// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`BLEAFSI-CoreBanking snapshot check Core banking sample Stacks 1`] = ` { "Outputs": { "NlbTestNlbUrl5D253295": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "NlbNlbOnlyForTest6E63B1BF", "DNSName", ], }, ], ], }, }, "SampleAppClientInstanceBastionHostId012E92EB": { "Description": "Instance ID of the bastion host. Use this to connect via SSM Session Manager", "Value": { "Ref": "SampleAppClientInstanceF6BD53A1", }, }, "SampleMultiRegionAppBalanceMigrationCommandE57D7C97": { "Value": { "Fn::Join": [ "", [ "aws ecs run-task --cluster ", { "Fn::GetAtt": [ "SampleMultiRegionAppCluster9D88E1C2", "Arn", ], }, " --task-definition ", { "Ref": "SampleMultiRegionAppBalanceTaskCD24682E", }, " --launch-type FARGATE --overrides '{"containerOverrides": [{"name": "EcsApp", "command": ["npx", "prisma", "db", "push"] }]}' --network-configuration "awsvpcConfiguration={subnets=[", { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, "],securityGroups=[", { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "]}" --region ap-northeast-1 --profile ct-guest-sso", ], ], }, }, "SampleMultiRegionAppCountMigrationCommandD5EB9AC2": { "Value": { "Fn::Join": [ "", [ "aws ecs run-task --cluster ", { "Fn::GetAtt": [ "SampleMultiRegionAppCluster9D88E1C2", "Arn", ], }, " --task-definition ", { "Ref": "SampleMultiRegionAppCountTask9E5764AB", }, " --launch-type FARGATE --overrides '{"containerOverrides": [{"name": "EcsApp", "command": ["npx", "prisma", "db", "push"] }]}' --network-configuration "awsvpcConfiguration={subnets=[", { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, "],securityGroups=[", { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "]}" --region ap-northeast-1 --profile ct-guest-sso", ], ], }, }, "SampleMultiRegionAppParamTableName1EDCBB71": { "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { "DependsOn": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "c56527323fe165e19e5c38b88f77270ba67c06d0fd17823264a8e1268ef9ce50.zip", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 120, }, "Type": "AWS::Lambda::Function", }, "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "AppKey2AF25043": { "DeletionPolicy": "Retain", "Properties": { "Description": "for App", "EnableKeyRotation": true, "KeyPolicy": { "Statement": [ { "Action": "kms:*", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::111111111111:root", ], ], }, }, "Resource": "*", }, { "Action": [ "kms:Encrypt*", "kms:Decrypt*", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:Describe*", ], "Condition": { "ArnLike": { "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:ap-northeast-1:111111111111:*", }, }, "Effect": "Allow", "Principal": { "Service": "logs.ap-northeast-1.amazonaws.com", }, "Resource": "*", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::KMS::Key", "UpdateReplacePolicy": "Retain", }, "AppKeyAlias41A6B934": { "Properties": { "AliasName": "alias/AppKey-for-app", "TargetKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, }, "Type": "AWS::KMS::Alias", }, "BLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb": { "DeletionPolicy": "Delete", "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"dbadmin"}", }, "ReplicaRegions": [ { "Region": "ap-northeast-3", }, ], }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "ContainerImagesampleecsappproject3CC5178F": { "Properties": { "Artifacts": { "Type": "NO_ARTIFACTS", }, "Cache": { "Type": "NO_CACHE", }, "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", "EnvironmentVariables": [ { "Name": "AWS_DEFAULT_REGION", "Type": "PLAINTEXT", "Value": "ap-northeast-1", }, { "Name": "AWS_ACCOUNT_ID", "Type": "PLAINTEXT", "Value": "111111111111", }, { "Name": "IMAGE_TAG", "Type": "PLAINTEXT", "Value": "sample-ecs-app", }, { "Name": "IMAGE_REPO_NAME", "Type": "PLAINTEXT", "Value": { "Ref": "ECRapprepo376558DE", }, }, ], "Image": "aws/codebuild/standard:4.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "LINUX_CONTAINER", }, "ServiceRole": { "Fn::GetAtt": [ "ContainerImagesampleecsappprojectRole2779E57F", "Arn", ], }, "Source": { "Location": "cdk-hnb659fds-assets-111111111111-ap-northeast-1/80f730532f1195ed4fede75fbf8191acdfc52e6721de3b612c0c6a7eab1dbbc1.zip", "Type": "S3", }, }, "Type": "AWS::CodeBuild::Project", }, "ContainerImagesampleecsappprojectRole2779E57F": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "codebuild.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":s3:::cdk-hnb659fds-assets-111111111111-ap-northeast-1", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":s3:::cdk-hnb659fds-assets-111111111111-ap-northeast-1/80f730532f1195ed4fede75fbf8191acdfc52e6721de3b612c0c6a7eab1dbbc1.zip", ], ], }, ], }, { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:ap-northeast-1:111111111111:log-group:/aws/codebuild/", { "Ref": "ContainerImagesampleecsappproject3CC5178F", }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:ap-northeast-1:111111111111:log-group:/aws/codebuild/", { "Ref": "ContainerImagesampleecsappproject3CC5178F", }, ":*", ], ], }, ], }, { "Action": [ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", "codebuild:BatchPutCodeCoverages", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":codebuild:ap-northeast-1:111111111111:report-group/", { "Ref": "ContainerImagesampleecsappproject3CC5178F", }, "-*", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:CompleteLayerUpload", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:aws:ecr:ap-northeast-1:111111111111:repository/", { "Ref": "ECRapprepo376558DE", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "Roles": [ { "Ref": "ContainerImagesampleecsappprojectRole2779E57F", }, ], }, "Type": "AWS::IAM::Policy", }, "ContainerImagestartBuild34814DC1": { "DeletionPolicy": "Delete", "DependsOn": [ "ContainerImagestartBuildCustomResourcePolicy53F65DAB", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"CodeBuild","action":"startBuild","parameters":{"projectName":"", { "Ref": "ContainerImagesampleecsappproject3CC5178F", }, ""},"physicalResourceId":{"id":"", { "Fn::GetAtt": [ "ContainerImagesampleecsappproject3CC5178F", "Arn", ], }, ""}}", ], ], }, "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, }, "Type": "Custom::AWS", "UpdateReplacePolicy": "Delete", }, "ContainerImagestartBuildCustomResourcePolicy53F65DAB": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "codebuild:StartBuild", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ContainerImagesampleecsappproject3CC5178F", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536": { "DependsOn": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF", "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "9eb41a5505d37607ac419321497a4f8c21cf0ee1f9b4a6b29aa04301aea5c7fd.zip", }, "Environment": { "Variables": { "AWS_CA_BUNDLE": "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", }, }, "Handler": "index.handler", "Layers": [ { "Ref": "SampleAppClientDeployAwsCliLayer84CF29A7", }, ], "Role": { "Fn::GetAtt": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", "Arn", ], }, "Runtime": "python3.9", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":s3:::cdk-hnb659fds-assets-111111111111-ap-northeast-1", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":s3:::cdk-hnb659fds-assets-111111111111-ap-northeast-1/*", ], ], }, ], }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF", "Roles": [ { "Ref": "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", }, ], }, "Type": "AWS::IAM::Policy", }, "CustomCrossRegionExportWriterCustomResourceProviderHandlerD8786E8A": { "DependsOn": [ "CustomCrossRegionExportWriterCustomResourceProviderRoleC951B1E1", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "d03a1e3909f7dea25696e7cc8c98e4f045bfc5c0717679fad2ffa98fccadcf81.zip", }, "Handler": "__entrypoint__.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomCrossRegionExportWriterCustomResourceProviderRoleC951B1E1", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomCrossRegionExportWriterCustomResourceProviderRoleC951B1E1": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "ssm:DeleteParameters", "ssm:ListTagsForResource", "ssm:GetParameters", "ssm:PutParameter", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ssm:ap-northeast-3:111111111111:parameter/cdk/exports/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "Inline", }, ], }, "Type": "AWS::IAM::Role", }, "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { "DependsOn": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "64267bdade6530c78c99e1df05c9336e81c8dad82fdb06133ee90f7390f69d26.zip", }, "Description": { "Fn::Join": [ "", [ "Lambda function for auto-deleting objects in ", { "Ref": "SampleAppClientBucket4BBBAACF", }, " S3 bucket.", ], ], }, "Handler": "index.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], }, "Type": "AWS::IAM::Role", }, "DBAuroraPgAuroraCPUUtil8FD0DC1C": { "Properties": { "ActionsEnabled": true, "AlarmActions": [ { "Ref": "MonitorAlarmTopic1E34119C", }, ], "ComparisonOperator": "GreaterThanOrEqualToThreshold", "DatapointsToAlarm": 3, "Dimensions": [ { "Name": "DBClusterIdentifier", "Value": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, }, ], "EvaluationPeriods": 3, "MetricName": "CPUUtilization", "Namespace": "AWS/RDS", "Period": 60, "Statistic": "Average", "Threshold": 90, }, "Type": "AWS::CloudWatch::Alarm", }, "DBAuroraPgAuroraCluster654F0C65": { "DeletionPolicy": "Snapshot", "Properties": { "CopyTagsToSnapshot": true, "DBClusterParameterGroupName": "default.aurora-postgresql11", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "DatabaseName": "mydbname", "EnableCloudwatchLogsExports": [ "postgresql", ], "Engine": "aurora-postgresql", "EngineVersion": "11.9", "KmsKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "MasterUserPassword": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "BLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb", }, ":SecretString:password::}}", ], ], }, "MasterUsername": "dbadmin", "Port": 5432, "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Snapshot", }, "DBAuroraPgAuroraClusterInstance1CA8DBC8C": { "DeletionPolicy": "Delete", "DependsOn": [ "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", ], "Properties": { "DBClusterIdentifier": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "DBInstanceClass": "db.r6g.large", "DBInstanceIdentifier": "instance1", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "EnablePerformanceInsights": true, "Engine": "aurora-postgresql", "PerformanceInsightsKMSKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "PerformanceInsightsRetentionPeriod": 7, "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Delete", }, "DBAuroraPgAuroraClusterInstance20FAB99C5": { "DeletionPolicy": "Delete", "DependsOn": [ "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", ], "Properties": { "DBClusterIdentifier": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "DBInstanceClass": "db.r6g.large", "DBInstanceIdentifier": "instance2", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "EnablePerformanceInsights": true, "Engine": "aurora-postgresql", "PerformanceInsightsKMSKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "PerformanceInsightsRetentionPeriod": 7, "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Delete", }, "DBAuroraPgAuroraClusterLogRetentionpostgresql3C66E2AA": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/rds/cluster/", { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "/postgresql", ], ], }, "RetentionInDays": 90, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "DBAuroraPgAuroraClusterSecretAttachment79578D24": { "Properties": { "SecretId": { "Ref": "BLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb", }, "TargetId": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "DBAuroraPgAuroraClusterSubnets4FFFB644": { "Properties": { "DBSubnetGroupDescription": "Subnets for AuroraCluster database", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", }, "DBAuroraPgMyCfnGlobalCluster713F685E": { "Properties": { "DeletionProtection": false, "GlobalClusterIdentifier": "core-banking-global-db", "SourceDBClusterIdentifier": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, }, "Type": "AWS::RDS::GlobalCluster", }, "DBAuroraPgRdsEventsCluster22EF9729": { "Properties": { "Enabled": true, "EventCategories": [ "failure", "failover", "maintenance", ], "SnsTopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, "SourceType": "db-cluster", }, "Type": "AWS::RDS::EventSubscription", }, "DBAuroraPgRdsEventsInstances6B46FC66": { "Properties": { "Enabled": true, "EventCategories": [ "availability", "configuration change", "deletion", "failover", "failure", "maintenance", "notification", "recovery", ], "SnsTopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, "SourceType": "db-instance", }, "Type": "AWS::RDS::EventSubscription", }, "DBAuroraPgSgRdsF3DC7367": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/DBAuroraPg/SgRds", "SecurityGroupEgress": [ { "CidrIp": "255.255.255.255/32", "Description": "Disallow all traffic", "FromPort": 252, "IpProtocol": "icmp", "ToPort": 86, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3IndirectPort26A274F5": { "Properties": { "Description": "from BLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingprimarySampleMultiRegionAppBalanceFargateServiceSecurityGroup12675873IndirectPortB0E3CD0B": { "Properties": { "Description": "from BLEAFSICoreBankingprimarySampleMultiRegionAppBalanceFargateServiceSecurityGroup12675873:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingprimarySampleMultiRegionAppCountFargateServiceSecurityGroupCBCB28B1IndirectPort9FC922E2": { "Properties": { "Description": "from BLEAFSICoreBankingprimarySampleMultiRegionAppCountFargateServiceSecurityGroupCBCB28B1:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ECRCrrConfEC77F062": { "Properties": { "ReplicationConfiguration": { "Rules": [ { "Destinations": [ { "Region": "ap-northeast-3", "RegistryId": "111111111111", }, ], }, ], }, }, "Type": "AWS::ECR::ReplicationConfiguration", }, "ECRapprepo376558DE": { "DeletionPolicy": "Retain", "Properties": { "ImageScanningConfiguration": { "ScanOnPush": true, }, }, "Type": "AWS::ECR::Repository", "UpdateReplacePolicy": "Retain", }, "ECRapprepoImageScanComplete3439F67A": { "Properties": { "EventPattern": { "detail": { "repository-name": [ { "Ref": "ECRapprepo376558DE", }, ], "scan-status": [ "COMPLETE", ], }, "detail-type": [ "ECR Image Scan", ], "source": [ "aws.ecr", ], }, "State": "ENABLED", "Targets": [ { "Arn": { "Ref": "MonitorAlarmTopic1E34119C", }, "Id": "Target0", }, ], }, "Type": "AWS::Events::Rule", }, "ECSAppcontainerAppSampleBaseAlbDB2A3544": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "access_logs.s3.enabled", "Value": "true", }, { "Key": "access_logs.s3.bucket", "Value": { "Ref": "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", }, }, ], "Scheme": "internal", "SecurityGroups": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbDB2A3544", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "30", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ECSAppcontainerAppSampleBaseCluster569A303B": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "ECSAppcontainerAppSampleBaseCluster9D2F5822": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "CapacityProviders": [ "FARGATE", "FARGATE_SPOT", ], "Cluster": { "Ref": "ECSAppcontainerAppSampleBaseCluster569A303B", }, "DefaultCapacityProviderStrategy": [], }, "Type": "AWS::ECS::ClusterCapacityProviderAssociations", }, "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ECSAppcontainerAppSampleBaseEcsTask252AEDDF": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "ENVIRONMENT_VARIABLE_SAMPLE_KEY", "Value": "Environment Variable Sample Value", }, ], "Essential": true, "Image": { "Fn::Join": [ "", [ { "Fn::Select": [ 4, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ECRapprepo376558DE", "Arn", ], }, ], }, ], }, ".dkr.ecr.", { "Fn::Select": [ 3, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ECRapprepo376558DE", "Arn", ], }, ], }, ], }, ".", { "Ref": "AWS::URLSuffix", }, "/", { "Ref": "ECRapprepo376558DE", }, ":sample-ecs-app", ], ], }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", }, "awslogs-region": "ap-northeast-1", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 80, "Protocol": "tcp", }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "Arn", ], }, "Family": "BLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseEcsTask2D9BDBD1", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ECRapprepo376558DE", "Arn", ], }, }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": "*", }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "Roles": [ { "Ref": "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", }, ], }, "Type": "AWS::IAM::Policy", }, "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2": { "DeletionPolicy": "Retain", "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "KmsKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "RetentionInDays": 90, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "ECSAppcontainerAppSampleBaseCluster569A303B", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DesiredCount": 2, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 80, "TargetGroupArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "PlatformVersion": "LATEST", "TaskDefinition": { "Ref": "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", }, }, "Type": "AWS::ECS::Service", }, "ECSAppcontainerAppSampleBaseSgAlb1B19B99D": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/ECSApp/containerAppSampleBase/SgAlb", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "Description": "to BLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3:80", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "FromPort": 80, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 80, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ECSAppcontainerAppSampleBaseSgFargateA0785180": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/ECSApp/containerAppSampleBase/SgFargate", "SecurityGroupEgress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":ALL PORTS", ], ], }, "FromPort": 0, "IpProtocol": "tcp", "ToPort": 65535, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "Description": "Load balancer to target", "FromPort": 80, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, "ToPort": 80, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "Description": "to BLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6B:{IndirectPort}", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "ResourceArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbDB2A3544", }, "WebACLArn": { "Fn::GetAtt": [ "WafWebAclBE24253C", "Arn", ], }, }, "Type": "AWS::WAFv2::WebACLAssociation", }, "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA": { "DeletionPolicy": "Retain", "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "AccessControl": "Private", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", ], "Properties": { "Bucket": { "Ref": "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:PutObject", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::582318560864:root", ], ], }, }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/AWSLogs/111111111111/*", ], ], }, }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/AWSLogs/111111111111/*", ], ], }, }, { "Action": "s3:GetBucketAcl", "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", ], "Properties": { "Name": "/bleafsi/test/EcrAppImageTag", "Type": "String", "Value": "sample-ecs-app", }, "Type": "AWS::SSM::Parameter", }, "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733": { "DependsOn": [ "ContainerImagesampleecsappproject3CC5178F", "ContainerImagesampleecsappprojectRoleDefaultPolicy4CA66C3B", "ContainerImagesampleecsappprojectRole2779E57F", "ContainerImagestartBuildCustomResourcePolicy53F65DAB", "ContainerImagestartBuild34814DC1", "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", ], "Properties": { "Name": "/bleafsi/test/EcrAppRepositoryName", "Type": "String", "Value": { "Ref": "ECRapprepo376558DE", }, }, "Type": "AWS::SSM::Parameter", }, "ExportsWriterapnortheast3D0FE0CB2ECD9158B": { "DeletionPolicy": "Delete", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "CustomCrossRegionExportWriterCustomResourceProviderHandlerD8786E8A", "Arn", ], }, "WriterProps": { "exports": { "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAttGetDefaultRouteTableId6DB194BATransitGateways0OptionsAssociationDefaultRouteTableIdFC78B5FF": { "Fn::GetAtt": [ "GetDefaultRouteTableId6DB194BA", "TransitGateways.0.Options.AssociationDefaultRouteTableId", ], }, "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864": { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498": { "Ref": "BLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb", }, }, "region": "ap-northeast-3", }, }, "Type": "Custom::CrossRegionExportWriter", "UpdateReplacePolicy": "Delete", }, "GetDefaultRouteTableId6DB194BA": { "DeletionPolicy": "Delete", "DependsOn": [ "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"EC2","action":"describeTransitGateways","parameters":{"TransitGatewayIds":["", { "Ref": "VpcTgw43A428E1", }, ""]},"physicalResourceId":{"id":"GetDefaultRouteTableId"}}", ], ], }, "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"EC2","action":"describeTransitGateways","parameters":{"TransitGatewayIds":["", { "Ref": "VpcTgw43A428E1", }, ""]},"physicalResourceId":{"id":"GetDefaultRouteTableId"}}", ], ], }, }, "Type": "Custom::AWS", "UpdateReplacePolicy": "Delete", }, "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ec2:DescribeTransitGateways", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": { "DependsOn": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "5fa1330271b8967d9254ba2d4a07144f8acefe8b77e6d6bba38261373a50d5f8.zip", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", "Arn", ], }, "Runtime": "nodejs16.x", }, "Type": "AWS::Lambda::Function", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:PutRetentionPolicy", "logs:DeleteRetentionPolicy", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "Roles": [ { "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", }, ], }, "Type": "AWS::IAM::Policy", }, "MonitorAlarmEmailBA1444D7": { "Properties": { "Endpoint": "exsample@exsample.com", "Protocol": "email", "TopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, }, "Type": "AWS::SNS::Subscription", }, "MonitorAlarmTopic1E34119C": { "Type": "AWS::SNS::Topic", }, "MonitorAlarmTopicPolicy3B1D026A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "sns:Publish", "Effect": "Allow", "Principal": { "Service": "cloudwatch.amazonaws.com", }, "Resource": { "Ref": "MonitorAlarmTopic1E34119C", }, "Sid": "0", }, { "Action": "sns:Publish", "Condition": { "Bool": { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": "*", "Resource": { "Ref": "MonitorAlarmTopic1E34119C", }, "Sid": "EnforcePublishersToUseSSL", }, { "Action": "sns:Publish", "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com", }, "Resource": { "Ref": "MonitorAlarmTopic1E34119C", }, "Sid": "2", }, ], "Version": "2012-10-17", }, "Topics": [ { "Ref": "MonitorAlarmTopic1E34119C", }, ], }, "Type": "AWS::SNS::TopicPolicy", }, "NlbNlbOnlyForTest6E63B1BF": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, ], "Scheme": "internet-facing", "Subnets": [ { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, ], "Type": "network", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "NlbNlbOnlyForTestTestNlbListenerB0BF1718": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "NlbNlbOnlyForTestTestNlbListenerTargetAlbGroupAB2D8B51", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "NlbNlbOnlyForTest6E63B1BF", }, "Port": 80, "Protocol": "TCP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "NlbNlbOnlyForTestTestNlbListenerTargetAlbGroupAB2D8B51": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", ], "Properties": { "Port": 80, "Protocol": "TCP", "TargetType": "alb", "Targets": [ { "Id": { "Ref": "ECSAppcontainerAppSampleBaseAlbDB2A3544", }, "Port": 80, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "PrivateHostedZone6354E1BB": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", ], "Properties": { "Name": "example.com.", "VPCs": [ { "VPCId": { "Ref": "Vpc8378EB38", }, "VPCRegion": "ap-northeast-1", }, { "VPCId": { "Ref": "SampleAppClientVpc8EC27D63", }, "VPCRegion": "ap-northeast-1", }, ], }, "Type": "AWS::Route53::HostedZone", }, "PrivateHostedZoneAliasRecord66C63538": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", ], "Properties": { "AliasTarget": { "DNSName": { "Fn::Join": [ "", [ "dualstack.", { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseAlbDB2A3544", "DNSName", ], }, ], ], }, "HostedZoneId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseAlbDB2A3544", "CanonicalHostedZoneID", ], }, }, "HostedZoneId": { "Ref": "PrivateHostedZone6354E1BB", }, "Name": "example.com.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, "PrivateHostedZonecrossRegionSsmParamSsmParamPrivateHostedZoneId369E6875": { "DependsOn": [ "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B", "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseAlbDB2A3544", "ECSAppcontainerAppSampleBaseCluster9D2F5822", "ECSAppcontainerAppSampleBaseCluster569A303B", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9", "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgFargate4AFF3AB3803E6A1F65", "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingprimaryECSAppcontainerAppSampleBaseSgAlbDBCA533080A80EFA87", "ECSAppcontainerAppSampleBaseSgFargateA0785180", "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingprimaryDBAuroraPgSgRds06093A6BIndirectPort4AA907E0", "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF", "ECSAppcrossRegionSsmParamSsmParamEcrAppImageTag4833040E", "ECSAppcrossRegionSsmParamSsmParamEcrAppRepositoryName75690733", ], "Properties": { "Name": "/bleafsi/test/PrivateHostedZoneId", "Type": "String", "Value": { "Ref": "PrivateHostedZone6354E1BB", }, }, "Type": "AWS::SSM::Parameter", }, "SampleAppClientBucket4BBBAACF": { "DeletionPolicy": "Delete", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", "Value": "true", }, { "Key": "aws-cdk:cr-owned:client:d80d5e0e", "Value": "true", }, ], }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "SampleAppClientBucketAutoDeleteObjectsCustomResource58334B99": { "DeletionPolicy": "Delete", "DependsOn": [ "SampleAppClientBucketPolicy3869F99F", ], "Properties": { "BucketName": { "Ref": "SampleAppClientBucket4BBBAACF", }, "ServiceToken": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", "Arn", ], }, }, "Type": "Custom::S3AutoDeleteObjects", "UpdateReplacePolicy": "Delete", }, "SampleAppClientBucketPolicy3869F99F": { "Properties": { "Bucket": { "Ref": "SampleAppClientBucket4BBBAACF", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, "/*", ], ], }, ], }, { "Action": [ "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, }, "Resource": [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "SampleAppClientDeployAwsCliLayer84CF29A7": { "Properties": { "Content": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-1", "S3Key": "e2277687077a2abf9ae1af1cc9565e6715e2ebb62f79ec53aa75a1af9298f642.zip", }, "Description": "/opt/awscli/aws", }, "Type": "AWS::Lambda::LayerVersion", }, "SampleAppClientDeployCustomResourceE56A6567": { "DeletionPolicy": "Delete", "Properties": { "DestinationBucketKeyPrefix": "client", "DestinationBucketName": { "Ref": "SampleAppClientBucket4BBBAACF", }, "Prune": true, "ServiceToken": { "Fn::GetAtt": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536", "Arn", ], }, "SourceBucketNames": [ "cdk-hnb659fds-assets-111111111111-ap-northeast-1", ], "SourceObjectKeys": [ "bf8a2ccb4881373f86f63004ddcc2d821a21603658ad5e7fce2b4085efe19d62.zip", ], }, "Type": "Custom::CDKBucketDeployment", "UpdateReplacePolicy": "Delete", }, "SampleAppClientInstanceF6BD53A1": { "DependsOn": [ "SampleAppClientDeployAwsCliLayer84CF29A7", "SampleAppClientDeployCustomResourceE56A6567", "SampleAppClientInstanceInstanceRoleDefaultPolicyE8D72C41", "SampleAppClientInstanceInstanceRole344FC108", ], "Properties": { "AvailabilityZone": "dummy1a", "BlockDeviceMappings": [ { "DeviceName": "/dev/xvda", "Ebs": { "Encrypted": true, "VolumeSize": 20, "VolumeType": "gp3", }, }, ], "IamInstanceProfile": { "Ref": "SampleAppClientInstanceInstanceProfile08038138", }, "ImageId": { "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter", }, "InstanceType": "t3.nano", "SecurityGroupIds": [ { "Fn::GetAtt": [ "SampleAppClientInstanceInstanceSecurityGroup6E48D151", "GroupId", ], }, ], "SubnetId": { "Ref": "SampleAppClientVpcPublicSubnet1SubnetB3271DC8", }, "Tags": [ { "Key": "Name", "Value": "BastionHost", }, ], "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash yum install -y docker systemctl enable docker systemctl start docker usermod -aG docker ec2-user chmod 777 /var/run/docker.sock yum install -y tmux htop echo '#!/bin/bash' > /home/ec2-user/pull.sh echo 'aws s3 sync s3://", { "Ref": "SampleAppClientBucket4BBBAACF", }, "/client /home/ec2-user/client' >> /home/ec2-user/pull.sh chown ec2-user /home/ec2-user/pull.sh chmod +x /home/ec2-user/pull.sh", ], ], }, }, }, "Type": "AWS::EC2::Instance", }, "SampleAppClientInstanceInstanceProfile08038138": { "DependsOn": [ "SampleAppClientDeployAwsCliLayer84CF29A7", "SampleAppClientDeployCustomResourceE56A6567", ], "Properties": { "Roles": [ { "Ref": "SampleAppClientInstanceInstanceRole344FC108", }, ], }, "Type": "AWS::IAM::InstanceProfile", }, "SampleAppClientInstanceInstanceRole344FC108": { "DependsOn": [ "SampleAppClientDeployAwsCliLayer84CF29A7", "SampleAppClientDeployCustomResourceE56A6567", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Name", "Value": "BastionHost", }, ], }, "Type": "AWS::IAM::Role", }, "SampleAppClientInstanceInstanceRoleDefaultPolicyE8D72C41": { "DependsOn": [ "SampleAppClientDeployAwsCliLayer84CF29A7", "SampleAppClientDeployCustomResourceE56A6567", ], "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ssmmessages:*", "ssm:UpdateInstanceInformation", "ec2messages:*", ], "Effect": "Allow", "Resource": "*", }, { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "SampleAppClientBucket4BBBAACF", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "SampleAppClientInstanceInstanceRoleDefaultPolicyE8D72C41", "Roles": [ { "Ref": "SampleAppClientInstanceInstanceRole344FC108", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleAppClientInstanceInstanceSecurityGroup6E48D151": { "DependsOn": [ "SampleAppClientDeployAwsCliLayer84CF29A7", "SampleAppClientDeployCustomResourceE56A6567", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/SampleAppClient/Instance/Resource/InstanceSecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "Tags": [ { "Key": "Name", "Value": "BastionHost", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleAppClientVpc8EC27D63": { "Properties": { "CidrBlock": "10.100.16.0/24", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default", }, ], }, "Type": "AWS::EC2::VPC", }, "SampleAppClientVpcForTgwAttachmentsSubnet1RouteTableAssociation1130B15A": { "Properties": { "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet1RouteTableF8B3E64D", }, "SubnetId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet1SubnetDBCFB191", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "SampleAppClientVpcForTgwAttachmentsSubnet1RouteTableF8B3E64D": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::RouteTable", }, "SampleAppClientVpcForTgwAttachmentsSubnet1SubnetDBCFB191": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.100.16.128/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::Subnet", }, "SampleAppClientVpcForTgwAttachmentsSubnet2RouteTableAssociation5496715C": { "Properties": { "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet2RouteTableEFF6F074", }, "SubnetId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet2Subnet848CEDC0", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "SampleAppClientVpcForTgwAttachmentsSubnet2RouteTableEFF6F074": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::RouteTable", }, "SampleAppClientVpcForTgwAttachmentsSubnet2Subnet848CEDC0": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.100.16.144/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::Subnet", }, "SampleAppClientVpcIGW95416E73": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "SampleAppClientVpcIsolatedRouteToTgw00E113B17": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet1RouteTableF8B3E64D", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcIsolatedRouteToTgw0Secondary64AB116A": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet1RouteTableF8B3E64D", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcIsolatedRouteToTgw11959314F": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet2RouteTableEFF6F074", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcIsolatedRouteToTgw1SecondaryA10C843F": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet2RouteTableEFF6F074", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicRouteToTgw091760E3C": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet1RouteTable59EAD090", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicRouteToTgw0Secondary30E7D7D1": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet1RouteTable59EAD090", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicRouteToTgw119F257C3": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet2RouteTableAE719ECA", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicRouteToTgw1SecondaryEDF390DC": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet2RouteTableAE719ECA", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicSubnet1DefaultRouteA0275BD8": { "DependsOn": [ "SampleAppClientVpcVPCGW01242932", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "SampleAppClientVpcIGW95416E73", }, "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet1RouteTable59EAD090", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicSubnet1RouteTable59EAD090": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::RouteTable", }, "SampleAppClientVpcPublicSubnet1RouteTableAssociationDFD73CB3": { "Properties": { "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet1RouteTable59EAD090", }, "SubnetId": { "Ref": "SampleAppClientVpcPublicSubnet1SubnetB3271DC8", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "SampleAppClientVpcPublicSubnet1SubnetB3271DC8": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.100.16.0/26", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::Subnet", }, "SampleAppClientVpcPublicSubnet2DefaultRoute76671E71": { "DependsOn": [ "SampleAppClientVpcVPCGW01242932", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "SampleAppClientVpcIGW95416E73", }, "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet2RouteTableAE719ECA", }, }, "Type": "AWS::EC2::Route", }, "SampleAppClientVpcPublicSubnet2RouteTableAE719ECA": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::RouteTable", }, "SampleAppClientVpcPublicSubnet2RouteTableAssociation20E8E9E9": { "Properties": { "RouteTableId": { "Ref": "SampleAppClientVpcPublicSubnet2RouteTableAE719ECA", }, "SubnetId": { "Ref": "SampleAppClientVpcPublicSubnet2Subnet099EEA1D", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "SampleAppClientVpcPublicSubnet2Subnet099EEA1D": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.100.16.64/26", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/SampleAppClient/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::Subnet", }, "SampleAppClientVpcTgwAttachment44B76A80": { "Properties": { "SubnetIds": [ { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet1SubnetDBCFB191", }, { "Ref": "SampleAppClientVpcForTgwAttachmentsSubnet2Subnet848CEDC0", }, ], "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::TransitGatewayAttachment", }, "SampleAppClientVpcVPCGW01242932": { "Properties": { "InternetGatewayId": { "Ref": "SampleAppClientVpcIGW95416E73", }, "VpcId": { "Ref": "SampleAppClientVpc8EC27D63", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, "SampleAppClientVpcVpcFlowLogsFlowLog9A994D91": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "SampleAppClientVpcVpcFlowLogsLogRoleE8BB8CD2", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "SampleAppClientVpcVpcFlowLogsLogGroupE3566CFF", }, "ResourceId": { "Ref": "SampleAppClientVpc8EC27D63", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "SampleAppClientVpcVpcFlowLogsLogGroupE3566CFF": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 180, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleAppClientVpcVpcFlowLogsLogRoleDefaultPolicyA68A2352": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleAppClientVpcVpcFlowLogsLogGroupE3566CFF", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleAppClientVpcVpcFlowLogsLogRoleE8BB8CD2", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleAppClientVpcVpcFlowLogsLogRoleDefaultPolicyA68A2352", "Roles": [ { "Ref": "SampleAppClientVpcVpcFlowLogsLogRoleE8BB8CD2", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleAppClientVpcVpcFlowLogsLogRoleE8BB8CD2": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppAlb4934C8BB": { "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, ], "Scheme": "internal", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "SampleMultiRegionAppAlbListener5529D23B": { "Properties": { "DefaultActions": [ { "FixedResponseConfig": { "StatusCode": "400", }, "Type": "fixed-response", }, ], "LoadBalancerArn": { "Ref": "SampleMultiRegionAppAlb4934C8BB", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "SampleMultiRegionAppAlbListenerbalanceRule65E4B83C": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppBalanceGroup2D002CE6", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/balance*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 1, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbListenercountRuleE41D7BB5": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppCountGroupF35DCD9E", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/count*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 2, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbListenertransactionRuleD04F551A": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppTransactionGroupBBCBB2BD", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/transaction*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 3, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbSecurityGroupE1B8B642": { "Properties": { "GroupDescription": "Automatically created Security Group for ELB BLEAFSICoreBankingprimarySampleMultiRegionAppAlbF3CD983A", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingprimarySampleMultiRegionAppBalanceFargateServiceSecurityGroup12675873300038B7AA4A": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingprimarySampleMultiRegionAppCountFargateServiceSecurityGroupCBCB28B1300092064D5E": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingprimarySampleMultiRegionAppTransactionFargateServiceSecurityGroup09908A4E300044155975": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppBalanceFargateServiceB3CE9C1E": { "DependsOn": [ "SampleMultiRegionAppAlbListenerbalanceRule65E4B83C", "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppBalanceGroup2D002CE6", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppBalanceTaskCD24682E", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178": { "DependsOn": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/SampleMultiRegionApp/Balance/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppBalanceFargateServiceSecurityGroupfromBLEAFSICoreBankingprimarySampleMultiRegionAppAlbSecurityGroup1DD7615C3000CCD533CB": { "DependsOn": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppBalanceGroup2D002CE6": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppBalanceTaskCD24682E": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": "", }, { "Name": "PARAM_TABLE_NAME", "Value": "", }, { "Name": "DATABASE_HOST", "Value": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Address", ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-1.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1:3503b7ad70d10f5be4a31654feb2b8620c5c94b2b0a1a9c3698716a7afec06d8", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884", }, "awslogs-region": "ap-northeast-1", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "DATABASE_USER", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, ":username::", ], ], }, }, { "Name": "DATABASE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, ":password::", ], ], }, }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskExecutionRole36D89483", "Arn", ], }, "Family": "BLEAFSICoreBankingprimarySampleMultiRegionAppBalanceTask7742B86B", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppBalanceTaskExecutionRole36D89483": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppBalanceTaskExecutionRoleDefaultPolicyFD62584B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-1:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppBalanceTaskExecutionRoleDefaultPolicyFD62584B", "Roles": [ { "Ref": "SampleMultiRegionAppBalanceTaskExecutionRole36D89483", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppCluster9D88E1C2": { "Properties": { "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "SampleMultiRegionAppCountFargateService2EE1C613": { "DependsOn": [ "SampleMultiRegionAppAlbListenercountRuleE41D7BB5", "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppCountGroupF35DCD9E", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppCountTask9E5764AB", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF": { "DependsOn": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/SampleMultiRegionApp/Count/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppCountFargateServiceSecurityGroupfromBLEAFSICoreBankingprimarySampleMultiRegionAppAlbSecurityGroup1DD7615C3000D52D5D86": { "DependsOn": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppCountGroupF35DCD9E": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppCountTask9E5764AB": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": "", }, { "Name": "PARAM_TABLE_NAME", "Value": "", }, { "Name": "DATABASE_HOST", "Value": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Address", ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-1.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1:60fccd43d2b1fbc7ef7c5bc465ffd7c9a160f040a3a95150acc4adde0b2bbcec", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD", }, "awslogs-region": "ap-northeast-1", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "DATABASE_USER", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, ":username::", ], ], }, }, { "Name": "DATABASE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, ":password::", ], ], }, }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB", "Arn", ], }, "Family": "BLEAFSICoreBankingprimarySampleMultiRegionAppCountTaskCDCF544C", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppCountTaskExecutionRoleDefaultPolicyFF11097E": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-1:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "DBAuroraPgAuroraClusterSecretAttachment79578D24", }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppCountTaskExecutionRoleDefaultPolicyFF11097E", "Roles": [ { "Ref": "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppCountTaskTaskRole45DC9375": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppMyRecordSet4189E06D": { "Properties": { "AliasTarget": { "DNSName": { "Fn::Join": [ "", [ "dualstack.", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, ], ], }, "HostedZoneId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "CanonicalHostedZoneID", ], }, }, "HostedZoneId": { "Ref": "PrivateHostedZone6354E1BB", }, "Name": "api.ap-northeast-1.example.com.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, "SampleMultiRegionAppParamTable7082CE0D": { "DeletionPolicy": "Delete", "Properties": { "AttributeDefinitions": [ { "AttributeName": "PK", "AttributeType": "S", }, ], "BillingMode": "PAY_PER_REQUEST", "KeySchema": [ { "AttributeName": "PK", "KeyType": "HASH", }, ], }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Delete", }, "SampleMultiRegionAppTransactionFargateServiceC2F48BC5": { "DependsOn": [ "SampleMultiRegionAppAlbListenertransactionRuleD04F551A", "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppTransactionGroupBBCBB2BD", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppTransactionTaskA16B11F7", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742": { "DependsOn": [ "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/SampleMultiRegionApp/Transaction/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppTransactionFargateServiceSecurityGroupfromBLEAFSICoreBankingprimarySampleMultiRegionAppAlbSecurityGroup1DD7615C30004DA9333E": { "DependsOn": [ "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppTransactionGroupBBCBB2BD": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppTransactionTaskA16B11F7": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, }, { "Name": "PARAM_TABLE_NAME", "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, { "Name": "DATABASE_HOST", "Value": "", }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-1.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1:8d0beda8d44238b45d54e295929887ec151f325d4fd9f1236b40840d2cd5a390", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677", }, "awslogs-region": "ap-northeast-1", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskExecutionRole3D527536", "Arn", ], }, "Family": "BLEAFSICoreBankingprimarySampleMultiRegionAppTransactionTask733ED1A3", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppTransactionTaskExecutionRole3D527536": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionTaskExecutionRoleDefaultPolicy95A5AB7D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-1:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionTaskExecutionRoleDefaultPolicy95A5AB7D", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionTaskExecutionRole3D527536", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionTaskTaskRole209E6E33": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleMultiRegionAppParamTable7082CE0D", "Arn", ], }, { "Ref": "AWS::NoValue", }, ], }, { "Action": [ "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-1:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-1:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionWorkerFargateServiceCAD6D2BF": { "DependsOn": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 0, }, "DesiredCount": 1, "EnableECSManagedTags": false, "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerFargateServiceSecurityGroup8D963150", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppTransactionWorkerTaskB2B4F976", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppTransactionWorkerFargateServiceSecurityGroup8D963150": { "DependsOn": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/SampleMultiRegionApp/TransactionWorker/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppTransactionWorkerTaskB2B4F976": { "Properties": { "ContainerDefinitions": [ { "Command": [ "node", "worker.js", ], "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, }, { "Name": "PARAM_TABLE_NAME", "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, { "Name": "BALANCE_ENDPOINT", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, "/balance", ], ], }, }, { "Name": "COUNT_ENDPOINT", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, "/count", ], ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-1.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1:8d0beda8d44238b45d54e295929887ec151f325d4fd9f1236b40840d2cd5a390", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976", }, "awslogs-region": "ap-northeast-1", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D", "Arn", ], }, "Family": "BLEAFSICoreBankingprimarySampleMultiRegionAppTransactionWorkerTask8346C6B6", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionWorkerTaskExecutionRoleDefaultPolicy3B01D851": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-1:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-1", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionWorkerTaskExecutionRoleDefaultPolicy3B01D851", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleMultiRegionAppParamTable7082CE0D", "Arn", ], }, { "Ref": "AWS::NoValue", }, ], }, { "Action": [ "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-1:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-1:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "transactionDBDynamoDb", "Arn", ], }, ], }, ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.100.0.0/20", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcClientIsolatedRouteToTgw0131AF975": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcClientIsolatedRouteToTgw192A4CB41": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcClientIsolatedRouteToTgw215247F0F": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcClientIsolatedRouteToTgw313DAF3CD": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcClientPublicRouteToTgw049E31AA5": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcClientPublicRouteToTgw1F4F34561": { "DependsOn": [ "SampleAppClientVpcTgwAttachment44B76A80", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcDynamoDbEndpoint564903D1": { "Properties": { "RouteTableIds": [ { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".dynamodb", ], ], }, "VpcEndpointType": "Gateway", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrDockerEndpoint53ED547B": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrDockerEndpointSecurityGroup5D41A216", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-1.ecr.dkr", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrDockerEndpointSecurityGroup5D41A216": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/Vpc/Default/EcrDockerEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcEcrEndpoint0BE46338": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrEndpointSecurityGroup13145954", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-1.ecr.api", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrEndpointSecurityGroup13145954": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/Vpc/Default/EcrEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcForTgwAttachmentsSubnet1RouteTable8C881736": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet1Subnet95D19052": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.100.12.0/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.100.12.16/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcIsolatedRouteToTgw0010E66EA7": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw01215500D5": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw02861354A8": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw034210DE02": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcLogsEndpointForPrivate8D2140E9": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-1.logs", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/Vpc/Default/LogsEndpointForPrivate/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingprimaryVpcPublicSubnet1C0C50893A9C75996": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingprimaryVpcPublicSubnet254C3ED4ADF2C5B19": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicF3ACBBF5": { "Properties": { "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::NetworkAcl", }, "VpcNaclPublicNaclEgressPublic7F2645E5": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcNaclPublicNaclIngressPublicCA388ADE": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcProtectedSubnet1RouteTable69FCECD8": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet1RouteTableAssociation62F625F2": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "SubnetId": { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet1Subnet38ECE18A": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.100.4.0/22", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcProtectedSubnet2RouteTableAssociation960FE2AC": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "SubnetId": { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet2RouteTableFA54AE0B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet2SubnetC22C3325": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.100.8.0/22", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicRouteToTgw000F279134": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicRouteToTgw010382C227": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.101.0.0/20", "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.100.0.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.100.1.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcR53ResolverEndpointE9CD13A7": { "Properties": { "Direction": "INBOUND", "IpAddresses": [ { "SubnetId": { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, }, { "SubnetId": { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, }, { "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, }, { "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, }, ], "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcR53ResolverEndpointSg5A7EAA51", "GroupId", ], }, ], }, "Type": "AWS::Route53Resolver::ResolverEndpoint", }, "VpcR53ResolverEndpointSg5A7EAA51": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/Vpc/R53ResolverEndpointSg", "SecurityGroupEgress": [ { "CidrIp": "255.255.255.255/32", "Description": "Disallow all traffic", "FromPort": 252, "IpProtocol": "icmp", "ToPort": 86, }, ], "SecurityGroupIngress": [ { "CidrIp": "10.0.0.0/16", "Description": "from 10.0.0.0/16:53", "FromPort": 53, "IpProtocol": "tcp", "ToPort": 53, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcS3Endpoint4A3DE4B5": { "Properties": { "RouteTableIds": [ { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".s3", ], ], }, "VpcEndpointType": "Gateway", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcSecretsManagerEndpointForPrivate91BE082A": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-1.secretsmanager", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-primary/Vpc/Default/SecretsManagerEndpointForPrivate/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcTgw43A428E1": { "Properties": { "AmazonSideAsn": 64512, "Tags": [ { "Key": "Name", "Value": "tgw-ap-northeast-1", }, ], }, "Type": "AWS::EC2::TransitGateway", }, "VpcTgwAttachmentA32D0B42": { "Properties": { "SubnetIds": [ { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, ], "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::TransitGatewayAttachment", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, "VpcVpcFlowLogsFlowLog421D53F0": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogRoleED2BD382", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "VpcVpcFlowLogsLogGroup8558C776", }, "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcVpcFlowLogsLogGroup8558C776": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 180, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogGroup8558C776", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogRoleED2BD382", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "Roles": [ { "Ref": "VpcVpcFlowLogsLogRoleED2BD382", }, ], }, "Type": "AWS::IAM::Policy", }, "VpcVpcFlowLogsLogRoleED2BD382": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "VpccrossRegionSsmParamaddTgwIdSsmParamTgwPrimaryId5CAC710D": { "Properties": { "Name": "/bleafsi/test/TgwPrimaryId", "Type": "String", "Value": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::SSM::Parameter", }, "WafWebAclBE24253C": { "Properties": { "DefaultAction": { "Allow": {}, }, "Name": "BLEAFSIAWebAcl", "Rules": [ { "Name": "AWSManagedRulesCommonRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 1, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesCommonRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesCommonRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesKnownBadInputsRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 2, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesKnownBadInputsRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesKnownBadInputsRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesAmazonIpReputationList", "OverrideAction": { "Count": {}, }, "Priority": 3, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesAmazonIpReputationList", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesAmazonIpReputationList", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesLinuxRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 4, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesLinuxRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesLinuxRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesSQLiRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 5, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesSQLiRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesSQLiRuleSet", "SampledRequestsEnabled": true, }, }, ], "Scope": "REGIONAL", "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "BLEAFSIWebAcl", "SampledRequestsEnabled": true, }, }, "Type": "AWS::WAFv2::WebACL", }, "transactionDBDynamoDb": { "DependsOn": [ "AppKeyAlias41A6B934", "AppKey2AF25043", ], "Properties": { "AttributeDefinitions": [ { "AttributeName": "PK", "AttributeType": "S", }, { "AttributeName": "SK", "AttributeType": "S", }, { "AttributeName": "GSI1", "AttributeType": "S", }, ], "BillingMode": "PAY_PER_REQUEST", "GlobalSecondaryIndexes": [ { "IndexName": "GSI1", "KeySchema": [ { "AttributeName": "GSI1", "KeyType": "HASH", }, ], "Projection": { "ProjectionType": "ALL", }, }, ], "KeySchema": [ { "AttributeName": "PK", "KeyType": "HASH", }, { "AttributeName": "SK", "KeyType": "RANGE", }, ], "Replicas": [ { "PointInTimeRecoverySpecification": { "PointInTimeRecoveryEnabled": true, }, "Region": "ap-northeast-1", }, { "PointInTimeRecoverySpecification": { "PointInTimeRecoveryEnabled": true, }, "Region": "ap-northeast-3", }, ], "SSESpecification": { "SSEEnabled": true, "SSEType": "KMS", }, "StreamSpecification": { "StreamViewType": "NEW_AND_OLD_IMAGES", }, }, "Type": "AWS::DynamoDB::GlobalTable", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `; exports[`BLEAFSI-CoreBanking snapshot check Core banking sample Stacks 2`] = ` { "Outputs": { "CLIforTGWpeeringacceptance": { "Description": "1. Subsequent CLI for TGW peering acceptance", "Value": { "Fn::Join": [ "", [ "aws ec2 accept-transit-gateway-peering-attachment --region ap-northeast-1 --transit-gateway-attachment-id ", { "Fn::GetAtt": [ "VpccreateTgwPeeringAttachmentE4554F62", "TransitGatewayPeeringAttachment.TransitGatewayAttachmentId", ], }, " --profile ct-guest-sso", ], ], }, }, "CLIforaddingTGWrouteinprimaryregion": { "Description": "2. Subsequent CLI for adding TGW route in primary region", "Value": { "Fn::Join": [ "", [ "aws ec2 create-transit-gateway-route --region ap-northeast-1 --destination-cidr-block 10.101.0.0/16 --transit-gateway-route-table-id ", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAttGetDefaultRouteTableId6DB194BATransitGateways0OptionsAssociationDefaultRouteTableIdFC78B5FF", ], }, " --transit-gateway-attachment-id ", { "Fn::GetAtt": [ "VpccreateTgwPeeringAttachmentE4554F62", "TransitGatewayPeeringAttachment.TransitGatewayAttachmentId", ], }, " --profile ct-guest-sso", ], ], }, }, "CLIforaddingTGWrouteinsecondaryregion": { "Description": "3. Subsequent CLI for adding TGW route in secondary region", "Value": { "Fn::Join": [ "", [ "aws ec2 create-transit-gateway-route --region ap-northeast-3 --destination-cidr-block 10.100.0.0/16 --transit-gateway-route-table-id ", { "Fn::GetAtt": [ "GetDefaultRouteTableId6DB194BA", "TransitGateways.0.Options.AssociationDefaultRouteTableId", ], }, " --transit-gateway-attachment-id ", { "Fn::GetAtt": [ "VpccreateTgwPeeringAttachmentE4554F62", "TransitGatewayPeeringAttachment.TransitGatewayAttachmentId", ], }, " --profile ct-guest-sso", ], ], }, }, "SampleMultiRegionAppParamTableName1EDCBB71": { "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { "DependsOn": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "c56527323fe165e19e5c38b88f77270ba67c06d0fd17823264a8e1268ef9ce50.zip", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 120, }, "Type": "AWS::Lambda::Function", }, "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "AppKey2AF25043": { "DeletionPolicy": "Retain", "Properties": { "Description": "for App", "EnableKeyRotation": true, "KeyPolicy": { "Statement": [ { "Action": "kms:*", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::111111111111:root", ], ], }, }, "Resource": "*", }, { "Action": [ "kms:Encrypt*", "kms:Decrypt*", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:Describe*", ], "Condition": { "ArnLike": { "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:ap-northeast-3:111111111111:*", }, }, "Effect": "Allow", "Principal": { "Service": "logs.ap-northeast-3.amazonaws.com", }, "Resource": "*", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::KMS::Key", "UpdateReplacePolicy": "Retain", }, "AppKeyAlias41A6B934": { "Properties": { "AliasName": "alias/AppKey-for-app", "TargetKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, }, "Type": "AWS::KMS::Alias", }, "AssociateVpcWithHostedZoneRoute53AssociateVpc15E9B44F": { "DeletionPolicy": "Delete", "DependsOn": [ "AssociateVpcWithHostedZoneRoute53AssociateVpcCustomResourcePolicy891619A5", "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"Route53","action":"associateVPCWithHostedZone","parameters":{"HostedZoneId":"", { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersSsmParameters2A7273B4", "/bleafsi/test/PrivateHostedZoneId", ], }, "","VPC":{"VPCRegion":"ap-northeast-3","VPCId":"", { "Ref": "Vpc8378EB38", }, ""}},"region":"ap-northeast-1","physicalResourceId":{"id":"Route53AssociateVpc"}}", ], ], }, "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"Route53","action":"associateVPCWithHostedZone","parameters":{"HostedZoneId":"", { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersSsmParameters2A7273B4", "/bleafsi/test/PrivateHostedZoneId", ], }, "","VPC":{"VPCRegion":"ap-northeast-3","VPCId":"", { "Ref": "Vpc8378EB38", }, ""}},"region":"ap-northeast-1","physicalResourceId":{"id":"Route53AssociateVpc"}}", ], ], }, }, "Type": "Custom::AWS", "UpdateReplacePolicy": "Delete", }, "AssociateVpcWithHostedZoneRoute53AssociateVpcCustomResourcePolicy891619A5": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "route53:*", "ec2:*", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "AssociateVpcWithHostedZoneRoute53AssociateVpcCustomResourcePolicy891619A5", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandler51EC931D": { "DependsOn": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy1042D084", "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRole18774E25", "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "3803df2f6849acf50bb6577ee095a669940670e799f70a2be34893a399777bc3.zip", }, "Handler": "remote-parameters.on_event", "Role": { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRole18774E25", "Arn", ], }, "Runtime": "python3.8", }, "Type": "AWS::Lambda::Function", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRole18774E25": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy1042D084": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ssm:GetParametersByPath", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy1042D084", "Roles": [ { "Ref": "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandlerServiceRole18774E25", }, ], }, "Type": "AWS::IAM::Policy", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventD5E44DC4": { "DependsOn": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy1EC702E6", "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleAD9689A9", "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e.zip", }, "Description": "AWS CDK resource provider framework - onEvent (BLEAFSI-CoreBanking-secondary/AssociateVpcWithHostedZone/crossRegionSsmParam/Parameters/MyProvider)", "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandler51EC931D", "Arn", ], }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleAD9689A9", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventLogRetentionBB33CCDF": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventD5E44DC4", }, ], ], }, "RetentionInDays": 1, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleAD9689A9": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy1EC702E6": { "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandler51EC931D", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyHandler51EC931D", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy1EC702E6", "Roles": [ { "Ref": "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleAD9689A9", }, ], }, "Type": "AWS::IAM::Policy", }, "AssociateVpcWithHostedZonecrossRegionSsmParamParametersSsmParameters2A7273B4": { "DeletionPolicy": "Delete", "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "VpccreateTgwPeeringAttachmentE4554F62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "VpcDynamoDbEndpoint564903D1", "VpcEcrDockerEndpoint53ED547B", "VpcEcrDockerEndpointSecurityGroup5D41A216", "VpcEcrEndpoint0BE46338", "VpcEcrEndpointSecurityGroup13145954", "VpcForTgwAttachmentsSubnet1RouteTable8C881736", "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026", "VpcForTgwAttachmentsSubnet1Subnet95D19052", "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E", "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", "VpcIGWD7BA715C", "VpcLogsEndpointForPrivate8D2140E9", "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "VpcProtectedSubnet1RouteTable69FCECD8", "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet1Subnet38ECE18A", "VpcProtectedSubnet2RouteTableFA54AE0B", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", "VpcProtectedSubnet2SubnetC22C3325", "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTable6C95E38E", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet1Subnet5C2D37C4", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTable94F7E489", "VpcPublicSubnet2RouteTableAssociationDD5762D8", "VpcPublicSubnet2Subnet691E08A3", "Vpc8378EB38", "VpcS3Endpoint4A3DE4B5", "VpcSecretsManagerEndpointForPrivate91BE082A", "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "VpcVPCGWBF912B6E", "VpcIsolatedRouteToTgw0010E66EA7", "VpcIsolatedRouteToTgw01215500D5", "VpcIsolatedRouteToTgw02861354A8", "VpcIsolatedRouteToTgw034210DE02", "VpcIsolatedRouteToTgw104C2BA69B", "VpcIsolatedRouteToTgw115B3B5E9B", "VpcIsolatedRouteToTgw12E41623F9", "VpcIsolatedRouteToTgw13DC2FB9FB", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0", "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC", "VpcNaclPublicNaclEgressPublic7F2645E5", "VpcNaclPublicNaclIngressPublicCA388ADE", "VpcNaclPublicF3ACBBF5", "VpcPublicRouteToTgw000F279134", "VpcPublicRouteToTgw010382C227", "VpcPublicRouteToTgw10C3652BD4", "VpcPublicRouteToTgw1164424897", "VpcR53ResolverEndpointE9CD13A7", "VpcR53ResolverEndpointSg5A7EAA51", "VpcTgw43A428E1", "VpcTgwAttachmentA32D0B42", "VpcVpcFlowLogsLogGroup8558C776", "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "VpcVpcFlowLogsLogRoleED2BD382", "VpcVpcFlowLogsFlowLog421D53F0", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "ServiceToken": { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersMyProviderframeworkonEventD5E44DC4", "Arn", ], }, "parameterPath": "/bleafsi/test", "regionName": "ap-northeast-1", "stackName": "BLEAFSI-CoreBanking-secondary", }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "CustomCrossRegionExportReaderCustomResourceProviderHandler46647B68": { "DependsOn": [ "CustomCrossRegionExportReaderCustomResourceProviderRole10531BBD", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "06287b159ddc42f3d70d8ea52e034430d7a63d9263991d2579b1370203cfee4e.zip", }, "Handler": "__entrypoint__.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomCrossRegionExportReaderCustomResourceProviderRole10531BBD", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomCrossRegionExportReaderCustomResourceProviderRole10531BBD": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "ssm:AddTagsToResource", "ssm:RemoveTagsFromResource", "ssm:GetParameters", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ssm:ap-northeast-3:111111111111:parameter/cdk/exports/BLEAFSI-CoreBanking-secondary/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "Inline", }, ], }, "Type": "AWS::IAM::Role", }, "DBAuroraPgAuroraCPUUtil8FD0DC1C": { "Properties": { "ActionsEnabled": true, "AlarmActions": [ { "Ref": "MonitorAlarmTopic1E34119C", }, ], "ComparisonOperator": "GreaterThanOrEqualToThreshold", "DatapointsToAlarm": 3, "Dimensions": [ { "Name": "DBClusterIdentifier", "Value": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, }, ], "EvaluationPeriods": 3, "MetricName": "CPUUtilization", "Namespace": "AWS/RDS", "Period": 60, "Statistic": "Average", "Threshold": 90, }, "Type": "AWS::CloudWatch::Alarm", }, "DBAuroraPgAuroraCluster654F0C65": { "DeletionPolicy": "Snapshot", "Properties": { "CopyTagsToSnapshot": true, "DBClusterParameterGroupName": "default.aurora-postgresql11", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "EnableCloudwatchLogsExports": [ "postgresql", ], "Engine": "aurora-postgresql", "EngineVersion": "11.9", "GlobalClusterIdentifier": "core-banking-global-db", "KmsKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "Port": 5432, "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Snapshot", }, "DBAuroraPgAuroraClusterInstance1CA8DBC8C": { "DeletionPolicy": "Delete", "DependsOn": [ "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", ], "Properties": { "DBClusterIdentifier": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "DBInstanceClass": "db.r5.large", "DBInstanceIdentifier": "instance1", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "EnablePerformanceInsights": true, "Engine": "aurora-postgresql", "PerformanceInsightsKMSKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "PerformanceInsightsRetentionPeriod": 7, "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Delete", }, "DBAuroraPgAuroraClusterInstance20FAB99C5": { "DeletionPolicy": "Delete", "DependsOn": [ "VpcProtectedSubnet1RouteTableAssociation62F625F2", "VpcProtectedSubnet2RouteTableAssociation960FE2AC", ], "Properties": { "DBClusterIdentifier": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "DBInstanceClass": "db.r5.large", "DBInstanceIdentifier": "instance2", "DBSubnetGroupName": { "Ref": "DBAuroraPgAuroraClusterSubnets4FFFB644", }, "EnablePerformanceInsights": true, "Engine": "aurora-postgresql", "PerformanceInsightsKMSKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "PerformanceInsightsRetentionPeriod": 7, "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Delete", }, "DBAuroraPgAuroraClusterLogRetentionpostgresql3C66E2AA": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/rds/cluster/", { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "/postgresql", ], ], }, "RetentionInDays": 90, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "DBAuroraPgAuroraClusterSecret87616595": { "DeletionPolicy": "Delete", "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"postgres"}", }, }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "DBAuroraPgAuroraClusterSecretAttachment79578D24": { "Properties": { "SecretId": { "Ref": "DBAuroraPgAuroraClusterSecret87616595", }, "TargetId": { "Ref": "DBAuroraPgAuroraCluster654F0C65", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "DBAuroraPgAuroraClusterSubnets4FFFB644": { "Properties": { "DBSubnetGroupDescription": "Subnets for AuroraCluster database", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", }, "DBAuroraPgRdsEventsCluster22EF9729": { "Properties": { "Enabled": true, "EventCategories": [ "failure", "failover", "maintenance", ], "SnsTopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, "SourceType": "db-cluster", }, "Type": "AWS::RDS::EventSubscription", }, "DBAuroraPgRdsEventsInstances6B46FC66": { "Properties": { "Enabled": true, "EventCategories": [ "availability", "configuration change", "deletion", "failover", "failure", "maintenance", "notification", "recovery", ], "SnsTopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, "SourceType": "db-instance", }, "Type": "AWS::RDS::EventSubscription", }, "DBAuroraPgSgRdsF3DC7367": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/DBAuroraPg/SgRds", "SecurityGroupEgress": [ { "CidrIp": "255.255.255.255/32", "Description": "Disallow all traffic", "FromPort": 252, "IpProtocol": "icmp", "ToPort": 86, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseSgFargateF4EF7EFBIndirectPortE02FA29D": { "Properties": { "Description": "from BLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseSgFargateF4EF7EFB:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingsecondarySampleMultiRegionAppBalanceFargateServiceSecurityGroup0A66A186IndirectPortC8742B66": { "Properties": { "Description": "from BLEAFSICoreBankingsecondarySampleMultiRegionAppBalanceFargateServiceSecurityGroup0A66A186:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "DBAuroraPgSgRdsfromBLEAFSICoreBankingsecondarySampleMultiRegionAppCountFargateServiceSecurityGroup63DD71AFIndirectPort0C8367A8": { "Properties": { "Description": "from BLEAFSICoreBankingsecondarySampleMultiRegionAppCountFargateServiceSecurityGroup63DD71AF:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ECSAppcontainerAppSampleBaseAlbDB2A3544": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "access_logs.s3.enabled", "Value": "true", }, { "Key": "access_logs.s3.bucket", "Value": { "Ref": "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", }, }, ], "Scheme": "internal", "SecurityGroups": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbDB2A3544", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "30", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "ECSAppcontainerAppSampleBaseCluster569A303B": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "ECSAppcontainerAppSampleBaseCluster9D2F5822": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "CapacityProviders": [ "FARGATE", "FARGATE_SPOT", ], "Cluster": { "Ref": "ECSAppcontainerAppSampleBaseCluster569A303B", }, "DefaultCapacityProviderStrategy": [], }, "Type": "AWS::ECS::ClusterCapacityProviderAssociations", }, "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ECSAppcontainerAppSampleBaseEcsTask252AEDDF": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "ENVIRONMENT_VARIABLE_SAMPLE_KEY", "Value": "Environment Variable Sample Value", }, ], "Essential": true, "Image": { "Fn::Join": [ "", [ "111111111111.dkr.ecr.ap-northeast-3.", { "Ref": "AWS::URLSuffix", }, "/", { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", "/bleafsi/test/EcrAppRepositoryName", ], }, ":", { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", "/bleafsi/test/EcrAppImageTag", ], }, ], ], }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", }, "awslogs-region": "ap-northeast-3", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 80, "Protocol": "tcp", }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", "Arn", ], }, "Family": "BLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseEcsTask4B8035EC", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-3:111111111111:repository/", { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", "/bleafsi/test/EcrAppRepositoryName", ], }, ], ], }, }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": "*", }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ECSAppcontainerAppSampleBaseEcsTaskExecutionRoleDefaultPolicy3EB42759", "Roles": [ { "Ref": "ECSAppcontainerAppSampleBaseEcsTaskExecutionRole023854EF", }, ], }, "Type": "AWS::IAM::Policy", }, "ECSAppcontainerAppSampleBaseFargateLogGroupA7A6AEB2": { "DeletionPolicy": "Retain", "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "KmsKeyId": { "Fn::GetAtt": [ "AppKey2AF25043", "Arn", ], }, "RetentionInDays": 90, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "ECSAppcontainerAppSampleBaseFargateServiceDAE6BFD9": { "DependsOn": [ "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", "ECSAppcontainerAppSampleBaseAlbhttp258CB6B9", "ECSAppcontainerAppSampleBaseEcsServiceTaskRole91D7335C", "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "ECSAppcontainerAppSampleBaseCluster569A303B", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DesiredCount": 2, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 80, "TargetGroupArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbhttpEcsAppGroup5462138A", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "PlatformVersion": "LATEST", "TaskDefinition": { "Ref": "ECSAppcontainerAppSampleBaseEcsTask252AEDDF", }, }, "Type": "AWS::ECS::Service", }, "ECSAppcontainerAppSampleBaseSgAlb1B19B99D": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/ECSApp/containerAppSampleBase/SgAlb", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ECSAppcontainerAppSampleBaseSgAlbtoBLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseSgFargateF4EF7EFB80A6C3919B": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "Description": "to BLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseSgFargateF4EF7EFB:80", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "FromPort": 80, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 80, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ECSAppcontainerAppSampleBaseSgFargateA0785180": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/ECSApp/containerAppSampleBase/SgFargate", "SecurityGroupEgress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":ALL PORTS", ], ], }, "FromPort": 0, "IpProtocol": "tcp", "ToPort": 65535, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "ECSAppcontainerAppSampleBaseSgFargatefromBLEAFSICoreBankingsecondaryECSAppcontainerAppSampleBaseSgAlb23E1CE5280CB87E950": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "Description": "Load balancer to target", "FromPort": 80, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgAlb1B19B99D", "GroupId", ], }, "ToPort": 80, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "ECSAppcontainerAppSampleBaseSgFargatetoBLEAFSICoreBankingsecondaryDBAuroraPgSgRds8E7AF5EEIndirectPort1C4520D1": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "Description": "to BLEAFSICoreBankingsecondaryDBAuroraPgSgRds8E7AF5EE:{IndirectPort}", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "DBAuroraPgSgRdsF3DC7367", "GroupId", ], }, "FromPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBaseSgFargateA0785180", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "ECSAppcontainerAppSampleBaseWebAclAssociation64E05BAF": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "ResourceArn": { "Ref": "ECSAppcontainerAppSampleBaseAlbDB2A3544", }, "WebACLArn": { "Fn::GetAtt": [ "WafWebAclBE24253C", "Arn", ], }, }, "Type": "AWS::WAFv2::WebACLAssociation", }, "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA": { "DeletionPolicy": "Retain", "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "AccessControl": "Private", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "ECSAppcontainerAppSampleBasealblogbucketPolicy03FEA10B": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6", ], "Properties": { "Bucket": { "Ref": "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "s3:PutObject", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::383597477331:root", ], ], }, }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/AWSLogs/111111111111/*", ], ], }, }, { "Action": "s3:PutObject", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", }, }, "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, "/AWSLogs/111111111111/*", ], ], }, }, { "Action": "s3:GetBucketAcl", "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::GetAtt": [ "ECSAppcontainerAppSampleBasealblogbucket0B3FD4EA", "Arn", ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "3803df2f6849acf50bb6577ee095a669940670e799f70a2be34893a399777bc3.zip", }, "Handler": "remote-parameters.on_event", "Role": { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", "Arn", ], }, "Runtime": "python3.8", }, "Type": "AWS::Lambda::Function", }, "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ssm:GetParametersByPath", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRoleDefaultPolicy5686E82A", "Roles": [ { "Ref": "ECSAppcrossRegionSsmParamParametersMyHandlerServiceRole8C71EE9D", }, ], }, "Type": "AWS::IAM::Policy", }, "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24": { "DependsOn": [ "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e.zip", }, "Description": "AWS CDK resource provider framework - onEvent (BLEAFSI-CoreBanking-secondary/ECSApp/crossRegionSsmParam/Parameters/MyProvider)", "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "Arn", ], }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventLogRetention30554CBA": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", }, ], ], }, "RetentionInDays": 1, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyHandlerDC24C932", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRoleDefaultPolicy4883AFFF", "Roles": [ { "Ref": "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEventServiceRole895A30C7", }, ], }, "Type": "AWS::IAM::Policy", }, "ECSAppcrossRegionSsmParamParametersSsmParameters7E0319E6": { "DeletionPolicy": "Delete", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "ServiceToken": { "Fn::GetAtt": [ "ECSAppcrossRegionSsmParamParametersMyProviderframeworkonEvent2A157B24", "Arn", ], }, "parameterPath": "/bleafsi/test", "regionName": "ap-northeast-1", "stackName": "BLEAFSI-CoreBanking-secondary", }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "ExportsReader8B249524": { "DeletionPolicy": "Delete", "Properties": { "ReaderProps": { "imports": { "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAttGetDefaultRouteTableId6DB194BATransitGateways0OptionsAssociationDefaultRouteTableIdFC78B5FF": "{{resolve:ssm:/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAttGetDefaultRouteTableId6DB194BATransitGateways0OptionsAssociationDefaultRouteTableIdFC78B5FF}}", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864": "{{resolve:ssm:/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864}}", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498": "{{resolve:ssm:/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498}}", }, "prefix": "BLEAFSI-CoreBanking-secondary", "region": "ap-northeast-3", }, "ServiceToken": { "Fn::GetAtt": [ "CustomCrossRegionExportReaderCustomResourceProviderHandler46647B68", "Arn", ], }, }, "Type": "Custom::CrossRegionExportReader", "UpdateReplacePolicy": "Delete", }, "GetDefaultRouteTableId6DB194BA": { "DeletionPolicy": "Delete", "DependsOn": [ "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"EC2","action":"describeTransitGateways","parameters":{"TransitGatewayIds":["", { "Ref": "VpcTgw43A428E1", }, ""]},"physicalResourceId":{"id":"GetDefaultRouteTableId"}}", ], ], }, "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"EC2","action":"describeTransitGateways","parameters":{"TransitGatewayIds":["", { "Ref": "VpcTgw43A428E1", }, ""]},"physicalResourceId":{"id":"GetDefaultRouteTableId"}}", ], ], }, }, "Type": "Custom::AWS", "UpdateReplacePolicy": "Delete", }, "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ec2:DescribeTransitGateways", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "GetDefaultRouteTableIdCustomResourcePolicy2240EBDC", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": { "DependsOn": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", ], "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "5fa1330271b8967d9254ba2d4a07144f8acefe8b77e6d6bba38261373a50d5f8.zip", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", "Arn", ], }, "Runtime": "nodejs16.x", }, "Type": "AWS::Lambda::Function", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:PutRetentionPolicy", "logs:DeleteRetentionPolicy", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "Roles": [ { "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", }, ], }, "Type": "AWS::IAM::Policy", }, "MonitorAlarmEmailBA1444D7": { "Properties": { "Endpoint": "exsample@exsample.com", "Protocol": "email", "TopicArn": { "Ref": "MonitorAlarmTopic1E34119C", }, }, "Type": "AWS::SNS::Subscription", }, "MonitorAlarmTopic1E34119C": { "Type": "AWS::SNS::Topic", }, "MonitorAlarmTopicPolicy3B1D026A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "sns:Publish", "Effect": "Allow", "Principal": { "Service": "cloudwatch.amazonaws.com", }, "Resource": { "Ref": "MonitorAlarmTopic1E34119C", }, "Sid": "0", }, { "Action": "sns:Publish", "Condition": { "Bool": { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": "*", "Resource": { "Ref": "MonitorAlarmTopic1E34119C", }, "Sid": "EnforcePublishersToUseSSL", }, ], "Version": "2012-10-17", }, "Topics": [ { "Ref": "MonitorAlarmTopic1E34119C", }, ], }, "Type": "AWS::SNS::TopicPolicy", }, "SampleMultiRegionAppAlb4934C8BB": { "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, ], "Scheme": "internal", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "Type": "application", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "SampleMultiRegionAppAlbListener5529D23B": { "Properties": { "DefaultActions": [ { "FixedResponseConfig": { "StatusCode": "400", }, "Type": "fixed-response", }, ], "LoadBalancerArn": { "Ref": "SampleMultiRegionAppAlb4934C8BB", }, "Port": 80, "Protocol": "HTTP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "SampleMultiRegionAppAlbListenerbalanceRule65E4B83C": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppBalanceGroup2D002CE6", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/balance*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 1, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbListenercountRuleE41D7BB5": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppCountGroupF35DCD9E", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/count*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 2, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbListenertransactionRuleD04F551A": { "Properties": { "Actions": [ { "TargetGroupArn": { "Ref": "SampleMultiRegionAppTransactionGroupBBCBB2BD", }, "Type": "forward", }, ], "Conditions": [ { "Field": "path-pattern", "PathPatternConfig": { "Values": [ "/transaction*", ], }, }, ], "ListenerArn": { "Ref": "SampleMultiRegionAppAlbListener5529D23B", }, "Priority": 3, }, "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", }, "SampleMultiRegionAppAlbSecurityGroupE1B8B642": { "Properties": { "GroupDescription": "Automatically created Security Group for ELB BLEAFSICoreBankingsecondarySampleMultiRegionAppAlbF5865706", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow from anyone on port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingsecondarySampleMultiRegionAppBalanceFargateServiceSecurityGroup0A66A186300096EC762C": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingsecondarySampleMultiRegionAppCountFargateServiceSecurityGroup63DD71AF300064280800": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppAlbSecurityGrouptoBLEAFSICoreBankingsecondarySampleMultiRegionAppTransactionFargateServiceSecurityGroup95F3D9103000A130DF59": { "Properties": { "Description": "Load balancer to target", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "IpProtocol": "tcp", "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupEgress", }, "SampleMultiRegionAppBalanceFargateServiceB3CE9C1E": { "DependsOn": [ "SampleMultiRegionAppAlbListenerbalanceRule65E4B83C", "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppBalanceGroup2D002CE6", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppBalanceTaskCD24682E", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178": { "DependsOn": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/SampleMultiRegionApp/Balance/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppBalanceFargateServiceSecurityGroupfromBLEAFSICoreBankingsecondarySampleMultiRegionAppAlbSecurityGroup550DBC73300093CCBB3A": { "DependsOn": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceFargateServiceSecurityGroup3FD93178", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppBalanceGroup2D002CE6": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppBalanceTaskCD24682E": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": "", }, { "Name": "PARAM_TABLE_NAME", "Value": "", }, { "Name": "DATABASE_HOST", "Value": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Address", ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-3.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3:6b47c3d59fd58873480ca7899139a2ea49871744ef2310c7812c39f41e140ab0", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884", }, "awslogs-region": "ap-northeast-3", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "DATABASE_USER", "ValueFrom": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, ":username::", ], ], }, }, { "Name": "DATABASE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, ":password::", ], ], }, }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskExecutionRole36D89483", "Arn", ], }, "Family": "BLEAFSICoreBankingsecondarySampleMultiRegionAppBalanceTask573F6721", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppBalanceTaskExecutionRole36D89483": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppBalanceTaskExecutionRoleDefaultPolicyFD62584B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-3:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppBalanceTaskEcsAppLogGroup528CF884", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, "-??????", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppBalanceTaskExecutionRoleDefaultPolicyFD62584B", "Roles": [ { "Ref": "SampleMultiRegionAppBalanceTaskExecutionRole36D89483", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppBalanceTaskTaskRoleEBBC5F37": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppCluster9D88E1C2": { "Properties": { "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "SampleMultiRegionAppCountFargateService2EE1C613": { "DependsOn": [ "SampleMultiRegionAppAlbListenercountRuleE41D7BB5", "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppCountGroupF35DCD9E", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppCountTask9E5764AB", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF": { "DependsOn": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/SampleMultiRegionApp/Count/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppCountFargateServiceSecurityGroupfromBLEAFSICoreBankingsecondarySampleMultiRegionAppAlbSecurityGroup550DBC733000E3B3303A": { "DependsOn": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppCountFargateServiceSecurityGroup12EC9FEF", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppCountGroupF35DCD9E": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppCountTask9E5764AB": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": "", }, { "Name": "PARAM_TABLE_NAME", "Value": "", }, { "Name": "DATABASE_HOST", "Value": { "Fn::GetAtt": [ "DBAuroraPgAuroraCluster654F0C65", "Endpoint.Address", ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-3.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3:dfe6db1951804bebe1f267a9255a7335f5d0706e77981e7d84bfc7f8611a4dfb", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD", }, "awslogs-region": "ap-northeast-3", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], "Secrets": [ { "Name": "DATABASE_USER", "ValueFrom": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, ":username::", ], ], }, }, { "Name": "DATABASE_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, ":password::", ], ], }, }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB", "Arn", ], }, "Family": "BLEAFSICoreBankingsecondarySampleMultiRegionAppCountTask34303954", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskTaskRole45DC9375", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppCountTaskExecutionRoleDefaultPolicyFF11097E": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-3:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppCountTaskEcsAppLogGroupF40366CD", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":secretsmanager:ap-northeast-3:111111111111:secret:", { "Fn::Join": [ "-", [ { "Fn::Select": [ 0, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "-", { "Fn::Select": [ 6, { "Fn::Split": [ ":", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1RefBLEAFSICoreBankingprimaryDBAuroraPgAuroraClusterSecret7B31D2F13fdaad7efa858a3daf9490cf0a702aeb632D9498", ], }, ], }, ], }, ], }, ], }, ], ], }, "-??????", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppCountTaskExecutionRoleDefaultPolicyFF11097E", "Roles": [ { "Ref": "SampleMultiRegionAppCountTaskExecutionRoleA2265BAB", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppCountTaskTaskRole45DC9375": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppMyRecordSet4189E06D": { "Properties": { "AliasTarget": { "DNSName": { "Fn::Join": [ "", [ "dualstack.", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, ], ], }, "HostedZoneId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "CanonicalHostedZoneID", ], }, }, "HostedZoneId": { "Fn::GetAtt": [ "AssociateVpcWithHostedZonecrossRegionSsmParamParametersSsmParameters2A7273B4", "/bleafsi/test/PrivateHostedZoneId", ], }, "Name": "api.ap-northeast-3.example.com.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, "SampleMultiRegionAppParamTable7082CE0D": { "DeletionPolicy": "Delete", "Properties": { "AttributeDefinitions": [ { "AttributeName": "PK", "AttributeType": "S", }, ], "BillingMode": "PAY_PER_REQUEST", "KeySchema": [ { "AttributeName": "PK", "KeyType": "HASH", }, ], }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Delete", }, "SampleMultiRegionAppTransactionFargateServiceC2F48BC5": { "DependsOn": [ "SampleMultiRegionAppAlbListenertransactionRuleD04F551A", "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 60, "LoadBalancers": [ { "ContainerName": "EcsApp", "ContainerPort": 3000, "TargetGroupArn": { "Ref": "SampleMultiRegionAppTransactionGroupBBCBB2BD", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppTransactionTaskA16B11F7", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742": { "DependsOn": [ "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/SampleMultiRegionApp/Transaction/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppTransactionFargateServiceSecurityGroupfromBLEAFSICoreBankingsecondarySampleMultiRegionAppAlbSecurityGroup550DBC7330004965F1F7": { "DependsOn": [ "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", ], "Properties": { "Description": "Load balancer to target", "FromPort": 3000, "GroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionFargateServiceSecurityGroupAAC95742", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "SampleMultiRegionAppAlbSecurityGroupE1B8B642", "GroupId", ], }, "ToPort": 3000, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "SampleMultiRegionAppTransactionGroupBBCBB2BD": { "Properties": { "HealthCheckIntervalSeconds": 15, "HealthCheckPath": "/health", "HealthyThresholdCount": 2, "Port": 80, "Protocol": "HTTP", "TargetGroupAttributes": [ { "Key": "deregistration_delay.timeout_seconds", "Value": "10", }, { "Key": "stickiness.enabled", "Value": "false", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "SampleMultiRegionAppTransactionTaskA16B11F7": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, }, { "Name": "PARAM_TABLE_NAME", "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, { "Name": "DATABASE_HOST", "Value": "", }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-3.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3:54c52aa0a6ab9d11c108502a229bdde6b704994c7311e8ca647ac39fcc843cca", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677", }, "awslogs-region": "ap-northeast-3", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", "PortMappings": [ { "ContainerPort": 3000, "Protocol": "tcp", }, ], }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskExecutionRole3D527536", "Arn", ], }, "Family": "BLEAFSICoreBankingsecondarySampleMultiRegionAppTransactionTask5393C414", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppTransactionTaskExecutionRole3D527536": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionTaskExecutionRoleDefaultPolicy95A5AB7D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-3:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionTaskEcsAppLogGroupDC46D677", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionTaskExecutionRoleDefaultPolicy95A5AB7D", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionTaskExecutionRole3D527536", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionTaskTaskRole209E6E33": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleMultiRegionAppParamTable7082CE0D", "Arn", ], }, { "Ref": "AWS::NoValue", }, ], }, { "Action": [ "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-3:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-3:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionTaskTaskRoleDefaultPolicy89E5314C", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionTaskTaskRole209E6E33", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionWorkerFargateServiceCAD6D2BF": { "DependsOn": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", ], "Properties": { "CapacityProviderStrategy": [ { "CapacityProvider": "FARGATE", "Weight": 1, }, ], "Cluster": { "Ref": "SampleMultiRegionAppCluster9D88E1C2", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 0, }, "DesiredCount": 1, "EnableECSManagedTags": false, "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerFargateServiceSecurityGroup8D963150", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "SampleMultiRegionAppTransactionWorkerTaskB2B4F976", }, }, "Type": "AWS::ECS::Service", }, "SampleMultiRegionAppTransactionWorkerFargateServiceSecurityGroup8D963150": { "DependsOn": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", ], "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/SampleMultiRegionApp/TransactionWorker/FargateService/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "SampleMultiRegionAppTransactionWorkerTaskB2B4F976": { "Properties": { "ContainerDefinitions": [ { "Command": [ "node", "worker.js", ], "Environment": [ { "Name": "MAIN_TABLE_NAME", "Value": { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, }, { "Name": "PARAM_TABLE_NAME", "Value": { "Ref": "SampleMultiRegionAppParamTable7082CE0D", }, }, { "Name": "BALANCE_ENDPOINT", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, "/balance", ], ], }, }, { "Name": "COUNT_ENDPOINT", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "SampleMultiRegionAppAlb4934C8BB", "DNSName", ], }, "/count", ], ], }, }, ], "Essential": true, "Image": { "Fn::Sub": "111111111111.dkr.ecr.ap-northeast-3.\${AWS::URLSuffix}/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3:54c52aa0a6ab9d11c108502a229bdde6b704994c7311e8ca647ac39fcc843cca", }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976", }, "awslogs-region": "ap-northeast-3", "awslogs-stream-prefix": "BLEA-ECSApp-", }, }, "Name": "EcsApp", }, ], "Cpu": "256", "ExecutionRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D", "Arn", ], }, "Family": "BLEAFSICoreBankingsecondarySampleMultiRegionAppTransactionWorkerTaskDC416165", "Memory": "512", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976": { "DeletionPolicy": "Retain", "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionWorkerTaskExecutionRoleDefaultPolicy3B01D851": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:ap-northeast-3:111111111111:repository/cdk-hnb659fds-container-assets-111111111111-ap-northeast-3", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "SampleMultiRegionAppTransactionWorkerTaskEcsAppLogGroup275E0976", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionWorkerTaskExecutionRoleDefaultPolicy3B01D851", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionWorkerTaskExecutionRole0464601D", }, ], }, "Type": "AWS::IAM::Policy", }, "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "SampleMultiRegionAppParamTable7082CE0D", "Arn", ], }, { "Ref": "AWS::NoValue", }, ], }, { "Action": [ "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-3:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":dynamodb:ap-northeast-3:111111111111:table/", { "Fn::Select": [ 1, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ExportsReader8B249524", "/cdk/exports/BLEAFSI-CoreBanking-secondary/BLEAFSICoreBankingprimaryapnortheast1FnGetAtttransactionDBDynamoDbArn1E79A864", ], }, ], }, ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "SampleMultiRegionAppTransactionWorkerTaskTaskRoleDefaultPolicy44090D01", "Roles": [ { "Ref": "SampleMultiRegionAppTransactionWorkerTaskTaskRoleCC299E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.101.0.0/20", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcDynamoDbEndpoint564903D1": { "Properties": { "RouteTableIds": [ { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".dynamodb", ], ], }, "VpcEndpointType": "Gateway", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrDockerEndpoint53ED547B": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrDockerEndpointSecurityGroup5D41A216", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-3.ecr.dkr", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrDockerEndpointSecurityGroup5D41A216": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/Vpc/Default/EcrDockerEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcEcrEndpoint0BE46338": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrEndpointSecurityGroup13145954", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-3.ecr.api", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrEndpointSecurityGroup13145954": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/Vpc/Default/EcrEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcForTgwAttachmentsSubnet1RouteTable8C881736": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet1Subnet95D19052": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.101.12.0/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.101.12.16/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcIsolatedRouteToTgw0010E66EA7": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw01215500D5": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw02861354A8": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw034210DE02": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw104C2BA69B": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw115B3B5E9B": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw12E41623F9": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcIsolatedRouteToTgw13DC2FB9FB": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcLogsEndpointForPrivate8D2140E9": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-3.logs", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/Vpc/Default/LogsEndpointForPrivate/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet133FD76514AF651D0": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicDefaultAssociationBLEAFSICoreBankingsecondaryVpcPublicSubnet210A14E5B3ADAC4BC": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicF3ACBBF5": { "Properties": { "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::NetworkAcl", }, "VpcNaclPublicNaclEgressPublic7F2645E5": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcNaclPublicNaclIngressPublicCA388ADE": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcProtectedSubnet1RouteTable69FCECD8": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet1RouteTableAssociation62F625F2": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "SubnetId": { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet1Subnet38ECE18A": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.101.4.0/22", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcProtectedSubnet2RouteTableAssociation960FE2AC": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "SubnetId": { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet2RouteTableFA54AE0B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet2SubnetC22C3325": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.101.8.0/22", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicRouteToTgw000F279134": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicRouteToTgw010382C227": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.0.0/20", "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicRouteToTgw10C3652BD4": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicRouteToTgw1164424897": { "DependsOn": [ "VpcTgwAttachmentA32D0B42", ], "Properties": { "DestinationCidrBlock": "10.100.16.0/24", "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": "dummy1a", "CidrBlock": "10.101.0.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": "dummy1b", "CidrBlock": "10.101.1.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcR53ResolverEndpointE9CD13A7": { "Properties": { "Direction": "INBOUND", "IpAddresses": [ { "SubnetId": { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, }, { "SubnetId": { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, }, { "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, }, { "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, }, ], "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcR53ResolverEndpointSg5A7EAA51", "GroupId", ], }, ], }, "Type": "AWS::Route53Resolver::ResolverEndpoint", }, "VpcR53ResolverEndpointSg5A7EAA51": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/Vpc/R53ResolverEndpointSg", "SecurityGroupEgress": [ { "CidrIp": "255.255.255.255/32", "Description": "Disallow all traffic", "FromPort": 252, "IpProtocol": "icmp", "ToPort": 86, }, ], "SecurityGroupIngress": [ { "CidrIp": "10.0.0.0/16", "Description": "from 10.0.0.0/16:53", "FromPort": 53, "IpProtocol": "tcp", "ToPort": 53, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcS3Endpoint4A3DE4B5": { "Properties": { "RouteTableIds": [ { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".s3", ], ], }, "VpcEndpointType": "Gateway", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcSecretsManagerEndpointForPrivate91BE082A": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD", "GroupId", ], }, ], "ServiceName": "com.amazonaws.ap-northeast-3.secretsmanager", "SubnetIds": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcSecretsManagerEndpointForPrivateSecurityGroup732C6BAD": { "Properties": { "GroupDescription": "BLEAFSI-CoreBanking-secondary/Vpc/Default/SecretsManagerEndpointForPrivate/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-CoreBanking-secondary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcTgw43A428E1": { "Properties": { "AmazonSideAsn": 64513, "Tags": [ { "Key": "Name", "Value": "tgw-ap-northeast-3", }, ], }, "Type": "AWS::EC2::TransitGateway", }, "VpcTgwAttachmentA32D0B42": { "Properties": { "SubnetIds": [ { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, ], "TransitGatewayId": { "Ref": "VpcTgw43A428E1", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::TransitGatewayAttachment", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, "VpcVpcFlowLogsFlowLog421D53F0": { "Properties": { "DeliverLogsPermissionArn": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogRoleED2BD382", "Arn", ], }, "LogDestinationType": "cloud-watch-logs", "LogGroupName": { "Ref": "VpcVpcFlowLogsLogGroup8558C776", }, "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcVpcFlowLogsLogGroup8558C776": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 180, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogGroup8558C776", "Arn", ], }, }, { "Action": "iam:PassRole", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "VpcVpcFlowLogsLogRoleED2BD382", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "VpcVpcFlowLogsLogRoleDefaultPolicyD30183D1", "Roles": [ { "Ref": "VpcVpcFlowLogsLogRoleED2BD382", }, ], }, "Type": "AWS::IAM::Policy", }, "VpcVpcFlowLogsLogRoleED2BD382": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "vpc-flow-logs.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ec2:CreateTransitGatewayPeeringAttachment", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "VpccreateTgwPeeringAttachmentE4554F62": { "DeletionPolicy": "Delete", "DependsOn": [ "VpccreateTgwPeeringAttachmentCustomResourcePolicyA5D6BA5E", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"EC2","action":"createTransitGatewayPeeringAttachment","parameters":{"PeerAccountId":"111111111111","PeerRegion":"ap-northeast-1","PeerTransitGatewayId":"", { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "/bleafsi/test/TgwPrimaryId", ], }, "","TransitGatewayId":"", { "Ref": "VpcTgw43A428E1", }, ""},"region":"ap-northeast-3","physicalResourceId":{"id":"createTgwPeeringAttachment"}}", ], ], }, "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"EC2","action":"createTransitGatewayPeeringAttachment","parameters":{"PeerAccountId":"111111111111","PeerRegion":"ap-northeast-1","PeerTransitGatewayId":"", { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057", "/bleafsi/test/TgwPrimaryId", ], }, "","TransitGatewayId":"", { "Ref": "VpcTgw43A428E1", }, ""},"region":"ap-northeast-3","physicalResourceId":{"id":"createTgwPeeringAttachment"}}", ], ], }, }, "Type": "Custom::AWS", "UpdateReplacePolicy": "Delete", }, "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B": { "DependsOn": [ "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "3803df2f6849acf50bb6577ee095a669940670e799f70a2be34893a399777bc3.zip", }, "Handler": "remote-parameters.on_event", "Role": { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", "Arn", ], }, "Runtime": "python3.8", }, "Type": "AWS::Lambda::Function", }, "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ssm:GetParametersByPath", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRoleDefaultPolicy67971A62", "Roles": [ { "Ref": "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerServiceRole00BC287E", }, ], }, "Type": "AWS::IAM::Policy", }, "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A": { "DependsOn": [ "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", ], "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "Code": { "S3Bucket": "cdk-hnb659fds-assets-111111111111-ap-northeast-3", "S3Key": "8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e.zip", }, "Description": "AWS CDK resource provider framework - onEvent (BLEAFSI-CoreBanking-secondary/Vpc/crossRegionSsmParam-peerTgwId/Parameters/MyProvider)", "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "Arn", ], }, }, }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventLogRetention88F0538A": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", }, ], ], }, "RetentionInDays": 1, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyHandlerA50EC17B", "Arn", ], }, ":*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRoleDefaultPolicy2A537E4C", "Roles": [ { "Ref": "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEventServiceRole3999E997", }, ], }, "Type": "AWS::IAM::Policy", }, "VpccrossRegionSsmParampeerTgwIdParametersSsmParameters945E8057": { "DeletionPolicy": "Delete", "Metadata": { "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-L1", "reason": "Non-latest Lambda runtime is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM4", "reason": "AWSLambdaBasicExecutionRole is used inside RemoteParameters", }, { "id": "AwsSolutions-IAM5", "reason": "Wildcard policy is used inside RemoteParameters", }, ], }, }, "Properties": { "ServiceToken": { "Fn::GetAtt": [ "VpccrossRegionSsmParampeerTgwIdParametersMyProviderframeworkonEvent0B7F074A", "Arn", ], }, "parameterPath": "/bleafsi/test", "regionName": "ap-northeast-1", "stackName": "BLEAFSI-CoreBanking-secondary", }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "WafWebAclBE24253C": { "Properties": { "DefaultAction": { "Allow": {}, }, "Name": "BLEAFSIAWebAcl", "Rules": [ { "Name": "AWSManagedRulesCommonRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 1, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesCommonRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesCommonRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesKnownBadInputsRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 2, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesKnownBadInputsRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesKnownBadInputsRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesAmazonIpReputationList", "OverrideAction": { "Count": {}, }, "Priority": 3, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesAmazonIpReputationList", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesAmazonIpReputationList", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesLinuxRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 4, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesLinuxRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesLinuxRuleSet", "SampledRequestsEnabled": true, }, }, { "Name": "AWSManagedRulesSQLiRuleSet", "OverrideAction": { "Count": {}, }, "Priority": 5, "Statement": { "ManagedRuleGroupStatement": { "Name": "AWSManagedRulesSQLiRuleSet", "VendorName": "AWS", }, }, "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesSQLiRuleSet", "SampledRequestsEnabled": true, }, }, ], "Scope": "REGIONAL", "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "BLEAFSIWebAcl", "SampledRequestsEnabled": true, }, }, "Type": "AWS::WAFv2::WebACL", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;