// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Snapshot Test 1`] = ` Object { "Outputs": Object { "bucketOutput": Object { "Description": "Bucket name for Audit Manager Custom Controls and Frameworks", "Value": Object { "Ref": "bucket43879C71", }, }, "notificationTopicArnOutput": Object { "Description": "SNS topic ARN for notification", "Value": Object { "Ref": "topic69831491", }, }, }, "Parameters": Object { "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392ArtifactHashE56CD69A": Object { "Description": "Artifact hash for asset \\"4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392\\"", "Type": "String", }, "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392S3BucketBF7A7F3F": Object { "Description": "S3 bucket for asset \\"4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392\\"", "Type": "String", }, "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392S3VersionKeyFAF93626": Object { "Description": "S3 key for asset version \\"4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392\\"", "Type": "String", }, "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dArtifactHashCE1013B5": Object { "Description": "Artifact hash for asset \\"64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2d\\"", "Type": "String", }, "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dS3BucketE414825A": Object { "Description": "S3 bucket for asset \\"64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2d\\"", "Type": "String", }, "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dS3VersionKey224FC20B": Object { "Description": "S3 key for asset version \\"64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2d\\"", "Type": "String", }, }, "Resources": Object { "BucketNotificationsHandler050a0587b7544547bf325f094a3db8347ECC3691": Object { "DependsOn": Array [ "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36", "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC", ], "Properties": Object { "Code": Object { "ZipFile": "exports.handler = (event, context) => { // eslint-disable-next-line @typescript-eslint/no-require-imports, import/no-extraneous-dependencies const s3 = new (require('aws-sdk').S3)(); // eslint-disable-next-line @typescript-eslint/no-require-imports const https = require('https'); // eslint-disable-next-line @typescript-eslint/no-require-imports const url = require('url'); log(JSON.stringify(event, undefined, 2)); const props = event.ResourceProperties; if (event.RequestType === 'Delete') { props.NotificationConfiguration = {}; // this is how you clean out notifications } const req = { Bucket: props.BucketName, NotificationConfiguration: props.NotificationConfiguration, }; return s3.putBucketNotificationConfiguration(req, (err, data) => { log({ err, data }); if (err) { return submitResponse('FAILED', err.message + \`\\\\nMore information in CloudWatch Log Stream: \${context.logStreamName}\`); } else { return submitResponse('SUCCESS'); } }); function log(obj) { console.error(event.RequestId, event.StackId, event.LogicalResourceId, obj); } // eslint-disable-next-line max-len // adapted from https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-cfnresponsemodule // to allow sending an error message as a reason. function submitResponse(responseStatus, reason) { const responseBody = JSON.stringify({ Status: responseStatus, Reason: reason || 'See the details in CloudWatch Log Stream: ' + context.logStreamName, PhysicalResourceId: event.PhysicalResourceId || event.LogicalResourceId, StackId: event.StackId, RequestId: event.RequestId, LogicalResourceId: event.LogicalResourceId, NoEcho: false, }); log({ responseBody }); const parsedUrl = url.parse(event.ResponseURL); const options = { hostname: parsedUrl.hostname, port: 443, path: parsedUrl.path, method: 'PUT', headers: { 'content-type': '', 'content-length': responseBody.length, }, }; const request = https.request(options, (r) => { log({ statusCode: r.statusCode, statusMessage: r.statusMessage }); context.done(); }); request.on('error', (error) => { log({ sendError: error }); context.done(); }); request.write(responseBody); request.end(); } };", }, "Description": "AWS CloudFormation handler for \\"Custom::S3BucketNotifications\\" resources (@aws-cdk/aws-s3)", "Handler": "index.handler", "Role": Object { "Fn::GetAtt": Array [ "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC", "Arn", ], }, "Runtime": "nodejs12.x", "Timeout": 300, }, "Type": "AWS::Lambda::Function", }, "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "s3:PutBucketNotification", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36", "Roles": Array [ Object { "Ref": "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC", }, ], }, "Type": "AWS::IAM::Policy", }, "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": Object { "DependsOn": Array [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", ], "Properties": Object { "Code": Object { "S3Bucket": Object { "Ref": "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392S3BucketBF7A7F3F", }, "S3Key": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::Select": Array [ 0, Object { "Fn::Split": Array [ "||", Object { "Ref": "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392S3VersionKeyFAF93626", }, ], }, ], }, Object { "Fn::Select": Array [ 1, Object { "Fn::Split": Array [ "||", Object { "Ref": "AssetParameters4cd61014b71160e8c66fe167e43710d5ba068b80b134e9bd84508cf9238b2392S3VersionKeyFAF93626", }, ], }, ], }, ], ], }, }, "Description": Object { "Fn::Join": Array [ "", Array [ "Lambda function for auto-deleting objects in ", Object { "Ref": "bucket43879C71", }, " S3 bucket.", ], ], }, "Handler": "__entrypoint__.handler", "MemorySize": 128, "Role": Object { "Fn::GetAtt": Array [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, "Runtime": "nodejs12.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": Array [ Object { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], }, "Type": "AWS::IAM::Role", }, "bucket43879C71": Object { "DeletionPolicy": "Delete", "Properties": Object { "BucketEncryption": Object { "ServerSideEncryptionConfiguration": Array [ Object { "ServerSideEncryptionByDefault": Object { "SSEAlgorithm": "AES256", }, }, ], }, "VersioningConfiguration": Object { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "bucketAllowBucketNotificationsToMyTestStacklambdaA681BEC4C571CDE3": Object { "Properties": Object { "Action": "lambda:InvokeFunction", "FunctionName": Object { "Fn::GetAtt": Array [ "lambda8B5974B5", "Arn", ], }, "Principal": "s3.amazonaws.com", "SourceAccount": Object { "Ref": "AWS::AccountId", }, "SourceArn": Object { "Fn::GetAtt": Array [ "bucket43879C71", "Arn", ], }, }, "Type": "AWS::Lambda::Permission", }, "bucketAutoDeleteObjectsCustomResource3F4990B2": Object { "DeletionPolicy": "Delete", "DependsOn": Array [ "bucketPolicy638F945D", ], "Properties": Object { "BucketName": Object { "Ref": "bucket43879C71", }, "ServiceToken": Object { "Fn::GetAtt": Array [ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", "Arn", ], }, }, "Type": "Custom::S3AutoDeleteObjects", "UpdateReplacePolicy": "Delete", }, "bucketNotifications2CB09E7A": Object { "DependsOn": Array [ "bucketAllowBucketNotificationsToMyTestStacklambdaA681BEC4C571CDE3", ], "Properties": Object { "BucketName": Object { "Ref": "bucket43879C71", }, "NotificationConfiguration": Object { "LambdaFunctionConfigurations": Array [ Object { "Events": Array [ "s3:ObjectCreated:Put", ], "LambdaFunctionArn": Object { "Fn::GetAtt": Array [ "lambda8B5974B5", "Arn", ], }, }, ], }, "ServiceToken": Object { "Fn::GetAtt": Array [ "BucketNotificationsHandler050a0587b7544547bf325f094a3db8347ECC3691", "Arn", ], }, }, "Type": "Custom::S3BucketNotifications", }, "bucketPolicy638F945D": Object { "Properties": Object { "Bucket": Object { "Ref": "bucket43879C71", }, "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", ], "Effect": "Allow", "Principal": Object { "AWS": Object { "Fn::GetAtt": Array [ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", "Arn", ], }, }, "Resource": Array [ Object { "Fn::GetAtt": Array [ "bucket43879C71", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "bucket43879C71", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "lambda8B5974B5": Object { "DependsOn": Array [ "lambdaServiceRoleDefaultPolicyBF6FA5E7", "lambdaServiceRole494E4CA6", ], "Properties": Object { "Code": Object { "S3Bucket": Object { "Ref": "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dS3BucketE414825A", }, "S3Key": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::Select": Array [ 0, Object { "Fn::Split": Array [ "||", Object { "Ref": "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dS3VersionKey224FC20B", }, ], }, ], }, Object { "Fn::Select": Array [ 1, Object { "Fn::Split": Array [ "||", Object { "Ref": "AssetParameters64b8f0e1dee54523e2d6c777a3f2585dbdc6f296e445da83549e39498ab69c2dS3VersionKey224FC20B", }, ], }, ], }, ], ], }, }, "Environment": Object { "Variables": Object { "SNS_TOPIC_ARN": Object { "Ref": "topic69831491", }, }, }, "Handler": "index.handler", "ReservedConcurrentExecutions": 1, "Role": Object { "Fn::GetAtt": Array [ "lambdaServiceRole494E4CA6", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 30, }, "Type": "AWS::Lambda::Function", }, "lambdaServiceRole494E4CA6": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "lambdaServiceRoleDefaultPolicyBF6FA5E7": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "auditmanager:ListAssessmentFrameworks", "auditmanager:CreateAssessmentFramework", "auditmanager:UpdateAssessmentFramework", "auditmanager:GetAssessmentFramework", "auditmanager:ListControls", "auditmanager:CreateControl", "auditmanager:UpdateControl", "auditmanager:GetControl", "auditmanager:ListTagsForResource", "auditmanager:TagResource", "auditmanager:UntagResource", ], "Effect": "Allow", "Resource": "*", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "bucket43879C71", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "bucket43879C71", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": "sns:Publish", "Effect": "Allow", "Resource": Object { "Ref": "topic69831491", }, }, ], "Version": "2012-10-17", }, "PolicyName": "lambdaServiceRoleDefaultPolicyBF6FA5E7", "Roles": Array [ Object { "Ref": "lambdaServiceRole494E4CA6", }, ], }, "Type": "AWS::IAM::Policy", }, "topic69831491": Object { "Properties": Object { "TopicName": "AuditManagerBlogNotification", }, "Type": "AWS::SNS::Topic", }, }, } `;