skuba 8.2.1 → 9.0.0-main-20240918063050

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/lib/api/buildkite/annotate.d.ts +2 -0
  2. package/lib/api/buildkite/annotate.js +14 -1
  3. package/lib/api/buildkite/annotate.js.map +2 -2
  4. package/lib/api/github/issueComment.js.map +2 -2
  5. package/lib/cli/configure/analyseDependencies.js +0 -2
  6. package/lib/cli/configure/analyseDependencies.js.map +2 -2
  7. package/lib/cli/configure/analysis/package.d.ts +1 -2
  8. package/lib/cli/configure/analysis/package.js +0 -27
  9. package/lib/cli/configure/analysis/package.js.map +2 -2
  10. package/lib/cli/configure/dependencies/skubaDeps.js +4 -3
  11. package/lib/cli/configure/dependencies/skubaDeps.js.map +2 -2
  12. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/index.d.ts +2 -0
  13. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/index.js +35 -0
  14. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/index.js.map +7 -0
  15. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/patchDockerCompose.d.ts +2 -0
  16. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/patchDockerCompose.js +99 -0
  17. package/lib/cli/lint/internalLints/upgrade/patches/8.2.1/patchDockerCompose.js.map +7 -0
  18. package/lib/cli/node.d.ts +2 -1
  19. package/lib/cli/node.js +23 -18
  20. package/lib/cli/node.js.map +3 -3
  21. package/lib/cli/start.js +3 -3
  22. package/lib/cli/start.js.map +2 -2
  23. package/lib/utils/template.d.ts +4 -4
  24. package/lib/wrapper/requestListener.js.map +2 -2
  25. package/package.json +13 -12
  26. package/template/express-rest-api/.buildkite/pipeline.yml +1 -1
  27. package/template/express-rest-api/Dockerfile.dev-deps +1 -1
  28. package/template/express-rest-api/package.json +2 -2
  29. package/template/greeter/.buildkite/pipeline.yml +1 -1
  30. package/template/greeter/Dockerfile +1 -1
  31. package/template/greeter/package.json +2 -2
  32. package/template/koa-rest-api/.buildkite/pipeline.yml +1 -1
  33. package/template/koa-rest-api/Dockerfile.dev-deps +1 -1
  34. package/template/koa-rest-api/package.json +6 -6
  35. package/template/koa-rest-api/src/framework/server.ts +3 -5
  36. package/template/lambda-sqs-worker/.buildkite/pipeline.yml +3 -3
  37. package/template/lambda-sqs-worker/Dockerfile +1 -1
  38. package/template/lambda-sqs-worker/package.json +2 -2
  39. package/template/lambda-sqs-worker-cdk/.buildkite/pipeline.yml +2 -2
  40. package/template/lambda-sqs-worker-cdk/Dockerfile +1 -1
  41. package/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap +435 -891
  42. package/template/lambda-sqs-worker-cdk/infra/appStack.test.ts +4 -1
  43. package/template/lambda-sqs-worker-cdk/infra/appStack.ts +5 -84
  44. package/template/lambda-sqs-worker-cdk/infra/config.ts +1 -1
  45. package/template/lambda-sqs-worker-cdk/infra/index.ts +20 -3
  46. package/template/lambda-sqs-worker-cdk/package.json +4 -3
  47. package/template/oss-npm-package/.github/workflows/release.yml +1 -1
  48. package/template/oss-npm-package/_package.json +1 -1
  49. package/template/private-npm-package/_package.json +1 -1
  50. package/template/lambda-sqs-worker-cdk/src/postHook.ts +0 -154
  51. package/template/lambda-sqs-worker-cdk/src/preHook.ts +0 -95
package/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap CHANGED
@@ -10,181 +10,6 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
10
10
  },
11
11
  },
12
12
  "Resources": {
13
- "codedeployalarm9F48D05F": {
14
- "Properties": {
15
- "ComparisonOperator": "GreaterThanOrEqualToThreshold",
16
- "Dimensions": [
17
- {
18
- "Name": "FunctionName",
19
- "Value": {
20
- "Ref": "worker28EA3E30",
21
- },
22
- },
23
- {
24
- "Name": "Resource",
25
- "Value": {
26
- "Fn::Join": [
27
- "",
28
- [
29
- {
30
- "Ref": "worker28EA3E30",
31
- },
32
- ":live",
33
- ],
34
- ],
35
- },
36
- },
37
- ],
38
- "EvaluationPeriods": 1,
39
- "MetricName": "Errors",
40
- "Namespace": "AWS/Lambda",
41
- "Period": 60,
42
- "Statistic": "Sum",
43
- "Threshold": 1,
44
- },
45
- "Type": "AWS::CloudWatch::Alarm",
46
- },
47
- "codedeployapplicationF49B9864": {
48
- "Properties": {
49
- "ComputePlatform": "Lambda",
50
- },
51
- "Type": "AWS::CodeDeploy::Application",
52
- },
53
- "codedeploygroup441B094B": {
54
- "Properties": {
55
- "AlarmConfiguration": {
56
- "Alarms": [
57
- {
58
- "Name": {
59
- "Ref": "codedeployalarm9F48D05F",
60
- },
61
- },
62
- ],
63
- "Enabled": true,
64
- },
65
- "ApplicationName": {
66
- "Ref": "codedeployapplicationF49B9864",
67
- },
68
- "AutoRollbackConfiguration": {
69
- "Enabled": true,
70
- "Events": [
71
- "DEPLOYMENT_FAILURE",
72
- "DEPLOYMENT_STOP_ON_ALARM",
73
- ],
74
- },
75
- "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce",
76
- "DeploymentStyle": {
77
- "DeploymentOption": "WITH_TRAFFIC_CONTROL",
78
- "DeploymentType": "BLUE_GREEN",
79
- },
80
- "ServiceRoleArn": {
81
- "Fn::GetAtt": [
82
- "codedeploygroupServiceRole1BD49E37",
83
- "Arn",
84
- ],
85
- },
86
- },
87
- "Type": "AWS::CodeDeploy::DeploymentGroup",
88
- },
89
- "codedeploygroupServiceRole1BD49E37": {
90
- "Properties": {
91
- "AssumeRolePolicyDocument": {
92
- "Statement": [
93
- {
94
- "Action": "sts:AssumeRole",
95
- "Effect": "Allow",
96
- "Principal": {
97
- "Service": "codedeploy.amazonaws.com",
98
- },
99
- },
100
- ],
101
- "Version": "2012-10-17",
102
- },
103
- "ManagedPolicyArns": [
104
- {
105
- "Fn::Join": [
106
- "",
107
- [
108
- "arn:",
109
- {
110
- "Ref": "AWS::Partition",
111
- },
112
- ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited",
113
- ],
114
- ],
115
- },
116
- ],
117
- },
118
- "Type": "AWS::IAM::Role",
119
- },
120
- "codedeploygroupServiceRoleDefaultPolicy2027BC9A": {
121
- "Properties": {
122
- "PolicyDocument": {
123
- "Statement": [
124
- {
125
- "Action": "lambda:InvokeFunction",
126
- "Effect": "Allow",
127
- "Resource": [
128
- {
129
- "Fn::GetAtt": [
130
- "workerprehook415B13CE",
131
- "Arn",
132
- ],
133
- },
134
- {
135
- "Fn::Join": [
136
- "",
137
- [
138
- {
139
- "Fn::GetAtt": [
140
- "workerprehook415B13CE",
141
- "Arn",
142
- ],
143
- },
144
- ":*",
145
- ],
146
- ],
147
- },
148
- ],
149
- },
150
- {
151
- "Action": "lambda:InvokeFunction",
152
- "Effect": "Allow",
153
- "Resource": [
154
- {
155
- "Fn::GetAtt": [
156
- "workerposthook150842D6",
157
- "Arn",
158
- ],
159
- },
160
- {
161
- "Fn::Join": [
162
- "",
163
- [
164
- {
165
- "Fn::GetAtt": [
166
- "workerposthook150842D6",
167
- "Arn",
168
- ],
169
- },
170
- ":*",
171
- ],
172
- ],
173
- },
174
- ],
175
- },
176
- ],
177
- "Version": "2012-10-17",
178
- },
179
- "PolicyName": "codedeploygroupServiceRoleDefaultPolicy2027BC9A",
180
- "Roles": [
181
- {
182
- "Ref": "codedeploygroupServiceRole1BD49E37",
183
- },
184
- ],
185
- },
186
- "Type": "AWS::IAM::Policy",
187
- },
188
13
  "kmskey49FBC3B3": {
189
14
  "DeletionPolicy": "Retain",
190
15
  "Properties": {
@@ -354,11 +179,17 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
354
179
  ],
355
180
  },
356
181
  "Runtime": "nodejs20.x",
182
+ "Tags": [
183
+ {
184
+ "Key": "aws-codedeploy-hooks",
185
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
186
+ },
187
+ ],
357
188
  "Timeout": 30,
358
189
  },
359
190
  "Type": "AWS::Lambda::Function",
360
191
  },
361
- "workerAliaslive62FE5FAF": {
192
+ "workerAliasLive4B82F015": {
362
193
  "Properties": {
363
194
  "Description": "The Lambda version currently receiving traffic",
364
195
  "FunctionName": {
@@ -370,27 +201,81 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
370
201
  "Version",
371
202
  ],
372
203
  },
373
- "Name": "live",
204
+ "Name": "Live",
374
205
  },
375
206
  "Type": "AWS::Lambda::Alias",
376
207
  "UpdatePolicy": {
377
208
  "CodeDeployLambdaAliasUpdate": {
378
209
  "AfterAllowTrafficHook": {
379
- "Ref": "workerposthook150842D6",
210
+ "Fn::Select": [
211
+ 6,
212
+ {
213
+ "Fn::Split": [
214
+ ":",
215
+ {
216
+ "Fn::Join": [
217
+ "",
218
+ [
219
+ "arn:",
220
+ {
221
+ "Ref": "AWS::Partition",
222
+ },
223
+ ":lambda:",
224
+ {
225
+ "Ref": "AWS::Region",
226
+ },
227
+ ":",
228
+ {
229
+ "Ref": "AWS::AccountId",
230
+ },
231
+ ":function:aws-codedeploy-hook-AfterAllowTraffic",
232
+ ],
233
+ ],
234
+ },
235
+ ],
236
+ },
237
+ ],
380
238
  },
381
239
  "ApplicationName": {
382
- "Ref": "codedeployapplicationF49B9864",
240
+ "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D",
383
241
  },
384
242
  "BeforeAllowTrafficHook": {
385
- "Ref": "workerprehook415B13CE",
243
+ "Fn::Select": [
244
+ 6,
245
+ {
246
+ "Fn::Split": [
247
+ ":",
248
+ {
249
+ "Fn::Join": [
250
+ "",
251
+ [
252
+ "arn:",
253
+ {
254
+ "Ref": "AWS::Partition",
255
+ },
256
+ ":lambda:",
257
+ {
258
+ "Ref": "AWS::Region",
259
+ },
260
+ ":",
261
+ {
262
+ "Ref": "AWS::AccountId",
263
+ },
264
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic",
265
+ ],
266
+ ],
267
+ },
268
+ ],
269
+ },
270
+ ],
386
271
  },
387
272
  "DeploymentGroupName": {
388
- "Ref": "codedeploygroup441B094B",
273
+ "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA",
389
274
  },
390
275
  },
391
276
  },
392
277
  },
393
- "workerAliasliveSqsEventSourceappStackworkerqueue8281B9F42DEDB47B": {
278
+ "workerAliasLiveSqsEventSourceappStackworkerqueue8281B9F443B0CF93": {
394
279
  "Properties": {
395
280
  "EventSourceArn": {
396
281
  "Fn::GetAtt": [
@@ -409,19 +294,16 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
409
294
  "Fn::Split": [
410
295
  ":",
411
296
  {
412
- "Ref": "workerAliaslive62FE5FAF",
297
+ "Ref": "workerAliasLive4B82F015",
413
298
  },
414
299
  ],
415
300
  },
416
301
  ],
417
302
  },
418
- ":live",
303
+ ":Live",
419
304
  ],
420
305
  ],
421
306
  },
422
- "ScalingConfig": {
423
- "MaximumConcurrency": 2,
424
- },
425
307
  },
426
308
  "Type": "AWS::Lambda::EventSourceMapping",
427
309
  },
@@ -433,7 +315,50 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
433
315
  },
434
316
  "Type": "AWS::Lambda::Version",
435
317
  },
436
- "workerServiceRole2130CC7F": {
318
+ "workerDeploymentCodeDeployLambdaApplication9974008D": {
319
+ "Properties": {
320
+ "ComputePlatform": "Lambda",
321
+ "Tags": [
322
+ {
323
+ "Key": "aws-codedeploy-hooks",
324
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
325
+ },
326
+ ],
327
+ },
328
+ "Type": "AWS::CodeDeploy::Application",
329
+ },
330
+ "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA": {
331
+ "Properties": {
332
+ "ApplicationName": {
333
+ "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D",
334
+ },
335
+ "AutoRollbackConfiguration": {
336
+ "Enabled": true,
337
+ "Events": [
338
+ "DEPLOYMENT_FAILURE",
339
+ ],
340
+ },
341
+ "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce",
342
+ "DeploymentStyle": {
343
+ "DeploymentOption": "WITH_TRAFFIC_CONTROL",
344
+ "DeploymentType": "BLUE_GREEN",
345
+ },
346
+ "ServiceRoleArn": {
347
+ "Fn::GetAtt": [
348
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE",
349
+ "Arn",
350
+ ],
351
+ },
352
+ "Tags": [
353
+ {
354
+ "Key": "aws-codedeploy-hooks",
355
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
356
+ },
357
+ ],
358
+ },
359
+ "Type": "AWS::CodeDeploy::DeploymentGroup",
360
+ },
361
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE": {
437
362
  "Properties": {
438
363
  "AssumeRolePolicyDocument": {
439
364
  "Statement": [
@@ -441,7 +366,7 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
441
366
  "Action": "sts:AssumeRole",
442
367
  "Effect": "Allow",
443
368
  "Principal": {
444
- "Service": "lambda.amazonaws.com",
369
+ "Service": "codedeploy.amazonaws.com",
445
370
  },
446
371
  },
447
372
  ],
@@ -456,257 +381,129 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
456
381
  {
457
382
  "Ref": "AWS::Partition",
458
383
  },
459
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
384
+ ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited",
460
385
  ],
461
386
  ],
462
387
  },
463
388
  ],
389
+ "Tags": [
390
+ {
391
+ "Key": "aws-codedeploy-hooks",
392
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
393
+ },
394
+ ],
464
395
  },
465
396
  "Type": "AWS::IAM::Role",
466
397
  },
467
- "workerServiceRoleDefaultPolicyBA498553": {
398
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5": {
468
399
  "Properties": {
469
400
  "PolicyDocument": {
470
401
  "Statement": [
471
402
  {
472
- "Action": [
473
- "sqs:ReceiveMessage",
474
- "sqs:ChangeMessageVisibility",
475
- "sqs:GetQueueUrl",
476
- "sqs:DeleteMessage",
477
- "sqs:GetQueueAttributes",
478
- ],
403
+ "Action": "lambda:InvokeFunction",
479
404
  "Effect": "Allow",
480
- "Resource": {
481
- "Fn::GetAtt": [
482
- "workerqueueA05CE5C6",
483
- "Arn",
484
- ],
485
- },
405
+ "Resource": [
406
+ {
407
+ "Fn::Join": [
408
+ "",
409
+ [
410
+ "arn:",
411
+ {
412
+ "Ref": "AWS::Partition",
413
+ },
414
+ ":lambda:",
415
+ {
416
+ "Ref": "AWS::Region",
417
+ },
418
+ ":",
419
+ {
420
+ "Ref": "AWS::AccountId",
421
+ },
422
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic",
423
+ ],
424
+ ],
425
+ },
426
+ {
427
+ "Fn::Join": [
428
+ "",
429
+ [
430
+ "arn:",
431
+ {
432
+ "Ref": "AWS::Partition",
433
+ },
434
+ ":lambda:",
435
+ {
436
+ "Ref": "AWS::Region",
437
+ },
438
+ ":",
439
+ {
440
+ "Ref": "AWS::AccountId",
441
+ },
442
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic:*",
443
+ ],
444
+ ],
445
+ },
446
+ ],
486
447
  },
487
448
  {
488
- "Action": "kms:Decrypt",
489
- "Effect": "Allow",
490
- "Resource": {
491
- "Fn::GetAtt": [
492
- "kmskey49FBC3B3",
493
- "Arn",
494
- ],
495
- },
496
- },
497
- ],
498
- "Version": "2012-10-17",
499
- },
500
- "PolicyName": "workerServiceRoleDefaultPolicyBA498553",
501
- "Roles": [
502
- {
503
- "Ref": "workerServiceRole2130CC7F",
504
- },
505
- ],
506
- },
507
- "Type": "AWS::IAM::Policy",
508
- },
509
- "workerposthook150842D6": {
510
- "DependsOn": [
511
- "workerposthookServiceRoleDefaultPolicy6A92F69C",
512
- "workerposthookServiceRole25452300",
513
- ],
514
- "Properties": {
515
- "Architectures": [
516
- "arm64",
517
- ],
518
- "Code": {
519
- "S3Bucket": {
520
- "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}",
521
- },
522
- "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip",
523
- },
524
- "Environment": {
525
- "Variables": {
526
- "ENVIRONMENT": "dev",
527
- "FUNCTION_NAME_TO_PRUNE": {
528
- "Ref": "worker28EA3E30",
529
- },
530
- "NODE_ENV": "production",
531
- "NODE_OPTIONS": "--enable-source-maps",
532
- "SERVICE": "serviceName",
533
- "VERSION": "local",
534
- },
535
- },
536
- "FunctionName": "serviceName-post-hook",
537
- "Handler": "index.handler",
538
- "KmsKeyArn": {
539
- "Fn::GetAtt": [
540
- "kmskey49FBC3B3",
541
- "Arn",
542
- ],
543
- },
544
- "Role": {
545
- "Fn::GetAtt": [
546
- "workerposthookServiceRole25452300",
547
- "Arn",
548
- ],
549
- },
550
- "Runtime": "nodejs20.x",
551
- "Timeout": 30,
552
- },
553
- "Type": "AWS::Lambda::Function",
554
- },
555
- "workerposthookServiceRole25452300": {
556
- "Properties": {
557
- "AssumeRolePolicyDocument": {
558
- "Statement": [
559
- {
560
- "Action": "sts:AssumeRole",
561
- "Effect": "Allow",
562
- "Principal": {
563
- "Service": "lambda.amazonaws.com",
564
- },
565
- },
566
- ],
567
- "Version": "2012-10-17",
568
- },
569
- "ManagedPolicyArns": [
570
- {
571
- "Fn::Join": [
572
- "",
573
- [
574
- "arn:",
575
- {
576
- "Ref": "AWS::Partition",
577
- },
578
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
579
- ],
580
- ],
581
- },
582
- ],
583
- },
584
- "Type": "AWS::IAM::Role",
585
- },
586
- "workerposthookServiceRoleDefaultPolicy6A92F69C": {
587
- "Properties": {
588
- "PolicyDocument": {
589
- "Statement": [
590
- {
591
- "Action": [
592
- "lambda:ListAliases",
593
- "lambda:ListVersionsByFunction",
594
- "lambda:DeleteFunction",
595
- ],
449
+ "Action": "lambda:InvokeFunction",
596
450
  "Effect": "Allow",
597
451
  "Resource": [
598
452
  {
599
- "Fn::GetAtt": [
600
- "worker28EA3E30",
601
- "Arn",
453
+ "Fn::Join": [
454
+ "",
455
+ [
456
+ "arn:",
457
+ {
458
+ "Ref": "AWS::Partition",
459
+ },
460
+ ":lambda:",
461
+ {
462
+ "Ref": "AWS::Region",
463
+ },
464
+ ":",
465
+ {
466
+ "Ref": "AWS::AccountId",
467
+ },
468
+ ":function:aws-codedeploy-hook-AfterAllowTraffic",
469
+ ],
602
470
  ],
603
471
  },
604
472
  {
605
473
  "Fn::Join": [
606
474
  "",
607
475
  [
476
+ "arn:",
477
+ {
478
+ "Ref": "AWS::Partition",
479
+ },
480
+ ":lambda:",
481
+ {
482
+ "Ref": "AWS::Region",
483
+ },
484
+ ":",
608
485
  {
609
- "Fn::GetAtt": [
610
- "worker28EA3E30",
611
- "Arn",
612
- ],
486
+ "Ref": "AWS::AccountId",
613
487
  },
614
- ":*",
488
+ ":function:aws-codedeploy-hook-AfterAllowTraffic:*",
615
489
  ],
616
490
  ],
617
491
  },
618
492
  ],
619
493
  },
620
- {
621
- "Action": "codedeploy:PutLifecycleEventHookExecutionStatus",
622
- "Effect": "Allow",
623
- "Resource": {
624
- "Fn::Join": [
625
- "",
626
- [
627
- "arn:",
628
- {
629
- "Ref": "AWS::Partition",
630
- },
631
- ":codedeploy:",
632
- {
633
- "Ref": "AWS::Region",
634
- },
635
- ":",
636
- {
637
- "Ref": "AWS::AccountId",
638
- },
639
- ":deploymentgroup:",
640
- {
641
- "Ref": "codedeployapplicationF49B9864",
642
- },
643
- "/",
644
- {
645
- "Ref": "codedeploygroup441B094B",
646
- },
647
- ],
648
- ],
649
- },
650
- },
651
494
  ],
652
495
  "Version": "2012-10-17",
653
496
  },
654
- "PolicyName": "workerposthookServiceRoleDefaultPolicy6A92F69C",
497
+ "PolicyName": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5",
655
498
  "Roles": [
656
499
  {
657
- "Ref": "workerposthookServiceRole25452300",
500
+ "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE",
658
501
  },
659
502
  ],
660
503
  },
661
504
  "Type": "AWS::IAM::Policy",
662
505
  },
663
- "workerprehook415B13CE": {
664
- "DependsOn": [
665
- "workerprehookServiceRoleDefaultPolicy991A21B9",
666
- "workerprehookServiceRole8F8D9379",
667
- ],
668
- "Properties": {
669
- "Architectures": [
670
- "arm64",
671
- ],
672
- "Code": {
673
- "S3Bucket": {
674
- "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}",
675
- },
676
- "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip",
677
- },
678
- "Environment": {
679
- "Variables": {
680
- "ENVIRONMENT": "dev",
681
- "FUNCTION_NAME_TO_INVOKE": {
682
- "Ref": "worker28EA3E30",
683
- },
684
- "NODE_ENV": "production",
685
- "NODE_OPTIONS": "--enable-source-maps",
686
- "SERVICE": "serviceName",
687
- "VERSION": "local",
688
- },
689
- },
690
- "FunctionName": "serviceName-pre-hook",
691
- "Handler": "index.handler",
692
- "KmsKeyArn": {
693
- "Fn::GetAtt": [
694
- "kmskey49FBC3B3",
695
- "Arn",
696
- ],
697
- },
698
- "Role": {
699
- "Fn::GetAtt": [
700
- "workerprehookServiceRole8F8D9379",
701
- "Arn",
702
- ],
703
- },
704
- "Runtime": "nodejs20.x",
705
- "Timeout": 120,
706
- },
707
- "Type": "AWS::Lambda::Function",
708
- },
709
- "workerprehookServiceRole8F8D9379": {
506
+ "workerServiceRole2130CC7F": {
710
507
  "Properties": {
711
508
  "AssumeRolePolicyDocument": {
712
509
  "Statement": [
@@ -734,77 +531,52 @@ exports[`returns expected CloudFormation stack for dev 1`] = `
734
531
  ],
735
532
  },
736
533
  ],
534
+ "Tags": [
535
+ {
536
+ "Key": "aws-codedeploy-hooks",
537
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
538
+ },
539
+ ],
737
540
  },
738
541
  "Type": "AWS::IAM::Role",
739
542
  },
740
- "workerprehookServiceRoleDefaultPolicy991A21B9": {
543
+ "workerServiceRoleDefaultPolicyBA498553": {
741
544
  "Properties": {
742
545
  "PolicyDocument": {
743
546
  "Statement": [
744
547
  {
745
- "Action": "lambda:InvokeFunction",
746
- "Effect": "Allow",
747
- "Resource": [
748
- {
749
- "Fn::GetAtt": [
750
- "worker28EA3E30",
751
- "Arn",
752
- ],
753
- },
754
- {
755
- "Fn::Join": [
756
- "",
757
- [
758
- {
759
- "Fn::GetAtt": [
760
- "worker28EA3E30",
761
- "Arn",
762
- ],
763
- },
764
- ":*",
765
- ],
766
- ],
767
- },
548
+ "Action": [
549
+ "sqs:ReceiveMessage",
550
+ "sqs:ChangeMessageVisibility",
551
+ "sqs:GetQueueUrl",
552
+ "sqs:DeleteMessage",
553
+ "sqs:GetQueueAttributes",
768
554
  ],
555
+ "Effect": "Allow",
556
+ "Resource": {
557
+ "Fn::GetAtt": [
558
+ "workerqueueA05CE5C6",
559
+ "Arn",
560
+ ],
561
+ },
769
562
  },
770
563
  {
771
- "Action": "codedeploy:PutLifecycleEventHookExecutionStatus",
564
+ "Action": "kms:Decrypt",
772
565
  "Effect": "Allow",
773
566
  "Resource": {
774
- "Fn::Join": [
775
- "",
776
- [
777
- "arn:",
778
- {
779
- "Ref": "AWS::Partition",
780
- },
781
- ":codedeploy:",
782
- {
783
- "Ref": "AWS::Region",
784
- },
785
- ":",
786
- {
787
- "Ref": "AWS::AccountId",
788
- },
789
- ":deploymentgroup:",
790
- {
791
- "Ref": "codedeployapplicationF49B9864",
792
- },
793
- "/",
794
- {
795
- "Ref": "codedeploygroup441B094B",
796
- },
797
- ],
567
+ "Fn::GetAtt": [
568
+ "kmskey49FBC3B3",
569
+ "Arn",
798
570
  ],
799
571
  },
800
572
  },
801
573
  ],
802
574
  "Version": "2012-10-17",
803
575
  },
804
- "PolicyName": "workerprehookServiceRoleDefaultPolicy991A21B9",
576
+ "PolicyName": "workerServiceRoleDefaultPolicyBA498553",
805
577
  "Roles": [
806
578
  {
807
- "Ref": "workerprehookServiceRole8F8D9379",
579
+ "Ref": "workerServiceRole2130CC7F",
808
580
  },
809
581
  ],
810
582
  },
@@ -941,190 +713,15 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
941
713
  },
942
714
  },
943
715
  "Resources": {
944
- "codedeployalarm9F48D05F": {
945
- "Properties": {
946
- "ComparisonOperator": "GreaterThanOrEqualToThreshold",
947
- "Dimensions": [
948
- {
949
- "Name": "FunctionName",
950
- "Value": {
951
- "Ref": "worker28EA3E30",
952
- },
953
- },
954
- {
955
- "Name": "Resource",
956
- "Value": {
957
- "Fn::Join": [
958
- "",
959
- [
960
- {
961
- "Ref": "worker28EA3E30",
962
- },
963
- ":live",
964
- ],
965
- ],
966
- },
967
- },
968
- ],
969
- "EvaluationPeriods": 1,
970
- "MetricName": "Errors",
971
- "Namespace": "AWS/Lambda",
972
- "Period": 60,
973
- "Statistic": "Sum",
974
- "Threshold": 1,
975
- },
976
- "Type": "AWS::CloudWatch::Alarm",
977
- },
978
- "codedeployapplicationF49B9864": {
979
- "Properties": {
980
- "ComputePlatform": "Lambda",
981
- },
982
- "Type": "AWS::CodeDeploy::Application",
983
- },
984
- "codedeploygroup441B094B": {
985
- "Properties": {
986
- "AlarmConfiguration": {
987
- "Alarms": [
988
- {
989
- "Name": {
990
- "Ref": "codedeployalarm9F48D05F",
991
- },
992
- },
993
- ],
994
- "Enabled": true,
995
- },
996
- "ApplicationName": {
997
- "Ref": "codedeployapplicationF49B9864",
998
- },
999
- "AutoRollbackConfiguration": {
1000
- "Enabled": true,
1001
- "Events": [
1002
- "DEPLOYMENT_FAILURE",
1003
- "DEPLOYMENT_STOP_ON_ALARM",
1004
- ],
1005
- },
1006
- "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce",
1007
- "DeploymentStyle": {
1008
- "DeploymentOption": "WITH_TRAFFIC_CONTROL",
1009
- "DeploymentType": "BLUE_GREEN",
1010
- },
1011
- "ServiceRoleArn": {
1012
- "Fn::GetAtt": [
1013
- "codedeploygroupServiceRole1BD49E37",
1014
- "Arn",
1015
- ],
1016
- },
1017
- },
1018
- "Type": "AWS::CodeDeploy::DeploymentGroup",
1019
- },
1020
- "codedeploygroupServiceRole1BD49E37": {
716
+ "kmskey49FBC3B3": {
717
+ "DeletionPolicy": "Retain",
1021
718
  "Properties": {
1022
- "AssumeRolePolicyDocument": {
719
+ "Description": "serviceName",
720
+ "EnableKeyRotation": true,
721
+ "KeyPolicy": {
1023
722
  "Statement": [
1024
723
  {
1025
- "Action": "sts:AssumeRole",
1026
- "Effect": "Allow",
1027
- "Principal": {
1028
- "Service": "codedeploy.amazonaws.com",
1029
- },
1030
- },
1031
- ],
1032
- "Version": "2012-10-17",
1033
- },
1034
- "ManagedPolicyArns": [
1035
- {
1036
- "Fn::Join": [
1037
- "",
1038
- [
1039
- "arn:",
1040
- {
1041
- "Ref": "AWS::Partition",
1042
- },
1043
- ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited",
1044
- ],
1045
- ],
1046
- },
1047
- ],
1048
- },
1049
- "Type": "AWS::IAM::Role",
1050
- },
1051
- "codedeploygroupServiceRoleDefaultPolicy2027BC9A": {
1052
- "Properties": {
1053
- "PolicyDocument": {
1054
- "Statement": [
1055
- {
1056
- "Action": "lambda:InvokeFunction",
1057
- "Effect": "Allow",
1058
- "Resource": [
1059
- {
1060
- "Fn::GetAtt": [
1061
- "workerprehook415B13CE",
1062
- "Arn",
1063
- ],
1064
- },
1065
- {
1066
- "Fn::Join": [
1067
- "",
1068
- [
1069
- {
1070
- "Fn::GetAtt": [
1071
- "workerprehook415B13CE",
1072
- "Arn",
1073
- ],
1074
- },
1075
- ":*",
1076
- ],
1077
- ],
1078
- },
1079
- ],
1080
- },
1081
- {
1082
- "Action": "lambda:InvokeFunction",
1083
- "Effect": "Allow",
1084
- "Resource": [
1085
- {
1086
- "Fn::GetAtt": [
1087
- "workerposthook150842D6",
1088
- "Arn",
1089
- ],
1090
- },
1091
- {
1092
- "Fn::Join": [
1093
- "",
1094
- [
1095
- {
1096
- "Fn::GetAtt": [
1097
- "workerposthook150842D6",
1098
- "Arn",
1099
- ],
1100
- },
1101
- ":*",
1102
- ],
1103
- ],
1104
- },
1105
- ],
1106
- },
1107
- ],
1108
- "Version": "2012-10-17",
1109
- },
1110
- "PolicyName": "codedeploygroupServiceRoleDefaultPolicy2027BC9A",
1111
- "Roles": [
1112
- {
1113
- "Ref": "codedeploygroupServiceRole1BD49E37",
1114
- },
1115
- ],
1116
- },
1117
- "Type": "AWS::IAM::Policy",
1118
- },
1119
- "kmskey49FBC3B3": {
1120
- "DeletionPolicy": "Retain",
1121
- "Properties": {
1122
- "Description": "serviceName",
1123
- "EnableKeyRotation": true,
1124
- "KeyPolicy": {
1125
- "Statement": [
1126
- {
1127
- "Action": "kms:*",
724
+ "Action": "kms:*",
1128
725
  "Effect": "Allow",
1129
726
  "Principal": {
1130
727
  "AWS": {
@@ -1285,11 +882,17 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1285
882
  ],
1286
883
  },
1287
884
  "Runtime": "nodejs20.x",
885
+ "Tags": [
886
+ {
887
+ "Key": "aws-codedeploy-hooks",
888
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
889
+ },
890
+ ],
1288
891
  "Timeout": 30,
1289
892
  },
1290
893
  "Type": "AWS::Lambda::Function",
1291
894
  },
1292
- "workerAliaslive62FE5FAF": {
895
+ "workerAliasLive4B82F015": {
1293
896
  "Properties": {
1294
897
  "Description": "The Lambda version currently receiving traffic",
1295
898
  "FunctionName": {
@@ -1301,27 +904,81 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1301
904
  "Version",
1302
905
  ],
1303
906
  },
1304
- "Name": "live",
907
+ "Name": "Live",
1305
908
  },
1306
909
  "Type": "AWS::Lambda::Alias",
1307
910
  "UpdatePolicy": {
1308
911
  "CodeDeployLambdaAliasUpdate": {
1309
912
  "AfterAllowTrafficHook": {
1310
- "Ref": "workerposthook150842D6",
913
+ "Fn::Select": [
914
+ 6,
915
+ {
916
+ "Fn::Split": [
917
+ ":",
918
+ {
919
+ "Fn::Join": [
920
+ "",
921
+ [
922
+ "arn:",
923
+ {
924
+ "Ref": "AWS::Partition",
925
+ },
926
+ ":lambda:",
927
+ {
928
+ "Ref": "AWS::Region",
929
+ },
930
+ ":",
931
+ {
932
+ "Ref": "AWS::AccountId",
933
+ },
934
+ ":function:aws-codedeploy-hook-AfterAllowTraffic",
935
+ ],
936
+ ],
937
+ },
938
+ ],
939
+ },
940
+ ],
1311
941
  },
1312
942
  "ApplicationName": {
1313
- "Ref": "codedeployapplicationF49B9864",
943
+ "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D",
1314
944
  },
1315
945
  "BeforeAllowTrafficHook": {
1316
- "Ref": "workerprehook415B13CE",
946
+ "Fn::Select": [
947
+ 6,
948
+ {
949
+ "Fn::Split": [
950
+ ":",
951
+ {
952
+ "Fn::Join": [
953
+ "",
954
+ [
955
+ "arn:",
956
+ {
957
+ "Ref": "AWS::Partition",
958
+ },
959
+ ":lambda:",
960
+ {
961
+ "Ref": "AWS::Region",
962
+ },
963
+ ":",
964
+ {
965
+ "Ref": "AWS::AccountId",
966
+ },
967
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic",
968
+ ],
969
+ ],
970
+ },
971
+ ],
972
+ },
973
+ ],
1317
974
  },
1318
975
  "DeploymentGroupName": {
1319
- "Ref": "codedeploygroup441B094B",
976
+ "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA",
1320
977
  },
1321
978
  },
1322
979
  },
1323
980
  },
1324
- "workerAliasliveSqsEventSourceappStackworkerqueue8281B9F42DEDB47B": {
981
+ "workerAliasLiveSqsEventSourceappStackworkerqueue8281B9F443B0CF93": {
1325
982
  "Properties": {
1326
983
  "EventSourceArn": {
1327
984
  "Fn::GetAtt": [
@@ -1340,19 +997,16 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1340
997
  "Fn::Split": [
1341
998
  ":",
1342
999
  {
1343
- "Ref": "workerAliaslive62FE5FAF",
1000
+ "Ref": "workerAliasLive4B82F015",
1344
1001
  },
1345
1002
  ],
1346
1003
  },
1347
1004
  ],
1348
1005
  },
1349
- ":live",
1006
+ ":Live",
1350
1007
  ],
1351
1008
  ],
1352
1009
  },
1353
- "ScalingConfig": {
1354
- "MaximumConcurrency": 20,
1355
- },
1356
1010
  },
1357
1011
  "Type": "AWS::Lambda::EventSourceMapping",
1358
1012
  },
@@ -1364,126 +1018,50 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1364
1018
  },
1365
1019
  "Type": "AWS::Lambda::Version",
1366
1020
  },
1367
- "workerServiceRole2130CC7F": {
1021
+ "workerDeploymentCodeDeployLambdaApplication9974008D": {
1368
1022
  "Properties": {
1369
- "AssumeRolePolicyDocument": {
1370
- "Statement": [
1371
- {
1372
- "Action": "sts:AssumeRole",
1373
- "Effect": "Allow",
1374
- "Principal": {
1375
- "Service": "lambda.amazonaws.com",
1376
- },
1377
- },
1378
- ],
1379
- "Version": "2012-10-17",
1380
- },
1381
- "ManagedPolicyArns": [
1382
- {
1383
- "Fn::Join": [
1384
- "",
1385
- [
1386
- "arn:",
1387
- {
1388
- "Ref": "AWS::Partition",
1389
- },
1390
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
1391
- ],
1392
- ],
1393
- },
1394
- ],
1395
- },
1396
- "Type": "AWS::IAM::Role",
1397
- },
1398
- "workerServiceRoleDefaultPolicyBA498553": {
1399
- "Properties": {
1400
- "PolicyDocument": {
1401
- "Statement": [
1402
- {
1403
- "Action": [
1404
- "sqs:ReceiveMessage",
1405
- "sqs:ChangeMessageVisibility",
1406
- "sqs:GetQueueUrl",
1407
- "sqs:DeleteMessage",
1408
- "sqs:GetQueueAttributes",
1409
- ],
1410
- "Effect": "Allow",
1411
- "Resource": {
1412
- "Fn::GetAtt": [
1413
- "workerqueueA05CE5C6",
1414
- "Arn",
1415
- ],
1416
- },
1417
- },
1418
- {
1419
- "Action": "kms:Decrypt",
1420
- "Effect": "Allow",
1421
- "Resource": {
1422
- "Fn::GetAtt": [
1423
- "kmskey49FBC3B3",
1424
- "Arn",
1425
- ],
1426
- },
1427
- },
1428
- ],
1429
- "Version": "2012-10-17",
1430
- },
1431
- "PolicyName": "workerServiceRoleDefaultPolicyBA498553",
1432
- "Roles": [
1023
+ "ComputePlatform": "Lambda",
1024
+ "Tags": [
1433
1025
  {
1434
- "Ref": "workerServiceRole2130CC7F",
1026
+ "Key": "aws-codedeploy-hooks",
1027
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
1435
1028
  },
1436
1029
  ],
1437
1030
  },
1438
- "Type": "AWS::IAM::Policy",
1031
+ "Type": "AWS::CodeDeploy::Application",
1439
1032
  },
1440
- "workerposthook150842D6": {
1441
- "DependsOn": [
1442
- "workerposthookServiceRoleDefaultPolicy6A92F69C",
1443
- "workerposthookServiceRole25452300",
1444
- ],
1033
+ "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA": {
1445
1034
  "Properties": {
1446
- "Architectures": [
1447
- "arm64",
1448
- ],
1449
- "Code": {
1450
- "S3Bucket": {
1451
- "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}",
1452
- },
1453
- "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip",
1454
- },
1455
- "Environment": {
1456
- "Variables": {
1457
- "ENVIRONMENT": "prod",
1458
- "FUNCTION_NAME_TO_PRUNE": {
1459
- "Ref": "worker28EA3E30",
1460
- },
1461
- "NODE_ENV": "production",
1462
- "NODE_OPTIONS": "--enable-source-maps",
1463
- "SERVICE": "serviceName",
1464
- "VERSION": "local",
1465
- },
1035
+ "ApplicationName": {
1036
+ "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D",
1466
1037
  },
1467
- "FunctionName": "serviceName-post-hook",
1468
- "Handler": "index.handler",
1469
- "KmsKeyArn": {
1470
- "Fn::GetAtt": [
1471
- "kmskey49FBC3B3",
1472
- "Arn",
1038
+ "AutoRollbackConfiguration": {
1039
+ "Enabled": true,
1040
+ "Events": [
1041
+ "DEPLOYMENT_FAILURE",
1473
1042
  ],
1474
1043
  },
1475
- "Role": {
1044
+ "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce",
1045
+ "DeploymentStyle": {
1046
+ "DeploymentOption": "WITH_TRAFFIC_CONTROL",
1047
+ "DeploymentType": "BLUE_GREEN",
1048
+ },
1049
+ "ServiceRoleArn": {
1476
1050
  "Fn::GetAtt": [
1477
- "workerposthookServiceRole25452300",
1051
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE",
1478
1052
  "Arn",
1479
1053
  ],
1480
1054
  },
1481
- "Runtime": "nodejs20.x",
1482
- "Timeout": 30,
1055
+ "Tags": [
1056
+ {
1057
+ "Key": "aws-codedeploy-hooks",
1058
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
1059
+ },
1060
+ ],
1483
1061
  },
1484
- "Type": "AWS::Lambda::Function",
1062
+ "Type": "AWS::CodeDeploy::DeploymentGroup",
1485
1063
  },
1486
- "workerposthookServiceRole25452300": {
1064
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE": {
1487
1065
  "Properties": {
1488
1066
  "AssumeRolePolicyDocument": {
1489
1067
  "Statement": [
@@ -1491,7 +1069,7 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1491
1069
  "Action": "sts:AssumeRole",
1492
1070
  "Effect": "Allow",
1493
1071
  "Principal": {
1494
- "Service": "lambda.amazonaws.com",
1072
+ "Service": "codedeploy.amazonaws.com",
1495
1073
  },
1496
1074
  },
1497
1075
  ],
@@ -1506,138 +1084,129 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1506
1084
  {
1507
1085
  "Ref": "AWS::Partition",
1508
1086
  },
1509
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
1087
+ ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited",
1510
1088
  ],
1511
1089
  ],
1512
1090
  },
1513
1091
  ],
1092
+ "Tags": [
1093
+ {
1094
+ "Key": "aws-codedeploy-hooks",
1095
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
1096
+ },
1097
+ ],
1514
1098
  },
1515
1099
  "Type": "AWS::IAM::Role",
1516
1100
  },
1517
- "workerposthookServiceRoleDefaultPolicy6A92F69C": {
1101
+ "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5": {
1518
1102
  "Properties": {
1519
1103
  "PolicyDocument": {
1520
1104
  "Statement": [
1521
1105
  {
1522
- "Action": [
1523
- "lambda:ListAliases",
1524
- "lambda:ListVersionsByFunction",
1525
- "lambda:DeleteFunction",
1526
- ],
1106
+ "Action": "lambda:InvokeFunction",
1527
1107
  "Effect": "Allow",
1528
1108
  "Resource": [
1529
1109
  {
1530
- "Fn::GetAtt": [
1531
- "worker28EA3E30",
1532
- "Arn",
1110
+ "Fn::Join": [
1111
+ "",
1112
+ [
1113
+ "arn:",
1114
+ {
1115
+ "Ref": "AWS::Partition",
1116
+ },
1117
+ ":lambda:",
1118
+ {
1119
+ "Ref": "AWS::Region",
1120
+ },
1121
+ ":",
1122
+ {
1123
+ "Ref": "AWS::AccountId",
1124
+ },
1125
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic",
1126
+ ],
1533
1127
  ],
1534
1128
  },
1535
1129
  {
1536
1130
  "Fn::Join": [
1537
1131
  "",
1538
1132
  [
1133
+ "arn:",
1134
+ {
1135
+ "Ref": "AWS::Partition",
1136
+ },
1137
+ ":lambda:",
1138
+ {
1139
+ "Ref": "AWS::Region",
1140
+ },
1141
+ ":",
1539
1142
  {
1540
- "Fn::GetAtt": [
1541
- "worker28EA3E30",
1542
- "Arn",
1543
- ],
1143
+ "Ref": "AWS::AccountId",
1544
1144
  },
1545
- ":*",
1145
+ ":function:aws-codedeploy-hook-BeforeAllowTraffic:*",
1546
1146
  ],
1547
1147
  ],
1548
1148
  },
1549
1149
  ],
1550
1150
  },
1551
1151
  {
1552
- "Action": "codedeploy:PutLifecycleEventHookExecutionStatus",
1152
+ "Action": "lambda:InvokeFunction",
1553
1153
  "Effect": "Allow",
1554
- "Resource": {
1555
- "Fn::Join": [
1556
- "",
1557
- [
1558
- "arn:",
1559
- {
1560
- "Ref": "AWS::Partition",
1561
- },
1562
- ":codedeploy:",
1563
- {
1564
- "Ref": "AWS::Region",
1565
- },
1566
- ":",
1567
- {
1568
- "Ref": "AWS::AccountId",
1569
- },
1570
- ":deploymentgroup:",
1571
- {
1572
- "Ref": "codedeployapplicationF49B9864",
1573
- },
1574
- "/",
1575
- {
1576
- "Ref": "codedeploygroup441B094B",
1577
- },
1154
+ "Resource": [
1155
+ {
1156
+ "Fn::Join": [
1157
+ "",
1158
+ [
1159
+ "arn:",
1160
+ {
1161
+ "Ref": "AWS::Partition",
1162
+ },
1163
+ ":lambda:",
1164
+ {
1165
+ "Ref": "AWS::Region",
1166
+ },
1167
+ ":",
1168
+ {
1169
+ "Ref": "AWS::AccountId",
1170
+ },
1171
+ ":function:aws-codedeploy-hook-AfterAllowTraffic",
1172
+ ],
1578
1173
  ],
1579
- ],
1580
- },
1174
+ },
1175
+ {
1176
+ "Fn::Join": [
1177
+ "",
1178
+ [
1179
+ "arn:",
1180
+ {
1181
+ "Ref": "AWS::Partition",
1182
+ },
1183
+ ":lambda:",
1184
+ {
1185
+ "Ref": "AWS::Region",
1186
+ },
1187
+ ":",
1188
+ {
1189
+ "Ref": "AWS::AccountId",
1190
+ },
1191
+ ":function:aws-codedeploy-hook-AfterAllowTraffic:*",
1192
+ ],
1193
+ ],
1194
+ },
1195
+ ],
1581
1196
  },
1582
1197
  ],
1583
1198
  "Version": "2012-10-17",
1584
1199
  },
1585
- "PolicyName": "workerposthookServiceRoleDefaultPolicy6A92F69C",
1200
+ "PolicyName": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5",
1586
1201
  "Roles": [
1587
1202
  {
1588
- "Ref": "workerposthookServiceRole25452300",
1203
+ "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE",
1589
1204
  },
1590
1205
  ],
1591
1206
  },
1592
1207
  "Type": "AWS::IAM::Policy",
1593
1208
  },
1594
- "workerprehook415B13CE": {
1595
- "DependsOn": [
1596
- "workerprehookServiceRoleDefaultPolicy991A21B9",
1597
- "workerprehookServiceRole8F8D9379",
1598
- ],
1599
- "Properties": {
1600
- "Architectures": [
1601
- "arm64",
1602
- ],
1603
- "Code": {
1604
- "S3Bucket": {
1605
- "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}",
1606
- },
1607
- "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip",
1608
- },
1609
- "Environment": {
1610
- "Variables": {
1611
- "ENVIRONMENT": "prod",
1612
- "FUNCTION_NAME_TO_INVOKE": {
1613
- "Ref": "worker28EA3E30",
1614
- },
1615
- "NODE_ENV": "production",
1616
- "NODE_OPTIONS": "--enable-source-maps",
1617
- "SERVICE": "serviceName",
1618
- "VERSION": "local",
1619
- },
1620
- },
1621
- "FunctionName": "serviceName-pre-hook",
1622
- "Handler": "index.handler",
1623
- "KmsKeyArn": {
1624
- "Fn::GetAtt": [
1625
- "kmskey49FBC3B3",
1626
- "Arn",
1627
- ],
1628
- },
1629
- "Role": {
1630
- "Fn::GetAtt": [
1631
- "workerprehookServiceRole8F8D9379",
1632
- "Arn",
1633
- ],
1634
- },
1635
- "Runtime": "nodejs20.x",
1636
- "Timeout": 120,
1637
- },
1638
- "Type": "AWS::Lambda::Function",
1639
- },
1640
- "workerprehookServiceRole8F8D9379": {
1209
+ "workerServiceRole2130CC7F": {
1641
1210
  "Properties": {
1642
1211
  "AssumeRolePolicyDocument": {
1643
1212
  "Statement": [
@@ -1665,77 +1234,52 @@ exports[`returns expected CloudFormation stack for prod 1`] = `
1665
1234
  ],
1666
1235
  },
1667
1236
  ],
1237
+ "Tags": [
1238
+ {
1239
+ "Key": "aws-codedeploy-hooks",
1240
+ "Value": "x.x.x-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
1241
+ },
1242
+ ],
1668
1243
  },
1669
1244
  "Type": "AWS::IAM::Role",
1670
1245
  },
1671
- "workerprehookServiceRoleDefaultPolicy991A21B9": {
1246
+ "workerServiceRoleDefaultPolicyBA498553": {
1672
1247
  "Properties": {
1673
1248
  "PolicyDocument": {
1674
1249
  "Statement": [
1675
1250
  {
1676
- "Action": "lambda:InvokeFunction",
1677
- "Effect": "Allow",
1678
- "Resource": [
1679
- {
1680
- "Fn::GetAtt": [
1681
- "worker28EA3E30",
1682
- "Arn",
1683
- ],
1684
- },
1685
- {
1686
- "Fn::Join": [
1687
- "",
1688
- [
1689
- {
1690
- "Fn::GetAtt": [
1691
- "worker28EA3E30",
1692
- "Arn",
1693
- ],
1694
- },
1695
- ":*",
1696
- ],
1697
- ],
1698
- },
1251
+ "Action": [
1252
+ "sqs:ReceiveMessage",
1253
+ "sqs:ChangeMessageVisibility",
1254
+ "sqs:GetQueueUrl",
1255
+ "sqs:DeleteMessage",
1256
+ "sqs:GetQueueAttributes",
1699
1257
  ],
1258
+ "Effect": "Allow",
1259
+ "Resource": {
1260
+ "Fn::GetAtt": [
1261
+ "workerqueueA05CE5C6",
1262
+ "Arn",
1263
+ ],
1264
+ },
1700
1265
  },
1701
1266
  {
1702
- "Action": "codedeploy:PutLifecycleEventHookExecutionStatus",
1267
+ "Action": "kms:Decrypt",
1703
1268
  "Effect": "Allow",
1704
1269
  "Resource": {
1705
- "Fn::Join": [
1706
- "",
1707
- [
1708
- "arn:",
1709
- {
1710
- "Ref": "AWS::Partition",
1711
- },
1712
- ":codedeploy:",
1713
- {
1714
- "Ref": "AWS::Region",
1715
- },
1716
- ":",
1717
- {
1718
- "Ref": "AWS::AccountId",
1719
- },
1720
- ":deploymentgroup:",
1721
- {
1722
- "Ref": "codedeployapplicationF49B9864",
1723
- },
1724
- "/",
1725
- {
1726
- "Ref": "codedeploygroup441B094B",
1727
- },
1728
- ],
1270
+ "Fn::GetAtt": [
1271
+ "kmskey49FBC3B3",
1272
+ "Arn",
1729
1273
  ],
1730
1274
  },
1731
1275
  },
1732
1276
  ],
1733
1277
  "Version": "2012-10-17",
1734
1278
  },
1735
- "PolicyName": "workerprehookServiceRoleDefaultPolicy991A21B9",
1279
+ "PolicyName": "workerServiceRoleDefaultPolicyBA498553",
1736
1280
  "Roles": [
1737
1281
  {
1738
- "Ref": "workerprehookServiceRole8F8D9379",
1282
+ "Ref": "workerServiceRole2130CC7F",
1739
1283
  },
1740
1284
  ],
1741
1285
  },