// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Event Storage Construct with Lambda processor 1`] = ` { "Parameters": { "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39ArtifactHashCDB6C105": { "Description": "Artifact hash for asset "a85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39"", "Type": "String", }, "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39S3Bucket951936D7": { "Description": "S3 bucket for asset "a85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39"", "Type": "String", }, "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39S3VersionKeyB38802F7": { "Description": "S3 key for asset version "a85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39"", "Type": "String", }, }, "Resources": { "EventStorageTestFirehoseRole9A5FD08D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestFirehoseRoleDefaultPolicyE272AE26": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject*", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "Roles": [ { "Ref": "EventStorageTestFirehoseRole9A5FD08D", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseC7A32BA8": { "DependsOn": [ "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "EventStorageTestFirehoseRole9A5FD08D", ], "Properties": { "DeliveryStreamEncryptionConfigurationInput": { "KeyType": "AWS_OWNED_CMK", }, "DeliveryStreamType": "DirectPut", "ExtendedS3DestinationConfiguration": { "BucketARN": { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "BufferingHints": { "IntervalInSeconds": 600, "SizeInMBs": 128, }, "CloudWatchLoggingOptions": { "Enabled": true, "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, "LogStreamName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, }, "CompressionFormat": "GZIP", "EncryptionConfiguration": { "KMSEncryptionConfig": { "AWSKMSKeyARN": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":kms:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":alias/aws/s3", ], ], }, }, }, "Prefix": "testPrefix/", "ProcessingConfiguration": { "Enabled": true, "Processors": [ { "Parameters": [ { "ParameterName": "LambdaArn", "ParameterValue": { "Fn::GetAtt": [ "EventStorageTestLambdaFunction0DDD544F", "Arn", ], }, }, ], "Type": "Lambda", }, ], }, "RoleARN": { "Fn::GetAtt": [ "EventStorageTestFirehoseRole9A5FD08D", "Arn", ], }, }, }, "Type": "AWS::KinesisFirehose::DeliveryStream", }, "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:AbortMultipartUpload", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutObject", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "logs:PutLogEvents", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, ":log-stream:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2", "Roles": [ { "Ref": "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F": { "DeletionPolicy": "Retain", "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W86", "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely", }, { "id": "W84", "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)", }, ], }, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1": { "DeletionPolicy": "Retain", "Properties": { "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, }, "Type": "AWS::Logs::LogStream", "UpdateReplacePolicy": "Retain", }, "EventStorageTestLambdaFunction0DDD544F": { "DependsOn": [ "EventStorageTestLambdaFunctionServiceRoleDefaultPolicy51A8DD20", "EventStorageTestLambdaFunctionServiceRole28BD7F58", ], "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W58", "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.", }, { "id": "W89", "reason": "This is not a rule for the general case, just for specific use cases/industries", }, { "id": "W92", "reason": "Impossible for us to define the correct concurrency for clients", }, ], }, }, "Properties": { "Code": { "S3Bucket": { "Ref": "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39S3Bucket951936D7", }, "S3Key": { "Fn::Join": [ "", [ { "Fn::Select": [ 0, { "Fn::Split": [ "||", { "Ref": "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39S3VersionKeyB38802F7", }, ], }, ], }, { "Fn::Select": [ 1, { "Fn::Split": [ "||", { "Ref": "AssetParametersa85aafcfa56e73fa188b209a80eb4ed1b0ae557c5448ca71bae2993b0a8a3c39S3VersionKeyB38802F7", }, ], }, ], }, ], ], }, }, "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", }, }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "EventStorageTestLambdaFunctionServiceRole28BD7F58", "Arn", ], }, "Runtime": "nodejs14.x", "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "EventStorageTestLambdaFunctionServiceRole28BD7F58": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "LambdaFunctionServiceRolePolicy", }, ], }, "Type": "AWS::IAM::Role", }, "EventStorageTestLambdaFunctionServiceRoleDefaultPolicy51A8DD20": { "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W12", "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.", }, ], }, }, "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestLambdaFunctionServiceRoleDefaultPolicy51A8DD20", "Roles": [ { "Ref": "EventStorageTestLambdaFunctionServiceRole28BD7F58", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestLambdaProcessor4069EDCC": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "lambda:InvokeFunction", "lambda:GetFunctionConfiguration", ], "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "EventStorageTestLambdaFunction0DDD544F", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestLambdaProcessor4069EDCC", "Roles": [ { "Ref": "EventStorageTestFirehoseRole9A5FD08D", }, ], }, "Type": "AWS::IAM::Policy", }, "testBucketDF4D7D1A": { "DeletionPolicy": "Retain", "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, }, } `; exports[`Event Storage Construct with props 1`] = ` { "Resources": { "EventStorageTestFirehoseRole9A5FD08D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestFirehoseRoleDefaultPolicyE272AE26": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject*", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "Roles": [ { "Ref": "EventStorageTestFirehoseRole9A5FD08D", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseC7A32BA8": { "DependsOn": [ "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "EventStorageTestFirehoseRole9A5FD08D", ], "Properties": { "DeliveryStreamEncryptionConfigurationInput": { "KeyType": "AWS_OWNED_CMK", }, "DeliveryStreamType": "DirectPut", "ExtendedS3DestinationConfiguration": { "BucketARN": { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "BufferingHints": { "IntervalInSeconds": 600, "SizeInMBs": 128, }, "CloudWatchLoggingOptions": { "Enabled": true, "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, "LogStreamName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, }, "CompressionFormat": "UNCOMPRESSED", "EncryptionConfiguration": { "KMSEncryptionConfig": { "AWSKMSKeyARN": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":kms:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":alias/aws/s3", ], ], }, }, }, "Prefix": "test-prefix/", "RoleARN": { "Fn::GetAtt": [ "EventStorageTestFirehoseRole9A5FD08D", "Arn", ], }, }, }, "Type": "AWS::KinesisFirehose::DeliveryStream", }, "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:AbortMultipartUpload", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutObject", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "logs:PutLogEvents", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, ":log-stream:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2", "Roles": [ { "Ref": "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F": { "DeletionPolicy": "Retain", "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W86", "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely", }, { "id": "W84", "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)", }, ], }, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1": { "DeletionPolicy": "Retain", "Properties": { "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, }, "Type": "AWS::Logs::LogStream", "UpdateReplacePolicy": "Retain", }, "testBucketDF4D7D1A": { "DeletionPolicy": "Retain", "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, }, } `; exports[`Event Storage Construct without props 1`] = ` { "Resources": { "EventStorageTestFirehoseRole9A5FD08D": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestFirehoseRoleDefaultPolicyE272AE26": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:GetObject*", "s3:GetBucket*", "s3:List*", "s3:DeleteObject*", "s3:PutObject*", "s3:Abort*", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "Roles": [ { "Ref": "EventStorageTestFirehoseRole9A5FD08D", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseC7A32BA8": { "DependsOn": [ "EventStorageTestFirehoseRoleDefaultPolicyE272AE26", "EventStorageTestFirehoseRole9A5FD08D", ], "Properties": { "DeliveryStreamEncryptionConfigurationInput": { "KeyType": "AWS_OWNED_CMK", }, "DeliveryStreamType": "DirectPut", "ExtendedS3DestinationConfiguration": { "BucketARN": { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "BufferingHints": { "IntervalInSeconds": 600, "SizeInMBs": 128, }, "CloudWatchLoggingOptions": { "Enabled": true, "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, "LogStreamName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, }, "CompressionFormat": "GZIP", "EncryptionConfiguration": { "KMSEncryptionConfig": { "AWSKMSKeyARN": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":kms:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":alias/aws/s3", ], ], }, }, }, "RoleARN": { "Fn::GetAtt": [ "EventStorageTestFirehoseRole9A5FD08D", "Arn", ], }, }, }, "Type": "AWS::KinesisFirehose::DeliveryStream", }, "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "s3:AbortMultipartUpload", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutObject", ], "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "testBucketDF4D7D1A", "Arn", ], }, "/*", ], ], }, ], }, { "Action": "logs:PutLogEvents", "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":logs:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":log-group:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, ":log-stream:", { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "EventStorageTestKinesisFirehoseKinesisFirehosePolicy8524C4A2", "Roles": [ { "Ref": "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075", }, ], }, "Type": "AWS::IAM::Policy", }, "EventStorageTestKinesisFirehoseKinesisFirehoseRoleD2EAD075": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "firehose.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F": { "DeletionPolicy": "Retain", "Metadata": { "cfn_nag": { "rules_to_suppress": [ { "id": "W86", "reason": "Retention period for CloudWatchLogs LogGroups are set to 'Never Expire' to preserve customer data indefinitely", }, { "id": "W84", "reason": "By default CloudWatchLogs LogGroups data is encrypted using the CloudWatch server-side encryption keys (AWS Managed Keys)", }, ], }, }, "Type": "AWS::Logs::LogGroup", "UpdateReplacePolicy": "Retain", }, "EventStorageTestKinesisFirehosefirehoseloggroupfirehoselogstream1C275BD1": { "DeletionPolicy": "Retain", "Properties": { "LogGroupName": { "Ref": "EventStorageTestKinesisFirehosefirehoseloggroup0CD5B15F", }, }, "Type": "AWS::Logs::LogStream", "UpdateReplacePolicy": "Retain", }, "testBucketDF4D7D1A": { "DeletionPolicy": "Retain", "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, }, } `;