cloudformat #39
Description
generated from new account
Metadata:
AWSToolsMetrics:
IaC_Generator: arn:aws:cloudformation:us-east-2:713881796125:generatedTemplate/39a2ed5b-e8a2-455a-827f-f61b78227688
Resources:
CloudFrontCachePolicy0017322e934707445a93bc6c8c1662182200Qz1S3:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Default Amplify cache policy without cookies
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- RSC
- Accept
- CloudFront-Viewer-Country
- X-Amplify-Dpl
- Host
CookiesConfig:
Cookies:
- __dpl
CookieBehavior: whitelist
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-DefaultNoCookies-V2
EC2DHCPOptions00dopt05abab93d88cc9d3600tYmth:
UpdateReplacePolicy: Retain
Type: AWS::EC2::DHCPOptions
DeletionPolicy: Retain
Properties:
DomainName: us-east-2.compute.internal
DomainNameServers:
- AmazonProvidedDNS
Tags: []
EC2VPCDHCPOptionsAssociation00vpc05fbaad7d2ffdc51d004CcL4:
UpdateReplacePolicy: Retain
Type: AWS::EC2::VPCDHCPOptionsAssociation
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
DhcpOptionsId: !Ref EC2DHCPOptions00dopt05abab93d88cc9d3600tYmth
EC2SecurityGroup00sg06c531253dbec14cd00l1X7k:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SecurityGroup
DeletionPolicy: Retain
Properties:
GroupDescription: default VPC security group
GroupName: default
VpcId: vpc-034b34186f4c98d73
SecurityGroupIngress:
- IpProtocol: '-1'
FromPort: -1
SourceSecurityGroupId: sg-06c531253dbec14cd
ToPort: -1
SourceSecurityGroupOwnerId: '713881796125'
SecurityGroupEgress:
- CidrIp: 0.0.0.0/0
IpProtocol: '-1'
FromPort: -1
ToPort: -1
MemoryDBParameterGroup00defaultmemorydbredis7001uK6K:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-redis7
Family: memorydb_redis7
Description: Default parameter group for memorydb_redis7
IAMRole00AWSServiceRoleForTrustedAdvisor00iigrX:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/trustedadvisor.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForTrustedAdvisor
Description: Access for the AWS Trusted Advisor Service to help reduce cost,
increase performance, and improve security of your AWS environment.
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: trustedadvisor.amazonaws.com
EC2SecurityGroup00sg083e6d660194cc537004oFGh:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SecurityGroup
DeletionPolicy: Retain
Properties:
GroupDescription: default VPC security group
GroupName: default
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
SecurityGroupIngress:
- IpProtocol: '-1'
FromPort: -1
SourceSecurityGroupId: !GetAtt EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB.DefaultSecurityGroup
ToPort: -1
SourceSecurityGroupOwnerId: '713881796125'
SecurityGroupEgress:
- CidrIp: 0.0.0.0/0
IpProtocol: '-1'
FromPort: -1
ToPort: -1
EC2NetworkAcl00acl0ccf6dc0016e602bc00j6hi7:
UpdateReplacePolicy: Retain
Type: AWS::EC2::NetworkAcl
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
Tags: []
EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB:
UpdateReplacePolicy: Retain
Type: AWS::EC2::VPC
DeletionPolicy: Retain
Properties:
CidrBlock: 172.31.0.0/16
EnableDnsSupport: true
InstanceTenancy: default
EnableDnsHostnames: true
Tags: []
CloudFrontCachePolicy00b2884449e4de46a7ac3670bc7f1ddd6d004dkgm:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Default policy when compression is disabled
MinTTL: 1
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: none
EnableAcceptEncodingBrotli: false
HeadersConfig:
HeaderBehavior: none
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: false
DefaultTTL: 86400
Name: Managed-CachingOptimizedForUncompressedObjects
CloudFrontCachePolicy004135ea2d6df844a39df34b5a84be39ad00gX3CV:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy with caching disabled
MinTTL: 0
MaxTTL: 0
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: none
EnableAcceptEncodingBrotli: false
HeadersConfig:
HeaderBehavior: none
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: false
DefaultTTL: 0
Name: Managed-CachingDisabled
EC2SubnetNetworkAclAssociation00aclassoc0f11b11978170eb5f00woYdI:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SubnetNetworkAclAssociation
DeletionPolicy: Retain
Properties:
NetworkAclId: !Ref EC2NetworkAcl00acl0ccf6dc0016e602bc00j6hi7
SubnetId: !Ref EC2Subnet00subnet0a8e0cf838ed85ec100JaKRb
EC2Instance00i0b0e822632e0bef2000oBLVV:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Instance
DeletionPolicy: Retain
Properties:
Tenancy: default
SecurityGroups:
- agent-internal
PrivateIpAddress: 10.0.4.49
UserData: IyEvYmluL2Jhc2ggLXhlCmV4cG9ydCBBR0VOVF9OQU1FPSJ0aW5lX2FnZW50XzQiCmV4cG9ydCBHSVRfUkVQTz0iaHR0cHM6Ly9naXRodWIuY29tL21ldGEtaW50cm9zcGVjdG9yL2Nsb3VkLWRlcGxveW1lbnQtZWxpemEvIiAjIEZJWE1FCmV4cG9ydCBHSVRfQlJBTkNIPSJmZWF0dXJlL2VsaXphL2ZlYi0xMCIgIyBGSVhNRQpleHBvcnQgSE9NRT0vcm9vdAphcHQgdXBkYXRlCmFwdC1nZXQgaW5zdGFsbCAteSBlYzItaW5zdGFuY2UtY29ubmVjdCBnaXQKYXB0LWdldCBpbnN0YWxsIC15IGNsb3VkLXV0aWxzIGFwdC10cmFuc3BvcnQtaHR0cHMgY2EtY2VydGlmaWNhdGVzIGN1cmwgc29mdHdhcmUtcHJvcGVydGllcy1jb21tb24KY3VybCAtZnNTTCBodHRwczovL2Rvd25sb2FkLmRvY2tlci5jb20vbGludXgvdWJ1bnR1L2dwZyB8IHN1ZG8gYXB0LWtleSBhZGQgLQphZGQtYXB0LXJlcG9zaXRvcnkgImRlYiBbYXJjaD1hbWQ2NF0gaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dSAgJChsc2JfcmVsZWFzZSAtY3MpICBzdGFibGUiCmFwdC1nZXQgdXBkYXRlCmFwdC1nZXQgaW5zdGFsbCAteSBkb2NrZXItY2UKdXNlcm1vZCAtYUcgZG9ja2VyIHVidW50dQpzbmFwIGluc3RhbGwgYW1hem9uLXNzbS1hZ2VudCAtLWNsYXNzaWMgfHwgZWNobyBvb3BzMQpzbmFwIHN0YXJ0IGFtYXpvbi1zc20tYWdlbnQgfHwgZWNobyBvb3BzMgphcHQtZ2V0IGluc3RhbGwgLXkgLS1uby1pbnN0YWxsLXJlY29tbWVuZHMgY2EtY2VydGlmaWNhdGVzPTIwMjMwMzExIGN1cmw9Ny44OC4xLTEwK2RlYjEydTcgfCAgZWNobyBvb3BzCmFwdC1nZXQgaW5zdGFsbCAteSB3Z2V0IHVuemlwIHN5c3RlbWQKaWYgWyAhIC1kICIvb3B0L2FnZW50LyIgXTsgdGhlbgpnaXQgY2xvbmUgImh0dHBzOi8vZ2l0aHViLmNvbS9tZXRhLWludHJvc3BlY3Rvci9jbG91ZC1kZXBsb3ltZW50LWVsaXphLyIgIi9vcHQvYWdlbnQvIgpmaQpjZCAiL29wdC9hZ2VudC8iIHx8IGV4aXQgMQpnaXQgc3Rhc2gKZ2l0IGZldGNoIC0tYWxsCmdpdCBjaGVja291dCAtLXRyYWNrIC0tZm9yY2UgIm9yaWdpbi9mZWF0dXJlL2VsaXphL2ZlYi0xMCIKYmFzaCAteCAvb3B0L2FnZW50L3J1bmRvY2tlci5zaAo=
InstanceInitiatedShutdownBehavior: stop
CpuOptions:
ThreadsPerCore: 1
CoreCount: 2
BlockDeviceMappings:
- Ebs:
SnapshotId: snap-0d8fbb7604aa8cca9
VolumeType: gp3
KmsKeyId: !GetAtt KMSKey00096daf8c6fad4ccc80039b4e957312e700tauyp.Arn
Encrypted: true
Iops: 3000
VolumeSize: 30
DeleteOnTermination: true
DeviceName: /dev/sda1
AvailabilityZone: us-east-2a
PrivateDnsNameOptions:
EnableResourceNameDnsARecord: false
HostnameType: ip-name
EnableResourceNameDnsAAAARecord: false
SubnetId: subnet-04e09ffc09b68237c
SecurityGroupIds:
- sg-0ac87a2feced94c13
EbsOptimized: false
DisableApiTermination: false
SourceDestCheck: true
Volumes:
- VolumeId: vol-03a07bebecfd0e5af
Device: /dev/sda1
PlacementGroupName: ''
VpcId: vpc-034b34186f4c98d73
State:
Code: '16'
Name: running
NetworkInterfaces:
- PrivateIpAddresses:
- PrivateIpAddress: 10.0.4.49
Primary: true
SecondaryPrivateIpAddressCount: 0
DeviceIndex: '0'
GroupSet:
- sg-0ac87a2feced94c13
Ipv6Addresses: []
SubnetId: subnet-04e09ffc09b68237c
AssociatePublicIpAddress: true
NetworkInterfaceId: !Ref EC2NetworkInterface00eni0978d81787acf584e00Q2xQF
DeleteOnTermination: true
ImageId: ami-0f5eef59f3e09d816
InstanceType: t4g.small
Monitoring: false
Tags: []
CreditSpecification:
CPUCredits: unlimited
IAMUser00mdupont00yRiz1:
UpdateReplacePolicy: Retain
Type: AWS::IAM::User
DeletionPolicy: Retain
Properties:
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AdministratorAccess
UserName: mdupont
LoginProfile:
PasswordResetRequired: false
Tags:
- Value: dev
Key: AKIA2MNVLXYOQGQJX46V
CloudFrontCachePolicy00766eb0281aff4eb2a5a42674e1538f26000XvdG:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Amplify cache policy for image optimization
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- RSC
- Accept
- CloudFront-Viewer-Country
- X-Amplify-Dpl
- Host
CookiesConfig:
Cookies:
- __dpl
CookieBehavior: whitelist
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-ImageOptimization-V2
EC2VolumeAttachment00vol03a07bebecfd0e5af00KZDs6:
UpdateReplacePolicy: Retain
Type: AWS::EC2::VolumeAttachment
DeletionPolicy: Retain
Properties:
InstanceId: i-0b0e822632e0bef20
VolumeId: vol-03a07bebecfd0e5af
Device: /dev/sda1
IAMRole00AWSServiceRoleForOrganizations00c5OKY:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/organizations.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForOrganizations
Description: Service-linked role used by AWS Organizations to enable integration
of other AWS services with Organizations.
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: organizations.amazonaws.com
EC2NetworkInterfaceAttachment00eniattach05af7474d92b84a5000nAulj:
UpdateReplacePolicy: Retain
Type: AWS::EC2::NetworkInterfaceAttachment
DeletionPolicy: Retain
Properties:
NetworkInterfaceId: eni-0978d81787acf584e
InstanceId: i-0b0e822632e0bef20
DeviceIndex: '0'
DeleteOnTermination: true
Route53ResolverResolverRuleAssociation00rslvrautodefinedassocvpc034b34186f4c98d73internetresolver00lK0Nb:
UpdateReplacePolicy: Retain
Type: AWS::Route53Resolver::ResolverRuleAssociation
DeletionPolicy: Retain
Properties:
VPCId: vpc-034b34186f4c98d73
ResolverRuleId: rslvr-autodefined-rr-internet-resolver
Name: System Rule Association
EC2Route00rtb0e2c23fcf096074ce006N05U:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Route
DeletionPolicy: Retain
Properties:
RouteTableId: !Ref EC2RouteTable00rtb0e2c23fcf096074ce00uv9aL
DestinationCidrBlock: 10.0.0.0/16
GatewayId: local
VpcEndpointId: local
CloudFrontOriginRequestPolicy0059781a5b390341f3afcbaf62929ccde1009hhmq:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: none
Comment: Policy for custom origin with CORS
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- origin
CookiesConfig:
CookieBehavior: none
Name: Managed-CORS-CustomOrigin
CloudFrontCachePolicy00658327eaf89d4faba63d7e88639e58f600kR5OI:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy with caching enabled. Supports Gzip and Brotli compression.
MinTTL: 1
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: none
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: none
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: true
DefaultTTL: 86400
Name: Managed-CachingOptimized
EC2Subnet00subnet008a6dd83ee0698ae00z3Q3D:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Subnet
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
MapPublicIpOnLaunch: true
EnableDns64: false
AvailabilityZoneId: use2-az2
PrivateDnsNameOptionsOnLaunch:
EnableResourceNameDnsARecord: false
HostnameType: ip-name
EnableResourceNameDnsAAAARecord: false
CidrBlock: 172.31.16.0/20
Ipv6Native: false
Tags: []
CloudFrontCachePolicy007e5fad67ee984ad0b05a394999eefc1a00sy5dY:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Amplify cache policy for static content
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: none
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- Host
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-StaticContent
KMSKey00096daf8c6fad4ccc80039b4e957312e700tauyp:
UpdateReplacePolicy: Retain
Type: AWS::KMS::Key
DeletionPolicy: Retain
Properties:
Origin: AWS_KMS
MultiRegion: false
Description: Default key that protects my EBS volumes when no other key is defined
KeyPolicy:
Version: '2012-10-17'
Statement:
- Condition:
StringEquals:
kms:ViaService: ec2.us-east-2.amazonaws.com
kms:CallerAccount: '713881796125'
Resource: '*'
Action:
- kms:Encrypt
- kms:Decrypt
- kms:ReEncrypt*
- kms:GenerateDataKey*
- kms:CreateGrant
- kms:DescribeKey
Effect: Allow
Principal:
AWS: '*'
Sid: Allow access through EBS for all principals in the account that are
authorized to use EBS
- Resource: '*'
Action:
- kms:Describe*
- kms:Get*
- kms:List*
- kms:RevokeGrant
Effect: Allow
Principal:
AWS: arn:aws:iam::713881796125:root
Sid: Allow direct access to key metadata to the account
Id: auto-ebs-2
KeySpec: SYMMETRIC_DEFAULT
Enabled: true
EnableKeyRotation: false
KeyUsage: ENCRYPT_DECRYPT
Tags: []
CloudFrontOriginRequestPolicy00775133bc15f249f9abeaafb2e0bf67d200J1ln3:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: all
Comment: Policy for Elemental MediaTailor Origin
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- origin
- access-control-request-headers
- x-forwarded-for
- access-control-request-method
- user-agent
CookiesConfig:
CookieBehavior: none
Name: Managed-Elemental-MediaTailor-PersonalizedManifests
Route53ResolverResolverRuleAssociation00rslvrautodefinedassocvpc05fbaad7d2ffdc51dinternetresolver00jHfB3:
UpdateReplacePolicy: Retain
Type: AWS::Route53Resolver::ResolverRuleAssociation
DeletionPolicy: Retain
Properties:
VPCId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
ResolverRuleId: rslvr-autodefined-rr-internet-resolver
Name: System Rule Association
MemoryDBACL00openaccess00ltbGG:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ACL
DeletionPolicy: Retain
Properties:
ACLName: open-access
Tags: []
UserNames:
- default
MemoryDBUser00default0075TIt:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::User
DeletionPolicy: Retain
Properties:
Tags: []
UserName: default
CloudFrontOriginRequestPolicy00acba4595bd2849b8b9fe13317c0390fa003Mtlw:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: none
Comment: Policy to forward user-agent and referer headers to origin
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- referer
- user-agent
CookiesConfig:
CookieBehavior: none
Name: Managed-UserAgentRefererHeaders
MemoryDBParameterGroup00defaultmemorydbredis7searchpreview00ucDc9:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-redis7.search.preview
Family: memorydb_redis7.search.preview
Description: Default parameter group for memorydb_redis7.search.preview
CloudFrontOriginRequestPolicy00216adef65c7f47e4b9895492eafa07d300x16aY:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: all
Comment: Policy to forward all parameters in viewer requests
HeadersConfig:
HeaderBehavior: allViewer
CookiesConfig:
CookieBehavior: all
Name: Managed-AllViewer
EC2InternetGateway00igw0a87e24d8696d04b500xVhA0:
UpdateReplacePolicy: Retain
Type: AWS::EC2::InternetGateway
DeletionPolicy: Retain
Properties:
Tags: []
CloudFrontOriginRequestPolicy0033f36d7ef39646d990e052428a34d9dc00Iw4N4:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: all
Comment: Policy to forward all parameters in viewer requests and all CloudFront
headers as of June 2022
HeadersConfig:
HeaderBehavior: allViewerAndWhitelistCloudFront
Headers:
- CloudFront-Viewer-Time-Zone
- CloudFront-Viewer-Address
- CloudFront-Viewer-Country
- CloudFront-Is-IOS-Viewer
- CloudFront-Is-Tablet-Viewer
- CloudFront-Forwarded-Proto
- CloudFront-Viewer-Country-Name
- CloudFront-Is-Mobile-Viewer
- CloudFront-Is-SmartTV-Viewer
- CloudFront-Viewer-Country-Region
- CloudFront-Is-Android-Viewer
- CloudFront-Viewer-Country-Region-Name
- CloudFront-Viewer-City
- CloudFront-Viewer-Latitude
- CloudFront-Viewer-Longitude
- CloudFront-Viewer-Http-Version
- CloudFront-Viewer-Postal-Code
- CloudFront-Viewer-ASN
- CloudFront-Is-Desktop-Viewer
- CloudFront-Viewer-Metro-Code
- CloudFront-Viewer-TLS
CookiesConfig:
CookieBehavior: all
Name: Managed-AllViewerAndCloudFrontHeaders-2022-06
EC2SubnetNetworkAclAssociation00aclassoc0f5d3ce540a0059d600nUBZF:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SubnetNetworkAclAssociation
DeletionPolicy: Retain
Properties:
NetworkAclId: !Ref EC2NetworkAcl00acl0ccf6dc0016e602bc00j6hi7
SubnetId: !Ref EC2Subnet00subnet08116aab1eaf7d58300avSTI
EC2Route00rtb0461d82a8169df03300wSJtd:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Route
DeletionPolicy: Retain
Properties:
RouteTableId: !Ref EC2RouteTable00rtb0461d82a8169df03300aXj7L
DestinationCidrBlock: !GetAtt EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB.CidrBlock
GatewayId: local
VpcEndpointId: local
KMSKey002c0dc6eecf994a95ae2bbf15e31f0f5000SRFw1:
UpdateReplacePolicy: Retain
Type: AWS::KMS::Key
DeletionPolicy: Retain
Properties:
Origin: AWS_KMS
MultiRegion: false
Description: Default key that protects my EBS volumes when no other key is defined
KeyPolicy:
Version: '2012-10-17'
Statement:
- Resource: '*'
Action: kms:*
Effect: Allow
Principal:
AWS: arn:aws:iam::713881796125:root
Sid: REMOVE and enter principle in below section - Added for demo to prevent key
lock out
Id: key-default-1
KeySpec: SYMMETRIC_DEFAULT
Enabled: true
EnableKeyRotation: false
KeyUsage: ENCRYPT_DECRYPT
Tags: []
CloudFrontCachePolicy0083da9c7e98b44e11a16804f0df8e2c6500ZgOpj:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy for origins that return Cache-Control headers. Query strings are
not included in the cache key.
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: none
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- x-method-override
- origin
- host
- x-http-method
- x-http-method-override
CookiesConfig:
CookieBehavior: all
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: UseOriginCacheControlHeaders
EC2Subnet00subnet0a8e0cf838ed85ec100JaKRb:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Subnet
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
MapPublicIpOnLaunch: true
EnableDns64: false
AvailabilityZoneId: use2-az1
PrivateDnsNameOptionsOnLaunch:
EnableResourceNameDnsARecord: false
HostnameType: ip-name
EnableResourceNameDnsAAAARecord: false
CidrBlock: 172.31.0.0/20
Ipv6Native: false
Tags: []
XRayGroup00groupDefault00zAOey:
UpdateReplacePolicy: Retain
Type: AWS::XRay::Group
DeletionPolicy: Retain
Properties:
GroupName: Default
InsightsConfiguration:
InsightsEnabled: false
NotificationsEnabled: false
Tags: []
CloudFrontCachePolicy001c6db51aa33f469a8245dae26771f53000LIwlt:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Amplify cache policy for image optimization
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- Accept
- Host
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-ImageOptimization
MemoryDBParameterGroup00defaultmemorydbvalkey700MchcQ:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-valkey7
Family: memorydb_valkey7
Description: Default parameter group for memorydb_valkey7
EC2Subnet00subnet08116aab1eaf7d58300avSTI:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Subnet
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
MapPublicIpOnLaunch: true
EnableDns64: false
AvailabilityZoneId: use2-az3
PrivateDnsNameOptionsOnLaunch:
EnableResourceNameDnsARecord: false
HostnameType: ip-name
EnableResourceNameDnsAAAARecord: false
CidrBlock: 172.31.32.0/20
Ipv6Native: false
Tags: []
EC2NetworkAcl00acl0cb8aee6d59f2107d009pTxK:
UpdateReplacePolicy: Retain
Type: AWS::EC2::NetworkAcl
DeletionPolicy: Retain
Properties:
VpcId: vpc-034b34186f4c98d73
Tags: []
MemoryDBParameterGroup00defaultmemorydbvalkey7search00t2NbN:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-valkey7.search
Family: memorydb_valkey7
Description: Customized default parameter group for memorydb_valkey7 with
search-enabled yes
IAMRole00AWSServiceRoleForSSO00K9mAx:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/sso.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForSSO
Description: Service-linked role used by AWS SSO to manage AWS resources,
including IAM roles, policies and SAML IdP on your behalf.
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: sso.amazonaws.com
CloudFrontCachePolicy002e54312d136d493c8eb9b001f22f67d2000lOkh:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy for Amplify Origin
MinTTL: 2
MaxTTL: 600
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- CloudFront-Viewer-Country
- Host
CookiesConfig:
CookieBehavior: all
EnableAcceptEncodingGzip: true
DefaultTTL: 2
Name: Managed-Amplify
EC2NetworkInterface00eni0978d81787acf584e00Q2xQF:
UpdateReplacePolicy: Retain
Type: AWS::EC2::NetworkInterface
DeletionPolicy: Retain
Properties:
Description: ''
PrivateIpAddress: 10.0.4.49
PrivateIpAddresses:
- PrivateIpAddress: 10.0.4.49
Primary: true
SecondaryPrivateIpAddressCount: 0
Ipv6PrefixCount: 0
Ipv4Prefixes: []
Ipv4PrefixCount: 0
GroupSet:
- sg-0ac87a2feced94c13
Ipv6Prefixes: []
SubnetId: subnet-04e09ffc09b68237c
SourceDestCheck: true
InterfaceType: interface
Tags: []
CloudFrontCachePolicy004d1d2f1d3a7149ad9e087ea5d843a55600hUtzL:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Default Amplify cache policy
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- Accept
- CloudFront-Viewer-Country
- Host
CookiesConfig:
CookieBehavior: all
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-Default
EventsEventBus00default00xgqwG:
UpdateReplacePolicy: Retain
Type: AWS::Events::EventBus
DeletionPolicy: Retain
Properties:
Tags: []
Name: default
EC2SubnetNetworkAclAssociation00aclassoc03826b75f6a99daa7005HrQt:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SubnetNetworkAclAssociation
DeletionPolicy: Retain
Properties:
NetworkAclId: !Ref EC2NetworkAcl00acl0ccf6dc0016e602bc00j6hi7
SubnetId: !Ref EC2Subnet00subnet008a6dd83ee0698ae00z3Q3D
EC2Volume00vol03a07bebecfd0e5af00je2G9:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Volume
DeletionPolicy: Retain
Properties:
MultiAttachEnabled: false
SnapshotId: snap-0d8fbb7604aa8cca9
VolumeType: gp3
KmsKeyId: arn:aws:kms:us-east-2:713881796125:key/096daf8c-6fad-4ccc-8003-9b4e957312e7
Encrypted: true
Size: 30
AutoEnableIO: true
AvailabilityZone: us-east-2a
Throughput: 125
Iops: 3000
Tags: []
EC2Route00rtb0461d82a8169df03300dZgQM:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Route
DeletionPolicy: Retain
Properties:
RouteTableId: !Ref EC2RouteTable00rtb0461d82a8169df03300aXj7L
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref EC2InternetGateway00igw0a87e24d8696d04b500xVhA0
VpcEndpointId: igw-0a87e24d8696d04b5
CloudFrontCachePolicy001b1c9610973a4fb99932a6c27484088700AVXe7:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Default Amplify cache policy
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- RSC
- Accept
- CloudFront-Viewer-Country
- X-Amplify-Dpl
- Host
CookiesConfig:
CookieBehavior: all
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-Default-V2
MemoryDBParameterGroup00defaultmemorydbredis7search00FtV9n:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-redis7.search
Family: memorydb_redis7
Description: Customized default parameter group for memorydb_redis7 with
search-enabled yes
EC2RouteTable00rtb0e2c23fcf096074ce00uv9aL:
UpdateReplacePolicy: Retain
Type: AWS::EC2::RouteTable
DeletionPolicy: Retain
Properties:
VpcId: vpc-034b34186f4c98d73
CloudFrontCachePolicy004cc15a8ad71548a482b8cc0b614638fe00tLHVD:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy for origins that return Cache-Control headers and serve
different content based on values present in the query string.
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- x-method-override
- origin
- host
- x-http-method
- x-http-method-override
CookiesConfig:
CookieBehavior: all
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: UseOriginCacheControlHeaders-QueryStrings
EC2Route00rtb09d09d85d8a91afa500WvwBl:
UpdateReplacePolicy: Retain
Type: AWS::EC2::Route
DeletionPolicy: Retain
Properties:
RouteTableId: rtb-09d09d85d8a91afa5
DestinationCidrBlock: 10.0.0.0/16
GatewayId: local
VpcEndpointId: local
IAMRole00AWSServiceRoleForAutoScaling00Sp707:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/autoscaling.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForAutoScaling
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: autoscaling.amazonaws.com
AthenaWorkGroup00primary00rUpBC:
UpdateReplacePolicy: Retain
Type: AWS::Athena::WorkGroup
DeletionPolicy: Retain
Properties:
WorkGroupConfiguration:
RequesterPaysEnabled: false
EnforceWorkGroupConfiguration: false
EngineVersion:
SelectedEngineVersion: AUTO
PublishCloudWatchMetricsEnabled: true
ResultConfiguration: {}
State: ENABLED
Tags: []
Name: primary
IAMRole00OrganizationAccountAccessRole00aGwXh:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AdministratorAccess
MaxSessionDuration: 3600
RoleName: OrganizationAccountAccessRole
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
AWS: arn:aws:iam::767503528736:root
MemoryDBParameterGroup00defaultmemorydbredis600zcZ1Z:
UpdateReplacePolicy: Retain
Type: AWS::MemoryDB::ParameterGroup
DeletionPolicy: Retain
Properties:
ParameterGroupName: default.memorydb-redis6
Family: memorydb_redis6
Description: Default parameter group for memorydb_redis6
CloudFrontCachePolicy004c02794c7c814ba18b5de05fb0f95ed800nc1e8:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Amplify cache policy for static content
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStrings:
- dpl
QueryStringBehavior: whitelist
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- RSC
- CloudFront-Viewer-Country
- X-Amplify-Dpl
- Host
CookiesConfig:
Cookies:
- __dpl
CookieBehavior: whitelist
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-StaticContent-V2
IAMRole00AWSServiceRoleForSupport00D601p:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/support.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForSupport
Description: Enables resource access for AWS to provide billing, administrative
and support services
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: support.amazonaws.com
ElastiCacheUser00default00uHfym:
UpdateReplacePolicy: Retain
Type: AWS::ElastiCache::User
DeletionPolicy: Retain
Properties:
UserName: default
UserId: default
Engine: redis
Tags: []
IAMRole00AWSServiceRoleForAmazonSSM00NO4gU:
UpdateReplacePolicy: Retain
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Path: /aws-service-role/ssm.amazonaws.com/
ManagedPolicyArns:
- arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy
MaxSessionDuration: 3600
RoleName: AWSServiceRoleForAmazonSSM
Description: Provides access to AWS Resources managed or used by Amazon SSM.
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: ssm.amazonaws.com
CloudFrontOriginRequestPolicy00b689b0a853d040abbaf268738e2966ac00sEy0i:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: all
Comment: Policy to forward all parameters in viewer requests except for the Host
header
HeadersConfig:
HeaderBehavior: allExcept
Headers:
- host
CookiesConfig:
CookieBehavior: all
Name: Managed-AllViewerExceptHostHeader
CloudFrontOriginRequestPolicy0088a5eaf42fd44709b370b4c650ea3fcf009ZqHE:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::OriginRequestPolicy
DeletionPolicy: Retain
Properties:
OriginRequestPolicyConfig:
QueryStringsConfig:
QueryStringBehavior: none
Comment: Policy for S3 origin with CORS
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- origin
- access-control-request-headers
- access-control-request-method
CookiesConfig:
CookieBehavior: none
Name: Managed-CORS-S3Origin
EC2RouteTable00rtb0461d82a8169df03300aXj7L:
UpdateReplacePolicy: Retain
Type: AWS::EC2::RouteTable
DeletionPolicy: Retain
Properties:
VpcId: !Ref EC2VPC00vpc05fbaad7d2ffdc51d00OF3uB
EC2SubnetNetworkAclAssociation00aclassoc0886fd09b425e573c002IG4f:
UpdateReplacePolicy: Retain
Type: AWS::EC2::SubnetNetworkAclAssociation
DeletionPolicy: Retain
Properties:
NetworkAclId: !Ref EC2NetworkAcl00acl0cb8aee6d59f2107d009pTxK
SubnetId: subnet-04e09ffc09b68237c
CloudFrontCachePolicy00a6bad94636c34c33aa98362c74a7fb13009XQM4:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Default Amplify cache policy without cookies
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStringBehavior: all
EnableAcceptEncodingBrotli: true
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- Authorization
- Accept
- CloudFront-Viewer-Country
- Host
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: true
DefaultTTL: 0
Name: Managed-Amplify-DefaultNoCookies
CloudFrontCachePolicy000862726205a94f769dedb50ca2e3a84f00sBcbi:
UpdateReplacePolicy: Retain
Type: AWS::CloudFront::CachePolicy
DeletionPolicy: Retain
Properties:
CachePolicyConfig:
Comment: Policy for Elemental MediaPackage Origin
MinTTL: 0
MaxTTL: 31536000
ParametersInCacheKeyAndForwardedToOrigin:
QueryStringsConfig:
QueryStrings:
- aws.manifestfilter
- start
- end
- m
QueryStringBehavior: whitelist
EnableAcceptEncodingBrotli: false
HeadersConfig:
HeaderBehavior: whitelist
Headers:
- origin
CookiesConfig:
CookieBehavior: none
EnableAcceptEncodingGzip: true
DefaultTTL: 86400
Name: Managed-Elemental-MediaPackage
EC2VPCDHCPOptionsAssociation00vpc034b34186f4c98d7300JwpOj:
UpdateReplacePolicy: Retain
Type: AWS::EC2::VPCDHCPOptionsAssociation
DeletionPolicy: Retain
Properties:
VpcId: vpc-034b34186f4c98d73
DhcpOptionsId: !Ref EC2DHCPOptions00dopt05abab93d88cc9d3600tYmth