// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Snapshot 1`] = ` { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-CB4", "reason": "Encryption of Codebuild is not required.", }, ], }, }, "Outputs": { "CodeRepositoryGRCUrl": { "Export": { "Name": "CodeRepositoryGRCUrl", }, "Value": { "Fn::Join": [ "", [ "codecommit::", { "Ref": "AWS::Region", }, "://", { "Fn::GetAtt": [ "CodeRepositoryBA42F94A", "Name", ], }, ], ], }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "ApplicationPipelineCodeBuildActionRole155C9984": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Condition": { "Bool": { "aws:ViaAWSService": "codepipeline.amazonaws.com", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApplicationPipelineCodeBuildActionRoleDefaultPolicyC8190973": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6", "Arn", ], }, }, { "Action": [ "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codebuild:StopBuild", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ApplicationPipelineCodeBuildActionRoleDefaultPolicyC8190973", "Roles": [ { "Ref": "ApplicationPipelineCodeBuildActionRole155C9984", }, ], }, "Type": "AWS::IAM::Policy", }, "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8": { "Properties": { "Artifacts": { "Type": "CODEPIPELINE", }, "Cache": { "Type": "NO_CACHE", }, "Description": "Pipeline step pipeline-test/CodePipeline/UpdatePipeline/SelfMutate", "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER", }, "ServiceRole": { "Fn::GetAtt": [ "ApplicationPipelineUpdatePipelineSelfMutationRole59A20D82", "Arn", ], }, "Source": { "BuildSpec": "{ "version": "0.2", "phases": { "install": { "commands": [ "npm install -g aws-cdk@2" ] }, "build": { "commands": [ "cdk -a . deploy pipeline-test --require-approval=never --verbose" ] } } }", "Type": "CODEPIPELINE", }, }, "Type": "AWS::CodeBuild::Project", }, "ApplicationPipelineUpdatePipelineSelfMutationRole59A20D82": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ApplicationPipelineUpdatePipelineSelfMutationRoleDefaultPolicy88A56583": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ { "regex": "/^Resource::arn::logs:::log-group:/aws/codebuild/:\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to manage logs and streams whose names are dynamically determined.", }, { "applies_to": [ { "regex": "/^Resource::arn::codebuild:::report-group/-\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to create report groups that are dynamically determined.", }, { "applies_to": [ { "regex": "/^Resource::arn:\\*:iam:::role/\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to assume a role from within the current account in order to deploy.", }, { "applies_to": [ { "regex": "/^Resource::/\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to any and all artifacts in the ArtifactsBucket.", }, { "applies_to": [ { "regex": "/^Resource::\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to list all buckets and stacks.", }, { "applies_to": [ { "regex": "/^Action::s3:.*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "Actions contain wildcards which are valid for CodePipeline as all of these operations are required.", }, { "applies_to": [ { "regex": { "Fn::Join": [ "", [ "/^Resource::arn::logs::(|", { "Ref": "AWS::AccountId", }, "):log-group:/aws/codebuild/:\\*$/g", ], ], }, }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to manage logs and streams whose names are dynamically determined.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/codebuild/", { "Ref": "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8", }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/codebuild/", { "Ref": "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8", }, ":*", ], ], }, ], }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codebuild:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":report-group/", { "Ref": "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8", }, "-*", ], ], }, }, { "Action": "sts:AssumeRole", "Condition": { "ForAnyValue:StringEquals": { "iam:ResourceTag/aws-cdk:bootstrap-role": [ "image-publishing", "file-publishing", "deploy", ], }, }, "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:*:iam::", { "Ref": "AWS::AccountId", }, ":role/*", ], ], }, }, { "Action": "cloudformation:DescribeStacks", "Effect": "Allow", "Resource": "*", }, { "Action": "s3:ListBucket", "Effect": "Allow", "Resource": "*", }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ApplicationPipelineUpdatePipelineSelfMutationRoleDefaultPolicy88A56583", "Roles": [ { "Ref": "ApplicationPipelineUpdatePipelineSelfMutationRole59A20D82", }, ], }, "Type": "AWS::IAM::Policy", }, "ArtifactsBucket2AAC5544": { "DeletionPolicy": "Delete", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "LoggingConfiguration": { "LogFilePrefix": "access-logs", }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", "Value": "true", }, ], }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "ArtifactsBucketAutoDeleteObjectsCustomResource0E3B4320": { "DeletionPolicy": "Delete", "DependsOn": [ "ArtifactsBucketPolicy852CB646", ], "Properties": { "BucketName": { "Ref": "ArtifactsBucket2AAC5544", }, "ServiceToken": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", "Arn", ], }, }, "Type": "Custom::S3AutoDeleteObjects", "UpdateReplacePolicy": "Delete", }, "ArtifactsBucketPolicy852CB646": { "Properties": { "Bucket": { "Ref": "ArtifactsBucket2AAC5544", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, { "Action": [ "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, }, "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "CodePipelineB74E5936": { "DependsOn": [ "CodePipelineRoleDefaultPolicy8D520A8D", "CodePipelineRoleB3A660B4", ], "Properties": { "ArtifactStore": { "Location": { "Ref": "ArtifactsBucket2AAC5544", }, "Type": "S3", }, "RestartExecutionOnUpdate": true, "RoleArn": { "Fn::GetAtt": [ "CodePipelineRoleB3A660B4", "Arn", ], }, "Stages": [ { "Actions": [ { "ActionTypeId": { "Category": "Source", "Owner": "AWS", "Provider": "CodeCommit", "Version": "1", }, "Configuration": { "BranchName": "mainline", "PollForSourceChanges": false, "RepositoryName": { "Fn::GetAtt": [ "CodeRepositoryBA42F94A", "Name", ], }, }, "Name": { "Fn::GetAtt": [ "CodeRepositoryBA42F94A", "Name", ], }, "OutputArtifacts": [ { "Name": "c825c34765dfb5e99261fa6cab9fea074f8881c7c4_Source", }, ], "RoleArn": { "Fn::GetAtt": [ "CodePipelineSourceCodeCommitCodePipelineActionRoleD8DD1B70", "Arn", ], }, "RunOrder": 1, }, ], "Name": "Source", }, { "Actions": [ { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1", }, "Configuration": { "EnvironmentVariables": "[{"name":"_PROJECT_CONFIG_HASH","type":"PLAINTEXT","value":"e2db3d0e436045d38bd4f440cc7b89f7d4fe56e078dffe8cfa304cd40cfdd0dc"}]", "ProjectName": { "Ref": "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6", }, }, "InputArtifacts": [ { "Name": "c825c34765dfb5e99261fa6cab9fea074f8881c7c4_Source", }, ], "Name": "Synth", "OutputArtifacts": [ { "Name": "Synth_Output", }, { "Name": "Synth__", }, ], "RoleArn": { "Fn::GetAtt": [ "ApplicationPipelineCodeBuildActionRole155C9984", "Arn", ], }, "RunOrder": 1, }, ], "Name": "Build", }, { "Actions": [ { "ActionTypeId": { "Category": "Build", "Owner": "AWS", "Provider": "CodeBuild", "Version": "1", }, "Configuration": { "EnvironmentVariables": "[{"name":"_PROJECT_CONFIG_HASH","type":"PLAINTEXT","value":"1f344c303c3d62e8c138657eaa7f668acd2e8bbe8d4b4e969020d81337f9380e"}]", "ProjectName": { "Ref": "ApplicationPipelineUpdatePipelineSelfMutation36D37AA8", }, }, "InputArtifacts": [ { "Name": "Synth_Output", }, ], "Name": "SelfMutate", "RoleArn": { "Fn::GetAtt": [ "ApplicationPipelineCodeBuildActionRole155C9984", "Arn", ], }, "RunOrder": 1, }, ], "Name": "UpdatePipeline", }, ], }, "Type": "AWS::CodePipeline::Pipeline", }, "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6": { "Properties": { "Artifacts": { "Type": "CODEPIPELINE", }, "Cache": { "Type": "NO_CACHE", }, "Description": "Pipeline step pipeline-test/CodePipeline/Build/Synth", "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "Image": "aws/codebuild/standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": false, "Type": "LINUX_CONTAINER", }, "ServiceRole": { "Fn::GetAtt": [ "CodePipelineBuildSynthCdkBuildProjectRoleB73287D4", "Arn", ], }, "Source": { "BuildSpec": "{ "version": "0.2", "phases": { "install": { "commands": [ "npm install -g aws-cdk", "yarn install --frozen-lockfile || npx projen && yarn install --frozen-lockfile" ] }, "build": { "commands": [ "npx projen && npx nx run @aws/infra:build" ] } }, "artifacts": { "secondary-artifacts": { "Synth_Output": { "base-directory": "packages/infra/cdk.out", "files": "**/*" }, "Synth__": { "base-directory": ".", "files": "**/*" } } } }", "Type": "CODEPIPELINE", }, }, "Type": "AWS::CodeBuild::Project", }, "CodePipelineBuildSynthCdkBuildProjectRoleB73287D4": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "CodePipelineBuildSynthCdkBuildProjectRoleDefaultPolicyB7EDB705": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ { "regex": "/^Action::s3:.*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "Actions contain wildcards which are valid for CodePipeline as all of these operations are required.", }, { "applies_to": [ { "regex": "/^Resource::/\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to any and all artifacts in the ArtifactsBucket.", }, { "applies_to": [ { "regex": "/^Resource::arn::logs:::log-group:/aws/codebuild/:\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to manage logs and streams whose names are dynamically determined.", }, { "applies_to": [ { "regex": "/^Resource::arn::codebuild:::report-group/-\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to create report groups that are dynamically determined.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/codebuild/", { "Ref": "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6", }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/codebuild/", { "Ref": "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6", }, ":*", ], ], }, ], }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codebuild:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":report-group/", { "Ref": "CodePipelineBuildSynthCdkBuildProjectEDF0E7B6", }, "-*", ], ], }, }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "CodePipelineBuildSynthCdkBuildProjectRoleDefaultPolicyB7EDB705", "Roles": [ { "Ref": "CodePipelineBuildSynthCdkBuildProjectRoleB73287D4", }, ], }, "Type": "AWS::IAM::Policy", }, "CodePipelineEventsRole4196480D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "CodePipelineEventsRoleDefaultPolicy13DBD2D2": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codepipeline:StartPipelineExecution", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codepipeline:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":", { "Ref": "CodePipelineB74E5936", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "CodePipelineEventsRoleDefaultPolicy13DBD2D2", "Roles": [ { "Ref": "CodePipelineEventsRole4196480D", }, ], }, "Type": "AWS::IAM::Policy", }, "CodePipelineRoleB3A660B4": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codepipeline.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "CodePipelineRoleDefaultPolicy8D520A8D": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ { "regex": "/^Action::s3:.*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "Actions contain wildcards which are valid for CodePipeline as all of these operations are required.", }, { "applies_to": [ { "regex": "/^Resource::/\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to any and all artifacts in the ArtifactsBucket.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "CodePipelineSourceCodeCommitCodePipelineActionRoleD8DD1B70", "Arn", ], }, }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ApplicationPipelineCodeBuildActionRole155C9984", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "CodePipelineRoleDefaultPolicy8D520A8D", "Roles": [ { "Ref": "CodePipelineRoleB3A660B4", }, ], }, "Type": "AWS::IAM::Policy", }, "CodePipelineSourceCodeCommitCodePipelineActionRoleD8DD1B70": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "CodePipelineSourceCodeCommitCodePipelineActionRoleDefaultPolicyAFBD34E4": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "applies_to": [ { "regex": "/^Action::s3:.*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "Actions contain wildcards which are valid for CodePipeline as all of these operations are required.", }, { "applies_to": [ { "regex": "/^Resource::/\\*$/g", }, ], "id": "AwsSolutions-IAM5", "reason": "CodePipeline requires access to any and all artifacts in the ArtifactsBucket.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ArtifactsBucket2AAC5544", "Arn", ], }, "/*", ], ], }, ], }, { "Action": [ "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:UploadArchive", "codecommit:GetUploadArchiveStatus", "codecommit:CancelUploadArchive", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "CodeRepositoryBA42F94A", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "CodePipelineSourceCodeCommitCodePipelineActionRoleDefaultPolicyAFBD34E4", "Roles": [ { "Ref": "CodePipelineSourceCodeCommitCodePipelineActionRoleD8DD1B70", }, ], }, "Type": "AWS::IAM::Policy", }, "CodeRepositoryBA42F94A": { "DeletionPolicy": "Retain", "Properties": { "RepositoryName": "monorepo", }, "Type": "AWS::CodeCommit::Repository", "UpdateReplacePolicy": "Retain", }, "CodeRepositorypipelinetestCodePipelineC82F8C25mainlineEventRule152901D1": { "Properties": { "EventPattern": { "detail": { "event": [ "referenceCreated", "referenceUpdated", ], "referenceName": [ "mainline", ], }, "detail-type": [ "CodeCommit Repository State Change", ], "resources": [ { "Fn::GetAtt": [ "CodeRepositoryBA42F94A", "Arn", ], }, ], "source": [ "aws.codecommit", ], }, "State": "ENABLED", "Targets": [ { "Arn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codepipeline:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":", { "Ref": "CodePipelineB74E5936", }, ], ], }, "Id": "Target0", "RoleArn": { "Fn::GetAtt": [ "CodePipelineEventsRole4196480D", "Arn", ], }, }, ], }, "Type": "AWS::Events::Rule", }, "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { "DependsOn": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "e57c1acaa363d7d2b81736776007a7091bc73dff4aeb8135627c4511a51e7dca.zip", }, "Description": { "Fn::Join": [ "", [ "Lambda function for auto-deleting objects in ", { "Ref": "ArtifactsBucket2AAC5544", }, " S3 bucket.", ], ], }, "Handler": "__entrypoint__.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], }, "Type": "AWS::IAM::Role", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;