{ "Description": "(SO0134D) - The AWS CloudFormation template for deployment of the aws-firewall-manager-automations-for-aws-organizations demo resources. Version v2.0.5", "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "testcloudfronts3S3LoggingBucket90D239DD": { "Type": "AWS::S3::Bucket", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256" } } ] }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true }, "VersioningConfiguration": { "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", "DeletionPolicy": "Retain", "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/S3LoggingBucket/Resource", "cfn_nag": { "rules_to_suppress": [ { "id": "W35", "reason": "This S3 bucket is used as the access logging bucket for another bucket" } ] } } }, "testcloudfronts3S3LoggingBucketPolicy529D4CFF": { "Type": "AWS::S3::BucketPolicy", "Properties": { "Bucket": { "Ref": "testcloudfronts3S3LoggingBucket90D239DD" }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Effect": "Deny", "Principal": { "AWS": "*" }, "Resource": [ { "Fn::GetAtt": [ "testcloudfronts3S3LoggingBucket90D239DD", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testcloudfronts3S3LoggingBucket90D239DD", "Arn" ] }, "/*" ] ] } ] }, { "Action": "s3:PutObject", "Condition": { "ArnLike": { "aws:SourceArn": { "Fn::GetAtt": [ "testcloudfronts3S3BucketE0C5F76E", "Arn" ] } }, "StringEquals": { "aws:SourceAccount": { "Ref": "AWS::AccountId" } } }, "Effect": "Allow", "Principal": { "Service": "logging.s3.amazonaws.com" }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testcloudfronts3S3LoggingBucket90D239DD", "Arn" ] }, "/*" ] ] } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/S3LoggingBucket/Policy/Resource" } }, "testcloudfronts3S3BucketE0C5F76E": { "Type": "AWS::S3::Bucket", "Properties": { "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256" } } ] }, "LifecycleConfiguration": { "Rules": [ { "NoncurrentVersionTransitions": [ { "StorageClass": "GLACIER", "TransitionInDays": 90 } ], "Status": "Enabled" } ] }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testcloudfronts3S3LoggingBucket90D239DD" } }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true }, "VersioningConfiguration": { "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", "DeletionPolicy": "Retain", "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/S3Bucket/Resource" } }, "testcloudfronts3S3BucketPolicy250F1F61": { "Type": "AWS::S3::BucketPolicy", "Properties": { "Bucket": { "Ref": "testcloudfronts3S3BucketE0C5F76E" }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Effect": "Deny", "Principal": { "AWS": "*" }, "Resource": [ { "Fn::GetAtt": [ "testcloudfronts3S3BucketE0C5F76E", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testcloudfronts3S3BucketE0C5F76E", "Arn" ] }, "/*" ] ] } ] }, { "Action": "s3:GetObject", "Effect": "Allow", "Principal": { "CanonicalUser": { "Fn::GetAtt": [ "testcloudfronts3CloudFrontDistributionOrigin1S3Origin4695F058", "S3CanonicalUserId" ] } }, "Resource": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testcloudfronts3S3BucketE0C5F76E", "Arn" ] }, "/*" ] ] } } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/S3Bucket/Policy/Resource", "cfn_nag": { "rules_to_suppress": [ { "id": "F16", "reason": "Public website bucket policy requires a wildcard principal" } ] } } }, "testcloudfronts3SetHttpSecurityHeaders6C5A1E69": { "Type": "AWS::CloudFront::Function", "Properties": { "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }", "FunctionConfig": { "Comment": "SetHttpSecurityHeadersc8fc3f3620f2d12733e9771bcc62deb56f30fc09cd", "Runtime": "cloudfront-js-1.0" }, "Name": "SetHttpSecurityHeadersc8fc3f3620f2d12733e9771bcc62deb56f30fc09cd", "AutoPublish": true }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/SetHttpSecurityHeaders/Resource" } }, "testcloudfronts3CloudfrontLoggingBucket985C0FE8": { "Type": "AWS::S3::Bucket", "Properties": { "AccessControl": "LogDeliveryWrite", "BucketEncryption": { "ServerSideEncryptionConfiguration": [ { "ServerSideEncryptionByDefault": { "SSEAlgorithm": "AES256" } } ] }, "OwnershipControls": { "Rules": [ { "ObjectOwnership": "ObjectWriter" } ] }, "PublicAccessBlockConfiguration": { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true }, "VersioningConfiguration": { "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", "DeletionPolicy": "Retain", "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/CloudfrontLoggingBucket/Resource", "cfn_nag": { "rules_to_suppress": [ { "id": "W35", "reason": "This S3 bucket is used as the access logging bucket for CloudFront Distribution" } ] } } }, "testcloudfronts3CloudfrontLoggingBucketPolicyDF55851B": { "Type": "AWS::S3::BucketPolicy", "Properties": { "Bucket": { "Ref": "testcloudfronts3CloudfrontLoggingBucket985C0FE8" }, "PolicyDocument": { "Statement": [ { "Action": "s3:*", "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Effect": "Deny", "Principal": { "AWS": "*" }, "Resource": [ { "Fn::GetAtt": [ "testcloudfronts3CloudfrontLoggingBucket985C0FE8", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testcloudfronts3CloudfrontLoggingBucket985C0FE8", "Arn" ] }, "/*" ] ] } ] } ], "Version": "2012-10-17" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/CloudfrontLoggingBucket/Policy/Resource" } }, "testcloudfronts3CloudFrontDistributionOrigin1S3Origin4695F058": { "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", "Properties": { "CloudFrontOriginAccessIdentityConfig": { "Comment": "Identity for DemoStacktestcloudfronts3CloudFrontDistributionOrigin186BFCCE1" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/CloudFrontDistribution/Origin1/S3Origin/Resource" } }, "testcloudfronts3CloudFrontDistribution0565DEE8": { "Type": "AWS::CloudFront::Distribution", "Properties": { "DistributionConfig": { "DefaultCacheBehavior": { "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", "Compress": true, "FunctionAssociations": [ { "EventType": "viewer-response", "FunctionARN": { "Fn::GetAtt": [ "testcloudfronts3SetHttpSecurityHeaders6C5A1E69", "FunctionARN" ] } } ], "TargetOriginId": "DemoStacktestcloudfronts3CloudFrontDistributionOrigin186BFCCE1", "ViewerProtocolPolicy": "redirect-to-https" }, "DefaultRootObject": "index.html", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, "Logging": { "Bucket": { "Fn::GetAtt": [ "testcloudfronts3CloudfrontLoggingBucket985C0FE8", "RegionalDomainName" ] } }, "Origins": [ { "DomainName": { "Fn::GetAtt": [ "testcloudfronts3S3BucketE0C5F76E", "RegionalDomainName" ] }, "Id": "DemoStacktestcloudfronts3CloudFrontDistributionOrigin186BFCCE1", "S3OriginConfig": { "OriginAccessIdentity": { "Fn::Join": [ "", [ "origin-access-identity/cloudfront/", { "Ref": "testcloudfronts3CloudFrontDistributionOrigin1S3Origin4695F058" } ] ] } } } ] } }, "Metadata": { "aws:cdk:path": "DemoStack/test-cloudfront-s3/CloudFrontDistribution/Resource", "cfn_nag": { "rules_to_suppress": [ { "id": "W70", "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion" } ] } } }, "testVPC102E57DE": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", "EnableDnsHostnames": true, "EnableDnsSupport": true, "InstanceTenancy": "default", "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC" } ] }, "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W60", "reason": "Demo template, need resources to trigger violation rules in the account" } ] } } }, "testVPCPublicSubnet1SubnetD8AD9C87": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "" } ] }, "CidrBlock": "10.0.0.0/18", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public" }, { "Key": "aws-cdk:subnet-type", "Value": "Public" }, { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet1" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/Subnet" } }, "testVPCPublicSubnet1RouteTable295B11B5": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet1" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/RouteTable" } }, "testVPCPublicSubnet1RouteTableAssociationA69C95A8": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { "Ref": "testVPCPublicSubnet1RouteTable295B11B5" }, "SubnetId": { "Ref": "testVPCPublicSubnet1SubnetD8AD9C87" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/RouteTableAssociation" } }, "testVPCPublicSubnet1DefaultRouteFAE04176": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "testVPCPublicSubnet1RouteTable295B11B5" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "testVPCIGW757B9544" } }, "DependsOn": [ "testVPCVPCGWC5F7FA73" ], "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/DefaultRoute" } }, "testVPCPublicSubnet1EIP3939D616": { "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet1" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/EIP" } }, "testVPCPublicSubnet1NATGateway0136082C": { "Type": "AWS::EC2::NatGateway", "Properties": { "SubnetId": { "Ref": "testVPCPublicSubnet1SubnetD8AD9C87" }, "AllocationId": { "Fn::GetAtt": [ "testVPCPublicSubnet1EIP3939D616", "AllocationId" ] }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet1" } ] }, "DependsOn": [ "testVPCPublicSubnet1DefaultRouteFAE04176", "testVPCPublicSubnet1RouteTableAssociationA69C95A8" ], "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet1/NATGateway" } }, "testVPCPublicSubnet2Subnet384459D2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "" } ] }, "CidrBlock": "10.0.64.0/18", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Public" }, { "Key": "aws-cdk:subnet-type", "Value": "Public" }, { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet2" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/Subnet" } }, "testVPCPublicSubnet2RouteTableE0FFB0D0": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet2" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/RouteTable" } }, "testVPCPublicSubnet2RouteTableAssociation356EF8C0": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { "Ref": "testVPCPublicSubnet2RouteTableE0FFB0D0" }, "SubnetId": { "Ref": "testVPCPublicSubnet2Subnet384459D2" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/RouteTableAssociation" } }, "testVPCPublicSubnet2DefaultRoute92199F72": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "testVPCPublicSubnet2RouteTableE0FFB0D0" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "testVPCIGW757B9544" } }, "DependsOn": [ "testVPCVPCGWC5F7FA73" ], "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/DefaultRoute" } }, "testVPCPublicSubnet2EIPD027E151": { "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc", "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet2" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/EIP" } }, "testVPCPublicSubnet2NATGatewayF26FCD14": { "Type": "AWS::EC2::NatGateway", "Properties": { "SubnetId": { "Ref": "testVPCPublicSubnet2Subnet384459D2" }, "AllocationId": { "Fn::GetAtt": [ "testVPCPublicSubnet2EIPD027E151", "AllocationId" ] }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PublicSubnet2" } ] }, "DependsOn": [ "testVPCPublicSubnet2DefaultRoute92199F72", "testVPCPublicSubnet2RouteTableAssociation356EF8C0" ], "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PublicSubnet2/NATGateway" } }, "testVPCPrivateSubnet1Subnet096C7B7F": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "AvailabilityZone": { "Fn::Select": [ 0, { "Fn::GetAZs": "" } ] }, "CidrBlock": "10.0.128.0/18", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private" }, { "Key": "aws-cdk:subnet-type", "Value": "Private" }, { "Key": "Name", "Value": "DemoStack/test-VPC/PrivateSubnet1" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet1/Subnet" } }, "testVPCPrivateSubnet1RouteTable56F6EAE0": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PrivateSubnet1" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet1/RouteTable" } }, "testVPCPrivateSubnet1RouteTableAssociation711EF96C": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { "Ref": "testVPCPrivateSubnet1RouteTable56F6EAE0" }, "SubnetId": { "Ref": "testVPCPrivateSubnet1Subnet096C7B7F" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet1/RouteTableAssociation" } }, "testVPCPrivateSubnet1DefaultRoute31FC9F7C": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "testVPCPrivateSubnet1RouteTable56F6EAE0" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "testVPCPublicSubnet1NATGateway0136082C" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet1/DefaultRoute" } }, "testVPCPrivateSubnet2SubnetE307A6A8": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "AvailabilityZone": { "Fn::Select": [ 1, { "Fn::GetAZs": "" } ] }, "CidrBlock": "10.0.192.0/18", "MapPublicIpOnLaunch": false, "Tags": [ { "Key": "aws-cdk:subnet-name", "Value": "Private" }, { "Key": "aws-cdk:subnet-type", "Value": "Private" }, { "Key": "Name", "Value": "DemoStack/test-VPC/PrivateSubnet2" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet2/Subnet" } }, "testVPCPrivateSubnet2RouteTable77E55988": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC/PrivateSubnet2" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet2/RouteTable" } }, "testVPCPrivateSubnet2RouteTableAssociationEB05AD1A": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { "Ref": "testVPCPrivateSubnet2RouteTable77E55988" }, "SubnetId": { "Ref": "testVPCPrivateSubnet2SubnetE307A6A8" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet2/RouteTableAssociation" } }, "testVPCPrivateSubnet2DefaultRoute33BB2C0B": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "testVPCPrivateSubnet2RouteTable77E55988" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "testVPCPublicSubnet2NATGatewayF26FCD14" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/PrivateSubnet2/DefaultRoute" } }, "testVPCIGW757B9544": { "Type": "AWS::EC2::InternetGateway", "Properties": { "Tags": [ { "Key": "Name", "Value": "DemoStack/test-VPC" } ] }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/IGW" } }, "testVPCVPCGWC5F7FA73": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "VpcId": { "Ref": "testVPC102E57DE" }, "InternetGatewayId": { "Ref": "testVPCIGW757B9544" } }, "Metadata": { "aws:cdk:path": "DemoStack/test-VPC/VPCGW" } }, "testvpcsg50B306C9": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "DemoStack/test-vpc-sg", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1" } ], "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "from 0.0.0.0/0:ALL PORTS", "FromPort": 0, "IpProtocol": "tcp", "ToPort": 65535 } ], "VpcId": { "Ref": "testVPC102E57DE" } }, "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W40", "reason": "Demo template, need resources to trigger violation rules in the account" }, { "id": "W5", "reason": "Demo template, need resources to trigger violation rules in the account" }, { "id": "W9", "reason": "Demo template, need resources to trigger violation rules in the account" }, { "id": "W2", "reason": "Demo template, need resources to trigger violation rules in the account" }, { "id": "W27", "reason": "Demo template, need resources to trigger violation rules in the account" } ] } } }, "CDKMetadata": { "Type": "AWS::CDK::Metadata", "Properties": { "Analytics": "v2:deflate64:H4sIAAAAAAAA/3VRy27CMBD8lt4d85Kq9laaFpRLGyWIa+VsTGsINrLXIBTl37t2gHDh4p0dr8bjnSlvXyZ8/CROLoF6lzSq4m2JAnaMqJ/WzXj77mEnkaUbfUF9yU2j4DzQfd8xaIyvN9Zo5O3Ca0BldJi64Q/l0KrKx+bbql+l5wDSuayWGhVGzTSoLILKo4l7mY5JmPJ2fYBws85TlvuK7JS+0r31ARXGo1yJqpEDP3Bz5wwocTUdLwL4zPJQvgQuBcqTOLPcqiPBQTjTKC3h60Dv5NLNkZb6tyf7rJTgLX1iaY0/RA/3RNexQjrjLcR373FqdK36785eKbS3kJozTVwB5UcHWg/oRjHOWw4JpTjsc2XKWce0qSXfutFx8synYxLbOqUS62m9e8mLvv4D9kFK4h4CAAA=" }, "Metadata": { "aws:cdk:path": "DemoStack/CDKMetadata/Default" }, "Condition": "CDKMetadataAvailable" } }, "Conditions": { "CDKMetadataAvailable": { "Fn::Or": [ { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "af-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-east-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-northeast-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-northeast-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-southeast-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-southeast-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ca-central-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "cn-north-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "cn-northwest-1" ] } ] }, { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-central-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-north-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-3" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "me-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "sa-east-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-east-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-east-2" ] } ] }, { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-west-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-west-2" ] } ] } ] } } }