Created
August 4, 2018 17:35
-
-
Save jen20/28f3d86440730979910ae08c6be61f90 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"version": 1, | |
"deployment": { | |
"manifest": { | |
"time": "2018-08-04T12:32:53.979067832-05:00", | |
"magic": "e56a32b644e870e9f1852a0865c77308bee2ea8dd31e4fe4487a3e9ac5258599", | |
"version": "v0.14.4-dev-1533103699-g6958ad40", | |
"plugins": [ | |
{ | |
"name": "nodejs", | |
"path": "/opt/pulumi/bin/pulumi-language-nodejs", | |
"type": "language", | |
"version": "0.14.4-dev-1533103699-g6958ad40" | |
}, | |
{ | |
"name": "aws", | |
"path": "/opt/pulumi/bin/pulumi-resource-aws", | |
"type": "resource", | |
"version": "0.14.6-dev-1532473423-g4c982c2-dirty" | |
} | |
] | |
}, | |
"resources": [ | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::pulumi:pulumi:Stack::pulumi-vault-test-vault-test-dev", | |
"custom": false, | |
"type": "pulumi:pulumi:Stack", | |
"outputs": { | |
"keyBucketArn": "arn:aws:s3:::algo-vault-tls-keys", | |
"keyBucketName": "algo-vault-tls-keys", | |
"kmsKeyArn": "arn:aws:kms:us-west-2:383023859661:key/153f8252-abaa-43ed-985b-1130ff2bbc1c", | |
"kmsKeyId": "153f8252-abaa-43ed-985b-1130ff2bbc1c" | |
}, | |
"dependencies": [], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"custom": false, | |
"type": "operator-error:aws:LambdaCert", | |
"inputs": { | |
"acmeUrl": "https://acme-staging-v02.api.letsencrypt.org/directory", | |
"adminEmail": "webmaster@operator-error.com", | |
"baseTags": { | |
"Project": "Algorithmic Trading V2" | |
}, | |
"description": "Algos Vault", | |
"domainNamePrefix": "vault", | |
"emptyBucketOnDestroy": true, | |
"route53DomainName": "linedata.technology" | |
}, | |
"dependencies": [], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role::algo-vault-lambda-cert-function-role", | |
"custom": true, | |
"id": "algo-vault-lambda-cert-function-role-7b6368f", | |
"type": "aws:iam/role:Role", | |
"inputs": { | |
"assumeRolePolicy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AllowAssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", | |
"forceDetachPolicies": false, | |
"maxSessionDuration": 3600, | |
"name": "algo-vault-lambda-cert-function-role-7b6368f", | |
"path": "/algo-vault/" | |
}, | |
"outputs": { | |
"arn": "arn:aws:iam::383023859661:role/algo-vault/algo-vault-lambda-cert-function-role-7b6368f", | |
"assumeRolePolicy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AllowAssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", | |
"createDate": "2018-08-04T17:18:36Z", | |
"forceDetachPolicies": false, | |
"id": "algo-vault-lambda-cert-function-role-7b6368f", | |
"maxSessionDuration": "3600", | |
"name": "algo-vault-lambda-cert-function-role-7b6368f", | |
"path": "/algo-vault/", | |
"uniqueId": "AROAJZD67TN3CCER666ZY" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"dependencies": [], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:kms/key:Key::algo-vault-lambda-cert-kms-key", | |
"custom": true, | |
"id": "153f8252-abaa-43ed-985b-1130ff2bbc1c", | |
"type": "aws:kms/key:Key", | |
"inputs": { | |
"deletionWindowInDays": 7, | |
"description": "Certificate encryption key for Algos Vault", | |
"enableKeyRotation": false, | |
"isEnabled": true, | |
"policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Delegate Key Access to IAM\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::383023859661:root\"},\"Action\":[\"kms:*\"],\"Resource\":[\"*\"]}]}", | |
"tags": { | |
"Name": "Algos Vault TLS Keys", | |
"Project": "Algorithmic Trading V2" | |
} | |
}, | |
"outputs": { | |
"arn": "arn:aws:kms:us-west-2:383023859661:key/153f8252-abaa-43ed-985b-1130ff2bbc1c", | |
"deletionWindowInDays": "7", | |
"description": "Certificate encryption key for Algos Vault", | |
"enableKeyRotation": false, | |
"id": "153f8252-abaa-43ed-985b-1130ff2bbc1c", | |
"isEnabled": true, | |
"keyId": "153f8252-abaa-43ed-985b-1130ff2bbc1c", | |
"keyUsage": "ENCRYPT_DECRYPT", | |
"policy": "{\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::383023859661:root\"},\"Resource\":\"*\",\"Sid\":\"Delegate Key Access to IAM\"}],\"Version\":\"2012-10-17\"}", | |
"tags": { | |
"Name": "Algos Vault TLS Keys", | |
"Project": "Algorithmic Trading V2" | |
} | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"dependencies": [], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:s3/bucket:Bucket::algo-vault-lambda-cert-bucket", | |
"custom": true, | |
"id": "algo-vault-tls-keys", | |
"type": "aws:s3/bucket:Bucket", | |
"inputs": { | |
"acl": "private", | |
"bucket": "algo-vault-tls-keys", | |
"forceDestroy": true, | |
"tags": { | |
"Name": "Algos Vault TLS Keys", | |
"Project": "Algorithmic Trading V2" | |
} | |
}, | |
"outputs": { | |
"accelerationStatus": "", | |
"acl": "private", | |
"arn": "arn:aws:s3:::algo-vault-tls-keys", | |
"bucket": "algo-vault-tls-keys", | |
"bucketDomainName": "algo-vault-tls-keys.s3.amazonaws.com", | |
"bucketRegionalDomainName": "algo-vault-tls-keys.s3.us-west-2.amazonaws.com", | |
"corsRules": [], | |
"forceDestroy": true, | |
"hostedZoneId": "Z3BJ6K6RIION7M", | |
"id": "algo-vault-tls-keys", | |
"loggings": [], | |
"region": "us-west-2", | |
"requestPayer": "BucketOwner", | |
"tags": { | |
"Name": "Algos Vault TLS Keys", | |
"Project": "Algorithmic Trading V2" | |
}, | |
"versioning": { | |
"enabled": false, | |
"mfaDelete": false | |
} | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"dependencies": [], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role$aws:iam/rolePolicy:RolePolicy::algo-vault-lambda-cert-function-policy", | |
"custom": true, | |
"id": "algo-vault-lambda-cert-function-role-7b6368f:algo-vault-lambda-cert-function-policy-a98a03f", | |
"type": "aws:iam/rolePolicy:RolePolicy", | |
"inputs": { | |
"name": "algo-vault-lambda-cert-function-policy-a98a03f", | |
"policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AllowLambdaLogging\",\"Effect\":\"Allow\",\"Action\":[\"logs:CreateLogGroup\",\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Resource\":[\"arn:aws:logs:*:*:*\"]},{\"Sid\":\"AllowEncryptDecrypt\",\"Effect\":\"Allow\",\"Action\":[\"kms:Encrypt\",\"kms:Decrypt\",\"kms:GenerateDataKey\"],\"Resource\":[\"arn:aws:kms:us-west-2:383023859661:key/153f8252-abaa-43ed-985b-1130ff2bbc1c\"]},{\"Sid\":\"AllowDNS01Verification\",\"Effect\":\"Allow\",\"Action\":[\"route53:GetChange\",\"route53:ListHostedZonesByName\"],\"Resource\":[\"*\"]},{\"Sid\":\"AllowDNS01Modification\",\"Effect\":\"Allow\",\"Action\":[\"route53:ChangeResourceRecordSets\"],\"Resource\":[\"arn:aws:route53:::hostedzone/Z20EN7GEH5Q9QY\"]},{\"Sid\":\"AllowBucketReadWrite\",\"Effect\":\"Allow\",\"Action\":[\"s3:GetObject\",\"s3:PutObject\"],\"Resource\":[\"arn:aws:s3:::algo-vault-tls-keys/config/config.json.enc\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/cert.crt\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/cert.key.enc\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/keystore.jks\"]}]}", | |
"role": "algo-vault-lambda-cert-function-role-7b6368f" | |
}, | |
"outputs": { | |
"id": "algo-vault-lambda-cert-function-role-7b6368f:algo-vault-lambda-cert-function-policy-a98a03f", | |
"name": "algo-vault-lambda-cert-function-policy-a98a03f", | |
"policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AllowLambdaLogging\",\"Effect\":\"Allow\",\"Action\":[\"logs:CreateLogGroup\",\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Resource\":[\"arn:aws:logs:*:*:*\"]},{\"Sid\":\"AllowEncryptDecrypt\",\"Effect\":\"Allow\",\"Action\":[\"kms:Encrypt\",\"kms:Decrypt\",\"kms:GenerateDataKey\"],\"Resource\":[\"arn:aws:kms:us-west-2:383023859661:key/153f8252-abaa-43ed-985b-1130ff2bbc1c\"]},{\"Sid\":\"AllowDNS01Verification\",\"Effect\":\"Allow\",\"Action\":[\"route53:GetChange\",\"route53:ListHostedZonesByName\"],\"Resource\":[\"*\"]},{\"Sid\":\"AllowDNS01Modification\",\"Effect\":\"Allow\",\"Action\":[\"route53:ChangeResourceRecordSets\"],\"Resource\":[\"arn:aws:route53:::hostedzone/Z20EN7GEH5Q9QY\"]},{\"Sid\":\"AllowBucketReadWrite\",\"Effect\":\"Allow\",\"Action\":[\"s3:GetObject\",\"s3:PutObject\"],\"Resource\":[\"arn:aws:s3:::algo-vault-tls-keys/config/config.json.enc\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/cert.crt\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/cert.key.enc\",\"arn:aws:s3:::algo-vault-tls-keys/vault.linedata.technology/keystore.jks\"]}]}", | |
"role": "algo-vault-lambda-cert-function-role-7b6368f" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role::algo-vault-lambda-cert-function-role", | |
"dependencies": [ | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:kms/key:Key::algo-vault-lambda-cert-kms-key", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:s3/bucket:Bucket::algo-vault-lambda-cert-bucket", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role::algo-vault-lambda-cert-function-role" | |
], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function::algo-vault-lambda-cert-function", | |
"custom": true, | |
"id": "algo-vault-lambda-cert-function-5c874c9", | |
"type": "aws:lambda/function:Function", | |
"inputs": { | |
"code": { | |
"4dabf18193072939515e22adb298388d": "0def7320c3a5731c473e5ecbe6d01bc7", | |
"hash": "27825ec201b9d84e6aa6ec7cf1649a858ef5b86602f8d2b0adb9b6d5f724ed7d", | |
"uri": "https://github.com/jen20/lambda-cert/releases/download/v1.1.0/lambda-cert.zip" | |
}, | |
"description": "Maintain TLS Certificate for Algos Vault", | |
"environment": { | |
"variables": { | |
"ACME_SERVER_URL": "https://acme-staging-v02.api.letsencrypt.org/directory", | |
"ADMIN_EMAIL": "webmaster@operator-error.com", | |
"BUCKET_NAME": "algo-vault-tls-keys", | |
"CERTIFICATE_NAME": "vault.linedata.technology", | |
"GENERATE_JAVA_KEYSTORE": "false", | |
"KMS_KEY_ID": "153f8252-abaa-43ed-985b-1130ff2bbc1c" | |
} | |
}, | |
"handler": "lambda-cert", | |
"memorySize": 128, | |
"name": "algo-vault-lambda-cert-function-5c874c9", | |
"publish": false, | |
"role": "arn:aws:iam::383023859661:role/algo-vault/algo-vault-lambda-cert-function-role-7b6368f", | |
"runtime": "go1.x", | |
"tags": { | |
"Name": "Maintain TLS Keys for Algos Vault", | |
"Project": "Algorithmic Trading V2" | |
}, | |
"timeout": 300 | |
}, | |
"outputs": { | |
"arn": "arn:aws:lambda:us-west-2:383023859661:function:algo-vault-lambda-cert-function-5c874c9", | |
"code": "/var/folders/sx/8xy92hzs08gcds5gmd5gw7z80000gn/T/pulumi-asset-27825ec201b9d84e6aa6ec7cf1649a858ef5b86602f8d2b0adb9b6d5f724ed7d", | |
"description": "Maintain TLS Certificate for Algos Vault", | |
"environment": { | |
"variables": { | |
"ACME_SERVER_URL": "https://acme-staging-v02.api.letsencrypt.org/directory", | |
"ADMIN_EMAIL": "webmaster@operator-error.com", | |
"BUCKET_NAME": "algo-vault-tls-keys", | |
"CERTIFICATE_NAME": "vault.linedata.technology", | |
"GENERATE_JAVA_KEYSTORE": false, | |
"KMS_KEY_ID": "153f8252-abaa-43ed-985b-1130ff2bbc1c" | |
} | |
}, | |
"handler": "lambda-cert", | |
"id": "algo-vault-lambda-cert-function-5c874c9", | |
"invokeArn": "arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:383023859661:function:algo-vault-lambda-cert-function-5c874c9/invocations", | |
"kmsKeyArn": "", | |
"lastModified": "2018-08-04T17:20:09.649+0000", | |
"memorySize": "128", | |
"name": "algo-vault-lambda-cert-function-5c874c9", | |
"publish": false, | |
"qualifiedArn": "arn:aws:lambda:us-west-2:383023859661:function:algo-vault-lambda-cert-function-5c874c9:$LATEST", | |
"reservedConcurrentExecutions": "0", | |
"role": "arn:aws:iam::383023859661:role/algo-vault/algo-vault-lambda-cert-function-role-7b6368f", | |
"runtime": "go1.x", | |
"sourceCodeHash": "J4JewgG52E5qpux88WSahY71uGYC+NKwrbm21fck7X0=", | |
"sourceCodeSize": "12286731", | |
"tags": { | |
"Name": "Maintain TLS Keys for Algos Vault", | |
"Project": "Algorithmic Trading V2" | |
}, | |
"timeout": "300", | |
"tracingConfig": { | |
"mode": "PassThrough" | |
}, | |
"version": "$LATEST" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"dependencies": [ | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role$aws:iam/rolePolicy:RolePolicy::algo-vault-lambda-cert-function-policy", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:s3/bucket:Bucket::algo-vault-lambda-cert-bucket", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:kms/key:Key::algo-vault-lambda-cert-kms-key", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:iam/role:Role::algo-vault-lambda-cert-function-role" | |
], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:cloudwatch/eventRule:EventRule::algo-vault-lambda-cert-schedule", | |
"custom": true, | |
"id": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"type": "aws:cloudwatch/eventRule:EventRule", | |
"inputs": { | |
"description": "Check Algos Vault TLS Cert Status", | |
"isEnabled": true, | |
"name": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"scheduleExpression": "rate(12 hours)" | |
}, | |
"outputs": { | |
"arn": "arn:aws:events:us-west-2:383023859661:rule/algo-vault-lambda-cert-schedule-aa95a0a", | |
"description": "Check Algos Vault TLS Cert Status", | |
"id": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"isEnabled": true, | |
"name": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"roleArn": "", | |
"scheduleExpression": "rate(12 hours)" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert::algo-vault-lambda-cert", | |
"dependencies": [ | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function::algo-vault-lambda-cert-function" | |
], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function$aws:lambda/permission:Permission::algo-vault-lambda-cert-permission", | |
"custom": true, | |
"id": "AllowExecutionFromCloudWatch", | |
"type": "aws:lambda/permission:Permission", | |
"inputs": { | |
"action": "lambda:InvokeFunction", | |
"function": "algo-vault-lambda-cert-function-5c874c9", | |
"principal": "events.amazonaws.com", | |
"sourceArn": "arn:aws:events:us-west-2:383023859661:rule/algo-vault-lambda-cert-schedule-aa95a0a", | |
"statementId": "AllowExecutionFromCloudWatch" | |
}, | |
"outputs": { | |
"action": "lambda:InvokeFunction", | |
"function": "algo-vault-lambda-cert-function-5c874c9", | |
"id": "AllowExecutionFromCloudWatch", | |
"principal": "events.amazonaws.com", | |
"qualifier": "", | |
"sourceArn": "arn:aws:events:us-west-2:383023859661:rule/algo-vault-lambda-cert-schedule-aa95a0a", | |
"statementId": "AllowExecutionFromCloudWatch" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function::algo-vault-lambda-cert-function", | |
"dependencies": [ | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function::algo-vault-lambda-cert-function", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:cloudwatch/eventRule:EventRule::algo-vault-lambda-cert-schedule" | |
], | |
"initErrors": [] | |
}, | |
{ | |
"urn": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:cloudwatch/eventRule:EventRule$aws:cloudwatch/eventTarget:EventTarget::algo-vault-lambda-cert-target", | |
"custom": true, | |
"id": "algo-vault-lambda-cert-schedule-aa95a0a-algo-vault-lambda-cert-function-5c874c9", | |
"type": "aws:cloudwatch/eventTarget:EventTarget", | |
"inputs": { | |
"arn": "arn:aws:lambda:us-west-2:383023859661:function:algo-vault-lambda-cert-function-5c874c9", | |
"rule": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"targetId": "algo-vault-lambda-cert-function-5c874c9" | |
}, | |
"outputs": { | |
"arn": "arn:aws:lambda:us-west-2:383023859661:function:algo-vault-lambda-cert-function-5c874c9", | |
"id": "algo-vault-lambda-cert-schedule-aa95a0a-algo-vault-lambda-cert-function-5c874c9", | |
"input": "", | |
"inputPath": "", | |
"roleArn": "", | |
"rule": "algo-vault-lambda-cert-schedule-aa95a0a", | |
"targetId": "algo-vault-lambda-cert-function-5c874c9" | |
}, | |
"parent": "urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:cloudwatch/eventRule:EventRule::algo-vault-lambda-cert-schedule", | |
"dependencies": [ | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:lambda/function:Function::algo-vault-lambda-cert-function", | |
"urn:pulumi:vault-test-dev::pulumi-vault-test::operator-error:aws:LambdaCert$aws:cloudwatch/eventRule:EventRule::algo-vault-lambda-cert-schedule" | |
], | |
"initErrors": [] | |
} | |
] | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment