diff --git a/packages/@aws-cdk/mixins-preview/lib/mixins/private/reflections.ts b/packages/@aws-cdk/mixins-preview/lib/mixins/private/reflections.ts index 1383e70b6364f..68800d1e98367 100644 --- a/packages/@aws-cdk/mixins-preview/lib/mixins/private/reflections.ts +++ b/packages/@aws-cdk/mixins-preview/lib/mixins/private/reflections.ts @@ -1,6 +1,7 @@ import type { IConstruct } from 'constructs'; import { CfnResource } from 'aws-cdk-lib/core'; import type { IBucketRef, CfnBucketPolicy } from 'aws-cdk-lib/aws-s3'; +import { CfnDeliverySource } from 'aws-cdk-lib/aws-logs'; /** * Finds the closest related resource in the construct tree. @@ -88,3 +89,11 @@ export function tryFindBucketPolicyForBucket(bucket: IBucketRef): CfnBucketPolic }, ); } + +export function tryFindDeliverySourceForResource(source: IConstruct, sourceArn: string, logType: string): CfnDeliverySource | undefined { + return findClosestRelatedResource( + source, + 'AWS::Logs::DeliverySource', + (_, deliverySource) => deliverySource.resourceArn === sourceArn && deliverySource.logType === logType, + ); +} diff --git a/packages/@aws-cdk/mixins-preview/lib/services/aws-logs/logs-delivery.ts b/packages/@aws-cdk/mixins-preview/lib/services/aws-logs/logs-delivery.ts index 0541a6197e999..6ff71d8cc5fea 100644 --- a/packages/@aws-cdk/mixins-preview/lib/services/aws-logs/logs-delivery.ts +++ b/packages/@aws-cdk/mixins-preview/lib/services/aws-logs/logs-delivery.ts @@ -4,7 +4,7 @@ import * as logs from 'aws-cdk-lib/aws-logs'; import * as s3 from 'aws-cdk-lib/aws-s3'; import { Construct, type IConstruct } from 'constructs'; import type { IDeliveryStreamRef } from 'aws-cdk-lib/aws-kinesisfirehose'; -import { tryFindBucketPolicyForBucket } from '../../mixins/private/reflections'; +import { tryFindBucketPolicyForBucket, tryFindDeliverySourceForResource } from '../../mixins/private/reflections'; import { ConstructSelector, Mixins } from '../../core'; import { BucketPolicyStatementsMixins } from '../../mixins/private/s3'; import * as xray from '../aws-xray/policy'; @@ -32,13 +32,13 @@ export interface ILogsDeliveryConfig { */ export interface ILogsDelivery { /** - * Binds the destination to a delivery source and creates a delivery connection between the source and destination. + * Binds the log delivery to a source resource and creates a delivery connection between the source and destination. * @param scope - The construct scope - * @param deliverySource - The delivery source reference + * @param logType - The type of logs that the delivery source will produce * @param sourceResourceArn - The Arn of the source resource * @returns The delivery reference */ - bind(scope: IConstruct, deliverySource: logs.IDeliverySourceRef, sourceResourceArn: string): ILogsDeliveryConfig; + bind(scope: IConstruct, logType: string, sourceResourceArn: string): ILogsDeliveryConfig; } /** @@ -84,28 +84,29 @@ export class S3LogsDelivery implements ILogsDelivery { } /** - * Binds the S3 destination to a delivery source and creates a delivery connection between them. + * Binds S3 Bucket to a source resource for the purposes of log delivery and creates a delivery source, a delivery destination, and a connection between them. */ - public bind(scope: IConstruct, deliverySource: logs.IDeliverySourceRef, _sourceResourceArn: string): ILogsDeliveryConfig { - const container = new Construct(scope, deliveryId('S3', scope, this.bucket)); + public bind(scope: IConstruct, logType: string, sourceResourceArn: string): ILogsDeliveryConfig { + const container = new Construct(scope, deliveryId('S3', logType, scope, this.bucket)); const bucketPolicy = this.getOrCreateBucketPolicy(container); this.grantLogsDelivery(bucketPolicy); + const deliverySource = getOrCreateDeliverySource(logType, scope, sourceResourceArn); + const deliverySourceRef = deliverySource.deliverySourceRef; + const deliveryDestination = new logs.CfnDeliveryDestination(container, 'Dest', { destinationResourceArn: this.bucket.bucketRef.bucketArn, - name: deliveryDestName('s3', container), + name: deliveryDestName('s3', logType, container), deliveryDestinationType: 'S3', }); const delivery = new logs.CfnDelivery(container, 'Delivery', { deliveryDestinationArn: deliveryDestination.attrArn, - deliverySourceName: deliverySource.deliverySourceRef.deliverySourceName, + deliverySourceName: deliverySourceRef.deliverySourceName, }); - delivery.node.addDependency(bucketPolicy); deliveryDestination.node.addDependency(bucketPolicy); - deliverySource.node.addDependency(bucketPolicy); delivery.node.addDependency(deliverySource); delivery.node.addDependency(deliveryDestination); @@ -197,18 +198,20 @@ export class FirehoseLogsDelivery implements ILogsDelivery { } /** - * Binds the Firehose destination to a delivery source and creates a delivery connection between them. + * Binds Firehose Delivery Stream to a source resource for the purposes of log delivery and creates a delivery source, a delivery destination, and a connection between them. */ - public bind(scope: IConstruct, deliverySource: logs.IDeliverySourceRef, _sourceResourceArn: string): ILogsDeliveryConfig { - const container = new Construct(scope, deliveryId('Firehose', scope, this.deliveryStream)); + public bind(scope: IConstruct, logType: string, sourceResourceArn: string): ILogsDeliveryConfig { + const container = new Construct(scope, deliveryId('Firehose', logType, scope, this.deliveryStream)); // Firehose uses a service-linked role to deliver logs // This tag marks the destination stream as an allowed destination for the service-linked role Tags.of(this.deliveryStream).add('LogDeliveryEnabled', 'true'); + const deliverySource = getOrCreateDeliverySource(logType, scope, sourceResourceArn); + const deliveryDestination = new logs.CfnDeliveryDestination(container, 'Dest', { destinationResourceArn: this.deliveryStream.deliveryStreamRef.deliveryStreamArn, - name: deliveryDestName('fh', container), + name: deliveryDestName('fh', logType, container), deliveryDestinationType: 'FH', }); @@ -243,30 +246,31 @@ export class LogGroupLogsDelivery implements ILogsDelivery { } /** - * Binds the log group destination to a delivery source and creates a delivery connection between them. + * Binds Log Group to a source resource for the purposes of log delivery and creates a delivery source, a delivery destination, and a connection between them. */ - public bind(scope: IConstruct, deliverySource: logs.IDeliverySourceRef, _sourceResourceArn: string): ILogsDeliveryConfig { - const container = new Construct(scope, deliveryId('LogGroup', scope, this.logGroup)); + public bind(scope: IConstruct, logType: string, sourceResourceArn: string): ILogsDeliveryConfig { + const container = new Construct(scope, deliveryId('LogGroup', logType, scope, this.logGroup)); + + const deliverySource = getOrCreateDeliverySource(logType, scope, sourceResourceArn); + const deliverySourceRef = deliverySource.deliverySourceRef; const logGroupPolicy = this.getOrCreateLogsResourcePolicy(container); this.grantLogsDelivery(logGroupPolicy); const deliveryDestination = new logs.CfnDeliveryDestination(container, 'Dest', { destinationResourceArn: this.logGroup.logGroupRef.logGroupArn, - name: deliveryDestName('cwl', container), + name: deliveryDestName('cwl', logType, container), deliveryDestinationType: 'CWL', }); const delivery = new logs.CfnDelivery(container, 'Delivery', { deliveryDestinationArn: deliveryDestination.deliveryDestinationRef.deliveryDestinationArn, - deliverySourceName: deliverySource.deliverySourceRef.deliverySourceName, + deliverySourceName: deliverySourceRef.deliverySourceName, }); - delivery.node.addDependency(logGroupPolicy); delivery.node.addDependency(deliverySource); delivery.node.addDependency(deliveryDestination); - deliverySource.node.addDependency(logGroupPolicy); deliveryDestination.node.addDependency(logGroupPolicy); return { @@ -327,16 +331,17 @@ export class XRayLogsDelivery implements ILogsDelivery { constructor() {} /** - * Binds the X-Ray destination to a delivery source and creates a delivery connection between them. + * Binds X-Ray Destination to a source resource for the purposes of log delivery and creates a delivery source, a delivery destination, and a connection between them. */ - public bind(scope: IConstruct, deliverySource: logs.IDeliverySourceRef, sourceResourceArn: string): ILogsDeliveryConfig { - const container = new Construct(scope, deliveryId('XRay', scope, deliverySource)); + public bind(scope: IConstruct, logType: string, sourceResourceArn: string): ILogsDeliveryConfig { + const deliverySource = getOrCreateDeliverySource(logType, scope, sourceResourceArn); + const container = new Construct(scope, deliveryId('XRay', logType, scope, deliverySource)); const xrayResourcePolicy = this.getOrCreateResourcePolicy(container); this.grantLogsDelivery(xrayResourcePolicy, sourceResourceArn); const deliveryDestination = new logs.CfnDeliveryDestination(container, 'Dest', { - name: deliveryDestName('xray', container), + name: deliveryDestName('xray', logType, container), deliveryDestinationType: 'XRAY', }); @@ -345,9 +350,7 @@ export class XRayLogsDelivery implements ILogsDelivery { deliverySourceName: deliverySource.deliverySourceRef.deliverySourceName, }); - delivery.node.addDependency(xrayResourcePolicy); deliveryDestination.node.addDependency(xrayResourcePolicy); - deliverySource.node.addDependency(xrayResourcePolicy); delivery.node.addDependency(deliverySource); delivery.node.addDependency(deliveryDestination); @@ -403,11 +406,26 @@ export class XRayLogsDelivery implements ILogsDelivery { } } -function deliveryId(type: string, ...scopes: IConstruct[]) { - return `Cdk${type}Delivery${scopes.map(s => Names.uniqueId(s)).join('')}`; +function deliveryId(destType: string, logType: string, ...scopes: IConstruct[]) { + return `Cdk${destType}${logType.split('_').map(word => word.charAt(0) + word.slice(1).toLowerCase()).join('')}Delivery${scopes.map(s => Names.uniqueId(s)).join('')}`; } -function deliveryDestName(type: string, scope: IConstruct) { - const prefix = `cdk-${type}-dest-`; +function deliveryDestName(destType: string, logType: string, scope: IConstruct) { + const prefix = `cdk-${destType}-${logType.split('_').map(word => word.toLowerCase()).join('-')}-dest-`; return `${prefix}${Names.uniqueResourceName(scope, { maxLength: 60 - prefix.length })}`; } + +function getOrCreateDeliverySource(logType: string, resource: IConstruct, sourceArn: string) { + const sourceResource = tryFindDeliverySourceForResource(resource, sourceArn, logType); + + if (!sourceResource) { + const prefix = `cdk-${logType.split('_').map(word => word.toLowerCase()).join('')}-source-`; + const newSource = new logs.CfnDeliverySource(resource, `CDKSource${logType}${Names.uniqueId(resource)}`, { + name: `${prefix}${Names.uniqueResourceName(resource, { maxLength: 60 - prefix.length })}`, + logType, + resourceArn: sourceArn, + }); + return newSource; + } + return sourceResource; +} diff --git a/packages/@aws-cdk/mixins-preview/scripts/spec2logs/builder.ts b/packages/@aws-cdk/mixins-preview/scripts/spec2logs/builder.ts index 06823a8897725..c703483f60ef3 100644 --- a/packages/@aws-cdk/mixins-preview/scripts/spec2logs/builder.ts +++ b/packages/@aws-cdk/mixins-preview/scripts/spec2logs/builder.ts @@ -3,7 +3,7 @@ import { naming, util } from '@aws-cdk/spec2cdk'; import { CDK_CORE, CDK_INTERFACES, CONSTRUCTS } from '@aws-cdk/spec2cdk/lib/cdk/cdk'; import type { Method } from '@cdklabs/typewriter'; import { Module, ExternalModule, ClassType, Stability, Type, expr, stmt, ThingSymbol, $this, CallableProxy, NewExpression, $E } from '@cdklabs/typewriter'; -import { CDK_AWS_LOGS, MIXINS_LOGS_DELIVERY } from './helpers'; +import { MIXINS_LOGS_DELIVERY } from './helpers'; import type { ServiceSubmoduleProps, LocatedModule } from '@aws-cdk/spec2cdk/lib/cdk/service-submodule'; import { BaseServiceSubmodule, relativeImportPath } from '@aws-cdk/spec2cdk/lib/cdk/service-submodule'; import type { AddServiceProps, LibraryBuilderProps } from '@aws-cdk/spec2cdk/lib/cdk/library-builder'; @@ -72,7 +72,6 @@ export class LogsDeliveryBuilder extends LibraryBuilder { }); }); }); + +describe('find DeliverySource', () => { + let app: App; + let stack: Stack; + let logType: string = 'ACCESS_LOGS'; + + beforeEach(() => { + app = new App(); + stack = new Stack(app, 'TestStack'); + }); + + describe('find in construct tree', () => { + test('returns undefined when no delivery source exists', () => { + const bucket = new s3.CfnBucket(stack, 'Bucket'); + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBeUndefined(); + }); + + test('finds delivery source as direct child of construct', () => { + const bucket = new s3.CfnBucket(stack, 'Bucket'); + const source = new logs.CfnDeliverySource(bucket, 'BucketSource', { + name: 'bucket-source', + resourceArn: bucket.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBe(source); + }); + + test('finds delivery source as transitive child of construct', () => { + const bucket = new s3.CfnBucket(stack, 'Bucket'); + const intermediate = new Construct(bucket, 'Intermediate'); + const source = new logs.CfnDeliverySource(intermediate, 'BucketSource', { + name: 'bucket-source', + resourceArn: bucket.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBe(source); + }); + + test('finds delivery source as sibling (child of parent)', () => { + const parent = new Construct(stack, 'Parent'); + const bucket = new s3.CfnBucket(parent, 'Bucket'); + const source = new logs.CfnDeliverySource(parent, 'BucketSource', { + name: 'bucket-source', + resourceArn: bucket.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBe(source); + }); + + test('finds delivery source in parent hierarchy', () => { + const grandparent = new Construct(stack, 'Grandparent'); + const parent = new Construct(grandparent, 'Parent'); + const bucket = new s3.CfnBucket(parent, 'Bucket'); + const source = new logs.CfnDeliverySource(grandparent, 'BucketSource', { + name: 'bucket-source', + resourceArn: bucket.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBe(source); + }); + + test('finds cousin delivery sources', () => { + const grandparent = new Construct(stack, 'Grandparent'); + const parent = new Construct(grandparent, 'Parent'); + const auncle = new Construct(grandparent, 'Auncle'); + + const bucket = new s3.CfnBucket(parent, 'Bucket'); + const source = new logs.CfnDeliverySource(auncle, 'BucketSource', { + name: 'bucket-source', + resourceArn: bucket.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket, bucket.attrArn, logType)).toBe(source); + }); + + test('ignores unrelated delivery sources', () => { + const bucket1 = new s3.CfnBucket(stack, 'Bucket1'); + const bucket2 = new s3.CfnBucket(stack, 'Bucket2'); + new logs.CfnDeliverySource(stack, 'BucketSourceA', { + name: 'bucket-source-1a', + resourceArn: bucket1.attrArn, + logType: 'ERROR_LOGS', + }); + + new logs.CfnDeliverySource(stack, 'BucketSourceB', { + name: 'bucket-source-2b', + resourceArn: bucket2.attrArn, + logType, + }); + + expect(tryFindDeliverySourceForResource(bucket1, bucket1.attrArn, logType)).toBeUndefined(); + }); + }); +}); diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.assets.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.assets.json new file mode 100644 index 0000000000000..c8baa20e8111e --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "DeliveryTestDefaultTestDeployAssert48416031 Template", + "source": { + "path": "DeliveryTestDefaultTestDeployAssert48416031.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d8d86b35": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.template.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/DeliveryTestDefaultTestDeployAssert48416031.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.assets.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.assets.json new file mode 100644 index 0000000000000..01c18bab1b340 --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.assets.json @@ -0,0 +1,34 @@ +{ + "version": "48.0.0", + "files": { + "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61": { + "displayName": "VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider Code", + "source": { + "path": "asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region-094cbf39": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "a25147b5f6bdce0150146e35923f7fb589205e140868690ed347d0d44e57c036": { + "displayName": "VendedLogsMixinTest Template", + "source": { + "path": "VendedLogsMixinTest.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-4958e8fa": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "a25147b5f6bdce0150146e35923f7fb589205e140868690ed347d0d44e57c036.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.template.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.template.json new file mode 100644 index 0000000000000..2716bbd9376ea --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/VendedLogsMixinTest.template.json @@ -0,0 +1,450 @@ +{ + "Resources": { + "EventBus7B8748AA": { + "Type": "AWS::Events::EventBus", + "Properties": { + "LogConfig": { + "IncludeDetail": "NONE", + "Level": "INFO" + }, + "Name": "vended-logs-mixin-event-bus" + } + }, + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E": { + "Type": "AWS::Logs::DeliveryDestination", + "Properties": { + "DeliveryDestinationType": "CWL", + "DestinationResourceArn": { + "Fn::GetAtt": [ + "DeliveryLogGroup2A53FD53", + "Arn" + ] + }, + "Name": "cdk-cwl-error-logs-dest-VendedLogsMixigGroupD06F335FDE18FD44" + }, + "DependsOn": [ + "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" + ] + }, + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery2D4329FE": { + "Type": "AWS::Logs::Delivery", + "Properties": { + "DeliveryDestinationArn": { + "Fn::GetAtt": [ + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E", + "Arn" + ] + }, + "DeliverySourceName": { + "Ref": "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" + } + }, + "DependsOn": [ + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E", + "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" + ] + }, + "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32": { + "Type": "AWS::Logs::DeliverySource", + "Properties": { + "LogType": "ERROR_LOGS", + "Name": "cdk-errorlogs-source-VendedLogsMixinTestEventBus050202CA", + "ResourceArn": { + "Fn::GetAtt": [ + "EventBus7B8748AA", + "Arn" + ] + } + } + }, + "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDest512D2F7B": { + "Type": "AWS::Logs::DeliveryDestination", + "Properties": { + "DeliveryDestinationType": "CWL", + "DestinationResourceArn": { + "Fn::GetAtt": [ + "DeliveryLogGroup2A53FD53", + "Arn" + ] + }, + "Name": "cdk-cwl-info-logs-dest-VendedLogsMixigGroupD06F335FC36F4D1E" + }, + "DependsOn": [ + "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" + ] + }, + "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery69196BA3": { + "Type": "AWS::Logs::Delivery", + "Properties": { + "DeliveryDestinationArn": { + "Fn::GetAtt": [ + "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDest512D2F7B", + "Arn" + ] + }, + "DeliverySourceName": { + "Ref": "EventBusCDKSourceINFOLOGSVendedLogsMixinTestEventBus050202CA7ECF7D3F" + } + }, + "DependsOn": [ + "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDest512D2F7B", + "EventBusCDKSourceINFOLOGSVendedLogsMixinTestEventBus050202CA7ECF7D3F" + ] + }, + "EventBusCDKSourceINFOLOGSVendedLogsMixinTestEventBus050202CA7ECF7D3F": { + "Type": "AWS::Logs::DeliverySource", + "Properties": { + "LogType": "INFO_LOGS", + "Name": "cdk-infologs-source-VendedLogsMixinTestEventBus050202CA", + "ResourceArn": { + "Fn::GetAtt": [ + "EventBus7B8748AA", + "Arn" + ] + } + } + }, + "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4DestE59F2AF8": { + "Type": "AWS::Logs::DeliveryDestination", + "Properties": { + "DeliveryDestinationType": "S3", + "DestinationResourceArn": { + "Fn::GetAtt": [ + "DeliveryBucketA9AE6474", + "Arn" + ] + }, + "Name": "cdk-s3-error-logs-dest-VendedLogsMixiBucketE1BC60E4FF860E7B" + }, + "DependsOn": [ + "DeliveryBucketPolicyB86375F3" + ] + }, + "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4Delivery2E928457": { + "Type": "AWS::Logs::Delivery", + "Properties": { + "DeliveryDestinationArn": { + "Fn::GetAtt": [ + "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4DestE59F2AF8", + "Arn" + ] + }, + "DeliverySourceName": { + "Ref": "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" + } + }, + "DependsOn": [ + "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4DestE59F2AF8", + "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" + ] + }, + "DeliveryLogGroup2A53FD53": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "DeliveryBucketA9AE6474": { + "Type": "AWS::S3::Bucket", + "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "DeliveryBucketPolicyB86375F3": { + "Type": "AWS::S3::BucketPolicy", + "Properties": { + "Bucket": { + "Ref": "DeliveryBucketA9AE6474" + }, + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:List*", + "s3:PutBucketPolicy" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "DeliveryBucketA9AE6474", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "DeliveryBucketA9AE6474", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": "s3:PutObject", + "Condition": { + "StringEquals": { + "s3:x-amz-acl": "bucket-owner-full-control", + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + } + }, + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":delivery-source:*" + ] + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com" + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "DeliveryBucketA9AE6474", + "Arn" + ] + }, + "/AWSLogs/", + { + "Ref": "AWS::AccountId" + }, + "/*" + ] + ] + } + } + ], + "Version": "2012-10-17" + } + } + }, + "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75": { + "Type": "Custom::S3AutoDeleteObjects", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", + "Arn" + ] + }, + "BucketName": { + "Ref": "DeliveryBucketA9AE6474" + } + }, + "DependsOn": [ + "DeliveryBucketPolicyB86375F3" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ] + } + }, + "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61.zip" + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", + "Arn" + ] + }, + "Runtime": "nodejs22.x", + "Description": { + "Fn::Join": [ + "", + [ + "Lambda function for auto-deleting objects in ", + { + "Ref": "DeliveryBucketA9AE6474" + }, + " S3 bucket." + ] + ] + } + }, + "DependsOn": [ + "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + ] + }, + "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857": { + "Type": "AWS::Logs::ResourcePolicy", + "Properties": { + "PolicyDocument": { + "Fn::Join": [ + "", + [ + "{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"", + { + "Ref": "AWS::AccountId" + }, + "\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"", + { + "Fn::GetAtt": [ + "DeliveryLogGroup2A53FD53", + "Arn" + ] + }, + ":log-stream:*\"},{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"", + { + "Ref": "AWS::AccountId" + }, + "\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"", + { + "Fn::GetAtt": [ + "DeliveryLogGroup2A53FD53", + "Arn" + ] + }, + ":log-stream:*\"}],\"Version\":\"2012-10-17\"}" + ] + ] + }, + "PolicyName": "VendedLogsMixinTestEventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDE18FD44" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61/index.js b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61/index.js similarity index 100% rename from packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61/index.js rename to packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61/index.js diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/cdk.out b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/cdk.out new file mode 100644 index 0000000000000..523a9aac37cbf --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/integ.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/integ.json new file mode 100644 index 0000000000000..c66ffd35ed308 --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "48.0.0", + "testCases": { + "DeliveryTest/DefaultTest": { + "stacks": [ + "VendedLogsMixinTest" + ], + "assertionStack": "DeliveryTest/DefaultTest/DeployAssert", + "assertionStackName": "DeliveryTestDefaultTestDeployAssert48416031" + } + }, + "minimumCliVersion": "2.1033.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/manifest.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/manifest.json new file mode 100644 index 0000000000000..1b7c59527bf83 --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/manifest.json @@ -0,0 +1,749 @@ +{ + "version": "48.0.0", + "artifacts": { + "VendedLogsMixinTest.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "VendedLogsMixinTest.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "VendedLogsMixinTest": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "VendedLogsMixinTest.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a25147b5f6bdce0150146e35923f7fb589205e140868690ed347d0d44e57c036.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "VendedLogsMixinTest.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "VendedLogsMixinTest.assets" + ], + "metadata": { + "/VendedLogsMixinTest/EventBus": [ + { + "type": "aws:cdk:analytics:construct", + "data": {} + } + ], + "/VendedLogsMixinTest/EventBus/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBus7B8748AA" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery2D4329FE" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDest512D2F7B" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery69196BA3" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CDKSourceINFO_LOGSVendedLogsMixinTestEventBus050202CA": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCDKSourceINFOLOGSVendedLogsMixinTestEventBus050202CA7ECF7D3F" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4/Dest": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4DestE59F2AF8" + } + ], + "/VendedLogsMixinTest/EventBus/Resource/CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4/Delivery": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4Delivery2E928457" + } + ], + "/VendedLogsMixinTest/DeliveryLogGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "removalPolicy": "destroy" + } + } + ], + "/VendedLogsMixinTest/DeliveryLogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DeliveryLogGroup2A53FD53" + } + ], + "/VendedLogsMixinTest/DeliveryBucket": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "removalPolicy": "destroy", + "autoDeleteObjects": true, + "encryption": "S3_MANAGED" + } + } + ], + "/VendedLogsMixinTest/DeliveryBucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DeliveryBucketA9AE6474" + } + ], + "/VendedLogsMixinTest/DeliveryBucket/Policy": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "bucket": "*" + } + } + ], + "/VendedLogsMixinTest/DeliveryBucket/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DeliveryBucketPolicyB86375F3" + } + ], + "/VendedLogsMixinTest/DeliveryBucket/AutoDeleteObjectsCustomResource": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/VendedLogsMixinTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75" + } + ], + "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider": [ + { + "type": "aws:cdk:is-custom-resource-handler-customResourceProvider", + "data": true + } + ], + "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" + } + ], + "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" + } + ], + "/VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": {} + } + ], + "/VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy": [ + { + "type": "aws:cdk:logicalId", + "data": "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" + } + ], + "/VendedLogsMixinTest/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/VendedLogsMixinTest/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "VendedLogsMixinTest" + }, + "DeliveryTestDefaultTestDeployAssert48416031.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "DeliveryTestDefaultTestDeployAssert48416031.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "DeliveryTestDefaultTestDeployAssert48416031": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "DeliveryTestDefaultTestDeployAssert48416031.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "DeliveryTestDefaultTestDeployAssert48416031.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "DeliveryTestDefaultTestDeployAssert48416031.assets" + ], + "metadata": { + "/DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "DeliveryTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "userValue": true, + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "userValue": true, + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + }, + "@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": { + "recommendedValue": true, + "explanation": "When enabled, Network Load Balancer will be created with a security group by default." + }, + "@aws-cdk/aws-stepfunctions-tasks:httpInvokeDynamicJsonPathEndpoint": { + "recommendedValue": true, + "explanation": "When enabled, allows using a dynamic apiEndpoint with JSONPath format in HttpInvoke tasks.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": { + "recommendedValue": true, + "explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement" + } + } + } + } + }, + "minimumCliVersion": "2.1033.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/tree.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/tree.json new file mode 100644 index 0000000000000..355c47983359f --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.js.snapshot/tree.json @@ -0,0 +1 @@ +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsMixinTest":{"id":"VendedLogsMixinTest","path":"VendedLogsMixinTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"EventBus":{"id":"EventBus","path":"VendedLogsMixinTest/EventBus","constructInfo":{"fqn":"aws-cdk-lib.aws_events.EventBus","version":"0.0.0","metadata":[{}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/EventBus/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnEventBus","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::EventBus","aws:cdk:cloudformation:props":{"logConfig":{"includeDetail":"NONE","level":"INFO"},"name":"vended-logs-mixin-event-bus"}},"children":{"CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F":{"id":"CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-error-logs-dest-VendedLogsMixigGroupD06F335FDE18FD44"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E","Arn"]},"deliverySourceName":{"Ref":"EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32"}}}}}},"CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA":{"id":"CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA","path":"VendedLogsMixinTest/EventBus/Resource/CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ERROR_LOGS","name":"cdk-errorlogs-source-VendedLogsMixinTestEventBus050202CA","resourceArn":{"Fn::GetAtt":["EventBus7B8748AA","Arn"]}}}},"CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F":{"id":"CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-info-logs-dest-VendedLogsMixigGroupD06F335FC36F4D1E"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["EventBusCdkLogGroupInfoLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDest512D2F7B","Arn"]},"deliverySourceName":{"Ref":"EventBusCDKSourceINFOLOGSVendedLogsMixinTestEventBus050202CA7ECF7D3F"}}}}}},"CDKSourceINFO_LOGSVendedLogsMixinTestEventBus050202CA":{"id":"CDKSourceINFO_LOGSVendedLogsMixinTestEventBus050202CA","path":"VendedLogsMixinTest/EventBus/Resource/CDKSourceINFO_LOGSVendedLogsMixinTestEventBus050202CA","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"INFO_LOGS","name":"cdk-infologs-source-VendedLogsMixinTestEventBus050202CA","resourceArn":{"Fn::GetAtt":["EventBus7B8748AA","Arn"]}}}},"CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4":{"id":"CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4","path":"VendedLogsMixinTest/EventBus/Resource/CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMixinTest/EventBus/Resource/CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"S3","destinationResourceArn":{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"name":"cdk-s3-error-logs-dest-VendedLogsMixiBucketE1BC60E4FF860E7B"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMixinTest/EventBus/Resource/CdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["EventBusCdkS3ErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryBucketE1BC60E4DestE59F2AF8","Arn"]},"deliverySourceName":{"Ref":"EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32"}}}}}}}}}},"DeliveryLogGroup":{"id":"DeliveryLogGroup","path":"VendedLogsMixinTest/DeliveryLogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/DeliveryLogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"DeliveryBucket":{"id":"DeliveryBucket","path":"VendedLogsMixinTest/DeliveryBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/DeliveryBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsMixinTest/DeliveryBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/DeliveryBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"DeliveryBucketA9AE6474"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"StringEquals":{"s3:x-amz-acl":"bucket-owner-full-control","aws:SourceAccount":{"Ref":"AWS::AccountId"}},"ArnLike":{"aws:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":delivery-source:*"]]}}},"Effect":"Allow","Principal":{"Service":"delivery.logs.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/AWSLogs/",{"Ref":"AWS::AccountId"},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsMixinTest/DeliveryBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsMixinTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"},{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsMixinTestEventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDE18FD44"}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsMixinTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsMixinTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.ts b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.ts new file mode 100644 index 0000000000000..0126b06c0a83a --- /dev/null +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin-multiple.ts @@ -0,0 +1,43 @@ +import * as cdk from 'aws-cdk-lib/core'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import * as s3 from 'aws-cdk-lib/aws-s3'; +import * as logs from 'aws-cdk-lib/aws-logs'; +import * as events from 'aws-cdk-lib/aws-events'; +import { CfnEventBusLogsMixin } from '../../../lib/services/aws-events/mixins'; +import '../../../lib/with'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'VendedLogsMixinTest'); + +// Source Resource +const eventBus = new events.EventBus(stack, 'EventBus', { + eventBusName: 'vended-logs-mixin-event-bus', + logConfig: { + includeDetail: events.IncludeDetail.NONE, + level: events.Level.INFO, + }, +}); + +// Cloudwatch Log Group Destination +const logGroup = new logs.LogGroup(stack, 'DeliveryLogGroup', { + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); + +// S3 Bucket Destination +const bucket = new s3.Bucket(stack, 'DeliveryBucket', { + removalPolicy: cdk.RemovalPolicy.DESTROY, + autoDeleteObjects: true, + encryption: s3.BucketEncryption.S3_MANAGED, +}); + +// Setup error logs delivery to Cloudwatch +eventBus.with(CfnEventBusLogsMixin.ERROR_LOGS.toLogGroup(logGroup)); +// Setup info logs delivery to Cloudwatch +eventBus.with(CfnEventBusLogsMixin.INFO_LOGS.toLogGroup(logGroup)); +// Setup error logs delivery to S3 +eventBus.with(CfnEventBusLogsMixin.ERROR_LOGS.toS3(bucket)); + +new integ.IntegTest(app, 'DeliveryTest', { + testCases: [stack], +}); diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.assets.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.assets.json index 58c57e672c71a..d6b36e0164d17 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.assets.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.assets.json @@ -1,30 +1,16 @@ { "version": "48.0.0", "files": { - "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6": { - "displayName": "VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider Code", - "source": { - "path": "asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6", - "packaging": "zip" - }, - "destinations": { - "current_account-current_region-e31788a2": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - }, - "490957a1747e56a1f8583d023556fd6f1c7c9fbb256cdf79688e2fd99c010579": { + "6087e564a08177941c1f2d757c2f0eb969e33de790ad70b2b3e8f26d748f6d8d": { "displayName": "VendedLogsMixinTest Template", "source": { "path": "VendedLogsMixinTest.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region-6371097b": { + "current_account-current_region-969ffbc0": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "490957a1747e56a1f8583d023556fd6f1c7c9fbb256cdf79688e2fd99c010579.json", + "objectKey": "6087e564a08177941c1f2d757c2f0eb969e33de790ad70b2b3e8f26d748f6d8d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.template.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.template.json index d55ade45852af..9e9a7572cba41 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.template.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/VendedLogsMixinTest.template.json @@ -1,268 +1,16 @@ { "Resources": { - "OriginBucketCA772B8F": { - "Type": "AWS::S3::Bucket", + "EventBus7B8748AA": { + "Type": "AWS::Events::EventBus", "Properties": { - "Tags": [ - { - "Key": "aws-cdk:auto-delete-objects", - "Value": "true" - } - ] - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "OriginBucketPolicyFD67BA59": { - "Type": "AWS::S3::BucketPolicy", - "Properties": { - "Bucket": { - "Ref": "OriginBucketCA772B8F" + "LogConfig": { + "IncludeDetail": "NONE", + "Level": "ERROR" }, - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "s3:DeleteObject*", - "s3:GetBucket*", - "s3:List*", - "s3:PutBucketPolicy" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - } - }, - "Resource": [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - "/*" - ] - ] - } - ] - }, - { - "Action": "s3:GetObject", - "Condition": { - "StringEquals": { - "AWS:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":cloudfront::", - { - "Ref": "AWS::AccountId" - }, - ":distribution/", - { - "Ref": "Distribution830FAC52" - } - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "cloudfront.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - "/*" - ] - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "OriginBucketAutoDeleteObjectsCustomResource064ED07E": { - "Type": "Custom::S3AutoDeleteObjects", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", - "Arn" - ] - }, - "BucketName": { - "Ref": "OriginBucketCA772B8F" - } - }, - "DependsOn": [ - "OriginBucketPolicyFD67BA59" - ], - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ] - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - } - ] - } - }, - "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "S3Key": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip" - }, - "Timeout": 900, - "MemorySize": 128, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - }, - "Runtime": "nodejs22.x", - "Description": { - "Fn::Join": [ - "", - [ - "Lambda function for auto-deleting objects in ", - { - "Ref": "OriginBucketCA772B8F" - }, - " S3 bucket." - ] - ] - } - }, - "DependsOn": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" - ] - }, - "DistributionOrigin1S3OriginAccessControlEB606076": { - "Type": "AWS::CloudFront::OriginAccessControl", - "Properties": { - "OriginAccessControlConfig": { - "Name": "VendedLogsMixinTestDistributOrigin1S3OriginAccessControl746C2DF7", - "OriginAccessControlOriginType": "s3", - "SigningBehavior": "always", - "SigningProtocol": "sigv4" - } + "Name": "vended-logs-mixin-event-bus" } }, - "Distribution830FAC52": { - "Type": "AWS::CloudFront::Distribution", - "Properties": { - "DistributionConfig": { - "DefaultCacheBehavior": { - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", - "Compress": true, - "TargetOriginId": "VendedLogsMixinTestDistributionOrigin1622BA555", - "ViewerProtocolPolicy": "allow-all" - }, - "Enabled": true, - "HttpVersion": "http2", - "IPV6Enabled": true, - "Origins": [ - { - "DomainName": { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "RegionalDomainName" - ] - }, - "Id": "VendedLogsMixinTestDistributionOrigin1622BA555", - "OriginAccessControlId": { - "Fn::GetAtt": [ - "DistributionOrigin1S3OriginAccessControlEB606076", - "Id" - ] - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - } - } - }, - "DistributionCdkSourceVendedLogsMixinTestDistributionAD616170C405E503": { - "Type": "AWS::Logs::DeliverySource", - "Properties": { - "LogType": "CONNECTION_LOGS", - "Name": "DistributionSource-VendedLoributionAD616170-CONNECTION_LOGS", - "ResourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":cloudfront::", - { - "Ref": "AWS::AccountId" - }, - ":distribution/", - { - "Ref": "Distribution830FAC52" - } - ] - ] - } - }, - "DependsOn": [ - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" - ] - }, - "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDest81EEE80A": { + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "CWL", @@ -272,31 +20,43 @@ "Arn" ] }, - "Name": "cdk-cwl-dest-VendedLogsMixinTesteryLogGroupD06F335F73D12F53" + "Name": "cdk-cwl-error-logs-dest-VendedLogsMixigGroupD06F335FDE18FD44" }, "DependsOn": [ "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" ] }, - "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDelivery47B2B011": { + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery2D4329FE": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDest81EEE80A", + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E", "Arn" ] }, "DeliverySourceName": { - "Ref": "DistributionCdkSourceVendedLogsMixinTestDistributionAD616170C405E503" + "Ref": "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" } }, "DependsOn": [ - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857", - "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDest81EEE80A", - "DistributionCdkSourceVendedLogsMixinTestDistributionAD616170C405E503" + "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E", + "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" ] }, + "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32": { + "Type": "AWS::Logs::DeliverySource", + "Properties": { + "LogType": "ERROR_LOGS", + "Name": "cdk-errorlogs-source-VendedLogsMixinTestEventBus050202CA", + "ResourceArn": { + "Fn::GetAtt": [ + "EventBus7B8748AA", + "Arn" + ] + } + } + }, "DeliveryLogGroup2A53FD53": { "Type": "AWS::Logs::LogGroup", "Properties": { @@ -339,7 +99,7 @@ ] ] }, - "PolicyName": "VendedLogsMixinTestDistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F73D12F53" + "PolicyName": "VendedLogsMixinTestEventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDE18FD44" } } }, diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js deleted file mode 100644 index 2f92d06c13a06..0000000000000 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")} diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/manifest.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/manifest.json index 053586e75a407..3964d2bd9ea62 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/manifest.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/490957a1747e56a1f8583d023556fd6f1c7c9fbb256cdf79688e2fd99c010579.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6087e564a08177941c1f2d757c2f0eb969e33de790ad70b2b3e8f26d748f6d8d.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,109 +34,34 @@ "VendedLogsMixinTest.assets" ], "metadata": { - "/VendedLogsMixinTest/OriginBucket": [ + "/VendedLogsMixinTest/EventBus": [ { "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "autoDeleteObjects": true - } - } - ], - "/VendedLogsMixinTest/OriginBucket/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketCA772B8F" - } - ], - "/VendedLogsMixinTest/OriginBucket/Policy": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "bucket": "*" - } - } - ], - "/VendedLogsMixinTest/OriginBucket/Policy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketPolicyFD67BA59" - } - ], - "/VendedLogsMixinTest/OriginBucket/AutoDeleteObjectsCustomResource": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsMixinTest/OriginBucket/AutoDeleteObjectsCustomResource/Default": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketAutoDeleteObjectsCustomResource064ED07E" - } - ], - "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider": [ - { - "type": "aws:cdk:is-custom-resource-handler-customResourceProvider", - "data": true - } - ], - "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ - { - "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" - } - ], - "/VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ - { - "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" - } - ], - "/VendedLogsMixinTest/Distribution": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "defaultBehavior": { - "origin": "*" - } - } - } - ], - "/VendedLogsMixinTest/Distribution/Origin1/S3OriginAccessControl": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsMixinTest/Distribution/Origin1/S3OriginAccessControl/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "DistributionOrigin1S3OriginAccessControlEB606076" + "data": {} } ], - "/VendedLogsMixinTest/Distribution/Resource": [ + "/VendedLogsMixinTest/EventBus/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Distribution830FAC52" + "data": "EventBus7B8748AA" } ], - "/VendedLogsMixinTest/Distribution/Resource/CdkSourceVendedLogsMixinTestDistributionAD616170": [ + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest": [ { "type": "aws:cdk:logicalId", - "data": "DistributionCdkSourceVendedLogsMixinTestDistributionAD616170C405E503" + "data": "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E" } ], - "/VendedLogsMixinTest/Distribution/Resource/CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F/Dest": [ + "/VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDest81EEE80A" + "data": "EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDelivery2D4329FE" } ], - "/VendedLogsMixinTest/Distribution/Resource/CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery": [ + "/VendedLogsMixinTest/EventBus/Resource/CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA": [ { "type": "aws:cdk:logicalId", - "data": "DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDelivery47B2B011" + "data": "EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32" } ], "/VendedLogsMixinTest/DeliveryLogGroup": [ diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/tree.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/tree.json index 90b9104e00af0..97ab7196de5e4 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/tree.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsMixinTest":{"id":"VendedLogsMixinTest","path":"VendedLogsMixinTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"OriginBucket":{"id":"OriginBucket","path":"VendedLogsMixinTest/OriginBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/OriginBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsMixinTest/OriginBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/OriginBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"OriginBucketCA772B8F"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsMixinTest/OriginBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsMixinTest/OriginBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"VendedLogsMixinTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"Distribution":{"id":"Distribution","path":"VendedLogsMixinTest/Distribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"0.0.0","metadata":[{"defaultBehavior":{"origin":"*"}}]},"children":{"Origin1":{"id":"Origin1","path":"VendedLogsMixinTest/Distribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"S3OriginAccessControl":{"id":"S3OriginAccessControl","path":"VendedLogsMixinTest/Distribution/Origin1/S3OriginAccessControl","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.S3OriginAccessControl","version":"0.0.0","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/Distribution/Origin1/S3OriginAccessControl/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":"VendedLogsMixinTestDistributOrigin1S3OriginAccessControl746C2DF7","signingBehavior":"always","signingProtocol":"sigv4","originAccessControlOriginType":"s3"}}}}}}}},"Resource":{"id":"Resource","path":"VendedLogsMixinTest/Distribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["OriginBucketCA772B8F","RegionalDomainName"]},"id":"VendedLogsMixinTestDistributionOrigin1622BA555","s3OriginConfig":{"originAccessIdentity":""},"originAccessControlId":{"Fn::GetAtt":["DistributionOrigin1S3OriginAccessControlEB606076","Id"]}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"VendedLogsMixinTestDistributionOrigin1622BA555","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"allow-all"},"httpVersion":"http2","ipv6Enabled":true}}},"children":{"CdkSourceVendedLogsMixinTestDistributionAD616170":{"id":"CdkSourceVendedLogsMixinTestDistributionAD616170","path":"VendedLogsMixinTest/Distribution/Resource/CdkSourceVendedLogsMixinTestDistributionAD616170","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"CONNECTION_LOGS","name":"DistributionSource-VendedLoributionAD616170-CONNECTION_LOGS","resourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}}},"CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F":{"id":"CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F","path":"VendedLogsMixinTest/Distribution/Resource/CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMixinTest/Distribution/Resource/CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-dest-VendedLogsMixinTesteryLogGroupD06F335F73D12F53"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMixinTest/Distribution/Resource/CdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["DistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335FDest81EEE80A","Arn"]},"deliverySourceName":{"Ref":"DistributionCdkSourceVendedLogsMixinTestDistributionAD616170C405E503"}}}}}}}}}},"DeliveryLogGroup":{"id":"DeliveryLogGroup","path":"VendedLogsMixinTest/DeliveryLogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/DeliveryLogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsMixinTestDistributionCdkLogGroupDeliveryVendedLogsMixinTestDistributionAD616170VendedLogsMixinTestDeliveryLogGroupD06F335F73D12F53"}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsMixinTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsMixinTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsMixinTest":{"id":"VendedLogsMixinTest","path":"VendedLogsMixinTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"EventBus":{"id":"EventBus","path":"VendedLogsMixinTest/EventBus","constructInfo":{"fqn":"aws-cdk-lib.aws_events.EventBus","version":"0.0.0","metadata":[{}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/EventBus/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnEventBus","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::EventBus","aws:cdk:cloudformation:props":{"logConfig":{"includeDetail":"NONE","level":"ERROR"},"name":"vended-logs-mixin-event-bus"}},"children":{"CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F":{"id":"CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-error-logs-dest-VendedLogsMixigGroupD06F335FDE18FD44"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMixinTest/EventBus/Resource/CdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335F/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["EventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDestC87FF06E","Arn"]},"deliverySourceName":{"Ref":"EventBusCDKSourceERRORLOGSVendedLogsMixinTestEventBus050202CA0AA12A32"}}}}}},"CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA":{"id":"CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA","path":"VendedLogsMixinTest/EventBus/Resource/CDKSourceERROR_LOGSVendedLogsMixinTestEventBus050202CA","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ERROR_LOGS","name":"cdk-errorlogs-source-VendedLogsMixinTestEventBus050202CA","resourceArn":{"Fn::GetAtt":["EventBus7B8748AA","Arn"]}}}}}}}},"DeliveryLogGroup":{"id":"DeliveryLogGroup","path":"VendedLogsMixinTest/DeliveryLogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMixinTest/DeliveryLogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsMixinTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsMixinTestEventBusCdkLogGroupErrorLogsDeliveryVendedLogsMixinTestEventBus050202CAVendedLogsMixinTestDeliveryLogGroupD06F335FDE18FD44"}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsMixinTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsMixinTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.ts b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.ts index 0b775d15b9cfd..20b0a69a839ca 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.ts +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-mixin.ts @@ -1,10 +1,8 @@ import * as cdk from 'aws-cdk-lib/core'; import * as integ from '@aws-cdk/integ-tests-alpha'; -import * as s3 from 'aws-cdk-lib/aws-s3'; import * as logs from 'aws-cdk-lib/aws-logs'; -import * as cloudfront from 'aws-cdk-lib/aws-cloudfront'; -import * as origins from 'aws-cdk-lib/aws-cloudfront-origins'; -import { CfnDistributionLogsMixin } from '../../../lib/services/aws-cloudfront/mixins'; +import * as events from 'aws-cdk-lib/aws-events'; +import { CfnEventBusLogsMixin } from '../../../lib/services/aws-events/mixins'; import '../../../lib/with'; const app = new cdk.App(); @@ -12,13 +10,11 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'VendedLogsMixinTest'); // Source Resource -const cloudfrontBucket = new s3.Bucket(stack, 'OriginBucket', { - removalPolicy: cdk.RemovalPolicy.DESTROY, - autoDeleteObjects: true, -}); -const distribution = new cloudfront.Distribution(stack, 'Distribution', { - defaultBehavior: { - origin: origins.S3BucketOrigin.withOriginAccessControl(cloudfrontBucket), +const eventBus = new events.EventBus(stack, 'EventBus', { + eventBusName: 'vended-logs-mixin-event-bus', + logConfig: { + includeDetail: events.IncludeDetail.NONE, + level: events.Level.ERROR, }, }); @@ -28,8 +24,7 @@ const logGroup = new logs.LogGroup(stack, 'DeliveryLogGroup', { }); // Setup delivery -distribution - .with(CfnDistributionLogsMixin.CONNECTION_LOGS.toLogGroup(logGroup)); +eventBus.with(CfnEventBusLogsMixin.ERROR_LOGS.toLogGroup(logGroup)); new integ.IntegTest(app, 'DeliveryTest', { testCases: [stack], diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.assets.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.assets.json index 1c1ab9690e06d..6d216048cd6de 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.assets.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.assets.json @@ -1,30 +1,16 @@ { "version": "48.0.0", "files": { - "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61": { - "displayName": "VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider Code", - "source": { - "path": "asset.44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61", - "packaging": "zip" - }, - "destinations": { - "current_account-current_region-094cbf39": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61.zip", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - }, - "4fd37131bcf54706a1c81918f5b3722ef21a2389120c80c4ed1c76ef51386464": { + "909b71260b2efa27c1510349761f11495a2cb2196f6e7427fb350b981be877b7": { "displayName": "VendedLogsMultiplesTest Template", "source": { "path": "VendedLogsMultiplesTest.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region-451ac0eb": { + "current_account-current_region-68cf6780": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "4fd37131bcf54706a1c81918f5b3722ef21a2389120c80c4ed1c76ef51386464.json", + "objectKey": "909b71260b2efa27c1510349761f11495a2cb2196f6e7427fb350b981be877b7.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.template.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.template.json index 6494a3b362ab9..10ac8a4d2e71d 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.template.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/VendedLogsMultiplesTest.template.json @@ -1,278 +1,15 @@ { "Resources": { - "OriginBucketCA772B8F": { - "Type": "AWS::S3::Bucket", + "EventBus": { + "Type": "AWS::Events::EventBus", "Properties": { - "Tags": [ - { - "Key": "aws-cdk:auto-delete-objects", - "Value": "true" - } - ] - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "OriginBucketPolicyFD67BA59": { - "Type": "AWS::S3::BucketPolicy", - "Properties": { - "Bucket": { - "Ref": "OriginBucketCA772B8F" + "LogConfig": { + "IncludeDetail": "NONE", + "Level": "ERROR" }, - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "s3:DeleteObject*", - "s3:GetBucket*", - "s3:List*", - "s3:PutBucketPolicy" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - } - }, - "Resource": [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - "/*" - ] - ] - } - ] - }, - { - "Action": "s3:GetObject", - "Condition": { - "StringEquals": { - "AWS:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":cloudfront::", - { - "Ref": "AWS::AccountId" - }, - ":distribution/", - { - "Ref": "Distribution830FAC52" - } - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "cloudfront.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "Arn" - ] - }, - "/*" - ] - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "OriginBucketAutoDeleteObjectsCustomResource064ED07E": { - "Type": "Custom::S3AutoDeleteObjects", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", - "Arn" - ] - }, - "BucketName": { - "Ref": "OriginBucketCA772B8F" - } - }, - "DependsOn": [ - "OriginBucketPolicyFD67BA59" - ], - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ] - }, - "ManagedPolicyArns": [ - { - "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - } - ] - } - }, - "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" - }, - "S3Key": "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61.zip" - }, - "Timeout": 900, - "MemorySize": 128, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - }, - "Runtime": "nodejs22.x", - "Description": { - "Fn::Join": [ - "", - [ - "Lambda function for auto-deleting objects in ", - { - "Ref": "OriginBucketCA772B8F" - }, - " S3 bucket." - ] - ] - } - }, - "DependsOn": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" - ] - }, - "DistributionOrigin1S3OriginAccessControlEB606076": { - "Type": "AWS::CloudFront::OriginAccessControl", - "Properties": { - "OriginAccessControlConfig": { - "Name": "VendedLogsMultiplesTestDistrOrigin1S3OriginAccessControl08C6FBE1", - "OriginAccessControlOriginType": "s3", - "SigningBehavior": "always", - "SigningProtocol": "sigv4" - } - } - }, - "Distribution830FAC52": { - "Type": "AWS::CloudFront::Distribution", - "Properties": { - "DistributionConfig": { - "DefaultCacheBehavior": { - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", - "Compress": true, - "TargetOriginId": "VendedLogsMultiplesTestDistributionOrigin10439CAF4", - "ViewerProtocolPolicy": "allow-all" - }, - "Enabled": true, - "HttpVersion": "http2", - "IPV6Enabled": true, - "Origins": [ - { - "DomainName": { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "RegionalDomainName" - ] - }, - "Id": "VendedLogsMultiplesTestDistributionOrigin10439CAF4", - "OriginAccessControlId": { - "Fn::GetAtt": [ - "DistributionOrigin1S3OriginAccessControlEB606076", - "Id" - ] - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - } + "Name": "vended-logs-mixin-event-bus" } }, - "CloudFrontSource": { - "Type": "AWS::Logs::DeliverySource", - "Properties": { - "LogType": "ACCESS_LOGS", - "Name": { - "Fn::Join": [ - "", - [ - "delivery-source-", - { - "Ref": "Distribution830FAC52" - }, - "-ACCESS_LOGS" - ] - ] - }, - "ResourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":cloudfront::", - { - "Ref": "AWS::AccountId" - }, - ":distribution/", - { - "Ref": "Distribution830FAC52" - } - ] - ] - } - }, - "DependsOn": [ - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" - ] - }, "DeliveryLogGroupADF10FC60": { "Type": "AWS::Logs::LogGroup", "Properties": { @@ -289,7 +26,7 @@ "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DestE38FCA9E": { + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Dest7C0F50BC": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "CWL", @@ -299,31 +36,43 @@ "Arn" ] }, - "Name": "cdk-cwl-dest-VendedLogsMultiplesryLogGroupA5ACD97D5A327619B" + "Name": "cdk-cwl-error-logs-dest-VendedLogsMultGroupA5ACD97D50A7DAB0A" }, "DependsOn": [ "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" ] }, - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DeliveryAB02E2D6": { + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Delivery1DAA8855": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DestE38FCA9E", + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Dest7C0F50BC", "Arn" ] }, "DeliverySourceName": { - "Ref": "CloudFrontSource" + "Ref": "CDKSourceERRORLOGSVendedLogsMultiplesTest" } }, "DependsOn": [ - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DestE38FCA9E", - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857", - "CloudFrontSource" + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Dest7C0F50BC", + "CDKSourceERRORLOGSVendedLogsMultiplesTest" ] }, + "CDKSourceERRORLOGSVendedLogsMultiplesTest": { + "Type": "AWS::Logs::DeliverySource", + "Properties": { + "LogType": "ERROR_LOGS", + "Name": "cdk-errorlogs-source-VendedLogsMultiplesTest", + "ResourceArn": { + "Fn::GetAtt": [ + "EventBus", + "Arn" + ] + } + } + }, "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857": { "Type": "AWS::Logs::ResourcePolicy", "Properties": { @@ -381,10 +130,10 @@ ] ] }, - "PolicyName": "VendedLogsMultiplesTestCdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5A327619B" + "PolicyName": "VendedLogsMultiplesTestCdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D50A7DAB0A" } }, - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDestEEF701A6": { + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDest3419A983": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "CWL", @@ -394,30 +143,29 @@ "Arn" ] }, - "Name": "cdk-cwl-dest-VendedLogsMultiplesryLogGroupB352246CFD9B1F9DA" + "Name": "cdk-cwl-error-logs-dest-VendedLogsMultGroupB352246CF12923CAA" }, "DependsOn": [ "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" ] }, - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDelivery1CABCA98": { + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDelivery7BD7F2BF": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDestEEF701A6", + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDest3419A983", "Arn" ] }, "DeliverySourceName": { - "Ref": "CloudFrontSource" + "Ref": "CDKSourceERRORLOGSVendedLogsMultiplesTest" } }, "DependsOn": [ - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DeliveryAB02E2D6", - "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDestEEF701A6", - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857", - "CloudFrontSource" + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Delivery1DAA8855", + "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDest3419A983", + "CDKSourceERRORLOGSVendedLogsMultiplesTest" ] } }, diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/manifest.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/manifest.json index 82e1ba21210d0..3fa0a3bd70972 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/manifest.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4fd37131bcf54706a1c81918f5b3722ef21a2389120c80c4ed1c76ef51386464.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/909b71260b2efa27c1510349761f11495a2cb2196f6e7427fb350b981be877b7.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,97 +34,10 @@ "VendedLogsMultiplesTest.assets" ], "metadata": { - "/VendedLogsMultiplesTest/OriginBucket": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "autoDeleteObjects": true - } - } - ], - "/VendedLogsMultiplesTest/OriginBucket/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketCA772B8F" - } - ], - "/VendedLogsMultiplesTest/OriginBucket/Policy": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "bucket": "*" - } - } - ], - "/VendedLogsMultiplesTest/OriginBucket/Policy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketPolicyFD67BA59" - } - ], - "/VendedLogsMultiplesTest/OriginBucket/AutoDeleteObjectsCustomResource": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsMultiplesTest/OriginBucket/AutoDeleteObjectsCustomResource/Default": [ - { - "type": "aws:cdk:logicalId", - "data": "OriginBucketAutoDeleteObjectsCustomResource064ED07E" - } - ], - "/VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider": [ - { - "type": "aws:cdk:is-custom-resource-handler-customResourceProvider", - "data": true - } - ], - "/VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role": [ + "/VendedLogsMultiplesTest/EventBus": [ { "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" - } - ], - "/VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler": [ - { - "type": "aws:cdk:logicalId", - "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" - } - ], - "/VendedLogsMultiplesTest/Distribution": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "defaultBehavior": { - "origin": "*" - } - } - } - ], - "/VendedLogsMultiplesTest/Distribution/Origin1/S3OriginAccessControl": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsMultiplesTest/Distribution/Origin1/S3OriginAccessControl/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "DistributionOrigin1S3OriginAccessControlEB606076" - } - ], - "/VendedLogsMultiplesTest/Distribution/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Distribution830FAC52" - } - ], - "/VendedLogsMultiplesTest/CloudFrontSource": [ - { - "type": "aws:cdk:logicalId", - "data": "CloudFrontSource" + "data": "EventBus" } ], "/VendedLogsMultiplesTest/DeliveryLogGroupA": [ @@ -155,16 +68,22 @@ "data": "DeliveryLogGroupBD2E5EF85" } ], - "/VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Dest": [ + "/VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Dest": [ + { + "type": "aws:cdk:logicalId", + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Dest7C0F50BC" + } + ], + "/VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DestE38FCA9E" + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Delivery1DAA8855" } ], - "/VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Delivery": [ + "/VendedLogsMultiplesTest/CDKSourceERROR_LOGSVendedLogsMultiplesTest": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DeliveryAB02E2D6" + "data": "CDKSourceERRORLOGSVendedLogsMultiplesTest" } ], "/VendedLogsMultiplesTest/CdkLogGroupLogsDeliveryPolicy": [ @@ -179,16 +98,16 @@ "data": "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" } ], - "/VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Dest": [ + "/VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Dest": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDestEEF701A6" + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDest3419A983" } ], - "/VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Delivery": [ + "/VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDelivery1CABCA98" + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDelivery7BD7F2BF" } ], "/VendedLogsMultiplesTest/BootstrapVersion": [ diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/tree.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/tree.json index 260d9e9da29f6..3460ed86ba76c 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/tree.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsMultiplesTest":{"id":"VendedLogsMultiplesTest","path":"VendedLogsMultiplesTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"OriginBucket":{"id":"OriginBucket","path":"VendedLogsMultiplesTest/OriginBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/OriginBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsMultiplesTest/OriginBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/OriginBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"OriginBucketCA772B8F"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsMultiplesTest/OriginBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsMultiplesTest/OriginBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"VendedLogsMultiplesTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"Distribution":{"id":"Distribution","path":"VendedLogsMultiplesTest/Distribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"0.0.0","metadata":[{"defaultBehavior":{"origin":"*"}}]},"children":{"Origin1":{"id":"Origin1","path":"VendedLogsMultiplesTest/Distribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"S3OriginAccessControl":{"id":"S3OriginAccessControl","path":"VendedLogsMultiplesTest/Distribution/Origin1/S3OriginAccessControl","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.S3OriginAccessControl","version":"0.0.0","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/Distribution/Origin1/S3OriginAccessControl/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":"VendedLogsMultiplesTestDistrOrigin1S3OriginAccessControl08C6FBE1","signingBehavior":"always","signingProtocol":"sigv4","originAccessControlOriginType":"s3"}}}}}}}},"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/Distribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["OriginBucketCA772B8F","RegionalDomainName"]},"id":"VendedLogsMultiplesTestDistributionOrigin10439CAF4","s3OriginConfig":{"originAccessIdentity":""},"originAccessControlId":{"Fn::GetAtt":["DistributionOrigin1S3OriginAccessControlEB606076","Id"]}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"VendedLogsMultiplesTestDistributionOrigin10439CAF4","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"allow-all"},"httpVersion":"http2","ipv6Enabled":true}}}}}},"CloudFrontSource":{"id":"CloudFrontSource","path":"VendedLogsMultiplesTest/CloudFrontSource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ACCESS_LOGS","name":{"Fn::Join":["",["delivery-source-",{"Ref":"Distribution830FAC52"},"-ACCESS_LOGS"]]},"resourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}}},"DeliveryLogGroupA":{"id":"DeliveryLogGroupA","path":"VendedLogsMultiplesTest/DeliveryLogGroupA","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/DeliveryLogGroupA/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"DeliveryLogGroupB":{"id":"DeliveryLogGroupB","path":"VendedLogsMultiplesTest/DeliveryLogGroupB","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/DeliveryLogGroupB/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5":{"id":"CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroupADF10FC60","Arn"]},"name":"cdk-cwl-dest-VendedLogsMultiplesryLogGroupA5ACD97D5A327619B"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5DestE38FCA9E","Arn"]},"deliverySourceName":{"Ref":"CloudFrontSource"}}}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsMultiplesTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsMultiplesTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroupADF10FC60","Arn"]},":log-stream:*\"},{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroupBD2E5EF85","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsMultiplesTestCdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5A327619B"}}}}},"CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF":{"id":"CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroupBD2E5EF85","Arn"]},"name":"cdk-cwl-dest-VendedLogsMultiplesryLogGroupB352246CFD9B1F9DA"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMultiplesTest/CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDestEEF701A6","Arn"]},"deliverySourceName":{"Ref":"CloudFrontSource"}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsMultiplesTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsMultiplesTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsMultiplesTest":{"id":"VendedLogsMultiplesTest","path":"VendedLogsMultiplesTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"EventBus":{"id":"EventBus","path":"VendedLogsMultiplesTest/EventBus","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnEventBus","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::EventBus","aws:cdk:cloudformation:props":{"logConfig":{"includeDetail":"NONE","level":"ERROR"},"name":"vended-logs-mixin-event-bus"}}},"DeliveryLogGroupA":{"id":"DeliveryLogGroupA","path":"VendedLogsMultiplesTest/DeliveryLogGroupA","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/DeliveryLogGroupA/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"DeliveryLogGroupB":{"id":"DeliveryLogGroupB","path":"VendedLogsMultiplesTest/DeliveryLogGroupB","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsMultiplesTest/DeliveryLogGroupB/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5":{"id":"CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroupADF10FC60","Arn"]},"name":"cdk-cwl-error-logs-dest-VendedLogsMultGroupA5ACD97D50A7DAB0A"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D5Dest7C0F50BC","Arn"]},"deliverySourceName":{"Ref":"CDKSourceERRORLOGSVendedLogsMultiplesTest"}}}}}},"CDKSourceERROR_LOGSVendedLogsMultiplesTest":{"id":"CDKSourceERROR_LOGSVendedLogsMultiplesTest","path":"VendedLogsMultiplesTest/CDKSourceERROR_LOGSVendedLogsMultiplesTest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ERROR_LOGS","name":"cdk-errorlogs-source-VendedLogsMultiplesTest","resourceArn":{"Fn::GetAtt":["EventBus","Arn"]}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsMultiplesTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsMultiplesTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroupADF10FC60","Arn"]},":log-stream:*\"},{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroupBD2E5EF85","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsMultiplesTestCdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupA5ACD97D50A7DAB0A"}}}}},"CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF":{"id":"CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroupBD2E5EF85","Arn"]},"name":"cdk-cwl-error-logs-dest-VendedLogsMultGroupB352246CF12923CAA"}}},"Delivery":{"id":"Delivery","path":"VendedLogsMultiplesTest/CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CF/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupErrorLogsDeliveryVendedLogsMultiplesTestVendedLogsMultiplesTestDeliveryLogGroupB352246CFDest3419A983","Arn"]},"deliverySourceName":{"Ref":"CDKSourceERRORLOGSVendedLogsMultiplesTest"}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsMultiplesTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsMultiplesTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.ts b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.ts index e6ed2b355dc5a..1170dfc57a81f 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.ts +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery-multiples.ts @@ -1,9 +1,7 @@ import * as cdk from 'aws-cdk-lib/core'; import * as integ from '@aws-cdk/integ-tests-alpha'; -import * as s3 from 'aws-cdk-lib/aws-s3'; import * as logs from 'aws-cdk-lib/aws-logs'; -import * as cloudfront from 'aws-cdk-lib/aws-cloudfront'; -import * as origins from 'aws-cdk-lib/aws-cloudfront-origins'; +import * as events from 'aws-cdk-lib/aws-events'; import { LogGroupLogsDelivery } from '../../../lib/services/aws-logs/logs-delivery'; const app = new cdk.App(); @@ -11,22 +9,15 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'VendedLogsMultiplesTest'); // Source Resource -const cloudfrontBucket = new s3.Bucket(stack, 'OriginBucket', { - removalPolicy: cdk.RemovalPolicy.DESTROY, - autoDeleteObjects: true, -}); -const distribution = new cloudfront.Distribution(stack, 'Distribution', { - defaultBehavior: { - origin: origins.S3BucketOrigin.withOriginAccessControl(cloudfrontBucket), +const eventBus = new events.CfnEventBus(stack, 'EventBus', { + name: 'vended-logs-mixin-event-bus', + logConfig: { + includeDetail: 'NONE', + level: 'ERROR', }, }); -// Delivery Source -const deliverySource = new logs.CfnDeliverySource(stack, 'CloudFrontSource', { - name: `delivery-source-${distribution.distributionId}-ACCESS_LOGS`, - resourceArn: distribution.distributionArn, - logType: 'ACCESS_LOGS', -}); +const logType = 'ERROR_LOGS'; // Destinations const destinationLogGroupA = new logs.LogGroup(stack, 'DeliveryLogGroupA', { @@ -37,12 +28,10 @@ const destinationLogGroupB = new logs.LogGroup(stack, 'DeliveryLogGroupB', { }); // Setup deliveries -const one = new LogGroupLogsDelivery(destinationLogGroupA).bind(stack, deliverySource, distribution.distributionArn); -const two = new LogGroupLogsDelivery(destinationLogGroupB).bind(stack, deliverySource, distribution.distributionArn); +const first = new LogGroupLogsDelivery(destinationLogGroupA).bind(stack, logType, eventBus.attrArn); +const second = new LogGroupLogsDelivery(destinationLogGroupB).bind(stack, logType, eventBus.attrArn); -// // There's issues with multiple Logs::Delivery resources bing deployed in parallel -// // let's ensure they wait for each other for now -two.delivery.node.addDependency(one.delivery); +second.delivery.node.addDependency(first.delivery); new integ.IntegTest(app, 'DeliveryTest', { testCases: [stack], diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.assets.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.assets.json index fc027e5b31c6a..04d2f47770d71 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.assets.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.assets.json @@ -15,16 +15,16 @@ } } }, - "e8ce9a154fb5c9965e72f38fc634b14fdafcc9a69270c63475e89768e8abc148": { + "4fcc6dd684032b0ae7b632a3de55f21d10a0d584a5f3dd5e43ead675711014ac": { "displayName": "VendedLogsTest Template", "source": { "path": "VendedLogsTest.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region-df2e7a1e": { + "current_account-current_region-5fbb96d1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "e8ce9a154fb5c9965e72f38fc634b14fdafcc9a69270c63475e89768e8abc148.json", + "objectKey": "4fcc6dd684032b0ae7b632a3de55f21d10a0d584a5f3dd5e43ead675711014ac.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.template.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.template.json index c3a739b2a35cb..6fe63260ebe74 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.template.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/VendedLogsTest.template.json @@ -1,8 +1,27 @@ { "Resources": { - "OriginBucketCA772B8F": { + "EventBus": { + "Type": "AWS::Events::EventBus", + "Properties": { + "LogConfig": { + "IncludeDetail": "NONE", + "Level": "ERROR" + }, + "Name": "vended-logs-mixin-event-bus" + } + }, + "DeliveryBucketA9AE6474": { "Type": "AWS::S3::Bucket", "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", @@ -13,11 +32,11 @@ "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "OriginBucketPolicyFD67BA59": { + "DeliveryBucketPolicyB86375F3": { "Type": "AWS::S3::BucketPolicy", "Properties": { "Bucket": { - "Ref": "OriginBucketCA772B8F" + "Ref": "DeliveryBucketA9AE6474" }, "PolicyDocument": { "Statement": [ @@ -40,7 +59,7 @@ "Resource": [ { "Fn::GetAtt": [ - "OriginBucketCA772B8F", + "DeliveryBucketA9AE6474", "Arn" ] }, @@ -50,7 +69,7 @@ [ { "Fn::GetAtt": [ - "OriginBucketCA772B8F", + "DeliveryBucketA9AE6474", "Arn" ] }, @@ -61,10 +80,16 @@ ] }, { - "Action": "s3:GetObject", + "Action": "s3:PutObject", "Condition": { "StringEquals": { - "AWS:SourceArn": { + "s3:x-amz-acl": "bucket-owner-full-control", + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + } + }, + "ArnLike": { + "aws:SourceArn": { "Fn::Join": [ "", [ @@ -72,14 +97,15 @@ { "Ref": "AWS::Partition" }, - ":cloudfront::", + ":logs:", { - "Ref": "AWS::AccountId" + "Ref": "AWS::Region" }, - ":distribution/", + ":", { - "Ref": "Distribution830FAC52" - } + "Ref": "AWS::AccountId" + }, + ":delivery-source:*" ] ] } @@ -87,7 +113,7 @@ }, "Effect": "Allow", "Principal": { - "Service": "cloudfront.amazonaws.com" + "Service": "delivery.logs.amazonaws.com" }, "Resource": { "Fn::Join": [ @@ -95,10 +121,14 @@ [ { "Fn::GetAtt": [ - "OriginBucketCA772B8F", + "DeliveryBucketA9AE6474", "Arn" ] }, + "/AWSLogs/", + { + "Ref": "AWS::AccountId" + }, "/*" ] ] @@ -109,7 +139,7 @@ } } }, - "OriginBucketAutoDeleteObjectsCustomResource064ED07E": { + "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75": { "Type": "Custom::S3AutoDeleteObjects", "Properties": { "ServiceToken": { @@ -119,11 +149,11 @@ ] }, "BucketName": { - "Ref": "OriginBucketCA772B8F" + "Ref": "DeliveryBucketA9AE6474" } }, "DependsOn": [ - "OriginBucketPolicyFD67BA59" + "DeliveryBucketPolicyB86375F3" ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -175,7 +205,7 @@ [ "Lambda function for auto-deleting objects in ", { - "Ref": "OriginBucketCA772B8F" + "Ref": "DeliveryBucketA9AE6474" }, " S3 bucket." ] @@ -186,233 +216,6 @@ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092" ] }, - "DistributionOrigin1S3OriginAccessControlEB606076": { - "Type": "AWS::CloudFront::OriginAccessControl", - "Properties": { - "OriginAccessControlConfig": { - "Name": "VendedLogsTestDistributionOrigin1S3OriginAccessControlAF0F22E6", - "OriginAccessControlOriginType": "s3", - "SigningBehavior": "always", - "SigningProtocol": "sigv4" - } - } - }, - "Distribution830FAC52": { - "Type": "AWS::CloudFront::Distribution", - "Properties": { - "DistributionConfig": { - "DefaultCacheBehavior": { - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", - "Compress": true, - "TargetOriginId": "VendedLogsTestDistributionOrigin1B246CF58", - "ViewerProtocolPolicy": "allow-all" - }, - "Enabled": true, - "HttpVersion": "http2", - "IPV6Enabled": true, - "Origins": [ - { - "DomainName": { - "Fn::GetAtt": [ - "OriginBucketCA772B8F", - "RegionalDomainName" - ] - }, - "Id": "VendedLogsTestDistributionOrigin1B246CF58", - "OriginAccessControlId": { - "Fn::GetAtt": [ - "DistributionOrigin1S3OriginAccessControlEB606076", - "Id" - ] - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - } - } - }, - "CloudFrontSource": { - "Type": "AWS::Logs::DeliverySource", - "Properties": { - "LogType": "ACCESS_LOGS", - "Name": { - "Fn::Join": [ - "", - [ - "delivery-source-", - { - "Ref": "Distribution830FAC52" - }, - "-ACCESS_LOGS" - ] - ] - }, - "ResourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":cloudfront::", - { - "Ref": "AWS::AccountId" - }, - ":distribution/", - { - "Ref": "Distribution830FAC52" - } - ] - ] - } - }, - "DependsOn": [ - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857", - "DeliveryBucketPolicyB86375F3" - ] - }, - "DeliveryBucketA9AE6474": { - "Type": "AWS::S3::Bucket", - "Properties": { - "Tags": [ - { - "Key": "aws-cdk:auto-delete-objects", - "Value": "true" - } - ] - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "DeliveryBucketPolicyB86375F3": { - "Type": "AWS::S3::BucketPolicy", - "Properties": { - "Bucket": { - "Ref": "DeliveryBucketA9AE6474" - }, - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "s3:DeleteObject*", - "s3:GetBucket*", - "s3:List*", - "s3:PutBucketPolicy" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092", - "Arn" - ] - } - }, - "Resource": [ - { - "Fn::GetAtt": [ - "DeliveryBucketA9AE6474", - "Arn" - ] - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "DeliveryBucketA9AE6474", - "Arn" - ] - }, - "/*" - ] - ] - } - ] - }, - { - "Action": "s3:PutObject", - "Condition": { - "StringEquals": { - "s3:x-amz-acl": "bucket-owner-full-control", - "aws:SourceAccount": { - "Ref": "AWS::AccountId" - } - }, - "ArnLike": { - "aws:SourceArn": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":logs:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":delivery-source:*" - ] - ] - } - } - }, - "Effect": "Allow", - "Principal": { - "Service": "delivery.logs.amazonaws.com" - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "DeliveryBucketA9AE6474", - "Arn" - ] - }, - "/AWSLogs/", - { - "Ref": "AWS::AccountId" - }, - "/*" - ] - ] - } - } - ], - "Version": "2012-10-17" - } - } - }, - "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75": { - "Type": "Custom::S3AutoDeleteObjects", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F", - "Arn" - ] - }, - "BucketName": { - "Ref": "DeliveryBucketA9AE6474" - } - }, - "DependsOn": [ - "DeliveryBucketPolicyB86375F3" - ], - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, "DeliveryLogGroup2A53FD53": { "Type": "AWS::Logs::LogGroup", "Properties": { @@ -424,6 +227,15 @@ "FirehoseBucket407758F1": { "Type": "AWS::S3::Bucket", "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256" + } + } + ] + }, "Tags": [ { "Key": "aws-cdk:auto-delete-objects", @@ -553,6 +365,9 @@ "DeliveryStream": { "Type": "AWS::KinesisFirehose::DeliveryStream", "Properties": { + "DeliveryStreamEncryptionConfigurationInput": { + "KeyType": "AWS_OWNED_CMK" + }, "S3DestinationConfiguration": { "BucketARN": { "Fn::GetAtt": [ @@ -579,7 +394,7 @@ ] } }, - "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Dest7104B367": { + "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247DestE1C5E99F": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "S3", @@ -589,32 +404,44 @@ "Arn" ] }, - "Name": "cdk-s3-dest-VendedLogsTestCdkS3DliveryBucket45E742471E9C9141" + "Name": "cdk-s3-error-logs-dest-VendedLogsTestBucket45E742478B007C41" }, "DependsOn": [ "DeliveryBucketPolicyB86375F3" ] }, - "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Delivery3B7C28CE": { + "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Delivery5E0B21AA": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Dest7104B367", + "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247DestE1C5E99F", "Arn" ] }, "DeliverySourceName": { - "Ref": "CloudFrontSource" + "Ref": "CDKSourceERRORLOGSVendedLogsTest" } }, "DependsOn": [ - "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Dest7104B367", - "CloudFrontSource", - "DeliveryBucketPolicyB86375F3" + "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247DestE1C5E99F", + "CDKSourceERRORLOGSVendedLogsTest" ] }, - "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest690B81A0": { + "CDKSourceERRORLOGSVendedLogsTest": { + "Type": "AWS::Logs::DeliverySource", + "Properties": { + "LogType": "ERROR_LOGS", + "Name": "cdk-errorlogs-source-VendedLogsTest", + "ResourceArn": { + "Fn::GetAtt": [ + "EventBus", + "Arn" + ] + } + } + }, + "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest07565F4E": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "CWL", @@ -624,30 +451,28 @@ "Arn" ] }, - "Name": "cdk-cwl-dest-VendedLogsTestCdkLoeryLogGroup50916FD98193FAF9" + "Name": "cdk-cwl-error-logs-dest-VendedLogsTestgGroup50916FD9D42AD8BD" }, "DependsOn": [ "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" ] }, - "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9DeliveryC75C69DE": { + "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Delivery0C51C7A6": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest690B81A0", + "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest07565F4E", "Arn" ] }, "DeliverySourceName": { - "Ref": "CloudFrontSource" + "Ref": "CDKSourceERRORLOGSVendedLogsTest" } }, "DependsOn": [ - "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest690B81A0", - "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857", - "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Delivery3B7C28CE", - "CloudFrontSource" + "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest07565F4E", + "CDKSourceERRORLOGSVendedLogsTest" ] }, "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857": { @@ -684,10 +509,10 @@ ] ] }, - "PolicyName": "VendedLogsTestCdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD98193FAF9" + "PolicyName": "VendedLogsTestCdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9D42AD8BD" } }, - "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDest94FA1586": { + "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDestA14731EA": { "Type": "AWS::Logs::DeliveryDestination", "Properties": { "DeliveryDestinationType": "FH", @@ -697,26 +522,25 @@ "Arn" ] }, - "Name": "cdk-fh-dest-VendedLogsTestCdkFirliveryStream5258C60D868F9F27" + "Name": "cdk-fh-error-logs-dest-VendedLogsTestStream5258C60DF56F6844" } }, - "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDelivery0A39453E": { + "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDeliveryF5EFF358": { "Type": "AWS::Logs::Delivery", "Properties": { "DeliveryDestinationArn": { "Fn::GetAtt": [ - "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDest94FA1586", + "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDestA14731EA", "Arn" ] }, "DeliverySourceName": { - "Ref": "CloudFrontSource" + "Ref": "CDKSourceERRORLOGSVendedLogsTest" } }, "DependsOn": [ - "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDest94FA1586", - "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9DeliveryC75C69DE", - "CloudFrontSource" + "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDestA14731EA", + "CDKSourceERRORLOGSVendedLogsTest" ] } }, diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/integ.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/integ.json index 0b36618e2075a..62597691e4744 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/integ.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/integ.json @@ -9,5 +9,5 @@ "assertionStackName": "DeliveryTestDefaultTestDeployAssert48416031" } }, - "minimumCliVersion": "2.1027.0" + "minimumCliVersion": "2.1033.0" } \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/manifest.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/manifest.json index 69600a1cdc46c..001df1903b573 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/manifest.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e8ce9a154fb5c9965e72f38fc634b14fdafcc9a69270c63475e89768e8abc148.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4fcc6dd684032b0ae7b632a3de55f21d10a0d584a5f3dd5e43ead675711014ac.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,22 +34,29 @@ "VendedLogsTest.assets" ], "metadata": { - "/VendedLogsTest/OriginBucket": [ + "/VendedLogsTest/EventBus": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBus" + } + ], + "/VendedLogsTest/DeliveryBucket": [ { "type": "aws:cdk:analytics:construct", "data": { "removalPolicy": "destroy", - "autoDeleteObjects": true + "autoDeleteObjects": true, + "encryption": "S3_MANAGED" } } ], - "/VendedLogsTest/OriginBucket/Resource": [ + "/VendedLogsTest/DeliveryBucket/Resource": [ { "type": "aws:cdk:logicalId", - "data": "OriginBucketCA772B8F" + "data": "DeliveryBucketA9AE6474" } ], - "/VendedLogsTest/OriginBucket/Policy": [ + "/VendedLogsTest/DeliveryBucket/Policy": [ { "type": "aws:cdk:analytics:construct", "data": { @@ -57,22 +64,22 @@ } } ], - "/VendedLogsTest/OriginBucket/Policy/Resource": [ + "/VendedLogsTest/DeliveryBucket/Policy/Resource": [ { "type": "aws:cdk:logicalId", - "data": "OriginBucketPolicyFD67BA59" + "data": "DeliveryBucketPolicyB86375F3" } ], - "/VendedLogsTest/OriginBucket/AutoDeleteObjectsCustomResource": [ + "/VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource": [ { "type": "aws:cdk:analytics:construct", "data": "*" } ], - "/VendedLogsTest/OriginBucket/AutoDeleteObjectsCustomResource/Default": [ + "/VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default": [ { "type": "aws:cdk:logicalId", - "data": "OriginBucketAutoDeleteObjectsCustomResource064ED07E" + "data": "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75" } ], "/VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider": [ @@ -93,81 +100,6 @@ "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" } ], - "/VendedLogsTest/Distribution": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "defaultBehavior": { - "origin": "*" - } - } - } - ], - "/VendedLogsTest/Distribution/Origin1/S3OriginAccessControl": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsTest/Distribution/Origin1/S3OriginAccessControl/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "DistributionOrigin1S3OriginAccessControlEB606076" - } - ], - "/VendedLogsTest/Distribution/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Distribution830FAC52" - } - ], - "/VendedLogsTest/CloudFrontSource": [ - { - "type": "aws:cdk:logicalId", - "data": "CloudFrontSource" - } - ], - "/VendedLogsTest/DeliveryBucket": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "autoDeleteObjects": true - } - } - ], - "/VendedLogsTest/DeliveryBucket/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "DeliveryBucketA9AE6474" - } - ], - "/VendedLogsTest/DeliveryBucket/Policy": [ - { - "type": "aws:cdk:analytics:construct", - "data": { - "bucket": "*" - } - } - ], - "/VendedLogsTest/DeliveryBucket/Policy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "DeliveryBucketPolicyB86375F3" - } - ], - "/VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default": [ - { - "type": "aws:cdk:logicalId", - "data": "DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75" - } - ], "/VendedLogsTest/DeliveryLogGroup": [ { "type": "aws:cdk:analytics:construct", @@ -187,7 +119,8 @@ "type": "aws:cdk:analytics:construct", "data": { "removalPolicy": "destroy", - "autoDeleteObjects": true + "autoDeleteObjects": true, + "encryption": "S3_MANAGED" } } ], @@ -253,28 +186,34 @@ "data": "DeliveryStream" } ], - "/VendedLogsTest/CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Dest": [ + "/VendedLogsTest/CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Dest": [ + { + "type": "aws:cdk:logicalId", + "data": "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247DestE1C5E99F" + } + ], + "/VendedLogsTest/CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Dest7104B367" + "data": "CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Delivery5E0B21AA" } ], - "/VendedLogsTest/CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Delivery": [ + "/VendedLogsTest/CDKSourceERROR_LOGSVendedLogsTest": [ { "type": "aws:cdk:logicalId", - "data": "CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Delivery3B7C28CE" + "data": "CDKSourceERRORLOGSVendedLogsTest" } ], - "/VendedLogsTest/CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Dest": [ + "/VendedLogsTest/CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Dest": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest690B81A0" + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest07565F4E" } ], - "/VendedLogsTest/CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Delivery": [ + "/VendedLogsTest/CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9DeliveryC75C69DE" + "data": "CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Delivery0C51C7A6" } ], "/VendedLogsTest/CdkLogGroupLogsDeliveryPolicy": [ @@ -289,16 +228,16 @@ "data": "CdkLogGroupLogsDeliveryPolicyResourcePolicy4483E857" } ], - "/VendedLogsTest/CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Dest": [ + "/VendedLogsTest/CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Dest": [ { "type": "aws:cdk:logicalId", - "data": "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDest94FA1586" + "data": "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDestA14731EA" } ], - "/VendedLogsTest/CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Delivery": [ + "/VendedLogsTest/CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Delivery": [ { "type": "aws:cdk:logicalId", - "data": "CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDelivery0A39453E" + "data": "CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDeliveryF5EFF358" } ], "/VendedLogsTest/BootstrapVersion": [ diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/tree.json b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/tree.json index 63f3ccf09f3dc..d31702813dbcc 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/tree.json +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsTest":{"id":"VendedLogsTest","path":"VendedLogsTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"OriginBucket":{"id":"OriginBucket","path":"VendedLogsTest/OriginBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/OriginBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsTest/OriginBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/OriginBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"OriginBucketCA772B8F"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}]},{"Action":"s3:GetObject","Condition":{"StringEquals":{"AWS:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}},"Effect":"Allow","Principal":{"Service":"cloudfront.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["OriginBucketCA772B8F","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsTest/OriginBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsTest/OriginBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"Distribution":{"id":"Distribution","path":"VendedLogsTest/Distribution","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.Distribution","version":"0.0.0","metadata":[{"defaultBehavior":{"origin":"*"}}]},"children":{"Origin1":{"id":"Origin1","path":"VendedLogsTest/Distribution/Origin1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"S3OriginAccessControl":{"id":"S3OriginAccessControl","path":"VendedLogsTest/Distribution/Origin1/S3OriginAccessControl","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.S3OriginAccessControl","version":"0.0.0","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/Distribution/Origin1/S3OriginAccessControl/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::OriginAccessControl","aws:cdk:cloudformation:props":{"originAccessControlConfig":{"name":"VendedLogsTestDistributionOrigin1S3OriginAccessControlAF0F22E6","signingBehavior":"always","signingProtocol":"sigv4","originAccessControlOriginType":"s3"}}}}}}}},"Resource":{"id":"Resource","path":"VendedLogsTest/Distribution/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudfront.CfnDistribution","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFront::Distribution","aws:cdk:cloudformation:props":{"distributionConfig":{"enabled":true,"origins":[{"domainName":{"Fn::GetAtt":["OriginBucketCA772B8F","RegionalDomainName"]},"id":"VendedLogsTestDistributionOrigin1B246CF58","s3OriginConfig":{"originAccessIdentity":""},"originAccessControlId":{"Fn::GetAtt":["DistributionOrigin1S3OriginAccessControlEB606076","Id"]}}],"defaultCacheBehavior":{"pathPattern":"*","targetOriginId":"VendedLogsTestDistributionOrigin1B246CF58","cachePolicyId":"658327ea-f89d-4fab-a63d-7e88639e58f6","compress":true,"viewerProtocolPolicy":"allow-all"},"httpVersion":"http2","ipv6Enabled":true}}}}}},"CloudFrontSource":{"id":"CloudFrontSource","path":"VendedLogsTest/CloudFrontSource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ACCESS_LOGS","name":{"Fn::Join":["",["delivery-source-",{"Ref":"Distribution830FAC52"},"-ACCESS_LOGS"]]},"resourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":cloudfront::",{"Ref":"AWS::AccountId"},":distribution/",{"Ref":"Distribution830FAC52"}]]}}}},"DeliveryBucket":{"id":"DeliveryBucket","path":"VendedLogsTest/DeliveryBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsTest/DeliveryBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"DeliveryBucketA9AE6474"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"StringEquals":{"s3:x-amz-acl":"bucket-owner-full-control","aws:SourceAccount":{"Ref":"AWS::AccountId"}},"ArnLike":{"aws:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":delivery-source:*"]]}}},"Effect":"Allow","Principal":{"Service":"delivery.logs.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/AWSLogs/",{"Ref":"AWS::AccountId"},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"DeliveryLogGroup":{"id":"DeliveryLogGroup","path":"VendedLogsTest/DeliveryLogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryLogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"FirehoseBucket":{"id":"FirehoseBucket","path":"VendedLogsTest/FirehoseBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsTest/FirehoseBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"FirehoseBucket407758F1"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsTest/FirehoseBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsTest/FirehoseBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"FirehoseRole":{"id":"FirehoseRole","path":"VendedLogsTest/FirehoseRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"inlinePolicies":"*"}]},"children":{"ImportFirehoseRole":{"id":"ImportFirehoseRole","path":"VendedLogsTest/FirehoseRole/ImportFirehoseRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"firehose.amazonaws.com"}}],"Version":"2012-10-17"},"policies":[{"policyName":"s3","policyDocument":{"Statement":[{"Action":"s3:PutObject","Effect":"Allow","Resource":{"Fn::Join":["",[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}]}}}}},"DeliveryStream":{"id":"DeliveryStream","path":"VendedLogsTest/DeliveryStream","constructInfo":{"fqn":"aws-cdk-lib.aws_kinesisfirehose.CfnDeliveryStream","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::KinesisFirehose::DeliveryStream","aws:cdk:cloudformation:props":{"s3DestinationConfiguration":{"bucketArn":{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"bufferingHints":{"intervalInSeconds":10,"sizeInMBs":1},"roleArn":{"Fn::GetAtt":["FirehoseRoleAA67C190","Arn"]}},"tags":[{"key":"LogDeliveryEnabled","value":"true"}]}}},"CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247":{"id":"CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247","path":"VendedLogsTest/CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"S3","destinationResourceArn":{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"name":"cdk-s3-dest-VendedLogsTestCdkS3DliveryBucket45E742471E9C9141"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkS3DeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247Dest7104B367","Arn"]},"deliverySourceName":{"Ref":"CloudFrontSource"}}}}}},"CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9":{"id":"CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9","path":"VendedLogsTest/CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-dest-VendedLogsTestCdkLoeryLogGroup50916FD98193FAF9"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest690B81A0","Arn"]},"deliverySourceName":{"Ref":"CloudFrontSource"}}}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsTestCdkLogGroupDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD98193FAF9"}}}}},"CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D":{"id":"CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D","path":"VendedLogsTest/CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"FH","destinationResourceArn":{"Fn::GetAtt":["DeliveryStream","Arn"]},"name":"cdk-fh-dest-VendedLogsTestCdkFirliveryStream5258C60D868F9F27"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkFirehoseDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDest94FA1586","Arn"]},"deliverySourceName":{"Ref":"CloudFrontSource"}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"VendedLogsTest":{"id":"VendedLogsTest","path":"VendedLogsTest","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"EventBus":{"id":"EventBus","path":"VendedLogsTest/EventBus","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnEventBus","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::EventBus","aws:cdk:cloudformation:props":{"logConfig":{"includeDetail":"NONE","level":"ERROR"},"name":"vended-logs-mixin-event-bus"}}},"DeliveryBucket":{"id":"DeliveryBucket","path":"VendedLogsTest/DeliveryBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsTest/DeliveryBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"DeliveryBucketA9AE6474"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/*"]]}]},{"Action":"s3:PutObject","Condition":{"StringEquals":{"s3:x-amz-acl":"bucket-owner-full-control","aws:SourceAccount":{"Ref":"AWS::AccountId"}},"ArnLike":{"aws:SourceArn":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":delivery-source:*"]]}}},"Effect":"Allow","Principal":{"Service":"delivery.logs.amazonaws.com"},"Resource":{"Fn::Join":["",[{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"/AWSLogs/",{"Ref":"AWS::AccountId"},"/*"]]}}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsTest/DeliveryBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Custom::S3AutoDeleteObjectsCustomResourceProvider":{"id":"Custom::S3AutoDeleteObjectsCustomResourceProvider","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"VendedLogsTest/Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"DeliveryLogGroup":{"id":"DeliveryLogGroup","path":"VendedLogsTest/DeliveryLogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"removalPolicy":"destroy"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/DeliveryLogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"retentionInDays":731}}}}},"FirehoseBucket":{"id":"FirehoseBucket","path":"VendedLogsTest/FirehoseBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.Bucket","version":"0.0.0","metadata":[{"removalPolicy":"destroy","autoDeleteObjects":true,"encryption":"S3_MANAGED"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseBucket/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucket","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::Bucket","aws:cdk:cloudformation:props":{"bucketEncryption":{"serverSideEncryptionConfiguration":[{"serverSideEncryptionByDefault":{"sseAlgorithm":"AES256"}}]},"tags":[{"key":"aws-cdk:auto-delete-objects","value":"true"}]}}},"Policy":{"id":"Policy","path":"VendedLogsTest/FirehoseBucket/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketPolicy","version":"0.0.0","metadata":[{"bucket":"*"}]},"children":{"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseBucket/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.CfnBucketPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::S3::BucketPolicy","aws:cdk:cloudformation:props":{"bucket":{"Ref":"FirehoseBucket407758F1"},"policyDocument":{"Statement":[{"Action":["s3:DeleteObject*","s3:GetBucket*","s3:List*","s3:PutBucketPolicy"],"Effect":"Allow","Principal":{"AWS":{"Fn::GetAtt":["CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092","Arn"]}},"Resource":[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"/*"]]}]}],"Version":"2012-10-17"}}}}}},"AutoDeleteObjectsCustomResource":{"id":"AutoDeleteObjectsCustomResource","path":"VendedLogsTest/FirehoseBucket/AutoDeleteObjectsCustomResource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"VendedLogsTest/FirehoseBucket/AutoDeleteObjectsCustomResource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"FirehoseRole":{"id":"FirehoseRole","path":"VendedLogsTest/FirehoseRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"inlinePolicies":"*"}]},"children":{"ImportFirehoseRole":{"id":"ImportFirehoseRole","path":"VendedLogsTest/FirehoseRole/ImportFirehoseRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"VendedLogsTest/FirehoseRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"firehose.amazonaws.com"}}],"Version":"2012-10-17"},"policies":[{"policyName":"s3","policyDocument":{"Statement":[{"Action":"s3:PutObject","Effect":"Allow","Resource":{"Fn::Join":["",[{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"/*"]]}}],"Version":"2012-10-17"}}]}}}}},"DeliveryStream":{"id":"DeliveryStream","path":"VendedLogsTest/DeliveryStream","constructInfo":{"fqn":"aws-cdk-lib.aws_kinesisfirehose.CfnDeliveryStream","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::KinesisFirehose::DeliveryStream","aws:cdk:cloudformation:props":{"deliveryStreamEncryptionConfigurationInput":{"keyType":"AWS_OWNED_CMK"},"s3DestinationConfiguration":{"bucketArn":{"Fn::GetAtt":["FirehoseBucket407758F1","Arn"]},"bufferingHints":{"intervalInSeconds":10,"sizeInMBs":1},"roleArn":{"Fn::GetAtt":["FirehoseRoleAA67C190","Arn"]}},"tags":[{"key":"LogDeliveryEnabled","value":"true"}]}}},"CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247":{"id":"CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247","path":"VendedLogsTest/CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"S3","destinationResourceArn":{"Fn::GetAtt":["DeliveryBucketA9AE6474","Arn"]},"name":"cdk-s3-error-logs-dest-VendedLogsTestBucket45E742478B007C41"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkS3ErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryBucket45E74247DestE1C5E99F","Arn"]},"deliverySourceName":{"Ref":"CDKSourceERRORLOGSVendedLogsTest"}}}}}},"CDKSourceERROR_LOGSVendedLogsTest":{"id":"CDKSourceERROR_LOGSVendedLogsTest","path":"VendedLogsTest/CDKSourceERROR_LOGSVendedLogsTest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliverySource","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliverySource","aws:cdk:cloudformation:props":{"logType":"ERROR_LOGS","name":"cdk-errorlogs-source-VendedLogsTest","resourceArn":{"Fn::GetAtt":["EventBus","Arn"]}}}},"CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9":{"id":"CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9","path":"VendedLogsTest/CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"CWL","destinationResourceArn":{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},"name":"cdk-cwl-error-logs-dest-VendedLogsTestgGroup50916FD9D42AD8BD"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9Dest07565F4E","Arn"]},"deliverySourceName":{"Ref":"CDKSourceERRORLOGSVendedLogsTest"}}}}}},"CdkLogGroupLogsDeliveryPolicy":{"id":"CdkLogGroupLogsDeliveryPolicy","path":"VendedLogsTest/CdkLogGroupLogsDeliveryPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.ResourcePolicy","version":"0.0.0","metadata":[{}]},"children":{"ResourcePolicy":{"id":"ResourcePolicy","path":"VendedLogsTest/CdkLogGroupLogsDeliveryPolicy/ResourcePolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::ResourcePolicy","aws:cdk:cloudformation:props":{"policyDocument":{"Fn::Join":["",["{\"Statement\":[{\"Action\":[\"logs:CreateLogStream\",\"logs:PutLogEvents\"],\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"",{"Ref":"AWS::AccountId"},"\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:",{"Ref":"AWS::Partition"},":logs:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"delivery.logs.amazonaws.com\"},\"Resource\":\"",{"Fn::GetAtt":["DeliveryLogGroup2A53FD53","Arn"]},":log-stream:*\"}],\"Version\":\"2012-10-17\"}"]]},"policyName":"VendedLogsTestCdkLogGroupErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryLogGroup50916FD9D42AD8BD"}}}}},"CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D":{"id":"CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D","path":"VendedLogsTest/CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"},"children":{"Dest":{"id":"Dest","path":"VendedLogsTest/CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Dest","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDeliveryDestination","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::DeliveryDestination","aws:cdk:cloudformation:props":{"deliveryDestinationType":"FH","destinationResourceArn":{"Fn::GetAtt":["DeliveryStream","Arn"]},"name":"cdk-fh-error-logs-dest-VendedLogsTestStream5258C60DF56F6844"}}},"Delivery":{"id":"Delivery","path":"VendedLogsTest/CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60D/Delivery","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnDelivery","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::Delivery","aws:cdk:cloudformation:props":{"deliveryDestinationArn":{"Fn::GetAtt":["CdkFirehoseErrorLogsDeliveryVendedLogsTestVendedLogsTestDeliveryStream5258C60DDestA14731EA","Arn"]},"deliverySourceName":{"Ref":"CDKSourceERRORLOGSVendedLogsTest"}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"VendedLogsTest/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"VendedLogsTest/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"DeliveryTest":{"id":"DeliveryTest","path":"DeliveryTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"DeliveryTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"DeliveryTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"}},"DeployAssert":{"id":"DeployAssert","path":"DeliveryTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"DeliveryTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.3"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.ts b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.ts index b6fb6ebe573f1..3816b75be30c3 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.ts +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/integ.delivery.ts @@ -3,8 +3,7 @@ import * as integ from '@aws-cdk/integ-tests-alpha'; import * as s3 from 'aws-cdk-lib/aws-s3'; import * as iam from 'aws-cdk-lib/aws-iam'; import * as logs from 'aws-cdk-lib/aws-logs'; -import * as cloudfront from 'aws-cdk-lib/aws-cloudfront'; -import * as origins from 'aws-cdk-lib/aws-cloudfront-origins'; +import * as events from 'aws-cdk-lib/aws-events'; import * as firehose from 'aws-cdk-lib/aws-kinesisfirehose'; import { FirehoseLogsDelivery, LogGroupLogsDelivery, S3LogsDelivery } from '../../../lib/services/aws-logs/logs-delivery'; @@ -13,27 +12,21 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'VendedLogsTest'); // Source Resource -const cloudfrontBucket = new s3.Bucket(stack, 'OriginBucket', { - removalPolicy: cdk.RemovalPolicy.DESTROY, - autoDeleteObjects: true, -}); -const distribution = new cloudfront.Distribution(stack, 'Distribution', { - defaultBehavior: { - origin: origins.S3BucketOrigin.withOriginAccessControl(cloudfrontBucket), +const eventBus = new events.CfnEventBus(stack, 'EventBus', { + name: 'vended-logs-mixin-event-bus', + logConfig: { + includeDetail: events.IncludeDetail.NONE, + level: events.Level.ERROR, }, }); -// Delivery Source -const deliverySource = new logs.CfnDeliverySource(stack, 'CloudFrontSource', { - name: `delivery-source-${distribution.distributionId}-ACCESS_LOGS`, - resourceArn: distribution.distributionArn, - logType: 'ACCESS_LOGS', -}); +const logType = 'ERROR_LOGS'; // Destinations const destinationBucket = new s3.Bucket(stack, 'DeliveryBucket', { removalPolicy: cdk.RemovalPolicy.DESTROY, autoDeleteObjects: true, + encryption: s3.BucketEncryption.S3_MANAGED, }); const destinationLogGroup = new logs.LogGroup(stack, 'DeliveryLogGroup', { removalPolicy: cdk.RemovalPolicy.DESTROY, @@ -42,6 +35,7 @@ const destinationLogGroup = new logs.LogGroup(stack, 'DeliveryLogGroup', { const firehoseBucket = new s3.Bucket(stack, 'FirehoseBucket', { removalPolicy: cdk.RemovalPolicy.DESTROY, autoDeleteObjects: true, + encryption: s3.BucketEncryption.S3_MANAGED, }); const deliveryStream = new firehose.CfnDeliveryStream(stack, 'DeliveryStream', { @@ -63,17 +57,15 @@ const deliveryStream = new firehose.CfnDeliveryStream(stack, 'DeliveryStream', { }, }).roleArn, }, + deliveryStreamEncryptionConfigurationInput: { + keyType: 'AWS_OWNED_CMK', + }, }); // Setup deliveries -const s3Delivery = new S3LogsDelivery(destinationBucket).bind(stack, deliverySource, distribution.distributionArn); -const lgDelivery = new LogGroupLogsDelivery(destinationLogGroup).bind(stack, deliverySource, distribution.distributionArn); -const fhDelivery = new FirehoseLogsDelivery(deliveryStream).bind(stack, deliverySource, distribution.distributionArn); - -// // There's issues with multiple Logs::Delivery resources bing deployed in parallel -// // let's ensure they wait for each other for now -fhDelivery.delivery.node.addDependency(lgDelivery.delivery); -lgDelivery.delivery.node.addDependency(s3Delivery.delivery); +new S3LogsDelivery(destinationBucket).bind(stack, logType, eventBus.attrArn); +new LogGroupLogsDelivery(destinationLogGroup).bind(stack, logType, eventBus.attrArn); +new FirehoseLogsDelivery(deliveryStream).bind(stack, logType, eventBus.attrArn); new integ.IntegTest(app, 'DeliveryTest', { testCases: [stack], diff --git a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/logs-delivery.test.ts b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/logs-delivery.test.ts index ee3a764d0fab1..8f84e83758a81 100644 --- a/packages/@aws-cdk/mixins-preview/test/services/aws-logs/logs-delivery.test.ts +++ b/packages/@aws-cdk/mixins-preview/test/services/aws-logs/logs-delivery.test.ts @@ -3,42 +3,38 @@ import { Bucket, BucketPolicy, CfnBucketPolicy } from 'aws-cdk-lib/aws-s3'; import { Match, Template } from 'aws-cdk-lib/assertions'; import { AccountRootPrincipal, Effect, PolicyDocument, PolicyStatement, Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam'; import { DeliveryStream, S3Bucket } from 'aws-cdk-lib/aws-kinesisfirehose'; -import { CfnDeliverySource, LogGroup, ResourcePolicy, RetentionDays } from 'aws-cdk-lib/aws-logs'; +import { LogGroup, ResourcePolicy, RetentionDays } from 'aws-cdk-lib/aws-logs'; import { Secret } from 'aws-cdk-lib/aws-secretsmanager'; import { FirehoseLogsDelivery, LogGroupLogsDelivery, S3LogsDelivery, S3LogsDeliveryPermissionsVersion, XRayLogsDelivery } from '../../../lib/services/aws-logs'; // at the time of creating this test file S3 does not support Vended Logs on Buckets but this test pretends they do to make writing tests easier describe('S3 Delivery', () => { let source: Bucket; - let deliverySource: CfnDeliverySource; let stack: Stack; + const logType = 'ACCESS_LOGS'; beforeEach(() => { stack = new Stack(); source = new Bucket(stack, 'SourceBucket'); - deliverySource = new CfnDeliverySource(stack, 'S3DeliverySource', { - name: 's3-delivery-s3', - resourceArn: source.bucketArn, - logType: 'ACCESS_LOGS', - }); }); test('creates an S3 delivery destination and delivery connection', () => { const bucket = new Bucket(stack, 'Destination'); const s3Logs = new S3LogsDelivery(bucket); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 1); Template.fromStack(stack).hasResourceProperties('AWS::Logs::Delivery', { DeliveryDestinationArn: { 'Fn::GetAtt': [ - 'SourceBucketCdkS3DeliverySourceBucketDestinationDest500948E7', + 'SourceBucketCdkS3AccessLogsDeliverySourceBucketDestinationDestBA63D329', 'Arn', ], }, DeliverySourceName: { - Ref: 'S3DeliverySource', + Ref: 'SourceBucketCDKSourceACCESSLOGSSourceBucket3DC18173', }, }); Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliveryDestination', { @@ -49,7 +45,14 @@ describe('S3 Delivery', () => { 'Arn', ], }, - Name: Match.stringLikeRegexp('cdk-s3-dest-.*'), + Name: Match.stringLikeRegexp('cdk-s3-access-logs-dest-.*'), + }); + Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliverySource', { + LogType: logType, + ResourceArn: { + 'Fn::GetAtt': ['SourceBucketDDD2130A', 'Arn'], + }, + Name: Match.stringLikeRegexp('cdk-accesslogs-source-.*'), }); // Validate that DeliveryDestination depends on the S3 bucket policy @@ -63,25 +66,46 @@ describe('S3 Delivery', () => { expect(deliveryDestinations[deliveryDestinationLogicalId].DependsOn).toContain(bucketPolicyLogicalId); }); + test('creates delivery source as child of source resource', () => { + const bucket = new Bucket(stack, 'Destination'); + const s3Logs = new S3LogsDelivery(bucket); + s3Logs.bind(source, logType, source.bucketArn); + + const deliverySources = Template.fromStack(stack).findResources('AWS::Logs::DeliverySource'); + const sourceLogicalId = Object.keys(deliverySources)[0]; + expect(sourceLogicalId).toMatch(/^SourceBucket/); + }); + + test('reuses delivery source when binding same source multiple times', () => { + const bucket1 = new Bucket(stack, 'Destination1'); + const bucket2 = new Bucket(stack, 'Destination2'); + + const s3Logs1 = new S3LogsDelivery(bucket1); + s3Logs1.bind(source, logType, source.bucketArn); + + const s3Logs2 = new S3LogsDelivery(bucket2); + s3Logs2.bind(source, logType, source.bucketArn); + + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 2); + Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 2); + }); + test('able to make multiple delivery destinations and multiple deliveries that use the same bucket', () => { const bucket = new Bucket(stack, 'Destination'); const s3Logs = new S3LogsDelivery(bucket); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); const source1 = new Bucket(stack, 'SourceBucket1'); - const deliverySource1 = new CfnDeliverySource(stack, 'S3DeliverySource1', { - name: 's3-delivery-s3-1', - resourceArn: source1.bucketArn, - logType: 'ACCESS_LOGS', - }); const s3Logs1 = new S3LogsDelivery(bucket, { permissionsVersion: S3LogsDeliveryPermissionsVersion.V2, }); - s3Logs1.bind(source1, deliverySource1, source1.bucketArn); + s3Logs1.bind(source1, logType, source1.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::S3::BucketPolicy', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 2); }); @@ -91,7 +115,7 @@ describe('S3 Delivery', () => { const s3Logs = new S3LogsDelivery(bucket, { permissionsVersion: S3LogsDeliveryPermissionsVersion.V1, }); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); Template.fromStack(stack).hasResourceProperties('AWS::S3::BucketPolicy', { Bucket: { @@ -209,7 +233,7 @@ describe('S3 Delivery', () => { const s3Logs = new S3LogsDelivery(bucket, { permissionsVersion: S3LogsDeliveryPermissionsVersion.V2, }); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); Template.fromStack(stack).hasResourceProperties('AWS::S3::BucketPolicy', { Bucket: { @@ -293,7 +317,7 @@ describe('S3 Delivery', () => { }); const s3Logs = new S3LogsDelivery(bucket); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::S3::BucketPolicy', 1); }); @@ -314,7 +338,7 @@ describe('S3 Delivery', () => { }); const s3Logs = new S3LogsDelivery(bucket); - s3Logs.bind(source, deliverySource, source.bucketArn); + s3Logs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::S3::BucketPolicy', 1); Template.fromStack(stack).hasResourceProperties('AWS::S3::BucketPolicy', { @@ -425,16 +449,11 @@ describe('S3 Delivery', () => { describe('Cloudwatch Logs Delivery', () => { let stack: Stack; let source: Bucket; - let deliverySource: CfnDeliverySource; + const logType = 'ACCESS_LOGS'; beforeEach(() => { stack = new Stack(); source = new Bucket(stack, 'SourceBucket'); - deliverySource = new CfnDeliverySource(stack, 'CWLDeliverySource', { - name: 's3-delivery-cwl', - resourceArn: source.bucketArn, - logType: 'ACCESS_LOGS', - }); }); test('creates a Cloudwatch Delivery Destination when given a log group', () => { @@ -444,18 +463,19 @@ describe('Cloudwatch Logs Delivery', () => { }); const cwlLogs = new LogGroupLogsDelivery(logGroup); - cwlLogs.bind(source, deliverySource, source.bucketArn); + cwlLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 1); Template.fromStack(stack).hasResourceProperties('AWS::Logs::Delivery', { DeliveryDestinationArn: { 'Fn::GetAtt': [ - 'SourceBucketCdkLogGroupDeliverySourceBucketLogGroupDeliveryDestCC8D47E3', + 'SourceBucketCdkLogGroupAccessLogsDeliverySourceBucketLogGroupDeliveryDest89BD1E86', 'Arn', ], }, DeliverySourceName: { - Ref: 'CWLDeliverySource', + Ref: 'SourceBucketCDKSourceACCESSLOGSSourceBucket3DC18173', }, }); Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliveryDestination', { @@ -466,7 +486,14 @@ describe('Cloudwatch Logs Delivery', () => { 'Arn', ], }, - Name: Match.stringLikeRegexp('cdk-cwl-dest-.*'), + Name: Match.stringLikeRegexp('cdk-cwl-access-logs-dest-.*'), + }); + Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliverySource', { + LogType: logType, + ResourceArn: { + 'Fn::GetAtt': ['SourceBucketDDD2130A', 'Arn'], + }, + Name: Match.stringLikeRegexp('cdk-accesslogs-source-.*'), }); Template.fromStack(stack).hasResourceProperties('AWS::Logs::ResourcePolicy', { @@ -501,7 +528,7 @@ describe('Cloudwatch Logs Delivery', () => { ], ], }, - PolicyName: 'SourceBucketCdkLogGroupDeliverySourceBucketLogGroupDeliveryDAEA34A7', + PolicyName: 'SourceBucketCdkLogGroupAccessLogsDeliverySourceBucketLogGroupDelivery72DADCC3', }); // Validate that DeliveryDestination depends on the Cloudwatch resource policy @@ -529,7 +556,7 @@ describe('Cloudwatch Logs Delivery', () => { })); const cwlLogs = new LogGroupLogsDelivery(logGroup); - cwlLogs.bind(source, deliverySource, source.bucketArn); + cwlLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::ResourcePolicy', 2); }); @@ -545,7 +572,7 @@ describe('Cloudwatch Logs Delivery', () => { }); const cwlLogs = new LogGroupLogsDelivery(logGroup); - cwlLogs.bind(source, deliverySource, source.bucketArn); + cwlLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::ResourcePolicy', 1); }); @@ -562,10 +589,10 @@ describe('Cloudwatch Logs Delivery', () => { }); const cwlLogs1 = new LogGroupLogsDelivery(logGroup1); - cwlLogs1.bind(source, deliverySource, source.bucketArn); + cwlLogs1.bind(source, logType, source.bucketArn); const cwlLogs2 = new LogGroupLogsDelivery(logGroup2); - cwlLogs2.bind(source, deliverySource, source.bucketArn); + cwlLogs2.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::ResourcePolicy', 1); }); @@ -593,7 +620,7 @@ describe('Cloudwatch Logs Delivery', () => { })); const cwlLogs = new LogGroupLogsDelivery(logGroup); - cwlLogs.bind(source, deliverySource, source.bucketArn); + cwlLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::ResourcePolicy', 1); Template.fromStack(stack).resourceCountIs('AWS::SecretsManager::ResourcePolicy', 1); @@ -606,19 +633,15 @@ describe('Cloudwatch Logs Delivery', () => { }); const source2 = new Bucket(stack, 'SourceBucket2'); - const deliverySource2 = new CfnDeliverySource(stack, 'CWLDeliverySource2', { - name: 's3-delivery-cwl-2', - resourceArn: source2.bucketArn, - logType: 'ACCESS_LOGS', - }); const cwlLogs1 = new LogGroupLogsDelivery(logGroup); - cwlLogs1.bind(source, deliverySource, source.bucketArn); + cwlLogs1.bind(source, logType, source.bucketArn); const cwlLogs2 = new LogGroupLogsDelivery(logGroup); - cwlLogs2.bind(source2, deliverySource2, source2.bucketArn); + cwlLogs2.bind(source2, logType, source2.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::ResourcePolicy', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 2); }); @@ -627,16 +650,11 @@ describe('Cloudwatch Logs Delivery', () => { describe('Firehose Stream Delivery', () => { let stack: Stack; let source: Bucket; - let deliverySource: CfnDeliverySource; + const logType = 'ACCESS_LOGS'; beforeEach(() => { stack = new Stack(); source = new Bucket(stack, 'SourceBucket'); - deliverySource = new CfnDeliverySource(stack, 'FHDeliverySource', { - name: 's3-delivery-fh', - resourceArn: source.bucketArn, - logType: 'ACCESS_LOGS', - }); }); test('creates a Firehose Delivery Destination and a Delivery connection when given a delivery stream', () => { @@ -660,18 +678,19 @@ describe('Firehose Stream Delivery', () => { }); const fhLogs = new FirehoseLogsDelivery(stream); - fhLogs.bind(source, deliverySource, source.bucketArn); + fhLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 1); Template.fromStack(stack).hasResourceProperties('AWS::Logs::Delivery', { DeliveryDestinationArn: { 'Fn::GetAtt': [ - 'SourceBucketCdkFirehoseDeliverySourceBucketFirehoseDestB16933AF', + 'SourceBucketCdkFirehoseAccessLogsDeliverySourceBucketFirehoseDestACDAE1B5', 'Arn', ], }, DeliverySourceName: { - Ref: 'FHDeliverySource', + Ref: 'SourceBucketCDKSourceACCESSLOGSSourceBucket3DC18173', }, }); Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliveryDestination', { @@ -682,7 +701,14 @@ describe('Firehose Stream Delivery', () => { 'Arn', ], }, - Name: Match.stringLikeRegexp('cdk-fh-dest-.*'), + Name: Match.stringLikeRegexp('cdk-fh-access-logs-dest-.*'), + }); + Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliverySource', { + LogType: logType, + ResourceArn: { + 'Fn::GetAtt': ['SourceBucketDDD2130A', 'Arn'], + }, + Name: Match.stringLikeRegexp('cdk-accesslogs-source-.*'), }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -714,18 +740,13 @@ describe('Firehose Stream Delivery', () => { }); const source2 = new Bucket(stack, 'SourceBucket2'); - const deliverySource2 = new CfnDeliverySource(stack, 'FHDeliverySource2', { - name: 's3-delivery-fh-2', - resourceArn: source.bucketArn, - logType: 'ACCESS_LOGS', - }); - const fhLogs1 = new FirehoseLogsDelivery(stream); - fhLogs1.bind(source, deliverySource, 'noop'); + fhLogs1.bind(source, logType, source.bucketArn); const fhLogs2 = new FirehoseLogsDelivery(stream); - fhLogs2.bind(source2, deliverySource2, 'noop'); + fhLogs2.bind(source2, logType, source2.bucketArn); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 2); }); @@ -734,42 +755,41 @@ describe('Firehose Stream Delivery', () => { describe('XRay Delivery', () => { let stack: Stack; let source: Bucket; - let deliverySource: CfnDeliverySource; + const logType = 'TRACES'; beforeEach(() => { stack = new Stack(); source = new Bucket(stack, 'SourceBucket'); - deliverySource = new CfnDeliverySource(stack, 'XRayDeliverySource', { - name: 's3-delivery-xray', - resourceArn: source.bucketArn, - logType: 'TRACES', - }); }); test('creates an XRay Delivery Destination and Delivery', () => { const xrayLogs = new XRayLogsDelivery(); - xrayLogs.bind(source, deliverySource, source.bucketArn); + xrayLogs.bind(source, logType, source.bucketArn); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 1); Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliveryDestination', { DeliveryDestinationType: 'XRAY', - Name: Match.stringLikeRegexp('cdk-xray-dest-.*'), + Name: Match.stringLikeRegexp('cdk-xray-traces-dest-.*'), + }); + Template.fromStack(stack).hasResourceProperties('AWS::Logs::DeliverySource', { + LogType: logType, + ResourceArn: { + 'Fn::GetAtt': ['SourceBucketDDD2130A', 'Arn'], + }, + Name: Match.stringLikeRegexp('cdk-traces-source-.*'), }); }); test('when multiple XRay Delivery destinations are created on one stack, only create one XRay resource policy', () => { const xrayLogs = new XRayLogsDelivery(); - xrayLogs.bind(source, deliverySource, source.bucketArn); + xrayLogs.bind(source, logType, source.bucketArn); const source2 = new Bucket(stack, 'SourceBucket2'); - const deliverySource2 = new CfnDeliverySource(stack, 'XRayDeliverySource2', { - name: 's3-delivery-xray', - resourceArn: source2.bucketArn, - logType: 'TRACES', - }); const xrayLogs2 = new XRayLogsDelivery(); - xrayLogs2.bind(source2, deliverySource2, source2.bucketArn); + xrayLogs2.bind(source2, logType, source2.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::XRay::ResourcePolicy', 1); + Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliverySource', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 2); Template.fromStack(stack).resourceCountIs('AWS::Logs::Delivery', 2); }); @@ -778,17 +798,12 @@ describe('XRay Delivery', () => { const stack2 = new Stack(); const xrayLogs = new XRayLogsDelivery(); - xrayLogs.bind(source, deliverySource, source.bucketArn); + xrayLogs.bind(source, logType, source.bucketArn); const source2 = new Bucket(stack2, 'SourceBucket2'); - const deliverySource2 = new CfnDeliverySource(stack2, 'XRayDeliverySource2', { - name: 's3-delivery-xray', - resourceArn: source2.bucketArn, - logType: 'TRACES', - }); const xrayLogs2 = new XRayLogsDelivery(); - xrayLogs2.bind(source2, deliverySource2, source2.bucketArn); + xrayLogs2.bind(source2, logType, source2.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::XRay::ResourcePolicy', 1); Template.fromStack(stack).resourceCountIs('AWS::Logs::DeliveryDestination', 1); @@ -800,7 +815,7 @@ describe('XRay Delivery', () => { test('creates an XRay delivery policy with correct permissions', () => { const xrayLogs = new XRayLogsDelivery(); - xrayLogs.bind(source, deliverySource, source.bucketArn); + xrayLogs.bind(source, logType, source.bucketArn); Template.fromStack(stack).resourceCountIs('AWS::XRay::ResourcePolicy', 1); Template.fromStack(stack).hasResourceProperties('AWS::XRay::ResourcePolicy', { @@ -836,11 +851,11 @@ describe('XRay Delivery', () => { test('XRay Delivery resource policy gets updated with multiple log delivery sources', () => { const xrayLogs = new XRayLogsDelivery(); - xrayLogs.bind(source, deliverySource, source.bucketArn); + xrayLogs.bind(source, logType, source.bucketArn); const source1 = new Bucket(stack, 'SourceBucket1'); const xrayLogs2 = new XRayLogsDelivery(); - xrayLogs2.bind(source1, deliverySource, source1.bucketArn); + xrayLogs2.bind(source1, logType, source1.bucketArn); Template.fromStack(stack).hasResourceProperties('AWS::XRay::ResourcePolicy', { PolicyDocument: { diff --git a/tools/@aws-cdk/security-guardian/rules/guard-hooks/guardhooks-no-root-principals-except-kms-secrets.guard b/tools/@aws-cdk/security-guardian/rules/guard-hooks/guardhooks-no-root-principals-except-kms-secrets.guard index 848dbbd113f3b..053952aa5d1c3 100644 --- a/tools/@aws-cdk/security-guardian/rules/guard-hooks/guardhooks-no-root-principals-except-kms-secrets.guard +++ b/tools/@aws-cdk/security-guardian/rules/guard-hooks/guardhooks-no-root-principals-except-kms-secrets.guard @@ -9,6 +9,8 @@ let resources_no_root_principals = Resources.*[ Type != 'AWS::KMS::Key' Type != 'AWS::SecretsManager::Secret' + # Policy Document for Cloudwatch Logs is stored as a normal string instead of a json string, which makes it difficult to deal with + Type != 'AWS::Logs::ResourcePolicy' Metadata.guard.SuppressedRules not exists or Metadata.guard.SuppressedRules.* != "NO_ROOT_PRINCIPALS_EXCEPT_KMS_SECRETS" ] @@ -65,7 +67,7 @@ rule NO_ROOT_PRINCIPALS_EXCEPT_KMS_SECRETS when %resources_no_root_principals !e } } } - + # Check ResourcePolicy (Lambda, SNS, SQS, etc.) when Properties.ResourcePolicy exists { Properties.ResourcePolicy.Statement[*] { diff --git a/tools/@aws-cdk/security-guardian/rules/iam/iam-no-wildcard-actions-inline.guard b/tools/@aws-cdk/security-guardian/rules/iam/iam-no-wildcard-actions-inline.guard index f9c2a2c62a85b..fdf232c699bba 100644 --- a/tools/@aws-cdk/security-guardian/rules/iam/iam-no-wildcard-actions-inline.guard +++ b/tools/@aws-cdk/security-guardian/rules/iam/iam-no-wildcard-actions-inline.guard @@ -15,16 +15,35 @@ let iam_roles = Resources.*[ #Check inline policies in roles for wildcards rule IAM_NO_WILDCARD_ACTIONS_INLINE when %iam_roles !empty { %iam_roles { - Properties.Policies[*].PolicyDocument.Statement[*] { - when Effect == "Allow" { - when Action exists { - when Action is_string { - Action != "*" - Action != /\w+:\*$/ + when Properties.Policies[*].PolicyDocument.Statement[*] exists { + Properties.Policies[*].PolicyDocument.Statement[*] { + when Effect == "Allow" { + when Action exists { + when Action is_string { + Action != "*" + Action != /\w+:\*$/ + } + when Action is_list { + Action[*] != "*" + Action[*] != /\w+:\*$/ + } } - when Action is_list { - Action[*] != "*" - Action[*] != /\w+:\*$/ + } + } + } + + when Properties.AssumeRolePolicyDocument.Statement[*] exists { + Properties.AssumeRolePolicyDocument.Statement[*] { + when Effect == "Allow" { + when Action exists { + when Action is_string { + Action != "*" + Action != /\w+:\*$/ + } + when Action is_list { + Action[*] != "*" + Action[*] != /\w+:\*$/ + } } } }