// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`M2C2 Timestream test snapshot and default values 1`] = ` Object { "Conditions": Object { "TestTimestreamCreateTimestreamDatabaseDCDEE72E": Object { "Fn::Equals": Array [ "", "", ], }, }, "Resources": Object { "TestTable": Object { "DeletionPolicy": "Retain", "Properties": Object { "DatabaseName": Object { "Fn::If": Array [ "TestTimestreamCreateTimestreamDatabaseDCDEE72E", Object { "Ref": "TestTimestreamDatabaseD9B9FB32", }, "", ], }, "RetentionProperties": Object { "MagneticStoreRetentionPeriodInDays": 365, "MemoryStoreRetentionPeriodInHours": 2160, }, }, "Type": "AWS::Timestream::Table", }, "TestTimestreamDatabaseD9B9FB32": Object { "Condition": "TestTimestreamCreateTimestreamDatabaseDCDEE72E", "DeletionPolicy": "Retain", "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-TS3", "reason": "The default KMS is used by default.", }, ], }, }, "Properties": Object { "DatabaseName": Object { "Fn::Join": Array [ "", Array [ Object { "Ref": "AWS::StackName", }, "-test-uuid", ], ], }, }, "Type": "AWS::Timestream::Database", }, "TestTimestreamKinesisLambdaKinesisStreamD9ACCC8B": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "RetentionPeriodHours": 24, "ShardCount": 1, "StreamEncryption": Object { "EncryptionType": "KMS", "KeyId": "alias/aws/kinesis", }, "StreamModeDetails": Object { "StreamMode": "PROVISIONED", }, }, "Type": "AWS::Kinesis::Stream", }, "TestTimestreamKinesisLambdaKinesisStreamGetRecordsIteratorAgeAlarm3BF96A2B": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "AlarmDescription": "Consumer Record Processing Falling Behind, there is risk for data loss due to record expiration.", "ComparisonOperator": "GreaterThanOrEqualToThreshold", "EvaluationPeriods": 1, "MetricName": "GetRecords.IteratorAgeMilliseconds", "Namespace": "AWS/Kinesis", "Period": 300, "Statistic": "Maximum", "Threshold": 2592000, }, "Type": "AWS::CloudWatch::Alarm", }, "TestTimestreamKinesisLambdaKinesisStreamReadProvisionedThroughputExceededAlarm84FAAD02": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "AlarmDescription": "Consumer Application is Reading at a Slower Rate Than Expected.", "ComparisonOperator": "GreaterThanThreshold", "EvaluationPeriods": 1, "MetricName": "ReadProvisionedThroughputExceeded", "Namespace": "AWS/Kinesis", "Period": 300, "Statistic": "Average", "Threshold": 0, }, "Type": "AWS::CloudWatch::Alarm", }, "TestTimestreamKinesisLambdaLambdaFunctionB7668DD3": Object { "DependsOn": Array [ "TestTimestreamKinesisLambdaLambdaFunctionServiceRoleDefaultPolicy469FCFC6", "TestTimestreamKinesisLambdaLambdaFunctionServiceRole1DFBA77A", ], "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W58", "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with tighter permissions.", }, Object { "id": "W89", "reason": "This is not a rule for the general case, just for specific use cases/industries", }, Object { "id": "W92", "reason": "Impossible for us to define the correct concurrency for clients", }, ], }, }, "Properties": Object { "Code": Object { "S3Bucket": "test-bucket-region", "S3Key": "machine-to-cloud-connectivity-framework/v0.0.1-test/timestream-writer.zip", }, "Description": "Machine to Cloud Connectivity Framework Timestream data writer function", "Environment": Object { "Variables": Object { "LOGGING_LEVEL": "ERROR", "SOLUTION_ID": "SO0070-Test", "SOLUTION_VERSION": "v0.0.1-test", "TIMESTREAM_DATABASE": Object { "Fn::If": Array [ "TestTimestreamCreateTimestreamDatabaseDCDEE72E", Object { "Ref": "TestTimestreamDatabaseD9B9FB32", }, "", ], }, "TIMESTREAM_TABLE": Object { "Fn::GetAtt": Array [ "TestTable", "Name", ], }, }, }, "Handler": "timestream-writer/index.handler", "Role": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaLambdaFunctionServiceRole1DFBA77A", "Arn", ], }, "Runtime": "nodejs16.x", "Timeout": 30, "TracingConfig": Object { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "TestTimestreamKinesisLambdaLambdaFunctionKinesisEventSourceTestTimestreamKinesisLambdaKinesisStreamE555AD84EA3892B3": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "BatchSize": 100, "BisectBatchOnFunctionError": true, "DestinationConfig": Object { "OnFailure": Object { "Destination": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD", "Arn", ], }, }, }, "EventSourceArn": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaKinesisStreamD9ACCC8B", "Arn", ], }, "FunctionName": Object { "Ref": "TestTimestreamKinesisLambdaLambdaFunctionB7668DD3", }, "MaximumRecordAgeInSeconds": 86400, "MaximumRetryAttempts": 500, "StartingPosition": "TRIM_HORIZON", }, "Type": "AWS::Lambda::EventSourceMapping", }, "TestTimestreamKinesisLambdaLambdaFunctionServiceRole1DFBA77A": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "AssumeRolePolicyDocument": Object { "Statement": Array [ Object { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": Object { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "Policies": Array [ Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", ], "Effect": "Allow", "Resource": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":logs:", Object { "Ref": "AWS::Region", }, ":", Object { "Ref": "AWS::AccountId", }, ":log-group:/aws/lambda/*", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "LambdaFunctionServiceRolePolicy", }, ], }, "Type": "AWS::IAM::Role", }, "TestTimestreamKinesisLambdaLambdaFunctionServiceRoleDefaultPolicy469FCFC6": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W12", "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray and access ENIs in a VPC.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, Object { "Action": Array [ "kinesis:DescribeStreamSummary", "kinesis:GetRecords", "kinesis:GetShardIterator", "kinesis:ListShards", "kinesis:SubscribeToShard", "kinesis:DescribeStream", "kinesis:ListStreams", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaKinesisStreamD9ACCC8B", "Arn", ], }, }, Object { "Action": Array [ "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", ], "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD", "Arn", ], }, }, Object { "Action": "kinesis:DescribeStream", "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaKinesisStreamD9ACCC8B", "Arn", ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "TestTimestreamKinesisLambdaLambdaFunctionServiceRoleDefaultPolicy469FCFC6", "Roles": Array [ Object { "Ref": "TestTimestreamKinesisLambdaLambdaFunctionServiceRole1DFBA77A", }, ], }, "Type": "AWS::IAM::Policy", }, "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD": Object { "DeletionPolicy": "Delete", "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", "UpdateReplacePolicy": "Delete", }, "TestTimestreamKinesisLambdaSqsDlqQueuePolicy5A20611D": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "It does not allow wildcard permissions.", }, Object { "id": "AwsSolutions-SQS3", "reason": "SqsDlqQueue is the dead letter queue.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": Array [ "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:RemovePermission", "sqs:AddPermission", "sqs:SetQueueAttributes", ], "Effect": "Allow", "Principal": Object { "AWS": Object { "Fn::Join": Array [ "", Array [ "arn:", Object { "Ref": "AWS::Partition", }, ":iam::", Object { "Ref": "AWS::AccountId", }, ":root", ], ], }, }, "Resource": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD", "Arn", ], }, "Sid": "QueueOwnerOnlyAccess", }, Object { "Action": "SQS:*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Object { "Fn::GetAtt": Array [ "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD", "Arn", ], }, "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, "Queues": Array [ Object { "Ref": "TestTimestreamKinesisLambdaSqsDlqQueue965BC5DD", }, ], }, "Type": "AWS::SQS::QueuePolicy", }, "TestTimestreamTimestreamPolicy68B07AB6": Object { "Metadata": Object { "cdk_nag": Object { "rules_to_suppress": Array [ Object { "id": "AwsSolutions-IAM5", "reason": "timestream:DescribeEndpoints cannot have specific resources.", }, ], }, "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W12", "reason": "timestream:DescribeEndpoints cannot have specific resources.", }, ], }, }, "Properties": Object { "PolicyDocument": Object { "Statement": Array [ Object { "Action": "timestream:WriteRecords", "Effect": "Allow", "Resource": Object { "Fn::GetAtt": Array [ "TestTable", "Arn", ], }, }, Object { "Action": "timestream:DescribeEndpoints", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "TestTimestreamTimestreamPolicy68B07AB6", "Roles": Array [ Object { "Ref": "TestTimestreamKinesisLambdaLambdaFunctionServiceRole1DFBA77A", }, ], }, "Type": "AWS::IAM::Policy", }, "TestTimestreamteardownTimestreamDatabase098BBBB7": Object { "Condition": "TestCondition", "DeletionPolicy": "Delete", "Properties": Object { "DatabaseName": Object { "Fn::If": Array [ "TestTimestreamCreateTimestreamDatabaseDCDEE72E", Object { "Ref": "TestTimestreamDatabaseD9B9FB32", }, "", ], }, "Resource": "DeleteTimestreamDatabase", "ServiceToken": "", }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, }, } `;