// Jest Snapshot v1, https://goo.gl/fbAQLP exports[`test CloudfrontStaticWebsite construct 1`] = ` Object { "Resources": Object { "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionC740F1EE": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W70", "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion", }, ], }, }, "Properties": Object { "DistributionConfig": Object { "DefaultCacheBehavior": Object { "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", "Compress": true, "TargetOriginId": "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin169205EA0", "ViewerProtocolPolicy": "redirect-to-https", }, "DefaultRootObject": "index.html", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, "Logging": Object { "Bucket": Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketC13ED68E", "RegionalDomainName", ], }, }, "Origins": Array [ Object { "DomainName": Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179", "RegionalDomainName", ], }, "Id": "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin169205EA0", "S3OriginConfig": Object { "OriginAccessIdentity": Object { "Fn::Join": Array [ "", Array [ "origin-access-identity/cloudfront/", Object { "Ref": "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin1S3Origin74637C1D", }, ], ], }, }, }, ], }, }, "Type": "AWS::CloudFront::Distribution", }, "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin1S3Origin74637C1D": Object { "Properties": Object { "CloudFrontOriginAccessIdentityConfig": Object { "Comment": "Identity for CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin169205EA0", }, }, "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", }, "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketC13ED68E": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W35", "reason": "This S3 bucket is used as the access logging bucket for CloudFront Distribution", }, ], }, }, "Properties": Object { "AccessControl": "LogDeliveryWrite", "BucketEncryption": Object { "ServerSideEncryptionConfiguration": Array [ Object { "ServerSideEncryptionByDefault": Object { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": Object { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "VersioningConfiguration": Object { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketPolicyCD9B2BFC": Object { "Properties": Object { "Bucket": Object { "Ref": "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketC13ED68E", }, "PolicyDocument": Object { "Statement": Array [ Object { "Action": "*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketC13ED68E", "Arn", ], }, "/*", ], ], }, Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3CloudfrontLoggingBucketC13ED68E", "Arn", ], }, ], "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179": Object { "DeletionPolicy": "Retain", "Properties": Object { "BucketEncryption": Object { "ServerSideEncryptionConfiguration": Array [ Object { "ServerSideEncryptionByDefault": Object { "SSEAlgorithm": "AES256", }, }, ], }, "LifecycleConfiguration": Object { "Rules": Array [ Object { "NoncurrentVersionTransitions": Array [ Object { "StorageClass": "GLACIER", "TransitionInDays": 90, }, ], "Status": "Enabled", }, ], }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketEC2D00FE", }, }, "PublicAccessBlockConfiguration": Object { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "VersioningConfiguration": Object { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "CloudfrontStaticWebsiteCloudFrontToS3S3BucketPolicy7E03794C": Object { "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "F16", "reason": "Public website bucket policy requires a wildcard principal", }, ], }, }, "Properties": Object { "Bucket": Object { "Ref": "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179", }, "PolicyDocument": Object { "Statement": Array [ Object { "Action": "*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179", "Arn", ], }, "/*", ], ], }, Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179", "Arn", ], }, ], "Sid": "HttpsOnly", }, Object { "Action": "s3:GetObject", "Effect": "Allow", "Principal": Object { "CanonicalUser": Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3CloudFrontDistributionOrigin1S3Origin74637C1D", "S3CanonicalUserId", ], }, }, "Resource": Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3Bucket345FD179", "Arn", ], }, "/*", ], ], }, }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketEC2D00FE": Object { "DeletionPolicy": "Retain", "Metadata": Object { "cfn_nag": Object { "rules_to_suppress": Array [ Object { "id": "W35", "reason": "This S3 bucket is used as the access logging bucket for another bucket", }, ], }, }, "Properties": Object { "AccessControl": "LogDeliveryWrite", "BucketEncryption": Object { "ServerSideEncryptionConfiguration": Array [ Object { "ServerSideEncryptionByDefault": Object { "SSEAlgorithm": "AES256", }, }, ], }, "PublicAccessBlockConfiguration": Object { "BlockPublicAcls": true, "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, "VersioningConfiguration": Object { "Status": "Enabled", }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", }, "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketPolicy6A886C7D": Object { "Properties": Object { "Bucket": Object { "Ref": "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketEC2D00FE", }, "PolicyDocument": Object { "Statement": Array [ Object { "Action": "*", "Condition": Object { "Bool": Object { "aws:SecureTransport": "false", }, }, "Effect": "Deny", "Principal": Object { "AWS": "*", }, "Resource": Array [ Object { "Fn::Join": Array [ "", Array [ Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketEC2D00FE", "Arn", ], }, "/*", ], ], }, Object { "Fn::GetAtt": Array [ "CloudfrontStaticWebsiteCloudFrontToS3S3LoggingBucketEC2D00FE", "Arn", ], }, ], "Sid": "HttpsOnly", }, ], "Version": "2012-10-17", }, }, "Type": "AWS::S3::BucketPolicy", }, }, } `;