// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Deployment with AppConfig Snapshot 1`] = ` { "Outputs": { "ApiLoadBalancerDNSB0038DD0": { "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, }, "ApiServiceURL135D4FCA": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, "endpointUrl": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "ApiAccessLogBucket47540DA5": { "DeletionPolicy": "Retain", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiAccessLogBucketPolicy66E268A7": { "Properties": { "Bucket": { "Ref": "ApiAccessLogBucket47540DA5", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:PutObject", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::127311923021:root", ], ], }, }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:GetBucketAcl", "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiApplication4BE77DB2": { "Properties": { "ComputePlatform": "ECS", }, "Type": "AWS::CodeDeploy::Application", }, "ApiCanary29FBF4E7": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ArtifactS3Location": { "Fn::Join": [ "", [ "s3://", { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, ], ], }, "Code": { "Handler": "index.handler", "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiCanaryServiceRoleB7DBB121", "Arn", ], }, "Name": "teststackapicanbbc781", "RunConfig": { "EnvironmentVariables": { "baseUrl": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, "testSteps": "[{"name":"getAll","path":"/api/fruits","jmesPath":"length(@)","expectedValue":5}]", "threadCount": "20", }, }, "RuntimeVersion": "syn-nodejs-puppeteer-4.0", "Schedule": { "DurationInSeconds": "0", "Expression": "rate(5 minutes)", }, "StartCanaryAfterCreation": true, }, "Type": "AWS::Synthetics::Canary", }, "ApiCanaryArtifactsBucket7ED0CDF4": { "DeletionPolicy": "Retain", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiCanaryArtifactsBucketPolicyBC6DB214": { "Properties": { "Bucket": { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiCanaryDurationAlarm5501D0DD": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "Duration", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 5000, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiCanaryServiceRoleB7DBB121": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": "s3:ListAllMyBuckets", "Effect": "Allow", "Resource": "*", }, { "Action": "s3:GetBucketLocation", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, }, { "Action": "s3:PutObject", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, }, { "Action": "cloudwatch:PutMetricData", "Condition": { "StringEquals": { "cloudwatch:namespace": "CloudWatchSynthetics", }, }, "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:us-east-1:dummy:log-group:/aws/lambda/cwsyn-*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "canaryPolicy", }, ], }, "Type": "AWS::IAM::Role", }, "ApiCanarySuccessAlarm85CC115D": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "LessThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "SuccessPercent", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 100, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiDeploymentGroupC5BA42E8": { "Properties": { "AlarmConfiguration": { "Alarms": [ { "Name": { "Ref": "ApiHealthAlarm37D68E10", }, }, ], "Enabled": true, }, "ApplicationName": { "Ref": "ApiApplication4BE77DB2", }, "AutoRollbackConfiguration": { "Enabled": true, "Events": [ "DEPLOYMENT_FAILURE", "DEPLOYMENT_STOP_ON_REQUEST", "DEPLOYMENT_STOP_ON_ALARM", ], }, "BlueGreenDeploymentConfiguration": { "DeploymentReadyOption": { "ActionOnTimeout": "CONTINUE_DEPLOYMENT", "WaitTimeInMinutes": 0, }, "TerminateBlueInstancesOnDeploymentSuccess": { "Action": "TERMINATE", "TerminationWaitTimeInMinutes": 5, }, }, "DeploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "DeploymentStyle": { "DeploymentOption": "WITH_TRAFFIC_CONTROL", "DeploymentType": "BLUE_GREEN", }, "ECSServices": [ { "ClusterName": { "Ref": "ClusterEB0386A7", }, "ServiceName": { "Fn::GetAtt": [ "ApiServiceD5B4A50A", "Name", ], }, }, ], "LoadBalancerInfo": { "TargetGroupPairInfoList": [ { "ProdTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBPublicListener5142AAA5", }, ], }, "TargetGroups": [ { "Name": { "Fn::GetAtt": [ "ApiLBPublicListenerECSGroup45FF926A", "TargetGroupName", ], }, }, { "Name": { "Fn::GetAtt": [ "ApiGreenTargetGroup8D009A5A", "TargetGroupName", ], }, }, ], "TestTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBTestListener069F7CE5", }, ], }, }, ], }, "ServiceRoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupServiceRoleDDCCDD8C", "Arn", ], }, }, "Type": "AWS::CodeDeploy::DeploymentGroup", }, "ApiDeploymentGroupDeployment4FBC33C6": { "DeletionPolicy": "Delete", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36", "Arn", ], }, "applicationName": { "Ref": "ApiApplication4BE77DB2", }, "deploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "deploymentGroupName": { "Ref": "ApiDeploymentGroupC5BA42E8", }, "revisionAppSpecContent": { "Fn::Join": [ "", [ "{"version":"0.0","Resources":[{"TargetService":{"Type":"AWS::ECS::Service","Properties":{"TaskDefinition":"", { "Ref": "ApiTaskDefCB0575BA", }, "","LoadBalancerInfo":{"ContainerName":"api","ContainerPort":8080}}}}]}", ], ], }, }, "Type": "Custom::EcsDeployment", "UpdateReplacePolicy": "Delete", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/is-complete.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codedeploy:GetDeployment", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/on-event.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codedeploy:GetApplicationRevision", "codedeploy:RegisterApplicationRevision", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:application:", { "Ref": "ApiApplication4BE77DB2", }, ], ], }, }, { "Action": [ "codedeploy:CreateDeployment", "codedeploy:StopDeployment", "codedeploy:GetDeployment", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, { "Action": "codedeploy:GetDeploymentConfig", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentconfig:CodeDeployDefault.ECSAllAtOnce", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - isComplete (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.isComplete", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onEvent (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, "WAITER_STATE_MACHINE_ARN": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "states:StartExecution", "Effect": "Allow", "Resource": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onTimeout (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.onTimeout", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", ], "Properties": { "DefinitionString": { "Fn::Join": [ "", [ "{"StartAt":"framework-isComplete-task","States":{"framework-isComplete-task":{"End":true,"Retry":[{"ErrorEquals":["States.ALL"],"IntervalSeconds":15,"MaxAttempts":240,"BackoffRate":1}],"Catch":[{"ErrorEquals":["States.ALL"],"Next":"framework-onTimeout-task"}],"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ""},"framework-onTimeout-task":{"End":true,"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ""}}}", ], ], }, "RoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", "Arn", ], }, }, "Type": "AWS::StepFunctions::StateMachine", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "states.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupServiceRoleDDCCDD8C": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codedeploy.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/AWSCodeDeployRoleForECS", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiGreenTargetGroup8D009A5A": { "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 8080, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiHealthAlarm37D68E10": { "Properties": { "AlarmName": "TestStackApiHealthAlarm8EE930EC", "AlarmRule": { "Fn::Join": [ "", [ "(ALARM("", { "Fn::GetAtt": [ "ApiResponseTimeAlarm1A1F05BF", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanarySuccessAlarm85CC115D", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanaryDurationAlarm5501D0DD", "Arn", ], }, ""))", ], ], }, }, "Type": "AWS::CloudWatch::CompositeAlarm", }, "ApiLB8D4BD609": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "access_logs.s3.enabled", "Value": "true", }, { "Key": "access_logs.s3.bucket", "Value": { "Ref": "ApiAccessLogBucket47540DA5", }, }, { "Key": "access_logs.s3.prefix", "Value": "", }, ], "Scheme": "internet-facing", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "ApiLBPublicListener5142AAA5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiLBPublicListenerECSGroup45FF926A": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "stickiness.enabled", "Value": "false", }, { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiLBSecurityGroup70AC4E5C": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "GroupDescription": "Automatically created Security Group for ELB TestStackApiLBF4CC58DF", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 8080", "FromPort": 8080, "IpProtocol": "tcp", "ToPort": 8080, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiLBSecurityGrouptoTestStackApiServiceSecurityGroup56AF4AC580804BAC35E7": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ApiLBTestListener069F7CE5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiGreenTargetGroup8D009A5A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 8080, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiResponseTimeAlarm1A1F05BF": { "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "LoadBalancer", "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "LoadBalancerFullName", ], }, }, ], "EvaluationPeriods": 2, "ExtendedStatistic": "p95", "MetricName": "TargetResponseTime", "Namespace": "AWS/ApplicationELB", "Period": 60, "Threshold": 3, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiServiceD5B4A50A": { "DependsOn": [ "ApiLBPublicListenerECSGroup45FF926A", "ApiLBPublicListener5142AAA5", "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRoleDefaultPolicyE6FD21EF", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE_SPOT", "Weight": 1, }, ], "Cluster": { "Ref": "ClusterEB0386A7", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DeploymentController": { "Type": "CODE_DEPLOY", }, "DesiredCount": 3, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "api", "ContainerPort": 8080, "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, }, "TaskDefinition": "teststack", }, "Type": "AWS::ECS::Service", }, "ApiServiceSecurityGroupB2E30D06": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRoleDefaultPolicyE6FD21EF", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "GroupDescription": "TestStack/Api/Service/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRoleDefaultPolicyE6FD21EF", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "Description": "Load balancer to target", "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ApiTaskDefCB0575BA": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "SPRING_DATASOURCE_URL", "Value": { "Fn::Join": [ "", [ "jdbc:mysql://", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Address", ], }, ":", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "/fruits", ], ], }, }, { "Name": "APPCONFIG_AGENT_APPLICATION", "Value": "food", }, { "Name": "APPCONFIG_AGENT_ENVIRONMENT", "Value": "unit-test", }, { "Name": "APPCONFIG_AGENT_ENABLED", "Value": "true", }, ], "Essential": true, "Image": { "Fn::Sub": "dummy-ecr-image", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "AppLogGroup7D8CD952", }, "awslogs-region": "us-east-1", "awslogs-stream-prefix": "service", }, }, "Name": "api", "PortMappings": [ { "ContainerPort": 8080, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "SPRING_DATASOURCE_USERNAME", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":username::", ], ], }, }, { "Name": "SPRING_DATASOURCE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":password::", ], ], }, }, ], }, { "Environment": [ { "Name": "SERVICE_REGION", "Value": "us-east-1", }, { "Name": "ROLE_ARN", "Value": "dummy-role-arn", }, { "Name": "ROLE_SESSION_NAME", "Value": "teststack", }, { "Name": "LOG_LEVEL", "Value": "info", }, ], "Essential": false, "Image": "public.ecr.aws/aws-appconfig/aws-appconfig-agent:2.x", "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "AppLogGroup7D8CD952", }, "awslogs-region": "us-east-1", "awslogs-stream-prefix": "service", }, }, "Name": "appconfig-agent", "PortMappings": [ { "ContainerPort": 2772, "Protocol": "tcp", }, ], }, ], "Cpu": "512", "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiTaskDefExecutionRole5CBCA7DA", "Arn", ], }, "Family": "teststack", "Memory": "1024", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "ApiTaskDefTaskRole69DE15BC", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "ApiTaskDefExecutionRole5CBCA7DA": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:us-east-1:dummy:repository/cdk-hnb659fds-container-assets-dummy-us-east-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "AppLogGroup7D8CD952", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "AuroraSecret41E6E877", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "Roles": [ { "Ref": "ApiTaskDefExecutionRole5CBCA7DA", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiTaskDefTaskRole69DE15BC": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiTaskDefTaskRoleDefaultPolicyE6FD21EF": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": "dummy-role-arn", }, ], "Version": "2012-10-17", }, "PolicyName": "ApiTaskDefTaskRoleDefaultPolicyE6FD21EF", "Roles": [ { "Ref": "ApiTaskDefTaskRole69DE15BC", }, ], }, "Type": "AWS::IAM::Policy", }, "AppLogGroup7D8CD952": { "DeletionPolicy": "Delete", "Properties": { "LogGroupName": "/aws/ecs/service/teststack", "RetentionInDays": 7, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Delete", }, "AuroraCluster23D869C0": { "DeletionPolicy": "Snapshot", "Properties": { "CopyTagsToSnapshot": true, "DBClusterIdentifier": "teststack", "DBClusterParameterGroupName": "default.aurora-mysql5.7", "DBSubnetGroupName": { "Ref": "AuroraClusterSubnetsF3E9E6AD", }, "DatabaseName": "fruits", "DeletionProtection": false, "Engine": "aurora-mysql", "EngineMode": "serverless", "MasterUserPassword": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:password::}}", ], ], }, "MasterUsername": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:username::}}", ], ], }, "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Snapshot", }, "AuroraClusterSecurityGroupD85BF9CB": { "Properties": { "GroupDescription": "RDS security group", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "AuroraClusterSecurityGroupfromTestStackApiServiceSecurityGroup56AF4AC5IndirectPort7B73ECC0": { "Properties": { "Description": "from TestStackApiServiceSecurityGroup56AF4AC5:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "AuroraClusterSubnetsF3E9E6AD": { "Properties": { "DBSubnetGroupDescription": "Subnets for AuroraCluster database", "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", }, "AuroraSecret41E6E877": { "DeletionPolicy": "Delete", "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"fruitapi"}", }, "Name": "teststack-DB", }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "AuroraSecretAttachment65089D67": { "Properties": { "SecretId": { "Ref": "AuroraSecret41E6E877", }, "TargetId": { "Ref": "AuroraCluster23D869C0", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "ClusterEB0386A7": { "Properties": { "ClusterName": "teststack", "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.0.0.0/16", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcFlowLogF72230C7": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "VpcFlowLogLogGroupBB186289", }, "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcFlowLogIAMRoleB4DCB624": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "VpcFlowLogIAMRoleDefaultPolicy7533133B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogLogGroupBB186289", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy7533133B", "Roles": [ { "Ref": "VpcFlowLogIAMRoleB4DCB624", }, ], }, "Type": "AWS::IAM::Policy", }, "VpcFlowLogLogGroupBB186289": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 731, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcPrivateSubnet1DefaultRouteBE02A9ED": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet1NATGateway4D7517AA", }, "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, "SubnetId": { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet1RouteTableB2C5B500": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet1Subnet536B997A": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.96.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet2DefaultRoute060D2087": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet2NATGateway9182C01D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet2RouteTableA678073B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, "SubnetId": { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet2Subnet3788AAA1": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.128.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet3DefaultRoute94B74F0D": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet3NATGateway7640CD1D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet3RouteTableAssociation16BDDC43": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, "SubnetId": { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet3RouteTableD98824C7": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet3SubnetF258B56E": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.160.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1EIPD7E02669": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet1NATGateway4D7517AA": { "DependsOn": [ "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet1EIPD7E02669", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.0.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2EIP3C605A87": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet2NATGateway9182C01D": { "DependsOn": [ "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet2EIP3C605A87", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.32.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet3DefaultRoute4697774F": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet3EIP3A666A23": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet3NATGateway7640CD1D": { "DependsOn": [ "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet3EIP3A666A23", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet3RouteTable93458DBB": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet3RouteTableAssociation1F1EDF02": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet3SubnetBE12F0B6": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.64.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `; exports[`Deployment without AppConfig Snapshot 1`] = ` { "Outputs": { "ApiLoadBalancerDNSB0038DD0": { "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, }, "ApiServiceURL135D4FCA": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, "endpointUrl": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "ApiAccessLogBucket47540DA5": { "DeletionPolicy": "Retain", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiAccessLogBucketPolicy66E268A7": { "Properties": { "Bucket": { "Ref": "ApiAccessLogBucket47540DA5", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:PutObject", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::127311923021:root", ], ], }, }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:GetBucketAcl", "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiApplication4BE77DB2": { "Properties": { "ComputePlatform": "ECS", }, "Type": "AWS::CodeDeploy::Application", }, "ApiCanary29FBF4E7": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ArtifactS3Location": { "Fn::Join": [ "", [ "s3://", { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, ], ], }, "Code": { "Handler": "index.handler", "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiCanaryServiceRoleB7DBB121", "Arn", ], }, "Name": "teststackapicanbbc781", "RunConfig": { "EnvironmentVariables": { "baseUrl": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, "testSteps": "[{"name":"getAll","path":"/api/fruits","jmesPath":"length(@)","expectedValue":5}]", "threadCount": "20", }, }, "RuntimeVersion": "syn-nodejs-puppeteer-4.0", "Schedule": { "DurationInSeconds": "0", "Expression": "rate(5 minutes)", }, "StartCanaryAfterCreation": true, }, "Type": "AWS::Synthetics::Canary", }, "ApiCanaryArtifactsBucket7ED0CDF4": { "DeletionPolicy": "Retain", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiCanaryArtifactsBucketPolicyBC6DB214": { "Properties": { "Bucket": { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiCanaryDurationAlarm5501D0DD": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "Duration", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 5000, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiCanaryServiceRoleB7DBB121": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": "s3:ListAllMyBuckets", "Effect": "Allow", "Resource": "*", }, { "Action": "s3:GetBucketLocation", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, }, { "Action": "s3:PutObject", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, }, { "Action": "cloudwatch:PutMetricData", "Condition": { "StringEquals": { "cloudwatch:namespace": "CloudWatchSynthetics", }, }, "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:us-east-1:dummy:log-group:/aws/lambda/cwsyn-*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "canaryPolicy", }, ], }, "Type": "AWS::IAM::Role", }, "ApiCanarySuccessAlarm85CC115D": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "LessThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "SuccessPercent", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 100, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiDeploymentGroupC5BA42E8": { "Properties": { "AlarmConfiguration": { "Alarms": [ { "Name": { "Ref": "ApiHealthAlarm37D68E10", }, }, ], "Enabled": true, }, "ApplicationName": { "Ref": "ApiApplication4BE77DB2", }, "AutoRollbackConfiguration": { "Enabled": true, "Events": [ "DEPLOYMENT_FAILURE", "DEPLOYMENT_STOP_ON_REQUEST", "DEPLOYMENT_STOP_ON_ALARM", ], }, "BlueGreenDeploymentConfiguration": { "DeploymentReadyOption": { "ActionOnTimeout": "CONTINUE_DEPLOYMENT", "WaitTimeInMinutes": 0, }, "TerminateBlueInstancesOnDeploymentSuccess": { "Action": "TERMINATE", "TerminationWaitTimeInMinutes": 5, }, }, "DeploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "DeploymentStyle": { "DeploymentOption": "WITH_TRAFFIC_CONTROL", "DeploymentType": "BLUE_GREEN", }, "ECSServices": [ { "ClusterName": { "Ref": "ClusterEB0386A7", }, "ServiceName": { "Fn::GetAtt": [ "ApiServiceD5B4A50A", "Name", ], }, }, ], "LoadBalancerInfo": { "TargetGroupPairInfoList": [ { "ProdTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBPublicListener5142AAA5", }, ], }, "TargetGroups": [ { "Name": { "Fn::GetAtt": [ "ApiLBPublicListenerECSGroup45FF926A", "TargetGroupName", ], }, }, { "Name": { "Fn::GetAtt": [ "ApiGreenTargetGroup8D009A5A", "TargetGroupName", ], }, }, ], "TestTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBTestListener069F7CE5", }, ], }, }, ], }, "ServiceRoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupServiceRoleDDCCDD8C", "Arn", ], }, }, "Type": "AWS::CodeDeploy::DeploymentGroup", }, "ApiDeploymentGroupDeployment4FBC33C6": { "DeletionPolicy": "Delete", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36", "Arn", ], }, "applicationName": { "Ref": "ApiApplication4BE77DB2", }, "deploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "deploymentGroupName": { "Ref": "ApiDeploymentGroupC5BA42E8", }, "revisionAppSpecContent": { "Fn::Join": [ "", [ "{"version":"0.0","Resources":[{"TargetService":{"Type":"AWS::ECS::Service","Properties":{"TaskDefinition":"", { "Ref": "ApiTaskDefCB0575BA", }, "","LoadBalancerInfo":{"ContainerName":"api","ContainerPort":8080}}}}]}", ], ], }, }, "Type": "Custom::EcsDeployment", "UpdateReplacePolicy": "Delete", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/is-complete.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codedeploy:GetDeployment", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/on-event.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codedeploy:GetApplicationRevision", "codedeploy:RegisterApplicationRevision", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:application:", { "Ref": "ApiApplication4BE77DB2", }, ], ], }, }, { "Action": [ "codedeploy:CreateDeployment", "codedeploy:StopDeployment", "codedeploy:GetDeployment", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, { "Action": "codedeploy:GetDeploymentConfig", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentconfig:CodeDeployDefault.ECSAllAtOnce", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - isComplete (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.isComplete", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onEvent (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, "WAITER_STATE_MACHINE_ARN": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "states:StartExecution", "Effect": "Allow", "Resource": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onTimeout (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.onTimeout", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", ], "Properties": { "DefinitionString": { "Fn::Join": [ "", [ "{"StartAt":"framework-isComplete-task","States":{"framework-isComplete-task":{"End":true,"Retry":[{"ErrorEquals":["States.ALL"],"IntervalSeconds":15,"MaxAttempts":240,"BackoffRate":1}],"Catch":[{"ErrorEquals":["States.ALL"],"Next":"framework-onTimeout-task"}],"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ""},"framework-onTimeout-task":{"End":true,"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ""}}}", ], ], }, "RoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", "Arn", ], }, }, "Type": "AWS::StepFunctions::StateMachine", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "states.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupServiceRoleDDCCDD8C": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codedeploy.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/AWSCodeDeployRoleForECS", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiGreenTargetGroup8D009A5A": { "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 8080, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiHealthAlarm37D68E10": { "Properties": { "AlarmName": "TestStackApiHealthAlarm8EE930EC", "AlarmRule": { "Fn::Join": [ "", [ "(ALARM("", { "Fn::GetAtt": [ "ApiResponseTimeAlarm1A1F05BF", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanarySuccessAlarm85CC115D", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanaryDurationAlarm5501D0DD", "Arn", ], }, ""))", ], ], }, }, "Type": "AWS::CloudWatch::CompositeAlarm", }, "ApiLB8D4BD609": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "access_logs.s3.enabled", "Value": "true", }, { "Key": "access_logs.s3.bucket", "Value": { "Ref": "ApiAccessLogBucket47540DA5", }, }, { "Key": "access_logs.s3.prefix", "Value": "", }, ], "Scheme": "internet-facing", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "ApiLBPublicListener5142AAA5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiLBPublicListenerECSGroup45FF926A": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "stickiness.enabled", "Value": "false", }, { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiLBSecurityGroup70AC4E5C": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "GroupDescription": "Automatically created Security Group for ELB TestStackApiLBF4CC58DF", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 8080", "FromPort": 8080, "IpProtocol": "tcp", "ToPort": 8080, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiLBSecurityGrouptoTestStackApiServiceSecurityGroup56AF4AC580804BAC35E7": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ApiLBTestListener069F7CE5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiGreenTargetGroup8D009A5A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 8080, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiResponseTimeAlarm1A1F05BF": { "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "LoadBalancer", "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "LoadBalancerFullName", ], }, }, ], "EvaluationPeriods": 2, "ExtendedStatistic": "p95", "MetricName": "TargetResponseTime", "Namespace": "AWS/ApplicationELB", "Period": 60, "Threshold": 3, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiServiceD5B4A50A": { "DependsOn": [ "ApiLBPublicListenerECSGroup45FF926A", "ApiLBPublicListener5142AAA5", "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE_SPOT", "Weight": 1, }, ], "Cluster": { "Ref": "ClusterEB0386A7", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DeploymentController": { "Type": "CODE_DEPLOY", }, "DesiredCount": 3, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "api", "ContainerPort": 8080, "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, }, "TaskDefinition": "teststack", }, "Type": "AWS::ECS::Service", }, "ApiServiceSecurityGroupB2E30D06": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "GroupDescription": "TestStack/Api/Service/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "Description": "Load balancer to target", "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ApiTaskDefCB0575BA": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "SPRING_DATASOURCE_URL", "Value": { "Fn::Join": [ "", [ "jdbc:mysql://", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Address", ], }, ":", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "/fruits", ], ], }, }, { "Name": "APPCONFIG_AGENT_APPLICATION", }, { "Name": "APPCONFIG_AGENT_ENVIRONMENT", "Value": "unit-test", }, { "Name": "APPCONFIG_AGENT_ENABLED", "Value": "false", }, ], "Essential": true, "Image": { "Fn::Sub": "dummy-ecr-image", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "AppLogGroup7D8CD952", }, "awslogs-region": "us-east-1", "awslogs-stream-prefix": "service", }, }, "Name": "api", "PortMappings": [ { "ContainerPort": 8080, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "SPRING_DATASOURCE_USERNAME", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":username::", ], ], }, }, { "Name": "SPRING_DATASOURCE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":password::", ], ], }, }, ], }, ], "Cpu": "512", "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiTaskDefExecutionRole5CBCA7DA", "Arn", ], }, "Family": "teststack", "Memory": "1024", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "ApiTaskDefTaskRole69DE15BC", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "ApiTaskDefExecutionRole5CBCA7DA": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:us-east-1:dummy:repository/cdk-hnb659fds-container-assets-dummy-us-east-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "AppLogGroup7D8CD952", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "AuroraSecret41E6E877", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "Roles": [ { "Ref": "ApiTaskDefExecutionRole5CBCA7DA", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiTaskDefTaskRole69DE15BC": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "AppLogGroup7D8CD952": { "DeletionPolicy": "Delete", "Properties": { "LogGroupName": "/aws/ecs/service/teststack", "RetentionInDays": 7, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Delete", }, "AuroraCluster23D869C0": { "DeletionPolicy": "Snapshot", "Properties": { "CopyTagsToSnapshot": true, "DBClusterIdentifier": "teststack", "DBClusterParameterGroupName": "default.aurora-mysql5.7", "DBSubnetGroupName": { "Ref": "AuroraClusterSubnetsF3E9E6AD", }, "DatabaseName": "fruits", "DeletionProtection": false, "Engine": "aurora-mysql", "EngineMode": "serverless", "MasterUserPassword": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:password::}}", ], ], }, "MasterUsername": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:username::}}", ], ], }, "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Snapshot", }, "AuroraClusterSecurityGroupD85BF9CB": { "Properties": { "GroupDescription": "RDS security group", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "AuroraClusterSecurityGroupfromTestStackApiServiceSecurityGroup56AF4AC5IndirectPort7B73ECC0": { "Properties": { "Description": "from TestStackApiServiceSecurityGroup56AF4AC5:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "AuroraClusterSubnetsF3E9E6AD": { "Properties": { "DBSubnetGroupDescription": "Subnets for AuroraCluster database", "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", }, "AuroraSecret41E6E877": { "DeletionPolicy": "Delete", "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"fruitapi"}", }, "Name": "teststack-DB", }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "AuroraSecretAttachment65089D67": { "Properties": { "SecretId": { "Ref": "AuroraSecret41E6E877", }, "TargetId": { "Ref": "AuroraCluster23D869C0", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "ClusterEB0386A7": { "Properties": { "ClusterName": "teststack", "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.0.0.0/16", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcFlowLogF72230C7": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "VpcFlowLogLogGroupBB186289", }, "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcFlowLogIAMRoleB4DCB624": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "VpcFlowLogIAMRoleDefaultPolicy7533133B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogLogGroupBB186289", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy7533133B", "Roles": [ { "Ref": "VpcFlowLogIAMRoleB4DCB624", }, ], }, "Type": "AWS::IAM::Policy", }, "VpcFlowLogLogGroupBB186289": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 731, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcPrivateSubnet1DefaultRouteBE02A9ED": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet1NATGateway4D7517AA", }, "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, "SubnetId": { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet1RouteTableB2C5B500": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet1Subnet536B997A": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.96.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet2DefaultRoute060D2087": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet2NATGateway9182C01D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet2RouteTableA678073B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, "SubnetId": { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet2Subnet3788AAA1": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.128.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet3DefaultRoute94B74F0D": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet3NATGateway7640CD1D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet3RouteTableAssociation16BDDC43": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, "SubnetId": { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet3RouteTableD98824C7": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet3SubnetF258B56E": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.160.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1EIPD7E02669": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet1NATGateway4D7517AA": { "DependsOn": [ "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet1EIPD7E02669", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.0.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2EIP3C605A87": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet2NATGateway9182C01D": { "DependsOn": [ "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet2EIP3C605A87", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.32.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet3DefaultRoute4697774F": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet3EIP3A666A23": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet3NATGateway7640CD1D": { "DependsOn": [ "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet3EIP3A666A23", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet3RouteTable93458DBB": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet3RouteTableAssociation1F1EDF02": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet3SubnetBE12F0B6": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.64.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `; exports[`cdk-nag Snapshot 1`] = ` { "Outputs": { "ApiLoadBalancerDNSB0038DD0": { "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, }, "ApiServiceURL135D4FCA": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, "endpointUrl": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "ApiAccessLogBucket47540DA5": { "DeletionPolicy": "Retain", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-S1", "reason": "Dont need access logs for access log bucket", }, { "applies_to": [ "Resource::*", ], "id": "AwsSolutions-IAM5", "reason": "Allow resource:*", }, ], }, }, "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiAccessLogBucketPolicy66E268A7": { "Properties": { "Bucket": { "Ref": "ApiAccessLogBucket47540DA5", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:PutObject", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::127311923021:root", ], ], }, }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, "/AWSLogs/dummy/*", ], ], }, }, { "Action": "s3:GetBucketAcl", "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::GetAtt": [ "ApiAccessLogBucket47540DA5", "Arn", ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiApplication4BE77DB2": { "Properties": { "ComputePlatform": "ECS", }, "Type": "AWS::CodeDeploy::Application", }, "ApiCanary29FBF4E7": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ArtifactS3Location": { "Fn::Join": [ "", [ "s3://", { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, ], ], }, "Code": { "Handler": "index.handler", "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiCanaryServiceRoleB7DBB121", "Arn", ], }, "Name": "teststackapicanbbc781", "RunConfig": { "EnvironmentVariables": { "baseUrl": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "ApiLB8D4BD609", "DNSName", ], }, ], ], }, "testSteps": "[{"name":"getAll","path":"/api/fruits","jmesPath":"length(@)","expectedValue":5}]", "threadCount": "20", }, }, "RuntimeVersion": "syn-nodejs-puppeteer-4.0", "Schedule": { "DurationInSeconds": "0", "Expression": "rate(5 minutes)", }, "StartCanaryAfterCreation": true, }, "Type": "AWS::Synthetics::Canary", }, "ApiCanaryArtifactsBucket7ED0CDF4": { "DeletionPolicy": "Retain", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-S1", "reason": "Dont need access logs for canary bucket", }, ], }, }, "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ApiCanaryArtifactsBucketPolicyBC6DB214": { "Properties": { "Bucket": { "Ref": "ApiCanaryArtifactsBucket7ED0CDF4", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ApiCanaryDurationAlarm5501D0DD": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "Duration", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 5000, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiCanaryServiceRoleB7DBB121": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Allow resource:*", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": "s3:ListAllMyBuckets", "Effect": "Allow", "Resource": "*", }, { "Action": "s3:GetBucketLocation", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, }, { "Action": "s3:PutObject", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiCanaryArtifactsBucket7ED0CDF4", "Arn", ], }, "/*", ], ], }, }, { "Action": "cloudwatch:PutMetricData", "Condition": { "StringEquals": { "cloudwatch:namespace": "CloudWatchSynthetics", }, }, "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:us-east-1:dummy:log-group:/aws/lambda/cwsyn-*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "canaryPolicy", }, ], }, "Type": "AWS::IAM::Role", }, "ApiCanarySuccessAlarm85CC115D": { "DependsOn": [ "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F", "ApiServiceSecurityGroupB2E30D06", "ApiServiceD5B4A50A", ], "Properties": { "ComparisonOperator": "LessThanThreshold", "Dimensions": [ { "Name": "CanaryName", "Value": { "Ref": "ApiCanary29FBF4E7", }, }, ], "EvaluationPeriods": 2, "MetricName": "SuccessPercent", "Namespace": "CloudWatchSynthetics", "Period": 300, "Statistic": "Average", "Threshold": 100, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiDeploymentGroupC5BA42E8": { "Properties": { "AlarmConfiguration": { "Alarms": [ { "Name": { "Ref": "ApiHealthAlarm37D68E10", }, }, ], "Enabled": true, }, "ApplicationName": { "Ref": "ApiApplication4BE77DB2", }, "AutoRollbackConfiguration": { "Enabled": true, "Events": [ "DEPLOYMENT_FAILURE", "DEPLOYMENT_STOP_ON_REQUEST", "DEPLOYMENT_STOP_ON_ALARM", ], }, "BlueGreenDeploymentConfiguration": { "DeploymentReadyOption": { "ActionOnTimeout": "CONTINUE_DEPLOYMENT", "WaitTimeInMinutes": 0, }, "TerminateBlueInstancesOnDeploymentSuccess": { "Action": "TERMINATE", "TerminationWaitTimeInMinutes": 5, }, }, "DeploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "DeploymentStyle": { "DeploymentOption": "WITH_TRAFFIC_CONTROL", "DeploymentType": "BLUE_GREEN", }, "ECSServices": [ { "ClusterName": { "Ref": "ClusterEB0386A7", }, "ServiceName": { "Fn::GetAtt": [ "ApiServiceD5B4A50A", "Name", ], }, }, ], "LoadBalancerInfo": { "TargetGroupPairInfoList": [ { "ProdTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBPublicListener5142AAA5", }, ], }, "TargetGroups": [ { "Name": { "Fn::GetAtt": [ "ApiLBPublicListenerECSGroup45FF926A", "TargetGroupName", ], }, }, { "Name": { "Fn::GetAtt": [ "ApiGreenTargetGroup8D009A5A", "TargetGroupName", ], }, }, ], "TestTrafficRoute": { "ListenerArns": [ { "Ref": "ApiLBTestListener069F7CE5", }, ], }, }, ], }, "ServiceRoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupServiceRoleDDCCDD8C", "Arn", ], }, }, "Type": "AWS::CodeDeploy::DeploymentGroup", }, "ApiDeploymentGroupDeployment4FBC33C6": { "DeletionPolicy": "Delete", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "ServiceToken": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36", "Arn", ], }, "applicationName": { "Ref": "ApiApplication4BE77DB2", }, "deploymentConfigName": "CodeDeployDefault.ECSAllAtOnce", "deploymentGroupName": { "Ref": "ApiDeploymentGroupC5BA42E8", }, "revisionAppSpecContent": { "Fn::Join": [ "", [ "{"version":"0.0","Resources":[{"TargetService":{"Type":"AWS::ECS::Service","Properties":{"TaskDefinition":"", { "Ref": "ApiTaskDefCB0575BA", }, "","LoadBalancerInfo":{"ContainerName":"api","ContainerPort":8080}}}}]}", ], ], }, }, "Type": "Custom::EcsDeployment", "UpdateReplacePolicy": "Delete", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/is-complete.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codedeploy:GetDeployment", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleDefaultPolicy0BB11557", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambdaServiceRoleEF6A15A8": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "src/ecs-deployment-provider/on-event.lambda.ts", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", "Arn", ], }, "Runtime": "nodejs18.x", "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codedeploy:GetApplicationRevision", "codedeploy:RegisterApplicationRevision", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:application:", { "Ref": "ApiApplication4BE77DB2", }, ], ], }, }, { "Action": [ "codedeploy:CreateDeployment", "codedeploy:StopDeployment", "codedeploy:GetDeployment", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentgroup:", { "Ref": "ApiApplication4BE77DB2", }, "/", { "Ref": "ApiDeploymentGroupC5BA42E8", }, ], ], }, }, { "Action": "codedeploy:GetDeploymentConfig", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codedeploy:us-east-1:dummy:deploymentconfig:CodeDeployDefault.ECSAllAtOnce", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRoleDefaultPolicyF5B67E1D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambdaServiceRole79C18604", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - isComplete (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.isComplete", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleDefaultPolicyB4B5D79A", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteServiceRoleECCD985E": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEvent0B331B36": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onEvent (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, "WAITER_STATE_MACHINE_ARN": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "states:StartExecution", "Effect": "Allow", "Resource": { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRoleDefaultPolicy78A47FBA", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonEventServiceRole3E41B788", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-dummy-us-east-1", "S3Key": "code.zip", }, "Description": "AWS CDK resource provider framework - onTimeout (TestStack/Api/DeploymentGroup/Deployment/DeploymentProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, }, }, "Handler": "framework.onTimeout", "Role": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderOnEventLambda5A2C1C2E", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderIsCompleteLambda7EC5A4CF", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleDefaultPolicyE805E916", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutServiceRoleAAD24E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineF4C744F3": { "DependsOn": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "DefinitionString": { "Fn::Join": [ "", [ "{"StartAt":"framework-isComplete-task","States":{"framework-isComplete-task":{"End":true,"Retry":[{"ErrorEquals":["States.ALL"],"IntervalSeconds":15,"MaxAttempts":240,"BackoffRate":1}],"Catch":[{"ErrorEquals":["States.ALL"],"Next":"framework-onTimeout-task"}],"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ""},"framework-onTimeout-task":{"End":true,"Type":"Task","Resource":"", { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ""}}}", ], ], }, "RoleArn": { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", "Arn", ], }, }, "Type": "AWS::StepFunctions::StateMachine", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkisCompleteE40E40A9", "Arn", ], }, ":*", ], ], }, ], }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ApiDeploymentGroupDeploymentDeploymentProviderframeworkonTimeoutAA8B0A7D", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleDefaultPolicy0018A70D", "Roles": [ { "Ref": "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiDeploymentGroupDeploymentDeploymentProviderwaiterstatemachineRoleF348B4FE": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Unrelated to construct under test", }, { "id": "AwsSolutions-L1", "reason": "Unrelated to construct under test", }, { "applies_to": [ "Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSLambdaBasicExecutionRole policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "states.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiDeploymentGroupServiceRoleDDCCDD8C": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Policy::arn::iam::aws:policy/AWSCodeDeployRoleForECS", ], "id": "AwsSolutions-IAM4", "reason": "Allow AWSCodeDeployRoleForECS policy", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codedeploy.us-east-1.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/AWSCodeDeployRoleForECS", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ApiGreenTargetGroup8D009A5A": { "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 8080, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiHealthAlarm37D68E10": { "Properties": { "AlarmName": "TestStackApiHealthAlarm8EE930EC", "AlarmRule": { "Fn::Join": [ "", [ "(ALARM("", { "Fn::GetAtt": [ "ApiResponseTimeAlarm1A1F05BF", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanarySuccessAlarm85CC115D", "Arn", ], }, "") OR ALARM("", { "Fn::GetAtt": [ "ApiCanaryDurationAlarm5501D0DD", "Arn", ], }, ""))", ], ], }, }, "Type": "AWS::CloudWatch::CompositeAlarm", }, "ApiLB8D4BD609": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "access_logs.s3.enabled", "Value": "true", }, { "Key": "access_logs.s3.bucket", "Value": { "Ref": "ApiAccessLogBucket47540DA5", }, }, { "Key": "access_logs.s3.prefix", "Value": "", }, ], "Scheme": "internet-facing", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "ApiLBPublicListener5142AAA5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiLBPublicListenerECSGroup45FF926A": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", "ApiGreenTargetGroup8D009A5A", ], "Properties": { "HealthCheckIntervalSeconds": 60, "HealthCheckPath": "/actuator/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "stickiness.enabled", "Value": "false", }, { "Key": "deregistration_delay.timeout_seconds", "Value": "5", }, ], "TargetType": "ip", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ApiLBSecurityGroup70AC4E5C": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-EC23", "reason": "Allow public inbound access on ELB", }, ], }, }, "Properties": { "GroupDescription": "Automatically created Security Group for ELB TestStackApiLBF4CC58DF", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 8080", "FromPort": 8080, "IpProtocol": "tcp", "ToPort": 8080, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiLBSecurityGrouptoTestStackApiServiceSecurityGroup56AF4AC580804BAC35E7": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ApiLBTestListener069F7CE5": { "DependsOn": [ "ApiAccessLogBucketPolicy66E268A7", "ApiAccessLogBucket47540DA5", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ApiGreenTargetGroup8D009A5A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ApiLB8D4BD609", }, "Port": 8080, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ApiResponseTimeAlarm1A1F05BF": { "Properties": { "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "LoadBalancer", "Value": { "Fn::GetAtt": [ "ApiLB8D4BD609", "LoadBalancerFullName", ], }, }, ], "EvaluationPeriods": 2, "ExtendedStatistic": "p95", "MetricName": "TargetResponseTime", "Namespace": "AWS/ApplicationELB", "Period": 60, "Threshold": 3, }, "Type": "AWS::CloudWatch::Alarm", }, "ApiServiceD5B4A50A": { "DependsOn": [ "ApiLBPublicListenerECSGroup45FF926A", "ApiLBPublicListener5142AAA5", "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE_SPOT", "Weight": 1, }, ], "Cluster": { "Ref": "ClusterEB0386A7", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DeploymentController": { "Type": "CODE_DEPLOY", }, "DesiredCount": 3, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "api", "ContainerPort": 8080, "TargetGroupArn": { "Ref": "ApiLBPublicListenerECSGroup45FF926A", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, }, "TaskDefinition": "teststack", }, "Type": "AWS::ECS::Service", }, "ApiServiceSecurityGroupB2E30D06": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "GroupDescription": "TestStack/Api/Service/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ApiServiceSecurityGroupfromTestStackApiLBSecurityGroup0540FC958080EEE77C0F": { "DependsOn": [ "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "ApiTaskDefExecutionRole5CBCA7DA", "ApiTaskDefCB0575BA", "ApiTaskDefTaskRole69DE15BC", ], "Properties": { "Description": "Load balancer to target", "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiLBSecurityGroup70AC4E5C", "GroupId", ], }, "ToPort": 8080, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ApiTaskDefCB0575BA": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-ECS2", "reason": "Allow environment variables for configuration of values that are not confidential", }, ], }, }, "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "SPRING_DATASOURCE_URL", "Value": { "Fn::Join": [ "", [ "jdbc:mysql://", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Address", ], }, ":", { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "/fruits", ], ], }, }, { "Name": "APPCONFIG_AGENT_APPLICATION", "Value": "food", }, { "Name": "APPCONFIG_AGENT_ENVIRONMENT", "Value": "unit-test", }, { "Name": "APPCONFIG_AGENT_ENABLED", "Value": "false", }, ], "Essential": true, "Image": { "Fn::Sub": "dummy-ecr-image", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "AppLogGroup7D8CD952", }, "awslogs-region": "us-east-1", "awslogs-stream-prefix": "service", }, }, "Name": "api", "PortMappings": [ { "ContainerPort": 8080, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "SPRING_DATASOURCE_USERNAME", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":username::", ], ], }, }, { "Name": "SPRING_DATASOURCE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "AuroraSecret41E6E877", }, ":password::", ], ], }, }, ], }, ], "Cpu": "512", "ExecutionRoleArn": { "Fn::GetAtt": [ "ApiTaskDefExecutionRole5CBCA7DA", "Arn", ], }, "Family": "teststack", "Memory": "1024", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "ApiTaskDefTaskRole69DE15BC", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "ApiTaskDefExecutionRole5CBCA7DA": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ "Resource::*", ], "id": "AwsSolutions-IAM5", "reason": "Allow ecr:GetAuthorizationToken", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:us-east-1:dummy:repository/cdk-hnb659fds-container-assets-dummy-us-east-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "AppLogGroup7D8CD952", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "AuroraSecret41E6E877", }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApiTaskDefExecutionRoleDefaultPolicyE5F94BFA", "Roles": [ { "Ref": "ApiTaskDefExecutionRole5CBCA7DA", }, ], }, "Type": "AWS::IAM::Policy", }, "ApiTaskDefTaskRole69DE15BC": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "AppLogGroup7D8CD952": { "DeletionPolicy": "Delete", "Properties": { "LogGroupName": "/aws/ecs/service/teststack", "RetentionInDays": 7, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Delete", }, "AuroraCluster23D869C0": { "DeletionPolicy": "Snapshot", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-RDS6", "reason": "IAM authentication not supported on Serverless v1", }, { "id": "AwsSolutions-RDS10", "reason": "Disable delete protection to simplify cleanup of Reference Implementation", }, { "id": "AwsSolutions-RDS11", "reason": "Custom port not supported on Serverless v1", }, { "id": "AwsSolutions-RDS14", "reason": "Backtrack not supported on Serverless v1", }, { "id": "AwsSolutions-RDS16", "reason": "CloudWatch Log Export not supported on Serverless v1", }, ], }, }, "Properties": { "CopyTagsToSnapshot": true, "DBClusterIdentifier": "teststack", "DBClusterParameterGroupName": "default.aurora-mysql5.7", "DBSubnetGroupName": { "Ref": "AuroraClusterSubnetsF3E9E6AD", }, "DatabaseName": "fruits", "DeletionProtection": false, "Engine": "aurora-mysql", "EngineMode": "serverless", "MasterUserPassword": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:password::}}", ], ], }, "MasterUsername": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "AuroraSecret41E6E877", }, ":SecretString:username::}}", ], ], }, "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Snapshot", }, "AuroraClusterSecurityGroupD85BF9CB": { "Properties": { "GroupDescription": "RDS security group", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "AuroraClusterSecurityGroupfromTestStackApiServiceSecurityGroup56AF4AC5IndirectPort7B73ECC0": { "Properties": { "Description": "from TestStackApiServiceSecurityGroup56AF4AC5:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "AuroraClusterSecurityGroupD85BF9CB", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ApiServiceSecurityGroupB2E30D06", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "AuroraCluster23D869C0", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "AuroraClusterSubnetsF3E9E6AD": { "Properties": { "DBSubnetGroupDescription": "Subnets for AuroraCluster database", "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", }, "AuroraSecret41E6E877": { "DeletionPolicy": "Delete", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-SMG4", "reason": "Dont require secret rotation", }, ], }, }, "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"fruitapi"}", }, "Name": "teststack-DB", }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "AuroraSecretAttachment65089D67": { "Properties": { "SecretId": { "Ref": "AuroraSecret41E6E877", }, "TargetId": { "Ref": "AuroraCluster23D869C0", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "ClusterEB0386A7": { "Properties": { "ClusterName": "teststack", "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.0.0.0/16", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcFlowLogF72230C7": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "VpcFlowLogLogGroupBB186289", }, "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcFlowLogIAMRoleB4DCB624": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "VpcFlowLogIAMRoleDefaultPolicy7533133B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogLogGroupBB186289", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcFlowLogIAMRoleB4DCB624", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "VpcFlowLogIAMRoleDefaultPolicy7533133B", "Roles": [ { "Ref": "VpcFlowLogIAMRoleB4DCB624", }, ], }, "Type": "AWS::IAM::Policy", }, "VpcFlowLogLogGroupBB186289": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 731, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcPrivateSubnet1DefaultRouteBE02A9ED": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet1NATGateway4D7517AA", }, "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, "SubnetId": { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet1RouteTableB2C5B500": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet1Subnet536B997A": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.96.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet2DefaultRoute060D2087": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet2NATGateway9182C01D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet2RouteTableA678073B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, "SubnetId": { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet2Subnet3788AAA1": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.128.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet3DefaultRoute94B74F0D": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet3NATGateway7640CD1D", }, "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, }, "Type": "AWS::EC2::Route", }, "VpcPrivateSubnet3RouteTableAssociation16BDDC43": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet3RouteTableD98824C7", }, "SubnetId": { "Ref": "VpcPrivateSubnet3SubnetF258B56E", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet3RouteTableD98824C7": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet3SubnetF258B56E": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.160.0/19", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "TestStack/Vpc/PrivateSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1EIPD7E02669": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet1NATGateway4D7517AA": { "DependsOn": [ "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet1EIPD7E02669", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.0.0.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2EIP3C605A87": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet2NATGateway9182C01D": { "DependsOn": [ "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet2EIP3C605A87", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.0.32.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet3DefaultRoute4697774F": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet3EIP3A666A23": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet3NATGateway7640CD1D": { "DependsOn": [ "VpcPublicSubnet3DefaultRoute4697774F", "VpcPublicSubnet3RouteTableAssociation1F1EDF02", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet3EIP3A666A23", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet3RouteTable93458DBB": { "Properties": { "Tags": [ { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet3RouteTableAssociation1F1EDF02": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet3RouteTable93458DBB", }, "SubnetId": { "Ref": "VpcPublicSubnet3SubnetBE12F0B6", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet3SubnetBE12F0B6": { "Properties": { "AvailabilityZone": "dummy1c", "CidrBlock": "10.0.64.0/19", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "TestStack/Vpc/PublicSubnet3", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;