9f0e9cc4c7fd86ee996ee3bb302e2f134b38463c8.zip"
228
+ },
229
+ "environment": {
230
+ "variables": {
231
+ "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
232
+ "SECRET_ARN": {
233
+ "Ref": "testlambdasecretsmanagersecret4C99E6BF"
234
+ }
235
+ }
236
+ },
237
+ "handler": "index.handler",
238
+ "role": {
239
+ "Fn::GetAtt": [
240
+ "testlambdasecretsmanagerLambdaFunctionServiceRole92CE007F",
241
+ "Arn"
242
+ ]
243
+ },
244
+ "runtime": "nodejs16.x",
245
+ "tracingConfig": {
246
+ "mode": "Active"
247
+ },
248
+ "vpcConfig": {
249
+ "subnetIds": [
250
+ {
251
+ "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
252
+ },
253
+ {
254
+ "Ref": "VpcisolatedSubnet2Subnet39217055"
255
+ }
256
+ ],
257
+ "securityGroupIds": [
258
+ {
259
+ "Fn::GetAtt": [
260
+ "testlambdasecretsmanagerReplaceDefaultSecurityGroupsecuritygroupF837FD37",
261
+ "GroupId"
262
+ ]
263
+ }
264
+ ]
265
+ }
266
+ }
267
+ },
268
+ "constructInfo": {
269
+ "fqn": "aws-cdk-lib.aws_lambda.CfnFunction",
270
+ "version": "2.118.0"
271
+ }
272
+ }
273
+ },
274
+ "constructInfo": {
275
+ "fqn": "aws-cdk-lib.aws_lambda.Function",
276
+ "version": "2.118.0"
277
+ }
278
+ },
279
+ "secret": {
280
+ "id": "secret",
281
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/secret",
282
+ "children": {
283
+ "Resource": {
284
+ "id": "Resource",
285
+ "path": "lamsec-deployFunctionWithVpc/test-lambda-secretsmanager/secret/Resource",
286
+ "attributes": {
287
+ "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret",
288
+ "aws:cdk:cloudformation:props": {
289
+ "generateSecretString": {}
290
+ }
291
+ },
292
+ "constructInfo": {
293
+ "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret",
294
+ "version": "2.118.0"
295
+ }
296
+ }
297
+ },
298
+ "constructInfo": {
299
+ "fqn": "aws-cdk-lib.aws_secretsmanager.Secret",
300
+ "version": "2.118.0"
301
+ }
302
+ }
303
+ },
304
+ "constructInfo": {
305
+ "fqn": "@aws-solutions-constructs/aws-lambda-secretsmanager.LambdaToSecretsmanager",
306
+ "version": "2.51.0"
307
+ }
308
+ },
309
+ "Vpc": {
310
+ "id": "Vpc",
311
+ "path": "lamsec-deployFunctionWithVpc/Vpc",
312
+ "children": {
313
+ "Resource": {
314
+ "id": "Resource",
315
+ "path": "lamsec-deployFunctionWithVpc/Vpc/Resource",
316
+ "attributes": {
317
+ "aws:cdk:cloudformation:type": "AWS::EC2::VPC",
318
+ "aws:cdk:cloudformation:props": {
319
+ "cidrBlock": "10.0.0.0/16",
320
+ "enableDnsHostnames": true,
321
+ "enableDnsSupport": true,
322
+ "instanceTenancy": "default",
323
+ "tags": [
324
+ {
325
+ "key": "Name",
326
+ "value": "lamsec-deployFunctionWithVpc/Vpc"
327
+ }
328
+ ]
329
+ }
330
+ },
331
+ "constructInfo": {
332
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPC",
333
+ "version": "2.118.0"
334
+ }
335
+ },
336
+ "isolatedSubnet1": {
337
+ "id": "isolatedSubnet1",
338
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1",
339
+ "children": {
340
+ "Subnet": {
341
+ "id": "Subnet",
342
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1/Subnet",
343
+ "attributes": {
344
+ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
345
+ "aws:cdk:cloudformation:props": {
346
+ "availabilityZone": {
347
+ "Fn::Select": [
348
+ 0,
349
+ {
350
+ "Fn::GetAZs": ""
351
+ }
352
+ ]
353
+ },
354
+ "cidrBlock": "10.0.0.0/18",
355
+ "mapPublicIpOnLaunch": false,
356
+ "tags": [
357
+ {
358
+ "key": "aws-cdk:subnet-name",
359
+ "value": "isolated"
360
+ },
361
+ {
362
+ "key": "aws-cdk:subnet-type",
363
+ "value": "Isolated"
364
+ },
365
+ {
366
+ "key": "Name",
367
+ "value": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1"
368
+ }
369
+ ],
370
+ "vpcId": {
371
+ "Ref": "Vpc8378EB38"
372
+ }
373
+ }
374
+ },
375
+ "constructInfo": {
376
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
377
+ "version": "2.118.0"
378
+ }
379
+ },
380
+ "Acl": {
381
+ "id": "Acl",
382
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1/Acl",
383
+ "constructInfo": {
384
+ "fqn": "aws-cdk-lib.Resource",
385
+ "version": "2.118.0"
386
+ }
387
+ },
388
+ "RouteTable": {
389
+ "id": "RouteTable",
390
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1/RouteTable",
391
+ "attributes": {
392
+ "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
393
+ "aws:cdk:cloudformation:props": {
394
+ "tags": [
395
+ {
396
+ "key": "Name",
397
+ "value": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1"
398
+ }
399
+ ],
400
+ "vpcId": {
401
+ "Ref": "Vpc8378EB38"
402
+ }
403
+ }
404
+ },
405
+ "constructInfo": {
406
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
407
+ "version": "2.118.0"
408
+ }
409
+ },
410
+ "RouteTableAssociation": {
411
+ "id": "RouteTableAssociation",
412
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet1/RouteTableAssociation",
413
+ "attributes": {
414
+ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation",
415
+ "aws:cdk:cloudformation:props": {
416
+ "routeTableId": {
417
+ "Ref": "VpcisolatedSubnet1RouteTableE442650B"
418
+ },
419
+ "subnetId": {
420
+ "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
421
+ }
422
+ }
423
+ },
424
+ "constructInfo": {
425
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
426
+ "version": "2.118.0"
427
+ }
428
+ }
429
+ },
430
+ "constructInfo": {
431
+ "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet",
432
+ "version": "2.118.0"
433
+ }
434
+ },
435
+ "isolatedSubnet2": {
436
+ "id": "isolatedSubnet2",
437
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2",
438
+ "children": {
439
+ "Subnet": {
440
+ "id": "Subnet",
441
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2/Subnet",
442
+ "attributes": {
443
+ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
444
+ "aws:cdk:cloudformation:props": {
445
+ "availabilityZone": {
446
+ "Fn::Select": [
447
+ 1,
448
+ {
449
+ "Fn::GetAZs": ""
450
+ }
451
+ ]
452
+ },
453
+ "cidrBlock": "10.0.64.0/18",
454
+ "mapPublicIpOnLaunch": false,
455
+ "tags": [
456
+ {
457
+ "key": "aws-cdk:subnet-name",
458
+ "value": "isolated"
459
+ },
460
+ {
461
+ "key": "aws-cdk:subnet-type",
462
+ "value": "Isolated"
463
+ },
464
+ {
465
+ "key": "Name",
466
+ "value": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2"
467
+ }
468
+ ],
469
+ "vpcId": {
470
+ "Ref": "Vpc8378EB38"
471
+ }
472
+ }
473
+ },
474
+ "constructInfo": {
475
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
476
+ "version": "2.118.0"
477
+ }
478
+ },
479
+ "Acl": {
480
+ "id": "Acl",
481
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2/Acl",
482
+ "constructInfo": {
483
+ "fqn": "aws-cdk-lib.Resource",
484
+ "version": "2.118.0"
485
+ }
486
+ },
487
+ "RouteTable": {
488
+ "id": "RouteTable",
489
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2/RouteTable",
490
+ "attributes": {
491
+ "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
492
+ "aws:cdk:cloudformation:props": {
493
+ "tags": [
494
+ {
495
+ "key": "Name",
496
+ "value": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2"
497
+ }
498
+ ],
499
+ "vpcId": {
500
+ "Ref": "Vpc8378EB38"
501
+ }
502
+ }
503
+ },
504
+ "constructInfo": {
505
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
506
+ "version": "2.118.0"
507
+ }
508
+ },
509
+ "RouteTableAssociation": {
510
+ "id": "RouteTableAssociation",
511
+ "path": "lamsec-deployFunctionWithVpc/Vpc/isolatedSubnet2/RouteTableAssociation",
512
+ "attributes": {
513
+ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation",
514
+ "aws:cdk:cloudformation:props": {
515
+ "routeTableId": {
516
+ "Ref": "VpcisolatedSubnet2RouteTable334F9764"
517
+ },
518
+ "subnetId": {
519
+ "Ref": "VpcisolatedSubnet2Subnet39217055"
520
+ }
521
+ }
522
+ },
523
+ "constructInfo": {
524
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
525
+ "version": "2.118.0"
526
+ }
527
+ }
528
+ },
529
+ "constructInfo": {
530
+ "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet",
531
+ "version": "2.118.0"
532
+ }
533
+ },
534
+ "RestrictDefaultSecurityGroupCustomResource": {
535
+ "id": "RestrictDefaultSecurityGroupCustomResource",
536
+ "path": "lamsec-deployFunctionWithVpc/Vpc/RestrictDefaultSecurityGroupCustomResource",
537
+ "children": {
538
+ "Default": {
539
+ "id": "Default",
540
+ "path": "lamsec-deployFunctionWithVpc/Vpc/RestrictDefaultSecurityGroupCustomResource/Default",
541
+ "constructInfo": {
542
+ "fqn": "aws-cdk-lib.CfnResource",
543
+ "version": "2.118.0"
544
+ }
545
+ }
546
+ },
547
+ "constructInfo": {
548
+ "fqn": "aws-cdk-lib.CustomResource",
549
+ "version": "2.118.0"
550
+ }
551
+ },
552
+ "FlowLog": {
553
+ "id": "FlowLog",
554
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog",
555
+ "children": {
556
+ "IAMRole": {
557
+ "id": "IAMRole",
558
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/IAMRole",
559
+ "children": {
560
+ "ImportIAMRole": {
561
+ "id": "ImportIAMRole",
562
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/IAMRole/ImportIAMRole",
563
+ "constructInfo": {
564
+ "fqn": "aws-cdk-lib.Resource",
565
+ "version": "2.118.0"
566
+ }
567
+ },
568
+ "Resource": {
569
+ "id": "Resource",
570
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/IAMRole/Resource",
571
+ "attributes": {
572
+ "aws:cdk:cloudformation:type": "AWS::IAM::Role",
573
+ "aws:cdk:cloudformation:props": {
574
+ "assumeRolePolicyDocument": {
575
+ "Statement": [
576
+ {
577
+ "Action": "sts:AssumeRole",
578
+ "Effect": "Allow",
579
+ "Principal": {
580
+ "Service": "vpc-flow-logs.amazonaws.com"
581
+ }
582
+ }
583
+ ],
584
+ "Version": "2012-10-17"
585
+ },
586
+ "tags": [
587
+ {
588
+ "key": "Name",
589
+ "value": "lamsec-deployFunctionWithVpc/Vpc/FlowLog"
590
+ }
591
+ ]
592
+ }
593
+ },
594
+ "constructInfo": {
595
+ "fqn": "aws-cdk-lib.aws_iam.CfnRole",
596
+ "version": "2.118.0"
597
+ }
598
+ },
599
+ "DefaultPolicy": {
600
+ "id": "DefaultPolicy",
601
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/IAMRole/DefaultPolicy",
602
+ "children": {
603
+ "Resource": {
604
+ "id": "Resource",
605
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/IAMRole/DefaultPolicy/Resource",
606
+ "attributes": {
607
+ "aws:cdk:cloudformation:type": "AWS::IAM::Policy",
608
+ "aws:cdk:cloudformation:props": {
609
+ "policyDocument": {
610
+ "Statement": [
611
+ {
612
+ "Action": [
613
+ "logs:CreateLogStream",
614
+ "logs:DescribeLogStreams",
615
+ "logs:PutLogEvents"
616
+ ],
617
+ "Effect": "Allow",
618
+ "Resource": {
619
+ "Fn::GetAtt": [
620
+ "VpcFlowLogLogGroup7B5C56B9",
621
+ "Arn"
622
+ ]
623
+ }
624
+ },
625
+ {
626
+ "Action": "iam:PassRole",
627
+ "Effect": "Allow",
628
+ "Resource": {
629
+ "Fn::GetAtt": [
630
+ "VpcFlowLogIAMRole6A475D41",
631
+ "Arn"
632
+ ]
633
+ }
634
+ }
635
+ ],
636
+ "Version": "2012-10-17"
637
+ },
638
+ "policyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
639
+ "roles": [
640
+ {
641
+ "Ref": "VpcFlowLogIAMRole6A475D41"
642
+ }
643
+ ]
644
+ }
645
+ },
646
+ "constructInfo": {
647
+ "fqn": "aws-cdk-lib.aws_iam.CfnPolicy",
648
+ "version": "2.118.0"
649
+ }
650
+ }
651
+ },
652
+ "constructInfo": {
653
+ "fqn": "aws-cdk-lib.aws_iam.Policy",
654
+ "version": "2.118.0"
655
+ }
656
+ }
657
+ },
658
+ "constructInfo": {
659
+ "fqn": "aws-cdk-lib.aws_iam.Role",
660
+ "version": "2.118.0"
661
+ }
662
+ },
663
+ "LogGroup": {
664
+ "id": "LogGroup",
665
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/LogGroup",
666
+ "children": {
667
+ "Resource": {
668
+ "id": "Resource",
669
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/LogGroup/Resource",
670
+ "attributes": {
671
+ "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup",
672
+ "aws:cdk:cloudformation:props": {
673
+ "retentionInDays": 731,
674
+ "tags": [
675
+ {
676
+ "key": "Name",
677
+ "value": "lamsec-deployFunctionWithVpc/Vpc/FlowLog"
678
+ }
679
+ ]
680
+ }
681
+ },
682
+ "constructInfo": {
683
+ "fqn": "aws-cdk-lib.aws_logs.CfnLogGroup",
684
+ "version": "2.118.0"
685
+ }
686
+ }
687
+ },
688
+ "constructInfo": {
689
+ "fqn": "aws-cdk-lib.aws_logs.LogGroup",
690
+ "version": "2.118.0"
691
+ }
692
+ },
693
+ "FlowLog": {
694
+ "id": "FlowLog",
695
+ "path": "lamsec-deployFunctionWithVpc/Vpc/FlowLog/FlowLog",
696
+ "attributes": {
697
+ "aws:cdk:cloudformation:type": "AWS::EC2::FlowLog",
698
+ "aws:cdk:cloudformation:props": {
699
+ "deliverLogsPermissionArn": {
700
+ "Fn::GetAtt": [
701
+ "VpcFlowLogIAMRole6A475D41",
702
+ "Arn"
703
+ ]
704
+ },
705
+ "logDestinationType": "cloud-watch-logs",
706
+ "logGroupName": {
707
+ "Ref": "VpcFlowLogLogGroup7B5C56B9"
708
+ },
709
+ "resourceId": {
710
+ "Ref": "Vpc8378EB38"
711
+ },
712
+ "resourceType": "VPC",
713
+ "tags": [
714
+ {
715
+ "key": "Name",
716
+ "value": "lamsec-deployFunctionWithVpc/Vpc/FlowLog"
717
+ }
718
+ ],
719
+ "trafficType": "ALL"
720
+ }
721
+ },
722
+ "constructInfo": {
723
+ "fqn": "aws-cdk-lib.aws_ec2.CfnFlowLog",
724
+ "version": "2.118.0"
725
+ }
726
+ }
727
+ },
728
+ "constructInfo": {
729
+ "fqn": "aws-cdk-lib.aws_ec2.FlowLog",
730
+ "version": "2.118.0"
731
+ }
732
+ },
733
+ "SECRETS_MANAGER": {
734
+ "id": "SECRETS_MANAGER",
735
+ "path": "lamsec-deployFunctionWithVpc/Vpc/SECRETS_MANAGER",
736
+ "children": {
737
+ "Resource": {
738
+ "id": "Resource",
739
+ "path": "lamsec-deployFunctionWithVpc/Vpc/SECRETS_MANAGER/Resource",
740
+ "attributes": {
741
+ "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint",
742
+ "aws:cdk:cloudformation:props": {
743
+ "privateDnsEnabled": true,
744
+ "securityGroupIds": [
745
+ {
746
+ "Fn::GetAtt": [
747
+ "lamsecdeployFunctionWithVpcSECRETSMANAGERsecuritygroup98862008",
748
+ "GroupId"
749
+ ]
750
+ }
751
+ ],
752
+ "serviceName": {
753
+ "Fn::Join": [
754
+ "",
755
+ [
756
+ "com.amazonaws.",
757
+ {
758
+ "Ref": "AWS::Region"
759
+ },
760
+ ".secretsmanager"
761
+ ]
762
+ ]
763
+ },
764
+ "subnetIds": [
765
+ {
766
+ "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
767
+ },
768
+ {
769
+ "Ref": "VpcisolatedSubnet2Subnet39217055"
770
+ }
771
+ ],
772
+ "vpcEndpointType": "Interface",
773
+ "vpcId": {
774
+ "Ref": "Vpc8378EB38"
775
+ }
776
+ }
777
+ },
778
+ "constructInfo": {
779
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint",
780
+ "version": "2.118.0"
781
+ }
782
+ }
783
+ },
784
+ "constructInfo": {
785
+ "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint",
786
+ "version": "2.118.0"
787
+ }
788
+ }
789
+ },
790
+ "constructInfo": {
791
+ "fqn": "aws-cdk-lib.aws_ec2.Vpc",
792
+ "version": "2.118.0"
793
+ }
794
+ },
795
+ "Custom::VpcRestrictDefaultSGCustomResourceProvider": {
796
+ "id": "Custom::VpcRestrictDefaultSGCustomResourceProvider",
797
+ "path": "lamsec-deployFunctionWithVpc/Custom::VpcRestrictDefaultSGCustomResourceProvider",
798
+ "children": {
799
+ "Staging": {
800
+ "id": "Staging",
801
+ "path": "lamsec-deployFunctionWithVpc/Custom::VpcRestrictDefaultSGCustomResourceProvider/Staging",
802
+ "constructInfo": {
803
+ "fqn": "aws-cdk-lib.AssetStaging",
804
+ "version": "2.118.0"
805
+ }
806
+ },
807
+ "Role": {
808
+ "id": "Role",
809
+ "path": "lamsec-deployFunctionWithVpc/Custom::VpcRestrictDefaultSGCustomResourceProvider/Role",
810
+ "constructInfo": {
811
+ "fqn": "aws-cdk-lib.CfnResource",
812
+ "version": "2.118.0"
813
+ }
814
+ },
815
+ "Handler": {
816
+ "id": "Handler",
817
+ "path": "lamsec-deployFunctionWithVpc/Custom::VpcRestrictDefaultSGCustomResourceProvider/Handler",
818
+ "constructInfo": {
819
+ "fqn": "aws-cdk-lib.CfnResource",
820
+ "version": "2.118.0"
821
+ }
822
+ }
823
+ },
824
+ "constructInfo": {
825
+ "fqn": "aws-cdk-lib.CustomResourceProviderBase",
826
+ "version": "2.118.0"
827
+ }
828
+ },
829
+ "lamsec-deployFunctionWithVpc-SECRETS_MANAGER-security-group": {
830
+ "id": "lamsec-deployFunctionWithVpc-SECRETS_MANAGER-security-group",
831
+ "path": "lamsec-deployFunctionWithVpc/lamsec-deployFunctionWithVpc-SECRETS_MANAGER-security-group",
832
+ "children": {
833
+ "Resource": {
834
+ "id": "Resource",
835
+ "path": "lamsec-deployFunctionWithVpc/lamsec-deployFunctionWithVpc-SECRETS_MANAGER-security-group/Resource",
836
+ "attributes": {
837
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup",
838
+ "aws:cdk:cloudformation:props": {
839
+ "groupDescription": "lamsec-deployFunctionWithVpc/lamsec-deployFunctionWithVpc-SECRETS_MANAGER-security-group",
840
+ "securityGroupEgress": [
841
+ {
842
+ "cidrIp": "0.0.0.0/0",
843
+ "description": "Allow all outbound traffic by default",
844
+ "ipProtocol": "-1"
845
+ }
846
+ ],
847
+ "securityGroupIngress": [
848
+ {
849
+ "cidrIp": {
850
+ "Fn::GetAtt": [
851
+ "Vpc8378EB38",
852
+ "CidrBlock"
853
+ ]
854
+ },
855
+ "ipProtocol": "tcp",
856
+ "fromPort": 443,
857
+ "toPort": 443,
858
+ "description": {
859
+ "Fn::Join": [
860
+ "",
861
+ [
862
+ "from ",
863
+ {
864
+ "Fn::GetAtt": [
865
+ "Vpc8378EB38",
866
+ "CidrBlock"
867
+ ]
868
+ },
869
+ ":443"
870
+ ]
871
+ ]
872
+ }
873
+ }
874
+ ],
875
+ "vpcId": {
876
+ "Ref": "Vpc8378EB38"
877
+ }
878
+ }
879
+ },
880
+ "constructInfo": {
881
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup",
882
+ "version": "2.118.0"
883
+ }
884
+ }
885
+ },
886
+ "constructInfo": {
887
+ "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup",
888
+ "version": "2.118.0"
889
+ }
890
+ },
891
+ "Integ": {
892
+ "id": "Integ",
893
+ "path": "lamsec-deployFunctionWithVpc/Integ",
894
+ "children": {
895
+ "DefaultTest": {
896
+ "id": "DefaultTest",
897
+ "path": "lamsec-deployFunctionWithVpc/Integ/DefaultTest",
898
+ "children": {
899
+ "Default": {
900
+ "id": "Default",
901
+ "path": "lamsec-deployFunctionWithVpc/Integ/DefaultTest/Default",
902
+ "constructInfo": {
903
+ "fqn": "constructs.Construct",
904
+ "version": "10.3.0"
905
+ }
906
+ },
907
+ "DeployAssert": {
908
+ "id": "DeployAssert",
909
+ "path": "lamsec-deployFunctionWithVpc/Integ/DefaultTest/DeployAssert",
910
+ "children": {
911
+ "BootstrapVersion": {
912
+ "id": "BootstrapVersion",
913
+ "path": "lamsec-deployFunctionWithVpc/Integ/DefaultTest/DeployAssert/BootstrapVersion",
914
+ "constructInfo": {
915
+ "fqn": "aws-cdk-lib.CfnParameter",
916
+ "version": "2.118.0"
917
+ }
918
+ },
919
+ "CheckBootstrapVersion": {
920
+ "id": "CheckBootstrapVersion",
921
+ "path": "lamsec-deployFunctionWithVpc/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion",
922
+ "constructInfo": {
923
+ "fqn": "aws-cdk-lib.CfnRule",
924
+ "version": "2.118.0"
925
+ }
926
+ }
927
+ },
928
+ "constructInfo": {
929
+ "fqn": "aws-cdk-lib.Stack",
930
+ "version": "2.118.0"
931
+ }
932
+ }
933
+ },
934
+ "constructInfo": {
935
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase",
936
+ "version": "2.118.0-alpha.0"
937
+ }
938
+ }
939
+ },
940
+ "constructInfo": {
941
+ "fqn": "@aws-cdk/integ-tests-alpha.IntegTest",
942
+ "version": "2.118.0-alpha.0"
943
+ }
944
+ },
945
+ "BootstrapVersion": {
946
+ "id": "BootstrapVersion",
947
+ "path": "lamsec-deployFunctionWithVpc/BootstrapVersion",
948
+ "constructInfo": {
949
+ "fqn": "aws-cdk-lib.CfnParameter",
950
+ "version": "2.118.0"
951
+ }
952
+ },
953
+ "CheckBootstrapVersion": {
954
+ "id": "CheckBootstrapVersion",
955
+ "path": "lamsec-deployFunctionWithVpc/CheckBootstrapVersion",
956
+ "constructInfo": {
957
+ "fqn": "aws-cdk-lib.CfnRule",
958
+ "version": "2.118.0"
959
+ }
960
+ }
961
+ },
962
+ "constructInfo": {
963
+ "fqn": "aws-cdk-lib.Stack",
964
+ "version": "2.118.0"
965
+ }
966
+ },
967
+ "Tree": {
968
+ "id": "Tree",
969
+ "path": "Tree",
970
+ "constructInfo": {
971
+ "fqn": "constructs.Construct",
972
+ "version": "10.3.0"
973
+ }
974
+ }
975
+ },
976
+ "constructInfo": {
977
+ "fqn": "aws-cdk-lib.App",
978
+ "version": "2.118.0"
979
+ }
980
+ }
981
+ }