// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`BLEAFSI-LogBase Compare Snapshot test LoggingAccount Stacks 1`] = ` { "Mappings": { "DefaultCrNodeVersionMap": { "af-south-1": { "value": "nodejs16.x", }, "ap-east-1": { "value": "nodejs16.x", }, "ap-northeast-1": { "value": "nodejs16.x", }, "ap-northeast-2": { "value": "nodejs16.x", }, "ap-northeast-3": { "value": "nodejs16.x", }, "ap-south-1": { "value": "nodejs16.x", }, "ap-south-2": { "value": "nodejs16.x", }, "ap-southeast-1": { "value": "nodejs16.x", }, "ap-southeast-2": { "value": "nodejs16.x", }, "ap-southeast-3": { "value": "nodejs16.x", }, "ca-central-1": { "value": "nodejs16.x", }, "cn-north-1": { "value": "nodejs16.x", }, "cn-northwest-1": { "value": "nodejs16.x", }, "eu-central-1": { "value": "nodejs16.x", }, "eu-central-2": { "value": "nodejs16.x", }, "eu-north-1": { "value": "nodejs16.x", }, "eu-south-1": { "value": "nodejs16.x", }, "eu-south-2": { "value": "nodejs16.x", }, "eu-west-1": { "value": "nodejs16.x", }, "eu-west-2": { "value": "nodejs16.x", }, "eu-west-3": { "value": "nodejs16.x", }, "me-central-1": { "value": "nodejs16.x", }, "me-south-1": { "value": "nodejs16.x", }, "sa-east-1": { "value": "nodejs16.x", }, "us-east-1": { "value": "nodejs16.x", }, "us-east-2": { "value": "nodejs16.x", }, "us-gov-east-1": { "value": "nodejs16.x", }, "us-gov-west-1": { "value": "nodejs16.x", }, "us-iso-east-1": { "value": "nodejs14.x", }, "us-iso-west-1": { "value": "nodejs14.x", }, "us-isob-east-1": { "value": "nodejs14.x", }, "us-west-1": { "value": "nodejs16.x", }, "us-west-2": { "value": "nodejs16.x", }, }, }, "Outputs": { "SharedLogBucket": { "Description": "Bucket for CloudTrail log", "Value": { "Ref": "Bucket83908E77", }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "Bucket83908E77": { "DeletionPolicy": "Delete", "Properties": { "AccessControl": "Private", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "BucketName": { "Fn::Join": [ "", [ "bleafsi-logbase-shared-log-", { "Ref": "AWS::AccountId", }, ], ], }, "LifecycleConfiguration": { "Rules": [ { "ExpirationInDays": 1825, "Status": "Enabled", }, ], }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "BucketAccessLogs0AA7ED48", }, }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", "Value": "true", }, ], "VersioningConfiguration": { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "BucketAccessLogs0AA7ED48": { "DeletionPolicy": "Delete", "Properties": { "AccessControl": "LogDeliveryWrite", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "BucketName": { "Fn::Join": [ "", [ "bleafsi-logbase-shared-log-", { "Ref": "AWS::AccountId", }, "-logs", ], ], }, "LifecycleConfiguration": { "Rules": [ { "ExpirationInDays": 2555, "Status": "Enabled", "Transitions": [ { "StorageClass": "GLACIER", "TransitionInDays": 90, }, ], }, ], }, "OwnershipControls": { "Rules": [ { "ObjectOwnership": "ObjectWriter", }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", "Value": "true", }, ], "VersioningConfiguration": { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "BucketAccessLogsAutoDeleteObjectsCustomResourceF1F74F65": { "DeletionPolicy": "Delete", "DependsOn": [ "BucketAccessLogsPolicy6EEF3369", ], "Properties": { "BucketName": { "Ref": "BucketAccessLogs0AA7ED48", }, "ServiceToken": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", "Arn", ], }, }, "Type": "Custom::S3AutoDeleteObjects", "UpdateReplacePolicy": "Delete", }, "BucketAccessLogsPolicy6EEF3369": { "Properties": { "Bucket": { "Ref": "BucketAccessLogs0AA7ED48", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "BucketAccessLogs0AA7ED48", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "BucketAccessLogs0AA7ED48", "Arn", ], }, "/*", ], ], }, ], }, { "Action": [ "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, }, "Resource": [ { "Fn::GetAtt": [ "BucketAccessLogs0AA7ED48", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "BucketAccessLogs0AA7ED48", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:DeleteObject", "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "BucketAccessLogs0AA7ED48", "Arn", ], }, "/*", ], ], }, "Sid": "Restrict Delete* Actions", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "BucketAutoDeleteObjectsCustomResourceBAFD23C2": { "DeletionPolicy": "Delete", "DependsOn": [ "BucketPolicyE9A3008A", ], "Properties": { "BucketName": { "Ref": "Bucket83908E77", }, "ServiceToken": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", "Arn", ], }, }, "Type": "Custom::S3AutoDeleteObjects", "UpdateReplacePolicy": "Delete", }, "BucketPolicyE9A3008A": { "Properties": { "Bucket": { "Ref": "Bucket83908E77", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, "/*", ], ], }, ], }, { "Action": [ "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, }, "Resource": [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:DeleteObject", "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, "/*", ], ], }, "Sid": "Restrict Delete* Actions", }, { "Action": [ "s3:GetBucketAcl", "s3:ListBucket", ], "Effect": "Allow", "Principal": { "Service": [ "cloudtrail.amazonaws.com", "config.amazonaws.com", ], }, "Resource": { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, "Sid": "AWSBucketPermissions", }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": [ "cloudtrail.amazonaws.com", "config.amazonaws.com", ], }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "Bucket83908E77", "Arn", ], }, "/*/*", ], ], }, "Sid": "AWSBucketDelivery", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { "DependsOn": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "64267bdade6530c78c99e1df05c9336e81c8dad82fdb06133ee90f7390f69d26.zip", }, "Description": { "Fn::Join": [ "", [ "Lambda function for auto-deleting objects in ", { "Ref": "BucketAccessLogs0AA7ED48", }, " S3 bucket.", ], ], }, "Handler": "index.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], }, "Type": "AWS::IAM::Role", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;