@aws-solutions-constructs/aws-lambda-sns 2.51.0 → 2.52.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/.eslintignore +2 -0
  2. package/.jsii +49 -4
  3. package/integ.config.json +7 -0
  4. package/lib/index.js +1 -1
  5. package/package.json +9 -8
  6. package/test/integ.lamsns-deployFunction.js +5 -2
  7. package/test/integ.lamsns-deployFunction.js.snapshot/asset.0904d3723480fed2daf7885caa427b930881caae6879d1e6b0d395020173ef6f/index.js +21 -0
  8. package/test/integ.lamsns-deployFunction.js.snapshot/cdk.out +1 -0
  9. package/test/integ.lamsns-deployFunction.js.snapshot/integ.json +12 -0
  10. package/test/integ.lamsns-deployFunction.js.snapshot/lamsns-deployFunction.assets.json +32 -0
  11. package/test/integ.lamsns-deployFunction.js.snapshot/lamsns-deployFunction.template.json +302 -0
  12. package/test/integ.lamsns-deployFunction.js.snapshot/lamsnsdeployFunctionIntegDefaultTestDeployAssert36FE5D09.assets.json +19 -0
  13. package/test/integ.lamsns-deployFunction.js.snapshot/lamsnsdeployFunctionIntegDefaultTestDeployAssert36FE5D09.template.json +36 -0
  14. package/test/integ.lamsns-deployFunction.js.snapshot/manifest.json +137 -0
  15. package/test/integ.lamsns-deployFunction.js.snapshot/tree.json +474 -0
  16. package/test/integ.lamsns-deployFunctionWithVpc.js +6 -2
  17. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/asset.0904d3723480fed2daf7885caa427b930881caae6879d1e6b0d395020173ef6f/index.js +21 -0
  18. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/__entrypoint__.js +1 -0
  19. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/asset.dd5711540f04e06aa955d7f4862fc04e8cdea464cb590dae91ed2976bb78098e/index.js +1 -0
  20. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/cdk.out +1 -0
  21. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/integ.json +12 -0
  22. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/lamsns-deployFunctionWithVpc.assets.json +45 -0
  23. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/lamsns-deployFunctionWithVpc.template.json +829 -0
  24. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/lamsnsdeployFunctionWithVpcIntegDefaultTestDeployAssertEDF33408.assets.json +19 -0
  25. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/lamsnsdeployFunctionWithVpcIntegDefaultTestDeployAssertEDF33408.template.json +36 -0
  26. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/manifest.json +239 -0
  27. package/test/integ.lamsns-deployFunctionWithVpc.js.snapshot/tree.json +1113 -0
  28. package/test/integ.lamsns-existingFunction.js +5 -2
  29. package/test/integ.lamsns-existingFunction.js.snapshot/asset.0904d3723480fed2daf7885caa427b930881caae6879d1e6b0d395020173ef6f/index.js +21 -0
  30. package/test/integ.lamsns-existingFunction.js.snapshot/cdk.out +1 -0
  31. package/test/integ.lamsns-existingFunction.js.snapshot/integ.json +12 -0
  32. package/test/integ.lamsns-existingFunction.js.snapshot/lamsns-existingFunction.assets.json +32 -0
  33. package/test/integ.lamsns-existingFunction.js.snapshot/lamsns-existingFunction.template.json +302 -0
  34. package/test/integ.lamsns-existingFunction.js.snapshot/lamsnsexistingFunctionIntegDefaultTestDeployAssert733AE3CB.assets.json +19 -0
  35. package/test/integ.lamsns-existingFunction.js.snapshot/lamsnsexistingFunctionIntegDefaultTestDeployAssert733AE3CB.template.json +36 -0
  36. package/test/integ.lamsns-existingFunction.js.snapshot/manifest.json +137 -0
  37. package/test/integ.lamsns-existingFunction.js.snapshot/tree.json +474 -0
  38. package/test/integ.lamsns-deployFunction.expected.json +0 -302
  39. package/test/integ.lamsns-deployFunctionWithVpc.expected.json +0 -744
  40. package/test/integ.lamsns-existingFunction.expected.json +0 -302
package/test/integ.lamsns-deployFunctionWithVpc.expected.json DELETED
@@ -1,744 +0,0 @@
1
- {
2
- "Description": "Integration Test for aws-lambda-sns",
3
- "Resources": {
4
- "testlambdasnsLambdaFunctionServiceRole9C412F74": {
5
- "Type": "AWS::IAM::Role",
6
- "Properties": {
7
- "AssumeRolePolicyDocument": {
8
- "Statement": [
9
- {
10
- "Action": "sts:AssumeRole",
11
- "Effect": "Allow",
12
- "Principal": {
13
- "Service": "lambda.amazonaws.com"
14
- }
15
- }
16
- ],
17
- "Version": "2012-10-17"
18
- },
19
- "Policies": [
20
- {
21
- "PolicyDocument": {
22
- "Statement": [
23
- {
24
- "Action": [
25
- "logs:CreateLogGroup",
26
- "logs:CreateLogStream",
27
- "logs:PutLogEvents"
28
- ],
29
- "Effect": "Allow",
30
- "Resource": {
31
- "Fn::Join": [
32
- "",
33
- [
34
- "arn:",
35
- {
36
- "Ref": "AWS::Partition"
37
- },
38
- ":logs:",
39
- {
40
- "Ref": "AWS::Region"
41
- },
42
- ":",
43
- {
44
- "Ref": "AWS::AccountId"
45
- },
46
- ":log-group:/aws/lambda/*"
47
- ]
48
- ]
49
- }
50
- }
51
- ],
52
- "Version": "2012-10-17"
53
- },
54
- "PolicyName": "LambdaFunctionServiceRolePolicy"
55
- }
56
- ]
57
- }
58
- },
59
- "testlambdasnsLambdaFunctionServiceRoleDefaultPolicyBB1D55CB": {
60
- "Type": "AWS::IAM::Policy",
61
- "Properties": {
62
- "PolicyDocument": {
63
- "Statement": [
64
- {
65
- "Action": [
66
- "ec2:CreateNetworkInterface",
67
- "ec2:DescribeNetworkInterfaces",
68
- "ec2:DeleteNetworkInterface",
69
- "ec2:AssignPrivateIpAddresses",
70
- "ec2:UnassignPrivateIpAddresses"
71
- ],
72
- "Effect": "Allow",
73
- "Resource": "*"
74
- },
75
- {
76
- "Action": [
77
- "xray:PutTraceSegments",
78
- "xray:PutTelemetryRecords"
79
- ],
80
- "Effect": "Allow",
81
- "Resource": "*"
82
- },
83
- {
84
- "Action": "sns:Publish",
85
- "Effect": "Allow",
86
- "Resource": {
87
- "Ref": "testlambdasnsSnsTopic57DFED98"
88
- }
89
- }
90
- ],
91
- "Version": "2012-10-17"
92
- },
93
- "PolicyName": "testlambdasnsLambdaFunctionServiceRoleDefaultPolicyBB1D55CB",
94
- "Roles": [
95
- {
96
- "Ref": "testlambdasnsLambdaFunctionServiceRole9C412F74"
97
- }
98
- ]
99
- },
100
- "Metadata": {
101
- "cfn_nag": {
102
- "rules_to_suppress": [
103
- {
104
- "id": "W12",
105
- "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC."
106
- }
107
- ]
108
- }
109
- }
110
- },
111
- "testlambdasnsReplaceDefaultSecurityGroupsecuritygroup071D13CB": {
112
- "Type": "AWS::EC2::SecurityGroup",
113
- "Properties": {
114
- "GroupDescription": "lamsns-deployFunctionWithVpc/test-lambda-sns/ReplaceDefaultSecurityGroup-security-group",
115
- "SecurityGroupEgress": [
116
- {
117
- "CidrIp": "0.0.0.0/0",
118
- "Description": "Allow all outbound traffic by default",
119
- "IpProtocol": "-1"
120
- }
121
- ],
122
- "VpcId": {
123
- "Ref": "Vpc8378EB38"
124
- }
125
- },
126
- "Metadata": {
127
- "cfn_nag": {
128
- "rules_to_suppress": [
129
- {
130
- "id": "W5",
131
- "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
132
- },
133
- {
134
- "id": "W40",
135
- "reason": "Egress IPProtocol of -1 is default and generally considered OK"
136
- }
137
- ]
138
- }
139
- }
140
- },
141
- "testlambdasnsLambdaFunctionD8BC8ABA": {
142
- "Type": "AWS::Lambda::Function",
143
- "Properties": {
144
- "Code": {
145
- "S3Bucket": {
146
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
147
- },
148
- "S3Key": "0904d3723480fed2daf7885caa427b930881caae6879d1e6b0d395020173ef6f.zip"
149
- },
150
- "Environment": {
151
- "Variables": {
152
- "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1",
153
- "SNS_TOPIC_ARN": {
154
- "Ref": "testlambdasnsSnsTopic57DFED98"
155
- },
156
- "SNS_TOPIC_NAME": {
157
- "Fn::GetAtt": [
158
- "testlambdasnsSnsTopic57DFED98",
159
- "TopicName"
160
- ]
161
- }
162
- }
163
- },
164
- "Handler": "index.handler",
165
- "Role": {
166
- "Fn::GetAtt": [
167
- "testlambdasnsLambdaFunctionServiceRole9C412F74",
168
- "Arn"
169
- ]
170
- },
171
- "Runtime": "nodejs16.x",
172
- "TracingConfig": {
173
- "Mode": "Active"
174
- },
175
- "VpcConfig": {
176
- "SecurityGroupIds": [
177
- {
178
- "Fn::GetAtt": [
179
- "testlambdasnsReplaceDefaultSecurityGroupsecuritygroup071D13CB",
180
- "GroupId"
181
- ]
182
- }
183
- ],
184
- "SubnetIds": [
185
- {
186
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
187
- },
188
- {
189
- "Ref": "VpcisolatedSubnet2Subnet39217055"
190
- },
191
- {
192
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
193
- }
194
- ]
195
- }
196
- },
197
- "DependsOn": [
198
- "testlambdasnsLambdaFunctionServiceRoleDefaultPolicyBB1D55CB",
199
- "testlambdasnsLambdaFunctionServiceRole9C412F74",
200
- "VpcisolatedSubnet1RouteTableAssociationD259E31A",
201
- "VpcisolatedSubnet2RouteTableAssociation25A4716F",
202
- "VpcisolatedSubnet3RouteTableAssociationDC010BEB"
203
- ],
204
- "Metadata": {
205
- "cfn_nag": {
206
- "rules_to_suppress": [
207
- {
208
- "id": "W58",
209
- "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions."
210
- },
211
- {
212
- "id": "W89",
213
- "reason": "This is not a rule for the general case, just for specific use cases/industries"
214
- },
215
- {
216
- "id": "W92",
217
- "reason": "Impossible for us to define the correct concurrency for clients"
218
- }
219
- ]
220
- }
221
- }
222
- },
223
- "testlambdasnsSnsTopic57DFED98": {
224
- "Type": "AWS::SNS::Topic",
225
- "Properties": {
226
- "KmsMasterKeyId": {
227
- "Fn::Join": [
228
- "",
229
- [
230
- "arn:",
231
- {
232
- "Ref": "AWS::Partition"
233
- },
234
- ":kms:",
235
- {
236
- "Ref": "AWS::Region"
237
- },
238
- ":",
239
- {
240
- "Ref": "AWS::AccountId"
241
- },
242
- ":alias/aws/sns"
243
- ]
244
- ]
245
- }
246
- }
247
- },
248
- "testlambdasnsSnsTopicPolicy4481ABC3": {
249
- "Type": "AWS::SNS::TopicPolicy",
250
- "Properties": {
251
- "PolicyDocument": {
252
- "Statement": [
253
- {
254
- "Action": [
255
- "SNS:Publish",
256
- "SNS:RemovePermission",
257
- "SNS:SetTopicAttributes",
258
- "SNS:DeleteTopic",
259
- "SNS:ListSubscriptionsByTopic",
260
- "SNS:GetTopicAttributes",
261
- "SNS:Receive",
262
- "SNS:AddPermission",
263
- "SNS:Subscribe"
264
- ],
265
- "Condition": {
266
- "StringEquals": {
267
- "AWS:SourceOwner": {
268
- "Ref": "AWS::AccountId"
269
- }
270
- }
271
- },
272
- "Effect": "Allow",
273
- "Principal": {
274
- "AWS": {
275
- "Fn::Join": [
276
- "",
277
- [
278
- "arn:",
279
- {
280
- "Ref": "AWS::Partition"
281
- },
282
- ":iam::",
283
- {
284
- "Ref": "AWS::AccountId"
285
- },
286
- ":root"
287
- ]
288
- ]
289
- }
290
- },
291
- "Resource": {
292
- "Ref": "testlambdasnsSnsTopic57DFED98"
293
- },
294
- "Sid": "TopicOwnerOnlyAccess"
295
- },
296
- {
297
- "Action": [
298
- "SNS:Publish",
299
- "SNS:RemovePermission",
300
- "SNS:SetTopicAttributes",
301
- "SNS:DeleteTopic",
302
- "SNS:ListSubscriptionsByTopic",
303
- "SNS:GetTopicAttributes",
304
- "SNS:Receive",
305
- "SNS:AddPermission",
306
- "SNS:Subscribe"
307
- ],
308
- "Condition": {
309
- "Bool": {
310
- "aws:SecureTransport": "false"
311
- }
312
- },
313
- "Effect": "Deny",
314
- "Principal": {
315
- "AWS": "*"
316
- },
317
- "Resource": {
318
- "Ref": "testlambdasnsSnsTopic57DFED98"
319
- },
320
- "Sid": "HttpsOnly"
321
- }
322
- ],
323
- "Version": "2012-10-17"
324
- },
325
- "Topics": [
326
- {
327
- "Ref": "testlambdasnsSnsTopic57DFED98"
328
- }
329
- ]
330
- }
331
- },
332
- "Vpc8378EB38": {
333
- "Type": "AWS::EC2::VPC",
334
- "Properties": {
335
- "CidrBlock": "10.0.0.0/16",
336
- "EnableDnsHostnames": true,
337
- "EnableDnsSupport": true,
338
- "InstanceTenancy": "default",
339
- "Tags": [
340
- {
341
- "Key": "Name",
342
- "Value": "lamsns-deployFunctionWithVpc/Vpc"
343
- }
344
- ]
345
- }
346
- },
347
- "VpcisolatedSubnet1SubnetE62B1B9B": {
348
- "Type": "AWS::EC2::Subnet",
349
- "Properties": {
350
- "AvailabilityZone": "test-region-1a",
351
- "CidrBlock": "10.0.0.0/18",
352
- "MapPublicIpOnLaunch": false,
353
- "Tags": [
354
- {
355
- "Key": "aws-cdk:subnet-name",
356
- "Value": "isolated"
357
- },
358
- {
359
- "Key": "aws-cdk:subnet-type",
360
- "Value": "Isolated"
361
- },
362
- {
363
- "Key": "Name",
364
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet1"
365
- }
366
- ],
367
- "VpcId": {
368
- "Ref": "Vpc8378EB38"
369
- }
370
- }
371
- },
372
- "VpcisolatedSubnet1RouteTableE442650B": {
373
- "Type": "AWS::EC2::RouteTable",
374
- "Properties": {
375
- "Tags": [
376
- {
377
- "Key": "Name",
378
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet1"
379
- }
380
- ],
381
- "VpcId": {
382
- "Ref": "Vpc8378EB38"
383
- }
384
- }
385
- },
386
- "VpcisolatedSubnet1RouteTableAssociationD259E31A": {
387
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
388
- "Properties": {
389
- "RouteTableId": {
390
- "Ref": "VpcisolatedSubnet1RouteTableE442650B"
391
- },
392
- "SubnetId": {
393
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
394
- }
395
- }
396
- },
397
- "VpcisolatedSubnet2Subnet39217055": {
398
- "Type": "AWS::EC2::Subnet",
399
- "Properties": {
400
- "AvailabilityZone": "test-region-1b",
401
- "CidrBlock": "10.0.64.0/18",
402
- "MapPublicIpOnLaunch": false,
403
- "Tags": [
404
- {
405
- "Key": "aws-cdk:subnet-name",
406
- "Value": "isolated"
407
- },
408
- {
409
- "Key": "aws-cdk:subnet-type",
410
- "Value": "Isolated"
411
- },
412
- {
413
- "Key": "Name",
414
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet2"
415
- }
416
- ],
417
- "VpcId": {
418
- "Ref": "Vpc8378EB38"
419
- }
420
- }
421
- },
422
- "VpcisolatedSubnet2RouteTable334F9764": {
423
- "Type": "AWS::EC2::RouteTable",
424
- "Properties": {
425
- "Tags": [
426
- {
427
- "Key": "Name",
428
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet2"
429
- }
430
- ],
431
- "VpcId": {
432
- "Ref": "Vpc8378EB38"
433
- }
434
- }
435
- },
436
- "VpcisolatedSubnet2RouteTableAssociation25A4716F": {
437
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
438
- "Properties": {
439
- "RouteTableId": {
440
- "Ref": "VpcisolatedSubnet2RouteTable334F9764"
441
- },
442
- "SubnetId": {
443
- "Ref": "VpcisolatedSubnet2Subnet39217055"
444
- }
445
- }
446
- },
447
- "VpcisolatedSubnet3Subnet44F2537D": {
448
- "Type": "AWS::EC2::Subnet",
449
- "Properties": {
450
- "AvailabilityZone": "test-region-1c",
451
- "CidrBlock": "10.0.128.0/18",
452
- "MapPublicIpOnLaunch": false,
453
- "Tags": [
454
- {
455
- "Key": "aws-cdk:subnet-name",
456
- "Value": "isolated"
457
- },
458
- {
459
- "Key": "aws-cdk:subnet-type",
460
- "Value": "Isolated"
461
- },
462
- {
463
- "Key": "Name",
464
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet3"
465
- }
466
- ],
467
- "VpcId": {
468
- "Ref": "Vpc8378EB38"
469
- }
470
- }
471
- },
472
- "VpcisolatedSubnet3RouteTableA2F6BBC0": {
473
- "Type": "AWS::EC2::RouteTable",
474
- "Properties": {
475
- "Tags": [
476
- {
477
- "Key": "Name",
478
- "Value": "lamsns-deployFunctionWithVpc/Vpc/isolatedSubnet3"
479
- }
480
- ],
481
- "VpcId": {
482
- "Ref": "Vpc8378EB38"
483
- }
484
- }
485
- },
486
- "VpcisolatedSubnet3RouteTableAssociationDC010BEB": {
487
- "Type": "AWS::EC2::SubnetRouteTableAssociation",
488
- "Properties": {
489
- "RouteTableId": {
490
- "Ref": "VpcisolatedSubnet3RouteTableA2F6BBC0"
491
- },
492
- "SubnetId": {
493
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
494
- }
495
- }
496
- },
497
- "VpcFlowLogIAMRole6A475D41": {
498
- "Type": "AWS::IAM::Role",
499
- "Properties": {
500
- "AssumeRolePolicyDocument": {
501
- "Statement": [
502
- {
503
- "Action": "sts:AssumeRole",
504
- "Effect": "Allow",
505
- "Principal": {
506
- "Service": "vpc-flow-logs.amazonaws.com"
507
- }
508
- }
509
- ],
510
- "Version": "2012-10-17"
511
- },
512
- "Tags": [
513
- {
514
- "Key": "Name",
515
- "Value": "lamsns-deployFunctionWithVpc/Vpc/FlowLog"
516
- }
517
- ]
518
- }
519
- },
520
- "VpcFlowLogIAMRoleDefaultPolicy406FB995": {
521
- "Type": "AWS::IAM::Policy",
522
- "Properties": {
523
- "PolicyDocument": {
524
- "Statement": [
525
- {
526
- "Action": [
527
- "logs:CreateLogStream",
528
- "logs:PutLogEvents",
529
- "logs:DescribeLogStreams"
530
- ],
531
- "Effect": "Allow",
532
- "Resource": {
533
- "Fn::GetAtt": [
534
- "VpcFlowLogLogGroup7B5C56B9",
535
- "Arn"
536
- ]
537
- }
538
- },
539
- {
540
- "Action": "iam:PassRole",
541
- "Effect": "Allow",
542
- "Resource": {
543
- "Fn::GetAtt": [
544
- "VpcFlowLogIAMRole6A475D41",
545
- "Arn"
546
- ]
547
- }
548
- }
549
- ],
550
- "Version": "2012-10-17"
551
- },
552
- "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy406FB995",
553
- "Roles": [
554
- {
555
- "Ref": "VpcFlowLogIAMRole6A475D41"
556
- }
557
- ]
558
- }
559
- },
560
- "VpcFlowLogLogGroup7B5C56B9": {
561
- "Type": "AWS::Logs::LogGroup",
562
- "Properties": {
563
- "RetentionInDays": 731,
564
- "Tags": [
565
- {
566
- "Key": "Name",
567
- "Value": "lamsns-deployFunctionWithVpc/Vpc/FlowLog"
568
- }
569
- ]
570
- },
571
- "UpdateReplacePolicy": "Retain",
572
- "DeletionPolicy": "Retain",
573
- "Metadata": {
574
- "cfn_nag": {
575
- "rules_to_suppress": [
576
- {
577
- "id": "W84",
578
- "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)"
579
- }
580
- ]
581
- }
582
- }
583
- },
584
- "VpcFlowLog8FF33A73": {
585
- "Type": "AWS::EC2::FlowLog",
586
- "Properties": {
587
- "DeliverLogsPermissionArn": {
588
- "Fn::GetAtt": [
589
- "VpcFlowLogIAMRole6A475D41",
590
- "Arn"
591
- ]
592
- },
593
- "LogDestinationType": "cloud-watch-logs",
594
- "LogGroupName": {
595
- "Ref": "VpcFlowLogLogGroup7B5C56B9"
596
- },
597
- "ResourceId": {
598
- "Ref": "Vpc8378EB38"
599
- },
600
- "ResourceType": "VPC",
601
- "Tags": [
602
- {
603
- "Key": "Name",
604
- "Value": "lamsns-deployFunctionWithVpc/Vpc/FlowLog"
605
- }
606
- ],
607
- "TrafficType": "ALL"
608
- }
609
- },
610
- "VpcSNS5B664381": {
611
- "Type": "AWS::EC2::VPCEndpoint",
612
- "Properties": {
613
- "PrivateDnsEnabled": true,
614
- "SecurityGroupIds": [
615
- {
616
- "Fn::GetAtt": [
617
- "lamsnsdeployFunctionWithVpcSNSsecuritygroup072F337C",
618
- "GroupId"
619
- ]
620
- }
621
- ],
622
- "ServiceName": {
623
- "Fn::Join": [
624
- "",
625
- [
626
- "com.amazonaws.",
627
- {
628
- "Ref": "AWS::Region"
629
- },
630
- ".sns"
631
- ]
632
- ]
633
- },
634
- "SubnetIds": [
635
- {
636
- "Ref": "VpcisolatedSubnet1SubnetE62B1B9B"
637
- },
638
- {
639
- "Ref": "VpcisolatedSubnet2Subnet39217055"
640
- },
641
- {
642
- "Ref": "VpcisolatedSubnet3Subnet44F2537D"
643
- }
644
- ],
645
- "VpcEndpointType": "Interface",
646
- "VpcId": {
647
- "Ref": "Vpc8378EB38"
648
- }
649
- }
650
- },
651
- "lamsnsdeployFunctionWithVpcSNSsecuritygroup072F337C": {
652
- "Type": "AWS::EC2::SecurityGroup",
653
- "Properties": {
654
- "GroupDescription": "lamsns-deployFunctionWithVpc/lamsns-deployFunctionWithVpc-SNS-security-group",
655
- "SecurityGroupEgress": [
656
- {
657
- "CidrIp": "0.0.0.0/0",
658
- "Description": "Allow all outbound traffic by default",
659
- "IpProtocol": "-1"
660
- }
661
- ],
662
- "SecurityGroupIngress": [
663
- {
664
- "CidrIp": {
665
- "Fn::GetAtt": [
666
- "Vpc8378EB38",
667
- "CidrBlock"
668
- ]
669
- },
670
- "Description": {
671
- "Fn::Join": [
672
- "",
673
- [
674
- "from ",
675
- {
676
- "Fn::GetAtt": [
677
- "Vpc8378EB38",
678
- "CidrBlock"
679
- ]
680
- },
681
- ":443"
682
- ]
683
- ]
684
- },
685
- "FromPort": 443,
686
- "IpProtocol": "tcp",
687
- "ToPort": 443
688
- }
689
- ],
690
- "VpcId": {
691
- "Ref": "Vpc8378EB38"
692
- }
693
- },
694
- "Metadata": {
695
- "cfn_nag": {
696
- "rules_to_suppress": [
697
- {
698
- "id": "W5",
699
- "reason": "Egress of 0.0.0.0/0 is default and generally considered OK"
700
- },
701
- {
702
- "id": "W40",
703
- "reason": "Egress IPProtocol of -1 is default and generally considered OK"
704
- }
705
- ]
706
- }
707
- }
708
- }
709
- },
710
- "Parameters": {
711
- "BootstrapVersion": {
712
- "Type": "AWS::SSM::Parameter::Value<String>",
713
- "Default": "/cdk-bootstrap/hnb659fds/version",
714
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
715
- }
716
- },
717
- "Rules": {
718
- "CheckBootstrapVersion": {
719
- "Assertions": [
720
- {
721
- "Assert": {
722
- "Fn::Not": [
723
- {
724
- "Fn::Contains": [
725
- [
726
- "1",
727
- "2",
728
- "3",
729
- "4",
730
- "5"
731
- ],
732
- {
733
- "Ref": "BootstrapVersion"
734
- }
735
- ]
736
- }
737
- ]
738
- },
739
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
740
- }
741
- ]
742
- }
743
- }
744
- }