Created
July 20, 2022 14:29
-
-
Save martpet/d7a81eb29280b4f2065fe26912544db0 to your computer and use it in GitHub Desktop.
Cfn template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Resources": { | |
"ZoneHostedZoneB23BB523": { | |
"Type": "AWS::Route53::HostedZone", | |
"Properties": { | |
"Name": "martin.dev.trip.pictures." | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HostedZone/Resource" | |
} | |
}, | |
"ZoneZoneDelegationcrossaccountzonedelegationhandlerrolePolicy3DE652D3": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Resource": "arn:aws:iam::020463219829:role/DevAccountServiceRole" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneZoneDelegationcrossaccountzonedelegationhandlerrolePolicy3DE652D3", | |
"Roles": [ | |
{ | |
"Fn::Select": [ | |
1, | |
{ | |
"Fn::Split": [ | |
"/", | |
{ | |
"Fn::Select": [ | |
5, | |
{ | |
"Fn::Split": [ | |
":", | |
{ | |
"Fn::GetAtt": [ | |
"CustomCrossAccountZoneDelegationCustomResourceProviderRoleED64687B", | |
"Arn" | |
] | |
} | |
] | |
} | |
] | |
} | |
] | |
} | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/ZoneDelegation/cross-account-zone-delegation-handler-role/Policy/Resource" | |
} | |
}, | |
"ZoneZoneDelegationCrossAccountZoneDelegationCustomResource63BBCC7C": { | |
"Type": "Custom::CrossAccountZoneDelegation", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"CustomCrossAccountZoneDelegationCustomResourceProviderHandler44A84265", | |
"Arn" | |
] | |
}, | |
"AssumeRoleArn": "arn:aws:iam::020463219829:role/DevAccountServiceRole", | |
"ParentZoneId": "Z01228832S4EGTRIOWEIT", | |
"DelegatedZoneName": "martin.dev.trip.pictures", | |
"DelegatedZoneNameServers": { | |
"Fn::GetAtt": [ | |
"ZoneHostedZoneB23BB523", | |
"NameServers" | |
] | |
}, | |
"TTL": 172800 | |
}, | |
"DependsOn": [ | |
"ZoneZoneDelegationcrossaccountzonedelegationhandlerrolePolicy3DE652D3" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/ZoneDelegation/CrossAccountZoneDelegationCustomResource/Default" | |
} | |
}, | |
"ZoneHealthChecksHealthCheck3314119B": { | |
"Type": "AWS::Route53::HealthCheck", | |
"Properties": { | |
"HealthCheckConfig": { | |
"FailureThreshold": 3, | |
"FullyQualifiedDomainName": "martin.dev.trip.pictures", | |
"RequestInterval": 30, | |
"Type": "HTTPS" | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/HealthCheck" | |
} | |
}, | |
"ZoneHealthChecksTopichandlerServiceRole27F73FC9": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/handler/ServiceRole/Resource" | |
} | |
}, | |
"ZoneHealthChecksTopichandlerServiceRoleDefaultPolicyA7C32FE7": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"sns:CreateTopic", | |
"sns:DeleteTopic", | |
"sns:Subscribe" | |
], | |
"Effect": "Allow", | |
"Resource": "*" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneHealthChecksTopichandlerServiceRoleDefaultPolicyA7C32FE7", | |
"Roles": [ | |
{ | |
"Ref": "ZoneHealthChecksTopichandlerServiceRole27F73FC9" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/handler/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"ZoneHealthChecksTopichandler53EEC40B": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "845ff5241445dd12f3038b8167d37970247b21e059af2d7b7f5318f90961ec04.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopichandlerServiceRole27F73FC9", | |
"Arn" | |
] | |
}, | |
"Environment": { | |
"Variables": { | |
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" | |
} | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"ZoneHealthChecksTopichandlerServiceRoleDefaultPolicyA7C32FE7", | |
"ZoneHealthChecksTopichandlerServiceRole27F73FC9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/handler/Resource", | |
"aws:asset:path": "asset.845ff5241445dd12f3038b8167d37970247b21e059af2d7b7f5318f90961ec04", | |
"aws:asset:is-bundled": true, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"ZoneHealthChecksTopicProviderframeworkonEventServiceRole6E7C2F68": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/Provider/framework-onEvent/ServiceRole/Resource" | |
} | |
}, | |
"ZoneHealthChecksTopicProviderframeworkonEventServiceRoleDefaultPolicyA394011A": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "lambda:InvokeFunction", | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopichandler53EEC40B", | |
"Arn" | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopichandler53EEC40B", | |
"Arn" | |
] | |
}, | |
":*" | |
] | |
] | |
} | |
] | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneHealthChecksTopicProviderframeworkonEventServiceRoleDefaultPolicyA394011A", | |
"Roles": [ | |
{ | |
"Ref": "ZoneHealthChecksTopicProviderframeworkonEventServiceRole6E7C2F68" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"ZoneHealthChecksTopicProviderframeworkonEvent6EB695C5": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopicProviderframeworkonEventServiceRole6E7C2F68", | |
"Arn" | |
] | |
}, | |
"Description": "AWS CDK resource provider framework - onEvent (TripPics/Zone/HealthChecks/Topic/Provider)", | |
"Environment": { | |
"Variables": { | |
"USER_ON_EVENT_FUNCTION_ARN": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopichandler53EEC40B", | |
"Arn" | |
] | |
} | |
} | |
}, | |
"Handler": "framework.onEvent", | |
"Runtime": "nodejs14.x", | |
"Timeout": 900 | |
}, | |
"DependsOn": [ | |
"ZoneHealthChecksTopicProviderframeworkonEventServiceRoleDefaultPolicyA394011A", | |
"ZoneHealthChecksTopicProviderframeworkonEventServiceRole6E7C2F68" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/Provider/framework-onEvent/Resource", | |
"aws:asset:path": "asset.e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"ZoneHealthChecksTopicCrossRegionSNSTopic3A93B182": { | |
"Type": "AWS::CloudFormation::CustomResource", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopicProviderframeworkonEvent6EB695C5", | |
"Arn" | |
] | |
}, | |
"region": "us-east-1", | |
"createTopicInput": { | |
"Name": "TripPics-Route53HealthCheck" | |
} | |
}, | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Topic/CrossRegionSNSTopic/Default" | |
} | |
}, | |
"ZoneHealthChecksAlarmhandlerServiceRoleBEDD7AC4": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/handler/ServiceRole/Resource" | |
} | |
}, | |
"ZoneHealthChecksAlarmhandlerServiceRoleDefaultPolicyC33B5FB4": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"cloudwatch:DeleteAlarms", | |
"cloudwatch:PutMetricAlarm" | |
], | |
"Effect": "Allow", | |
"Resource": "*" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneHealthChecksAlarmhandlerServiceRoleDefaultPolicyC33B5FB4", | |
"Roles": [ | |
{ | |
"Ref": "ZoneHealthChecksAlarmhandlerServiceRoleBEDD7AC4" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/handler/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"ZoneHealthChecksAlarmhandler7D2CD84A": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "983f2f30c84d9dbf34e7f878b01003d293e31ca91404acc59689979fbd4460f4.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmhandlerServiceRoleBEDD7AC4", | |
"Arn" | |
] | |
}, | |
"Environment": { | |
"Variables": { | |
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" | |
} | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"ZoneHealthChecksAlarmhandlerServiceRoleDefaultPolicyC33B5FB4", | |
"ZoneHealthChecksAlarmhandlerServiceRoleBEDD7AC4" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/handler/Resource", | |
"aws:asset:path": "asset.983f2f30c84d9dbf34e7f878b01003d293e31ca91404acc59689979fbd4460f4", | |
"aws:asset:is-bundled": true, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleA14E480B": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/Provider/framework-onEvent/ServiceRole/Resource" | |
} | |
}, | |
"ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleDefaultPolicy6FB2592A": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "lambda:InvokeFunction", | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmhandler7D2CD84A", | |
"Arn" | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmhandler7D2CD84A", | |
"Arn" | |
] | |
}, | |
":*" | |
] | |
] | |
} | |
] | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleDefaultPolicy6FB2592A", | |
"Roles": [ | |
{ | |
"Ref": "ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleA14E480B" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"ZoneHealthChecksAlarmProviderframeworkonEventFA97170C": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleA14E480B", | |
"Arn" | |
] | |
}, | |
"Description": "AWS CDK resource provider framework - onEvent (TripPics/Zone/HealthChecks/Alarm/Provider)", | |
"Environment": { | |
"Variables": { | |
"USER_ON_EVENT_FUNCTION_ARN": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmhandler7D2CD84A", | |
"Arn" | |
] | |
} | |
} | |
}, | |
"Handler": "framework.onEvent", | |
"Runtime": "nodejs14.x", | |
"Timeout": 900 | |
}, | |
"DependsOn": [ | |
"ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleDefaultPolicy6FB2592A", | |
"ZoneHealthChecksAlarmProviderframeworkonEventServiceRoleA14E480B" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/Provider/framework-onEvent/Resource", | |
"aws:asset:path": "asset.e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"ZoneHealthChecksAlarmCrossRegionAlarm166131C0": { | |
"Type": "AWS::CloudFormation::CustomResource", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksAlarmProviderframeworkonEventFA97170C", | |
"Arn" | |
] | |
}, | |
"region": "us-east-1", | |
"putMetricAlarmInput": { | |
"AlarmName": "TripPics-Route53HealthCheck", | |
"Namespace": "AWS/Route53", | |
"MetricName": "HealthCheckStatus", | |
"Statistic": "Minimum", | |
"ComparisonOperator": "LessThanThreshold", | |
"Threshold": 1, | |
"Period": 60, | |
"EvaluationPeriods": 1, | |
"AlarmActions": [ | |
{ | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksTopicCrossRegionSNSTopic3A93B182", | |
"TopicArn" | |
] | |
} | |
], | |
"Dimensions": [ | |
{ | |
"Name": "HealthCheckId", | |
"Value": { | |
"Fn::GetAtt": [ | |
"ZoneHealthChecksHealthCheck3314119B", | |
"HealthCheckId" | |
] | |
} | |
} | |
] | |
} | |
}, | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/HealthChecks/Alarm/CrossRegionAlarm/Default" | |
} | |
}, | |
"ZoneCertificateCertificateRequestorFunctionServiceRole115C5E43": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"ZoneHostedZoneB23BB523" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/Certificate/CertificateRequestorFunction/ServiceRole/Resource" | |
} | |
}, | |
"ZoneCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy36ED9EA7": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"acm:AddTagsToCertificate", | |
"acm:DeleteCertificate", | |
"acm:DescribeCertificate", | |
"acm:RequestCertificate", | |
"route53:GetChange" | |
], | |
"Effect": "Allow", | |
"Resource": "*" | |
}, | |
{ | |
"Action": "route53:changeResourceRecordSets", | |
"Effect": "Allow", | |
"Resource": { | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":route53:::hostedzone/", | |
{ | |
"Ref": "ZoneHostedZoneB23BB523" | |
} | |
] | |
] | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "ZoneCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy36ED9EA7", | |
"Roles": [ | |
{ | |
"Ref": "ZoneCertificateCertificateRequestorFunctionServiceRole115C5E43" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"ZoneHostedZoneB23BB523" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/Certificate/CertificateRequestorFunction/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"ZoneCertificateCertificateRequestorFunction5DF3021B": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "8ddf29ab619460567d3cda58de2ff1bf0f6e95d8822ff630ec58a4d52ed1fa67.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"ZoneCertificateCertificateRequestorFunctionServiceRole115C5E43", | |
"Arn" | |
] | |
}, | |
"Handler": "index.certificateRequestHandler", | |
"Runtime": "nodejs14.x", | |
"Timeout": 900 | |
}, | |
"DependsOn": [ | |
"ZoneCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy36ED9EA7", | |
"ZoneCertificateCertificateRequestorFunctionServiceRole115C5E43", | |
"ZoneHostedZoneB23BB523" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/Certificate/CertificateRequestorFunction/Resource", | |
"aws:asset:path": "asset.8ddf29ab619460567d3cda58de2ff1bf0f6e95d8822ff630ec58a4d52ed1fa67", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"ZoneCertificateCertificateRequestorResource1F2A0AC5": { | |
"Type": "AWS::CloudFormation::CustomResource", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"ZoneCertificateCertificateRequestorFunction5DF3021B", | |
"Arn" | |
] | |
}, | |
"DomainName": "martin.dev.trip.pictures", | |
"SubjectAlternativeNames": [ | |
"*.martin.dev.trip.pictures" | |
], | |
"HostedZoneId": { | |
"Ref": "ZoneHostedZoneB23BB523" | |
}, | |
"Region": "us-east-1", | |
"CleanupRecords": "true" | |
}, | |
"DependsOn": [ | |
"ZoneHostedZoneB23BB523" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Zone/Certificate/CertificateRequestorResource/Default" | |
} | |
}, | |
"CustomCrossAccountZoneDelegationCustomResourceProviderRoleED64687B": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
] | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::CrossAccountZoneDelegationCustomResourceProvider/Role" | |
} | |
}, | |
"CustomCrossAccountZoneDelegationCustomResourceProviderHandler44A84265": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "1bc4eea1c4c9078ab0a0c81fcb048c3930cb9bb86672dcfe49e9220f33e69f64.zip" | |
}, | |
"Timeout": 900, | |
"MemorySize": 128, | |
"Handler": "__entrypoint__.handler", | |
"Role": { | |
"Fn::GetAtt": [ | |
"CustomCrossAccountZoneDelegationCustomResourceProviderRoleED64687B", | |
"Arn" | |
] | |
}, | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"CustomCrossAccountZoneDelegationCustomResourceProviderRoleED64687B" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::CrossAccountZoneDelegationCustomResourceProvider/Handler", | |
"aws:asset:path": "asset.1bc4eea1c4c9078ab0a0c81fcb048c3930cb9bb86672dcfe49e9220f33e69f64", | |
"aws:asset:property": "Code" | |
} | |
}, | |
"WebDistributionWebBucketFDD181A9": { | |
"Type": "AWS::S3::Bucket", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "aws-cdk:auto-delete-objects", | |
"Value": "true" | |
}, | |
{ | |
"Key": "aws-cdk:cr-owned:056f55d9", | |
"Value": "true" | |
} | |
] | |
}, | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/WebBucket/Resource" | |
} | |
}, | |
"WebDistributionWebBucketPolicy8B20CCA4": { | |
"Type": "AWS::S3::BucketPolicy", | |
"Properties": { | |
"Bucket": { | |
"Ref": "WebDistributionWebBucketFDD181A9" | |
}, | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"s3:DeleteObject*", | |
"s3:GetBucket*", | |
"s3:List*" | |
], | |
"Effect": "Allow", | |
"Principal": { | |
"AWS": { | |
"Fn::GetAtt": [ | |
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", | |
"Arn" | |
] | |
} | |
}, | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"Arn" | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"Arn" | |
] | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Action": "s3:GetObject", | |
"Effect": "Allow", | |
"Principal": { | |
"CanonicalUser": { | |
"Fn::GetAtt": [ | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"S3CanonicalUserId" | |
] | |
} | |
}, | |
"Resource": { | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"Arn" | |
] | |
}, | |
"/*" | |
] | |
] | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/WebBucket/Policy/Resource" | |
} | |
}, | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B": { | |
"Type": "Custom::S3AutoDeleteObjects", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", | |
"Arn" | |
] | |
}, | |
"BucketName": { | |
"Ref": "WebDistributionWebBucketFDD181A9" | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionWebBucketPolicy8B20CCA4" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/WebBucket/AutoDeleteObjectsCustomResource/Default" | |
} | |
}, | |
"WebDistributionCachePolicy1C1DF238": { | |
"Type": "AWS::CloudFront::CachePolicy", | |
"Properties": { | |
"CachePolicyConfig": { | |
"DefaultTTL": 31536000, | |
"MaxTTL": 31536000, | |
"MinTTL": 31536000, | |
"Name": { | |
"Fn::Join": [ | |
"", | |
[ | |
"TripPicsWebDistributionCachePolicy67B4E9E2-", | |
{ | |
"Ref": "AWS::Region" | |
} | |
] | |
] | |
}, | |
"ParametersInCacheKeyAndForwardedToOrigin": { | |
"CookiesConfig": { | |
"CookieBehavior": "none" | |
}, | |
"EnableAcceptEncodingBrotli": false, | |
"EnableAcceptEncodingGzip": false, | |
"HeadersConfig": { | |
"HeaderBehavior": "none" | |
}, | |
"QueryStringsConfig": { | |
"QueryStringBehavior": "none" | |
} | |
} | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/CachePolicy/Resource" | |
} | |
}, | |
"WebDistributionOrigin1S3OriginF25D5094": { | |
"Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", | |
"Properties": { | |
"CloudFrontOriginAccessIdentityConfig": { | |
"Comment": "Identity for TripPicsWebDistributionOrigin11AAE62BC" | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/Distribution/Origin1/S3Origin/Resource" | |
} | |
}, | |
"WebDistributionLoggingBucketAE98FCD1": { | |
"Type": "AWS::S3::Bucket", | |
"Properties": { | |
"BucketEncryption": { | |
"ServerSideEncryptionConfiguration": [ | |
{ | |
"ServerSideEncryptionByDefault": { | |
"SSEAlgorithm": "AES256" | |
} | |
} | |
] | |
} | |
}, | |
"UpdateReplacePolicy": "Retain", | |
"DeletionPolicy": "Retain", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/Distribution/LoggingBucket/Resource" | |
} | |
}, | |
"WebDistributionE0AD6497": { | |
"Type": "AWS::CloudFront::Distribution", | |
"Properties": { | |
"DistributionConfig": { | |
"Aliases": [ | |
"martin.dev.trip.pictures" | |
], | |
"CustomErrorResponses": [ | |
{ | |
"ErrorCode": 403, | |
"ResponseCode": 200, | |
"ResponsePagePath": "/index.html" | |
}, | |
{ | |
"ErrorCode": 404, | |
"ResponseCode": 200, | |
"ResponsePagePath": "/index.html" | |
} | |
], | |
"DefaultCacheBehavior": { | |
"CachePolicyId": { | |
"Ref": "WebDistributionCachePolicy1C1DF238" | |
}, | |
"Compress": true, | |
"TargetOriginId": "TripPicsWebDistributionOrigin11AAE62BC", | |
"ViewerProtocolPolicy": "redirect-to-https" | |
}, | |
"DefaultRootObject": "index.html", | |
"Enabled": true, | |
"HttpVersion": "http2", | |
"IPV6Enabled": true, | |
"Logging": { | |
"Bucket": { | |
"Fn::GetAtt": [ | |
"WebDistributionLoggingBucketAE98FCD1", | |
"RegionalDomainName" | |
] | |
}, | |
"IncludeCookies": true | |
}, | |
"Origins": [ | |
{ | |
"DomainName": { | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"RegionalDomainName" | |
] | |
}, | |
"Id": "TripPicsWebDistributionOrigin11AAE62BC", | |
"S3OriginConfig": { | |
"OriginAccessIdentity": { | |
"Fn::Join": [ | |
"", | |
[ | |
"origin-access-identity/cloudfront/", | |
{ | |
"Ref": "WebDistributionOrigin1S3OriginF25D5094" | |
} | |
] | |
] | |
} | |
} | |
} | |
], | |
"ViewerCertificate": { | |
"AcmCertificateArn": { | |
"Fn::GetAtt": [ | |
"ZoneCertificateCertificateRequestorResource1F2A0AC5", | |
"Arn" | |
] | |
}, | |
"MinimumProtocolVersion": "TLSv1.2_2021", | |
"SslSupportMethod": "sni-only" | |
} | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/Distribution/Resource" | |
} | |
}, | |
"WebDistributionAlias35CFAF43": { | |
"Type": "AWS::Route53::RecordSet", | |
"Properties": { | |
"Name": "martin.dev.trip.pictures.", | |
"Type": "A", | |
"AliasTarget": { | |
"DNSName": { | |
"Fn::GetAtt": [ | |
"WebDistributionE0AD6497", | |
"DomainName" | |
] | |
}, | |
"HostedZoneId": { | |
"Fn::FindInMap": [ | |
"AWSCloudFrontPartitionHostedZoneIdMap", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
"zoneId" | |
] | |
} | |
}, | |
"HostedZoneId": { | |
"Ref": "ZoneHostedZoneB23BB523" | |
} | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/WebDistribution/Alias/Resource" | |
} | |
}, | |
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
] | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role" | |
} | |
}, | |
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "ac9d3642b3e0626d3a6d8c4f5f56507a478c329febdf1dcfbbf7c7db9812cd30.zip" | |
}, | |
"Timeout": 900, | |
"MemorySize": 128, | |
"Handler": "__entrypoint__.handler", | |
"Role": { | |
"Fn::GetAtt": [ | |
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", | |
"Arn" | |
] | |
}, | |
"Runtime": "nodejs14.x", | |
"Description": { | |
"Fn::Join": [ | |
"", | |
[ | |
"Lambda function for auto-deleting objects in ", | |
{ | |
"Ref": "WebDistributionWebBucketFDD181A9" | |
}, | |
" S3 bucket." | |
] | |
] | |
} | |
}, | |
"DependsOn": [ | |
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler", | |
"aws:asset:path": "asset.ac9d3642b3e0626d3a6d8c4f5f56507a478c329febdf1dcfbbf7c7db9812cd30", | |
"aws:asset:property": "Code" | |
} | |
}, | |
"DbUsersTable904AA81C": { | |
"Type": "AWS::DynamoDB::Table", | |
"Properties": { | |
"KeySchema": [ | |
{ | |
"AttributeName": "username", | |
"KeyType": "HASH" | |
} | |
], | |
"AttributeDefinitions": [ | |
{ | |
"AttributeName": "username", | |
"AttributeType": "S" | |
} | |
], | |
"BillingMode": "PAY_PER_REQUEST" | |
}, | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Db/UsersTable/Resource" | |
} | |
}, | |
"CognitoOAuthSecretshandlerServiceRole3EBD2B30": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/handler/ServiceRole/Resource" | |
} | |
}, | |
"CognitoOAuthSecretshandlerServiceRoleDefaultPolicyCF544A3B": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Resource": "arn:aws:iam::020463219829:role/DevAccountServiceRole" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CognitoOAuthSecretshandlerServiceRoleDefaultPolicyCF544A3B", | |
"Roles": [ | |
{ | |
"Ref": "CognitoOAuthSecretshandlerServiceRole3EBD2B30" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/handler/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"CognitoOAuthSecretshandler77E1E2C3": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "b7706dd61a2f7654770f019d1ad2ef5e06dd064c3e9305fb1f6f95a1a151e910.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretshandlerServiceRole3EBD2B30", | |
"Arn" | |
] | |
}, | |
"Environment": { | |
"Variables": { | |
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" | |
} | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"CognitoOAuthSecretshandlerServiceRoleDefaultPolicyCF544A3B", | |
"CognitoOAuthSecretshandlerServiceRole3EBD2B30", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/handler/Resource", | |
"aws:asset:path": "asset.b7706dd61a2f7654770f019d1ad2ef5e06dd064c3e9305fb1f6f95a1a151e910", | |
"aws:asset:is-bundled": true, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"CognitoOAuthSecretsProviderframeworkonEventServiceRole8071E5FB": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/Provider/framework-onEvent/ServiceRole/Resource" | |
} | |
}, | |
"CognitoOAuthSecretsProviderframeworkonEventServiceRoleDefaultPolicy0A0361D8": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "lambda:InvokeFunction", | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretshandler77E1E2C3", | |
"Arn" | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretshandler77E1E2C3", | |
"Arn" | |
] | |
}, | |
":*" | |
] | |
] | |
} | |
] | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CognitoOAuthSecretsProviderframeworkonEventServiceRoleDefaultPolicy0A0361D8", | |
"Roles": [ | |
{ | |
"Ref": "CognitoOAuthSecretsProviderframeworkonEventServiceRole8071E5FB" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"CognitoOAuthSecretsProviderframeworkonEventA71094CC": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretsProviderframeworkonEventServiceRole8071E5FB", | |
"Arn" | |
] | |
}, | |
"Description": "AWS CDK resource provider framework - onEvent (TripPics/Cognito/OAuthSecrets/Provider)", | |
"Environment": { | |
"Variables": { | |
"USER_ON_EVENT_FUNCTION_ARN": { | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretshandler77E1E2C3", | |
"Arn" | |
] | |
} | |
} | |
}, | |
"Handler": "framework.onEvent", | |
"Runtime": "nodejs14.x", | |
"Timeout": 900 | |
}, | |
"DependsOn": [ | |
"CognitoOAuthSecretsProviderframeworkonEventServiceRoleDefaultPolicy0A0361D8", | |
"CognitoOAuthSecretsProviderframeworkonEventServiceRole8071E5FB", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/Provider/framework-onEvent/Resource", | |
"aws:asset:path": "asset.e7c95e1a12d903d913ebdd526c735f1ac58b2024882a5562110221fe685ebe85", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"CognitoOAuthSecretsCrossAccountSSMCC343B4F": { | |
"Type": "AWS::CloudFormation::CustomResource", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretsProviderframeworkonEventA71094CC", | |
"Arn" | |
] | |
}, | |
"roleArn": "arn:aws:iam::020463219829:role/DevAccountServiceRole", | |
"getParametersInput": { | |
"Names": [ | |
"/oauth/google/client-secret", | |
"/oauth/apple/key-secret" | |
], | |
"WithDecryption": true | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/OAuthSecrets/CrossAccountSSM/Default" | |
} | |
}, | |
"CognitoPostConfirmLambdaServiceRoleF0AF468C": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostConfirmLambda/ServiceRole/Resource" | |
} | |
}, | |
"CognitoPostConfirmLambdaServiceRoleDefaultPolicy8E31F12B": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"dynamodb:BatchGetItem", | |
"dynamodb:BatchWriteItem", | |
"dynamodb:ConditionCheckItem", | |
"dynamodb:DeleteItem", | |
"dynamodb:DescribeTable", | |
"dynamodb:GetItem", | |
"dynamodb:GetRecords", | |
"dynamodb:GetShardIterator", | |
"dynamodb:PutItem", | |
"dynamodb:Query", | |
"dynamodb:Scan", | |
"dynamodb:UpdateItem" | |
], | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"DbUsersTable904AA81C", | |
"Arn" | |
] | |
}, | |
{ | |
"Ref": "AWS::NoValue" | |
} | |
] | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CognitoPostConfirmLambdaServiceRoleDefaultPolicy8E31F12B", | |
"Roles": [ | |
{ | |
"Ref": "CognitoPostConfirmLambdaServiceRoleF0AF468C" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostConfirmLambda/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"CognitoPostConfirmLambda1DEF0F60": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "e4b21b453ccdd361f45f8d3a54f22a32a4c665ae6a007d09ef0254a408047115.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"CognitoPostConfirmLambdaServiceRoleF0AF468C", | |
"Arn" | |
] | |
}, | |
"Environment": { | |
"Variables": { | |
"usersTableName": { | |
"Ref": "DbUsersTable904AA81C" | |
}, | |
"usersTableSchemaJson": "{\"partitionKey\":{\"name\":\"username\",\"type\":\"S\"}}", | |
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" | |
} | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"CognitoPostConfirmLambdaServiceRoleDefaultPolicy8E31F12B", | |
"CognitoPostConfirmLambdaServiceRoleF0AF468C", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostConfirmLambda/Resource", | |
"aws:asset:path": "asset.e4b21b453ccdd361f45f8d3a54f22a32a4c665ae6a007d09ef0254a408047115", | |
"aws:asset:is-bundled": true, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"CognitoPostConfirmLambdaPostConfirmationLambdaCognito0CACC290": { | |
"Type": "AWS::Lambda::Permission", | |
"Properties": { | |
"Action": "lambda:InvokeFunction", | |
"FunctionName": { | |
"Fn::GetAtt": [ | |
"CognitoPostConfirmLambda1DEF0F60", | |
"Arn" | |
] | |
}, | |
"Principal": "cognito-idp.amazonaws.com", | |
"SourceArn": { | |
"Fn::GetAtt": [ | |
"CognitoUserPool279BBD48", | |
"Arn" | |
] | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostConfirmLambda/PostConfirmationLambdaCognito" | |
} | |
}, | |
"CognitoPostAuthLambdaServiceRole087D30C2": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostAuthLambda/ServiceRole/Resource" | |
} | |
}, | |
"CognitoPostAuthLambdaServiceRoleDefaultPolicy33367536": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"dynamodb:BatchGetItem", | |
"dynamodb:BatchWriteItem", | |
"dynamodb:ConditionCheckItem", | |
"dynamodb:DeleteItem", | |
"dynamodb:DescribeTable", | |
"dynamodb:GetItem", | |
"dynamodb:GetRecords", | |
"dynamodb:GetShardIterator", | |
"dynamodb:PutItem", | |
"dynamodb:Query", | |
"dynamodb:Scan", | |
"dynamodb:UpdateItem" | |
], | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"DbUsersTable904AA81C", | |
"Arn" | |
] | |
}, | |
{ | |
"Ref": "AWS::NoValue" | |
} | |
] | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CognitoPostAuthLambdaServiceRoleDefaultPolicy33367536", | |
"Roles": [ | |
{ | |
"Ref": "CognitoPostAuthLambdaServiceRole087D30C2" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostAuthLambda/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"CognitoPostAuthLambdaD53958F8": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "4c1982b687599c8e8ee1b5465960410f7a529e0f2db34cbdeee825afc071c8f4.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"CognitoPostAuthLambdaServiceRole087D30C2", | |
"Arn" | |
] | |
}, | |
"Environment": { | |
"Variables": { | |
"usersTableName": { | |
"Ref": "DbUsersTable904AA81C" | |
}, | |
"usersTableSchemaJson": "{\"partitionKey\":{\"name\":\"username\",\"type\":\"S\"}}", | |
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" | |
} | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x" | |
}, | |
"DependsOn": [ | |
"CognitoPostAuthLambdaServiceRoleDefaultPolicy33367536", | |
"CognitoPostAuthLambdaServiceRole087D30C2", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostAuthLambda/Resource", | |
"aws:asset:path": "asset.4c1982b687599c8e8ee1b5465960410f7a529e0f2db34cbdeee825afc071c8f4", | |
"aws:asset:is-bundled": true, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"CognitoPostAuthLambdaPostAuthenticationLambdaCognito556BEF3B": { | |
"Type": "AWS::Lambda::Permission", | |
"Properties": { | |
"Action": "lambda:InvokeFunction", | |
"FunctionName": { | |
"Fn::GetAtt": [ | |
"CognitoPostAuthLambdaD53958F8", | |
"Arn" | |
] | |
}, | |
"Principal": "cognito-idp.amazonaws.com", | |
"SourceArn": { | |
"Fn::GetAtt": [ | |
"CognitoUserPool279BBD48", | |
"Arn" | |
] | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/PostAuthLambda/PostAuthenticationLambdaCognito" | |
} | |
}, | |
"CognitoUserPool279BBD48": { | |
"Type": "AWS::Cognito::UserPool", | |
"Properties": { | |
"AccountRecoverySetting": { | |
"RecoveryMechanisms": [ | |
{ | |
"Name": "verified_phone_number", | |
"Priority": 1 | |
}, | |
{ | |
"Name": "verified_email", | |
"Priority": 2 | |
} | |
] | |
}, | |
"AdminCreateUserConfig": { | |
"AllowAdminCreateUserOnly": true | |
}, | |
"EmailVerificationMessage": "The verification code to your new account is {####}", | |
"EmailVerificationSubject": "Verify your new account", | |
"LambdaConfig": {}, | |
"SmsVerificationMessage": "The verification code to your new account is {####}", | |
"VerificationMessageTemplate": { | |
"DefaultEmailOption": "CONFIRM_WITH_CODE", | |
"EmailMessage": "The verification code to your new account is {####}", | |
"EmailSubject": "Verify your new account", | |
"SmsMessage": "The verification code to your new account is {####}" | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/UserPool/Resource" | |
} | |
}, | |
"CognitoUserPoolUserPoolDomainC12FFA2B": { | |
"Type": "AWS::Cognito::UserPoolDomain", | |
"Properties": { | |
"Domain": "auth.martin.dev.trip.pictures", | |
"UserPoolId": { | |
"Ref": "CognitoUserPool279BBD48" | |
}, | |
"CustomDomainConfig": { | |
"CertificateArn": { | |
"Fn::GetAtt": [ | |
"ZoneCertificateCertificateRequestorResource1F2A0AC5", | |
"Arn" | |
] | |
} | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/UserPool/UserPoolDomain/Resource" | |
} | |
}, | |
"CognitoUserPoolUserPoolDomainCloudFrontDomainNameCustomResourcePolicy7B24E350": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "cognito-idp:DescribeUserPoolDomain", | |
"Effect": "Allow", | |
"Resource": "*" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CognitoUserPoolUserPoolDomainCloudFrontDomainNameCustomResourcePolicy7B24E350", | |
"Roles": [ | |
{ | |
"Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" | |
} | |
] | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/UserPool/UserPoolDomain/CloudFrontDomainName/CustomResourcePolicy/Resource" | |
} | |
}, | |
"CognitoUserPoolUserPoolDomainCloudFrontDomainNameC2D33DEA": { | |
"Type": "Custom::UserPoolCloudFrontDomainName", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"AWS679f53fac002430cb0da5b7982bd22872D164C4C", | |
"Arn" | |
] | |
}, | |
"Create": { | |
"Fn::Join": [ | |
"", | |
[ | |
"{\"service\":\"CognitoIdentityServiceProvider\",\"action\":\"describeUserPoolDomain\",\"parameters\":{\"Domain\":\"", | |
{ | |
"Ref": "CognitoUserPoolUserPoolDomainC12FFA2B" | |
}, | |
"\"},\"physicalResourceId\":{\"id\":\"", | |
{ | |
"Ref": "CognitoUserPoolUserPoolDomainC12FFA2B" | |
}, | |
"\"}}" | |
] | |
] | |
}, | |
"Update": { | |
"Fn::Join": [ | |
"", | |
[ | |
"{\"service\":\"CognitoIdentityServiceProvider\",\"action\":\"describeUserPoolDomain\",\"parameters\":{\"Domain\":\"", | |
{ | |
"Ref": "CognitoUserPoolUserPoolDomainC12FFA2B" | |
}, | |
"\"},\"physicalResourceId\":{\"id\":\"", | |
{ | |
"Ref": "CognitoUserPoolUserPoolDomainC12FFA2B" | |
}, | |
"\"}}" | |
] | |
] | |
}, | |
"InstallLatestAwsSdk": true | |
}, | |
"DependsOn": [ | |
"CognitoUserPoolUserPoolDomainCloudFrontDomainNameCustomResourcePolicy7B24E350", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/UserPool/UserPoolDomain/CloudFrontDomainName/Resource/Default" | |
} | |
}, | |
"CognitoARecordC85F6773": { | |
"Type": "AWS::Route53::RecordSet", | |
"Properties": { | |
"Name": "auth.martin.dev.trip.pictures.", | |
"Type": "A", | |
"AliasTarget": { | |
"DNSName": { | |
"Fn::GetAtt": [ | |
"CognitoUserPoolUserPoolDomainCloudFrontDomainNameC2D33DEA", | |
"DomainDescription.CloudFrontDistribution" | |
] | |
}, | |
"HostedZoneId": { | |
"Fn::FindInMap": [ | |
"AWSCloudFrontPartitionHostedZoneIdMap", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
"zoneId" | |
] | |
} | |
}, | |
"HostedZoneId": { | |
"Ref": "ZoneHostedZoneB23BB523" | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/ARecord/Resource" | |
} | |
}, | |
"CognitoGoogleIdentityProvider2A82F430": { | |
"Type": "AWS::Cognito::UserPoolIdentityProvider", | |
"Properties": { | |
"ProviderName": "Google", | |
"ProviderType": "Google", | |
"UserPoolId": { | |
"Ref": "CognitoUserPool279BBD48" | |
}, | |
"AttributeMapping": { | |
"email": "email", | |
"given_name": "given_name", | |
"family_name": "family_name", | |
"picture": "picture" | |
}, | |
"ProviderDetails": { | |
"client_id": "276806659709-6lap8v4ekmsqqrdaosb3tmiq6j24fvgv.apps.googleusercontent.com", | |
"client_secret": { | |
"Fn::Select": [ | |
0, | |
{ | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretsCrossAccountSSMCC343B4F", | |
"values" | |
] | |
} | |
] | |
}, | |
"authorize_scopes": "email profile" | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/GoogleIdentityProvider/Resource" | |
} | |
}, | |
"CognitoAppleIdentityProvider473188A3": { | |
"Type": "AWS::Cognito::UserPoolIdentityProvider", | |
"Properties": { | |
"ProviderName": "SignInWithApple", | |
"ProviderType": "SignInWithApple", | |
"UserPoolId": { | |
"Ref": "CognitoUserPool279BBD48" | |
}, | |
"AttributeMapping": { | |
"email": "email", | |
"given_name": "firstName", | |
"family_name": "lastName" | |
}, | |
"ProviderDetails": { | |
"client_id": "TripPicsWebsiteDev", | |
"team_id": "HJ6Q44MPBD", | |
"key_id": "CWS2D262UY", | |
"private_key": { | |
"Fn::Select": [ | |
1, | |
{ | |
"Fn::GetAtt": [ | |
"CognitoOAuthSecretsCrossAccountSSMCC343B4F", | |
"values" | |
] | |
} | |
] | |
}, | |
"authorize_scopes": "email name" | |
} | |
}, | |
"DependsOn": [ | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/AppleIdentityProvider/Resource" | |
} | |
}, | |
"CognitoUserPoolClientEF2538C4": { | |
"Type": "AWS::Cognito::UserPoolClient", | |
"Properties": { | |
"UserPoolId": { | |
"Ref": "CognitoUserPool279BBD48" | |
}, | |
"AllowedOAuthFlows": [ | |
"implicit", | |
"code" | |
], | |
"AllowedOAuthFlowsUserPoolClient": true, | |
"AllowedOAuthScopes": [ | |
"profile", | |
"phone", | |
"email", | |
"openid", | |
"aws.cognito.signin.user.admin" | |
], | |
"CallbackURLs": [ | |
"https://martin.dev.trip.pictures", | |
"http://localhost:3000" | |
], | |
"SupportedIdentityProviders": [ | |
"SignInWithApple", | |
"Google" | |
] | |
}, | |
"DependsOn": [ | |
"CognitoAppleIdentityProvider473188A3", | |
"CognitoGoogleIdentityProvider2A82F430", | |
"WebDistributionAlias35CFAF43", | |
"WebDistributionCachePolicy1C1DF238", | |
"WebDistributionLoggingBucketAE98FCD1", | |
"WebDistributionOrigin1S3OriginF25D5094", | |
"WebDistributionE0AD6497", | |
"WebDistributionWebBucketAutoDeleteObjectsCustomResource26230F0B", | |
"WebDistributionWebBucketPolicy8B20CCA4", | |
"WebDistributionWebBucketFDD181A9" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Cognito/UserPoolClient/Resource" | |
} | |
}, | |
"AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole/Resource" | |
} | |
}, | |
"AWS679f53fac002430cb0da5b7982bd22872D164C4C": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "6dbd112fe448437b3438da4382c72fccbb7d2ee1543db222620d7447fffebc50.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", | |
"Arn" | |
] | |
}, | |
"Handler": "index.handler", | |
"Runtime": "nodejs14.x", | |
"Timeout": 120 | |
}, | |
"DependsOn": [ | |
"AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/AWS679f53fac002430cb0da5b7982bd2287/Resource", | |
"aws:asset:path": "asset.6dbd112fe448437b3438da4382c72fccbb7d2ee1543db222620d7447fffebc50", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"StaticSiteWebDeploymentAwsCliLayer01BB3209": { | |
"Type": "AWS::Lambda::LayerVersion", | |
"Properties": { | |
"Content": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip" | |
}, | |
"Description": "/opt/awscli/aws" | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/StaticSite/WebDeployment/AwsCliLayer/Resource", | |
"aws:asset:path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Content" | |
} | |
}, | |
"StaticSiteWebDeploymentCustomResource17C6B8BE": { | |
"Type": "Custom::CDKBucketDeployment", | |
"Properties": { | |
"ServiceToken": { | |
"Fn::GetAtt": [ | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536", | |
"Arn" | |
] | |
}, | |
"SourceBucketNames": [ | |
{ | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
{ | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
} | |
], | |
"SourceObjectKeys": [ | |
"e729034ba7eebe35633e0884f605d4da5e0eb7fe6411d0ef0d748d00abca127c.zip", | |
"d1dc0eb7e6df501ea0d9a6222b028c6f7d3fde6fa1c407365333ccc0635fcffd.zip" | |
], | |
"SourceMarkers": [ | |
{}, | |
{ | |
"<<marker:0xbaba:0>>": { | |
"Ref": "CognitoUserPoolClientEF2538C4" | |
} | |
} | |
], | |
"DestinationBucketName": { | |
"Ref": "WebDistributionWebBucketFDD181A9" | |
}, | |
"Prune": true, | |
"DistributionId": { | |
"Ref": "WebDistributionE0AD6497" | |
} | |
}, | |
"UpdateReplacePolicy": "Delete", | |
"DeletionPolicy": "Delete", | |
"Metadata": { | |
"aws:cdk:path": "TripPics/StaticSite/WebDeployment/CustomResource/Default" | |
} | |
}, | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": "sts:AssumeRole", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "lambda.amazonaws.com" | |
} | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"ManagedPolicyArns": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
] | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/Resource" | |
} | |
}, | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"s3:GetBucket*", | |
"s3:GetObject*", | |
"s3:List*" | |
], | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":s3:::", | |
{ | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"/*" | |
] | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:", | |
{ | |
"Ref": "AWS::Partition" | |
}, | |
":s3:::", | |
{ | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
} | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Action": [ | |
"s3:Abort*", | |
"s3:DeleteObject*", | |
"s3:GetBucket*", | |
"s3:GetObject*", | |
"s3:List*", | |
"s3:PutObject", | |
"s3:PutObjectLegalHold", | |
"s3:PutObjectRetention", | |
"s3:PutObjectTagging", | |
"s3:PutObjectVersionTagging" | |
], | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"Arn" | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Fn::GetAtt": [ | |
"WebDistributionWebBucketFDD181A9", | |
"Arn" | |
] | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Action": [ | |
"cloudfront:CreateInvalidation", | |
"cloudfront:GetInvalidation" | |
], | |
"Effect": "Allow", | |
"Resource": "*" | |
} | |
], | |
"Version": "2012-10-17" | |
}, | |
"PolicyName": "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF", | |
"Roles": [ | |
{ | |
"Ref": "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265" | |
} | |
] | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy/Resource" | |
} | |
}, | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536": { | |
"Type": "AWS::Lambda::Function", | |
"Properties": { | |
"Code": { | |
"S3Bucket": { | |
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" | |
}, | |
"S3Key": "f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da.zip" | |
}, | |
"Role": { | |
"Fn::GetAtt": [ | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", | |
"Arn" | |
] | |
}, | |
"Handler": "index.handler", | |
"Layers": [ | |
{ | |
"Ref": "StaticSiteWebDeploymentAwsCliLayer01BB3209" | |
} | |
], | |
"Runtime": "python3.7", | |
"Timeout": 900 | |
}, | |
"DependsOn": [ | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF", | |
"CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265" | |
], | |
"Metadata": { | |
"aws:cdk:path": "TripPics/Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/Resource", | |
"aws:asset:path": "asset.f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da", | |
"aws:asset:is-bundled": false, | |
"aws:asset:property": "Code" | |
} | |
}, | |
"CDKMetadata": { | |
"Type": "AWS::CDK::Metadata", | |
"Properties": { | |
"Analytics": "v2:deflate64:H4sIAAAAAAAA/3VT227bMAz9lr4rWtdge08ddCvQrUGy9WEvgSIxDhNZNESpRWD43yf5kngDAhjg5VDnUBb5IOcP8v5OffBMm9PM4k42m6D0SaTUtvEUA3yZy2YVdxb1d+IA5g85EMXeTSNPzAutKbqQE0uwUKqA5NagyZuuHJQNh+IAiXxxTffeBkIrUFVJiZLQOSODtybbyWXbCquqnVFbRwaOLH925ik6nbUEz7eNYobAcpGNMFBbOlfggnyM+gRheUm0qVo2ffZRMYjezUqD15trP9N4bEQ2CbjoX5zcPfgKmXO0QVdaCOSm+Is6g38DnytaocEH3KNWASrlVAleLh2/KYsmpUxxhYW2FM3eU7pTUyh9gGuH03CJHDzuYqf36rFElx4ImJ9Nuj2G/kDmespctyqmNK0wZ6cqMmlIfqld/yydky5ApcNAsvnN4FdENmMXf3SWVCl0U2jIjOEovfL0jgb8N6Ky17lVcfPooq7TyREtLCZ4StRn2lasgSl6nVQiB6quYR7Owe/GKS1G+kel0F3d1g8gp6Edm1l88L8s7X+sl8rE/kPVdeYbZtrmidimvdMWZSay2A1JLn2NoY5d+wU5g/1r5CWQR/70/vmrTN/93ZERZz7tIFYg1739CwurJnfiAwAA" | |
}, | |
"Metadata": { | |
"aws:cdk:path": "TripPics/CDKMetadata/Default" | |
}, | |
"Condition": "CDKMetadataAvailable" | |
} | |
}, | |
"Mappings": { | |
"AWSCloudFrontPartitionHostedZoneIdMap": { | |
"aws": { | |
"zoneId": "Z2FDTNDATAQYW2" | |
}, | |
"aws-cn": { | |
"zoneId": "Z3RFFRIM2A3IF5" | |
} | |
} | |
}, | |
"Outputs": { | |
"userPoolClientId": { | |
"Value": { | |
"Ref": "CognitoUserPoolClientEF2538C4" | |
} | |
}, | |
"authDomain": { | |
"Value": "auth.martin.dev.trip.pictures" | |
} | |
}, | |
"Conditions": { | |
"CDKMetadataAvailable": { | |
"Fn::Or": [ | |
{ | |
"Fn::Or": [ | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"af-south-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-east-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-northeast-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-northeast-2" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-south-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-southeast-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ap-southeast-2" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"ca-central-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"cn-north-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"cn-northwest-1" | |
] | |
} | |
] | |
}, | |
{ | |
"Fn::Or": [ | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-central-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-north-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-south-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-west-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-west-2" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"eu-west-3" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"me-south-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"sa-east-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"us-east-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"us-east-2" | |
] | |
} | |
] | |
}, | |
{ | |
"Fn::Or": [ | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"us-west-1" | |
] | |
}, | |
{ | |
"Fn::Equals": [ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"us-west-2" | |
] | |
} | |
] | |
} | |
] | |
} | |
}, | |
"Parameters": { | |
"BootstrapVersion": { | |
"Type": "AWS::SSM::Parameter::Value<String>", | |
"Default": "/cdk-bootstrap/hnb659fds/version", | |
"Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" | |
} | |
}, | |
"Rules": { | |
"CheckBootstrapVersion": { | |
"Assertions": [ | |
{ | |
"Assert": { | |
"Fn::Not": [ | |
{ | |
"Fn::Contains": [ | |
[ | |
"1", | |
"2", | |
"3", | |
"4", | |
"5" | |
], | |
{ | |
"Ref": "BootstrapVersion" | |
} | |
] | |
} | |
] | |
}, | |
"AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." | |
} | |
] | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment