From c2b1a8a0c1b827cfa751851e11412704f6ff13b3 Mon Sep 17 00:00:00 2001 From: John Reynolds Date: Fri, 14 Jun 2024 09:07:22 -0700 Subject: [PATCH] release/v1.7.1 --- source/mkdocs/mkdocs.yml | 8 +- source/package.json | 2 +- .../__snapshots__/accounts-stack.test.ts.snap | 12 +- .../applications-stack.test.ts.snap | 4 +- .../bootstrap-stack.test.ts.snap | 11 +- .../customizations-stack.test.ts.snap | 8 +- .../dependencies-stack.test.ts.snap | 2 +- .../__snapshots__/finalize-stack.test.ts.snap | 4 +- .../identity-center-stack.test.ts.snap | 7 +- .../test/__snapshots__/key-stack.test.ts.snap | 2 +- .../__snapshots__/logging-stack.test.ts.snap | 83 +- ...twork-associations-gwlb-stack.test.ts.snap | 25 +- .../network-associations-stack.test.ts.snap | 1923 +---------------- .../network-prep-stack.test.ts.snap | 12 +- .../network-vpc-dns-stack.test.ts.snap | 2 +- .../network-vpc-endpoints-stack.test.ts.snap | 10 +- .../network-vpc-stack.test.ts.snap | 367 +--- .../operations-stack.test.ts.snap | 2 +- .../organizations-stack.test.ts.snap | 24 +- .../__snapshots__/pipeline-stack.test.ts.snap | 38 +- .../__snapshots__/prepare-stack.test.ts.snap | 260 +-- ...urce-policy-enforcement-stack.test.ts.snap | 2 +- .../security-audit-stack.test.ts.snap | 15 +- .../security-resources-stack.test.ts.snap | 18 +- .../__snapshots__/security-stack.test.ts.snap | 56 +- .../test/__snapshots__/installer.test.ts.snap | 886 +------- 26 files changed, 190 insertions(+), 3593 deletions(-) diff --git a/source/mkdocs/mkdocs.yml b/source/mkdocs/mkdocs.yml index 8c7cc5759..31c1dad5e 100644 --- a/source/mkdocs/mkdocs.yml +++ b/source/mkdocs/mkdocs.yml @@ -84,13 +84,7 @@ nav: - v1.6.4: typedocs/v1.6.4/index.html - v1.7: - v1.7.0: typedocs/v1.7.0/index.html - - v1.7.1: typedocs/v1.7.1/index.html - - v1.8: - - v1.8.0: typedocs/v1.8.0/index.html - - v1.8.1: typedocs/v1.8.1/index.html - - v1.9: - - v1.9.0: typedocs/v1.9.0/index.html - - v1.9.1: typedocs/latest/index.html + - v1.7.1: typedocs/latest/index.html theme: name: material diff --git a/source/package.json b/source/package.json index b7e829f0e..b2c33a297 100644 --- a/source/package.json +++ b/source/package.json @@ -99,4 +99,4 @@ "typedoc": "0.23.25", "typescript": "4.9.5" } -} +} \ No newline at end of file diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/accounts-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/accounts-stack.test.ts.snap index 8bdc7eb3c..1e4a034b8 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/accounts-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/accounts-stack.test.ts.snap @@ -217,7 +217,7 @@ exports[`AccountsStack us-east-1 Construct(AccountsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1240,7 +1240,7 @@ exports[`AccountsStack us-east-1 Construct(AccountsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1510,7 +1510,7 @@ exports[`AccountsStack us-east-1 Construct(AccountsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1805,7 +1805,7 @@ exports[`AccountsStack us-east-1 Construct(AccountsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1927,7 +1927,7 @@ exports[`AccountsStack us-east-1 Construct(AccountsStack): Snapshot Test 1`] = "Properties": { "Name": "/accelerator/AWSAccelerator-AccountsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -1982,7 +1982,7 @@ exports[`AccountsStack us-west-2 Construct(AccountsStackUsWest2): Snapshot Test "Properties": { "Name": "/accelerator/AWSAccelerator-AccountsStack-111111111111-us-west-2/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/applications-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/applications-stack.test.ts.snap index 95858b805..90d3fb3de 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/applications-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/applications-stack.test.ts.snap @@ -125,7 +125,7 @@ exports[`ApplicationsStack Construct(ApplicationsStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -440,7 +440,7 @@ exports[`ApplicationsStack Construct(ApplicationsStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-CustomizationsStack-444444444444-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/bootstrap-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/bootstrap-stack.test.ts.snap index 3cdf84efd..3ebaef971 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/bootstrap-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/bootstrap-stack.test.ts.snap @@ -5,7 +5,7 @@ exports[`BootstrapStack Construct(BootstrapStack): Snapshot Test 1`] = ` "Outputs": { "BootstrapVersionOutput": { "Description": "The version of the bootstrap resources that are currently mastered in this stack", - "Value": "20", + "Value": "18", }, "BucketDomainNameOutput": { "Description": "The domain name of the S3 bucket owned by the CDK toolkit stack", @@ -256,7 +256,7 @@ exports[`BootstrapStack Construct(BootstrapStack): Snapshot Test 1`] = ` "Properties": { "Name": "/cdk-bootstrap/accel/version", "Type": "String", - "Value": "20", + "Value": "18", }, "Type": "AWS::SSM::Parameter", }, @@ -587,10 +587,7 @@ exports[`BootstrapStack Construct(BootstrapStack): Snapshot Test 1`] = ` "Sid": "CliStagingBucket", }, { - "Action": [ - "ssm:GetParameter", - "ssm:GetParameters", - ], + "Action": "ssm:GetParameter", "Effect": "Allow", "Resource": { "Fn::Join": [ @@ -948,7 +945,7 @@ exports[`BootstrapStack Construct(BootstrapStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-BootstrapStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/customizations-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/customizations-stack.test.ts.snap index 00c017d58..1c91b1568 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/customizations-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/customizations-stack.test.ts.snap @@ -166,7 +166,7 @@ exports[`CustomizationsStack Construct(CustomizationsStack): Snapshot Test 1`] "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -656,7 +656,7 @@ exports[`CustomizationsStack Construct(CustomizationsStack): Snapshot Test 1`] "Properties": { "Name": "/accelerator/AWSAccelerator-CustomizationsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -799,7 +799,7 @@ exports[`CustomizationsStack Construct(CustomizationsStack): Snapshot Test 2`] "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1114,7 +1114,7 @@ exports[`CustomizationsStack Construct(CustomizationsStack): Snapshot Test 2`] "Properties": { "Name": "/accelerator/AWSAccelerator-CustomizationsStack-444444444444-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/dependencies-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/dependencies-stack.test.ts.snap index 9d4585ee6..c232dea32 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/dependencies-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/dependencies-stack.test.ts.snap @@ -201,7 +201,7 @@ exports[`DependenciesStack Construct(DependenciesStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-DependenciesStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/finalize-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/finalize-stack.test.ts.snap index ebc68a17a..2d027e4ac 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/finalize-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/finalize-stack.test.ts.snap @@ -19,7 +19,7 @@ exports[`FinalizeStack Construct(FinalizeStack): Snapshot Test 1`] = ` "Resources": { "AcceleratorCommitIdParameterEF286FB9": { "Properties": { - "Description": "The hash of the latest aws-accelerator-config version of the LZA configuration files to deploy successfully. If you use S3 as a location for LZA config files, this will be an S3 version Id.", + "Description": "The commit hash of the latest aws-accelerator-config commit to deploy successfully", "Name": "/accelerator/configuration/configCommitId", "Type": "String", "Value": "e3cdaecaa6073ad9e4721344cd109eb6de351cfb", @@ -951,7 +951,7 @@ exports[`FinalizeStack Construct(FinalizeStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-FinalizeStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/identity-center-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/identity-center-stack.test.ts.snap index 80b5b5fa7..832852024 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/identity-center-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/identity-center-stack.test.ts.snap @@ -399,9 +399,6 @@ exports[`IdentityCenterStack Construct(IdentityCenterStack): Snapshot Test 1`] }, "IdentityCenterInstanceIdentityCenterGetInstanceIdIdentityCenterGetInstanceIdResourceE2BD9B5B": { "DeletionPolicy": "Delete", - "DependsOn": [ - "IdentityCenterInstanceIdentityCenterGetInstanceIdFunctionResourceLogGroup043D5A24", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -442,7 +439,7 @@ exports[`IdentityCenterStack Construct(IdentityCenterStack): Snapshot Test 1`] "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -695,7 +692,7 @@ exports[`IdentityCenterStack Construct(IdentityCenterStack): Snapshot Test 1`] "Properties": { "Name": "/accelerator/AWSAccelerator-IdentityCenterStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/key-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/key-stack.test.ts.snap index 7eeda2f9c..09d883a8c 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/key-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/key-stack.test.ts.snap @@ -402,7 +402,7 @@ exports[`KeyStack Construct(KeyStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-KeyStack-222222222222-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/logging-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/logging-stack.test.ts.snap index 5400943ea..98067824f 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/logging-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/logging-stack.test.ts.snap @@ -161,7 +161,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -379,9 +379,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` }, "AcceleratorCloudWatchDataProtectionCloudWatchDataProtectionResource62439E9B": { "DeletionPolicy": "Delete", - "DependsOn": [ - "AcceleratorCloudWatchDataProtectionFunctionResourceLogGroupBF7014C4", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -588,7 +585,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1762,7 +1759,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2867,9 +2864,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` }, "ImportedaccessLogsBucketPolicyBucketPolicyResource5390F048": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedaccessLogsBucketPolicyFunctionResourceLogGroup665D22B3", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -3067,7 +3061,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3167,9 +3161,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` }, "ImportedelbLogsBucketPolicyBucketPolicyResource2C3B688F": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedelbLogsBucketPolicyFunctionResourceLogGroupDF83CD38", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -3372,7 +3363,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -4031,7 +4022,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-LoggingStack-333333333333-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -4238,9 +4229,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` }, "ValidateImportedaccessLogsBucketValidateBucketValidateBucketResourceC9A0ADD2": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateImportedaccessLogsBucketValidateBucketFunctionResourceLogGroupDA884B01", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -4286,7 +4274,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -4524,9 +4512,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` }, "ValidateImportedelbLogsBucketValidateBucketValidateBucketResourceD5022336": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateImportedelbLogsBucketValidateBucketFunctionResourceLogGroup700806F5", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -4572,7 +4557,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -4823,7 +4808,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -5383,7 +5368,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -6367,9 +6352,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ImportedLogBucketPrefixS3CreateBucketPrefixS3CreateBucketPrefixResource2A2DF87D": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedLogBucketPrefixS3CreateBucketPrefixFunctionResourceLogGroupDC741551", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -6414,7 +6396,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -6514,9 +6496,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ImportedaccessLogsBucketPolicyBucketPolicyResource5390F048": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedaccessLogsBucketPolicyFunctionResourceLogGroup665D22B3", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -6702,7 +6681,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -6802,9 +6781,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ImportedcentralLogsBucketEncryptionBucketEncryptionResource27DEBA46": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedcentralLogsBucketEncryptionFunctionResourceLogGroupE1CF6C47", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -6977,7 +6953,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -7273,9 +7249,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ImportedcentralLogsBucketPolicyBucketPolicyResourceB8A42F0A": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedcentralLogsBucketPolicyFunctionResourceLogGroup2E16ACD3", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -7487,7 +7460,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -7587,9 +7560,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ImportedelbLogsBucketPolicyBucketPolicyResource2C3B688F": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ImportedelbLogsBucketPolicyFunctionResourceLogGroupDF83CD38", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -7780,7 +7750,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -8434,7 +8404,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-LoggingStack-333333333333-us-west-2/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -8629,9 +8599,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ValidateImportedaccessLogsBucketValidateBucketValidateBucketResourceC9A0ADD2": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateImportedaccessLogsBucketValidateBucketFunctionResourceLogGroupDA884B01", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -8677,7 +8644,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -8903,9 +8870,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ValidateImportedcentralLogsBucketValidateBucketValidateBucketResource409E29BE": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateImportedcentralLogsBucketValidateBucketFunctionResourceLogGroupC510852F", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -8951,7 +8915,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -9177,9 +9141,6 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` }, "ValidateImportedelbLogsBucketValidateBucketValidateBucketResourceD5022336": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateImportedelbLogsBucketValidateBucketFunctionResourceLogGroup700806F5", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -9225,7 +9186,7 @@ exports[`LoggingStack Construct(LoggingStack): Snapshot Test 2`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -9488,7 +9449,7 @@ exports[`LoggingStackOuTargets Construct(LoggingStackOuTargets): Snapshot Test "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -10813,7 +10774,7 @@ exports[`LoggingStackOuTargets Construct(LoggingStackOuTargets): Snapshot Test "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -12938,7 +12899,7 @@ exports[`LoggingStackOuTargets Construct(LoggingStackOuTargets): Snapshot Test "Properties": { "Name": "/accelerator/AWSAccelerator-LoggingStack-333333333333-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-gwlb-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-gwlb-stack.test.ts.snap index 3a299da8f..447715ed5 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-gwlb-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-gwlb-stack.test.ts.snap @@ -107,10 +107,6 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Gateway/id", "Type": "AWS::SSM::Parameter::Value", }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionLocalRtAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Local-Rt-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionTgwAidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Tgw-A/id", "Type": "AWS::SSM::Parameter::Value", @@ -131,10 +127,6 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-B/id", "Type": "AWS::SSM::Parameter::Value", }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionsubnetNetworkInspectionLocalAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-Local-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, "SsmParameterValueacceleratornetworkvpcNetworkInspectionsubnetNetworkInspectionTgwAttachAidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-InspectionTgwAttach-A/id", "Type": "AWS::SSM::Parameter::Value", @@ -404,7 +396,7 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1147,9 +1139,6 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): }, "NetworkInspectionacceleratorFirewallConfigReplacementsResourceResourceD705B19B": { "DeletionPolicy": "Delete", - "DependsOn": [ - "NetworkInspectionacceleratorFirewallConfigReplacementsFunctionResourceLogGroup8D00AAAF", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -1236,7 +1225,7 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1760,9 +1749,6 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): }, "NetworkInspectiontestAsgConfigReplacementsResourceResourceB393099D": { "DeletionPolicy": "Delete", - "DependsOn": [ - "NetworkInspectiontestAsgConfigReplacementsFunctionResourceLogGroup72BE7636", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -1810,7 +1796,7 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1934,7 +1920,6 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): ], }, }, - "MaxInstanceLifetime": 86400, "MaxSize": "4", "MinSize": "1", "Tags": [ @@ -2109,7 +2094,7 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2861,7 +2846,7 @@ exports[`NetworkAssociationsGwlbStack Construct(NetworkAssociationsGwlbStack): "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkAssociationsGwlbStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-stack.test.ts.snap index e4a8c0901..81f3027f0 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-associations-stack.test.ts.snap @@ -199,10 +199,6 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Gateway/id", "Type": "AWS::SSM::Parameter::Value", }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionLocalRtAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Local-Rt-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionTgwAidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Tgw-A/id", "Type": "AWS::SSM::Parameter::Value", @@ -550,7 +546,7 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2281,27 +2277,6 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot }, "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", }, - "NetworkInspectionTransitGatewayConnectAttachmentNetworkInspectionTransitGatewayConnectAD31631B": { - "Properties": { - "Options": { - "Protocol": "gre", - }, - "Tags": [ - { - "Key": "Environment", - "Value": "CentralInspection", - }, - { - "Key": "Name", - "Value": "Network-Inspection", - }, - ], - "TransportTransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayConnect", - }, "NetworkInspectiondeployedtg2898BDF56": { "Properties": { "HealthCheckEnabled": true, @@ -2996,7 +2971,7 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkAssociationsStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -3263,9 +3238,6 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot }, "appAnlbtg2ipLookupB24081DE": { "DeletionPolicy": "Delete", - "DependsOn": [ - "appAnlbtg2ipLookupappAnlbtg2ipLookupProviderLambdaLogGroup713C77F0", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -3442,7 +3414,7 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3543,1892 +3515,3 @@ exports[`NetworkAssociationsStack Construct(NetworkAssociationsStack): Snapshot }, } `; - -exports[`NoVpcFlowLogStack Construct(NetworkAssociationsStack): Snapshot Test 1`] = ` -{ - "Parameters": { - "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/kms/cloudwatch/key-arn", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratorkmslambdakeyarnC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/kms/lambda/key-arn", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkdirectConnectGatewaysNetworkDXGWidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/directConnectGateways/Network-DXGW/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkprefixListacceleratorprefixlistidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/prefixList/accelerator-prefix-list/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkroute53ResolverfirewallruleGroupsacceleratorblockgroupidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/route53Resolver/firewall/ruleGroups/accelerator-block-group/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkroute53ResolverqueryLogConfigsacceleratorquerylogscwlidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/route53Resolver/queryLogConfigs/accelerator-query-logs-cwl/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkroute53ResolverqueryLogConfigsacceleratorquerylogss3idC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/route53Resolver/queryLogConfigs/accelerator-query-logs-s3/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkroute53ResolverrulesexampleruleidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/route53Resolver/rules/example-rule/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/transitGateways/Network-Main/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/transitGateways/Network-Main/routeTables/Network-Main-Core/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSegregatedidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/transitGateways/Network-Main/routeTables/Network-Main-Segregated/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/transitGateways/Network-Main/routeTables/Network-Main-Shared/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainStandaloneidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/transitGateways/Network-Main/routeTables/Network-Main-Standalone/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsalbappAalb01idC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/alb/appA-alb-01/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsnetworkAclTestNACLidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/networkAcl/TestNACL/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsnlbappAnlb01idC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/nlb/appA-nlb-01/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZoneec2idC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/ec2/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZoneec2messagesidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/ec2messages/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonekmsidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/kms/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonelogsidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/logs/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonessmidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/ssm/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonessmmessagesidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/route53/hostedZone/ssmmessages/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/routeTable/Network-Endpoints-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsBidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/routeTable/Network-Endpoints-B/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsTgwAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/routeTable/Network-Endpoints-Tgw-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsTgwBidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/routeTable/Network-Endpoints-Tgw-B/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Endpoints/transitGatewayAttachment/Network-Endpoints/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionBidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-B/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionGatewayidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Gateway/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionTgwAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Tgw-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionTgwBidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Tgw-B/id", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectiontransitGatewayAttachmentNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/transitGatewayAttachment/Network-Inspection/id", - "Type": "AWS::SSM::Parameter::Value", - }, - }, - "Resources": { - "AcceleratorVpnNetworkMainCoreAssociationEF397C51": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "AcceleratorVpnVpnTransitGatewayAttachmentFBF8EE77", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTableAssociation", - }, - "AcceleratorVpnNetworkMainCorePropagation585EB5AE": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "AcceleratorVpnVpnTransitGatewayAttachmentFBF8EE77", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "AcceleratorVpnVpnTransitGatewayAttachmentFBF8EE77": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderLogGroup41699CF3", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderHandler7E079354", - "Arn", - ], - }, - "name": "accelerator-vpn", - "region": "us-east-1", - "transitGatewayId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "type": "vpn", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::GetTransitGatewayAttachment", - "UpdateReplacePolicy": "Delete", - }, - "AssociateHostedZonesF0E2F0DA": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomRoute53AssociateHostedZonesCustomResourceProviderLogGroupDEA7760D", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomRoute53AssociateHostedZonesCustomResourceProviderHandler1296DB71", - "Arn", - ], - }, - "accountIds": [ - "555555555555", - "444444444444", - ], - "hostedZoneAccountId": "555555555555", - "hostedZoneIds": [ - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZoneec2idC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZoneec2messagesidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonessmidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonessmmessagesidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonekmsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsroute53hostedZonelogsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - ], - "partition": { - "Ref": "AWS::Partition", - }, - "region": "us-east-1", - "roleName": "AWSAccelerator-EnableCentralEndpointsRole-us-east-1", - "tagFilters": [ - { - "key": "accelerator:use-central-endpoints", - "value": "true", - }, - { - "key": "accelerator:central-endpoints-account-id", - "value": "555555555555", - }, - ], - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::Route53AssociateHostedZones", - "UpdateReplacePolicy": "Delete", - }, - "CrossAccountRouteFrameworkCrossAccountRouteFunctionAFDC4801": { - "DependsOn": [ - "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRoleDefaultPolicy2CB6E8A9", - "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRole0BC7B615", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Description": "Cross account EC2 route OnEvent handler", - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRole0BC7B615", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 15, - }, - "Type": "AWS::Lambda::Function", - }, - "CrossAccountRouteFrameworkCrossAccountRouteFunctionLogGroupCFE2C9BD": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CrossAccountRouteFrameworkCrossAccountRouteFunctionAFDC4801", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRole0BC7B615": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Custom resource provider requires managed policy", - }, - ], - }, - }, - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRoleDefaultPolicy2CB6E8A9": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM5", - "reason": "Custom resource provider requires access to assume cross-account role", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::*:role/AWSAccelerator*", - ], - ], - }, - "Sid": "StsAssumeRole", - }, - { - "Action": [ - "ec2:CreateRoute", - "ec2:DeleteRoute", - ], - "Effect": "Allow", - "Resource": "*", - "Sid": "EC2RouteCreateDelete", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRoleDefaultPolicy2CB6E8A9", - "Roles": [ - { - "Ref": "CrossAccountRouteFrameworkCrossAccountRouteFunctionServiceRole0BC7B615", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventE7CF8ACC": { - "DependsOn": [ - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleDefaultPolicyDBD57C1E", - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleED507AC0", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Description": "AWS CDK resource provider framework - onEvent (AWSAccelerator-NetworkAssociationsStack-555555555555-us-east-1/CrossAccountRouteFramework/CrossAccountRouteProvider)", - "Environment": { - "Variables": { - "USER_ON_EVENT_FUNCTION_ARN": { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteFunctionAFDC4801", - "Arn", - ], - }, - }, - }, - "Handler": "framework.onEvent", - "Role": { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleED507AC0", - "Arn", - ], - }, - "Runtime": "nodejs20.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleDefaultPolicyDBD57C1E": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM5", - "reason": "Custom resource provider requires access to assume cross-account role", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteFunctionAFDC4801", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteFunctionAFDC4801", - "Arn", - ], - }, - ":*", - ], - ], - }, - ], - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleDefaultPolicyDBD57C1E", - "Roles": [ - { - "Ref": "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleED507AC0", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventServiceRoleED507AC0": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Custom resource provider requires managed policy", - }, - ], - }, - }, - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CrossAccountVpcPeering9E0C69A2": { - "Properties": { - "PeerOwnerId": "444444444444", - "PeerRegion": "us-east-1", - "PeerRoleArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - ], - ], - }, - "PeerVpcId": { - "Ref": "SsmParamLookupCrossAccountC2B66C85", - }, - "Tags": [ - { - "Key": "Name", - "Value": "CrossAccount", - }, - ], - "VpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::VPCPeeringConnection", - }, - "CrossAccountVpcPeeringNetworkEndpointsVpcNetworkEndpointsARouteTableVpcPeer338649DC": { - "Properties": { - "DestinationCidrBlock": "10.4.0.0/16", - "RouteTableId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsAidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "VpcPeeringConnectionId": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - "Type": "AWS::EC2::Route", - }, - "CrossAccountVpcPeeringNetworkEndpointsVpcNetworkEndpointsBRouteTableVpcPeer7B5320E6": { - "Properties": { - "DestinationCidrBlock": "10.4.0.0/16", - "RouteTableId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsrouteTableNetworkEndpointsBidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "VpcPeeringConnectionId": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - "Type": "AWS::EC2::Route", - }, - "CrossAccountVpcPeeringSharedServicesMainVpcSharedServicesAppARouteTableVpcPeer94525782": { - "DeletionPolicy": "Delete", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventE7CF8ACC", - "Arn", - ], - }, - "region": "us-east-1", - "roleArn": "arn:aws:iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - "routeDefinition": { - "DestinationCidrBlock": "10.0.0.0/24", - "RouteTableId": { - "Ref": "SsmParamLookupSharedServicesMain444444444444SharedServicesAppA08A11B17", - }, - "VpcPeeringConnectionId": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - }, - "Type": "Custom::CrossAccountRoute", - "UpdateReplacePolicy": "Delete", - }, - "CrossAccountVpcPeeringSharedServicesMainVpcSharedServicesAppBRouteTableVpcPeer02D33BA6": { - "DeletionPolicy": "Delete", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CrossAccountRouteFrameworkCrossAccountRouteProviderframeworkonEventE7CF8ACC", - "Arn", - ], - }, - "region": "us-east-1", - "roleArn": "arn:aws:iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - "routeDefinition": { - "DestinationCidrBlock": "10.0.0.0/24", - "RouteTableId": { - "Ref": "SsmParamLookupSharedServicesMain444444444444SharedServicesAppB580D7687", - }, - "VpcPeeringConnectionId": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - }, - "Type": "Custom::CrossAccountRoute", - "UpdateReplacePolicy": "Delete", - }, - "CrossAcctSsmParamCrossAccountVpcPeeringEB560383": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomSsmPutParameterValueCustomResourceProviderLogGroupB0109C68", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomSsmPutParameterValueCustomResourceProviderHandler2A0BDE7F", - "Arn", - ], - }, - "invokingAccountId": "555555555555", - "parameterAccountIds": [ - "444444444444", - ], - "parameters": [ - { - "name": "/accelerator/network/vpcPeering/CrossAccount/id", - "value": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - ], - "region": "us-east-1", - "roleName": "AWSAccelerator-CrossAccountSsmParameterShare", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::SsmPutParameterValue", - "UpdateReplacePolicy": "Delete", - }, - "CustomDirectConnectGatewayAssociationCustomResourceProviderHandler3BC99D92": { - "DependsOn": [ - "CustomDirectConnectGatewayAssociationCustomResourceProviderRole7D012188", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomDirectConnectGatewayAssociationCustomResourceProviderRole7D012188", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomDirectConnectGatewayAssociationCustomResourceProviderLogGroup966224A3": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomDirectConnectGatewayAssociationCustomResourceProviderHandler3BC99D92", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomDirectConnectGatewayAssociationCustomResourceProviderRole7D012188": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "directconnect:CreateDirectConnectGatewayAssociation", - "directconnect:DeleteDirectConnectGatewayAssociation", - "directconnect:DescribeDirectConnectGatewayAssociations", - "directconnect:UpdateDirectConnectGatewayAssociation", - "ec2:DescribeTransitGatewayAttachments", - ], - "Effect": "Allow", - "Resource": "*", - "Sid": "DirectConnectGatewayCRUD", - }, - { - "Action": [ - "lambda:InvokeFunction", - ], - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":lambda:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":function:AWSAccelerator-NetworkAss-CustomDirectConnect*", - ], - ], - }, - "Sid": "InvokeSelf", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CustomGetTransitGatewayAttachmentCustomResourceProviderHandler7E079354": { - "DependsOn": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderRoleA6A22C3D", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderRoleA6A22C3D", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomGetTransitGatewayAttachmentCustomResourceProviderLogGroup41699CF3": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomGetTransitGatewayAttachmentCustomResourceProviderHandler7E079354", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomGetTransitGatewayAttachmentCustomResourceProviderRoleA6A22C3D": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "sts:AssumeRole", - ], - "Effect": "Allow", - "Resource": "*", - }, - { - "Action": [ - "ec2:DescribeTransitGatewayAttachments", - "ec2:DescribeVpnConnections", - ], - "Effect": "Allow", - "Resource": "*", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CustomRoute53AssociateHostedZonesCustomResourceProviderHandler1296DB71": { - "DependsOn": [ - "CustomRoute53AssociateHostedZonesCustomResourceProviderRole17C82AD6", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 512, - "Role": { - "Fn::GetAtt": [ - "CustomRoute53AssociateHostedZonesCustomResourceProviderRole17C82AD6", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomRoute53AssociateHostedZonesCustomResourceProviderLogGroupDEA7760D": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomRoute53AssociateHostedZonesCustomResourceProviderHandler1296DB71", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomRoute53AssociateHostedZonesCustomResourceProviderRole17C82AD6": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ec2:DescribeVpcs", - "route53:AssociateVPCWithHostedZone", - "route53:CreateVPCAssociationAuthorization", - "route53:DeleteVPCAssociationAuthorization", - "route53:GetHostedZone", - "sts:AssumeRole", - ], - "Effect": "Allow", - "Resource": "*", - "Sid": "Route53AssociateHostedZonesActions", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CustomSsmGetParameterValueCustomResourceProviderHandlerAAD0E7EE": { - "DependsOn": [ - "CustomSsmGetParameterValueCustomResourceProviderRoleB3AFDDB2", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomSsmGetParameterValueCustomResourceProviderRoleB3AFDDB2", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomSsmGetParameterValueCustomResourceProviderLogGroup780D220D": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomSsmGetParameterValueCustomResourceProviderHandlerAAD0E7EE", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomSsmGetParameterValueCustomResourceProviderRoleB3AFDDB2": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ssm:GetParameters", - "ssm:GetParameter", - "ssm:DescribeParameters", - ], - "Effect": "Allow", - "Resource": [ - "*", - ], - "Sid": "SsmGetParameterActions", - }, - { - "Action": [ - "sts:AssumeRole", - ], - "Effect": "Allow", - "Resource": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::*:role/AWSAccelerator*", - ], - ], - }, - ], - "Sid": "StsAssumeRoleActions", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CustomSsmPutParameterValueCustomResourceProviderHandler2A0BDE7F": { - "DependsOn": [ - "CustomSsmPutParameterValueCustomResourceProviderRole9E1F101A", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Description": "Custom resource provider to put cross-account ssm parameter value", - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomSsmPutParameterValueCustomResourceProviderRole9E1F101A", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomSsmPutParameterValueCustomResourceProviderLogGroupB0109C68": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomSsmPutParameterValueCustomResourceProviderHandler2A0BDE7F", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomSsmPutParameterValueCustomResourceProviderRole9E1F101A": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ssm:DeleteParameter", - "ssm:PutParameter", - ], - "Effect": "Allow", - "Resource": [ - "*", - ], - "Sid": "SsmPutParameterActions", - }, - { - "Action": [ - "sts:AssumeRole", - ], - "Effect": "Allow", - "Resource": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::*:role/AWSAccelerator*", - ], - ], - }, - ], - "Sid": "StsAssumeRoleActions", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderHandler9BAD63E3": { - "DependsOn": [ - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderRoleC5D4C080", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-555555555555-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderRoleC5D4C080", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderLogGroupBC9F3669": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomTransitGatewayPrefixListReferenceCustomResourceProviderHandler9BAD63E3", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderRoleC5D4C080": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ec2:CreateTransitGatewayPrefixListReference", - "ec2:ModifyTransitGatewayPrefixListReference", - "ec2:DeleteTransitGatewayPrefixListReference", - ], - "Effect": "Allow", - "Resource": "*", - "Sid": "AllowModifyTgwReferences", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "ListenerNetworkEndpointsappAAlb01appAListener2": { - "Properties": { - "Certificates": [ - {}, - ], - "DefaultActions": [ - { - "ForwardConfig": { - "TargetGroups": [ - { - "TargetGroupArn": { - "Ref": "NetworkEndpointsappAalbtg176E11B7D", - }, - }, - ], - }, - "TargetGroupArn": { - "Ref": "NetworkEndpointsappAalbtg176E11B7D", - }, - "Type": "forward", - }, - ], - "LoadBalancerArn": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsalbappAalb01idC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "Port": 80, - "Protocol": "HTTP", - }, - "Type": "AWS::ElasticLoadBalancingV2::Listener", - }, - "ListenerNetworkEndpointsappANlb01appAListener1": { - "Properties": { - "AlpnPolicy": [], - "Certificates": [ - {}, - ], - "DefaultActions": [ - { - "ForwardConfig": { - "TargetGroups": [ - { - "TargetGroupArn": { - "Ref": "NetworkEndpointsappAnlbtg19C910FB9", - }, - }, - ], - }, - "TargetGroupArn": { - "Ref": "NetworkEndpointsappAnlbtg19C910FB9", - }, - "Type": "forward", - }, - ], - "LoadBalancerArn": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsnlbappAnlb01idC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "Port": 80, - "Protocol": "TCP", - }, - "Type": "AWS::ElasticLoadBalancingV2::Listener", - }, - "NetworkDxgwNetworkMainCoreAssociation1B0096A1": { - "Properties": { - "TransitGatewayAttachmentId": { - "Fn::GetAtt": [ - "NetworkDxgwNetworkMainDxGatewayAssociationF3E8BC9A", - "TransitGatewayAttachmentId", - ], - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTableAssociation", - }, - "NetworkDxgwNetworkMainCorePropagation959338BE": { - "Properties": { - "TransitGatewayAttachmentId": { - "Fn::GetAtt": [ - "NetworkDxgwNetworkMainDxGatewayAssociationF3E8BC9A", - "TransitGatewayAttachmentId", - ], - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkDxgwNetworkMainDxGatewayAssociationF3E8BC9A": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomDirectConnectGatewayAssociationCustomResourceProviderLogGroup966224A3", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomDirectConnectGatewayAssociationCustomResourceProviderHandler3BC99D92", - "Arn", - ], - }, - "allowedPrefixes": [ - "10.0.0.0/8", - "192.168.0.0/16", - ], - "directConnectGatewayId": { - "Ref": "SsmParameterValueacceleratornetworkdirectConnectGatewaysNetworkDXGWidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "gatewayId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "Custom::DirectConnectGatewayAssociation", - "UpdateReplacePolicy": "Delete", - }, - "NetworkEndpointsNetworkMainCorePropagationB71504FB": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkEndpointsNetworkMainSegregatedPropagation126AD34C": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSegregatedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkEndpointsNetworkMainSharedAssociation32A1E778": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTableAssociation", - }, - "NetworkEndpointsNetworkMainSharedPropagationB52F1A2C": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkEndpointsToInspectionVpcPeeringE81AF602": { - "Properties": { - "PeerOwnerId": "555555555555", - "PeerRegion": "us-east-1", - "PeerVpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "Tags": [ - { - "Key": "Name", - "Value": "NetworkEndpointsToInspection", - }, - ], - "VpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::VPCPeeringConnection", - }, - "NetworkEndpointsacceleratorBlockGroupRuleGroupAssociation1AF8FC15": { - "Properties": { - "FirewallRuleGroupId": { - "Ref": "SsmParameterValueacceleratornetworkroute53ResolverfirewallruleGroupsacceleratorblockgroupidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "Priority": 101, - "VpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::Route53Resolver::FirewallRuleGroupAssociation", - }, - "NetworkEndpointsacceleratorQueryLogsCwlQueryLogAssociationEA44BB29": { - "Properties": { - "ResolverQueryLogConfigId": { - "Ref": "SsmParameterValueacceleratornetworkroute53ResolverqueryLogConfigsacceleratorquerylogscwlidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "ResourceId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation", - }, - "NetworkEndpointsacceleratorQueryLogsS3QueryLogAssociationC248D059": { - "Properties": { - "ResolverQueryLogConfigId": { - "Ref": "SsmParameterValueacceleratornetworkroute53ResolverqueryLogConfigsacceleratorquerylogss3idC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "ResourceId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation", - }, - "NetworkEndpointsappAalbtg176E11B7D": { - "Properties": { - "HealthCheckEnabled": true, - "HealthCheckPort": "80", - "HealthCheckProtocol": "HTTP", - "Matcher": {}, - "Name": "appA-alb-tg-1", - "Port": 80, - "Protocol": "HTTP", - "Tags": [ - { - "Key": "Name", - "Value": "appA-alb-tg-1", - }, - ], - "TargetType": "instance", - "VpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", - }, - "NetworkEndpointsappAnlbtg19C910FB9": { - "Properties": { - "HealthCheckEnabled": true, - "HealthCheckPort": "80", - "HealthCheckProtocol": "TCP", - "Matcher": {}, - "Name": "appA-nlb-tg-1", - "Port": 80, - "Protocol": "TCP", - "Tags": [ - { - "Key": "Name", - "Value": "appA-nlb-tg-1", - }, - ], - "TargetType": "instance", - "VpcId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", - }, - "NetworkEndpointsexampleRuleRuleAssociationB302A795": { - "Properties": { - "ResolverRuleId": { - "Ref": "SsmParameterValueacceleratornetworkroute53ResolverrulesexampleruleidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "VPCId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::Route53Resolver::ResolverRuleAssociation", - }, - "NetworkInspectionNetworkMainCorePropagation37D40A21": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkInspectiontransitGatewayAttachmentNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkInspectionNetworkMainSegregatedPropagationA07EB35C": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkInspectiontransitGatewayAttachmentNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSegregatedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkInspectionNetworkMainSharedAssociationC5D467EA": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkInspectiontransitGatewayAttachmentNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTableAssociation", - }, - "NetworkInspectionNetworkMainSharedPropagation9C8183A3": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkInspectiontransitGatewayAttachmentNetworkInspectionidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "NetworkMainCore101000016NetworkEndpointsNetworkStaticRouteEC325B8C": { - "Properties": { - "DestinationCidrBlock": "10.100.0.0/16", - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRoute", - }, - "NetworkMainCore102000016NetworkDXGWStaticRoute7BFECA73": { - "Properties": { - "DestinationCidrBlock": "10.200.0.0/16", - "TransitGatewayAttachmentId": { - "Fn::GetAtt": [ - "NetworkDxgwNetworkMainDxGatewayAssociationF3E8BC9A", - "TransitGatewayAttachmentId", - ], - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRoute", - }, - "NetworkMainCore103000016acceleratorvpnStaticRoute674FF3C8": { - "Properties": { - "DestinationCidrBlock": "10.300.0.0/16", - "TransitGatewayAttachmentId": { - "Ref": "AcceleratorVpnVpnTransitGatewayAttachmentFBF8EE77", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRoute", - }, - "NetworkMainCore111132blackholeStaticRouteEF8CDB96": { - "Properties": { - "Blackhole": true, - "DestinationCidrBlock": "1.1.1.1/32", - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRoute", - }, - "NetworkMainCoreacceleratorPrefixListNetworkEndpointsNetwork3EFFBC42": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderLogGroupBC9F3669", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomTransitGatewayPrefixListReferenceCustomResourceProviderHandler9BAD63E3", - "Arn", - ], - }, - "prefixListReference": { - "PrefixListId": { - "Ref": "SsmParameterValueacceleratornetworkprefixListacceleratorprefixlistidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayAttachmentId": { - "Ref": "SsmParameterValueacceleratornetworkvpcNetworkEndpointstransitGatewayAttachmentNetworkEndpointsidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - }, - "Type": "Custom::TransitGatewayPrefixListReference", - "UpdateReplacePolicy": "Delete", - }, - "NetworkMainShared102000016NetworkMainAndSharedServicesMainPeeringStaticRoute6433AEC2": { - "Properties": { - "DestinationCidrBlock": "10.200.0.0/16", - "TransitGatewayAttachmentId": { - "Ref": "NetworkNetworkMainAndSharedServicesMainPeeringTransitGatewayPeeringAttachment6A5D4528", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRoute", - }, - "NetworkNetworkMainAndSharedServicesMainPeeringTransitGatewayPeeringAttachment6A5D4528": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderLogGroup41699CF3", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderHandler7E079354", - "Arn", - ], - }, - "name": "Network-Main-And-SharedServices-Main-Peering", - "region": "us-east-1", - "transitGatewayId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "type": "peering", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::GetTransitGatewayAttachment", - "UpdateReplacePolicy": "Delete", - }, - "SharedServicesMainNetworkMainCorePropagationB8A9444B": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SharedServicesMainSharedServicesVpcTransitGatewayAttachmentE1E0A8A8", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainCoreidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "SharedServicesMainNetworkMainSegregatedPropagation1734E165": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SharedServicesMainSharedServicesVpcTransitGatewayAttachmentE1E0A8A8", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSegregatedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "SharedServicesMainNetworkMainSharedAssociationFE2C7420": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SharedServicesMainSharedServicesVpcTransitGatewayAttachmentE1E0A8A8", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTableAssociation", - }, - "SharedServicesMainNetworkMainSharedPropagationA83F55E7": { - "Properties": { - "TransitGatewayAttachmentId": { - "Ref": "SharedServicesMainSharedServicesVpcTransitGatewayAttachmentE1E0A8A8", - }, - "TransitGatewayRouteTableId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainrouteTablesNetworkMainSharedidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - }, - "Type": "AWS::EC2::TransitGatewayRouteTablePropagation", - }, - "SharedServicesMainSharedServicesVpcTransitGatewayAttachmentE1E0A8A8": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderLogGroup41699CF3", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomGetTransitGatewayAttachmentCustomResourceProviderHandler7E079354", - "Arn", - ], - }, - "name": "SharedServices-Main", - "region": "us-east-1", - "roleArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::444444444444:role/AWSAccelerator-DescribeTgwAttachRole-us-east-1", - ], - ], - }, - "transitGatewayId": { - "Ref": "SsmParameterValueacceleratornetworktransitGatewaysNetworkMainidC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "type": "vpc", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::GetTransitGatewayAttachment", - "UpdateReplacePolicy": "Delete", - }, - "SsmParamAcceleratorVersionFF83282D": { - "Properties": { - "Name": "/accelerator/AWSAccelerator-NetworkAssociationsStack-555555555555-us-east-1/version", - "Type": "String", - "Value": "1.9.1", - }, - "Type": "AWS::SSM::Parameter", - }, - "SsmParamCrossAccountVpcPeering03403783": { - "Properties": { - "Name": "/accelerator/network/vpcPeering/CrossAccount/id", - "Type": "String", - "Value": { - "Ref": "CrossAccountVpcPeering9E0C69A2", - }, - }, - "Type": "AWS::SSM::Parameter", - }, - "SsmParamLookupCrossAccountC2B66C85": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomSsmGetParameterValueCustomResourceProviderLogGroup780D220D", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomSsmGetParameterValueCustomResourceProviderHandlerAAD0E7EE", - "Arn", - ], - }, - "assumeRoleArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - ], - ], - }, - "invokingAccountID": "555555555555", - "invokingRegion": "us-east-1", - "parameterAccountID": "444444444444", - "parameterName": "/accelerator/network/vpc/SharedServices-Main/id", - "parameterRegion": "us-east-1", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::SsmGetParameterValue", - "UpdateReplacePolicy": "Delete", - }, - "SsmParamLookupSharedServicesMain444444444444SharedServicesAppA08A11B17": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomSsmGetParameterValueCustomResourceProviderLogGroup780D220D", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomSsmGetParameterValueCustomResourceProviderHandlerAAD0E7EE", - "Arn", - ], - }, - "assumeRoleArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - ], - ], - }, - "invokingAccountID": "555555555555", - "invokingRegion": "us-east-1", - "parameterAccountID": "444444444444", - "parameterName": "/accelerator/network/vpc/SharedServices-Main/routeTable/SharedServices-App-A/id", - "parameterRegion": "us-east-1", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::SsmGetParameterValue", - "UpdateReplacePolicy": "Delete", - }, - "SsmParamLookupSharedServicesMain444444444444SharedServicesAppB580D7687": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CustomSsmGetParameterValueCustomResourceProviderLogGroup780D220D", - ], - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomSsmGetParameterValueCustomResourceProviderHandlerAAD0E7EE", - "Arn", - ], - }, - "assumeRoleArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::444444444444:role/AWSAccelerator-VpcPeeringRole-us-east-1", - ], - ], - }, - "invokingAccountID": "555555555555", - "invokingRegion": "us-east-1", - "parameterAccountID": "444444444444", - "parameterName": "/accelerator/network/vpc/SharedServices-Main/routeTable/SharedServices-App-B/id", - "parameterRegion": "us-east-1", - "uuid": "REPLACED-UUID", - }, - "Type": "Custom::SsmGetParameterValue", - "UpdateReplacePolicy": "Delete", - }, - "SsmParamNetworkEndpointsToInspectionVpcPeering66A4E12A": { - "Properties": { - "Name": "/accelerator/network/vpcPeering/NetworkEndpointsToInspection/id", - "Type": "String", - "Value": { - "Ref": "NetworkEndpointsToInspectionVpcPeeringE81AF602", - }, - }, - "Type": "AWS::SSM::Parameter", - }, - "SsmParamStackId521A78D3": { - "Properties": { - "Name": "/accelerator/AWSAccelerator-NetworkAssociationsStack-555555555555-us-east-1/stack-id", - "Type": "String", - "Value": { - "Ref": "AWS::StackId", - }, - }, - "Type": "AWS::SSM::Parameter", - }, - }, -} -`; diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-prep-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-prep-stack.test.ts.snap index 235b4e95a..d6c95bcaf 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-prep-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-prep-stack.test.ts.snap @@ -1568,7 +1568,7 @@ drop http $HOME_NET any -> $EXTERNAL_NET any (http.host; content:"example.com"; "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2092,9 +2092,6 @@ drop http $HOME_NET any -> $EXTERNAL_NET any (http.host; content:"example.com"; "Value": "Network-Main-2", }, ], - "TransitGatewayCidrBlocks": [ - "10.50.0.0/20", - ], "VpnEcmpSupport": "enable", }, "Type": "AWS::EC2::TransitGateway", @@ -2194,11 +2191,6 @@ drop http $HOME_NET any -> $EXTERNAL_NET any (http.host; content:"example.com"; "Value": "Network-Main", }, ], - "TransitGatewayCidrBlocks": [ - "10.0.0.0/20", - "10.5.0.0/20", - "2001:db8::/64", - ], "VpnEcmpSupport": "enable", }, "Type": "AWS::EC2::TransitGateway", @@ -2262,7 +2254,7 @@ drop http $HOME_NET any -> $EXTERNAL_NET any (http.host; content:"example.com"; "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkPrepStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-dns-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-dns-stack.test.ts.snap index 3032a9313..aed9028ab 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-dns-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-dns-stack.test.ts.snap @@ -1101,7 +1101,7 @@ exports[`NetworkVpcDnsStack Construct(NetworkVpcDnsStack): Snapshot Test 1`] = "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkVpcDnsStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-endpoints-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-endpoints-stack.test.ts.snap index b9bda5b19..57a37c614 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-endpoints-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-endpoints-stack.test.ts.snap @@ -67,10 +67,6 @@ exports[`NetworkVpcEndpointsStack Construct(NetworkVpcEndpointsStack): Snapshot "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Gateway/id", "Type": "AWS::SSM::Parameter::Value", }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionLocalRtAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Local-Rt-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, "SsmParameterValueacceleratornetworkvpcNetworkInspectionrouteTableNetworkInspectionTgwAidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Tgw-A/id", "Type": "AWS::SSM::Parameter::Value", @@ -87,10 +83,6 @@ exports[`NetworkVpcEndpointsStack Construct(NetworkVpcEndpointsStack): Snapshot "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-B/id", "Type": "AWS::SSM::Parameter::Value", }, - "SsmParameterValueacceleratornetworkvpcNetworkInspectionsubnetNetworkInspectionLocalAidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-Local-A/id", - "Type": "AWS::SSM::Parameter::Value", - }, "SsmParameterValueacceleratornetworkvpcNetworkInspectionsubnetNetworkInspectionTgwAttachAidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Default": "/accelerator/network/vpc/Network-Inspection/subnet/Network-InspectionTgwAttach-A/id", "Type": "AWS::SSM::Parameter::Value", @@ -2153,7 +2145,7 @@ exports[`NetworkVpcEndpointsStack Construct(NetworkVpcEndpointsStack): Snapshot "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkVpcEndpointsStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-stack.test.ts.snap index e622ae344..e4d04a7a3 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/network-vpc-stack.test.ts.snap @@ -2810,53 +2810,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "Type": "AWS::EC2::GatewayRouteTableAssociation", }, - "NetworkInspectionVpcNetworkInspectionLocalASubnet697B3913": { - "DependsOn": [ - "NetworkInspectionVpcVpcCidrBlock343B2A17", - ], - "Properties": { - "AvailabilityZone": "us-east-1-atl-2a", - "CidrBlock": "10.3.0.0/24", - "Tags": [ - { - "Key": "Name", - "Value": "Network-Inspection-Local-A", - }, - ], - "VpcId": { - "Ref": "NetworkInspectionVpc302E00C0", - }, - }, - "Type": "AWS::EC2::Subnet", - }, - "NetworkInspectionVpcNetworkInspectionLocalASubnetRouteTableAssociation52106B96": { - "DependsOn": [ - "NetworkInspectionVpcVpcCidrBlock343B2A17", - ], - "Properties": { - "RouteTableId": { - "Ref": "NetworkInspectionVpcNetworkInspectionLocalRtARouteTable442557C6", - }, - "SubnetId": { - "Ref": "NetworkInspectionVpcNetworkInspectionLocalASubnet697B3913", - }, - }, - "Type": "AWS::EC2::SubnetRouteTableAssociation", - }, - "NetworkInspectionVpcNetworkInspectionLocalRtARouteTable442557C6": { - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "Network-Inspection-Local-Rt-A", - }, - ], - "VpcId": { - "Ref": "NetworkInspectionVpc302E00C0", - }, - }, - "Type": "AWS::EC2::RouteTable", - }, "NetworkInspectionVpcNetworkInspectionTgwARouteTable1753FE94": { "Properties": { "Tags": [ @@ -4287,10 +4240,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-InspectionTgwAttach-B/cidr/ipv4", "value": "10.2.3.224/28", }, - { - "name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-Local-A/cidr/ipv4", - "value": "10.3.0.0/24", - }, { "name": "/accelerator/network/vpc/Workload-Template/subnet/Workload-A/cidr/ipv4", "value": { @@ -4319,7 +4268,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamAcceleratorGwlbGwlbArn7CF5F889": { "DependsOn": [ - "SsmParamAcceleratorGwlbSecondaryGwlbServiceId3F04FE9A", + "SsmParamAcceleratorGwlbGwlbServiceIdF93A23BF", ], "Properties": { "Name": "/accelerator/network/gwlb/Accelerator-GWLB/arn", @@ -4331,9 +4280,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamAcceleratorGwlbGwlbServiceIdF93A23BF": { - "DependsOn": [ - "SsmParamAcceleratorGwlbSecondaryGwlbServiceId3F04FE9A", - ], "Properties": { "Name": "/accelerator/network/gwlb/Accelerator-GWLB/endpointService/id", "Type": "String", @@ -4345,7 +4291,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamAcceleratorGwlbSecondaryGwlbArn364EE96B": { "DependsOn": [ - "SsmParamAcceleratorGwlbSecondaryGwlbServiceId3F04FE9A", + "SsmParamNetworkInspectionDataSecurityGroup1FD45226", ], "Properties": { "Name": "/accelerator/network/gwlb/Accelerator-GWLB-secondary/arn", @@ -4357,6 +4303,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamAcceleratorGwlbSecondaryGwlbServiceId3F04FE9A": { + "DependsOn": [ + "SsmParamNetworkInspectionDataSecurityGroup1FD45226", + ], "Properties": { "Name": "/accelerator/network/gwlb/Accelerator-GWLB-secondary/endpointService/id", "Type": "String", @@ -4396,11 +4345,14 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-NetworkVpcStack-555555555555-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkEndpointsManagementSecurityGroup157CDC67": { + "DependsOn": [ + "SsmParamNetworkEndpointsNetworkEndpointsTransitGatewayAttachmentId2EBCB846", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/securityGroup/Management/id", "Type": "String", @@ -4412,7 +4364,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkEndpointsNetworkEndpoints2TransitGatewayAttachmentIdD5FF19F5": { "DependsOn": [ - "SsmParamNetworkInspectionAcceleratorNatGwBNatGatewayId74BA7991", + "SsmParamNetworkEndpointsNetworkEndpointsTransitGatewayAttachmentId2EBCB846", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/transitGatewayAttachment/Network-Endpoints-2/id", @@ -4435,7 +4387,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkEndpointsNetworkEndpointsASubnetIdF53EDCC9": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryOutposts1SubnetIdBFE852EB", + "SsmParamNetworkSecondaryNetworkSecondaryDualStackSubnetId7D04B583", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/subnet/Network-Endpoints-A/id", @@ -4461,7 +4413,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkEndpointsNetworkEndpointsBSubnetId62D810E8": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryOutposts1SubnetIdBFE852EB", + "SsmParamNetworkSecondaryNetworkSecondaryDualStackSubnetId7D04B583", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/subnet/Network-Endpoints-B/id", @@ -4474,7 +4426,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkEndpointsNetworkEndpointsCustomEndpointSgSecurityGroupE01E3A88": { "DependsOn": [ - "SsmParamNetworkEndpointsManagementSecurityGroup157CDC67", + "SsmParamNetworkEndpointsNetworkEndpointsTransitGatewayAttachmentId2EBCB846", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/securityGroup/Network-Endpoints-CustomEndpointSg/id", @@ -4499,6 +4451,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachASubnetId72C0AC02": { + "DependsOn": [ + "SsmParamNetworkSecondaryNetworkSecondaryDualStackSubnetId7D04B583", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/subnet/Network-EndpointsTgwAttach-A/id", "Type": "String", @@ -4509,9 +4464,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachBSubnetId0B7C06C7": { - "DependsOn": [ - "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachASubnetId72C0AC02", - ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/subnet/Network-EndpointsTgwAttach-B/id", "Type": "String", @@ -4535,9 +4487,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkEndpointsNetworkEndpointsTransitGatewayAttachmentId2EBCB846": { - "DependsOn": [ - "SsmParamNetworkInspectionAcceleratorNatGwBNatGatewayId74BA7991", - ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/transitGatewayAttachment/Network-Endpoints/id", "Type": "String", @@ -4549,7 +4498,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkEndpointsTestNaclNaclED9584AC": { "DependsOn": [ - "SsmParamNetworkEndpointsManagementSecurityGroup157CDC67", + "SsmParamNetworkInspectionDataSecurityGroup1FD45226", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/networkAcl/TestNACL/id", @@ -4582,7 +4531,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionAcceleratorNatGwANatGatewayId28332EEC": { "DependsOn": [ - "SsmParamNetworkInspectionNetworkInspectionTgwAttachBSubnetId470AEEA9", + "SsmParamWorkloadTemplateWorkloadASubnetIdC0F8B4F7", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/natGateway/accelerator-nat-gw-a/id", @@ -4594,6 +4543,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkInspectionAcceleratorNatGwBNatGatewayId74BA7991": { + "DependsOn": [ + "SsmParamWorkloadTemplateWorkloadASubnetIdC0F8B4F7", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/natGateway/accelerator-nat-gw-b/id", "Type": "String", @@ -4605,7 +4557,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionAcceleratorNatGwCNatGatewayId498E58EE": { "DependsOn": [ - "SsmParamNetworkInspectionAcceleratorNatGwBNatGatewayId74BA7991", + "SsmParamWorkloadTemplateWorkloadASubnetIdC0F8B4F7", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/natGateway/accelerator-nat-gw-c/id", @@ -4617,9 +4569,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkInspectionDataSecurityGroup1FD45226": { - "DependsOn": [ - "SsmParamNetworkEndpointsManagementSecurityGroup157CDC67", - ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/securityGroup/Data/id", "Type": "String", @@ -4644,7 +4593,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionNetworkInspectionASubnetId84BB7982": { "DependsOn": [ - "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachASubnetId72C0AC02", + "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachBSubnetId0B7C06C7", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-A/id", @@ -4670,7 +4619,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionNetworkInspectionBSubnetId08F48703": { "DependsOn": [ - "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachASubnetId72C0AC02", + "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachBSubnetId0B7C06C7", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-B/id", @@ -4694,32 +4643,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "Type": "AWS::SSM::Parameter", }, - "SsmParamNetworkInspectionNetworkInspectionLocalASubnetIdB87E6E71": { - "DependsOn": [ - "SsmParamNetworkInspectionNetworkInspectionTgwAttachBSubnetId470AEEA9", - ], - "Properties": { - "Name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-Inspection-Local-A/id", - "Type": "String", - "Value": { - "Ref": "NetworkInspectionVpcNetworkInspectionLocalASubnet697B3913", - }, - }, - "Type": "AWS::SSM::Parameter", - }, - "SsmParamNetworkInspectionNetworkInspectionLocalRtARouteTableIdFC5189D1": { - "DependsOn": [ - "SsmParamNetworkInspectionNetworkInspectionTgwBRouteTableId7113F1A4", - ], - "Properties": { - "Name": "/accelerator/network/vpc/Network-Inspection/routeTable/Network-Inspection-Local-Rt-A/id", - "Type": "String", - "Value": { - "Ref": "NetworkInspectionVpcNetworkInspectionLocalRtARouteTable442557C6", - }, - }, - "Type": "AWS::SSM::Parameter", - }, "SsmParamNetworkInspectionNetworkInspectionTgwARouteTableId838420AE": { "DependsOn": [ "SsmParamNetworkEndpointsNetworkEndpointsARouteTableIdC55DBCD4", @@ -4735,7 +4658,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionNetworkInspectionTgwAttachASubnetId90B86E86": { "DependsOn": [ - "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachASubnetId72C0AC02", + "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachBSubnetId0B7C06C7", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-InspectionTgwAttach-A/id", @@ -4747,6 +4670,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkInspectionNetworkInspectionTgwAttachBSubnetId470AEEA9": { + "DependsOn": [ + "SsmParamNetworkEndpointsNetworkEndpointsTgwAttachBSubnetId0B7C06C7", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/subnet/Network-InspectionTgwAttach-B/id", "Type": "String", @@ -4768,7 +4694,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkInspectionNetworkInspectionTransitGatewayAttachmentId80B7A8EF": { "DependsOn": [ - "SsmParamNetworkInspectionAcceleratorNatGwBNatGatewayId74BA7991", + "SsmParamNetworkEndpointsNetworkEndpointsTransitGatewayAttachmentId2EBCB846", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Inspection/transitGatewayAttachment/Network-Inspection/id", @@ -4819,6 +4745,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkSecondaryNetworkSecondaryASubnetId121C5F23": { + "DependsOn": [ + "SsmParamNetworkInspectionNetworkInspectionTgwBRouteTableId7113F1A4", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-A/id", "Type": "String", @@ -4839,9 +4768,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkSecondaryNetworkSecondaryBSubnetIdDF008255": { - "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryASubnetId121C5F23", - ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-B/id", "Type": "String", @@ -4866,7 +4792,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkSecondaryNetworkSecondaryCSubnetId6A8F9E78": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryASubnetId121C5F23", + "SsmParamNetworkSecondaryNetworkSecondaryBSubnetIdDF008255", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-C/id", @@ -4892,7 +4818,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkSecondaryNetworkSecondaryDSubnetIdEFF1A015": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryASubnetId121C5F23", + "SsmParamNetworkSecondaryNetworkSecondaryBSubnetIdDF008255", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-D/id", @@ -4904,9 +4830,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkSecondaryNetworkSecondaryDualStackSubnetId7D04B583": { - "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryOutposts1SubnetIdBFE852EB", - ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-Dual-Stack/id", "Type": "String", @@ -4918,7 +4841,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkSecondaryNetworkSecondaryIpv6OnlySubnetId8392EF4E": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryOutposts1SubnetIdBFE852EB", + "SsmParamNetworkSecondaryNetworkSecondaryDualStackSubnetId7D04B583", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-Ipv6-Only/id", @@ -4930,6 +4853,9 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamNetworkSecondaryNetworkSecondaryOutposts1SubnetIdBFE852EB": { + "DependsOn": [ + "SsmParamNetworkSecondaryNetworkSecondaryBSubnetIdDF008255", + ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-Outposts-1/id", "Type": "String", @@ -4941,7 +4867,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkSecondaryNetworkSecondaryOutpostsASubnetId8238BEAB": { "DependsOn": [ - "SsmParamNetworkSecondaryNetworkSecondaryASubnetId121C5F23", + "SsmParamNetworkSecondaryNetworkSecondaryBSubnetIdDF008255", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/subnet/Network-Secondary-Outposts-A/id", @@ -4954,7 +4880,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamNetworkSecondaryTestNaclNacl0FC3F602": { "DependsOn": [ - "SsmParamNetworkEndpointsManagementSecurityGroup157CDC67", + "SsmParamNetworkInspectionDataSecurityGroup1FD45226", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Secondary/networkAcl/TestNacl/id", @@ -5012,9 +4938,6 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::SSM::Parameter", }, "SsmParamWorkloadTemplateWorkloadASubnetIdC0F8B4F7": { - "DependsOn": [ - "SsmParamNetworkInspectionNetworkInspectionTgwAttachBSubnetId470AEEA9", - ], "Properties": { "Name": "/accelerator/network/vpc/Workload-Template/subnet/Workload-A/id", "Type": "String", @@ -5039,7 +4962,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "SsmParamWorkloadTemplateWorkloadBSubnetIdC690B217": { "DependsOn": [ - "SsmParamNetworkInspectionNetworkInspectionTgwAttachBSubnetId470AEEA9", + "SsmParamWorkloadTemplateWorkloadASubnetIdC0F8B4F7", ], "Properties": { "Name": "/accelerator/network/vpc/Workload-Template/subnet/Workload-B/id", @@ -5592,7 +5515,7 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` }, "appAalb01NetworkEndpointsssmF399A7CC": { "DependsOn": [ - "SsmParamAcceleratorGwlbSecondaryGwlbServiceId3F04FE9A", + "SsmParamAcceleratorGwlbGwlbServiceIdF93A23BF", ], "Properties": { "Name": "/accelerator/network/vpc/Network-Endpoints/alb/appA-alb-01/id", @@ -5654,214 +5577,14 @@ exports[`NetworkVpcStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", }, "appAnlb01NetworkEndpointsssm0DA0AE1E": { - "Properties": { - "Name": "/accelerator/network/vpc/Network-Endpoints/nlb/appA-nlb-01/id", - "Type": "String", - "Value": { - "Ref": "appAnlb01NetworkEndpoints0281B174", - }, - }, - "Type": "AWS::SSM::Parameter", - }, - }, -} -`; - -exports[`NoVpcFlowLogStack Construct(NetworkVpcStack): Snapshot Test 1`] = ` -{ - "Parameters": { - "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/kms/cloudwatch/key-arn", - "Type": "AWS::SSM::Parameter::Value", - }, - "SsmParameterValueacceleratorkmslambdakeyarnC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Default": "/accelerator/kms/lambda/key-arn", - "Type": "AWS::SSM::Parameter::Value", - }, - }, - "Resources": { - "CustomDeleteDefaultVpcCustomResourceProviderHandler87E89F35": { - "DependsOn": [ - "CustomDeleteDefaultVpcCustomResourceProviderRole80963EEF", - ], - "Properties": { - "Code": { - "S3Bucket": "cdk-hnb659fds-assets-111111111111-us-east-1", - "S3Key": "REPLACED-GENERATED-NAME.zip", - }, - "Handler": "__entrypoint__.handler", - "MemorySize": 128, - "Role": { - "Fn::GetAtt": [ - "CustomDeleteDefaultVpcCustomResourceProviderRole80963EEF", - "Arn", - ], - }, - "Runtime": "nodejs18.x", - "Timeout": 900, - }, - "Type": "AWS::Lambda::Function", - }, - "CustomDeleteDefaultVpcCustomResourceProviderLogGroup4113DA48": { - "DeletionPolicy": "Delete", - "Properties": { - "KmsKeyId": { - "Ref": "SsmParameterValueacceleratorkmscloudwatchkeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", - }, - "LogGroupName": { - "Fn::Join": [ - "", - [ - "/aws/lambda/", - { - "Ref": "CustomDeleteDefaultVpcCustomResourceProviderHandler87E89F35", - }, - ], - ], - }, - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, - "CustomDeleteDefaultVpcCustomResourceProviderRole80963EEF": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - }, - ], - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ec2:DeleteInternetGateway", - "ec2:DetachInternetGateway", - "ec2:DeleteNetworkAcl", - "ec2:DeleteRoute", - "ec2:DeleteSecurityGroup", - "ec2:DeleteSubnet", - "ec2:DeleteVpc", - "ec2:DescribeInternetGateways", - "ec2:DescribeNetworkAcls", - "ec2:DescribeRouteTables", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - ], - "Effect": "Allow", - "Resource": "*", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "Inline", - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "DeleteDefaultVpc4DBAE36C": { - "DeletionPolicy": "Delete", "DependsOn": [ - "CustomDeleteDefaultVpcCustomResourceProviderLogGroup4113DA48", + "SsmParamAcceleratorGwlbGwlbServiceIdF93A23BF", ], "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomDeleteDefaultVpcCustomResourceProviderHandler87E89F35", - "Arn", - ], - }, - }, - "Type": "Custom::DeleteDefaultVpc", - "UpdateReplacePolicy": "Delete", - }, - "EnableCentralEndpointsRoleB69A8E04": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM5", - "reason": "EnableCentralEndpointsRole needs access to every describe every VPC in the account ", - }, - ], - }, - }, - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::555555555555:root", - ], - ], - }, - }, - }, - ], - "Version": "2012-10-17", - }, - "Policies": [ - { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ec2:DescribeVpcs", - "route53:AssociateVPCWithHostedZone", - ], - "Effect": "Allow", - "Resource": "*", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "default", - }, - ], - "RoleName": "AWSAccelerator-EnableCentralEndpointsRole-us-east-1", - }, - "Type": "AWS::IAM::Role", - }, - "SsmParamAcceleratorVersionFF83282D": { - "Properties": { - "Name": "/accelerator/AWSAccelerator-NetworkVpcStack-111111111111-us-east-1/version", - "Type": "String", - "Value": "1.9.1", - }, - "Type": "AWS::SSM::Parameter", - }, - "SsmParamStackId521A78D3": { - "Properties": { - "Name": "/accelerator/AWSAccelerator-NetworkVpcStack-111111111111-us-east-1/stack-id", + "Name": "/accelerator/network/vpc/Network-Endpoints/nlb/appA-nlb-01/id", "Type": "String", "Value": { - "Ref": "AWS::StackId", + "Ref": "appAnlb01NetworkEndpoints0281B174", }, }, "Type": "AWS::SSM::Parameter", diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/operations-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/operations-stack.test.ts.snap index 2ca0a7df3..0eb797f80 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/operations-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/operations-stack.test.ts.snap @@ -1120,7 +1120,7 @@ exports[`OperationsStack Construct(OperationsStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-OperationsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/organizations-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/organizations-stack.test.ts.snap index 605554289..f7e8785e2 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/organizations-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/organizations-stack.test.ts.snap @@ -2105,7 +2105,7 @@ exports[`MultiOuOrganizationsStack Construct(OrganizationsStack): Snapshot Test "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2375,7 +2375,7 @@ exports[`MultiOuOrganizationsStack Construct(OrganizationsStack): Snapshot Test "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -2647,7 +2647,7 @@ exports[`MultiOuOrganizationsStack Construct(OrganizationsStack): Snapshot Test "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3202,7 +3202,7 @@ exports[`MultiOuOrganizationsStack Construct(OrganizationsStack): Snapshot Test "Properties": { "Name": "/accelerator/AWSAccelerator-OrganizationsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -5423,7 +5423,7 @@ exports[`OrganizationsStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -5693,7 +5693,7 @@ exports[`OrganizationsStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -5965,7 +5965,7 @@ exports[`OrganizationsStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -6572,7 +6572,7 @@ exports[`OrganizationsStack Construct(OrganizationsStack): Snapshot Test 1`] = "Properties": { "Name": "/accelerator/AWSAccelerator-OrganizationsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -8723,7 +8723,7 @@ exports[`delegatedAdminStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -8993,7 +8993,7 @@ exports[`delegatedAdminStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -9265,7 +9265,7 @@ exports[`delegatedAdminStack Construct(OrganizationsStack): Snapshot Test 1`] = "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -9846,7 +9846,7 @@ exports[`delegatedAdminStack Construct(OrganizationsStack): Snapshot Test 1`] = "Properties": { "Name": "/accelerator/AWSAccelerator-OrganizationsStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/pipeline-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/pipeline-stack.test.ts.snap index 570a0358e..3a3204e94 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/pipeline-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/pipeline-stack.test.ts.snap @@ -1072,7 +1072,7 @@ exports[`PipelineStack Construct(PipelineStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1398,12 +1398,12 @@ exports[`PipelineStack Construct(PipelineStack): Snapshot Test 1`] = ` "Ref": "SsmParameterValueacceleratorawsacceleratorinstallerkmskeyarnC96584B6F00A464EAD1953AFF4B05118Parameter", }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=8192", }, { "Name": "PARTITION", @@ -2460,16 +2460,6 @@ exports[`PipelineStack Construct(PipelineStack): Snapshot Test 1`] = ` "Type": "PLAINTEXT", "Value": "", }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": "codecommit", - }, - { - "Name": "ACCELERATOR_SKIP_PREREQUISITES", - "Type": "PLAINTEXT", - "Value": "true", - }, ], "Image": "aws/codebuild/standard:7.0", "ImagePullCredentialsType": "CODEBUILD", @@ -2500,34 +2490,22 @@ exports[`PipelineStack Construct(PipelineStack): Snapshot Test 1`] = ` "commands": [ "env", "cd source", - "if [ \\"prepare\\" = \\"\${ACCELERATOR_STAGE}\\" ]; then set -e && LOG_LEVEL=info yarn run ts-node packages/@aws-accelerator/modules/bin/runner.ts --module control-tower --partition ", + "if [ \\"prepare\\" = \\"\${ACCELERATOR_STAGE}\\" ]; then set -e && export LOG_LEVEL=info && yarn run ts-node packages/@aws-accelerator/modules/bin/runner.ts --module control-tower --partition ", { "Ref": "AWS::Partition", }, - " --use-existing-role No --config-dir $CODEBUILD_SRC_DIR_Config && if [ -z \\"\${ACCELERATOR_NO_ORG_MODULE}\\" ]; then LOG_LEVEL=info yarn run ts-node packages/@aws-accelerator/modules/bin/runner.ts --module aws-organizations --partition ", + " --use-existing-role No --config-dir $CODEBUILD_SRC_DIR_Config && yarn run ts-node packages/@aws-accelerator/modules/bin/runner.ts --module aws-organizations --partition ", { "Ref": "AWS::Partition", }, - " --use-existing-role No --config-dir $CODEBUILD_SRC_DIR_Config; else echo \\"Module aws-organizations execution skipped by environment settings.\\"; fi ; fi", + " --use-existing-role No --config-dir $CODEBUILD_SRC_DIR_Config && export LOG_LEVEL=error ; fi", "if [ \\"prepare\\" = \\"\${ACCELERATOR_STAGE}\\" ]; then set -e && yarn run ts-node packages/@aws-accelerator/accelerator/lib/prerequisites.ts --config-dir $CODEBUILD_SRC_DIR_Config --partition ", { "Ref": "AWS::Partition", }, " --minimal; fi", "cd packages/@aws-accelerator/accelerator", - "export FULL_SYNTH=\\"true\\"", - "if [ $ASEA_MAPPING_BUCKET ]; then aws s3api head-object --bucket $ASEA_MAPPING_BUCKET --key $ASEA_MAPPING_FILE >/dev/null 2>&1 || export FULL_SYNTH=\\"false\\"; fi;", - "if [ -z \\"\${ACCELERATOR_STAGE}\\" ] && [ $CDK_OPTIONS = 'bootstrap' ] && [ $FULL_SYNTH = \\"true\\" ]; then for STAGE in \\"key\\" \\"logging\\" \\"organizations\\" \\"security-audit\\" \\"network-prep\\" \\"security\\" \\"operations\\" \\"identity-center\\" \\"network-vpc\\" \\"security-resources\\" \\"network-associations\\" \\"customizations\\" \\"finalize\\" \\"bootstrap\\"; do set -e && yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition ", - { - "Ref": "AWS::Partition", - }, - " --stage $STAGE; done; fi", - "if [ -z \\"\${ACCELERATOR_STAGE}\\" ] && [ $CDK_OPTIONS = 'diff' ] && [ $FULL_SYNTH = \\"true\\" ]; then for STAGE in \\"key\\" \\"logging\\" \\"organizations\\" \\"security-audit\\" \\"network-prep\\" \\"security\\" \\"operations\\" \\"identity-center\\" \\"network-vpc\\" \\"security-resources\\" \\"network-associations\\" \\"customizations\\" \\"finalize\\" \\"bootstrap\\"; do set -e && yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition ", - { - "Ref": "AWS::Partition", - }, - " --stage $STAGE; done; fi", - "if [ -z \\"\${ACCELERATOR_STAGE}\\" ] && [ $CDK_OPTIONS = 'bootstrap' ] && [ $FULL_SYNTH = \\"false\\" ]; then for STAGE in \\"bootstrap\\"; do set -e && yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition ", + "if [ -z \\"\${ACCELERATOR_STAGE}\\" ]; then for STAGE in \\"key\\" \\"logging\\" \\"organizations\\" \\"security-audit\\" \\"network-prep\\" \\"security\\" \\"operations\\" \\"identity-center\\" \\"network-vpc\\" \\"security-resources\\" \\"network-associations\\" \\"customizations\\" \\"finalize\\" \\"bootstrap\\"; do set -e && yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition ", { "Ref": "AWS::Partition", }, @@ -2589,7 +2567,7 @@ exports[`PipelineStack Construct(PipelineStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/PipelineStack/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/prepare-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/prepare-stack.test.ts.snap index 6add4c203..45d9715ce 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/prepare-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/prepare-stack.test.ts.snap @@ -339,47 +339,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, "Type": "AWS::IAM::Role", }, - "AcceleratorResourceTable4013A9E6": { - "DeletionPolicy": "Delete", - "Properties": { - "AttributeDefinitions": [ - { - "AttributeName": "pk", - "AttributeType": "S", - }, - { - "AttributeName": "sk", - "AttributeType": "S", - }, - ], - "BillingMode": "PAY_PER_REQUEST", - "KeySchema": [ - { - "AttributeName": "pk", - "KeyType": "HASH", - }, - { - "AttributeName": "sk", - "KeyType": "RANGE", - }, - ], - "PointInTimeRecoverySpecification": { - "PointInTimeRecoveryEnabled": true, - }, - "SSESpecification": { - "KMSMasterKeyId": { - "Fn::GetAtt": [ - "ManagementKey0813A4D9", - "Arn", - ], - }, - "SSEEnabled": true, - "SSEType": "KMS", - }, - }, - "Type": "AWS::DynamoDB::Table", - "UpdateReplacePolicy": "Delete", - }, "ConfigTableArnParameter0395C8F4": { "Properties": { "Name": "/accelerator/prepare-stack/configTable/arn", @@ -849,9 +808,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateCTAccounts3049A752": { "DeletionPolicy": "Delete", "DependsOn": [ - "CreateCTAccountsCreateControlTowerAccountLogGroup7DD19087", - "CreateCTAccountsCreateControlTowerAccountStatusLogGroup18D2531C", - "CreateCTAccountsCreateControlTowerAccountWaiterLogGroup1A71123A", "CreateOrganizationAccountsDDA8AFE1", "CreateOrganizationAccountsServiceRole99CB3720", "CreateOrganizationAccountsCreateOrganizationAccountsLogGroup00D93B3C", @@ -871,7 +827,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -917,7 +872,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -957,7 +911,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -983,7 +937,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1055,7 +1008,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1166,7 +1118,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1209,7 +1160,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1235,7 +1186,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1307,7 +1257,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1425,7 +1374,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1465,7 +1413,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -1491,7 +1439,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1563,7 +1510,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1674,7 +1620,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1685,20 +1630,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "ValidateEnvironmentConfigValidateEnvironmentFunctionLogGroup632317CC", "ValidateEnvironmentConfigValidateEnvironmentResourceD10DC179", ], - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-SF1", - "reason": "AWS Custom resource provider role created by cdk.", - }, - { - "id": "AwsSolutions-SF2", - "reason": "AWS Custom resource provider role created by cdk.", - }, - ], - }, - }, "Properties": { "DefinitionString": { "Fn::Join": [ @@ -1722,22 +1653,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` ], ], }, - "LoggingConfiguration": { - "Destinations": [ - { - "CloudWatchLogsLogGroup": { - "LogGroupArn": { - "Fn::GetAtt": [ - "CreateCTAccountsCreateControlTowerAccountWaiterLogGroup1A71123A", - "Arn", - ], - }, - }, - }, - ], - "IncludeExecutionData": true, - "Level": "ERROR", - }, "RoleArn": { "Fn::GetAtt": [ "CreateCTAccountsCreateControlTowerAcccountsProviderwaiterstatemachineRoleE4D3D067", @@ -1768,7 +1683,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1844,22 +1758,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, ], }, - { - "Action": [ - "logs:CreateLogDelivery", - "logs:CreateLogStream", - "logs:GetLogDelivery", - "logs:UpdateLogDelivery", - "logs:DeleteLogDelivery", - "logs:ListLogDeliveries", - "logs:PutLogEvents", - "logs:PutResourcePolicy", - "logs:DescribeResourcePolicies", - "logs:DescribeLogGroups", - ], - "Effect": "Allow", - "Resource": "*", - }, ], "Version": "2012-10-17", }, @@ -1893,7 +1791,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1942,7 +1839,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -1999,7 +1895,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2054,7 +1949,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2128,7 +2022,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2192,7 +2085,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2247,7 +2139,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2331,7 +2222,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2448,52 +2338,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, "Type": "AWS::IAM::Policy", }, - "CreateCTAccountsCreateControlTowerAccountWaiterLogGroup1A71123A": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "CreateOrganizationAccountsDDA8AFE1", - "CreateOrganizationAccountsServiceRole99CB3720", - "CreateOrganizationAccountsCreateOrganizationAccountsLogGroup00D93B3C", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkisComplete071270AC", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkisCompleteServiceRoleDefaultPolicy17A8199B", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkisCompleteServiceRole19A96F30", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonEvent96B71A5A", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonEventServiceRoleDefaultPolicy5CD1CC20", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonEventServiceRole66CD01EF", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonTimeoutDD2DB516", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonTimeoutServiceRoleDefaultPolicy7473AD40", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderframeworkonTimeoutServiceRoleA8ECA8F4", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderwaiterstatemachineC299C25B", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderwaiterstatemachineRoleDefaultPolicyA69022C3", - "CreateOrganizationAccountsCreateOrganizationAccountsProviderwaiterstatemachineRole22D85F30", - "CreateOrganizationAccountsCreateOrganizationAccountStatusBBDEFDFE", - "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", - "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", - "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", - "CreateOrganizationAccounts49A5350C", - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRole675155BD", - "ValidateEnvironmentConfigValidateEnvironmentFunction13F94F77", - "ValidateEnvironmentConfigValidateEnvironmentFunctionServiceRoleDefaultPolicy9ACA86A8", - "ValidateEnvironmentConfigValidateEnvironmentFunctionServiceRole09865D4C", - "ValidateEnvironmentConfigValidateEnvironmentFunctionLogGroup632317CC", - "ValidateEnvironmentConfigValidateEnvironmentResourceD10DC179", - ], - "Properties": { - "KmsKeyId": { - "Fn::GetAtt": [ - "AcceleratorManagementCloudWatchKeyE630915F", - "Arn", - ], - }, - "LogGroupName": "/aws/vendedlogs/states/waiter-state-machine/CreateControlTowerAccount", - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, "CreateCTAccountsLambdaPrincipalAssociationFAD34BEB": { "DependsOn": [ "CreateOrganizationAccountsDDA8AFE1", @@ -2515,7 +2359,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRoleDefaultPolicy217D2441", "CreateOrganizationAccountsCreateOrganizationAccountStatusServiceRole5944FA8B", "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "CreateOrganizationAccounts49A5350C", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", @@ -2543,9 +2386,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "CreateOrganizationAccounts49A5350C": { "DeletionPolicy": "Delete", "DependsOn": [ - "CreateOrganizationAccountsCreateOrganizationAccountsLogGroup00D93B3C", - "CreateOrganizationAccountsCreateOrganizationAccountStatusLogGroupD4DD5E40", - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRole675155BD", @@ -2888,7 +2728,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3077,7 +2917,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3270,7 +3110,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -3427,20 +3267,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "ValidateEnvironmentConfigValidateEnvironmentFunctionLogGroup632317CC", "ValidateEnvironmentConfigValidateEnvironmentResourceD10DC179", ], - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-SF1", - "reason": "AWS Custom resource provider role created by cdk.", - }, - { - "id": "AwsSolutions-SF2", - "reason": "AWS Custom resource provider role created by cdk.", - }, - ], - }, - }, "Properties": { "DefinitionString": { "Fn::Join": [ @@ -3464,22 +3290,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` ], ], }, - "LoggingConfiguration": { - "Destinations": [ - { - "CloudWatchLogsLogGroup": { - "LogGroupArn": { - "Fn::GetAtt": [ - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2", - "Arn", - ], - }, - }, - }, - ], - "IncludeExecutionData": true, - "Level": "ERROR", - }, "RoleArn": { "Fn::GetAtt": [ "CreateOrganizationAccountsCreateOrganizationAccountsProviderwaiterstatemachineRole22D85F30", @@ -3592,22 +3402,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, ], }, - { - "Action": [ - "logs:CreateLogDelivery", - "logs:CreateLogStream", - "logs:GetLogDelivery", - "logs:UpdateLogDelivery", - "logs:DeleteLogDelivery", - "logs:ListLogDeliveries", - "logs:PutLogEvents", - "logs:PutResourcePolicy", - "logs:DescribeResourcePolicies", - "logs:DescribeLogGroups", - ], - "Effect": "Allow", - "Resource": "*", - }, ], "Version": "2012-10-17", }, @@ -3620,31 +3414,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, "Type": "AWS::IAM::Policy", }, - "CreateOrganizationAccountsCreateOrganizationAccountsWaiterLogGroup60891BB2": { - "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEvent4F574CF7", - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRoleDefaultPolicyA669E020", - "ValidateEnvironmentConfigCustomValidateEnvironmentConfigurationframeworkonEventServiceRole675155BD", - "ValidateEnvironmentConfigValidateEnvironmentFunction13F94F77", - "ValidateEnvironmentConfigValidateEnvironmentFunctionServiceRoleDefaultPolicy9ACA86A8", - "ValidateEnvironmentConfigValidateEnvironmentFunctionServiceRole09865D4C", - "ValidateEnvironmentConfigValidateEnvironmentFunctionLogGroup632317CC", - "ValidateEnvironmentConfigValidateEnvironmentResourceD10DC179", - ], - "Properties": { - "KmsKeyId": { - "Fn::GetAtt": [ - "AcceleratorManagementCloudWatchKeyE630915F", - "Arn", - ], - }, - "LogGroupName": "/aws/vendedlogs/states/waiter-state-machine/CreateOrganizationAccounts", - "RetentionInDays": 3653, - }, - "Type": "AWS::Logs::LogGroup", - "UpdateReplacePolicy": "Delete", - }, "CreateOrganizationAccountsDDA8AFE1": { "DependsOn": [ "CreateOrganizationAccountsServiceRole99CB3720", @@ -4601,21 +4370,11 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, "Type": "AWS::SSM::Parameter", }, - "ResourceTableNameParameter1A8224BE": { - "Properties": { - "Name": "/accelerator/prepare-stack/resourceTable/name", - "Type": "String", - "Value": { - "Ref": "AcceleratorResourceTable4013A9E6", - }, - }, - "Type": "AWS::SSM::Parameter", - }, "SsmParamAcceleratorVersionFF83282D": { "Properties": { "Name": "/accelerator/AWSAccelerator-PrepareStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -4657,7 +4416,7 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -4982,9 +4741,6 @@ exports[`PrepareStack Construct(PrepareStack): Snapshot Test 1`] = ` }, "ValidateEnvironmentConfigValidateEnvironmentResourceD10DC179": { "DeletionPolicy": "Delete", - "DependsOn": [ - "ValidateEnvironmentConfigValidateEnvironmentFunctionLogGroup632317CC", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/resource-policy-enforcement-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/resource-policy-enforcement-stack.test.ts.snap index c7da8b695..54f224cd3 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/resource-policy-enforcement-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/resource-policy-enforcement-stack.test.ts.snap @@ -874,7 +874,7 @@ exports[`ResourcePolicyEnforcementStack Construct(ResourcePolicyEnforcementStack "Properties": { "Name": "/accelerator/AWSAccelerator-ResourcePolicyEnforcementStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-audit-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-audit-stack.test.ts.snap index 7754e140e..ce2dc286b 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-audit-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-audit-stack.test.ts.snap @@ -2555,19 +2555,10 @@ def script_handler(events, context): "Arn", ], }, - "autoEnableOrgMembers": true, "partition": { "Ref": "AWS::Partition", }, "region": "us-east-1", - "securityHubMemberAccountIds": [ - "111111111111", - "333333333333", - "222222222222", - "444444444444", - "555555555555", - "666666666666", - ], }, "Type": "Custom::SecurityHubCreateMembers", "UpdateReplacePolicy": "Delete", @@ -2705,7 +2696,7 @@ def script_handler(events, context): "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityAuditStack-222222222222-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -4926,12 +4917,10 @@ def script_handler(events, context): "Arn", ], }, - "autoEnableOrgMembers": true, "partition": { "Ref": "AWS::Partition", }, "region": "us-east-1", - "securityHubMemberAccountIds": [], }, "Type": "Custom::SecurityHubCreateMembers", "UpdateReplacePolicy": "Delete", @@ -5069,7 +5058,7 @@ def script_handler(events, context): "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityAuditStack-222222222222-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-resources-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-resources-stack.test.ts.snap index c4d46cbf8..2acf2086f 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-resources-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-resources-stack.test.ts.snap @@ -4210,7 +4210,7 @@ exports[`SecurityResourcesStack Construct(SecurityResourcesStack): Snapshot Tes ], }, "Runtime": "nodejs18.x", - "Timeout": 180, + "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, @@ -4235,9 +4235,6 @@ exports[`SecurityResourcesStack Construct(SecurityResourcesStack): Snapshot Tes }, "SecurityHubEventsLogSecurityHubEventsFunctionSecurityHubEventsFunctionResourceF6D56745": { "DeletionPolicy": "Delete", - "DependsOn": [ - "SecurityHubEventsLogSecurityHubEventsFunctionResourceLogGroupB7A99902", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -4396,7 +4393,7 @@ exports[`SecurityResourcesStack Construct(SecurityResourcesStack): Snapshot Tes "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -4591,7 +4588,7 @@ exports[`SecurityResourcesStack Construct(SecurityResourcesStack): Snapshot Tes "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityResourcesStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -7459,7 +7456,7 @@ exports[`delegatedAdminStack Construct(SecurityResourcesStack): Snapshot Test 1 ], }, "Runtime": "nodejs18.x", - "Timeout": 180, + "Timeout": 60, }, "Type": "AWS::Lambda::Function", }, @@ -7484,9 +7481,6 @@ exports[`delegatedAdminStack Construct(SecurityResourcesStack): Snapshot Test 1 }, "SecurityHubEventsLogSecurityHubEventsFunctionSecurityHubEventsFunctionResourceF6D56745": { "DeletionPolicy": "Delete", - "DependsOn": [ - "SecurityHubEventsLogSecurityHubEventsFunctionResourceLogGroupB7A99902", - ], "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -7645,7 +7639,7 @@ exports[`delegatedAdminStack Construct(SecurityResourcesStack): Snapshot Test 1 "Arn", ], }, - "Runtime": "nodejs20.x", + "Runtime": "nodejs18.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", @@ -7829,7 +7823,7 @@ exports[`delegatedAdminStack Construct(SecurityResourcesStack): Snapshot Test 1 "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityResourcesStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-stack.test.ts.snap b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-stack.test.ts.snap index 0469c149d..603aca9aa 100644 --- a/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-stack.test.ts.snap +++ b/source/packages/@aws-accelerator/accelerator/test/__snapshots__/security-stack.test.ts.snap @@ -71,8 +71,6 @@ exports[`SecurityStack Construct(SecurityStack): Snapshot Test 1`] = ` "ACCELERATOR_PREFIX": "AWSAccelerator", "ACCELERATOR_VERSION_SSM_PATH": "/accelerator/AWSAccelerator-InstallerStack/version", "CENTRAL_LOG_BUCKET": "existing-central-log-bucket", - "CONFIG_BUCKET_NAME": "undefined-config-111111111111-us-east-1", - "CONFIG_REPOSITORY_LOCATION": "codecommit", "CONFIG_REPOSITORY_NAME": "aws-accelerator-config", "CROSS_ACCOUNT_ROLE": "AWSControlTowerExecution", "ELB_LOGGING_BUCKET": "existing-elb-logs-bucket-111111111111-us-east-1", @@ -268,30 +266,6 @@ exports[`SecurityStack Construct(SecurityStack): Snapshot Test 1`] = ` ], ], }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":s3:::undefined-config-111111111111-us-east-1", - ], - ], - }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":s3:::undefined-config-111111111111-us-east-1/*", - ], - ], - }, ], }, ], @@ -1284,7 +1258,7 @@ exports[`SecurityStack Construct(SecurityStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -1377,8 +1351,6 @@ exports[`delegatedAdminStack Construct(SecurityStack): Snapshot Test 1`] = ` "ACCELERATOR_PREFIX": "AWSAccelerator", "ACCELERATOR_VERSION_SSM_PATH": "/accelerator/AWSAccelerator-InstallerStack/version", "CENTRAL_LOG_BUCKET": "aws-accelerator-central-logs-333333333333-us-west-2", - "CONFIG_BUCKET_NAME": "undefined-config-111111111111-us-east-1", - "CONFIG_REPOSITORY_LOCATION": "codecommit", "CONFIG_REPOSITORY_NAME": "aws-accelerator-config", "CROSS_ACCOUNT_ROLE": "AWSControlTowerExecution", "ELB_LOGGING_BUCKET": "aws-accelerator-elb-access-logs-333333333333-us-east-1", @@ -1574,30 +1546,6 @@ exports[`delegatedAdminStack Construct(SecurityStack): Snapshot Test 1`] = ` ], ], }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":s3:::undefined-config-111111111111-us-east-1", - ], - ], - }, - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":s3:::undefined-config-111111111111-us-east-1/*", - ], - ], - }, ], }, ], @@ -2396,7 +2344,7 @@ exports[`delegatedAdminStack Construct(SecurityStack): Snapshot Test 1`] = ` "Properties": { "Name": "/accelerator/AWSAccelerator-SecurityStack-111111111111-us-east-1/version", "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, diff --git a/source/packages/@aws-accelerator/installer/test/__snapshots__/installer.test.ts.snap b/source/packages/@aws-accelerator/installer/test/__snapshots__/installer.test.ts.snap index f2c088462..6b4e18d1c 100644 --- a/source/packages/@aws-accelerator/installer/test/__snapshots__/installer.test.ts.snap +++ b/source/packages/@aws-accelerator/installer/test/__snapshots__/installer.test.ts.snap @@ -69,7 +69,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -104,18 +104,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, ], @@ -129,9 +121,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -189,14 +178,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -249,7 +230,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -269,7 +250,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -1592,12 +1573,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -1632,13 +1613,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 1`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -2797,7 +2771,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -3336,23 +3310,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -3369,7 +3326,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -3402,20 +3358,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -3423,32 +3372,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -3466,64 +3389,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codepipeline:GetPipeline", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": { @@ -3638,7 +3503,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -3673,18 +3538,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, ], @@ -3698,9 +3555,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -3758,14 +3612,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -3818,7 +3664,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -3838,7 +3684,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -5161,12 +5007,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -5201,13 +5047,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 2`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -6356,7 +6195,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -6895,23 +6734,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -6928,7 +6750,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -6961,20 +6782,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -6982,32 +6796,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -7025,64 +6813,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codepipeline:GetPipeline", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": { @@ -7197,7 +6927,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -7232,18 +6962,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, { @@ -7270,9 +6992,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -7342,14 +7061,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -7410,7 +7121,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -7430,7 +7141,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -8750,12 +8461,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -8790,13 +8501,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 3`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -9985,7 +9689,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -10513,20 +10217,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -10543,7 +10233,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -10576,20 +10265,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -10597,32 +10279,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -10640,7 +10296,7 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { + "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": { "rules_to_suppress": [ @@ -10652,68 +10308,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, }, "Properties": { - "PolicyDocument": { + "AssumeRolePolicyDocument": { "Statement": [ { - "Action": "codepipeline:GetPipeline", + "Action": "sts:AssumeRole", "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, - "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", + "Principal": { + "Service": "lambda.amazonaws.com", }, }, ], @@ -10809,7 +10410,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -10844,18 +10445,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, { @@ -10882,9 +10475,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -10954,14 +10544,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -11022,7 +10604,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -11042,7 +10624,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -12362,12 +11944,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -12402,13 +11984,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 4`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -13587,7 +13162,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -14115,20 +13690,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -14145,7 +13706,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -14178,20 +13738,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -14199,32 +13752,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -14242,61 +13769,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codepipeline:GetPipeline", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": { @@ -14411,7 +13883,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -14446,18 +13918,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, { @@ -14484,9 +13948,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -14556,14 +14017,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -14624,7 +14077,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -14644,7 +14097,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -15964,12 +15417,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -16004,13 +15457,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 5`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -17194,7 +16640,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -17722,20 +17168,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -17752,7 +17184,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -17785,20 +17216,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -17806,32 +17230,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -17849,61 +17247,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codepipeline:GetPipeline", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Ref": "AcceleratorQualifier", - }, - "-pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": { @@ -18018,7 +17361,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "ParameterGroups": [ { "Label": { - "default": "Source Code Repository Configuration", + "default": "Git Repository Configuration", }, "Parameters": [ "RepositorySource", @@ -18053,18 +17396,10 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "Parameters": [ "ControlTowerEnabled", "AcceleratorPrefix", - "EnableDiagnosticsPack", - ], - }, - { - "Label": { - "default": "Config Repository Configuration", - }, - "Parameters": [ - "ConfigurationRepositoryLocation", "UseExistingConfigRepo", "ExistingConfigRepositoryName", "ExistingConfigRepositoryBranchName", + "EnableDiagnosticsPack", ], }, { @@ -18086,9 +17421,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "AuditAccountEmail": { "default": "Audit Account Email", }, - "ConfigurationRepositoryLocation": { - "default": "Configuration Repository Location", - }, "ControlTowerEnabled": { "default": "Control Tower Environment", }, @@ -18146,14 +17478,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "Description": "The security audit account (also referred to as the audit account)", "Type": "String", }, - "ConfigurationRepositoryLocation": { - "AllowedValues": [ - "codecommit", - "s3", - ], - "Description": "Specify the location to use to host the LZA configuration files", - "Type": "String", - }, "ControlTowerEnabled": { "AllowedValues": [ "Yes", @@ -18210,7 +17534,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "RepositoryBranchName": { "AllowedPattern": ".+", "ConstraintDescription": "The repository branch name must not be empty", - "Default": "release/v1.9.1", + "Default": "release/v1.7.1", "Description": "The name of the git branch to use for installation. To determine the branch name, navigate to the Landing Zone Accelerator GitHub branches page and choose the release branch you would like to deploy. Release branch names will align with the semantic versioning of our GitHub releases. New release branches will be available as the open source project is updated with new features.", "Type": "String", }, @@ -18230,7 +17554,7 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "codecommit", ], "Default": "github", - "Description": "Specify the location to use to host the LZA source code", + "Description": "Specify the git host", "Type": "String", }, "UseExistingConfigRepo": { @@ -19553,12 +18877,12 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` ], }, "Environment": { - "ComputeType": "BUILD_GENERAL1_LARGE", + "ComputeType": "BUILD_GENERAL1_MEDIUM", "EnvironmentVariables": [ { "Name": "NODE_OPTIONS", "Type": "PLAINTEXT", - "Value": "--max_old_space_size=12288", + "Value": "--max_old_space_size=4096", }, { "Name": "CDK_NEW_BOOTSTRAP", @@ -19593,13 +18917,6 @@ exports[`InstallerStack Stack(installer): Snapshot Test 6`] = ` "Ref": "RepositoryBranchName", }, }, - { - "Name": "CONFIG_REPOSITORY_LOCATION", - "Type": "PLAINTEXT", - "Value": { - "Ref": "ConfigurationRepositoryLocation", - }, - }, { "Name": "USE_EXISTING_CONFIG_REPO", "Type": "PLAINTEXT", @@ -20755,7 +20072,7 @@ phases: ], }, "Type": "String", - "Value": "1.9.1", + "Value": "1.7.1", }, "Type": "AWS::SSM::Parameter", }, @@ -21294,23 +20611,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Arn", ], }, - "acceleratorPipelineName": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "configRepositoryLocation": { - "Ref": "ConfigurationRepositoryLocation", - }, "existingConfigRepositoryBranchName": { "Ref": "ExistingConfigRepositoryBranchName", }, @@ -21327,7 +20627,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "ValidateInstallerValidationFunction21674768": { "DependsOn": [ - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", ], "Metadata": { @@ -21360,20 +20659,13 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { "Code": { "ZipFile": " const response = require('cfn-response'); - const { CodePipelineClient, GetPipelineCommand } = require("@aws-sdk/client-codepipeline"); exports.handler = async function (event, context) { console.log(JSON.stringify(event, null, 4)); const useExistingConfigRepo=event.ResourceProperties.useExistingConfigRepo; - const configRepositoryLocation=event.ResourceProperties.configRepositoryLocation; const existingConfigRepositoryName=event.ResourceProperties.existingConfigRepositoryName; const existingConfigRepositoryBranchName=event.ResourceProperties.existingConfigRepositoryBranchName; - if (event.RequestType === 'Delete') { - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - if (useExistingConfigRepo === 'Yes') { if (existingConfigRepositoryName === '' || existingConfigRepositoryBranchName === ''){ await response.send(event, context, response.FAILED, {'FailureReason': 'UseExistingConfigRepo parameter set to Yes, but ExistingConfigRepositoryName or ExistingConfigRepositoryBranchName parameter value missing!!!'}, event.PhysicalResourceId); @@ -21381,32 +20673,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { } } - if (configRepositoryLocation === 's3') { - if (useExistingConfigRepo === 'Yes' || existingConfigRepositoryName !== '' || existingConfigRepositoryBranchName !== ''){ - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing configuration repository parameters are populated. Existing repositories can not be used with an S3 configuration repository.'}, event.PhysicalResourceId); - return; - } - - try { - const pipelineName = event.ResourceProperties.acceleratorPipelineName; - const client = new CodePipelineClient(); - const input = { name: pipelineName }; - const command = new GetPipelineCommand(input); - const pipelineResponse = await client.send(command); - const sourceStage = pipelineResponse.pipeline.stages.find(stage => stage.name === 'Source'); - const configAction = sourceStage?.actions.find(action => action.name === 'Configuration'); - if (configAction.actionTypeId.provider === 'CodeCommit') { - await response.send(event, context, response.FAILED, {'FailureReason': 'ConfigRepositoryLocation parameter set to s3, but existing deployment using CodeCommit was detected. This value cannot be changed for existing deployments. Please set ConfigRepositoryLocation to CodeCommit and try again.'}, event.PhysicalResourceId); - return; - } - } catch (err) { - console.log('Encountered error finding existing pipeline, continuing') - console.log(err); - await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); - return; - } - } - // End of Validation await response.send(event, context, response.SUCCESS, {}, event.PhysicalResourceId); return; @@ -21424,64 +20690,6 @@ async function updatePipelineDetailsForBothPipelines(secretValue) { }, "Type": "AWS::Lambda::Function", }, - "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47": { - "Metadata": { - "cdk_nag": { - "rules_to_suppress": [ - { - "id": "AwsSolutions-IAM4", - "reason": "Needed to write to CWL group", - }, - ], - }, - }, - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codepipeline:GetPipeline", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codepipeline:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":", - { - "Fn::GetAtt": [ - "ResourceNamePrefixesGetPrefixResource96A10E6E", - "acceleratorPrefix", - ], - }, - "-Pipeline", - ], - ], - }, - "Sid": "ReadCodePipeline", - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "ValidateInstallerValidationFunctionServiceRoleDefaultPolicyAA8D9A47", - "Roles": [ - { - "Ref": "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "ValidateInstallerValidationFunctionServiceRoleF5BE8F9B": { "Metadata": { "cdk_nag": {