com.ilmlf.clientconnection.ClientConnectionTest.testStack=[ { "Outputs": { "VpcVpnClientEndpointSelfServicePortalUrl42E6DE1B": { "Value": { "Fn::Join": [ "", [ "https://self-service.clientvpn.amazonaws.com/endpoints/", { "Ref": "VpcVpnClientEndpointFF7CE2D1" } ] ] } } }, "Parameters": { "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24ArtifactHashBA91B77F": { "Description": "Artifact hash for asset \"67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24\"", "Type": "String" }, "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24S3Bucket4D46ABB5": { "Description": "S3 bucket for asset \"67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24\"", "Type": "String" }, "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24S3VersionKeyB0F28861": { "Description": "S3 key for asset version \"67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24\"", "Type": "String" }, "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82ArtifactHash1D0BFBA7": { "Description": "Artifact hash for asset \"9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82\"", "Type": "String" }, "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3BucketEF4FFE05": { "Description": "S3 bucket for asset \"9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82\"", "Type": "String" }, "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3VersionKey8CA45E81": { "Description": "S3 key for asset version \"9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82\"", "Type": "String" }, "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cArtifactHash627DAAA7": { "Description": "Artifact hash for asset \"c691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49c\"", "Type": "String" }, "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3BucketEAC9DD43": { "Description": "S3 bucket for asset \"c691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49c\"", "Type": "String" }, "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7": { "Description": "S3 key for asset version \"c691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49c\"", "Type": "String" } }, "Resources": { "ClientVpnADConnector398A194F": { "DeletionPolicy": "Delete", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkonEvent0365ACCF", "Arn" ] }, "dnsIps": [ "172.16.0.94", "172.16.0.126" ], "domainName": "ilovemylocalfarmer.com", "secretId": "arn:aws:secretsmanager:eu-west-1:053319678981:secret:DomainAdminPassword-qWxv2k", "subnetIds": [ "p-12345", "p-67890" ], "vpcId": "vpc-12345" }, "Type": "Custom::ADConnector", "UpdateReplacePolicy": "Delete" }, "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1": { "DependsOn": [ "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleDefaultPolicyA802110D", "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleEF97E18F" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3BucketEF4FFE05" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3VersionKey8CA45E81" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3VersionKey8CA45E81" } ] } ] } ] ] } }, "Handler": "com.ilmlf.adconnector.customresource.IsCompleteHandler", "MemorySize": 1024, "Role": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleEF97E18F", "Arn" ] }, "Runtime": "java11", "Timeout": 10 }, "Type": "AWS::Lambda::Function" }, "ClientVpnOnPremiseADConnectorisCompleteHandlerLogRetention5ACF97E2": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1" } ] ] }, "RetentionInDays": 7, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn" ] } }, "Type": "Custom::LogRetention" }, "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleDefaultPolicyA802110D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "ds:DescribeDirectories", "Effect": "Allow", "Resource": "*" } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleDefaultPolicyA802110D", "Roles": [ { "Ref": "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleEF97E18F" } ] }, "Type": "AWS::IAM::Policy" }, "ClientVpnOnPremiseADConnectorisCompleteHandlerServiceRoleEF97E18F": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "ClientVpnOnPremiseADConnectoronEventHandler3B64B117": { "DependsOn": [ "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleDefaultPolicyB2B5BCAF", "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleCEC4BEE6" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3BucketEF4FFE05" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3VersionKey8CA45E81" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParameters9928b84f27c47952d9e87dd4122e8367b71e66c90243006b113be2ea7c38cc82S3VersionKey8CA45E81" } ] } ] } ] ] } }, "Handler": "com.ilmlf.adconnector.customresource.OnEventHandler", "MemorySize": 1024, "Role": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleCEC4BEE6", "Arn" ] }, "Runtime": "java11", "Timeout": 10 }, "Type": "AWS::Lambda::Function" }, "ClientVpnOnPremiseADConnectoronEventHandlerLogRetentionABE201A9": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "ClientVpnOnPremiseADConnectoronEventHandler3B64B117" } ] ] }, "RetentionInDays": 7, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn" ] } }, "Type": "Custom::LogRetention" }, "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleCEC4BEE6": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleDefaultPolicyB2B5BCAF": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "secretsmanager:GetSecretValue", "Effect": "Allow", "Resource": "arn:aws:secretsmanager:eu-west-1:053319678981:secret:DomainAdminPassword-qWxv2k" }, { "Action": [ "secretsmanager:GetSecretValue", "ds:ConnectDirectory", "ds:DeleteDirectory", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:CreateSecurityGroup", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateTags" ], "Effect": "Allow", "Resource": "*" } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleDefaultPolicyB2B5BCAF", "Roles": [ { "Ref": "ClientVpnOnPremiseADConnectoronEventHandlerServiceRoleCEC4BEE6" } ] }, "Type": "AWS::IAM::Policy" }, "ClientVpnadConnectorProviderframeworkisCompleteF325554D": { "DependsOn": [ "ClientVpnadConnectorProviderframeworkisCompleteServiceRoleDefaultPolicy37BFB1AC", "ClientVpnadConnectorProviderframeworkisCompleteServiceRole2E920406" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3BucketEAC9DD43" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] } ] ] } }, "Description": "AWS CDK resource provider framework - isComplete (test/ClientVpn/adConnectorProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] } } }, "Handler": "framework.isComplete", "Role": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkisCompleteServiceRole2E920406", "Arn" ] }, "Runtime": "nodejs14.x", "Timeout": 900 }, "Type": "AWS::Lambda::Function" }, "ClientVpnadConnectorProviderframeworkisCompleteServiceRole2E920406": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "ClientVpnadConnectorProviderframeworkisCompleteServiceRoleDefaultPolicy37BFB1AC": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] } }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnadConnectorProviderframeworkisCompleteServiceRoleDefaultPolicy37BFB1AC", "Roles": [ { "Ref": "ClientVpnadConnectorProviderframeworkisCompleteServiceRole2E920406" } ] }, "Type": "AWS::IAM::Policy" }, "ClientVpnadConnectorProviderframeworkonEvent0365ACCF": { "DependsOn": [ "ClientVpnadConnectorProviderframeworkonEventServiceRoleDefaultPolicy5A097B15", "ClientVpnadConnectorProviderframeworkonEventServiceRole3BD736DB" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3BucketEAC9DD43" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] } ] ] } }, "Description": "AWS CDK resource provider framework - onEvent (test/ClientVpn/adConnectorProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] }, "WAITER_STATE_MACHINE_ARN": { "Ref": "ClientVpnadConnectorProviderwaiterstatemachine19CCE80E" } } }, "Handler": "framework.onEvent", "Role": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkonEventServiceRole3BD736DB", "Arn" ] }, "Runtime": "nodejs14.x", "Timeout": 900 }, "Type": "AWS::Lambda::Function" }, "ClientVpnadConnectorProviderframeworkonEventServiceRole3BD736DB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "ClientVpnadConnectorProviderframeworkonEventServiceRoleDefaultPolicy5A097B15": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] } }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] } }, { "Action": "states:StartExecution", "Effect": "Allow", "Resource": { "Ref": "ClientVpnadConnectorProviderwaiterstatemachine19CCE80E" } } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnadConnectorProviderframeworkonEventServiceRoleDefaultPolicy5A097B15", "Roles": [ { "Ref": "ClientVpnadConnectorProviderframeworkonEventServiceRole3BD736DB" } ] }, "Type": "AWS::IAM::Policy" }, "ClientVpnadConnectorProviderframeworkonTimeout19EC45EF": { "DependsOn": [ "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleDefaultPolicyA54A147E", "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleAD836F6F" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3BucketEAC9DD43" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParametersc691172cdeefa2c91b5a2907f9d81118e47597634943344795f1a844192dd49cS3VersionKeyDD9AE9E7" } ] } ] } ] ] } }, "Description": "AWS CDK resource provider framework - onTimeout (test/ClientVpn/adConnectorProvider)", "Environment": { "Variables": { "USER_IS_COMPLETE_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] }, "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] } } }, "Handler": "framework.onTimeout", "Role": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleAD836F6F", "Arn" ] }, "Runtime": "nodejs14.x", "Timeout": 900 }, "Type": "AWS::Lambda::Function" }, "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleAD836F6F": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleDefaultPolicyA54A147E": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectoronEventHandler3B64B117", "Arn" ] } }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnOnPremiseADConnectorisCompleteHandler843CC5F1", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleDefaultPolicyA54A147E", "Roles": [ { "Ref": "ClientVpnadConnectorProviderframeworkonTimeoutServiceRoleAD836F6F" } ] }, "Type": "AWS::IAM::Policy" }, "ClientVpnadConnectorProviderwaiterstatemachine19CCE80E": { "DependsOn": [ "ClientVpnadConnectorProviderwaiterstatemachineRoleDefaultPolicyDD8B5B32", "ClientVpnadConnectorProviderwaiterstatemachineRoleA8FD17DC" ], "Properties": { "DefinitionString": { "Fn::Join": [ "", [ "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":5,\"MaxAttempts\":360,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkisCompleteF325554D", "Arn" ] }, "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkonTimeout19EC45EF", "Arn" ] }, "\"}}}" ] ] }, "RoleArn": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderwaiterstatemachineRoleA8FD17DC", "Arn" ] } }, "Type": "AWS::StepFunctions::StateMachine" }, "ClientVpnadConnectorProviderwaiterstatemachineRoleA8FD17DC": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "states.region-test.amazonaws.com" } } ], "Version": "2012-10-17" } }, "Type": "AWS::IAM::Role" }, "ClientVpnadConnectorProviderwaiterstatemachineRoleDefaultPolicyDD8B5B32": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkisCompleteF325554D", "Arn" ] } }, { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "ClientVpnadConnectorProviderframeworkonTimeout19EC45EF", "Arn" ] } } ], "Version": "2012-10-17" }, "PolicyName": "ClientVpnadConnectorProviderwaiterstatemachineRoleDefaultPolicyDD8B5B32", "Roles": [ { "Ref": "ClientVpnadConnectorProviderwaiterstatemachineRoleA8FD17DC" } ] }, "Type": "AWS::IAM::Policy" }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": { "DependsOn": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" ], "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24S3Bucket4D46ABB5" }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24S3VersionKeyB0F28861" } ] } ] }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParameters67b7823b74bc135986aa72f889d6a8da058d0c4a20cbc2dfc6f78995fdd2fc24S3VersionKeyB0F28861" } ] } ] } ] ] } }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", "Arn" ] }, "Runtime": "nodejs12.x" }, "Type": "AWS::Lambda::Function" }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Type": "AWS::IAM::Role" }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:PutRetentionPolicy", "logs:DeleteRetentionPolicy" ], "Effect": "Allow", "Resource": "*" } ], "Version": "2012-10-17" }, "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "Roles": [ { "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" } ] }, "Type": "AWS::IAM::Policy" }, "VpcVpnClientEndpointAssociation06D0E5EB5": { "Properties": { "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "SubnetId": "p-12345" }, "Type": "AWS::EC2::ClientVpnTargetNetworkAssociation" }, "VpcVpnClientEndpointAssociation1C1885946": { "Properties": { "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "SubnetId": "p-67890" }, "Type": "AWS::EC2::ClientVpnTargetNetworkAssociation" }, "VpcVpnClientEndpointAuthorizeAll6127D700": { "Properties": { "AuthorizeAllGroups": true, "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "TargetNetworkCidr": "1.2.3.4/5" }, "Type": "AWS::EC2::ClientVpnAuthorizationRule" }, "VpcVpnClientEndpointFF7CE2D1": { "Properties": { "AuthenticationOptions": [ { "ActiveDirectory": { "DirectoryId": { "Fn::GetAtt": [ "ClientVpnADConnector398A194F", "DirectoryId" ] } }, "Type": "directory-service-authentication" } ], "ClientCidrBlock": "172.31.0.0/16", "ConnectionLogOptions": { "CloudwatchLogGroup": { "Ref": "VpcVpnClientEndpointLogGroup57D91305" }, "Enabled": true }, "DnsServers": [ "172.16.0.94", "172.16.0.126" ], "SecurityGroupIds": [ { "Fn::GetAtt": [ "VpcVpnClientEndpointSecurityGroupFFE8B2CE", "GroupId" ] } ], "ServerCertificateArn": "arn:aws:acm:eu-west-1:433621526002:certificate/f09c1fca-1ffd-4768-b4e6-7f424f2f7c61", "SplitTunnel": true, "VpcId": "vpc-12345" }, "Type": "AWS::EC2::ClientVpnEndpoint" }, "VpcVpnClientEndpointLogGroup57D91305": { "DeletionPolicy": "Retain", "Properties": { "RetentionInDays": 731 }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain" }, "VpcVpnClientEndpointSecurityGroupFFE8B2CE": { "Properties": { "GroupDescription": "test/Vpc/VpnClientEndpoint/SecurityGroup", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1" } ], "VpcId": "vpc-12345" }, "Type": "AWS::EC2::SecurityGroup" }, "VpcVpnClientEndpointonPremise1CA94A06": { "Properties": { "AuthorizeAllGroups": true, "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "TargetNetworkCidr": "172.16.0.0/16" }, "Type": "AWS::EC2::ClientVpnAuthorizationRule" }, "VpcVpnClientEndpointonPremiseRoutep123456C529374": { "DependsOn": [ "VpcVpnClientEndpointAssociation06D0E5EB5", "VpcVpnClientEndpointAssociation1C1885946" ], "Properties": { "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "DestinationCidrBlock": "172.16.0.0/16", "TargetVpcSubnetId": "p-12345" }, "Type": "AWS::EC2::ClientVpnRoute" }, "VpcVpnClientEndpointonPremiseRoutep678904A950966": { "DependsOn": [ "VpcVpnClientEndpointAssociation06D0E5EB5", "VpcVpnClientEndpointAssociation1C1885946" ], "Properties": { "ClientVpnEndpointId": { "Ref": "VpcVpnClientEndpointFF7CE2D1" }, "DestinationCidrBlock": "172.16.0.0/16", "TargetVpcSubnetId": "p-67890" }, "Type": "AWS::EC2::ClientVpnRoute" } } } ]