// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`M2C2 SQS message consumer test 1`] = ` Object { "Resources": Object { "TestSQSMessageConsumerErrorLogsRuleIotTopicRule08474196": Object { "Properties": Object { "TopicRulePayload": Object { "Actions": Array [ Object { "Sqs": Object { "QueueUrl": Object { "Ref": "TestSQSMessageConsumerqueue73D902DC", }, "RoleArn": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerErrorLogsRuleiotactionsroleEEB93445", "Arn", ], }, }, }, ], "AwsIotSqlVersion": "2016-03-23", "Description": "Processing connection error logs", "RuleDisabled": false, "Sql": "SELECT topic(3) as connectionName, topic(2) as logType, timestamp() as timestamp, * FROM 'm2c2/error/+'", }, }, "Type": "AWS::IoT::TopicRule", }, "TestSQSMessageConsumerErrorLogsRuleiotactionsroleDefaultPolicy2E2AB413": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "TestSQSMessageConsumerErrorLogsRuleiotactionsroleDefaultPolicy2E2AB413", "Roles": Array [ Object { "Ref": "TestSQSMessageConsumerErrorLogsRuleiotactionsroleEEB93445", }, ], }, "Type": "AWS::IAM::Policy", }, "TestSQSMessageConsumerErrorLogsRuleiotactionsroleEEB93445": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "iot.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "TestSQSMessageConsumerInfoLogsRuleIotTopicRule3CB86F12": Object { "Properties": Object { "TopicRulePayload": Object { "Actions": Array [ Object { "Sqs": Object { "QueueUrl": Object { "Ref": "TestSQSMessageConsumerqueue73D902DC", }, "RoleArn": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerInfoLogsRuleiotactionsrole9D05E928", "Arn", ], }, }, }, ], "AwsIotSqlVersion": "2016-03-23", "Description": "Processing connection info logs", "RuleDisabled": false, "Sql": "SELECT topic(3) as connectionName, topic(2) as logType, timestamp() as timestamp, * FROM 'm2c2/info/+'", }, }, "Type": "AWS::IoT::TopicRule", }, "TestSQSMessageConsumerInfoLogsRuleiotactionsrole9D05E928": Object { "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "iot.amazonaws.com", }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::IAM::Role", }, "TestSQSMessageConsumerInfoLogsRuleiotactionsroleDefaultPolicy064C6579": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "TestSQSMessageConsumerInfoLogsRuleiotactionsroleDefaultPolicy064C6579", "Roles": Array [ Object { "Ref": "TestSQSMessageConsumerInfoLogsRuleiotactionsrole9D05E928", }, ], }, "Type": "AWS::IAM::Policy", }, "TestSQSMessageConsumerLambdaFunction4BC601FA": Object { "DependsOn": Array [ "TestSQSMessageConsumerLambdaFunctionServiceRoleDefaultPolicyAFC5CC6B", "TestSQSMessageConsumerLambdaFunctionServiceRole8EF36FC7", ], "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.", }, Object { "id": "W89", "reason": "This is not a rule for the general case, just for specific use cases/industries", }, Object { "id": "W92", "reason": "Impossible for us to define the correct concurrency for clients", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": "test-bucket-region", "S3Key": "v0.0.1-test/machine-to-cloud-connectivity-framework/sqs-message-consumer.zip", }, "Description": "Machine to Cloud Connectivity SQS message consumer function", "Environment": Object { "Variables": Object { "LOGGING_LEVEL": "ERROR", "LOGS_DYNAMODB_TABLE": Object { "Ref": "TestSQSMessageConsumerLogsDynamoDBDynamoTableAA33559F", }, "SOLUTION_ID": "SO0070-Test", "SOLUTION_VERSION": "v0.0.1-test", }, }, "Handler": "sqs-message-consumer/index.handler", "Role": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerLambdaFunctionServiceRole8EF36FC7", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 60, "TracingConfig": Object { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "TestSQSMessageConsumerLambdaFunctionEventInvokeConfig41321021": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "FunctionName": Object { "Ref": "TestSQSMessageConsumerLambdaFunction4BC601FA", }, "MaximumRetryAttempts": 0, "Qualifier": "$LATEST", }, "Type": "AWS::Lambda::EventInvokeConfig", }, "TestSQSMessageConsumerLambdaFunctionServiceRole8EF36FC7": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": Array [ Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "LambdaFunctionServiceRolePolicy", }, ], }, "Type": "AWS::IAM::Role", }, "TestSQSMessageConsumerLambdaFunctionServiceRoleDefaultPolicyAFC5CC6B": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W12", "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, Object { "Action": Array [ "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:GetQueueUrl", "sqs:DeleteMessage", "sqs:GetQueueAttributes", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, }, Object { "Action": Array [ "dynamodb:BatchGetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:ConditionCheckItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", ], "Effect": "Allow", "Resource": Array [ Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerLogsDynamoDBDynamoTableAA33559F", "Arn", ], }, Object { "Ref": "AWS::NoValue", }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "TestSQSMessageConsumerLambdaFunctionServiceRoleDefaultPolicyAFC5CC6B", "Roles": Array [ Object { "Ref": "TestSQSMessageConsumerLambdaFunctionServiceRole8EF36FC7", }, ], }, "Type": "AWS::IAM::Policy", }, "TestSQSMessageConsumerLambdaFunctionSqsEventSourceTestSQSMessageConsumerqueue98FE31EEBF970A21": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "EventSourceArn": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, "FunctionName": Object { "Ref": "TestSQSMessageConsumerLambdaFunction4BC601FA", }, }, "Type": "AWS::Lambda::EventSourceMapping", }, "TestSQSMessageConsumerLogsDynamoDBDynamoTableAA33559F": Object { "DeletionPolicy": "Delete", "Properties": Object { "AttributeDefinitions": Array [ Object { "AttributeName": "connectionName", "AttributeType": "S", }, Object { "AttributeName": "timestamp", "AttributeType": "N", }, ], "BillingMode": "PAY_PER_REQUEST", "KeySchema": Array [ Object { "AttributeName": "connectionName", "KeyType": "HASH", }, Object { "AttributeName": "timestamp", "KeyType": "RANGE", }, ], "PointInTimeRecoverySpecification": Object { "PointInTimeRecoveryEnabled": true, }, "SSESpecification": Object { "SSEEnabled": true, }, "TimeToLiveSpecification": Object { "AttributeName": "ttl", "Enabled": true, }, }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Retain", }, "TestSQSMessageConsumerdeadLetterQueue6BDB1063": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "TestSQSMessageConsumerdeadLetterQueuePolicyF91BED40": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": Object { "AWS": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerdeadLetterQueue6BDB1063", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, Object { "Action": "SQS:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerdeadLetterQueue6BDB1063", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "TestSQSMessageConsumerdeadLetterQueue6BDB1063", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "TestSQSMessageConsumerqueue73D902DC": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", "RedrivePolicy": Object { "deadLetterTargetArn": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerdeadLetterQueue6BDB1063", "Arn", ], }, "maxReceiveCount": 3, }, "VisibilityTimeout": 60, }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "TestSQSMessageConsumerqueuePolicy2A989929": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions", }, Object { "id": "AwsSolutions-SQS3", "reason": "deadLetterQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": Object { "AWS": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, Object { "Action": "SQS:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "TestSQSMessageConsumerqueue73D902DC", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "TestSQSMessageConsumerqueue73D902DC", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, }, } `;