{ "Description": "(SO0005-PreReq) - quota-monitor-for-aws version:v6.2.1 - Prerequisite Template", "AWSTemplateFormatVersion": "2010-09-09", "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "Pre-Requisite Configuration" }, "Parameters": [ "MonitoringAccountId" ] } ], "ParameterLabels": { "MonitoringAccountId": { "default": "Quota Monitor Monitoring Account" } } } }, "Parameters": { "MonitoringAccountId": { "Type": "String", "AllowedPattern": "^[0-9]{1}\\d{11}$", "Description": "AWS Account Id for the monitoring account" } }, "Mappings": { "QuotaMonitorMap": { "Metrics": { "SendAnonymizedData": "Yes", "MetricsEndpoint": "https://metrics.awssolutionsbuilder.com/generic" } } }, "Resources": { "QMUtilsLayerQMUtilsLayerLayer80D5D993": { "Type": "AWS::Lambda::LayerVersion", "Properties": { "Content": { "S3Bucket": { "Fn::Sub": "solutions-${AWS::Region}" }, "S3Key": "quota-monitor-for-aws/v6.2.1/asset81614929e374f7931dfaaabf04bb969f72fcacc1ee083173711b38ce460307a9.zip" }, "CompatibleRuntimes": [ "nodejs16.x" ], "LayerName": "QM-UtilsLayer" }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-UtilsLayer/QM-UtilsLayer-Layer/Resource", "aws:asset:path": "asset.81614929e374f7931dfaaabf04bb969f72fcacc1ee083173711b38ce460307a9.zip", "aws:asset:is-bundled": false, "aws:asset:property": "Content" } }, "QMHelperQMHelperFunctionServiceRole0506622D": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Function/ServiceRole/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "Actions restricted on kms key ARN. Only actions that do not support resource-level permissions have * in resource", "id": "AwsSolutions-IAM5" }, { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperQMHelperFunction91954E97": { "Type": "AWS::Lambda::Function", "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "solutions-${AWS::Region}" }, "S3Key": "quota-monitor-for-aws/v6.2.1/assetbafc67a78bd93e6b69f271fe9a700890ee1719988f867959a90914e0fd18d72c.zip" }, "Role": { "Fn::GetAtt": [ "QMHelperQMHelperFunctionServiceRole0506622D", "Arn" ] }, "Description": "SO0005 quota-monitor-for-aws - QM-Helper-Function", "Environment": { "Variables": { "METRICS_ENDPOINT": { "Fn::FindInMap": [ "QuotaMonitorMap", "Metrics", "MetricsEndpoint" ] }, "SEND_METRIC": { "Fn::FindInMap": [ "QuotaMonitorMap", "Metrics", "SendAnonymizedData" ] }, "QM_STACK_ID": "quota-monitor-prerequisite", "LOG_LEVEL": "info", "CUSTOM_SDK_USER_AGENT": "AwsSolution/SO0005/v6.2.1", "VERSION": "v6.2.1", "SOLUTION_ID": "SO0005" } }, "Handler": "index.handler", "Layers": [ { "Ref": "QMUtilsLayerQMUtilsLayerLayer80D5D993" } ], "MemorySize": 128, "Runtime": "nodejs16.x", "Timeout": 5 }, "DependsOn": [ "QMHelperQMHelperFunctionServiceRole0506622D" ], "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Function/Resource", "aws:asset:path": "asset.bafc67a78bd93e6b69f271fe9a700890ee1719988f867959a90914e0fd18d72c.zip", "aws:asset:is-bundled": false, "aws:asset:property": "Code", "cdk_nag": { "rules_to_suppress": [ { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperQMHelperFunctionEventInvokeConfig580F9F5F": { "Type": "AWS::Lambda::EventInvokeConfig", "Properties": { "FunctionName": { "Ref": "QMHelperQMHelperFunction91954E97" }, "Qualifier": "$LATEST", "MaximumEventAgeInSeconds": 14400 }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Function/EventInvokeConfig/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperQMHelperProviderframeworkonEventServiceRole4A1EBBAB": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Provider/framework-onEvent/ServiceRole/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperQMHelperProviderframeworkonEventServiceRoleDefaultPolicy86C1FCC1": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "QMHelperQMHelperFunction91954E97", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "QMHelperQMHelperFunction91954E97", "Arn" ] }, ":*" ] ] } ] } ], "Version": "2012-10-17" }, "PolicyName": "QMHelperQMHelperProviderframeworkonEventServiceRoleDefaultPolicy86C1FCC1", "Roles": [ { "Ref": "QMHelperQMHelperProviderframeworkonEventServiceRole4A1EBBAB" } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperQMHelperProviderframeworkonEventB1DF6D3F": { "Type": "AWS::Lambda::Function", "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "solutions-${AWS::Region}" }, "S3Key": "quota-monitor-for-aws/v6.2.1/asset8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e.zip" }, "Role": { "Fn::GetAtt": [ "QMHelperQMHelperProviderframeworkonEventServiceRole4A1EBBAB", "Arn" ] }, "Description": "AWS CDK resource provider framework - onEvent (quota-monitor-prerequisite/QM-Helper/QM-Helper-Provider)", "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "QMHelperQMHelperFunction91954E97", "Arn" ] } } }, "Handler": "framework.onEvent", "Runtime": "nodejs14.x", "Timeout": 900 }, "DependsOn": [ "QMHelperQMHelperProviderframeworkonEventServiceRoleDefaultPolicy86C1FCC1", "QMHelperQMHelperProviderframeworkonEventServiceRole4A1EBBAB" ], "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/QM-Helper-Provider/framework-onEvent/Resource", "aws:asset:path": "asset.8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e", "aws:asset:is-bundled": false, "aws:asset:property": "Code", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMHelperCreateUUIDE0D423E6": { "Type": "Custom::CreateUUID", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "QMHelperQMHelperProviderframeworkonEventB1DF6D3F", "Arn" ] } }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete", "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/CreateUUID/Default" } }, "QMHelperLaunchData6F23B2C3": { "Type": "Custom::LaunchData", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "QMHelperQMHelperProviderframeworkonEventB1DF6D3F", "Arn" ] }, "SOLUTION_UUID": { "Fn::GetAtt": [ "QMHelperCreateUUIDE0D423E6", "UUID" ] } }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete", "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-Helper/LaunchData/Default" } }, "QMPreReqManagerQMPreReqManagerFunctionServiceRole8AAB636E": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Function/ServiceRole/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "Actions restricted on kms key ARN. Only actions that do not support resource-level permissions have * in resource", "id": "AwsSolutions-IAM5" }, { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" }, { "reason": "Actions do not support resource-level permissions", "id": "AwsSolutions-IAM5" } ] } } }, "QMPreReqManagerQMPreReqManagerFunctionServiceRoleDefaultPolicy2A680D95": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "organizations:EnableAWSServiceAccess", "organizations:DescribeOrganization", "organizations:RegisterDelegatedAdministrator", "iam:CreateServiceLinkedRole" ], "Effect": "Allow", "Resource": "*", "Sid": "QMPreReqWrite" } ], "Version": "2012-10-17" }, "PolicyName": "QMPreReqManagerQMPreReqManagerFunctionServiceRoleDefaultPolicy2A680D95", "Roles": [ { "Ref": "QMPreReqManagerQMPreReqManagerFunctionServiceRole8AAB636E" } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Function/ServiceRole/DefaultPolicy/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "Actions do not support resource-level permissions", "id": "AwsSolutions-IAM5" }, { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerQMPreReqManagerFunction1DC63BE9": { "Type": "AWS::Lambda::Function", "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "solutions-${AWS::Region}" }, "S3Key": "quota-monitor-for-aws/v6.2.1/assetace74228348596242ae2ecdf92e903178830796a68985f505ed73bd8177e0b9a.zip" }, "Role": { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerFunctionServiceRole8AAB636E", "Arn" ] }, "Description": "SO0005 quota-monitor-for-aws - QM-PreReqManager-Function", "Environment": { "Variables": { "METRICS_ENDPOINT": { "Fn::FindInMap": [ "QuotaMonitorMap", "Metrics", "MetricsEndpoint" ] }, "SEND_METRIC": { "Fn::FindInMap": [ "QuotaMonitorMap", "Metrics", "SendAnonymizedData" ] }, "LOG_LEVEL": "info", "CUSTOM_SDK_USER_AGENT": "AwsSolution/SO0005/v6.2.1", "VERSION": "v6.2.1", "SOLUTION_ID": "SO0005" } }, "Handler": "index.handler", "Layers": [ { "Ref": "QMUtilsLayerQMUtilsLayerLayer80D5D993" } ], "MemorySize": 128, "Runtime": "nodejs16.x", "Timeout": 5 }, "DependsOn": [ "QMPreReqManagerQMPreReqManagerFunctionServiceRoleDefaultPolicy2A680D95", "QMPreReqManagerQMPreReqManagerFunctionServiceRole8AAB636E" ], "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Function/Resource", "aws:asset:path": "asset.ace74228348596242ae2ecdf92e903178830796a68985f505ed73bd8177e0b9a.zip", "aws:asset:is-bundled": false, "aws:asset:property": "Code", "cdk_nag": { "rules_to_suppress": [ { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerQMPreReqManagerFunctionEventInvokeConfig83FEE4E4": { "Type": "AWS::Lambda::EventInvokeConfig", "Properties": { "FunctionName": { "Ref": "QMPreReqManagerQMPreReqManagerFunction1DC63BE9" }, "Qualifier": "$LATEST", "MaximumEventAgeInSeconds": 14400 }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Function/EventInvokeConfig/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "GovCloud regions support only up to nodejs 16, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRole15413DEC": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" } } ], "Version": "2012-10-17" }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" ] ] } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Provider/framework-onEvent/ServiceRole/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRoleDefaultPolicy58FD5499": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { "Statement": [ { "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerFunction1DC63BE9", "Arn" ] }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerFunction1DC63BE9", "Arn" ] }, ":*" ] ] } ] } ], "Version": "2012-10-17" }, "PolicyName": "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRoleDefaultPolicy58FD5499", "Roles": [ { "Ref": "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRole15413DEC" } ] }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerQMPreReqManagerProviderframeworkonEvent898B02B6": { "Type": "AWS::Lambda::Function", "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "solutions-${AWS::Region}" }, "S3Key": "quota-monitor-for-aws/v6.2.1/asset8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e.zip" }, "Role": { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRole15413DEC", "Arn" ] }, "Description": "AWS CDK resource provider framework - onEvent (quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Provider)", "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerFunction1DC63BE9", "Arn" ] } } }, "Handler": "framework.onEvent", "Runtime": "nodejs14.x", "Timeout": 900 }, "DependsOn": [ "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRoleDefaultPolicy58FD5499", "QMPreReqManagerQMPreReqManagerProviderframeworkonEventServiceRole15413DEC" ], "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/QM-PreReqManager-Provider/framework-onEvent/Resource", "aws:asset:path": "asset.8e3d635893ea17fa3158623489cd42c680fad925b38de1ef51cb10d84f6e245e", "aws:asset:is-bundled": false, "aws:asset:property": "Code", "cdk_nag": { "rules_to_suppress": [ { "reason": "AWSLambdaBasicExecutionRole added by cdk only gives write permissions for CW logs", "id": "AwsSolutions-IAM4" }, { "reason": "IAM policy is appropriated scoped, ARN is provided in policy resource, false warning", "id": "AwsSolutions-IAM5" }, { "reason": "Lambda function created by Provider L2 construct uses nodejs 14, risk is tolerable", "id": "AwsSolutions-L1" } ] } } }, "QMPreReqManagerPreReqManagerCRB1E370C2": { "Type": "Custom::PreReqManagerCR", "Properties": { "ServiceToken": { "Fn::GetAtt": [ "QMPreReqManagerQMPreReqManagerProviderframeworkonEvent898B02B6", "Arn" ] }, "QMMonitoringAccountId": { "Ref": "MonitoringAccountId" }, "AccountId": { "Ref": "AWS::AccountId" }, "Region": { "Ref": "AWS::Region" }, "SolutionUuid": { "Fn::GetAtt": [ "QMHelperCreateUUIDE0D423E6", "UUID" ] } }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete", "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/QM-PreReqManager/PreReqManagerCR/Default" } }, "CDKMetadata": { "Type": "AWS::CDK::Metadata", "Properties": { "Analytics": "v2:deflate64:H4sIAAAAAAAA/2VP0UrEMBD8lntP17tTxFfvUBAUSwVfy166V/baJCWbVI7Sf7eJx6H4NDOZ2TCzhYc7WK/wSwrddEXPB5g+AupO7Y+2RI+GAvkk3nAY2LZqidZTj+bQIEyveCb/SV7Y2RT6o5+j1eFiXPnTSDa82NF1tHf2yG1y/z3OSm5rFKEg8Jhg0bCLuqOwQyHFaGCqXE/pOmPpetbn3DqzeVb5cBnTptoViYtek9JRgjO1v2iB0ruRmzQyO9dg+vkXf49hiCGxpWLDacysrGsITnIzbu5hu4bN6iTMhY82sCGofvAbwc0F/GQBAAA=" }, "Metadata": { "aws:cdk:path": "quota-monitor-prerequisite/CDKMetadata/Default" }, "Condition": "CDKMetadataAvailable" } }, "Outputs": { "UUID": { "Description": "UUID for deployment", "Value": { "Fn::GetAtt": [ "QMHelperCreateUUIDE0D423E6", "UUID" ] } } }, "Conditions": { "CDKMetadataAvailable": { "Fn::Or": [ { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "af-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-east-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-northeast-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-northeast-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-south-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-southeast-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ap-southeast-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "ca-central-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "cn-north-1" ] } ] }, { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "cn-northwest-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-central-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-north-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-south-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-west-3" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "me-south-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "sa-east-1" ] } ] }, { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-east-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-east-2" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-west-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-west-2" ] } ] } ] } } }