From f8b8c24c9ed47cca9805d04fa4f8abf587e0fa39 Mon Sep 17 00:00:00 2001 From: Thomas Glaser Date: Mon, 9 Jan 2023 15:10:14 +0000 Subject: [PATCH 1/5] pipeline keyrotation --- .../lib/codepipeline/codepipeline.ts | 11 +++++++ .../test/codepipeline/codepipeline.test.ts | 30 +++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts index 6eac94489539f..70bb2efb17b05 100644 --- a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts +++ b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts @@ -225,6 +225,16 @@ export interface CodePipelineProps { * @default true */ readonly useChangeSets?: boolean; + + /** + * Enable KMS key rotation for the generated KMS keys. + * + * By default KMS key rotation is disabled, but will add an additional $1/month + * for each year the key exists when enabled. + * + * @default - false (key rotation is disabled) + */ + readonly enableKeyRotation?: boolean; } /** @@ -398,6 +408,7 @@ export class CodePipeline extends PipelineBase { // to happen only after the builds of the latest pipeline definition). restartExecutionOnUpdate: true, role: this.props.role, + enableKeyRotation: this.props.enableKeyRotation, }); } diff --git a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts index b0ecae2286d1a..7c4bfa45d411a 100644 --- a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts +++ b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts @@ -192,6 +192,36 @@ test('CodeBuild action role has the right AssumeRolePolicyDocument', () => { }); }); +test('CodePipeline enables key rotation on cross account keys', ()=>{ + const pipelineStack = new cdk.Stack(app, 'PipelineStack', { env: PIPELINE_ENV }); + const repo = new ccommit.Repository(pipelineStack, 'Repo', { + repositoryName: 'MyRepo', + }); + const cdkInput = cdkp.CodePipelineSource.codeCommit( + repo, + 'main', + ); + + new CodePipeline(pipelineStack, 'Pipeline', { + enableKeyRotation: true, + crossAccountKeys: true, // requirement of key rotation + synth: new cdkp.ShellStep('Synth', { + input: cdkInput, + installCommands: ['npm ci'], + commands: [ + 'npm run build', + 'npx cdk synth', + ], + }), + }); + + const template = Template.fromStack(pipelineStack); + + template.hasResourceProperties('AWS::KMS::Key', { + EnableKeyRotation: true, + }); +}); + test('CodePipeline supports use of existing role', () => { const pipelineStack = new cdk.Stack(app, 'PipelineStack', { env: PIPELINE_ENV }); const repo = new ccommit.Repository(pipelineStack, 'Repo', { From cdc39fd4966cf763fd3c8fc05e9c27a9672fff0c Mon Sep 17 00:00:00 2001 From: Thomas Glaser Date: Mon, 9 Jan 2023 16:05:17 +0000 Subject: [PATCH 2/5] testing --- packages/@aws-cdk/pipelines/README.md | 3 + .../lib/codepipeline/codepipeline.ts | 4 +- ...teg.newpipeline-with-cross-account-keys.ts | 70 +++++++++++++++++++ 3 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts diff --git a/packages/@aws-cdk/pipelines/README.md b/packages/@aws-cdk/pipelines/README.md index 05996b52c4ac2..91ec38e0f4184 100644 --- a/packages/@aws-cdk/pipelines/README.md +++ b/packages/@aws-cdk/pipelines/README.md @@ -525,12 +525,15 @@ pipeline. This will encrypt the artifact bucket(s), but incurs a cost for maintaining the KMS key. +You may also wish to enable automatic key rotation for the created KMS key. + Example: ```ts const pipeline = new pipelines.CodePipeline(this, 'Pipeline', { // Encrypt artifacts, required for cross-account deployments crossAccountKeys: true, + enableKeyRotation: true, // optional synth: new pipelines.ShellStep('Synth', { input: pipelines.CodePipelineSource.connection('my-org/my-app', 'main', { connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', // Created using the AWS console * });', diff --git a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts index 70bb2efb17b05..06f8f9832235a 100644 --- a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts +++ b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts @@ -229,8 +229,8 @@ export interface CodePipelineProps { /** * Enable KMS key rotation for the generated KMS keys. * - * By default KMS key rotation is disabled, but will add an additional $1/month - * for each year the key exists when enabled. + * By default KMS key rotation is disabled, but will add + * additional costs when enabled. * * @default - false (key rotation is disabled) */ diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts new file mode 100644 index 0000000000000..dbd9870514d98 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts @@ -0,0 +1,70 @@ +// eslint-disable-next-line import/no-extraneous-dependencies +/// !cdk-integ PipelineStack pragma:set-context:@aws-cdk/core:newStyleStackSynthesis=true +import * as sqs from '@aws-cdk/aws-sqs'; +import { App, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import { Construct } from 'constructs'; + +import * as pipelines from '../lib'; + +class PipelineStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const pipeline = new pipelines.CodePipeline(this, 'Pipeline', { + crossAccountKeys: true, + enableKeyRotation: true, + synth: new pipelines.ShellStep('Synth', { + input: pipelines.CodePipelineSource.gitHub('rix0rrr/cdk-pipelines-demo', 'main'), + commands: [ + 'npm ci', + 'npm run build', + 'npx cdk synth', + ], + }), + }); + + pipeline.addStage(new AppStage(this, 'Beta')); + + const group = pipeline.addWave('Wave1'); + group.addStage(new AppStage(this, 'Prod1')); + group.addStage(new AppStage(this, 'Prod2')); + + const group2 = pipeline.addWave('Wave2'); + group2.addStage(new AppStage(this, 'Prod3')); + group2.addStage(new AppStage(this, 'Prod4')); + group2.addStage(new AppStage(this, 'Prod5')); + group2.addStage(new AppStage(this, 'Prod6')); + } +} + +class AppStage extends Stage { + constructor(scope: Construct, id: string, props?: StageProps) { + super(scope, id, props); + + const stack1 = new Stack(this, 'Stack1'); + const queue1 = new sqs.Queue(stack1, 'Queue'); + + const stack2 = new Stack(this, 'Stack2'); + new sqs.Queue(stack2, 'OtherQueue', { + deadLetterQueue: { + queue: queue1, + maxReceiveCount: 5, + }, + }); + } +} + +const app = new App({ + context: { + '@aws-cdk/core:newStyleStackSynthesis': '1', + }, +}); + +const stack = new PipelineStack(app, 'PipelineStack'); + +new integ.IntegTest(app, 'LambdaTest', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file From 51afd8a5db11287e53fd3665b9c3697e90d93850 Mon Sep 17 00:00:00 2001 From: Thomas Glaser Date: Wed, 11 Jan 2023 13:25:11 +0000 Subject: [PATCH 3/5] integ snapshot --- ...efaultTestDeployAssert1AF2B360.assets.json | 19 + ...aultTestDeployAssert1AF2B360.template.json | 36 + .../PipelineStack.assets.json | 19 + .../PipelineStack.template.json | 2546 ++++++++++ ...ipelineStackBetaStack1E6541489.assets.json | 19 + ...elineStackBetaStack1E6541489.template.json | 56 + ...ipelineStackBetaStack2C79AD00A.assets.json | 19 + ...elineStackBetaStack2C79AD00A.template.json | 51 + .../assembly-PipelineStack-Beta/cdk.out | 1 + .../assembly-PipelineStack-Beta/manifest.json | 120 + ...pelineStackProd1Stack14013D698.assets.json | 19 + ...lineStackProd1Stack14013D698.template.json | 56 + ...pelineStackProd1Stack2F0681AFF.assets.json | 19 + ...lineStackProd1Stack2F0681AFF.template.json | 51 + .../assembly-PipelineStack-Prod1/cdk.out | 1 + .../manifest.json | 120 + ...pelineStackProd2Stack1FD464162.assets.json | 19 + ...lineStackProd2Stack1FD464162.template.json | 56 + ...pelineStackProd2Stack2176123EB.assets.json | 19 + ...lineStackProd2Stack2176123EB.template.json | 51 + .../assembly-PipelineStack-Prod2/cdk.out | 1 + .../manifest.json | 120 + ...pelineStackProd3Stack1795F3D43.assets.json | 19 + ...lineStackProd3Stack1795F3D43.template.json | 56 + ...pelineStackProd3Stack2DFBBA0B2.assets.json | 19 + ...lineStackProd3Stack2DFBBA0B2.template.json | 51 + .../assembly-PipelineStack-Prod3/cdk.out | 1 + .../manifest.json | 120 + ...pelineStackProd4Stack118F74ADB.assets.json | 19 + ...lineStackProd4Stack118F74ADB.template.json | 56 + ...pelineStackProd4Stack2E2CB4ED3.assets.json | 19 + ...lineStackProd4Stack2E2CB4ED3.template.json | 51 + .../assembly-PipelineStack-Prod4/cdk.out | 1 + .../manifest.json | 120 + ...pelineStackProd5Stack1E7E4E4C6.assets.json | 19 + ...lineStackProd5Stack1E7E4E4C6.template.json | 56 + ...pelineStackProd5Stack2C39BEE5B.assets.json | 19 + ...lineStackProd5Stack2C39BEE5B.template.json | 51 + .../assembly-PipelineStack-Prod5/cdk.out | 1 + .../manifest.json | 120 + ...pelineStackProd6Stack1E7C34314.assets.json | 19 + ...lineStackProd6Stack1E7C34314.template.json | 56 + ...pelineStackProd6Stack2BED1BBCE.assets.json | 19 + ...lineStackProd6Stack2BED1BBCE.template.json | 51 + .../assembly-PipelineStack-Prod6/cdk.out | 1 + .../manifest.json | 120 + .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 250 + .../tree.json | 4200 +++++++++++++++++ ...teg.newpipeline-with-cross-account-keys.ts | 2 +- 51 files changed, 8946 insertions(+), 1 deletion(-) create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.assets.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/tree.json diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.assets.json new file mode 100644 index 0000000000000..94246814e0a48 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "LambdaTestDefaultTestDeployAssert1AF2B360.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.assets.json new file mode 100644 index 0000000000000..af32741f7bc44 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "c1bda7e2c84e91a5658af0b194a4c8918dead52ad783e29acbc3701149e73f45": { + "source": { + "path": "PipelineStack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "c1bda7e2c84e91a5658af0b194a4c8918dead52ad783e29acbc3701149e73f45.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json new file mode 100644 index 0000000000000..855088e557cb5 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/PipelineStack.template.json @@ -0,0 +1,2546 @@ +{ + "Resources": { + "PipelineArtifactsBucketEncryptionKeyF5BF0670": { + "Type": "AWS::KMS::Key", + "Properties": { + "KeyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "EnableKeyRotation": true + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "PipelineArtifactsBucketEncryptionKeyAlias94A07392": { + "Type": "AWS::KMS::Alias", + "Properties": { + "AliasName": "alias/codepipeline-pipelinestack-pipeline-e95eedaa", + "TargetKeyId": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "PipelineArtifactsBucketAEA9A052": { + "Type": "AWS::S3::Bucket", + "Properties": { + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "KMSMasterKeyID": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + }, + "SSEAlgorithm": "aws:kms" + } + } + ] + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true + } + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "PipelineArtifactsBucketPolicyF53CCC52": { + "Type": "AWS::S3::BucketPolicy", + "Properties": { + "Bucket": { + "Ref": "PipelineArtifactsBucketAEA9A052" + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineRoleB27FAA37": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codepipeline.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineRoleDefaultPolicy7BDC1ABB": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + }, + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineRoleDefaultPolicy7BDC1ABB", + "Roles": [ + { + "Ref": "PipelineRoleB27FAA37" + } + ] + } + }, + "Pipeline9850B417": { + "Type": "AWS::CodePipeline::Pipeline", + "Properties": { + "RoleArn": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + }, + "Stages": [ + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Source", + "Owner": "ThirdParty", + "Provider": "GitHub", + "Version": "1" + }, + "Configuration": { + "Owner": "tkglaser", + "Repo": "cdk-pipelines-demo", + "Branch": "main", + "OAuthToken": "{{resolve:secretsmanager:github-token:SecretString:::}}", + "PollForSourceChanges": false + }, + "Name": "tkglaser_cdk-pipelines-demo", + "OutputArtifacts": [ + { + "Name": "tkglaser_cdk_pipelines_demo_Source" + } + ], + "RunOrder": 1 + } + ], + "Name": "Source" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Build", + "Owner": "AWS", + "Provider": "CodeBuild", + "Version": "1" + }, + "Configuration": { + "ProjectName": { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"00ebacfb32b1bde8d3638577308e7b7144dfa3b0a58a83bc6ff38a3b1f26951c\"}]" + }, + "InputArtifacts": [ + { + "Name": "tkglaser_cdk_pipelines_demo_Source" + } + ], + "Name": "Synth", + "OutputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "RoleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + "RunOrder": 1 + } + ], + "Name": "Build" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Build", + "Owner": "AWS", + "Provider": "CodeBuild", + "Version": "1" + }, + "Configuration": { + "ProjectName": { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"c0779bd925c3a7f19be75a4973c668d10d00ce3552b882c7d2ba3fa3cee6d976\"}]" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "SelfMutate", + "RoleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + "RunOrder": 1 + } + ], + "Name": "UpdatePipeline" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Beta-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Beta-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Beta-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Beta-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + } + ], + "Name": "Beta" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod1-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod1.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod2-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod2.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod1-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod1.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod2-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod2.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod1-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod1.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod2-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod2.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod1-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod1.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod2-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod2.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + } + ], + "Name": "Wave1" + }, + { + "Actions": [ + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod3-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod3.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod4-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod4.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod5-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod5.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod6-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod6.Stack1.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 1 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod3-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod3.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod4-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod4.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod5-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod5.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod6-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod6.Stack1.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 2 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod3-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod3.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod4-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod4.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod5-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod5.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod6-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json" + }, + "InputArtifacts": [ + { + "Name": "Synth_Output" + } + ], + "Name": "Prod6.Stack2.Prepare", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 3 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod3-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod3.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod4-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod4.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod5-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod5.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + }, + { + "ActionTypeId": { + "Category": "Deploy", + "Owner": "AWS", + "Provider": "CloudFormation", + "Version": "1" + }, + "Configuration": { + "StackName": "Prod6-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "Name": "Prod6.Stack2.Deploy", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "RunOrder": 4 + } + ], + "Name": "Wave2" + } + ], + "ArtifactStore": { + "EncryptionKey": { + "Id": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + }, + "Type": "KMS" + }, + "Location": { + "Ref": "PipelineArtifactsBucketAEA9A052" + }, + "Type": "S3" + }, + "RestartExecutionOnUpdate": true + }, + "DependsOn": [ + "PipelineRoleDefaultPolicy7BDC1ABB", + "PipelineRoleB27FAA37" + ] + }, + "PipelineSourcetkglasercdkpipelinesdemoWebhookResource54EE51BE": { + "Type": "AWS::CodePipeline::Webhook", + "Properties": { + "Authentication": "GITHUB_HMAC", + "AuthenticationConfiguration": { + "SecretToken": "{{resolve:secretsmanager:github-token:SecretString:::}}" + }, + "Filters": [ + { + "JsonPath": "$.ref", + "MatchEquals": "refs/heads/{Branch}" + } + ], + "TargetAction": "tkglaser_cdk-pipelines-demo", + "TargetPipeline": { + "Ref": "Pipeline9850B417" + }, + "TargetPipelineVersion": 1, + "RegisterWithThirdParty": true + } + }, + "PipelineBuildSynthCdkBuildProjectRole231EEA2A": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":codebuild:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "-*" + ] + ] + } + }, + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C", + "Roles": [ + { + "Ref": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ] + } + }, + "PipelineBuildSynthCdkBuildProject6BEFA8E6": { + "Type": "AWS::CodeBuild::Project", + "Properties": { + "Artifacts": { + "Type": "CODEPIPELINE" + }, + "Environment": { + "ComputeType": "BUILD_GENERAL1_SMALL", + "Image": "aws/codebuild/standard:5.0", + "ImagePullCredentialsType": "CODEBUILD", + "PrivilegedMode": false, + "Type": "LINUX_CONTAINER" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProjectRole231EEA2A", + "Arn" + ] + }, + "Source": { + "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"build\": {\n \"commands\": [\n \"npm ci\",\n \"npm run build\",\n \"npx cdk synth\"\n ]\n }\n },\n \"artifacts\": {\n \"base-directory\": \"cdk.out\",\n \"files\": \"**/*\"\n }\n}", + "Type": "CODEPIPELINE" + }, + "Cache": { + "Type": "NO_CACHE" + }, + "Description": "Pipeline step PipelineStack/Pipeline/Build/Synth", + "EncryptionKey": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + }, + "PipelineCodeBuildActionRole226DB0CB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Condition": { + "Bool": { + "aws:ViaAWSService": "codepipeline.amazonaws.com" + } + }, + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "codebuild:BatchGetBuilds", + "codebuild:StartBuild", + "codebuild:StopBuild" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProject6BEFA8E6", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationDAA41400", + "Arn" + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE", + "Roles": [ + { + "Ref": "PipelineCodeBuildActionRole226DB0CB" + } + ] + } + }, + "PipelineUpdatePipelineSelfMutationRole57E559E8": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":codebuild:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "-*" + ] + ] + } + }, + { + "Action": "sts:AssumeRole", + "Condition": { + "ForAnyValue:StringEquals": { + "iam:ResourceTag/aws-cdk:bootstrap-role": [ + "image-publishing", + "file-publishing", + "deploy" + ] + } + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:*:iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/*" + ] + ] + } + }, + { + "Action": [ + "cloudformation:DescribeStacks", + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E", + "Roles": [ + { + "Ref": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ] + } + }, + "PipelineUpdatePipelineSelfMutationDAA41400": { + "Type": "AWS::CodeBuild::Project", + "Properties": { + "Artifacts": { + "Type": "CODEPIPELINE" + }, + "Environment": { + "ComputeType": "BUILD_GENERAL1_SMALL", + "Image": "aws/codebuild/standard:5.0", + "ImagePullCredentialsType": "CODEBUILD", + "PrivilegedMode": false, + "Type": "LINUX_CONTAINER" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationRole57E559E8", + "Arn" + ] + }, + "Source": { + "BuildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g aws-cdk@1\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk -a . deploy PipelineStack --require-approval=never --verbose\"\n ]\n }\n }\n}", + "Type": "CODEPIPELINE" + }, + "Cache": { + "Type": "NO_CACHE" + }, + "Description": "Pipeline step PipelineStack/Pipeline/UpdatePipeline/SelfMutate", + "EncryptionKey": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.assets.json new file mode 100644 index 0000000000000..f199f50526e58 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "91031b26c04588c38a59e3481d308182b5244c5f5a3af3ee05566e2f4f70ce65": { + "source": { + "path": "PipelineStackBetaStack1E6541489.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "91031b26c04588c38a59e3481d308182b5244c5f5a3af3ee05566e2f4f70ce65.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json new file mode 100644 index 0000000000000..c1339d0126ee2 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Beta-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.assets.json new file mode 100644 index 0000000000000..de61f2f0d61b8 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "e3aa38ca82b00b776ad3834e9ee862d2e529d91c0f0b12fad846884e1e600326": { + "source": { + "path": "PipelineStackBetaStack2C79AD00A.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "e3aa38ca82b00b776ad3834e9ee862d2e529d91c0f0b12fad846884e1e600326.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json new file mode 100644 index 0000000000000..f7390e702aa6d --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Beta-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/manifest.json new file mode 100644 index 0000000000000..44178c8276b5a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Beta/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackBetaStack1E6541489.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackBetaStack1E6541489.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackBetaStack1E6541489": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackBetaStack1E6541489.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/91031b26c04588c38a59e3481d308182b5244c5f5a3af3ee05566e2f4f70ce65.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackBetaStack1E6541489.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Beta-Stack1" + }, + "dependencies": [ + "PipelineStackBetaStack1E6541489.assets" + ], + "metadata": { + "/PipelineStack/Beta/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Beta/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Beta/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Beta/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Beta/Stack1" + }, + "PipelineStackBetaStack2C79AD00A.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackBetaStack2C79AD00A.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackBetaStack2C79AD00A": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackBetaStack2C79AD00A.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e3aa38ca82b00b776ad3834e9ee862d2e529d91c0f0b12fad846884e1e600326.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackBetaStack2C79AD00A.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Beta-Stack2" + }, + "dependencies": [ + "PipelineStackBetaStack1E6541489", + "PipelineStackBetaStack2C79AD00A.assets" + ], + "metadata": { + "/PipelineStack/Beta/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Beta/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Beta/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Beta/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.assets.json new file mode 100644 index 0000000000000..b7ffa2a662eb3 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "774f0c3cec814003a4da7d6cab73aec82952a0cb52a221b3f94fae483d9922a3": { + "source": { + "path": "PipelineStackProd1Stack14013D698.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "774f0c3cec814003a4da7d6cab73aec82952a0cb52a221b3f94fae483d9922a3.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json new file mode 100644 index 0000000000000..b46a5cc4fbb7d --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod1-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.assets.json new file mode 100644 index 0000000000000..7726d630cea66 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "c1cb4eebe68ea920a89e618efa29c36ecc1aa0c6f6ef6b65559efe9c0bba4059": { + "source": { + "path": "PipelineStackProd1Stack2F0681AFF.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "c1cb4eebe68ea920a89e618efa29c36ecc1aa0c6f6ef6b65559efe9c0bba4059.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json new file mode 100644 index 0000000000000..fcabd32211080 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod1-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/manifest.json new file mode 100644 index 0000000000000..84e886b05f023 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod1/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd1Stack14013D698.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd1Stack14013D698.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd1Stack14013D698": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd1Stack14013D698.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/774f0c3cec814003a4da7d6cab73aec82952a0cb52a221b3f94fae483d9922a3.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd1Stack14013D698.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod1-Stack1" + }, + "dependencies": [ + "PipelineStackProd1Stack14013D698.assets" + ], + "metadata": { + "/PipelineStack/Prod1/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod1/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod1/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod1/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod1/Stack1" + }, + "PipelineStackProd1Stack2F0681AFF.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd1Stack2F0681AFF.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd1Stack2F0681AFF": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd1Stack2F0681AFF.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c1cb4eebe68ea920a89e618efa29c36ecc1aa0c6f6ef6b65559efe9c0bba4059.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd1Stack2F0681AFF.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod1-Stack2" + }, + "dependencies": [ + "PipelineStackProd1Stack14013D698", + "PipelineStackProd1Stack2F0681AFF.assets" + ], + "metadata": { + "/PipelineStack/Prod1/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod1/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod1/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod1/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.assets.json new file mode 100644 index 0000000000000..3c89b6ce514f5 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "a595899a57366f015e986ac46c3da09fac75670ea0f4719de8defc67d731fa68": { + "source": { + "path": "PipelineStackProd2Stack1FD464162.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "a595899a57366f015e986ac46c3da09fac75670ea0f4719de8defc67d731fa68.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json new file mode 100644 index 0000000000000..302ccbd07207e --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod2-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.assets.json new file mode 100644 index 0000000000000..d53df689d7a91 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "364ee9a72c6c371a00c6e41438695af070848a2d625a4c953bfc4666e7ad5ae9": { + "source": { + "path": "PipelineStackProd2Stack2176123EB.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "364ee9a72c6c371a00c6e41438695af070848a2d625a4c953bfc4666e7ad5ae9.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json new file mode 100644 index 0000000000000..933decc98d696 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod2-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/manifest.json new file mode 100644 index 0000000000000..793401e5b7f4b --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod2/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd2Stack1FD464162.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd2Stack1FD464162.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd2Stack1FD464162": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd2Stack1FD464162.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a595899a57366f015e986ac46c3da09fac75670ea0f4719de8defc67d731fa68.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd2Stack1FD464162.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod2-Stack1" + }, + "dependencies": [ + "PipelineStackProd2Stack1FD464162.assets" + ], + "metadata": { + "/PipelineStack/Prod2/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod2/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod2/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod2/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod2/Stack1" + }, + "PipelineStackProd2Stack2176123EB.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd2Stack2176123EB.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd2Stack2176123EB": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd2Stack2176123EB.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/364ee9a72c6c371a00c6e41438695af070848a2d625a4c953bfc4666e7ad5ae9.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd2Stack2176123EB.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod2-Stack2" + }, + "dependencies": [ + "PipelineStackProd2Stack1FD464162", + "PipelineStackProd2Stack2176123EB.assets" + ], + "metadata": { + "/PipelineStack/Prod2/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod2/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod2/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod2/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.assets.json new file mode 100644 index 0000000000000..c55b572802965 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "e8c78794529aa32b354a78b7b979165b0cadd9d113a37f537d083f946c0e7bff": { + "source": { + "path": "PipelineStackProd3Stack1795F3D43.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "e8c78794529aa32b354a78b7b979165b0cadd9d113a37f537d083f946c0e7bff.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json new file mode 100644 index 0000000000000..001e76f16f49a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod3-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.assets.json new file mode 100644 index 0000000000000..d2499d3c6f9ef --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "9fee5ad34559e603d3fc184456935445ea09549b147d2cbc2acd8cf6b916dd99": { + "source": { + "path": "PipelineStackProd3Stack2DFBBA0B2.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "9fee5ad34559e603d3fc184456935445ea09549b147d2cbc2acd8cf6b916dd99.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json new file mode 100644 index 0000000000000..dc2e4203973f5 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod3-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/manifest.json new file mode 100644 index 0000000000000..dab78742ac8f3 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod3/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd3Stack1795F3D43.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd3Stack1795F3D43.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd3Stack1795F3D43": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd3Stack1795F3D43.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e8c78794529aa32b354a78b7b979165b0cadd9d113a37f537d083f946c0e7bff.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd3Stack1795F3D43.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod3-Stack1" + }, + "dependencies": [ + "PipelineStackProd3Stack1795F3D43.assets" + ], + "metadata": { + "/PipelineStack/Prod3/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod3/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod3/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod3/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod3/Stack1" + }, + "PipelineStackProd3Stack2DFBBA0B2.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd3Stack2DFBBA0B2.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd3Stack2DFBBA0B2": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd3Stack2DFBBA0B2.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9fee5ad34559e603d3fc184456935445ea09549b147d2cbc2acd8cf6b916dd99.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd3Stack2DFBBA0B2.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod3-Stack2" + }, + "dependencies": [ + "PipelineStackProd3Stack1795F3D43", + "PipelineStackProd3Stack2DFBBA0B2.assets" + ], + "metadata": { + "/PipelineStack/Prod3/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod3/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod3/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod3/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.assets.json new file mode 100644 index 0000000000000..450141f8baf32 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "7e0ecf5ec563ed47798cfb17d4c3ce0e6c710c075fc53bf8cd15d8fb9a210f78": { + "source": { + "path": "PipelineStackProd4Stack118F74ADB.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "7e0ecf5ec563ed47798cfb17d4c3ce0e6c710c075fc53bf8cd15d8fb9a210f78.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json new file mode 100644 index 0000000000000..2b548d4d93efd --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod4-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.assets.json new file mode 100644 index 0000000000000..44abc221b7ad2 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "a9cddd81a8937cbadd9bf93c6fe07766501a7c137605bb09e6cfa322b2eb09fd": { + "source": { + "path": "PipelineStackProd4Stack2E2CB4ED3.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "a9cddd81a8937cbadd9bf93c6fe07766501a7c137605bb09e6cfa322b2eb09fd.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json new file mode 100644 index 0000000000000..631819bed2136 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod4-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/manifest.json new file mode 100644 index 0000000000000..9c756ab77fd23 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod4/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd4Stack118F74ADB.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd4Stack118F74ADB.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd4Stack118F74ADB": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd4Stack118F74ADB.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7e0ecf5ec563ed47798cfb17d4c3ce0e6c710c075fc53bf8cd15d8fb9a210f78.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd4Stack118F74ADB.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod4-Stack1" + }, + "dependencies": [ + "PipelineStackProd4Stack118F74ADB.assets" + ], + "metadata": { + "/PipelineStack/Prod4/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod4/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod4/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod4/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod4/Stack1" + }, + "PipelineStackProd4Stack2E2CB4ED3.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd4Stack2E2CB4ED3.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd4Stack2E2CB4ED3": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd4Stack2E2CB4ED3.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a9cddd81a8937cbadd9bf93c6fe07766501a7c137605bb09e6cfa322b2eb09fd.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd4Stack2E2CB4ED3.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod4-Stack2" + }, + "dependencies": [ + "PipelineStackProd4Stack118F74ADB", + "PipelineStackProd4Stack2E2CB4ED3.assets" + ], + "metadata": { + "/PipelineStack/Prod4/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod4/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod4/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod4/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.assets.json new file mode 100644 index 0000000000000..c44f6ea2b183b --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "1e0089d5c027ddec49745fce045925aff9342fbffdf989e4ae5263fd87ee50f7": { + "source": { + "path": "PipelineStackProd5Stack1E7E4E4C6.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "1e0089d5c027ddec49745fce045925aff9342fbffdf989e4ae5263fd87ee50f7.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json new file mode 100644 index 0000000000000..658620fcb843a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod5-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.assets.json new file mode 100644 index 0000000000000..158c0083e7147 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "48a94145722a5a14816cb87dce62fadba53a03b2c18e0fdfb5107ffabd5d7cd8": { + "source": { + "path": "PipelineStackProd5Stack2C39BEE5B.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "48a94145722a5a14816cb87dce62fadba53a03b2c18e0fdfb5107ffabd5d7cd8.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json new file mode 100644 index 0000000000000..67e0c24ee96fb --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod5-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/manifest.json new file mode 100644 index 0000000000000..fe561a6512340 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod5/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd5Stack1E7E4E4C6.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd5Stack1E7E4E4C6.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd5Stack1E7E4E4C6": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd5Stack1E7E4E4C6.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1e0089d5c027ddec49745fce045925aff9342fbffdf989e4ae5263fd87ee50f7.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd5Stack1E7E4E4C6.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod5-Stack1" + }, + "dependencies": [ + "PipelineStackProd5Stack1E7E4E4C6.assets" + ], + "metadata": { + "/PipelineStack/Prod5/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod5/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod5/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod5/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod5/Stack1" + }, + "PipelineStackProd5Stack2C39BEE5B.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd5Stack2C39BEE5B.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd5Stack2C39BEE5B": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd5Stack2C39BEE5B.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/48a94145722a5a14816cb87dce62fadba53a03b2c18e0fdfb5107ffabd5d7cd8.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd5Stack2C39BEE5B.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod5-Stack2" + }, + "dependencies": [ + "PipelineStackProd5Stack1E7E4E4C6", + "PipelineStackProd5Stack2C39BEE5B.assets" + ], + "metadata": { + "/PipelineStack/Prod5/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod5/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod5/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod5/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.assets.json new file mode 100644 index 0000000000000..880e81b8852d1 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "26d311d19506235a52c5d093cf5a8360110af6a2b713beda66b33ba3ee5bd813": { + "source": { + "path": "PipelineStackProd6Stack1E7C34314.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "26d311d19506235a52c5d093cf5a8360110af6a2b713beda66b33ba3ee5bd813.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json new file mode 100644 index 0000000000000..7ac93ccb63c33 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json @@ -0,0 +1,56 @@ +{ + "Resources": { + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Outputs": { + "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E": { + "Value": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Export": { + "Name": "Prod6-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.assets.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.assets.json new file mode 100644 index 0000000000000..193e0ebce2115 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "8f3e16ae3f29a4a50d4ef13026a3bc879e039d80e9fffdefe19d40349ec6bb30": { + "source": { + "path": "PipelineStackProd6Stack2BED1BBCE.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "8f3e16ae3f29a4a50d4ef13026a3bc879e039d80e9fffdefe19d40349ec6bb30.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json new file mode 100644 index 0000000000000..dd780ed92f925 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json @@ -0,0 +1,51 @@ +{ + "Resources": { + "OtherQueue60B686DC": { + "Type": "AWS::SQS::Queue", + "Properties": { + "RedrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod6-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/manifest.json new file mode 100644 index 0000000000000..cb703434ad45b --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/assembly-PipelineStack-Prod6/manifest.json @@ -0,0 +1,120 @@ +{ + "version": "29.0.0", + "artifacts": { + "PipelineStackProd6Stack1E7C34314.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd6Stack1E7C34314.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd6Stack1E7C34314": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd6Stack1E7C34314.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/26d311d19506235a52c5d093cf5a8360110af6a2b713beda66b33ba3ee5bd813.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd6Stack1E7C34314.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod6-Stack1" + }, + "dependencies": [ + "PipelineStackProd6Stack1E7C34314.assets" + ], + "metadata": { + "/PipelineStack/Prod6/Stack1/Queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Queue4A7E3555" + } + ], + "/PipelineStack/Prod6/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + } + ], + "/PipelineStack/Prod6/Stack1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod6/Stack1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod6/Stack1" + }, + "PipelineStackProd6Stack2BED1BBCE.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStackProd6Stack2BED1BBCE.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStackProd6Stack2BED1BBCE": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStackProd6Stack2BED1BBCE.template.json", + "validateOnSynth": true, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8f3e16ae3f29a4a50d4ef13026a3bc879e039d80e9fffdefe19d40349ec6bb30.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStackProd6Stack2BED1BBCE.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + }, + "stackName": "Prod6-Stack2" + }, + "dependencies": [ + "PipelineStackProd6Stack1E7C34314", + "PipelineStackProd6Stack2BED1BBCE.assets" + ], + "metadata": { + "/PipelineStack/Prod6/Stack2/OtherQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OtherQueue60B686DC" + } + ], + "/PipelineStack/Prod6/Stack2/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/Prod6/Stack2/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack/Prod6/Stack2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/cdk.out b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/integ.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/integ.json new file mode 100644 index 0000000000000..9c049ebb503d9 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "29.0.0", + "testCases": { + "LambdaTest/DefaultTest": { + "stacks": [ + "PipelineStack" + ], + "assertionStack": "LambdaTest/DefaultTest/DeployAssert", + "assertionStackName": "LambdaTestDefaultTestDeployAssert1AF2B360" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/manifest.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/manifest.json new file mode 100644 index 0000000000000..ba995ae0a7667 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/manifest.json @@ -0,0 +1,250 @@ +{ + "version": "29.0.0", + "artifacts": { + "assembly-PipelineStack-Beta": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Beta", + "displayName": "PipelineStack/Beta" + } + }, + "assembly-PipelineStack-Prod1": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod1", + "displayName": "PipelineStack/Prod1" + } + }, + "assembly-PipelineStack-Prod2": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod2", + "displayName": "PipelineStack/Prod2" + } + }, + "assembly-PipelineStack-Prod3": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod3", + "displayName": "PipelineStack/Prod3" + } + }, + "assembly-PipelineStack-Prod4": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod4", + "displayName": "PipelineStack/Prod4" + } + }, + "assembly-PipelineStack-Prod5": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod5", + "displayName": "PipelineStack/Prod5" + } + }, + "assembly-PipelineStack-Prod6": { + "type": "cdk:cloud-assembly", + "properties": { + "directoryName": "assembly-PipelineStack-Prod6", + "displayName": "PipelineStack/Prod6" + } + }, + "PipelineStack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "PipelineStack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "PipelineStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineStack.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c1bda7e2c84e91a5658af0b194a4c8918dead52ad783e29acbc3701149e73f45.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "PipelineStack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "PipelineStack.assets" + ], + "metadata": { + "/PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKey/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineArtifactsBucketEncryptionKeyF5BF0670" + } + ], + "/PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKeyAlias/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineArtifactsBucketEncryptionKeyAlias94A07392" + } + ], + "/PipelineStack/Pipeline/Pipeline/ArtifactsBucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineArtifactsBucketAEA9A052" + } + ], + "/PipelineStack/Pipeline/Pipeline/ArtifactsBucket/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineArtifactsBucketPolicyF53CCC52" + } + ], + "/PipelineStack/Pipeline/Pipeline/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineRoleB27FAA37" + } + ], + "/PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineRoleDefaultPolicy7BDC1ABB" + } + ], + "/PipelineStack/Pipeline/Pipeline/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Pipeline9850B417" + } + ], + "/PipelineStack/Pipeline/Pipeline/Source/tkglaser_cdk-pipelines-demo/WebhookResource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineSourcetkglasercdkpipelinesdemoWebhookResource54EE51BE" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C" + } + ], + "/PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ], + "/PipelineStack/Pipeline/CodeBuildActionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineCodeBuildActionRole226DB0CB" + } + ], + "/PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E" + } + ], + "/PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ], + "/PipelineStack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/PipelineStack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "PipelineStack" + }, + "LambdaTestDefaultTestDeployAssert1AF2B360.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "LambdaTestDefaultTestDeployAssert1AF2B360.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "LambdaTestDefaultTestDeployAssert1AF2B360": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "LambdaTestDefaultTestDeployAssert1AF2B360.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "LambdaTestDefaultTestDeployAssert1AF2B360.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "LambdaTestDefaultTestDeployAssert1AF2B360.assets" + ], + "metadata": { + "/LambdaTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/LambdaTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "LambdaTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/tree.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/tree.json new file mode 100644 index 0000000000000..9498fef8dfd27 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.js.snapshot/tree.json @@ -0,0 +1,4200 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "PipelineStack": { + "id": "PipelineStack", + "path": "PipelineStack", + "children": { + "Pipeline": { + "id": "Pipeline", + "path": "PipelineStack/Pipeline", + "children": { + "Pipeline": { + "id": "Pipeline", + "path": "PipelineStack/Pipeline/Pipeline", + "children": { + "ArtifactsBucketEncryptionKey": { + "id": "ArtifactsBucketEncryptionKey", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKey", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKey/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KMS::Key", + "aws:cdk:cloudformation:props": { + "keyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "enableKeyRotation": true + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.CfnKey", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.Key", + "version": "0.0.0" + } + }, + "ArtifactsBucketEncryptionKeyAlias": { + "id": "ArtifactsBucketEncryptionKeyAlias", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKeyAlias", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucketEncryptionKeyAlias/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KMS::Alias", + "aws:cdk:cloudformation:props": { + "aliasName": "alias/codepipeline-pipelinestack-pipeline-e95eedaa", + "targetKeyId": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.CfnAlias", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.Alias", + "version": "0.0.0" + } + }, + "ArtifactsBucket": { + "id": "ArtifactsBucket", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucket", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucket/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": { + "bucketEncryption": { + "serverSideEncryptionConfiguration": [ + { + "serverSideEncryptionByDefault": { + "sseAlgorithm": "aws:kms", + "kmsMasterKeyId": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + } + ] + }, + "publicAccessBlockConfiguration": { + "blockPublicAcls": true, + "blockPublicPolicy": true, + "ignorePublicAcls": true, + "restrictPublicBuckets": true + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.CfnBucket", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucket/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/ArtifactsBucket/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::BucketPolicy", + "aws:cdk:cloudformation:props": { + "bucket": { + "Ref": "PipelineArtifactsBucketAEA9A052" + }, + "policyDocument": { + "Statement": [ + { + "Action": "s3:*", + "Condition": { + "Bool": { + "aws:SecureTransport": "false" + } + }, + "Effect": "Deny", + "Principal": { + "AWS": "*" + }, + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.CfnBucketPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.Bucket", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/Pipeline/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/Pipeline/Role/ImportRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codepipeline.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + }, + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineRoleDefaultPolicy7BDC1ABB", + "roles": [ + { + "Ref": "PipelineRoleB27FAA37" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodePipeline::Pipeline", + "aws:cdk:cloudformation:props": { + "roleArn": { + "Fn::GetAtt": [ + "PipelineRoleB27FAA37", + "Arn" + ] + }, + "stages": [ + { + "name": "Source", + "actions": [ + { + "name": "tkglaser_cdk-pipelines-demo", + "outputArtifacts": [ + { + "name": "tkglaser_cdk_pipelines_demo_Source" + } + ], + "actionTypeId": { + "category": "Source", + "version": "1", + "owner": "ThirdParty", + "provider": "GitHub" + }, + "configuration": { + "Owner": "tkglaser", + "Repo": "cdk-pipelines-demo", + "Branch": "main", + "OAuthToken": "{{resolve:secretsmanager:github-token:SecretString:::}}", + "PollForSourceChanges": false + }, + "runOrder": 1 + } + ] + }, + { + "name": "Build", + "actions": [ + { + "name": "Synth", + "inputArtifacts": [ + { + "name": "tkglaser_cdk_pipelines_demo_Source" + } + ], + "outputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Build", + "version": "1", + "owner": "AWS", + "provider": "CodeBuild" + }, + "configuration": { + "ProjectName": { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"00ebacfb32b1bde8d3638577308e7b7144dfa3b0a58a83bc6ff38a3b1f26951c\"}]" + }, + "runOrder": 1, + "roleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + } + } + ] + }, + { + "name": "UpdatePipeline", + "actions": [ + { + "name": "SelfMutate", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Build", + "version": "1", + "owner": "AWS", + "provider": "CodeBuild" + }, + "configuration": { + "ProjectName": { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "EnvironmentVariables": "[{\"name\":\"_PROJECT_CONFIG_HASH\",\"type\":\"PLAINTEXT\",\"value\":\"c0779bd925c3a7f19be75a4973c668d10d00ce3552b882c7d2ba3fa3cee6d976\"}]" + }, + "runOrder": 1, + "roleArn": { + "Fn::GetAtt": [ + "PipelineCodeBuildActionRole226DB0CB", + "Arn" + ] + } + } + ] + }, + { + "name": "Beta", + "actions": [ + { + "name": "Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Beta-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Beta/PipelineStackBetaStack1E6541489.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Beta-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Beta-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Beta/PipelineStackBetaStack2C79AD00A.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Beta-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + } + ] + }, + { + "name": "Wave1", + "actions": [ + { + "name": "Prod1.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod1-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod1/PipelineStackProd1Stack14013D698.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod2.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod2-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod2/PipelineStackProd2Stack1FD464162.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod1.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod1-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod2.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod2-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod1.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod1-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod1/PipelineStackProd1Stack2F0681AFF.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod2.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod2-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod2/PipelineStackProd2Stack2176123EB.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod1.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod1-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod2.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod2-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + } + ] + }, + { + "name": "Wave2", + "actions": [ + { + "name": "Prod3.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod3-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod3/PipelineStackProd3Stack1795F3D43.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod4.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod4-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod4/PipelineStackProd4Stack118F74ADB.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod5.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod5-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod5/PipelineStackProd5Stack1E7E4E4C6.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod6.Stack1.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod6-Stack1", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod6/PipelineStackProd6Stack1E7C34314.template.json" + }, + "runOrder": 1, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod3.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod3-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod4.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod4-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod5.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod5-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod6.Stack1.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod6-Stack1", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 2, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod3.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod3-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod3/PipelineStackProd3Stack2DFBBA0B2.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod4.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod4-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod4/PipelineStackProd4Stack2E2CB4ED3.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod5.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod5-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod5/PipelineStackProd5Stack2C39BEE5B.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod6.Stack2.Prepare", + "inputArtifacts": [ + { + "name": "Synth_Output" + } + ], + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod6-Stack2", + "Capabilities": "CAPABILITY_NAMED_IAM,CAPABILITY_AUTO_EXPAND", + "RoleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-cfn-exec-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + }, + "ActionMode": "CHANGE_SET_REPLACE", + "ChangeSetName": "PipelineChange", + "TemplatePath": "Synth_Output::assembly-PipelineStack-Prod6/PipelineStackProd6Stack2BED1BBCE.template.json" + }, + "runOrder": 3, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod3.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod3-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod4.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod4-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod5.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod5-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + }, + { + "name": "Prod6.Stack2.Deploy", + "actionTypeId": { + "category": "Deploy", + "version": "1", + "owner": "AWS", + "provider": "CloudFormation" + }, + "configuration": { + "StackName": "Prod6-Stack2", + "ActionMode": "CHANGE_SET_EXECUTE", + "ChangeSetName": "PipelineChange" + }, + "runOrder": 4, + "roleArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/cdk-hnb659fds-deploy-role-", + { + "Ref": "AWS::AccountId" + }, + "-", + { + "Ref": "AWS::Region" + } + ] + ] + } + } + ] + } + ], + "artifactStore": { + "type": "S3", + "location": { + "Ref": "PipelineArtifactsBucketAEA9A052" + }, + "encryptionKey": { + "type": "KMS", + "id": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + }, + "restartExecutionOnUpdate": true + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codepipeline.CfnPipeline", + "version": "0.0.0" + } + }, + "Source": { + "id": "Source", + "path": "PipelineStack/Pipeline/Pipeline/Source", + "children": { + "tkglaser_cdk-pipelines-demo": { + "id": "tkglaser_cdk-pipelines-demo", + "path": "PipelineStack/Pipeline/Pipeline/Source/tkglaser_cdk-pipelines-demo", + "children": { + "WebhookResource": { + "id": "WebhookResource", + "path": "PipelineStack/Pipeline/Pipeline/Source/tkglaser_cdk-pipelines-demo/WebhookResource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodePipeline::Webhook", + "aws:cdk:cloudformation:props": { + "authentication": "GITHUB_HMAC", + "authenticationConfiguration": { + "secretToken": "{{resolve:secretsmanager:github-token:SecretString:::}}" + }, + "filters": [ + { + "jsonPath": "$.ref", + "matchEquals": "refs/heads/{Branch}" + } + ], + "targetAction": "tkglaser_cdk-pipelines-demo", + "targetPipeline": { + "Ref": "Pipeline9850B417" + }, + "targetPipelineVersion": 1, + "registerWithThirdParty": true + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codepipeline.CfnWebhook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Build": { + "id": "Build", + "path": "PipelineStack/Pipeline/Pipeline/Build", + "children": { + "Synth": { + "id": "Synth", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth", + "children": { + "CdkBuildProject": { + "id": "CdkBuildProject", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject", + "children": { + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/ImportRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":codebuild:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineBuildSynthCdkBuildProject6BEFA8E6" + }, + "-*" + ] + ] + } + }, + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineBuildSynthCdkBuildProjectRoleDefaultPolicyFB6C941C", + "roles": [ + { + "Ref": "PipelineBuildSynthCdkBuildProjectRole231EEA2A" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/Pipeline/Build/Synth/CdkBuildProject/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodeBuild::Project", + "aws:cdk:cloudformation:props": { + "artifacts": { + "type": "CODEPIPELINE" + }, + "environment": { + "type": "LINUX_CONTAINER", + "image": "aws/codebuild/standard:5.0", + "imagePullCredentialsType": "CODEBUILD", + "privilegedMode": false, + "computeType": "BUILD_GENERAL1_SMALL" + }, + "serviceRole": { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProjectRole231EEA2A", + "Arn" + ] + }, + "source": { + "type": "CODEPIPELINE", + "buildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"build\": {\n \"commands\": [\n \"npm ci\",\n \"npm run build\",\n \"npx cdk synth\"\n ]\n }\n },\n \"artifacts\": {\n \"base-directory\": \"cdk.out\",\n \"files\": \"**/*\"\n }\n}" + }, + "cache": { + "type": "NO_CACHE" + }, + "description": "Pipeline step PipelineStack/Pipeline/Build/Synth", + "encryptionKey": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codebuild.CfnProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codebuild.PipelineProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "UpdatePipeline": { + "id": "UpdatePipeline", + "path": "PipelineStack/Pipeline/Pipeline/UpdatePipeline", + "children": { + "SelfMutate": { + "id": "SelfMutate", + "path": "PipelineStack/Pipeline/Pipeline/UpdatePipeline/SelfMutate", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Beta": { + "id": "Beta", + "path": "PipelineStack/Pipeline/Pipeline/Beta", + "children": { + "Stack1.Prepare": { + "id": "Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Beta/Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Stack1.Deploy": { + "id": "Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Beta/Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Stack2.Prepare": { + "id": "Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Beta/Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Stack2.Deploy": { + "id": "Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Beta/Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "children": { + "8389e75f-0810-4838-bf64-d6f85a95cf83": { + "id": "8389e75f-0810-4838-bf64-d6f85a95cf83", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}/8389e75f-0810-4838-bf64-d6f85a95cf83", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}": { + "id": "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "path": "PipelineStack/Pipeline/Pipeline/MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}": { + "id": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "path": "PipelineStack/Pipeline/Pipeline/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Wave1": { + "id": "Wave1", + "path": "PipelineStack/Pipeline/Pipeline/Wave1", + "children": { + "Prod1.Stack1.Prepare": { + "id": "Prod1.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod1.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod2.Stack1.Prepare": { + "id": "Prod2.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod2.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod1.Stack1.Deploy": { + "id": "Prod1.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod1.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod2.Stack1.Deploy": { + "id": "Prod2.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod2.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod1.Stack2.Prepare": { + "id": "Prod1.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod1.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod2.Stack2.Prepare": { + "id": "Prod2.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod2.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod1.Stack2.Deploy": { + "id": "Prod1.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod1.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod2.Stack2.Deploy": { + "id": "Prod2.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave1/Prod2.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Wave2": { + "id": "Wave2", + "path": "PipelineStack/Pipeline/Pipeline/Wave2", + "children": { + "Prod3.Stack1.Prepare": { + "id": "Prod3.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod3.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod4.Stack1.Prepare": { + "id": "Prod4.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod4.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod5.Stack1.Prepare": { + "id": "Prod5.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod5.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod6.Stack1.Prepare": { + "id": "Prod6.Stack1.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod6.Stack1.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod3.Stack1.Deploy": { + "id": "Prod3.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod3.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod4.Stack1.Deploy": { + "id": "Prod4.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod4.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod5.Stack1.Deploy": { + "id": "Prod5.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod5.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod6.Stack1.Deploy": { + "id": "Prod6.Stack1.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod6.Stack1.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod3.Stack2.Prepare": { + "id": "Prod3.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod3.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod4.Stack2.Prepare": { + "id": "Prod4.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod4.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod5.Stack2.Prepare": { + "id": "Prod5.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod5.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod6.Stack2.Prepare": { + "id": "Prod6.Stack2.Prepare", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod6.Stack2.Prepare", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod3.Stack2.Deploy": { + "id": "Prod3.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod3.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod4.Stack2.Deploy": { + "id": "Prod4.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod4.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod5.Stack2.Deploy": { + "id": "Prod5.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod5.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "Prod6.Stack2.Deploy": { + "id": "Prod6.Stack2.Deploy", + "path": "PipelineStack/Pipeline/Pipeline/Wave2/Prod6.Stack2.Deploy", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codepipeline.Pipeline", + "version": "0.0.0" + } + }, + "CodeBuildActionRole": { + "id": "CodeBuildActionRole", + "path": "PipelineStack/Pipeline/CodeBuildActionRole", + "children": { + "ImportCodeBuildActionRole": { + "id": "ImportCodeBuildActionRole", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/ImportCodeBuildActionRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Condition": { + "Bool": { + "aws:ViaAWSService": "codepipeline.amazonaws.com" + } + }, + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/CodeBuildActionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "codebuild:BatchGetBuilds", + "codebuild:StartBuild", + "codebuild:StopBuild" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineBuildSynthCdkBuildProject6BEFA8E6", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationDAA41400", + "Arn" + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineCodeBuildActionRoleDefaultPolicy1D62A6FE", + "roles": [ + { + "Ref": "PipelineCodeBuildActionRole226DB0CB" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "UpdatePipeline": { + "id": "UpdatePipeline", + "path": "PipelineStack/Pipeline/UpdatePipeline", + "children": { + "SelfMutation": { + "id": "SelfMutation", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation", + "children": { + "Role": { + "id": "Role", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/ImportRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/codebuild/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + } + ] + ] + } + ] + }, + { + "Action": [ + "codebuild:BatchPutCodeCoverages", + "codebuild:BatchPutTestCases", + "codebuild:CreateReport", + "codebuild:CreateReportGroup", + "codebuild:UpdateReport" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":codebuild:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":report-group/", + { + "Ref": "PipelineUpdatePipelineSelfMutationDAA41400" + }, + "-*" + ] + ] + } + }, + { + "Action": "sts:AssumeRole", + "Condition": { + "ForAnyValue:StringEquals": { + "iam:ResourceTag/aws-cdk:bootstrap-role": [ + "image-publishing", + "file-publishing", + "deploy" + ] + } + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:*:iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/*" + ] + ] + } + }, + { + "Action": [ + "cloudformation:DescribeStacks", + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "PipelineArtifactsBucketAEA9A052", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "PipelineUpdatePipelineSelfMutationRoleDefaultPolicyA225DA4E", + "roles": [ + { + "Ref": "PipelineUpdatePipelineSelfMutationRole57E559E8" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "PipelineStack/Pipeline/UpdatePipeline/SelfMutation/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CodeBuild::Project", + "aws:cdk:cloudformation:props": { + "artifacts": { + "type": "CODEPIPELINE" + }, + "environment": { + "type": "LINUX_CONTAINER", + "image": "aws/codebuild/standard:5.0", + "imagePullCredentialsType": "CODEBUILD", + "privilegedMode": false, + "computeType": "BUILD_GENERAL1_SMALL" + }, + "serviceRole": { + "Fn::GetAtt": [ + "PipelineUpdatePipelineSelfMutationRole57E559E8", + "Arn" + ] + }, + "source": { + "type": "CODEPIPELINE", + "buildSpec": "{\n \"version\": \"0.2\",\n \"phases\": {\n \"install\": {\n \"commands\": [\n \"npm install -g aws-cdk@1\"\n ]\n },\n \"build\": {\n \"commands\": [\n \"cdk -a . deploy PipelineStack --require-approval=never --verbose\"\n ]\n }\n }\n}" + }, + "cache": { + "type": "NO_CACHE" + }, + "description": "Pipeline step PipelineStack/Pipeline/UpdatePipeline/SelfMutate", + "encryptionKey": { + "Fn::GetAtt": [ + "PipelineArtifactsBucketEncryptionKeyF5BF0670", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codebuild.CfnProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-codebuild.PipelineProject", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/pipelines.CodePipeline", + "version": "0.0.0" + } + }, + "Beta": { + "id": "Beta", + "path": "PipelineStack/Beta", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Beta/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Beta/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Beta/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Beta/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Beta/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Beta/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Beta/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Beta/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Beta/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Beta/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Beta-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Beta/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Beta/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod1": { + "id": "Prod1", + "path": "PipelineStack/Prod1", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod1/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod1/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod1/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod1/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod1/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod1/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod1/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod1/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod1/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod1/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod1-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod1/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod1/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod2": { + "id": "Prod2", + "path": "PipelineStack/Prod2", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod2/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod2/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod2/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod2/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod2/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod2/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod2/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod2/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod2/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod2/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod2-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod2/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod2/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod3": { + "id": "Prod3", + "path": "PipelineStack/Prod3", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod3/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod3/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod3/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod3/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod3/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod3/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod3/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod3/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod3/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod3/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod3-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod3/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod3/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod4": { + "id": "Prod4", + "path": "PipelineStack/Prod4", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod4/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod4/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod4/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod4/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod4/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod4/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod4/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod4/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod4/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod4/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod4-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod4/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod4/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod5": { + "id": "Prod5", + "path": "PipelineStack/Prod5", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod5/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod5/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod5/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod5/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod5/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod5/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod5/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod5/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod5/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod5/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod5-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod5/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod5/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "Prod6": { + "id": "Prod6", + "path": "PipelineStack/Prod6", + "children": { + "Stack1": { + "id": "Stack1", + "path": "PipelineStack/Prod6/Stack1", + "children": { + "Queue": { + "id": "Queue", + "path": "PipelineStack/Prod6/Stack1/Queue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod6/Stack1/Queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "Exports": { + "id": "Exports", + "path": "PipelineStack/Prod6/Stack1/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "path": "PipelineStack/Prod6/Stack1/Exports/Output{\"Fn::GetAtt\":[\"Queue4A7E3555\",\"Arn\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod6/Stack1/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod6/Stack1/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Stack2": { + "id": "Stack2", + "path": "PipelineStack/Prod6/Stack2", + "children": { + "OtherQueue": { + "id": "OtherQueue", + "path": "PipelineStack/Prod6/Stack2/OtherQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "PipelineStack/Prod6/Stack2/OtherQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": { + "redrivePolicy": { + "deadLetterTargetArn": { + "Fn::ImportValue": "Prod6-Stack1:ExportsOutputFnGetAttQueue4A7E3555Arn15A7202E" + }, + "maxReceiveCount": 5 + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/Prod6/Stack2/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/Prod6/Stack2/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stage", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "PipelineStack/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "PipelineStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "LambdaTest": { + "id": "LambdaTest", + "path": "LambdaTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "LambdaTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "LambdaTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "LambdaTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "LambdaTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "LambdaTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.189" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts index dbd9870514d98..de43f5d73794f 100644 --- a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts @@ -15,7 +15,7 @@ class PipelineStack extends Stack { crossAccountKeys: true, enableKeyRotation: true, synth: new pipelines.ShellStep('Synth', { - input: pipelines.CodePipelineSource.gitHub('rix0rrr/cdk-pipelines-demo', 'main'), + input: pipelines.CodePipelineSource.gitHub('tkglaser/cdk-pipelines-demo', 'main'), commands: [ 'npm ci', 'npm run build', From 1d5978c08a39eac3e9fdd8166193c7f08966b838 Mon Sep 17 00:00:00 2001 From: Thomas Glaser Date: Thu, 12 Jan 2023 09:30:04 +0000 Subject: [PATCH 4/5] added a check and more unit tests. Minor cleanup in integ --- .../lib/codepipeline/codepipeline.ts | 3 ++ .../test/codepipeline/codepipeline.test.ts | 47 +++++++++++++++++-- ...teg.newpipeline-with-cross-account-keys.ts | 2 - 3 files changed, 45 insertions(+), 7 deletions(-) diff --git a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts index 06f8f9832235a..5fae734d240df 100644 --- a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts +++ b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts @@ -391,6 +391,9 @@ export class CodePipeline extends PipelineBase { if (this.props.crossAccountKeys !== undefined) { throw new Error('Cannot set \'crossAccountKeys\' if an existing CodePipeline is given using \'codePipeline\''); } + if (this.props.enableKeyRotation !== undefined) { + throw new Error('Cannot set \'enableKeyRotation\' if an existing CodePipeline is given using \'codePipeline\''); + } if (this.props.reuseCrossRegionSupportStacks !== undefined) { throw new Error('Cannot set \'reuseCrossRegionSupportStacks\' if an existing CodePipeline is given using \'codePipeline\''); } diff --git a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts index 7c4bfa45d411a..a4328e72130c8 100644 --- a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts +++ b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts @@ -81,6 +81,11 @@ describe('Providing codePipeline parameter and prop(s) of codePipeline parameter pipelineName: 'randomName', }).create()).toThrowError('Cannot set \'pipelineName\' if an existing CodePipeline is given using \'codePipeline\''); }); + test('Providing codePipeline parameter and enableKeyRotation parameter should throw error', () => { + expect(() => new CodePipelinePropsCheckTest(app, 'CodePipeline', { + enableKeyRotation: true, + }).create()).toThrowError('Cannot set \'enableKeyRotation\' if an existing CodePipeline is given using \'codePipeline\''); + }); test('Providing codePipeline parameter and crossAccountKeys parameter should throw error', () => { expect(() => new CodePipelinePropsCheckTest(app, 'CodePipeline', { crossAccountKeys: true, @@ -192,6 +197,30 @@ test('CodeBuild action role has the right AssumeRolePolicyDocument', () => { }); }); +test('CodePipeline throws when key rotation is enabled without enabling cross account keys', ()=>{ + const pipelineStack = new cdk.Stack(app, 'PipelineStack', { env: PIPELINE_ENV }); + const repo = new ccommit.Repository(pipelineStack, 'Repo', { + repositoryName: 'MyRepo', + }); + const cdkInput = cdkp.CodePipelineSource.codeCommit( + repo, + 'main', + ); + + expect(() => new CodePipeline(pipelineStack, 'Pipeline', { + enableKeyRotation: true, + synth: new cdkp.ShellStep('Synth', { + input: cdkInput, + installCommands: ['npm ci'], + commands: [ + 'npm run build', + 'npx cdk synth', + ], + }), + }).buildPipeline()).toThrowError('Setting \'enableKeyRotation\' to true also requires \'crossAccountKeys\' to be enabled'); +}); + + test('CodePipeline enables key rotation on cross account keys', ()=>{ const pipelineStack = new cdk.Stack(app, 'PipelineStack', { env: PIPELINE_ENV }); const repo = new ccommit.Repository(pipelineStack, 'Repo', { @@ -388,6 +417,7 @@ class ReuseStack extends cdk.Stack { interface CodePipelineStackProps extends cdk.StackProps { pipelineName?: string; crossAccountKeys?: boolean; + enableKeyRotation?: boolean; reuseCrossRegionSupportStacks?: boolean; role?: iam.IRole; } @@ -409,21 +439,28 @@ class CodePipelinePropsCheckTest extends cdk.Stack { if (this.cProps.crossAccountKeys !== undefined) { new cdkp.CodePipeline(this, 'CodePipeline2', { crossAccountKeys: this.cProps.crossAccountKeys, - codePipeline: new Pipeline(this, 'Pipline2'), + codePipeline: new Pipeline(this, 'Pipeline2'), synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), }).buildPipeline(); } - if (this.cProps.reuseCrossRegionSupportStacks !== undefined) { + if (this.cProps.enableKeyRotation !== undefined) { new cdkp.CodePipeline(this, 'CodePipeline3', { + enableKeyRotation: this.cProps.enableKeyRotation, + codePipeline: new Pipeline(this, 'Pipeline3'), + synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), + }).buildPipeline(); + } + if (this.cProps.reuseCrossRegionSupportStacks !== undefined) { + new cdkp.CodePipeline(this, 'CodePipeline4', { reuseCrossRegionSupportStacks: this.cProps.reuseCrossRegionSupportStacks, - codePipeline: new Pipeline(this, 'Pipline3'), + codePipeline: new Pipeline(this, 'Pipeline4'), synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), }).buildPipeline(); } if (this.cProps.role !== undefined) { - new cdkp.CodePipeline(this, 'CodePipeline4', { + new cdkp.CodePipeline(this, 'CodePipeline5', { role: this.cProps.role, - codePipeline: new Pipeline(this, 'Pipline4'), + codePipeline: new Pipeline(this, 'Pipeline5'), synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), }).buildPipeline(); } diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts index de43f5d73794f..78ff654e7ae11 100644 --- a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts @@ -1,5 +1,3 @@ -// eslint-disable-next-line import/no-extraneous-dependencies -/// !cdk-integ PipelineStack pragma:set-context:@aws-cdk/core:newStyleStackSynthesis=true import * as sqs from '@aws-cdk/aws-sqs'; import { App, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core'; import * as integ from '@aws-cdk/integ-tests'; From 6147bf00cfc89ef53bcc6aaff5a1606877efbca3 Mon Sep 17 00:00:00 2001 From: Thomas Glaser Date: Thu, 12 Jan 2023 09:40:16 +0000 Subject: [PATCH 5/5] missed a spot --- .../test/integ.newpipeline-with-cross-account-keys.ts | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts index 78ff654e7ae11..de79adf2b5081 100644 --- a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-cross-account-keys.ts @@ -53,11 +53,7 @@ class AppStage extends Stage { } } -const app = new App({ - context: { - '@aws-cdk/core:newStyleStackSynthesis': '1', - }, -}); +const app = new App(); const stack = new PipelineStack(app, 'PipelineStack');