// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Stack Snapshot 1`] = ` Object { "Description": "(SO0140) - Amazon S3 Glacier Re:Freezer copies Amazon S3 Glacier Vault archives to Amazon S3 Bucket. Version %%VERSION%%", "Mappings": Object { "AnonymousStatisticsMap": Object { "SendAnonymousStatistics": Object { "Data": "Yes", }, }, "ServiceprincipalMap": Object { "af-south-1": Object { "states": "states.af-south-1.amazonaws.com", }, "ap-east-1": Object { "states": "states.ap-east-1.amazonaws.com", }, "ap-northeast-1": Object { "states": "states.ap-northeast-1.amazonaws.com", }, "ap-northeast-2": Object { "states": "states.ap-northeast-2.amazonaws.com", }, "ap-northeast-3": Object { "states": "states.ap-northeast-3.amazonaws.com", }, "ap-south-1": Object { "states": "states.ap-south-1.amazonaws.com", }, "ap-southeast-1": Object { "states": "states.ap-southeast-1.amazonaws.com", }, "ap-southeast-2": Object { "states": "states.ap-southeast-2.amazonaws.com", }, "ap-southeast-3": Object { "states": "states.ap-southeast-3.amazonaws.com", }, "ca-central-1": Object { "states": "states.ca-central-1.amazonaws.com", }, "cn-north-1": Object { "states": "states.cn-north-1.amazonaws.com", }, "cn-northwest-1": Object { "states": "states.cn-northwest-1.amazonaws.com", }, "eu-central-1": Object { "states": "states.eu-central-1.amazonaws.com", }, "eu-north-1": Object { "states": "states.eu-north-1.amazonaws.com", }, "eu-south-1": Object { "states": "states.eu-south-1.amazonaws.com", }, "eu-south-2": Object { "states": "states.eu-south-2.amazonaws.com", }, "eu-west-1": Object { "states": "states.eu-west-1.amazonaws.com", }, "eu-west-2": Object { "states": "states.eu-west-2.amazonaws.com", }, "eu-west-3": Object { "states": "states.eu-west-3.amazonaws.com", }, "me-south-1": Object { "states": "states.me-south-1.amazonaws.com", }, "sa-east-1": Object { "states": "states.sa-east-1.amazonaws.com", }, "us-east-1": Object { "states": "states.us-east-1.amazonaws.com", }, "us-east-2": Object { "states": "states.us-east-2.amazonaws.com", }, "us-gov-east-1": Object { "states": "states.us-gov-east-1.amazonaws.com", }, "us-gov-west-1": Object { "states": "states.us-gov-west-1.amazonaws.com", }, "us-iso-east-1": Object { "states": "states.amazonaws.com", }, "us-iso-west-1": Object { "states": "states.amazonaws.com", }, "us-isob-east-1": Object { "states": "states.amazonaws.com", }, "us-west-1": Object { "states": "states.us-west-1.amazonaws.com", }, "us-west-2": Object { "states": "states.us-west-2.amazonaws.com", }, }, }, "Metadata": Object { "AWS::CloudFormation::Interface": Object { "ParameterGroups": Array [ Object { "Label": Object { "default": "Required input parameters", }, "Parameters": Array [ "SourceVault", "DestinationBucket", "DestinationStorageClass", "GlacierRetrievalTier", ], }, Object { "Label": Object { "default": "Confirmation to avoid excessive costs", }, "Parameters": Array [ "CloudTrailExportConfirmation", "SNSTopicForVaultConfirmation", ], }, Object { "Label": Object { "default": "[OPTIONAL] External filenames override for ArchiveDescription", }, "Parameters": Array [ "FilelistS3Location", ], }, ], "ParameterLabels": Object { "CloudTrailExportConfirmation": Object { "default": "Have you checked that there is only one Cloudtrail export to S3 bucket configured in your account?", }, "DestinationBucket": Object { "default": "S3 destination bucket name", }, "DestinationStorageClass": Object { "default": "S3 destination storage class", }, "FilelistS3Location": Object { "default": "Amazon S3 location of the CSV file as BUCKET/FILEPATH", }, "GlacierRetrievalTier": Object { "default": "Glacier retrieval tier", }, "SNSTopicForVaultConfirmation": Object { "default": "Has default SNS notification topic on the vault been disabled or is it acceptable to receive notification for ALL archives in the vault?", }, "SourceVault": Object { "default": "Source Glacier vault name", }, }, }, }, "Outputs": Object { "CloudTrailExportConfirmationSelection": Object { "Description": "Selected option for CloudTrail Export confirmation", "Value": Object { "Ref": "CloudTrailExportConfirmation", }, }, "SNSTopicForVaultConfirmationSelection": Object { "Description": "Selected option for SNS Topic for Vault confirmation", "Value": Object { "Ref": "SNSTopicForVaultConfirmation", }, }, "StagingBucketName": Object { "Description": "Staging Bucket Name", "Value": Object { "Ref": "stagingBucket", }, }, "dashboardUrl": Object { "Description": "Progress Dashboard URL", "Value": Object { "Fn::Join": Array [ "", Array [ "https://", Object { "Ref": "AWS::Region", }, ".console.aws.amazon.com/cloudwatch/home?region=", Object { "Ref": "AWS::Region", }, "#dashboards:name=", Object { "Ref": "AWS::StackName", }, "-Amazon-S3-Glacier-ReFreezer;accountId=", Object { "Ref": "AWS::AccountId", }, ], ], }, }, }, "Parameters": Object { "BootstrapVersion": Object { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value", }, "CloudTrailExportConfirmation": Object { "AllowedValues": Array [ "Yes", "No", ], "Type": "String", }, "DestinationBucket": Object { "AllowedPattern": ".+", "Type": "String", }, "DestinationStorageClass": Object { "AllowedValues": Array [ "STANDARD", "INTELLIGENT_TIERING", "STANDARD_IA", "ONEZONE_IA", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", ], "Default": "STANDARD", "Type": "String", }, "FilelistS3Location": Object { "Default": "", "Type": "String", }, "GlacierRetrievalTier": Object { "AllowedValues": Array [ "Bulk", "Standard", "Expedited", ], "Default": "Bulk", "Type": "String", }, "SNSTopicForVaultConfirmation": Object { "AllowedValues": Array [ "Yes", "No", ], "Type": "String", }, "SourceVault": Object { "AllowedPattern": ".+", "Type": "String", }, }, "Resources": Object { "ArchiveNotificationsPolicyB2E509DE": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:AddPermission", "sns:RemovePermission", "sns:DeleteTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "sns:Publish", "sns:Receive", ], "Condition": Object { "StringEquals": Object { "AWS:SourceOwner": Object { "Ref": "AWS::AccountId", }, }, }, "Effect": "Allow", "Principal": Object { "Service": "glacier.amazonaws.com", }, "Resource": Object { "Ref": "archiveNotifications", }, "Sid": "permitService", }, Object { "Action": Array [ "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:AddPermission", "sns:RemovePermission", "sns:DeleteTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "sns:Publish", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Ref": "archiveNotifications", }, "Sid": "denyInsecureTransport", }, ], "Version": "2012-10-17", }, "Topics": Array [ Object { "Ref": "archiveNotifications", }, ], }, "Type": "AWS::SNS::TopicPolicy", }, "archiveNotifications": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W47", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::SNS::Topic", }, "dynamoDataCatalogMetricsTable174C007B": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W28", "reason": "Transient table - updates must be through deletion/redeployment of the stack only", }, Object { "id": "W74", "reason": "Metadata table - no encryption required", }, ], }, }, "Properties": Object { "AttributeDefinitions": Array [ Object { "AttributeName": "pk", "AttributeType": "S", }, ], "BillingMode": "PAY_PER_REQUEST", "KeySchema": Array [ Object { "AttributeName": "pk", "KeyType": "HASH", }, ], "PointInTimeRecoverySpecification": Object { "PointInTimeRecoveryEnabled": true, }, "TableName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-grf-job-metrics", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Delete", }, "dynamoDataCatalogStatusTableE9ACB88F": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W28", "reason": "Transient table - updates must be through deletion/redeployment of the stack only", }, Object { "id": "W74", "reason": "Metadata table - no encryption required", }, ], }, }, "Properties": Object { "AttributeDefinitions": Array [ Object { "AttributeName": "aid", "AttributeType": "S", }, Object { "AttributeName": "pid", "AttributeType": "N", }, Object { "AttributeName": "ifn", "AttributeType": "N", }, Object { "AttributeName": "fname", "AttributeType": "S", }, ], "BillingMode": "PROVISIONED", "GlobalSecondaryIndexes": Array [ Object { "IndexName": "max-file-index", "KeySchema": Array [ Object { "AttributeName": "pid", "KeyType": "HASH", }, Object { "AttributeName": "ifn", "KeyType": "RANGE", }, ], "Projection": Object { "ProjectionType": "KEYS_ONLY", }, "ProvisionedThroughput": Object { "ReadCapacityUnits": 5, "WriteCapacityUnits": 30, }, }, Object { "IndexName": "name-index", "KeySchema": Array [ Object { "AttributeName": "fname", "KeyType": "HASH", }, ], "Projection": Object { "ProjectionType": "KEYS_ONLY", }, "ProvisionedThroughput": Object { "ReadCapacityUnits": 15, "WriteCapacityUnits": 30, }, }, ], "KeySchema": Array [ Object { "AttributeName": "aid", "KeyType": "HASH", }, ], "PointInTimeRecoverySpecification": Object { "PointInTimeRecoveryEnabled": true, }, "ProvisionedThroughput": Object { "ReadCapacityUnits": 25, "WriteCapacityUnits": 30, }, "StreamSpecification": Object { "StreamViewType": "NEW_AND_OLD_IMAGES", }, "TableName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-grf-job-status", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Delete", }, "dynamoDataCatalogStatusTableReadScalingTarget544936B3": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 25, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:table:ReadCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTableReadScalingTargetTrackingEA8022B1": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTableReadScalingTargetTracking192C2DD9", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTableReadScalingTarget544936B3", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBReadCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "dynamoDataCatalogStatusTableWriteScalingTargetD6BBCD46": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 30, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:table:WriteCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTableWriteScalingTargetTrackingD2EC7DF0": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTableWriteScalingTargetTracking5A9B6665", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTableWriteScalingTargetD6BBCD46", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBWriteCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "dynamoDataCatalogStatusTablemaxfileindexReadScalingTarget4766C10B": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 5, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "/index/max-file-index", ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:index:ReadCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTablemaxfileindexReadScalingTargetTrackingC5BD9481": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTablemaxfileindexReadScalingTargetTracking699B3E11", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTablemaxfileindexReadScalingTarget4766C10B", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBReadCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "dynamoDataCatalogStatusTablemaxfileindexWriteScalingTargetFD4F0C81": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 30, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "/index/max-file-index", ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:index:WriteCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTablemaxfileindexWriteScalingTargetTracking43B81A6C": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTablemaxfileindexWriteScalingTargetTrackingF1CC354C", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTablemaxfileindexWriteScalingTargetFD4F0C81", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBWriteCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "dynamoDataCatalogStatusTablenameindexReadScalingTarget756A5D45": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 15, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "/index/name-index", ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:index:ReadCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTablenameindexReadScalingTargetTracking0A15E69B": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTablenameindexReadScalingTargetTracking64D84775", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTablenameindexReadScalingTarget756A5D45", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBReadCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "dynamoDataCatalogStatusTablenameindexWriteScalingTargetBF74747A": Object { "Properties": Object { "MaxCapacity": 500, "MinCapacity": 30, "ResourceId": Object { "Fn::Join": Array [ "", Array [ "table/", Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "/index/name-index", ], ], }, "RoleARN": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable", ], ], }, "ScalableDimension": "dynamodb:index:WriteCapacityUnits", "ServiceNamespace": "dynamodb", }, "Type": "AWS::ApplicationAutoScaling::ScalableTarget", }, "dynamoDataCatalogStatusTablenameindexWriteScalingTargetTrackingBF88D57A": Object { "Properties": Object { "PolicyName": "teststackdynamoDataCatalogStatusTablenameindexWriteScalingTargetTrackingFAAC1A4F", "PolicyType": "TargetTrackingScaling", "ScalingTargetId": Object { "Ref": "dynamoDataCatalogStatusTablenameindexWriteScalingTargetBF74747A", }, "TargetTrackingScalingPolicyConfiguration": Object { "PredefinedMetricSpecification": Object { "PredefinedMetricType": "DynamoDBWriteCapacityUtilization", }, "ScaleInCooldown": 60, "ScaleOutCooldown": 10, "TargetValue": 70, }, }, "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", }, "glueDataCatalogAthenaWorkgroup81F608D4": Object { "Properties": Object { "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol", ], ], }, "RecursiveDeleteOption": true, "State": "ENABLED", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "WorkGroupConfiguration": Object { "EnforceWorkGroupConfiguration": true, "EngineVersion": Object { "SelectedEngineVersion": "Athena engine version 2", }, "ResultConfiguration": Object { "OutputLocation": Object { "Fn::Join": Array [ "", Array [ "s3://", Object { "Ref": "stagingBucket", }, "/results", ], ], }, }, }, }, "Type": "AWS::Athena::WorkGroup", }, "glueDataCatalogFilelistTable2224351B": Object { "Properties": Object { "CatalogId": Object { "Ref": "AWS::AccountId", }, "DatabaseName": Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "TableInput": Object { "Description": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-filelist generated by CDK", ], ], }, "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-filelist", ], ], }, "Parameters": Object { "has_encrypted_data": false, }, "StorageDescriptor": Object { "Columns": Array [ Object { "Name": "archiveid", "Type": "string", }, Object { "Name": "override", "Type": "string", }, ], "Compressed": false, "InputFormat": "org.apache.hadoop.mapred.TextInputFormat", "Location": Object { "Fn::Join": Array [ "", Array [ "s3://", Object { "Ref": "stagingBucket", }, "/filelist/", ], ], }, "OutputFormat": "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat", "SerdeInfo": Object { "SerializationLibrary": "org.apache.hadoop.hive.serde2.OpenCSVSerde", }, "StoredAsSubDirectories": false, }, "TableType": "EXTERNAL_TABLE", }, }, "Type": "AWS::Glue::Table", }, "glueDataCatalogInventoryDatabase96DE1AD3": Object { "Properties": Object { "CatalogId": Object { "Ref": "AWS::AccountId", }, "DatabaseInput": Object { "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-inventory", ], ], }, }, }, "Type": "AWS::Glue::Database", }, "glueDataCatalogInventoryTable05E5F37F": Object { "Properties": Object { "CatalogId": Object { "Ref": "AWS::AccountId", }, "DatabaseName": Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "TableInput": Object { "Description": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-inventory generated by CDK", ], ], }, "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-inventory", ], ], }, "Parameters": Object { "has_encrypted_data": false, "skip.header.line.count": "1", }, "StorageDescriptor": Object { "Columns": Array [ Object { "Name": "archiveid", "Type": "string", }, Object { "Name": "archivedescription", "Type": "string", }, Object { "Name": "creationdate", "Type": "string", }, Object { "Name": "size", "Type": "bigint", }, Object { "Name": "sha256treehash", "Type": "string", }, ], "Compressed": false, "InputFormat": "org.apache.hadoop.mapred.TextInputFormat", "Location": Object { "Fn::Join": Array [ "", Array [ "s3://", Object { "Ref": "stagingBucket", }, "/inventory/", ], ], }, "OutputFormat": "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat", "SerdeInfo": Object { "Parameters": Object { "escapeChar": "\\\\", "quoteChar": "\\"", }, "SerializationLibrary": "org.apache.hadoop.hive.serde2.OpenCSVSerde", }, "StoredAsSubDirectories": false, }, "TableType": "EXTERNAL_TABLE", }, }, "Type": "AWS::Glue::Table", }, "glueDataCatalogPartitionedinventoryTable94032B41": Object { "Properties": Object { "CatalogId": Object { "Ref": "AWS::AccountId", }, "DatabaseName": Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "TableInput": Object { "Description": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-inventory-partitioned generated by CDK", ], ], }, "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercaseTrigger0ABB3AB5", "stack_name", ], }, "-grf-inventory-partitioned", ], ], }, "Parameters": Object { "has_encrypted_data": false, "parquet.compression": "SNAPPY", }, "PartitionKeys": Array [ Object { "Name": "part", "Type": "bigint", }, ], "StorageDescriptor": Object { "Columns": Array [ Object { "Name": "archiveid", "Type": "string", }, Object { "Name": "archivedescription", "Type": "string", }, Object { "Name": "creationdate", "Type": "string", }, Object { "Name": "size", "Type": "bigint", }, Object { "Name": "sha256treehash", "Type": "string", }, Object { "Name": "row_num", "Type": "bigint", }, ], "Compressed": false, "InputFormat": "org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat", "Location": Object { "Fn::Join": Array [ "", Array [ "s3://", Object { "Ref": "stagingBucket", }, "/partitioned/", ], ], }, "OutputFormat": "org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat", "SerdeInfo": Object { "SerializationLibrary": "org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe", }, "StoredAsSubDirectories": false, }, "TableType": "EXTERNAL_TABLE", }, }, "Type": "AWS::Glue::Table", }, "glueDataCatalogtoLowerCaseRoleDefaultPolicy572EA173": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-toLowercase:**", ], ], }, "Sid": "allowCloudWatchLogs", }, ], "Version": "2012-10-17", }, "PolicyName": "glueDataCatalogtoLowerCaseRoleDefaultPolicy572EA173", "Roles": Array [ Object { "Ref": "glueDataCatalogtoLowerCaseRoleFD57E4D5", }, ], }, "Type": "AWS::IAM::Policy", }, "glueDataCatalogtoLowerCaseRoleFD57E4D5": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "glueDataCatalogtoLowercase8AA0AFF5": Object { "DependsOn": Array [ "glueDataCatalogtoLowerCaseRoleDefaultPolicy572EA173", "glueDataCatalogtoLowerCaseRoleFD57E4D5", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "65662e6cfc7b965ae94343a2d0b2b082bfe666f2d6042e11b0d23ac438dc7998.zip", }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-toLowercase", ], ], }, "Handler": "index.handler", "Role": Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowerCaseRoleFD57E4D5", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Lambda::Function", }, "glueDataCatalogtoLowercaseTrigger0ABB3AB5": Object { "DeletionPolicy": "Delete", "Properties": Object { "ServiceToken": Object { "Fn::GetAtt": Array [ "glueDataCatalogtoLowercase8AA0AFF5", "Arn", ], }, "stack_name": Object { "Ref": "AWS::StackName", }, }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "inventoryNotification": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W47", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::SNS::Topic", }, "monitoringCalculateMetrics1B70CF5B": Object { "DependsOn": Array [ "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "c1d20b5a1f8372855258fc29fb8929e9ebf43e78a559cf90e4ce823a0f38d3df.zip", }, "Environment": Object { "Variables": Object { "METRICS_TABLE": Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-calculateMetrics", ], ], }, "Handler": "index.handler", "Role": Object { "Fn::GetAtt": Array [ "monitoringCalculateMetricsRoleA76278A7", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Lambda::Function", }, "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1": Object { "DependsOn": Array [ "monitoringCalculateMetricsRolePolicy0C1EF64D", ], "Properties": Object { "BatchSize": 1000, "EventSourceArn": Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "StreamArn", ], }, "FunctionName": Object { "Ref": "monitoringCalculateMetrics1B70CF5B", }, "MaximumBatchingWindowInSeconds": 30, "ParallelizationFactor": 1, "StartingPosition": "TRIM_HORIZON", }, "Type": "AWS::Lambda::EventSourceMapping", }, "monitoringCalculateMetricsRoleA76278A7": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "monitoringCalculateMetricsRoleDefaultPolicy22C0E657": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "Roles": Array [ Object { "Ref": "monitoringCalculateMetricsRoleA76278A7", }, ], }, "Type": "AWS::IAM::Policy", }, "monitoringCalculateMetricsRolePolicy0C1EF64D": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateMetrics:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "dynamodb:ListStreams", "dynamodb:DescribeStream", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:ListShards", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/stream/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "monitoringCalculateMetricsRolePolicy0C1EF64D", "Roles": Array [ Object { "Ref": "monitoringCalculateMetricsRoleA76278A7", }, ], }, "Type": "AWS::IAM::Policy", }, "monitoringPostMetricSchedule8675C968": Object { "Properties": Object { "ScheduleExpression": "rate(1 minute)", "State": "ENABLED", "Targets": Array [ Object { "Arn": Object { "Fn::GetAtt": Array [ "monitoringPostMetrics98F9F947", "Arn", ], }, "Id": "Target0", }, ], }, "Type": "AWS::Events::Rule", }, "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF": Object { "Properties": Object { "Action": "lambda:InvokeFunction", "FunctionName": Object { "Fn::GetAtt": Array [ "monitoringPostMetrics98F9F947", "Arn", ], }, "Principal": "events.amazonaws.com", "SourceArn": Object { "Fn::GetAtt": Array [ "monitoringPostMetricSchedule8675C968", "Arn", ], }, }, "Type": "AWS::Lambda::Permission", }, "monitoringPostMetrics98F9F947": Object { "DependsOn": Array [ "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "bd224b1ebdef26844c3745b79c17e9083aade0052d571d6ab5489a1b9d40a978.zip", }, "Environment": Object { "Variables": Object { "ARCHIVE_NOTIFICATIONS_TOPIC": Object { "Fn::GetAtt": Array [ "archiveNotifications", "TopicName", ], }, "METRICS_TABLE": Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "STACK_NAME": Object { "Ref": "AWS::StackName", }, "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-postMetrics", ], ], }, "Handler": "index.handler", "Role": Object { "Fn::GetAtt": Array [ "monitoringPostMetricsRole87B61E7B", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Lambda::Function", }, "monitoringPostMetricsRole87B61E7B": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "monitoringPostMetricsRolePolicy596F9F4D": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W12", "reason": "CloudWatch does not support metric ARNs. Using Namespace condition", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "dynamodb:Query", "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, }, Object { "Action": "cloudwatch:PutMetricData", "Condition": Object { "StringEquals": Object { "cloudwatch:namespace": "AmazonS3GlacierReFreezer", }, }, "Effect": "Allow", "Resource": "*", "Sid": "permitPostMetrics", }, Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-postMetrics:**", ], ], }, "Sid": "allowCloudWatchLogs", }, ], "Version": "2012-10-17", }, "PolicyName": "monitoringPostMetricsRolePolicy596F9F4D", "Roles": Array [ Object { "Ref": "monitoringPostMetricsRole87B61E7B", }, ], }, "Type": "AWS::IAM::Policy", }, "monitoringcalculateMetricsLogGroup9961A214": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateMetrics", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringcalculateTreehashLogGroup6FC738B3": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateTreehash", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringcopyChunkLogGroup5D04918E": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyChunk", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringcopyToDestinationBucketLogGroup4BB91669": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyToDestinationBucket", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringdeployGlueJobScriptLogGroupAA50E4DE": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-deployGlueJobScript", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringdownloadInventoryLogGroup2471C2FF": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventory", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringdownloadInventoryPartLogGroupD9E69690": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventoryPart", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringgenerateUuidLogGroup18A074CF": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-generateUuid", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringglacierrefreezerdashboardE7F6D8AE": Object { "Properties": Object { "DashboardBody": Object { "Fn::Join": Array [ "", Array [ "{\\"widgets\\":[{\\"type\\":\\"metric\\",\\"width\\":24,\\"height\\":3,\\"x\\":0,\\"y\\":0,\\"properties\\":{\\"view\\":\\"singleValue\\",\\"title\\":\\"Amazon S3 Glacier Re:Freezer Progress Metrics : ", Object { "Ref": "AWS::StackName", }, "\\",\\"region\\":\\"", Object { "Ref": "AWS::Region", }, "\\",\\"metrics\\":[[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountTotal\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Total Archives\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountRequested\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Requested from Glacier\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountStaged\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Staged\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountValidated\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Hashes Validated\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountCompleted\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Copied to Destination\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}]]}},{\\"type\\":\\"metric\\",\\"width\\":24,\\"height\\":6,\\"x\\":0,\\"y\\":3,\\"properties\\":{\\"view\\":\\"timeSeries\\",\\"title\\":\\"Timeline\\",\\"region\\":\\"", Object { "Ref": "AWS::Region", }, "\\",\\"metrics\\":[[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountTotal\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Total Archives\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountRequested\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Requested from Glacier\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountStaged\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Staged\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountValidated\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Hashes Validated\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}],[\\"AmazonS3GlacierReFreezer\\",\\"ArchiveCountCompleted\\",\\"CloudFormationStack\\",\\"", Object { "Ref": "AWS::StackName", }, "\\",{\\"label\\":\\"Copied to Destination\\",\\"accountId\\":\\"", Object { "Ref": "AWS::AccountId", }, "\\",\\"stat\\":\\"Maximum\\"}]],\\"yAxis\\":{}}},{\\"type\\":\\"log\\",\\"width\\":24,\\"height\\":6,\\"x\\":0,\\"y\\":9,\\"properties\\":{\\"view\\":\\"table\\",\\"title\\":\\"Errors\\",\\"region\\":\\"", Object { "Ref": "AWS::Region", }, "\\",\\"query\\":\\"SOURCE '/aws/vendedlogs/states/", Object { "Ref": "AWS::StackName", }, "-stageTwoOrchestrator' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateMetrics' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateTreehash' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyChunk' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyToDestinationBucket' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-deployGlueJobScript' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventory' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventoryPart' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-generateUuid' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-postMetrics' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestArchives' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestInventory' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-sendAnonymousStats' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-splitArchive' | SOURCE '/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-toLowercase' | fields @timestamp, @message\\\\n| filter @message like /error/ or @message like /Error/ or @message like /ERROR/\\\\n| filter @message not like /ThrottlingException/\\\\n| filter @message not like /Idle connections will be closed/\\\\n| sort by @timestamp desc\\"}},{\\"type\\":\\"metric\\",\\"width\\":24,\\"height\\":6,\\"x\\":0,\\"y\\":15,\\"properties\\":{\\"view\\":\\"timeSeries\\",\\"title\\":\\"Oldest SQS Message\\",\\"region\\":\\"", Object { "Ref": "AWS::Region", }, "\\",\\"metrics\\":[[\\"AWS/SQS\\",\\"ApproximateAgeOfOldestMessage\\",\\"QueueName\\",\\"", Object { "Ref": "AWS::StackName", }, "-archive-notification-queue\\"],[\\"AWS/SQS\\",\\"ApproximateAgeOfOldestMessage\\",\\"QueueName\\",\\"", Object { "Ref": "AWS::StackName", }, "-chunk-copy-queue\\"]],\\"yAxis\\":{}}}]}", ], ], }, "DashboardName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-Amazon-S3-Glacier-ReFreezer", ], ], }, }, "Type": "AWS::CloudWatch::Dashboard", }, "monitoringpostMetricsLogGroup670566A8": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-postMetrics", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringrequestArchivesLogGroup70D7C9C5": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestArchives", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringrequestInventoryLogGroupB7C9607D": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestInventory", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringsendAnonymousStatsLogGroup0C9968BB": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-sendAnonymousStats", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringsplitArchiveLogGroup026DE41D": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-splitArchive", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringstageTwoOrchestratorLogGroup62996996": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/vendedlogs/states/", Object { "Ref": "AWS::StackName", }, "-stageTwoOrchestrator", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "monitoringtoLowercaseLogGroupC05CBA29": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W84", "reason": "The solution is a temporary, one off deployment. No sensitive or PII data logged.", }, ], }, }, "Properties": Object { "LogGroupName": Object { "Fn::Join": Array [ "", Array [ "/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-toLowercase", ], ], }, "RetentionInDays": 90, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::Logs::LogGroup", }, "stageFourCalculateTreehashRoleC5DE238E": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageFourCalculateTreehashRoleDefaultPolicy38EF64C8": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W76", "reason": "Policy is auto-generated by CDK", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/index/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageFourdestinationcopyqueue3EEF6C15", "Arn", ], }, }, Object { "Action": Array [ "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:GetQueueUrl", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "stageFourCalculateTreehashRoleDefaultPolicy38EF64C8", "Roles": Array [ Object { "Ref": "stageFourCalculateTreehashRoleC5DE238E", }, ], }, "Type": "AWS::IAM::Policy", }, "stageFourCalculateTreehashRolePolicyC1ADC373": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-calculateTreehash:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": "s3:PutObject", "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, "/*", ], ], }, "Sid": "allowPutObject", }, Object { "Action": "s3:ListBucket", "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, ], ], }, "Sid": "allowListBucket", }, ], "Version": "2012-10-17", }, "PolicyName": "stageFourCalculateTreehashRolePolicyC1ADC373", "Roles": Array [ Object { "Ref": "stageFourCalculateTreehashRoleC5DE238E", }, ], }, "Type": "AWS::IAM::Policy", }, "stageFourcalculateTreehashC1E7BFB4": Object { "DependsOn": Array [ "stageFourCalculateTreehashRoleDefaultPolicy38EF64C8", "stageFourCalculateTreehashRoleC5DE238E", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "f47c06b5725f8ae5559085e2b0eb0b8a99cebfc5b5b43fc003c1118cab7df16a.zip", }, "Environment": Object { "Variables": Object { "DESTINATION_BUCKET": Object { "Ref": "DestinationBucket", }, "METRIC_TABLE": Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "SQS_ARCHIVE_NOTIFICATION": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "QueueName", ], }, "SQS_COPY_TO_DESTINATION_NOTIFICATION": Object { "Fn::GetAtt": Array [ "stageFourdestinationcopyqueue3EEF6C15", "QueueName", ], }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STAGING_BUCKET_PREFIX": "stagingdata", "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "STORAGE_CLASS": Object { "Ref": "DestinationStorageClass", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-calculateTreehash", ], ], }, "Handler": "index.handler", "MemorySize": 1024, "ReservedConcurrentExecutions": 55, "Role": Object { "Fn::GetAtt": Array [ "stageFourCalculateTreehashRoleC5DE238E", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageFourcalculateTreehashSqsEventSourceteststackstageThreetreehashcalcqueueE81E0D736E8DC7E1": Object { "Properties": Object { "BatchSize": 1, "EventSourceArn": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "Arn", ], }, "FunctionName": Object { "Ref": "stageFourcalculateTreehashC1E7BFB4", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "stageFourcopyToDestinationBucket5643054F": Object { "DependsOn": Array [ "stageFourcopyToDestinationBucketRoleDefaultPolicyC0C83D3D", "stageFourcopyToDestinationBucketRole072254ED", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "f4dd4be023fce2734300fe3f34e7a336aee3c4296a3d073bd3f95c396f698097.zip", }, "Environment": Object { "Variables": Object { "DESTINATION_BUCKET": Object { "Ref": "DestinationBucket", }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STAGING_BUCKET_PREFIX": "stagingdata", "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "STORAGE_CLASS": Object { "Ref": "DestinationStorageClass", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-copyToDestinationBucket", ], ], }, "Handler": "index.handler", "MemorySize": 128, "ReservedConcurrentExecutions": 100, "Role": Object { "Fn::GetAtt": Array [ "stageFourcopyToDestinationBucketRole072254ED", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageFourcopyToDestinationBucketRole072254ED": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageFourcopyToDestinationBucketRoleDefaultPolicyC0C83D3D": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyToDestinationBucket:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/index/*", ], ], }, ], }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, "/*", ], ], }, ], }, Object { "Action": Array [ "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:GetQueueUrl", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageFourdestinationcopyqueue3EEF6C15", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "stageFourcopyToDestinationBucketRoleDefaultPolicyC0C83D3D", "Roles": Array [ Object { "Ref": "stageFourcopyToDestinationBucketRole072254ED", }, ], }, "Type": "AWS::IAM::Policy", }, "stageFourcopyToDestinationBucketSqsEventSourceteststackstageFourdestinationcopyqueueA23C134BF9E8EEEC": Object { "Properties": Object { "BatchSize": 1, "EventSourceArn": Object { "Fn::GetAtt": Array [ "stageFourdestinationcopyqueue3EEF6C15", "Arn", ], }, "FunctionName": Object { "Ref": "stageFourcopyToDestinationBucket5643054F", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "stageFourdestinationcopyqueue3EEF6C15": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W48", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "MessageRetentionPeriod": 1209600, "QueueName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-destination-copy-queue", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "VisibilityTimeout": 905, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "stageFourdestinationcopyqueuePolicyB1179CE7": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "sqs:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "stageFourdestinationcopyqueue3EEF6C15", "Arn", ], }, "Sid": "denyInsecureTransport", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "stageFourdestinationcopyqueue3EEF6C15", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "stageOneInventoryNotificationPolicy66D24C4B": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:AddPermission", "sns:RemovePermission", "sns:DeleteTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "sns:Publish", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Ref": "inventoryNotification", }, "Sid": "denyInsecureTransport", }, Object { "Action": Array [ "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:AddPermission", "sns:RemovePermission", "sns:DeleteTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "sns:Publish", "sns:Receive", ], "Condition": Object { "StringEquals": Object { "AWS:SourceOwner": Object { "Ref": "AWS::AccountId", }, }, }, "Effect": "Allow", "Principal": Object { "Service": "glacier.amazonaws.com", }, "Resource": Object { "Ref": "inventoryNotification", }, "Sid": "permitService", }, ], "Version": "2012-10-17", }, "Topics": Array [ Object { "Ref": "inventoryNotification", }, ], }, "Type": "AWS::SNS::TopicPolicy", }, "stageOnedownloadInventory7367D822": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageOnedownloadInventoryRoleDefaultPolicyAD1FA742", "stageOnedownloadInventoryRoleAA298206", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "a573591bcc63a4613c8634a5b1c76b18466e3fc838619c1ab323266f013fa7a6.zip", }, "Environment": Object { "Variables": Object { "BUCKET_PREFIX": "inventory", "GLACIER_VAULT": Object { "Ref": "SourceVault", }, "INVENTORY_BUCKET": Object { "Ref": "stagingBucket", }, "INVENTORY_PART_FUNCTION": Object { "Ref": "stageOnedownloadInventoryPartC8387F3A", }, "STAGE_TWO_SF_ARN": Object { "Ref": "stageTwoOrchestrator", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-downloadInventory", ], ], }, "Handler": "index.handler", "MemorySize": 1024, "Role": Object { "Fn::GetAtt": Array [ "stageOnedownloadInventoryRoleAA298206", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageOnedownloadInventoryAllowInvoketeststackstageOneInventoryNotification40CE33BD7BDB5327": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "Action": "lambda:InvokeFunction", "FunctionName": Object { "Fn::GetAtt": Array [ "stageOnedownloadInventory7367D822", "Arn", ], }, "Principal": "sns.amazonaws.com", "SourceArn": Object { "Ref": "inventoryNotification", }, }, "Type": "AWS::Lambda::Permission", }, "stageOnedownloadInventoryInventoryNotification72A472C2": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "Endpoint": Object { "Fn::GetAtt": Array [ "stageOnedownloadInventory7367D822", "Arn", ], }, "Protocol": "lambda", "TopicArn": Object { "Ref": "inventoryNotification", }, }, "Type": "AWS::SNS::Subscription", }, "stageOnedownloadInventoryPartC8387F3A": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageOnedownloadInventoryPartRoleDefaultPolicy48449137", "stageOnedownloadInventoryPartRole00EF5805", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "441efbfde65517692b378e6ab38c41b3ad33188b61ef30418530b12ed00e8382.zip", }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-downloadInventoryPart", ], ], }, "Handler": "index.handler", "MemorySize": 1024, "ReservedConcurrentExecutions": 10, "Role": Object { "Fn::GetAtt": Array [ "stageOnedownloadInventoryPartRole00EF5805", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageOnedownloadInventoryPartRole00EF5805": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageOnedownloadInventoryPartRoleDefaultPolicy48449137": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventoryPart:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, ], "Version": "2012-10-17", }, "PolicyName": "stageOnedownloadInventoryPartRoleDefaultPolicy48449137", "Roles": Array [ Object { "Ref": "stageOnedownloadInventoryPartRole00EF5805", }, ], }, "Type": "AWS::IAM::Policy", }, "stageOnedownloadInventoryRoleAA298206": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageOnedownloadInventoryRoleDefaultPolicyAD1FA742": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-downloadInventory:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, Object { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stageOnedownloadInventoryPartC8387F3A", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stageOnedownloadInventoryPartC8387F3A", "Arn", ], }, ":*", ], ], }, ], }, Object { "Action": "states:StartExecution", "Effect": "Allow", "Resource": Object { "Ref": "stageTwoOrchestrator", }, }, ], "Version": "2012-10-17", }, "PolicyName": "stageOnedownloadInventoryRoleDefaultPolicyAD1FA742", "Roles": Array [ Object { "Ref": "stageOnedownloadInventoryRoleAA298206", }, ], }, "Type": "AWS::IAM::Policy", }, "stageOnerequestInventory8924DF79": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageOnerequestInventoryRoleDefaultPolicy2769E380", "stageOnerequestInventoryRoleC0473E06", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "d2b1227700a75a0a3ddbd0def5a98256dd8842164a99d2f5538621a9bbbe1376.zip", }, "Environment": Object { "Variables": Object { "CLOUDTRAIL_EXPORT_CONF": Object { "Ref": "CloudTrailExportConfirmation", }, "DESTINATION_BUCKET": Object { "Ref": "DestinationBucket", }, "FILELIST_LOCATION": Object { "Ref": "FilelistS3Location", }, "SNS_TOPIC_ARN": Object { "Ref": "inventoryNotification", }, "SNS_VAULT_CONF": Object { "Ref": "SNSTopicForVaultConfirmation", }, "SOURCE_VAULT": Object { "Ref": "SourceVault", }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STAGING_LIST_PREFIX": "filelist", }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-requestInventory", ], ], }, "Handler": "index.handler", "MemorySize": 256, "Role": Object { "Fn::GetAtt": Array [ "stageOnerequestInventoryRoleC0473E06", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageOnerequestInventoryRoleC0473E06": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageOnerequestInventoryRoleDefaultPolicy2769E380": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestInventory:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "DestinationBucket", }, "/*", ], ], }, ], }, Object { "Action": Array [ "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:GetBucketLocation", "s3:GetObject", "s3:GetObjectAcl", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":s3:::", Object { "Ref": "FilelistS3Location", }, ], ], }, "Sid": "allowS3Access", }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, ], "Version": "2012-10-17", }, "PolicyName": "stageOnerequestInventoryRoleDefaultPolicy2769E380", "Roles": Array [ Object { "Ref": "stageOnerequestInventoryRoleC0473E06", }, ], }, "Type": "AWS::IAM::Policy", }, "stageOnerequestInventoryTriggerB9B55962": Object { "DeletionPolicy": "Delete", "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "ServiceToken": Object { "Fn::GetAtt": Array [ "stageOnerequestInventory8924DF79", "Arn", ], }, }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "stageThreeCopyChunk9DFA72B0": Object { "DependsOn": Array [ "stageThreeCopyChunkRoleDefaultPolicyA5C59C91", "stageThreeCopyChunkRole24158C8C", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "9fcb95fffb5597e05124ebef69c2e8ce2eb9fc8d403620421842c096705321fb.zip", }, "Environment": Object { "Variables": Object { "METRIC_TABLE": Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "SQS_HASH": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "QueueName", ], }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STAGING_BUCKET_PREFIX": "stagingdata", "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "VAULT": Object { "Ref": "SourceVault", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-copyChunk", ], ], }, "Handler": "index.handler", "MemorySize": 1024, "ReservedConcurrentExecutions": 35, "Role": Object { "Fn::GetAtt": Array [ "stageThreeCopyChunkRole24158C8C", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageThreeCopyChunkRole24158C8C": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageThreeCopyChunkRoleDefaultPolicyA5C59C91": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W76", "reason": "Policy is auto-generated by CDK", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-copyChunk:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, Object { "Action": Array [ "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreechunkcopyqueue6E6E5A95", "Arn", ], }, "Sid": "allowSqsSubscribeAccess", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/index/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "stageThreeCopyChunkRoleDefaultPolicyA5C59C91", "Roles": Array [ Object { "Ref": "stageThreeCopyChunkRole24158C8C", }, ], }, "Type": "AWS::IAM::Policy", }, "stageThreeCopyChunkSqsEventSourceteststackstageThreechunkcopyqueue346472D84B59BEB5": Object { "Properties": Object { "BatchSize": 1, "EventSourceArn": Object { "Fn::GetAtt": Array [ "stageThreechunkcopyqueue6E6E5A95", "Arn", ], }, "FunctionName": Object { "Ref": "stageThreeCopyChunk9DFA72B0", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "stageThreeSplitArchiveCEC9C9A3": Object { "DependsOn": Array [ "stageThreesplitArchiveRoleDefaultPolicyCA0A260E", "stageThreesplitArchiveRole7D1991B8", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "27548fd6432f9f96fb93185d5b79fae9ab728d23723049d1b862c95874f87f0d.zip", }, "Environment": Object { "Variables": Object { "SQS_CHUNK": Object { "Fn::GetAtt": Array [ "stageThreechunkcopyqueue6E6E5A95", "QueueName", ], }, "SQS_HASH": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "QueueName", ], }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STAGING_BUCKET_PREFIX": "stagingdata", "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-splitArchive", ], ], }, "Handler": "index.handler", "MemorySize": 256, "ReservedConcurrentExecutions": 45, "Role": Object { "Fn::GetAtt": Array [ "stageThreesplitArchiveRole7D1991B8", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageThreeSplitArchiveSqsEventSourceteststackstageThreearchivenotificationqueue7E1D389E608C28A9": Object { "DependsOn": Array [ "stageThreesplitArchiveRoleDefaultPolicyCA0A260E", "stageThreesplitArchiveRole7D1991B8", ], "Properties": Object { "BatchSize": 1, "EventSourceArn": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, "FunctionName": Object { "Ref": "stageThreeSplitArchiveCEC9C9A3", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "stageThreearchivenotificationqueue402FED49": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W48", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "QueueName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-archive-notification-queue", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "VisibilityTimeout": 905, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "stageThreearchivenotificationqueuePolicy277C3061": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "sqs:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, "Sid": "denyInsecureTransport", }, Object { "Action": "sqs:SendMessage", "Condition": Object { "ArnEquals": Object { "aws:SourceArn": Object { "Ref": "archiveNotifications", }, }, }, "Effect": "Allow", "Principal": Object { "Service": "sns.amazonaws.com", }, "Resource": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "stageThreearchivenotificationqueue402FED49", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "stageThreearchivenotificationqueueteststackArchiveNotifications7FFBFE83D383EC25": Object { "Properties": Object { "Endpoint": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, "Protocol": "sqs", "TopicArn": Object { "Ref": "archiveNotifications", }, }, "Type": "AWS::SNS::Subscription", }, "stageThreechunkcopyqueue6E6E5A95": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W48", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "QueueName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-chunk-copy-queue", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "VisibilityTimeout": 905, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "stageThreechunkcopyqueuePolicy1B170AFE": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "sqs:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "stageThreechunkcopyqueue6E6E5A95", "Arn", ], }, "Sid": "denyInsecureTransport", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "stageThreechunkcopyqueue6E6E5A95", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "stageThreesplitArchiveRole7D1991B8": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageThreesplitArchiveRoleDefaultPolicyCA0A260E": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W76", "reason": "Policy is auto-generated by CDK", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-splitArchive:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, Object { "Action": Array [ "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreearchivenotificationqueue402FED49", "Arn", ], }, "Sid": "allowSqsSubscribeAccess", }, Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/index/*", ], ], }, ], }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreechunkcopyqueue6E6E5A95", "Arn", ], }, }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "stageThreesplitArchiveRoleDefaultPolicyCA0A260E", "Roles": Array [ Object { "Ref": "stageThreesplitArchiveRole7D1991B8", }, ], }, "Type": "AWS::IAM::Policy", }, "stageThreetreehashcalcqueue77403987": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W48", "reason": "Non sensitive metadata - encryption is not required and cost inefficient", }, ], }, }, "Properties": Object { "MessageRetentionPeriod": 1209600, "QueueName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-treehash-calc-queue", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "VisibilityTimeout": 905, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "stageThreetreehashcalcqueuePolicyAC24B291": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "sqs:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": false, }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "stageThreetreehashcalcqueue77403987", "Arn", ], }, "Sid": "denyInsecureTransport", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "stageThreetreehashcalcqueue77403987", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "stageTwoDeployGlueJobScriptD9AB96C6": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageTwodeployGlueJobScriptRoleDefaultPolicyA573D7F7", "stageTwodeployGlueJobScriptRole655D516F", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "60f15cad2a8c2d929bb6d5c72db737858d91eb94ea9ca0847149ab282e655675.zip", }, "Environment": Object { "Variables": Object { "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-deployGlueJobScript", ], ], }, "Handler": "index.handler", "MemorySize": 128, "Role": Object { "Fn::GetAtt": Array [ "stageTwodeployGlueJobScriptRole655D516F", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, "stageTwoGlueJobRoleDEC61075": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W28", "reason": "Transient, one off solution - updates must be through deletion/redeployment of the stack only", }, ], }, }, "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "glue.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "RoleName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-glue-job-role", ], ], }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageTwoGlueJobRoleDefaultPolicy6890375C": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "athena:StartQueryExecution", "athena:GetQueryResults", "athena:GetWorkGroup", "athena:CancelQueryExecution", "athena:StopQueryExecution", "athena:GetQueryExecution", "glue:GetTable", "glue:UpdateTable", "glue:GetPartitions", "glue:BatchCreatePartition", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":catalog", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":database/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":athena:*:", Object { "Ref": "AWS::AccountId", }, ":workgroup/", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogInventoryTable05E5F37F", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogFilelistTable2224351B", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, ], ], }, ], "Sid": "allowStagingAccess", }, Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws-glue/jobs/*:**", ], ], }, "Sid": "allowLogging", }, ], "Version": "2012-10-17", }, "PolicyName": "stageTwoGlueJobRoleDefaultPolicy6890375C", "Roles": Array [ Object { "Ref": "stageTwoGlueJobRoleDEC61075", }, ], }, "Type": "AWS::IAM::Policy", }, "stageTwoGlueRepartitionJob3EB94529": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "Command": Object { "Name": "glueetl", "ScriptLocation": Object { "Fn::Join": Array [ "", Array [ "s3://", Object { "Ref": "stagingBucket", }, "/glue/partition-inventory.py", ], ], }, }, "DefaultArguments": Object { "--DATABASE": Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "--DQL": 65970697666560, "--FILENAME_TABLE": Object { "Ref": "glueDataCatalogFilelistTable2224351B", }, "--INVENTORY_TABLE": Object { "Ref": "glueDataCatalogInventoryTable05E5F37F", }, "--OUTPUT_TABLE": Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, "--STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "--enable-continuous-cloudwatch-log": "true", "--enable-continuous-log-filter": "false", "--job-bookmark-option": "job-bookmark-disable", }, "Description": "To repartition the inventory table", "ExecutionProperty": Object { "MaxConcurrentRuns": 1, }, "GlueVersion": "3.0", "MaxCapacity": 10, "MaxRetries": 0, "Name": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-glacier-refreezer", ], ], }, "Role": Object { "Fn::GetAtt": Array [ "stageTwoGlueJobRoleDEC61075", "Arn", ], }, "Tags": Object { "solution": "amazon-s3-glacier-refreezer", }, }, "Type": "AWS::Glue::Job", }, "stageTwoOrchestrator": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageTwoStepfunctionsOrchestratorRoleDefaultPolicy6576A802", "stageTwoStepfunctionsOrchestratorRole1165D332", ], "Properties": Object { "DefinitionString": Object { "Fn::Join": Array [ "", Array [ "{\\"StartAt\\":\\"Parallel Queries\\",\\"States\\":{\\"Parallel Queries\\":{\\"Type\\":\\"Parallel\\",\\"Next\\":\\"Check Inventory State\\",\\"Branches\\":[{\\"StartAt\\":\\"Start Inventory Query\\",\\"States\\":{\\"Start Inventory Query\\":{\\"Next\\":\\"Get Inventory Results\\",\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.QueryExecution\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:startQueryExecution.sync\\",\\"Parameters\\":{\\"QueryString\\":\\"SELECT COUNT(1) AS archiveCount, COALESCE(SUM(size),0) AS vaultSize FROM \\\\\\"", Object { "Ref": "glueDataCatalogInventoryTable05E5F37F", }, "\\\\\\";\\",\\"QueryExecutionContext\\":{\\"Database\\":\\"", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "\\"},\\"ResultConfiguration\\":{},\\"WorkGroup\\":\\"", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol\\"}},\\"Get Inventory Results\\":{\\"End\\":true,\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.ResultSet.Rows[1]\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:getQueryResults\\",\\"Parameters\\":{\\"QueryExecutionId.$\\":\\"$.QueryExecutionId\\"}}}},{\\"StartAt\\":\\"Start Partitioned Query\\",\\"States\\":{\\"Start Partitioned Query\\":{\\"Next\\":\\"Get Partitioned Results\\",\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.QueryExecution\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:startQueryExecution.sync\\",\\"Parameters\\":{\\"QueryString\\":\\"SELECT COUNT(1) AS archiveCount FROM \\\\\\"", Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, "\\\\\\";\\",\\"QueryExecutionContext\\":{\\"Database\\":\\"", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "\\"},\\"ResultConfiguration\\":{},\\"WorkGroup\\":\\"", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol\\"}},\\"Get Partitioned Results\\":{\\"End\\":true,\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.ResultSet.Rows[1]\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:getQueryResults\\",\\"Parameters\\":{\\"QueryExecutionId.$\\":\\"$.QueryExecutionId\\"}}}}],\\"ResultSelector\\":{\\"inventoryTable\\":{\\"archiveCount.$\\":\\"$[0].Data[0].VarCharValue\\",\\"vaultSize.$\\":\\"$[0].Data[1].VarCharValue\\"},\\"partitionedTable\\":{\\"archiveCount.$\\":\\"$[1].Data[0].VarCharValue\\"}}},\\"Check Inventory State\\":{\\"Type\\":\\"Choice\\",\\"Choices\\":[{\\"Variable\\":\\"$.inventoryTable.archiveCount\\",\\"StringEquals\\":\\"0\\",\\"Next\\":\\"FAIL: Inventory Empty\\"},{\\"And\\":[{\\"Not\\":{\\"Variable\\":\\"$.partitionedTable.archiveCount\\",\\"StringEquals\\":\\"0\\"}},{\\"Not\\":{\\"Variable\\":\\"$.inventoryTable.archiveCount\\",\\"StringEqualsPath\\":\\"$.partitionedTable.archiveCount\\"}}],\\"Next\\":\\"FAIL: Inventory-Partitioned Mismatch\\"}],\\"Default\\":\\"Partitioning Required ?\\"},\\"Partitioning Required ?\\":{\\"Type\\":\\"Choice\\",\\"Choices\\":[{\\"Variable\\":\\"$.inventoryTable.archiveCount\\",\\"StringEqualsPath\\":\\"$.partitionedTable.archiveCount\\",\\"Next\\":\\"Start Max Partition Query\\"}],\\"Default\\":\\"Parallel Partitioning and Stats update\\"},\\"Parallel Partitioning and Stats update\\":{\\"Type\\":\\"Parallel\\",\\"Next\\":\\"Start Max Partition Query\\",\\"Branches\\":[{\\"StartAt\\":\\"Run Glue Partitioning\\",\\"States\\":{\\"Run Glue Partitioning\\":{\\"End\\":true,\\"Type\\":\\"Task\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::glue:startJobRun.sync\\",\\"Parameters\\":{\\"JobName\\":\\"", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer\\",\\"Arguments\\":{\\"--ARCHIVE_COUNT.$\\":\\"$.inventoryTable.archiveCount\\",\\"--VAULT_SIZE.$\\":\\"$.inventoryTable.vaultSize\\"}}}}},{\\"StartAt\\":\\"Update Count Metric\\",\\"States\\":{\\"Update Count Metric\\":{\\"Next\\":\\"Update Size Metric\\",\\"Type\\":\\"Task\\",\\"ResultPath\\":\\"$.putItemResult\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::dynamodb:putItem\\",\\"Parameters\\":{\\"Item\\":{\\"pk\\":{\\"S\\":\\"count\\"},\\"total\\":{\\"N.$\\":\\"$.inventoryTable.archiveCount\\"}},\\"TableName\\":\\"", Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "\\"}},\\"Update Size Metric\\":{\\"Next\\":\\"Send Anonymous Statistics\\",\\"Type\\":\\"Task\\",\\"ResultPath\\":\\"$.putItemResult\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::dynamodb:putItem\\",\\"Parameters\\":{\\"Item\\":{\\"pk\\":{\\"S\\":\\"volume\\"},\\"total\\":{\\"N.$\\":\\"$.inventoryTable.vaultSize\\"}},\\"TableName\\":\\"", Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "\\"}},\\"Send Anonymous Statistics\\":{\\"End\\":true,\\"Retry\\":[{\\"ErrorEquals\\":[\\"Lambda.ServiceException\\",\\"Lambda.AWSLambdaException\\",\\"Lambda.SdkClientException\\"],\\"IntervalSeconds\\":2,\\"MaxAttempts\\":6,\\"BackoffRate\\":2},{\\"ErrorEquals\\":[\\"States.ALL\\"],\\"IntervalSeconds\\":2,\\"MaxAttempts\\":6,\\"BackoffRate\\":2}],\\"Catch\\":[{\\"ErrorEquals\\":[\\"States.ALL\\"],\\"Next\\":\\"Ignore SendStats Errors\\"}],\\"Type\\":\\"Task\\",\\"InputPath\\":\\"$.inventoryTable\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::lambda:invoke\\",\\"Parameters\\":{\\"FunctionName\\":\\"", Object { "Fn::GetAtt": Array [ "statisticsSendAnonymousStatsD2E34707", "Arn", ], }, "\\",\\"Payload.$\\":\\"$\\"}},\\"Ignore SendStats Errors\\":{\\"Type\\":\\"Pass\\",\\"End\\":true}}}]},\\"Start Max Partition Query\\":{\\"Next\\":\\"Get Max Partition Result\\",\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.QueryExecution\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:startQueryExecution.sync\\",\\"Parameters\\":{\\"QueryString\\":\\"SELECT '{ \\\\\\"nextPartition\\\\\\": 0, \\\\\\"maxPartition\\\\\\" :' || CAST(MAX(part) AS VARCHAR) || '}'FROM \\\\\\"", Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, "\\\\\\";\\",\\"QueryExecutionContext\\":{\\"Database\\":\\"", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "\\"},\\"ResultConfiguration\\":{},\\"WorkGroup\\":\\"", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol\\"}},\\"Get Max Partition Result\\":{\\"Next\\":\\"Request Archives Retrieval\\",\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.result\\",\\"ResultSelector\\":{\\"result.$\\":\\"States.StringToJson($.ResultSet.Rows[1].Data[0].VarCharValue)\\"},\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::athena:getQueryResults\\",\\"Parameters\\":{\\"QueryExecutionId.$\\":\\"$.QueryExecutionId\\"}},\\"Request Archives Retrieval\\":{\\"Next\\":\\"Is Complete?\\",\\"Retry\\":[{\\"ErrorEquals\\":[\\"Lambda.ServiceException\\",\\"Lambda.AWSLambdaException\\",\\"Lambda.SdkClientException\\"],\\"IntervalSeconds\\":2,\\"MaxAttempts\\":6,\\"BackoffRate\\":2},{\\"ErrorEquals\\":[\\"States.ALL\\"],\\"IntervalSeconds\\":15,\\"MaxAttempts\\":10000,\\"BackoffRate\\":1}],\\"Type\\":\\"Task\\",\\"OutputPath\\":\\"$.Payload\\",\\"Resource\\":\\"arn:", Object { "Ref": "AWS::Partition", }, ":states:::lambda:invoke\\",\\"Parameters\\":{\\"FunctionName\\":\\"", Object { "Fn::GetAtt": Array [ "stageTwoRequestArchives06ED0831", "Arn", ], }, "\\",\\"Payload.$\\":\\"$\\"}},\\"Wait X Seconds\\":{\\"Type\\":\\"Wait\\",\\"SecondsPath\\":\\"$.timeout\\",\\"Next\\":\\"Request Archives Retrieval\\"},\\"Is Complete?\\":{\\"Type\\":\\"Choice\\",\\"Choices\\":[{\\"Variable\\":\\"$.nextPartition\\",\\"NumericGreaterThanPath\\":\\"$.maxPartition\\",\\"Next\\":\\"Success\\"}],\\"Default\\":\\"Wait X Seconds\\"},\\"Success\\":{\\"Type\\":\\"Succeed\\"},\\"FAIL: Inventory Empty\\":{\\"Type\\":\\"Fail\\",\\"Error\\":\\"Vault Inventory Table is empty. Has it been downloaded?\\"},\\"FAIL: Inventory-Partitioned Mismatch\\":{\\"Type\\":\\"Fail\\",\\"Error\\":\\"Inventory and Partitioned table counts are greater than 0 and do not match. Cannot proceed.\\"}}}", ], ], }, "LoggingConfiguration": Object { "Destinations": Array [ Object { "CloudWatchLogsLogGroup": Object { "LogGroupArn": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/vendedlogs/states/", Object { "Ref": "AWS::StackName", }, "-stageTwoOrchestrator:*", ], ], }, }, }, ], "Level": "ALL", }, "RoleArn": Object { "Fn::GetAtt": Array [ "stageTwoStepfunctionsOrchestratorRole1165D332", "Arn", ], }, "StateMachineName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-stageTwoOrchestrator", ], ], }, "StateMachineType": "STANDARD", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::StepFunctions::StateMachine", }, "stageTwoRequestArchiveRole00DF0F46": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageTwoRequestArchiveRoleDefaultPolicy2CD86D07": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W76", "reason": "Policy is auto-generated by CDK", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogStatusTableE9ACB88F", "Arn", ], }, "/index/*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, Object { "Action": Array [ "athena:StartQueryExecution", "athena:GetQueryResults", "athena:GetWorkGroup", "athena:CancelQueryExecution", "athena:StopQueryExecution", "athena:GetQueryExecution", "glue:GetTable", "glue:UpdateTable", "glue:GetPartitions", "glue:BatchCreatePartition", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":catalog", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":database/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":athena:*:", Object { "Ref": "AWS::AccountId", }, ":workgroup/", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, ], ], }, ], "Sid": "allowStagingAccess", }, Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-requestArchives:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "glacier:GetJobOutput", "glacier:InitiateJob", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glacier:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":vaults/", Object { "Ref": "SourceVault", }, ], ], }, "Sid": "allowGlacierAccess", }, ], "Version": "2012-10-17", }, "PolicyName": "stageTwoRequestArchiveRoleDefaultPolicy2CD86D07", "Roles": Array [ Object { "Ref": "stageTwoRequestArchiveRole00DF0F46", }, ], }, "Type": "AWS::IAM::Policy", }, "stageTwoRequestArchives06ED0831": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", "stageTwoRequestArchiveRoleDefaultPolicy2CD86D07", "stageTwoRequestArchiveRole00DF0F46", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "7edc76a122ed562ae80afb65f8e73a7663c59c474628934da1f9c22d0b6e8eed.zip", }, "Environment": Object { "Variables": Object { "ATHENA_WORKGROUP": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol", ], ], }, "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", "DATABASE": Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "DQL": "65970697666560", "METRICS_TABLE": Object { "Ref": "dynamoDataCatalogMetricsTable174C007B", }, "PARTITIONED_INVENTORY_TABLE": Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, "SNS_TOPIC": Object { "Ref": "archiveNotifications", }, "STAGING_BUCKET": Object { "Ref": "stagingBucket", }, "STATUS_TABLE": Object { "Ref": "dynamoDataCatalogStatusTableE9ACB88F", }, "TIER": Object { "Ref": "GlacierRetrievalTier", }, "VAULT": Object { "Ref": "SourceVault", }, }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-requestArchives", ], ], }, "Handler": "index.handler", "MemorySize": 1024, "Role": Object { "Fn::GetAtt": Array [ "stageTwoRequestArchiveRole00DF0F46", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "stageTwoStepfunctionsOrchestratorRole1165D332": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": Object { "Fn::FindInMap": Array [ "ServiceprincipalMap", Object { "Ref": "AWS::Region", }, "states", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageTwoStepfunctionsOrchestratorRoleDefaultPolicy6576A802": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W12", "reason": "[*] Access granted as per documentation: https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html", }, Object { "id": "W76", "reason": "SPCM complexity greater then 25 is appropriate for the logic implemented", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, Object { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stageTwoRequestArchives06ED0831", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stageTwoRequestArchives06ED0831", "Arn", ], }, ":*", ], ], }, ], }, Object { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "statisticsSendAnonymousStatsD2E34707", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "statisticsSendAnonymousStatsD2E34707", "Arn", ], }, ":*", ], ], }, ], }, Object { "Action": Array [ "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "dynamoDataCatalogMetricsTable174C007B", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, Object { "Action": Array [ "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/vendedlogs/states/", Object { "Ref": "AWS::StackName", }, "-stageTwoOrchestrator:*", ], ], }, }, Object { "Action": Array [ "athena:StartQueryExecution", "athena:GetQueryResults", "athena:GetWorkGroup", "athena:CancelQueryExecution", "athena:StopQueryExecution", "athena:GetQueryExecution", "glue:GetTable", "glue:UpdateTable", "glue:GetPartitions", "glue:BatchCreatePartition", ], "Condition": Object { "Bool": Object { "aws:SecureTransport": true, }, }, "Effect": "Allow", "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":catalog", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":database/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":athena:*:", Object { "Ref": "AWS::AccountId", }, ":workgroup/", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer-sol", ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogInventoryTable05E5F37F", }, ], ], }, Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":table/", Object { "Ref": "glueDataCatalogInventoryDatabase96DE1AD3", }, "/", Object { "Ref": "glueDataCatalogPartitionedinventoryTable94032B41", }, ], ], }, ], "Sid": "allowStagingAccess", }, Object { "Action": Array [ "glue:StartJobRun", "glue:GetJobRun", "glue:GetJobRuns", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":glue:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":job/", Object { "Ref": "AWS::StackName", }, "-glacier-refreezer", ], ], }, "Sid": "allowGlueJobRun", }, Object { "Action": Array [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:PutResourcePolicy", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", ], "Effect": "Allow", "Resource": "*", "Sid": "allowLogDelivery", }, ], "Version": "2012-10-17", }, "PolicyName": "stageTwoStepfunctionsOrchestratorRoleDefaultPolicy6576A802", "Roles": Array [ Object { "Ref": "stageTwoStepfunctionsOrchestratorRole1165D332", }, ], }, "Type": "AWS::IAM::Policy", }, "stageTwodeployGlueJobScriptRole655D516F": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "stageTwodeployGlueJobScriptRoleDefaultPolicyA573D7F7": Object { "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-deployGlueJobScript:**", ], ], }, "Sid": "allowCloudWatchLogs", }, Object { "Action": Array [ "s3:DeleteObject*", "s3:PutObject", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionTagging", "s3:Abort*", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "stageTwodeployGlueJobScriptRoleDefaultPolicyA573D7F7", "Roles": Array [ Object { "Ref": "stageTwodeployGlueJobScriptRole655D516F", }, ], }, "Type": "AWS::IAM::Policy", }, "stageTwodeployGlueJobScriptTriggerBF203D6E": Object { "DeletionPolicy": "Delete", "DependsOn": Array [ "monitoringCalculateMetricsDynamoDBEventSourceteststackdynamoDataCatalogStatusTable4AFD52BCA4A6AAB1", "monitoringCalculateMetrics1B70CF5B", "monitoringcalculateMetricsLogGroup9961A214", "monitoringCalculateMetricsRoleDefaultPolicy22C0E657", "monitoringCalculateMetricsRoleA76278A7", "monitoringCalculateMetricsRolePolicy0C1EF64D", "monitoringcalculateTreehashLogGroup6FC738B3", "monitoringcopyChunkLogGroup5D04918E", "monitoringcopyToDestinationBucketLogGroup4BB91669", "monitoringdeployGlueJobScriptLogGroupAA50E4DE", "monitoringdownloadInventoryLogGroup2471C2FF", "monitoringdownloadInventoryPartLogGroupD9E69690", "monitoringgenerateUuidLogGroup18A074CF", "monitoringglacierrefreezerdashboardE7F6D8AE", "monitoringPostMetrics98F9F947", "monitoringPostMetricScheduleAllowEventRuleteststackmonitoringPostMetrics8C0DEF1A842DEFFF", "monitoringPostMetricSchedule8675C968", "monitoringpostMetricsLogGroup670566A8", "monitoringPostMetricsRole87B61E7B", "monitoringPostMetricsRolePolicy596F9F4D", "monitoringrequestArchivesLogGroup70D7C9C5", "monitoringrequestInventoryLogGroupB7C9607D", "monitoringsendAnonymousStatsLogGroup0C9968BB", "monitoringsplitArchiveLogGroup026DE41D", "monitoringstageTwoOrchestratorLogGroup62996996", "monitoringtoLowercaseLogGroupC05CBA29", ], "Properties": Object { "ServiceToken": Object { "Fn::GetAtt": Array [ "stageTwoDeployGlueJobScriptD9AB96C6", "Arn", ], }, }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "stagingBucket": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W51", "reason": "This bucket does not need a bucket policy", }, Object { "id": "W35", "reason": "Temporary storage - access logs are not required. EngSec exemption received.", }, ], }, }, "Properties": Object { "BucketEncryption": Object { "ServerSideEncryptionConfiguration": Array [ Object { "ServerSideEncryptionByDefault": Object { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": Object { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, "stagingBucketStagingBucketPolicyCD743064": Object { "Properties": Object { "Bucket": Object { "Ref": "stagingBucket", }, "PolicyDocument": Object { "Statement": Array [ Object { "Action": "s3:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "stagingBucket", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "statisticsGenerateUuidF0CAA49C": Object { "DependsOn": Array [ "statisticsgenerateUuidRoleDefaultPolicy8C36F40F", "statisticsgenerateUuidRole29E0057A", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "3aacc16a5948169d39e6b5207111eef4aa31b364b79ea0f26be5c64c4a22f768.zip", }, "Description": "This function generates UUID for each deployment", "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-generateUuid", ], ], }, "Handler": "index.handler", "MemorySize": 256, "Role": Object { "Fn::GetAtt": Array [ "statisticsgenerateUuidRole29E0057A", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 20, }, "Type": "AWS::Lambda::Function", }, "statisticsGenerateUuidTriggerAFF2A046": Object { "DeletionPolicy": "Delete", "Properties": Object { "ServiceToken": Object { "Fn::GetAtt": Array [ "statisticsGenerateUuidF0CAA49C", "Arn", ], }, }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "statisticsSendAnonymousStatsD2E34707": Object { "DependsOn": Array [ "statisticssendAnonymousStatsRoleDefaultPolicyACC07FFB", "statisticssendAnonymousStatsRoleDBBBB770", ], "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "cfn nag is unable to reason about CDK generated cloudwatch log permissions", }, Object { "id": "W89", "reason": "This is a fully serverless solution - no VPC is required", }, Object { "id": "W92", "reason": "Reserved Concurrency is set on high priority functions only by design", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": Object { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "1d2a10d3157996fe23865b9fb3cfa68550328cc53a8d85288ed33e5df8c0663c.zip", }, "Description": "This function sends anonymous statistics to the AWS Solutions Builders team", "Environment": Object { "Variables": Object { "REGION": Object { "Ref": "AWS::Region", }, "RETRIEVAL_TIER": Object { "Ref": "GlacierRetrievalTier", }, "SEND_ANONYMOUS_STATISTICS": Object { "Fn::FindInMap": Array [ "AnonymousStatisticsMap", "SendAnonymousStatistics", "Data", ], }, "SOLUTION_ID": "SO0140", "STORAGE_CLASS": Object { "Ref": "DestinationStorageClass", }, "UUID": Object { "Fn::GetAtt": Array [ "statisticsGenerateUuidTriggerAFF2A046", "UUID", ], }, "VERSION": "%%VERSION%%", }, }, "FunctionName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-sendAnonymousStats", ], ], }, "Handler": "index.handler", "MemorySize": 128, "Role": Object { "Fn::GetAtt": Array [ "statisticssendAnonymousStatsRoleDBBBB770", "Arn", ], }, "Runtime": "nodejs16.x", "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], "Timeout": 300, }, "Type": "AWS::Lambda::Function", }, "statisticsgenerateUuidRole29E0057A": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "statisticsgenerateUuidRoleDefaultPolicy8C36F40F": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-generateUuid:**", ], ], }, "Sid": "allowCloudWatchLogs", }, ], "Version": "2012-10-17", }, "PolicyName": "statisticsgenerateUuidRoleDefaultPolicy8C36F40F", "Roles": Array [ Object { "Ref": "statisticsgenerateUuidRole29E0057A", }, ], }, "Type": "AWS::IAM::Policy", }, "statisticssendAnonymousStatsRoleDBBBB770": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Tags": Array [ Object { "Key": "solution", "Value": "amazon-s3-glacier-refreezer", }, ], }, "Type": "AWS::IAM::Role", }, "statisticssendAnonymousStatsRoleDefaultPolicyACC07FFB": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/", Object { "Ref": "AWS::StackName", }, "-sendAnonymousStats:**", ], ], }, "Sid": "allowCloudWatchLogs", }, ], "Version": "2012-10-17", }, "PolicyName": "statisticssendAnonymousStatsRoleDefaultPolicyACC07FFB", "Roles": Array [ Object { "Ref": "statisticssendAnonymousStatsRoleDBBBB770", }, ], }, "Type": "AWS::IAM::Policy", }, }, "Rules": Object { "CheckBootstrapVersion": Object { "Assertions": Array [ Object { "Assert": Object { "Fn::Not": Array [ Object { "Fn::Contains": Array [ Array [ "1", "2", "3", "4", "5", ], Object { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;