// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Snapshot test for codepipeline alarm stack 1`] = ` { "Conditions": { "CodePipelineAlarmCreateLogGroupTrue2C38BECE": { "Fn::Equals": [ "YES", { "Ref": "CreateLogGroup", }, ], }, }, "Mappings": { "CodePipelineMetrics": { "CodePipelineMetrics": { "NameSpace": "CodePipeline/SO0143/Pipelines", }, }, }, "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "Events Rule Configuration", }, "Parameters": [ "CodePipelineName", "CreateLogGroup", "LogGroupName", ], }, { "Label": { "default": "Alarm Configuration", }, "Parameters": [ "RepoName", ], }, ], "ParameterLabels": { "CodePipelineName": { "default": "CodePipeline Name", }, "CreateLogGroup": { "default": "Create a new log Group?", }, "LogGroupName": { "default": "Log Group Name", }, "RepoName": { "default": "Repository Name", }, }, }, "cdk_nag": { "rules_to_suppress": [ { "id": "AwsSolutions-IAM5", "reason": "Resource * is required by the Lambda Execution role, so that the Lambda can add ResourcePolicies to all required resources.", }, { "id": "AwsSolutions-IAM4", "reason": "The managed policy is automatically generated by CDK to be used by lambda service role.", }, { "id": "AwsSolutions-L1", "reason": "The lambda function and its runtime are automatically generated by CDK.", }, ], }, }, "Outputs": { "AlarmName": { "Description": "Name of the CodePipeline alarm", "Value": { "Fn::Join": [ "", [ "SO0143-[", { "Ref": "CodePipelineName", }, "]-[", { "Ref": "RepoName", }, "]-MTTR", ], ], }, }, "LogGroupName": { "Description": "Name of the log group", "Value": { "Ref": "LogGroupName", }, }, "SolutionVersion": { "Description": "Version for DevOps Monitoring Dashboard on AWS solution", "Value": "v1.0.0", }, }, "Parameters": { "CodePipelineName": { "Description": "Name of the CodePipeline. Change the default value as needed.", "Type": "String", }, "CreateLogGroup": { "AllowedValues": [ "YES", "NO", ], "Default": "YES", "Description": "Create a new log group? Select YES to create a new log group if this is the first time you deploy the stack. For subsequent stack update, recommend to select NO to reuse the existing log group. Specify the Log group name below.", "Type": "String", }, "LogGroupName": { "Default": "my-codepipeline-log-group", "Description": "Name of the CodePipeline log group to which the pipeline events are sent. Change the default value as needed.", "Type": "String", }, "RepoName": { "Description": "Name of source repository for the code pipeline. It will be part of the alarm name. Change the default value as needed.", "Type": "String", }, }, "Resources": { "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { "DependsOn": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", ], "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W58", "reason": "Lambda has the required permission to write CloudWatch Logs through a custom policy.", }, { "id": "W89", "reason": "No need to deploy this Lambda to a VPC.", }, { "id": "W92", "reason": "No need for simultaneous executions.", }, ], }, }, "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "6bbce4c77566d179835e0a6de3293a27d9021f2f49d0055bb8e465eb6e1d89b1.zip", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn", ], }, "Runtime": "nodejs14.x", "Timeout": 120, }, "Type": "AWS::Lambda::Function", }, "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], }, "Type": "AWS::IAM::Role", }, "CodePipelineAlarmAppAlarmC62B9C08": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W28", "reason": "Static names chosen intentionally to provide fixed name structure required in the solution", }, ], }, }, "Properties": { "AlarmDescription": "Goes to alarm state when there is one failed code pipeline execution on the most recent check.", "AlarmName": { "Fn::Join": [ "", [ "SO0143-[", { "Ref": "CodePipelineName", }, "]-[", { "Ref": "RepoName", }, "]-MTTR", ], ], }, "ComparisonOperator": "GreaterThanOrEqualToThreshold", "DatapointsToAlarm": 1, "EvaluationPeriods": 1, "MetricName": { "Fn::Join": [ "", [ "FailedExecution-", { "Ref": "CodePipelineName", }, ], ], }, "Namespace": { "Fn::FindInMap": [ "CodePipelineMetrics", "CodePipelineMetrics", "NameSpace", ], }, "Period": 60, "Statistic": "Sum", "Threshold": 1, "TreatMissingData": "ignore", }, "Type": "AWS::CloudWatch::Alarm", }, "CodePipelineAlarmFailedPipelineExecutionMetricFilter36FFD4B2": { "DependsOn": [ "CodePipelineAlarmPipelineLogGroupB061BB52", ], "Properties": { "FilterPattern": "{($.detail.state = "FAILED")}", "LogGroupName": { "Ref": "LogGroupName", }, "MetricTransformations": [ { "DefaultValue": 0, "MetricName": { "Fn::Join": [ "", [ "FailedExecution-", { "Ref": "CodePipelineName", }, ], ], }, "MetricNamespace": { "Fn::FindInMap": [ "CodePipelineMetrics", "CodePipelineMetrics", "NameSpace", ], }, "MetricValue": "1", }, ], }, "Type": "AWS::Logs::MetricFilter", }, "CodePipelineAlarmPipelineEventsRule97CA1513": { "Properties": { "EventPattern": { "detail": { "state": [ "FAILED", "SUCCEEDED", ], }, "detail-type": [ "CodePipeline Pipeline Execution State Change", ], "source": [ "aws.codepipeline", ], }, "State": "ENABLED", "Targets": [ { "Arn": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "LogGroupName", }, ], ], }, "Id": "Target0", }, ], }, "Type": "AWS::Events::Rule", }, "CodePipelineAlarmPipelineLogGroupB061BB52": { "Condition": "CodePipelineAlarmCreateLogGroupTrue2C38BECE", "DeletionPolicy": "Delete", "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W84", "reason": "CloudWatch LogGroups are encrypted by default.", }, ], }, }, "Properties": { "LogGroupName": { "Ref": "LogGroupName", }, "RetentionInDays": 90, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Delete", }, "EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864CustomResourcePolicyD35BFE30": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W12", "reason": "Resource * is required by the Lambda Execution role, so that the Lambda can add ResourcePolicies to all required resources.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": "logs:PutResourcePolicy", "Effect": "Allow", "Resource": "*", }, { "Action": "logs:DeleteResourcePolicy", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864CustomResourcePolicyD35BFE30", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864F2A10BA1": { "DeletionPolicy": "Delete", "DependsOn": [ "EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864CustomResourcePolicyD35BFE30", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"CloudWatchLogs","action":"putResourcePolicy","parameters":{"policyName":"CodePipelineAlarmEventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864184E82F4","policyDocument":"{\\"Statement\\":[{\\"Action\\":[\\"logs:PutLogEvents\\",\\"logs:CreateLogStream\\"],\\"Effect\\":\\"Allow\\",\\"Principal\\":{\\"Service\\":\\"events.amazonaws.com\\"},\\"Resource\\":\\"arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "LogGroupName", }, ":*\\"}],\\"Version\\":\\"2012-10-17\\"}"},"physicalResourceId":{"id":"EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864"}}", ], ], }, "Delete": "{"service":"CloudWatchLogs","action":"deleteResourcePolicy","parameters":{"policyName":"CodePipelineAlarmEventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864184E82F4"},"ignoreErrorCodesMatching":"400"}", "InstallLatestAwsSdk": true, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"CloudWatchLogs","action":"putResourcePolicy","parameters":{"policyName":"CodePipelineAlarmEventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864184E82F4","policyDocument":"{\\"Statement\\":[{\\"Action\\":[\\"logs:PutLogEvents\\",\\"logs:CreateLogStream\\"],\\"Effect\\":\\"Allow\\",\\"Principal\\":{\\"Service\\":\\"events.amazonaws.com\\"},\\"Resource\\":\\"arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "LogGroupName", }, ":*\\"}],\\"Version\\":\\"2012-10-17\\"}"},"physicalResourceId":{"id":"EventsLogGroupPolicyCodePipelineAlarmPipelineEventsRule4FBE0864"}}", ], ], }, }, "Type": "Custom::CloudwatchLogResourcePolicy", "UpdateReplacePolicy": "Delete", }, }, } `;