// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`test by passing state machine 1`] = ` { "Mappings": { "ServiceprincipalMap": { "af-south-1": { "states": "states.af-south-1.amazonaws.com", }, "ap-east-1": { "states": "states.ap-east-1.amazonaws.com", }, "ap-northeast-1": { "states": "states.ap-northeast-1.amazonaws.com", }, "ap-northeast-2": { "states": "states.ap-northeast-2.amazonaws.com", }, "ap-northeast-3": { "states": "states.ap-northeast-3.amazonaws.com", }, "ap-south-1": { "states": "states.ap-south-1.amazonaws.com", }, "ap-southeast-1": { "states": "states.ap-southeast-1.amazonaws.com", }, "ap-southeast-2": { "states": "states.ap-southeast-2.amazonaws.com", }, "ap-southeast-3": { "states": "states.ap-southeast-3.amazonaws.com", }, "ca-central-1": { "states": "states.ca-central-1.amazonaws.com", }, "cn-north-1": { "states": "states.cn-north-1.amazonaws.com", }, "cn-northwest-1": { "states": "states.cn-northwest-1.amazonaws.com", }, "eu-central-1": { "states": "states.eu-central-1.amazonaws.com", }, "eu-north-1": { "states": "states.eu-north-1.amazonaws.com", }, "eu-south-1": { "states": "states.eu-south-1.amazonaws.com", }, "eu-south-2": { "states": "states.eu-south-2.amazonaws.com", }, "eu-west-1": { "states": "states.eu-west-1.amazonaws.com", }, "eu-west-2": { "states": "states.eu-west-2.amazonaws.com", }, "eu-west-3": { "states": "states.eu-west-3.amazonaws.com", }, "me-south-1": { "states": "states.me-south-1.amazonaws.com", }, "sa-east-1": { "states": "states.sa-east-1.amazonaws.com", }, "us-east-1": { "states": "states.us-east-1.amazonaws.com", }, "us-east-2": { "states": "states.us-east-2.amazonaws.com", }, "us-gov-east-1": { "states": "states.us-gov-east-1.amazonaws.com", }, "us-gov-west-1": { "states": "states.us-gov-west-1.amazonaws.com", }, "us-iso-east-1": { "states": "states.amazonaws.com", }, "us-iso-west-1": { "states": "states.amazonaws.com", }, "us-isob-east-1": { "states": "states.amazonaws.com", }, "us-west-1": { "states": "states.us-west-1.amazonaws.com", }, "us-west-2": { "states": "states.us-west-2.amazonaws.com", }, }, }, "Parameters": { "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566ArtifactHash77EFF9E3": { "Description": "Artifact hash for asset "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3BucketCEE53B1D": { "Description": "S3 bucket for asset "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295": { "Description": "S3 key for asset version "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, }, "Resources": { "testFragmentTaskLambdaFunction8A1F50BD": { "DependsOn": [ "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904", "testFragmentTaskLambdaFunctionServiceRole9E2C5534", ], "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W58", "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.", }, { "id": "W89", "reason": "This is not a rule for the general case, just for specific use cases/industries", }, { "id": "W92", "reason": "Impossible for us to define the correct concurrency for clients", }, ], }, }, "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3BucketCEE53B1D", }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295", }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295", }, ], }, ], }, ], ], }, }, "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "testFragmentTaskLambdaFunctionServiceRole9E2C5534", "Arn", ], }, "Runtime": "nodejs14.x", "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "testFragmentTaskLambdaFunctionServiceRole9E2C5534": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "LambdaFunctionServiceRolePolicy", }, ], }, "Type": "AWS::IAM::Role", }, "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W12", "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, { "Action": [ "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:GetQueueUrl", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, }, { "Action": [ "states:SendTaskSuccess", "states:SendTaskFailure", "states:SendTaskHeartbeat", ], "Effect": "Allow", "Resource": { "Ref": "testStateMachineFA72FDE7", }, }, ], "Version": "2012-10-17", }, "PolicyName": "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904", "Roles": [ { "Ref": "testFragmentTaskLambdaFunctionServiceRole9E2C5534", }, ], }, "Type": "AWS::IAM::Policy", }, "testFragmentTaskLambdaFunctionSqsEventSourcetestStacktestFragmentTaskqueueC23BDA1DCDCA658C": { "Properties": { "EventSourceArn": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "FunctionName": { "Ref": "testFragmentTaskLambdaFunction8A1F50BD", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "testFragmentTaskdeadLetterQueueEA9F84F8": { "DeletionPolicy": "Delete", "Properties": { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "testFragmentTaskdeadLetterQueuePolicy1213FF74": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, { "Action": "SQS:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": [ { "Ref": "testFragmentTaskdeadLetterQueueEA9F84F8", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "testFragmentTaskqueue31475E94": { "DeletionPolicy": "Delete", "Properties": { "KmsMasterKeyId": "alias/aws/sqs", "RedrivePolicy": { "deadLetterTargetArn": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "maxReceiveCount": 15, }, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "testFragmentTaskqueuePolicy223A544A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, { "Action": "SQS:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": [ { "Ref": "testFragmentTaskqueue31475E94", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "testStateMachineFA72FDE7": { "DependsOn": [ "testStateMachineRole57248FD0", ], "Properties": { "DefinitionString": "{"StartAt":"Pass","States":{"Pass":{"Type":"Pass","End":true}}}", "RoleArn": { "Fn::GetAtt": [ "testStateMachineRole57248FD0", "Arn", ], }, }, "Type": "AWS::StepFunctions::StateMachine", }, "testStateMachineRole57248FD0": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": { "Fn::FindInMap": [ "ServiceprincipalMap", { "Ref": "AWS::Region", }, "states", ], }, }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, }, } `; exports[`test statemachine fragment creation 1`] = ` { "Parameters": { "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566ArtifactHash77EFF9E3": { "Description": "Artifact hash for asset "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3BucketCEE53B1D": { "Description": "S3 bucket for asset "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295": { "Description": "S3 key for asset version "7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566"", "Type": "String", }, }, "Resources": { "testFragmentLambdaStateMachineTask8BA38528": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W12", "reason": "State machine resource not available, hence defaulting to "*"", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "states:SendTaskSuccess", "states:sendTaskFailure", "states:SendTaskHeartbeat", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "testFragmentLambdaStateMachineTask8BA38528", "Roles": [ { "Ref": "testFragmentTaskLambdaFunctionServiceRole9E2C5534", }, ], }, "Type": "AWS::IAM::Policy", }, "testFragmentTaskLambdaFunction8A1F50BD": { "DependsOn": [ "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904", "testFragmentTaskLambdaFunctionServiceRole9E2C5534", ], "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W58", "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.", }, { "id": "W89", "reason": "This is not a rule for the general case, just for specific use cases/industries", }, { "id": "W92", "reason": "Impossible for us to define the correct concurrency for clients", }, ], }, }, "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3BucketCEE53B1D", }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295", }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParameters7f8a28135926e236abcf6230f1fe0a163a37a28e3dcd147d41bb1d4c9bb04566S3VersionKey4FECF295", }, ], }, ], }, ], ], }, }, "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "testFragmentTaskLambdaFunctionServiceRole9E2C5534", "Arn", ], }, "Runtime": "nodejs14.x", "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "testFragmentTaskLambdaFunctionServiceRole9E2C5534": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "LambdaFunctionServiceRolePolicy", }, ], }, "Type": "AWS::IAM::Role", }, "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W12", "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, { "Action": [ "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:GetQueueUrl", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "testFragmentTaskLambdaFunctionServiceRoleDefaultPolicy6E2DD904", "Roles": [ { "Ref": "testFragmentTaskLambdaFunctionServiceRole9E2C5534", }, ], }, "Type": "AWS::IAM::Policy", }, "testFragmentTaskLambdaFunctionSqsEventSourcetestStacktestFragmentTaskqueueC23BDA1DCDCA658C": { "Properties": { "EventSourceArn": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "FunctionName": { "Ref": "testFragmentTaskLambdaFunction8A1F50BD", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "testFragmentTaskdeadLetterQueueEA9F84F8": { "DeletionPolicy": "Delete", "Properties": { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "testFragmentTaskdeadLetterQueuePolicy1213FF74": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, { "Action": "SQS:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": [ { "Ref": "testFragmentTaskdeadLetterQueueEA9F84F8", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "testFragmentTaskqueue31475E94": { "DeletionPolicy": "Delete", "Properties": { "KmsMasterKeyId": "alias/aws/sqs", "RedrivePolicy": { "deadLetterTargetArn": { "Fn::GetAtt": [ "testFragmentTaskdeadLetterQueueEA9F84F8", "Arn", ], }, "maxReceiveCount": 15, }, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "testFragmentTaskqueuePolicy223A544A": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::", { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, { "Action": "SQS:*", "Condition": { "Bool": { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": { "AWS": "*", }, "Resource": { "Fn::GetAtt": [ "testFragmentTaskqueue31475E94", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": [ { "Ref": "testFragmentTaskqueue31475E94", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, }, } `;