// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`BLEAFSI-OpenApi-Fapi snapshot check OpenAPI FAPI sample Stacks 1`] = ` { "Outputs": { "KeycloakDatabaseDBSecretArn4E414F4F": { "Value": { "Ref": "KeycloakDatabaseDBClusterSecretAttachment90E0A69B", }, }, "KeycloakDatabaseclusterEndpointHostnameB74626C6": { "Value": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterE8251B52", "Endpoint.Address", ], }, }, "KeycloakDatabaseclusterIdentifier6D429361": { "Value": { "Ref": "KeycloakDatabaseDBClusterE8251B52", }, }, "KeycloakKeyCloakContainerSerivceNLBEndpointURL348AD2F8": { "Value": { "Fn::Join": [ "", [ "https://", { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceNLB8DDEC811", "DNSName", ], }, ], ], }, }, "VpcVpcFlowLogBucketOutputD0CBAD8F": { "Value": { "Fn::GetAtt": [ "VpcVpcFlowLogBucketB890A7D8", "Arn", ], }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, }, "Resources": { "BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakDatabaseDBClusterSecret607BE8343fdaad7efa858a3daf9490cf0a702aeb": { "DeletionPolicy": "Delete", "Properties": { "Description": { "Fn::Join": [ "", [ "Generated by the CDK for stack: ", { "Ref": "AWS::StackName", }, ], ], }, "GenerateSecretString": { "ExcludeCharacters": " %+~\`#$&*()|[]{}:;<>?!'/@"\\", "GenerateStringKey": "password", "PasswordLength": 30, "SecretStringTemplate": "{"username":"admin"}", }, }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "KeycloakDatabaseDBClusterE8251B52": { "DeletionPolicy": "Retain", "Properties": { "BacktrackWindow": 86400, "BackupRetentionPeriod": 7, "CopyTagsToSnapshot": true, "DBClusterParameterGroupName": "default.aurora-mysql5.7", "DBSubnetGroupName": { "Ref": "KeycloakDatabaseDBClusterSubnets28319191", }, "DatabaseName": "keycloak", "DeletionProtection": true, "Engine": "aurora-mysql", "EngineVersion": "5.7.mysql_aurora.2.11.1", "MasterUserPassword": { "Fn::Join": [ "", [ "{{resolve:secretsmanager:", { "Ref": "BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakDatabaseDBClusterSecret607BE8343fdaad7efa858a3daf9490cf0a702aeb", }, ":SecretString:password::}}", ], ], }, "MasterUsername": "admin", "StorageEncrypted": true, "VpcSecurityGroupIds": [ { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterSecurityGroup3C1596FD", "GroupId", ], }, ], }, "Type": "AWS::RDS::DBCluster", "UpdateReplacePolicy": "Retain", }, "KeycloakDatabaseDBClusterInstance1D0035419": { "DeletionPolicy": "Retain", "DependsOn": [ "VpcPrivateSubnet1RouteTableAssociation70C59FA6", "VpcPrivateSubnet2RouteTableAssociationA89CAD56", ], "Properties": { "DBClusterIdentifier": { "Ref": "KeycloakDatabaseDBClusterE8251B52", }, "DBInstanceClass": "db.r5.large", "DBSubnetGroupName": { "Ref": "KeycloakDatabaseDBClusterSubnets28319191", }, "Engine": "aurora-mysql", "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Retain", }, "KeycloakDatabaseDBClusterInstance28925F5A6": { "DeletionPolicy": "Retain", "DependsOn": [ "VpcPrivateSubnet1RouteTableAssociation70C59FA6", "VpcPrivateSubnet2RouteTableAssociationA89CAD56", ], "Properties": { "DBClusterIdentifier": { "Ref": "KeycloakDatabaseDBClusterE8251B52", }, "DBInstanceClass": "db.r5.large", "DBSubnetGroupName": { "Ref": "KeycloakDatabaseDBClusterSubnets28319191", }, "Engine": "aurora-mysql", "PubliclyAccessible": false, }, "Type": "AWS::RDS::DBInstance", "UpdateReplacePolicy": "Retain", }, "KeycloakDatabaseDBClusterSecretAttachment90E0A69B": { "Properties": { "SecretId": { "Ref": "BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakDatabaseDBClusterSecret607BE8343fdaad7efa858a3daf9490cf0a702aeb", }, "TargetId": { "Ref": "KeycloakDatabaseDBClusterE8251B52", }, "TargetType": "AWS::RDS::DBCluster", }, "Type": "AWS::SecretsManager::SecretTargetAttachment", }, "KeycloakDatabaseDBClusterSecurityGroup3C1596FD": { "Properties": { "GroupDescription": "RDS security group", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":3306", ], ], }, "FromPort": 3306, "IpProtocol": "tcp", "ToPort": 3306, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "KeycloakDatabaseDBClusterSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakDatabaseDBClusterSecurityGroup83410954330643A283A8": { "Properties": { "Description": "from BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakDatabaseDBClusterSecurityGroup83410954:3306", "FromPort": 3306, "GroupId": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterSecurityGroup3C1596FD", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterSecurityGroup3C1596FD", "GroupId", ], }, "ToPort": 3306, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakDatabaseDBClusterSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE8IndirectPort0BA7F8BC": { "Properties": { "Description": "from BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE8:{IndirectPort}", "FromPort": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterE8251B52", "Endpoint.Port", ], }, "GroupId": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterSecurityGroup3C1596FD", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "ToPort": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterE8251B52", "Endpoint.Port", ], }, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakDatabaseDBClusterSubnets28319191": { "DeletionPolicy": "Retain", "Properties": { "DBSubnetGroupDescription": "Subnets for DBCluster database", "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, ], }, "Type": "AWS::RDS::DBSubnetGroup", "UpdateReplacePolicy": "Retain", }, "KeycloakKCSecret578E0F40": { "DeletionPolicy": "Delete", "Properties": { "GenerateSecretString": { "ExcludePunctuation": true, "GenerateStringKey": "password", "PasswordLength": 12, "SecretStringTemplate": "{"username":"keycloak"}", }, }, "Type": "AWS::SecretsManager::Secret", "UpdateReplacePolicy": "Delete", }, "KeycloakKeyCloakContainerSerivceCluster6438B613": { "Properties": { "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled", }, ], }, "Type": "AWS::ECS::Cluster", }, "KeycloakKeyCloakContainerSerivceLogGroup41A8AE19": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 30, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "KeycloakKeyCloakContainerSerivceNLB8DDEC811": { "DependsOn": [ "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "LoadBalancerAttributes": [ { "Key": "deletion_protection.enabled", "Value": "false", }, { "Key": "load_balancing.cross_zone.enabled", "Value": "true", }, ], "Scheme": "internet-facing", "Subnets": [ { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, ], "Type": "network", }, "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "KeycloakKeyCloakContainerSerivceNLBTcpListenerECSTargetGroupFC35EC11": { "Properties": { "HealthCheckEnabled": true, "Port": 8443, "Protocol": "TCP", "TargetGroupAttributes": [ { "Key": "preserve_client_ip.enabled", "Value": "false", }, { "Key": "stickiness.enabled", "Value": "true", }, { "Key": "stickiness.type", "Value": "source_ip", }, ], "TargetType": "ip", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", }, "KeycloakKeyCloakContainerSerivceNLBTcpListenerF256879E": { "Properties": { "DefaultActions": [ { "TargetGroupArn": { "Ref": "KeycloakKeyCloakContainerSerivceNLBTcpListenerECSTargetGroupFC35EC11", }, "Type": "forward", }, ], "LoadBalancerArn": { "Ref": "KeycloakKeyCloakContainerSerivceNLB8DDEC811", }, "Port": 443, "Protocol": "TCP", }, "Type": "AWS::ElasticLoadBalancingV2::Listener", }, "KeycloakKeyCloakContainerSerivceService4AFC987E": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceNLBTcpListenerECSTargetGroupFC35EC11", "KeycloakKeyCloakContainerSerivceNLBTcpListenerF256879E", "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "Cluster": { "Ref": "KeycloakKeyCloakContainerSerivceCluster6438B613", }, "DeploymentConfiguration": { "MaximumPercent": 200, "MinimumHealthyPercent": 50, }, "DesiredCount": 2, "EnableECSManagedTags": false, "HealthCheckGracePeriodSeconds": 120, "LaunchType": "FARGATE", "LoadBalancers": [ { "ContainerName": "keycloak", "ContainerPort": 8443, "TargetGroupArn": { "Ref": "KeycloakKeyCloakContainerSerivceNLBTcpListenerECSTargetGroupFC35EC11", }, }, ], "NetworkConfiguration": { "AwsvpcConfiguration": { "AssignPublicIp": "DISABLED", "SecurityGroups": [ { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, ], "Subnets": [ { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, ], }, }, "TaskDefinition": { "Ref": "KeycloakKeyCloakContainerSerivceTaskDef31979633", }, }, "Type": "AWS::ECS::Service", }, "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "GroupDescription": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Keycloak/KeyCloakContainerSerivce/Service/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": "vpc local", "FromPort": 8443, "IpProtocol": "tcp", "ToPort": 8443, }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "KeycloakKeyCloakContainerSerivceServiceSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE8576002ED39100": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "Description": "kc jgroups-tcp-fd", "FromPort": 57600, "GroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "ToPort": 57600, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakKeyCloakContainerSerivceServiceSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE87600CC01F3E0": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "Description": "kc jgroups-tcp", "FromPort": 7600, "GroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "IpProtocol": "tcp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "ToPort": 7600, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakKeyCloakContainerSerivceServiceSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE8UDP542002E66FF9A": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "Description": "kc jgroups-udp-fd", "FromPort": 54200, "GroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "IpProtocol": "udp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "ToPort": 54200, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakKeyCloakContainerSerivceServiceSecurityGroupfromBLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceSecurityGroup79748AE8UDP552001958BD55": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "Description": "kc jgroups-udp", "FromPort": 55200, "GroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "IpProtocol": "udp", "SourceSecurityGroupId": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceServiceSecurityGroup633E983C", "GroupId", ], }, "ToPort": 55200, }, "Type": "AWS::EC2::SecurityGroupIngress", }, "KeycloakKeyCloakContainerSerivceServiceTaskCountTarget4E91B2A9": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "MaxCapacity": 10, "MinCapacity": 2, "ResourceId": { "Fn::Join": [ "", [ "service/", { "Ref": "KeycloakKeyCloakContainerSerivceCluster6438B613", }, "/", { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceService4AFC987E", "Name", ], }, ], ], }, "RoleARN": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":role/aws-service-role/ecs.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_ECSService", ], ], }, "ScalableDimension": "ecs:service:DesiredCount", "ServiceNamespace": "ecs", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "KeycloakKeyCloakContainerSerivceServiceTaskCountTargetCpuScalingBFB05580": { "DependsOn": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", ], "Properties": { "PolicyName": "BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceServiceTaskCountTargetCpuScaling077208DA", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": { "Ref": "KeycloakKeyCloakContainerSerivceServiceTaskCountTarget4E91B2A9", }, "TargetTrackingScalingPolicyConfiguration": { "PredefinedMetricSpecification": { "PredefinedMetricType": "ECSServiceAverageCPUUtilization", }, "TargetValue": 80, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "KeycloakKeyCloakContainerSerivceTaskDef31979633": { "Properties": { "ContainerDefinitions": [ { "Environment": [ { "Name": "DB_ADDR", "Value": { "Fn::GetAtt": [ "KeycloakDatabaseDBClusterE8251B52", "Endpoint.Address", ], }, }, { "Name": "DB_DATABASE", "Value": "keycloak", }, { "Name": "DB_USER", "Value": "admin", }, { "Name": "DB_VENDOR", "Value": "mysql", }, { "Name": "JDBC_PARAMS", "Value": "useSSL=false", }, { "Name": "JGROUPS_DISCOVERY_PROTOCOL", "Value": "JDBC_PING", }, ], "Essential": true, "Image": { "Fn::Join": [ "", [ { "Ref": "AWS::AccountId", }, ".dkr.ecr.", { "Ref": "AWS::Region", }, ".", { "Ref": "AWS::URLSuffix", }, "/fapidemo/keycloak:16.1.1", ], ], }, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "KeycloakKeyCloakContainerSerivceLogGroup41A8AE19", }, "awslogs-region": { "Ref": "AWS::Region", }, "awslogs-stream-prefix": "keycloak", }, }, "Name": "keycloak", "PortMappings": [ { "ContainerPort": 8443, "Protocol": "tcp", }, { "ContainerPort": 7600, "Protocol": "tcp", }, { "ContainerPort": 57600, "Protocol": "tcp", }, { "ContainerPort": 55200, "Protocol": "udp", }, { "ContainerPort": 54200, "Protocol": "udp", }, ], "Secrets": [ { "Name": "DB_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "KeycloakDatabaseDBClusterSecretAttachment90E0A69B", }, ":password::", ], ], }, }, { "Name": "KEYCLOAK_USER", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "KeycloakKCSecret578E0F40", }, ":username::", ], ], }, }, { "Name": "KEYCLOAK_PASSWORD", "ValueFrom": { "Fn::Join": [ "", [ { "Ref": "KeycloakKCSecret578E0F40", }, ":password::", ], ], }, }, ], }, ], "Cpu": "1024", "ExecutionRoleArn": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceTaskRole88AF418B", "Arn", ], }, "Family": "BLEAFSIOpenApiFapiopenapifapiprimaryKeycloakKeyCloakContainerSerivceTaskDef9FADD929", "Memory": "2048", "NetworkMode": "awsvpc", "RequiresCompatibilities": [ "FARGATE", ], "TaskRoleArn": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1", "Arn", ], }, }, "Type": "AWS::ECS::TaskDefinition", }, "KeycloakKeyCloakContainerSerivceTaskDefTaskRole620A20D1": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "KeycloakKeyCloakContainerSerivceTaskRole88AF418B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs.amazonaws.com", }, }, { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "KeycloakKeyCloakContainerSerivceTaskRoleDefaultPolicyA6E8A90B": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":ecr:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":repository/fapidemo/keycloak", ], ], }, }, { "Action": "ecr:GetAuthorizationToken", "Effect": "Allow", "Resource": "*", }, { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "KeycloakKeyCloakContainerSerivceLogGroup41A8AE19", "Arn", ], }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "KeycloakDatabaseDBClusterSecretAttachment90E0A69B", }, }, { "Action": [ "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", ], "Effect": "Allow", "Resource": { "Ref": "KeycloakKCSecret578E0F40", }, }, ], "Version": "2012-10-17", }, "PolicyName": "KeycloakKeyCloakContainerSerivceTaskRoleDefaultPolicyA6E8A90B", "Roles": [ { "Ref": "KeycloakKeyCloakContainerSerivceTaskRole88AF418B", }, ], }, "Type": "AWS::IAM::Policy", }, "Vpc8378EB38": { "Properties": { "CidrBlock": "10.110.0.0/16", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], }, "Type": "AWS::EC2::VPC", }, "VpcEcrDockerEndpoint53ED547B": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrDockerEndpointSecurityGroup5D41A216", "GroupId", ], }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".ecr.dkr", ], ], }, "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrDockerEndpointSecurityGroup5D41A216": { "Properties": { "GroupDescription": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/EcrDockerEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcEcrEndpoint0BE46338": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcEcrEndpointSecurityGroup13145954", "GroupId", ], }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".ecr.api", ], ], }, "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcEcrEndpointSecurityGroup13145954": { "Properties": { "GroupDescription": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/EcrEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcFlowLogsFlowLogBB096F0F": { "DependsOn": [ "VpcVpcFlowLogBucketPolicy360596E1", ], "Properties": { "LogDestination": { "Fn::GetAtt": [ "VpcVpcFlowLogBucketB890A7D8", "Arn", ], }, "LogDestinationType": "s3", "ResourceId": { "Ref": "Vpc8378EB38", }, "ResourceType": "VPC", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], "TrafficType": "ALL", }, "Type": "AWS::EC2::FlowLog", }, "VpcForTgwAttachmentsSubnet1RouteTable8C881736": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet1RouteTableAssociation8E490026": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet1Subnet95D19052", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet1Subnet95D19052": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.6.0/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ForTgwAttachmentsSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcForTgwAttachmentsSubnet2RouteTableAssociation87852F7E": { "Properties": { "RouteTableId": { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, "SubnetId": { "Ref": "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcForTgwAttachmentsSubnet2SubnetAEDBB0E8": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.6.16/28", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "ForTgwAttachments", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ForTgwAttachmentsSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcIGWD7BA715C": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], }, "Type": "AWS::EC2::InternetGateway", }, "VpcKeyAliasA355FA45": { "Properties": { "AliasName": "alias/Vpc-for-flowlog", "TargetKeyId": { "Fn::GetAtt": [ "VpcKeyC80AFE15", "Arn", ], }, }, "Type": "AWS::KMS::Alias", }, "VpcKeyC80AFE15": { "DeletionPolicy": "Retain", "Properties": { "Description": "VPC Flow logs Bucket", "EnableKeyRotation": true, "KeyPolicy": { "Statement": [ { "Action": "kms:*", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": "*", }, { "Action": [ "kms:Encrypt*", "kms:Decrypt*", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:Describe*", ], "Effect": "Allow", "Principal": { "Service": "delivery.logs.amazonaws.com", }, "Resource": "*", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::KMS::Key", "UpdateReplacePolicy": "Retain", }, "VpcLogsEndpointForPrivate8D2140E9": { "Properties": { "PrivateDnsEnabled": true, "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB", "GroupId", ], }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".logs", ], ], }, "SubnetIds": [ { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, ], "VpcEndpointType": "Interface", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcLogsEndpointForPrivateSecurityGroupDD7F0AEB": { "Properties": { "GroupDescription": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/LogsEndpointForPrivate/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1", }, ], "SecurityGroupIngress": [ { "CidrIp": { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, "Description": { "Fn::Join": [ "", [ "from ", { "Fn::GetAtt": [ "Vpc8378EB38", "CidrBlock", ], }, ":443", ], ], }, "FromPort": 443, "IpProtocol": "tcp", "ToPort": 443, }, ], "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::SecurityGroup", }, "VpcNaclPublicDefaultAssociationBLEAFSIOpenApiFapiopenapifapiprimaryVpcPublicSubnet1017A1DA3A69041D9": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicDefaultAssociationBLEAFSIOpenApiFapiopenapifapiprimaryVpcPublicSubnet2F7D86A25755856AD": { "Properties": { "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetNetworkAclAssociation", }, "VpcNaclPublicF3ACBBF5": { "Properties": { "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::NetworkAcl", }, "VpcNaclPublicNaclEgressPublic7F2645E5": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcNaclPublicNaclIngressPublicCA388ADE": { "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "VpcNaclPublicF3ACBBF5", }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100, }, "Type": "AWS::EC2::NetworkAclEntry", }, "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, "SubnetId": { "Ref": "VpcPrivateSubnet1Subnet536B997A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet1RouteTableB2C5B500": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet1Subnet536B997A": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.4.0/24", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PrivateSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPrivateSubnet2RouteTableA678073B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { "Properties": { "RouteTableId": { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, "SubnetId": { "Ref": "VpcPrivateSubnet2Subnet3788AAA1", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPrivateSubnet2Subnet3788AAA1": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.5.0/24", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private", }, { "Key": "aws-cdk:subnet-type", "Value": "Isolated", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PrivateSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcProtectedSubnet1DefaultRouteAEBDEDB0": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet1NATGateway4D7517AA", }, "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, }, "Type": "AWS::EC2::Route", }, "VpcProtectedSubnet1RouteTable69FCECD8": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet1RouteTableAssociation62F625F2": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet1RouteTable69FCECD8", }, "SubnetId": { "Ref": "VpcProtectedSubnet1Subnet38ECE18A", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet1Subnet38ECE18A": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.2.0/24", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ProtectedSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcProtectedSubnet2DefaultRouteA5CFB1D1": { "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "VpcPublicSubnet2NATGateway9182C01D", }, "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, }, "Type": "AWS::EC2::Route", }, "VpcProtectedSubnet2RouteTableAssociation960FE2AC": { "Properties": { "RouteTableId": { "Ref": "VpcProtectedSubnet2RouteTableFA54AE0B", }, "SubnetId": { "Ref": "VpcProtectedSubnet2SubnetC22C3325", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcProtectedSubnet2RouteTableFA54AE0B": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcProtectedSubnet2SubnetC22C3325": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.3.0/24", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Protected", }, { "Key": "aws-cdk:subnet-type", "Value": "Private", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/ProtectedSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet1DefaultRoute3DA9E72A": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet1EIPD7E02669": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet1", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet1NATGateway4D7517AA": { "DependsOn": [ "VpcPublicSubnet1DefaultRoute3DA9E72A", "VpcPublicSubnet1RouteTableAssociation97140677", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet1EIPD7E02669", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet1", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet1RouteTable6C95E38E": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet1RouteTableAssociation97140677": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet1RouteTable6C95E38E", }, "SubnetId": { "Ref": "VpcPublicSubnet1Subnet5C2D37C4", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet1Subnet5C2D37C4": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.0.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet1", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcPublicSubnet2DefaultRoute97F91067": { "DependsOn": [ "VpcVPCGWBF912B6E", ], "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "VpcIGWD7BA715C", }, "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, }, "Type": "AWS::EC2::Route", }, "VpcPublicSubnet2EIP3C605A87": { "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet2", }, ], }, "Type": "AWS::EC2::EIP", }, "VpcPublicSubnet2NATGateway9182C01D": { "DependsOn": [ "VpcPublicSubnet2DefaultRoute97F91067", "VpcPublicSubnet2RouteTableAssociationDD5762D8", ], "Properties": { "AllocationId": { "Fn::GetAtt": [ "VpcPublicSubnet2EIP3C605A87", "AllocationId", ], }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet2", }, ], }, "Type": "AWS::EC2::NatGateway", }, "VpcPublicSubnet2RouteTable94F7E489": { "Properties": { "Tags": [ { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::RouteTable", }, "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Properties": { "RouteTableId": { "Ref": "VpcPublicSubnet2RouteTable94F7E489", }, "SubnetId": { "Ref": "VpcPublicSubnet2Subnet691E08A3", }, }, "Type": "AWS::EC2::SubnetRouteTableAssociation", }, "VpcPublicSubnet2Subnet691E08A3": { "Properties": { "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "", }, ], }, "CidrBlock": "10.110.1.0/24", "MapPublicIpOnLaunch": true, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public", }, { "Key": "aws-cdk:subnet-type", "Value": "Public", }, { "Key": "Name", "Value": "BLEAFSI-OpenApi-Fapi-openapi-fapi-primary/Vpc/Default/PublicSubnet2", }, ], "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::Subnet", }, "VpcS3Endpoint4A3DE4B5": { "Properties": { "RouteTableIds": [ { "Ref": "VpcPrivateSubnet1RouteTableB2C5B500", }, { "Ref": "VpcPrivateSubnet2RouteTableA678073B", }, { "Ref": "VpcForTgwAttachmentsSubnet1RouteTable8C881736", }, { "Ref": "VpcForTgwAttachmentsSubnet2RouteTableCA78E48E", }, ], "ServiceName": { "Fn::Join": [ "", [ "com.amazonaws.", { "Ref": "AWS::Region", }, ".s3", ], ], }, "VpcEndpointType": "Gateway", "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCEndpoint", }, "VpcVPCGWBF912B6E": { "Properties": { "InternetGatewayId": { "Ref": "VpcIGWD7BA715C", }, "VpcId": { "Ref": "Vpc8378EB38", }, }, "Type": "AWS::EC2::VPCGatewayAttachment", }, "VpcVpcFlowLogBucketB890A7D8": { "DeletionPolicy": "Retain", "Properties": { "AccessControl": "Private", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "KMSMasterKeyID": { "Fn::GetAtt": [ "VpcKeyC80AFE15", "Arn", ], }, "SSEAlgorithm": "aws:kms", }, }, ], }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "VpcVpcFlowLogBucketPolicy360596E1": { "Properties": { "Bucket": { "Ref": "VpcVpcFlowLogBucketB890A7D8", }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": [ { "Fn::GetAtt": [ "VpcVpcFlowLogBucketB890A7D8", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "VpcVpcFlowLogBucketB890A7D8", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;