diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.assets.json index d4b1f12495f76..724906e38d748 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.assets.json @@ -1,15 +1,16 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { - "aa659f3038709e8265260133391fa9c56b4b9a2f8ae0d1a5fc85cd22f7d6199e": { + "5de8a2cdbbde73660dd750a88c3b38c37d6e193be15b2be866a2c85b8b55ef2b": { + "displayName": "aws-cdk-docdb-cluster-rotation Template", "source": { "path": "aws-cdk-docdb-cluster-rotation.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-b5b8a286": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "aa659f3038709e8265260133391fa9c56b4b9a2f8ae0d1a5fc85cd22f7d6199e.json", + "objectKey": "5de8a2cdbbde73660dd750a88c3b38c37d6e193be15b2be866a2c85b8b55ef2b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json index d5b6335392acc..05eaf65727209 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json @@ -691,7 +691,7 @@ "DatabaseRotationSingleUserSARMapping9AEB3E55": { "aws": { "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerMongoDBRotationSingleUser", - "semanticVersion": "1.1.367" + "semanticVersion": "1.1.618" }, "aws-cn": { "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerMongoDBRotationSingleUser", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/cdk.out index c6e612584e352..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"38.0.1"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/integ.json index d02b3aac73566..6afb214fc065c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "testCases": { "integ.cluster-rotation.lit": { "stacks": [ @@ -10,5 +10,6 @@ } }, "synthContext": {}, - "enableLookups": false + "enableLookups": false, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/manifest.json index c830049d77101..0118db9d5516c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "artifacts": { "aws-cdk-docdb-cluster-rotation.assets": { "type": "cdk:asset-manifest", @@ -16,10 +16,9 @@ "templateFile": "aws-cdk-docdb-cluster-rotation.template.json", "terminationProtection": false, "validateOnSynth": false, - "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/aa659f3038709e8265260133391fa9c56b4b9a2f8ae0d1a5fc85cd22f7d6199e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/5de8a2cdbbde73660dd750a88c3b38c37d6e193be15b2be866a2c85b8b55ef2b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -35,12 +34,56 @@ "aws-cdk-docdb-cluster-rotation.assets" ], "metadata": { + "/aws-cdk-docdb-cluster-rotation/VPC": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "restrictDefaultSecurityGroup": false + } + } + ], "/aws-cdk-docdb-cluster-rotation/VPC/Resource": [ { "type": "aws:cdk:logicalId", "data": "VPCB9E5F0B4" } ], + "/aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], "/aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -77,6 +120,42 @@ "data": "VPCPublicSubnet1NATGatewayE0556630" } ], + "/aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], "/aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -113,6 +192,34 @@ "data": "VPCPublicSubnet2NATGateway3C070193" } ], + "/aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -137,6 +244,34 @@ "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" } ], + "/aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -173,12 +308,51 @@ "data": "VPCVPCGW99B986DC" } ], + "/aws-cdk-docdb-cluster-rotation/Database": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "masterUser": { + "username": "*" + }, + "instanceType": "*", + "vpc": "*", + "removalPolicy": "destroy" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addRotationSingleUser": [] + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/Subnets": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSubnets56F17B9A" } ], + "/aws-cdk-docdb-cluster-rotation/Database/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "description": "*", + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -191,24 +365,78 @@ "data": "DatabaseSecurityGroupfromawscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224IndirectPortE14845D7" } ], + "/aws-cdk-docdb-cluster-rotation/Database/Secret": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secretName": "*", + "encryptionKey": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "username": "*", + "encryptionKey": "*", + "excludeCharacters": "*", + "secretName": "*" + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/Secret/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecret3B817195" } ], + "/aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "target": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToResourcePolicy": [ + {} + ] + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecretAttachmentE5D1B020" } ], + "/aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "rotationLambda": "*", + "automaticallyAfter": "*", + "rotateImmediatelyOnUpdate": "*" + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecretAttachmentRotationScheduleA4E9F034" } ], + "/aws-cdk-docdb-cluster-rotation/Database/Secret/Policy": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*" + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/Secret/Policy/Resource": [ { "type": "aws:cdk:logicalId", @@ -227,6 +455,25 @@ "data": "DatabaseInstance1844F58FD" } ], + "/aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], "/aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -265,6 +512,485 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json index aa81bae5504b2..8deb44e88b2a2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json @@ -1,1152 +1 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "aws-cdk-docdb-cluster-rotation": { - "id": "aws-cdk-docdb-cluster-rotation", - "path": "aws-cdk-docdb-cluster-rotation", - "children": { - "VPC": { - "id": "VPC", - "path": "aws-cdk-docdb-cluster-rotation/VPC", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/VPC/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", - "version": "0.0.0" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet1EIP6AD938E8", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet1NATGatewayE0556630" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "IGW": { - "id": "IGW", - "path": "aws-cdk-docdb-cluster-rotation/VPC/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-docdb-cluster-rotation/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "aws-cdk-docdb-cluster-rotation/VPC/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.Vpc", - "version": "0.0.0" - } - }, - "Database": { - "id": "Database", - "path": "aws-cdk-docdb-cluster-rotation/Database", - "children": { - "Subnets": { - "id": "Subnets", - "path": "aws-cdk-docdb-cluster-rotation/Database/Subnets", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::DocDB::DBSubnetGroup", - "aws:cdk:cloudformation:props": { - "dbSubnetGroupDescription": "Subnets for Database database", - "subnetIds": [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_docdb.CfnDBSubnetGroup", - "version": "0.0.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-docdb-cluster-rotation/Database/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "DocumentDB security group", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - }, - "from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}": { - "id": "from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}", - "path": "aws-cdk-docdb-cluster-rotation/Database/SecurityGroup/from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "description": "from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}", - "fromPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Port" - ] - }, - "groupId": { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "sourceSecurityGroupId": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUserSecurityGroupAC6E0E73", - "GroupId" - ] - }, - "toPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Port" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "Secret": { - "id": "Secret", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", - "aws:cdk:cloudformation:props": { - "description": { - "Fn::Join": [ - "", - [ - "Generated by the CDK for stack: ", - { - "Ref": "AWS::StackName" - } - ] - ] - }, - "generateSecretString": { - "passwordLength": 41, - "secretStringTemplate": "{\"username\":\"docdb\"}", - "generateStringKey": "password", - "excludeCharacters": "\"@/" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", - "version": "0.0.0" - } - }, - "Attachment": { - "id": "Attachment", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", - "aws:cdk:cloudformation:props": { - "secretId": { - "Ref": "DatabaseSecret3B817195" - }, - "targetId": { - "Ref": "DatabaseB269D8BB" - }, - "targetType": "AWS::DocDB::DBCluster" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", - "version": "0.0.0" - } - }, - "RotationSchedule": { - "id": "RotationSchedule", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::RotationSchedule", - "aws:cdk:cloudformation:props": { - "rotationLambdaArn": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUser65F55654", - "Outputs.RotationLambdaARN" - ] - }, - "rotationRules": { - "scheduleExpression": "rate(30 days)" - }, - "secretId": { - "Ref": "DatabaseSecretAttachmentE5D1B020" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.RotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", - "version": "0.0.0" - } - }, - "Policy": { - "id": "Policy", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Policy", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Policy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy", - "aws:cdk:cloudformation:props": { - "resourcePolicy": { - "Statement": [ - { - "Action": "secretsmanager:DeleteSecret", - "Effect": "Deny", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "secretId": { - "Ref": "DatabaseSecret3B817195" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.ResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_docdb.DatabaseSecret", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::DocDB::DBCluster", - "aws:cdk:cloudformation:props": { - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "masterUsername": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "DatabaseSecret3B817195" - }, - ":SecretString:username::}}" - ] - ] - }, - "masterUserPassword": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "DatabaseSecret3B817195" - }, - ":SecretString:password::}}" - ] - ] - }, - "storageEncrypted": true, - "vpcSecurityGroupIds": [ - { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_docdb.CfnDBCluster", - "version": "0.0.0" - } - }, - "Instance1": { - "id": "Instance1", - "path": "aws-cdk-docdb-cluster-rotation/Database/Instance1", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::DocDB::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.r5.large" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_docdb.CfnDBInstance", - "version": "0.0.0" - } - }, - "RotationSingleUser": { - "id": "RotationSingleUser", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser", - "children": { - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "SARMapping": { - "id": "SARMapping", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SARMapping", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnMapping", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Serverless::Application", - "aws:cdk:cloudformation:props": { - "location": { - "applicationId": { - "Fn::FindInMap": [ - "DatabaseRotationSingleUserSARMapping9AEB3E55", - { - "Ref": "AWS::Partition" - }, - "applicationId" - ] - }, - "semanticVersion": { - "Fn::FindInMap": [ - "DatabaseRotationSingleUserSARMapping9AEB3E55", - { - "Ref": "AWS::Partition" - }, - "semanticVersion" - ] - } - }, - "parameters": { - "endpoint": { - "Fn::Join": [ - "", - [ - "https://secretsmanager.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - }, - "functionName": "awscdkdocdbclusterrotationDatabaseRotationSingleUser7DAE65BE", - "vpcSubnetIds": { - "Fn::Join": [ - "", - [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - ",", - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - ] - }, - "vpcSecurityGroupIds": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUserSecurityGroupAC6E0E73", - "GroupId" - ] - }, - "excludeCharacters": "\"@/" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sam.CfnApplication", - "version": "0.0.0" - } - }, - "RotationLambda": { - "id": "RotationLambda", - "path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/RotationLambda", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.FunctionBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretRotation", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_docdb.DatabaseCluster", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "aws-cdk-docdb-cluster-rotation/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "aws-cdk-docdb-cluster-rotation/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-docdb-cluster-rotation":{"id":"aws-cdk-docdb-cluster-rotation","path":"aws-cdk-docdb-cluster-rotation","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"VPC":{"id":"VPC","path":"aws-cdk-docdb-cluster-rotation/VPC","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/VPC/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"}}}},"EIP":{"id":"EIP","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet1EIP6AD938E8","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"},"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"}}}},"EIP":{"id":"EIP","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet2EIP4947BC00","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"},"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"},"subnetId":{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet1NATGatewayE0556630"},"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"},"subnetId":{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet2NATGateway3C070193"},"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-docdb-cluster-rotation/VPC/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-docdb-cluster-rotation/VPC"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-docdb-cluster-rotation/VPC/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VPCIGWB7E252D3"},"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Database":{"id":"Database","path":"aws-cdk-docdb-cluster-rotation/Database","constructInfo":{"fqn":"aws-cdk-lib.aws_docdb.DatabaseCluster","version":"0.0.0","metadata":[{"masterUser":{"username":"*"},"instanceType":"*","vpc":"*","removalPolicy":"destroy"},{"addRotationSingleUser":[]}]},"children":{"Subnets":{"id":"Subnets","path":"aws-cdk-docdb-cluster-rotation/Database/Subnets","constructInfo":{"fqn":"aws-cdk-lib.aws_docdb.CfnDBSubnetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::DocDB::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnets for Database database","subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-docdb-cluster-rotation/Database/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"DocumentDB security group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}":{"id":"from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}","path":"aws-cdk-docdb-cluster-rotation/Database/SecurityGroup/from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"from awscdkdocdbclusterrotationDatabaseRotationSingleUserSecurityGroupBF39D224:{IndirectPort}","fromPort":{"Fn::GetAtt":["DatabaseB269D8BB","Port"]},"groupId":{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["DatabaseRotationSingleUserSecurityGroupAC6E0E73","GroupId"]},"toPort":{"Fn::GetAtt":["DatabaseB269D8BB","Port"]}}}}}},"Secret":{"id":"Secret","path":"aws-cdk-docdb-cluster-rotation/Database/Secret","constructInfo":{"fqn":"aws-cdk-lib.aws_docdb.DatabaseSecret","version":"0.0.0","metadata":[{"secretName":"*","encryptionKey":"*"},{"username":"*","encryptionKey":"*","excludeCharacters":"*","secretName":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecret","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::Secret","aws:cdk:cloudformation:props":{"description":{"Fn::Join":["",["Generated by the CDK for stack: ",{"Ref":"AWS::StackName"}]]},"generateSecretString":{"passwordLength":41,"secretStringTemplate":"{\"username\":\"docdb\"}","generateStringKey":"password","excludeCharacters":"\"@/"}}}},"Attachment":{"id":"Attachment","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment","version":"0.0.0","metadata":[{"secret":"*","target":"*"},{"addToResourcePolicy":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::SecretTargetAttachment","aws:cdk:cloudformation:props":{"secretId":{"Ref":"DatabaseSecret3B817195"},"targetId":{"Ref":"DatabaseB269D8BB"},"targetType":"AWS::DocDB::DBCluster"}}},"RotationSchedule":{"id":"RotationSchedule","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.RotationSchedule","version":"0.0.0","metadata":[{"secret":"*","rotationLambda":"*","automaticallyAfter":"*","rotateImmediatelyOnUpdate":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::RotationSchedule","aws:cdk:cloudformation:props":{"rotationLambdaArn":{"Fn::GetAtt":["DatabaseRotationSingleUser65F55654","Outputs.RotationLambdaARN"]},"rotationRules":{"scheduleExpression":"rate(30 days)"},"secretId":{"Ref":"DatabaseSecretAttachmentE5D1B020"}}}}}}}},"Policy":{"id":"Policy","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.ResourcePolicy","version":"0.0.0","metadata":[{"secret":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/Secret/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::ResourcePolicy","aws:cdk:cloudformation:props":{"resourcePolicy":{"Statement":[{"Action":"secretsmanager:DeleteSecret","Effect":"Deny","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"},"secretId":{"Ref":"DatabaseSecret3B817195"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_docdb.CfnDBCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::DocDB::DBCluster","aws:cdk:cloudformation:props":{"dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"masterUsername":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"DatabaseSecret3B817195"},":SecretString:username::}}"]]},"masterUserPassword":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"DatabaseSecret3B817195"},":SecretString:password::}}"]]},"storageEncrypted":true,"vpcSecurityGroupIds":[{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]}]}}},"Instance1":{"id":"Instance1","path":"aws-cdk-docdb-cluster-rotation/Database/Instance1","constructInfo":{"fqn":"aws-cdk-lib.aws_docdb.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::DocDB::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.r5.large"}}},"RotationSingleUser":{"id":"RotationSingleUser","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretRotation","version":"0.0.0"},"children":{"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"SARMapping":{"id":"SARMapping","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SARMapping","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Resource":{"id":"Resource","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_sam.CfnApplication","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Serverless::Application","aws:cdk:cloudformation:props":{"location":{"applicationId":{"Fn::FindInMap":["DatabaseRotationSingleUserSARMapping9AEB3E55",{"Ref":"AWS::Partition"},"applicationId"]},"semanticVersion":{"Fn::FindInMap":["DatabaseRotationSingleUserSARMapping9AEB3E55",{"Ref":"AWS::Partition"},"semanticVersion"]}},"parameters":{"endpoint":{"Fn::Join":["",["https://secretsmanager.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"}]]},"functionName":"awscdkdocdbclusterrotationDatabaseRotationSingleUser7DAE65BE","vpcSubnetIds":{"Fn::Join":["",[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},",",{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]]},"vpcSecurityGroupIds":{"Fn::GetAtt":["DatabaseRotationSingleUserSecurityGroupAC6E0E73","GroupId"]},"excludeCharacters":"\"@/"}}}},"RotationLambda":{"id":"RotationLambda","path":"aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/RotationLambda","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.FunctionBase","version":"0.0.0","metadata":[]}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-docdb-cluster-rotation/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-docdb-cluster-rotation/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.assets.json index f2be207e12c90..42734c4e63a39 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.assets.json @@ -1,15 +1,16 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { - "9a5c390599d915fbbde6a4b4753f574ea0487b8e82b81dcdb290793561e258df": { + "741d78df024bad77bcce7170928793994291514a1ebddc8c089059ad608b6781": { + "displayName": "aws-cdk-rds-cluster-rotation Template", "source": { "path": "aws-cdk-rds-cluster-rotation.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-093c4847": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "9a5c390599d915fbbde6a4b4753f574ea0487b8e82b81dcdb290793561e258df.json", + "objectKey": "741d78df024bad77bcce7170928793994291514a1ebddc8c089059ad608b6781.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json index 400a291b3a3af..e6257bd377d8e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json @@ -1126,7 +1126,7 @@ "DatabaseRotationSingleUserSARMapping9AEB3E55": { "aws": { "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSMySQLRotationSingleUser", - "semanticVersion": "1.1.367" + "semanticVersion": "1.1.618" }, "aws-cn": { "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSMySQLRotationSingleUser", @@ -1140,7 +1140,7 @@ "CustomRotationOptionsRotationSingleUserSARMapping635D6F45": { "aws": { "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSMySQLRotationSingleUser", - "semanticVersion": "1.1.367" + "semanticVersion": "1.1.618" }, "aws-cn": { "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSMySQLRotationSingleUser", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/cdk.out index c6e612584e352..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"38.0.1"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/integ.json index a043e2afd061f..f2a8b52751696 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "testCases": { "test-rds-cluster-rotation/DefaultTest": { "stacks": [ @@ -8,5 +8,6 @@ "assertionStack": "test-rds-cluster-rotation/DefaultTest/DeployAssert", "assertionStackName": "testrdsclusterrotationDefaultTestDeployAssertCC761439" } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/manifest.json index c8d5f3e4d1d2e..386034dfc1f75 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "38.0.1", + "version": "48.0.0", "artifacts": { "aws-cdk-rds-cluster-rotation.assets": { "type": "cdk:asset-manifest", @@ -16,10 +16,9 @@ "templateFile": "aws-cdk-rds-cluster-rotation.template.json", "terminationProtection": false, "validateOnSynth": false, - "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9a5c390599d915fbbde6a4b4753f574ea0487b8e82b81dcdb290793561e258df.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/741d78df024bad77bcce7170928793994291514a1ebddc8c089059ad608b6781.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -35,12 +34,56 @@ "aws-cdk-rds-cluster-rotation.assets" ], "metadata": { + "/aws-cdk-rds-cluster-rotation/VPC": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "restrictDefaultSecurityGroup": false + } + } + ], "/aws-cdk-rds-cluster-rotation/VPC/Resource": [ { "type": "aws:cdk:logicalId", "data": "VPCB9E5F0B4" } ], + "/aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -77,6 +120,42 @@ "data": "VPCPublicSubnet1NATGatewayE0556630" } ], + "/aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -113,6 +192,34 @@ "data": "VPCPublicSubnet2NATGateway3C070193" } ], + "/aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -137,6 +244,34 @@ "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" } ], + "/aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -173,12 +308,67 @@ "data": "VPCVPCGW99B986DC" } ], + "/aws-cdk-rds-cluster-rotation/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", "data": "SecurityGroupDD263621" } ], + "/aws-cdk-rds-cluster-rotation/Endpoint": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*", + "service": { + "privateDnsDefault": true, + "name": "*", + "port": "*" + } + } + } + ], + "/aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + { + "canInlineRule": true, + "connections": "*", + "uniqueId": "*" + }, + {}, + "*", + false + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -191,12 +381,65 @@ "data": "EndpointEEF1FD8F" } ], + "/aws-cdk-rds-cluster-rotation/Database": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "engine": { + "engineType": "*", + "singleUserRotationApplication": "*", + "engineVersion": { + "fullVersion": "*", + "majorVersion": "*" + }, + "parameterGroupFamily": "*", + "engineFamily": "*", + "supportedLogTypes": "*", + "combineImportAndExportRoles": true + }, + "vpc": "*", + "writer": "*", + "readers": "*" + } + } + ], + "/aws-cdk-rds-cluster-rotation/Database/Subnets": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "description": "*", + "vpc": "*", + "vpcSubnets": "*", + "removalPolicy": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/Subnets/Default": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSubnets56F17B9A" } ], + "/aws-cdk-rds-cluster-rotation/Database/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "description": "*", + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -209,24 +452,81 @@ "data": "DatabaseSecurityGroupfromawscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1IndirectPortE6A88723" } ], + "/aws-cdk-rds-cluster-rotation/Database/Secret": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "encryptionKey": "*", + "secretName": "*", + "replicaRegions": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "username": "*", + "secretName": "*", + "encryptionKey": "*", + "excludeCharacters": "*", + "replaceOnPasswordCriteriaChanges": "*", + "replicaRegions": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/Secret/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecret3B817195" } ], + "/aws-cdk-rds-cluster-rotation/Database/Secret/Attachment": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "target": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToResourcePolicy": [ + {} + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecretAttachmentE5D1B020" } ], + "/aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "rotationLambda": "*", + "automaticallyAfter": "*", + "rotateImmediatelyOnUpdate": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource": [ { "type": "aws:cdk:logicalId", "data": "DatabaseSecretAttachmentRotationScheduleA4E9F034" } ], + "/aws-cdk-rds-cluster-rotation/Database/Secret/Policy": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/Secret/Policy/Resource": [ { "type": "aws:cdk:logicalId", @@ -239,18 +539,49 @@ "data": "DatabaseB269D8BB" } ], + "/aws-cdk-rds-cluster-rotation/Database/Instance1Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-cluster-rotation/Database/Instance1": [ { "type": "aws:cdk:logicalId", "data": "DatabaseInstance1844F58FD" } ], + "/aws-cdk-rds-cluster-rotation/Database/Instance2Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-cluster-rotation/Database/Instance2": [ { "type": "aws:cdk:logicalId", "data": "DatabaseInstance2AA380DEE" } ], + "/aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -269,12 +600,65 @@ "data": "DatabaseRotationSingleUser65F55654" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "engine": { + "engineType": "*", + "singleUserRotationApplication": "*", + "engineVersion": { + "fullVersion": "*", + "majorVersion": "*" + }, + "parameterGroupFamily": "*", + "engineFamily": "*", + "supportedLogTypes": "*", + "combineImportAndExportRoles": true + }, + "vpc": "*", + "writer": "*", + "readers": "*" + } + } + ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "description": "*", + "vpc": "*", + "vpcSubnets": "*", + "removalPolicy": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets/Default": [ { "type": "aws:cdk:logicalId", "data": "CustomRotationOptionsSubnets52AEBCED" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "description": "*", + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -287,24 +671,81 @@ "data": "CustomRotationOptionsSecurityGroupfromawscdkrdsclusterrotationSecurityGroupB986D266IndirectPortF3255731" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "encryptionKey": "*", + "secretName": "*", + "replicaRegions": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "username": "*", + "secretName": "*", + "encryptionKey": "*", + "excludeCharacters": "*", + "replaceOnPasswordCriteriaChanges": "*", + "replicaRegions": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Resource": [ { "type": "aws:cdk:logicalId", "data": "CustomRotationOptionsSecret7DCFFFDB" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "target": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToResourcePolicy": [ + {} + ] + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/Resource": [ { "type": "aws:cdk:logicalId", "data": "CustomRotationOptionsSecretAttachment697A23BF" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*", + "rotationLambda": "*", + "automaticallyAfter": "*", + "rotateImmediatelyOnUpdate": false + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule/Resource": [ { "type": "aws:cdk:logicalId", "data": "CustomRotationOptionsSecretAttachmentRotationScheduleD5AEB622" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "secret": "*" + } + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy/Resource": [ { "type": "aws:cdk:logicalId", @@ -317,12 +758,24 @@ "data": "CustomRotationOptions7CA9E132" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1": [ { "type": "aws:cdk:logicalId", "data": "CustomRotationOptionsInstance1D693E87C" } ], + "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2Wrapper": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2": [ { "type": "aws:cdk:logicalId", @@ -371,7 +824,6 @@ "templateFile": "testrdsclusterrotationDefaultTestDeployAssertCC761439.template.json", "terminationProtection": false, "validateOnSynth": false, - "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", @@ -410,6 +862,485 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/testrdsclusterrotationDefaultTestDeployAssertCC761439.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/testrdsclusterrotationDefaultTestDeployAssertCC761439.assets.json index 1803dbebb1700..00395516b89ff 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/testrdsclusterrotationDefaultTestDeployAssertCC761439.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/testrdsclusterrotationDefaultTestDeployAssertCC761439.assets.json @@ -1,13 +1,14 @@ { - "version": "38.0.1", + "version": "48.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "testrdsclusterrotationDefaultTestDeployAssertCC761439 Template", "source": { "path": "testrdsclusterrotationDefaultTestDeployAssertCC761439.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json index 9d29fc89771cb..5a272eb4b3024 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json @@ -1,1915 +1 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "aws-cdk-rds-cluster-rotation": { - "id": "aws-cdk-rds-cluster-rotation", - "path": "aws-cdk-rds-cluster-rotation", - "children": { - "VPC": { - "id": "VPC", - "path": "aws-cdk-rds-cluster-rotation/VPC", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/VPC/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", - "version": "0.0.0" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet1EIP6AD938E8", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCPublicSubnet2EIP4947BC00", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet1NATGatewayE0556630" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - }, - "subnetId": { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VPCPublicSubnet2NATGateway3C070193" - }, - "routeTableId": { - "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "IGW": { - "id": "IGW", - "path": "aws-cdk-rds-cluster-rotation/VPC/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "aws-cdk-rds-cluster-rotation/VPC" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "aws-cdk-rds-cluster-rotation/VPC/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Ref": "VPCIGWB7E252D3" - }, - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.Vpc", - "version": "0.0.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-cluster-rotation/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-rds-cluster-rotation/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "Endpoint": { - "id": "Endpoint", - "path": "aws-cdk-rds-cluster-rotation/Endpoint", - "children": { - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "securityGroupIngress": [ - { - "cidrIp": { - "Fn::GetAtt": [ - "VPCB9E5F0B4", - "CidrBlock" - ] - }, - "ipProtocol": "tcp", - "fromPort": 443, - "toPort": 443, - "description": { - "Fn::Join": [ - "", - [ - "from ", - { - "Fn::GetAtt": [ - "VPCB9E5F0B4", - "CidrBlock" - ] - }, - ":443" - ] - ] - } - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Endpoint/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", - "aws:cdk:cloudformation:props": { - "privateDnsEnabled": true, - "securityGroupIds": [ - { - "Fn::GetAtt": [ - "EndpointSecurityGroup3A4D971B", - "GroupId" - ] - } - ], - "serviceName": { - "Fn::Join": [ - "", - [ - "com.amazonaws.", - { - "Ref": "AWS::Region" - }, - ".secretsmanager" - ] - ] - }, - "subnetIds": [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ], - "vpcEndpointType": "Interface", - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint", - "version": "0.0.0" - } - }, - "Database": { - "id": "Database", - "path": "aws-cdk-rds-cluster-rotation/Database", - "children": { - "Subnets": { - "id": "Subnets", - "path": "aws-cdk-rds-cluster-rotation/Database/Subnets", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-rds-cluster-rotation/Database/Subnets/Default", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", - "aws:cdk:cloudformation:props": { - "dbSubnetGroupDescription": "Subnets for Database database", - "subnetIds": [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBSubnetGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.SubnetGroup", - "version": "0.0.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-cluster-rotation/Database/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "RDS security group", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - }, - "from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}": { - "id": "from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}", - "path": "aws-cdk-rds-cluster-rotation/Database/SecurityGroup/from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "description": "from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}", - "fromPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Endpoint.Port" - ] - }, - "groupId": { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "sourceSecurityGroupId": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUserSecurityGroupAC6E0E73", - "GroupId" - ] - }, - "toPort": { - "Fn::GetAtt": [ - "DatabaseB269D8BB", - "Endpoint.Port" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup": { - "id": "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", - "path": "aws-cdk-rds-cluster-rotation/Database/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Secret": { - "id": "Secret", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", - "aws:cdk:cloudformation:props": { - "description": { - "Fn::Join": [ - "", - [ - "Generated by the CDK for stack: ", - { - "Ref": "AWS::StackName" - } - ] - ] - }, - "generateSecretString": { - "passwordLength": 30, - "secretStringTemplate": "{\"username\":\"admin\"}", - "generateStringKey": "password", - "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", - "version": "0.0.0" - } - }, - "Attachment": { - "id": "Attachment", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Attachment", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", - "aws:cdk:cloudformation:props": { - "secretId": { - "Ref": "DatabaseSecret3B817195" - }, - "targetId": { - "Ref": "DatabaseB269D8BB" - }, - "targetType": "AWS::RDS::DBCluster" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", - "version": "0.0.0" - } - }, - "RotationSchedule": { - "id": "RotationSchedule", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::RotationSchedule", - "aws:cdk:cloudformation:props": { - "rotationLambdaArn": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUser65F55654", - "Outputs.RotationLambdaARN" - ] - }, - "rotationRules": { - "scheduleExpression": "rate(30 days)" - }, - "secretId": { - "Ref": "DatabaseSecretAttachmentE5D1B020" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.RotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", - "version": "0.0.0" - } - }, - "Policy": { - "id": "Policy", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Policy", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/Secret/Policy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy", - "aws:cdk:cloudformation:props": { - "resourcePolicy": { - "Statement": [ - { - "Action": "secretsmanager:DeleteSecret", - "Effect": "Deny", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "secretId": { - "Ref": "DatabaseSecret3B817195" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.ResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.DatabaseSecret", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", - "aws:cdk:cloudformation:props": { - "copyTagsToSnapshot": true, - "dbClusterParameterGroupName": "default.aurora-mysql8.0", - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql", - "engineVersion": "8.0.mysql_aurora.3.07.1", - "masterUsername": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "DatabaseSecret3B817195" - }, - ":SecretString:username::}}" - ] - ] - }, - "masterUserPassword": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "DatabaseSecret3B817195" - }, - ":SecretString:password::}}" - ] - ] - }, - "vpcSecurityGroupIds": [ - { - "Fn::GetAtt": [ - "DatabaseSecurityGroup5C91FDCB", - "GroupId" - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBCluster", - "version": "0.0.0" - } - }, - "Instance1Wrapper": { - "id": "Instance1Wrapper", - "path": "aws-cdk-rds-cluster-rotation/Database/Instance1Wrapper", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Instance1": { - "id": "Instance1", - "path": "aws-cdk-rds-cluster-rotation/Database/Instance1", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.t3.medium", - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", - "version": "0.0.0" - } - }, - "Instance2Wrapper": { - "id": "Instance2Wrapper", - "path": "aws-cdk-rds-cluster-rotation/Database/Instance2Wrapper", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Instance2": { - "id": "Instance2", - "path": "aws-cdk-rds-cluster-rotation/Database/Instance2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "DatabaseB269D8BB" - }, - "dbInstanceClass": "db.t3.medium", - "dbSubnetGroupName": { - "Ref": "DatabaseSubnets56F17B9A" - }, - "engine": "aurora-mysql" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", - "version": "0.0.0" - } - }, - "RotationSingleUser": { - "id": "RotationSingleUser", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser", - "children": { - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "SARMapping": { - "id": "SARMapping", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SARMapping", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnMapping", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Serverless::Application", - "aws:cdk:cloudformation:props": { - "location": { - "applicationId": { - "Fn::FindInMap": [ - "DatabaseRotationSingleUserSARMapping9AEB3E55", - { - "Ref": "AWS::Partition" - }, - "applicationId" - ] - }, - "semanticVersion": { - "Fn::FindInMap": [ - "DatabaseRotationSingleUserSARMapping9AEB3E55", - { - "Ref": "AWS::Partition" - }, - "semanticVersion" - ] - } - }, - "parameters": { - "endpoint": { - "Fn::Join": [ - "", - [ - "https://secretsmanager.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - }, - "functionName": "awscdkrdsclusterrotationDatabaseRotationSingleUser171A8E3A", - "vpcSubnetIds": { - "Fn::Join": [ - "", - [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - ",", - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - ] - }, - "vpcSecurityGroupIds": { - "Fn::GetAtt": [ - "DatabaseRotationSingleUserSecurityGroupAC6E0E73", - "GroupId" - ] - }, - "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sam.CfnApplication", - "version": "0.0.0" - } - }, - "RotationLambda": { - "id": "RotationLambda", - "path": "aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/RotationLambda", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.FunctionBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretRotation", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.DatabaseCluster", - "version": "0.0.0" - } - }, - "CustomRotationOptions": { - "id": "CustomRotationOptions", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions", - "children": { - "Subnets": { - "id": "Subnets", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets/Default", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", - "aws:cdk:cloudformation:props": { - "dbSubnetGroupDescription": "Subnets for CustomRotationOptions database", - "subnetIds": [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBSubnetGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.SubnetGroup", - "version": "0.0.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "RDS security group", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - }, - "from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}": { - "id": "from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup/from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "description": "from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}", - "fromPort": { - "Fn::GetAtt": [ - "CustomRotationOptions7CA9E132", - "Endpoint.Port" - ] - }, - "groupId": { - "Fn::GetAtt": [ - "CustomRotationOptionsSecurityGroup9F3B46A1", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "sourceSecurityGroupId": { - "Fn::GetAtt": [ - "SecurityGroupDD263621", - "GroupId" - ] - }, - "toPort": { - "Fn::GetAtt": [ - "CustomRotationOptions7CA9E132", - "Endpoint.Port" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup": { - "id": "AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Secret": { - "id": "Secret", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", - "aws:cdk:cloudformation:props": { - "description": { - "Fn::Join": [ - "", - [ - "Generated by the CDK for stack: ", - { - "Ref": "AWS::StackName" - } - ] - ] - }, - "generateSecretString": { - "passwordLength": 30, - "secretStringTemplate": "{\"username\":\"admin\"}", - "generateStringKey": "password", - "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", - "version": "0.0.0" - } - }, - "Attachment": { - "id": "Attachment", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", - "aws:cdk:cloudformation:props": { - "secretId": { - "Ref": "CustomRotationOptionsSecret7DCFFFDB" - }, - "targetId": { - "Ref": "CustomRotationOptions7CA9E132" - }, - "targetType": "AWS::RDS::DBCluster" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", - "version": "0.0.0" - } - }, - "RotationSchedule": { - "id": "RotationSchedule", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::RotationSchedule", - "aws:cdk:cloudformation:props": { - "rotateImmediatelyOnUpdate": false, - "rotationLambdaArn": { - "Fn::GetAtt": [ - "CustomRotationOptionsRotationSingleUserC555446F", - "Outputs.RotationLambdaARN" - ] - }, - "rotationRules": { - "scheduleExpression": "rate(7 days)" - }, - "secretId": { - "Ref": "CustomRotationOptionsSecretAttachment697A23BF" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.RotationSchedule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", - "version": "0.0.0" - } - }, - "Policy": { - "id": "Policy", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy", - "aws:cdk:cloudformation:props": { - "resourcePolicy": { - "Statement": [ - { - "Action": "secretsmanager:DeleteSecret", - "Effect": "Deny", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "secretId": { - "Ref": "CustomRotationOptionsSecret7DCFFFDB" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.ResourcePolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.DatabaseSecret", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", - "aws:cdk:cloudformation:props": { - "copyTagsToSnapshot": true, - "dbClusterParameterGroupName": "default.aurora-mysql8.0", - "dbSubnetGroupName": { - "Ref": "CustomRotationOptionsSubnets52AEBCED" - }, - "engine": "aurora-mysql", - "engineVersion": "8.0.mysql_aurora.3.07.1", - "masterUsername": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "CustomRotationOptionsSecret7DCFFFDB" - }, - ":SecretString:username::}}" - ] - ] - }, - "masterUserPassword": { - "Fn::Join": [ - "", - [ - "{{resolve:secretsmanager:", - { - "Ref": "CustomRotationOptionsSecret7DCFFFDB" - }, - ":SecretString:password::}}" - ] - ] - }, - "vpcSecurityGroupIds": [ - { - "Fn::GetAtt": [ - "CustomRotationOptionsSecurityGroup9F3B46A1", - "GroupId" - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBCluster", - "version": "0.0.0" - } - }, - "Instance1Wrapper": { - "id": "Instance1Wrapper", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1Wrapper", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Instance1": { - "id": "Instance1", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "CustomRotationOptions7CA9E132" - }, - "dbInstanceClass": "db.t3.medium", - "dbSubnetGroupName": { - "Ref": "CustomRotationOptionsSubnets52AEBCED" - }, - "engine": "aurora-mysql" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", - "version": "0.0.0" - } - }, - "Instance2Wrapper": { - "id": "Instance2Wrapper", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2Wrapper", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Instance2": { - "id": "Instance2", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", - "aws:cdk:cloudformation:props": { - "dbClusterIdentifier": { - "Ref": "CustomRotationOptions7CA9E132" - }, - "dbInstanceClass": "db.t3.medium", - "dbSubnetGroupName": { - "Ref": "CustomRotationOptionsSubnets52AEBCED" - }, - "engine": "aurora-mysql" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", - "version": "0.0.0" - } - }, - "RotationSingleUser": { - "id": "RotationSingleUser", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser", - "children": { - "SARMapping": { - "id": "SARMapping", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/SARMapping", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnMapping", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Serverless::Application", - "aws:cdk:cloudformation:props": { - "location": { - "applicationId": { - "Fn::FindInMap": [ - "CustomRotationOptionsRotationSingleUserSARMapping635D6F45", - { - "Ref": "AWS::Partition" - }, - "applicationId" - ] - }, - "semanticVersion": { - "Fn::FindInMap": [ - "CustomRotationOptionsRotationSingleUserSARMapping635D6F45", - { - "Ref": "AWS::Partition" - }, - "semanticVersion" - ] - } - }, - "parameters": { - "endpoint": { - "Fn::Join": [ - "", - [ - "https://", - { - "Ref": "EndpointEEF1FD8F" - }, - ".secretsmanager.", - { - "Ref": "AWS::Region" - }, - ".", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - }, - "functionName": "dsclusterrotationCustomRotationOptionsRotationSingleUserBBE9175F", - "vpcSubnetIds": { - "Fn::Join": [ - "", - [ - { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - ",", - { - "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" - } - ] - ] - }, - "vpcSecurityGroupIds": { - "Fn::GetAtt": [ - "SecurityGroupDD263621", - "GroupId" - ] - }, - "excludeCharacters": "!@#$%^&*" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sam.CfnApplication", - "version": "0.0.0" - } - }, - "RotationLambda": { - "id": "RotationLambda", - "path": "aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/RotationLambda", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.FunctionBase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_secretsmanager.SecretRotation", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_rds.DatabaseCluster", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "aws-cdk-rds-cluster-rotation/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "aws-cdk-rds-cluster-rotation/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "test-rds-cluster-rotation": { - "id": "test-rds-cluster-rotation", - "path": "test-rds-cluster-rotation", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "test-rds-cluster-rotation/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "test-rds-cluster-rotation/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "test-rds-cluster-rotation/DefaultTest/DeployAssert", - "children": { - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "test-rds-cluster-rotation/DefaultTest/DeployAssert/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "test-rds-cluster-rotation/DefaultTest/DeployAssert/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-rds-cluster-rotation":{"id":"aws-cdk-rds-cluster-rotation","path":"aws-cdk-rds-cluster-rotation","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"VPC":{"id":"VPC","path":"aws-cdk-rds-cluster-rotation/VPC","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/VPC/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet1EIP6AD938E8","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"},"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet2EIP4947BC00","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"},"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"},"subnetId":{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet1NATGatewayE0556630"},"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"},"subnetId":{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-cluster-rotation/VPC/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet2NATGateway3C070193"},"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-rds-cluster-rotation/VPC/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-cluster-rotation/VPC"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-rds-cluster-rotation/VPC/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VPCIGWB7E252D3"},"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-cluster-rotation/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-rds-cluster-rotation/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Endpoint":{"id":"Endpoint","path":"aws-cdk-rds-cluster-rotation/Endpoint","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint","version":"0.0.0","metadata":[{"vpc":"*","service":{"privateDnsDefault":true,"name":"*","port":"*"}}]},"children":{"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-rds-cluster-rotation/Endpoint/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"securityGroupIngress":[{"cidrIp":{"Fn::GetAtt":["VPCB9E5F0B4","CidrBlock"]},"ipProtocol":"tcp","fromPort":443,"toPort":443,"description":{"Fn::Join":["",["from ",{"Fn::GetAtt":["VPCB9E5F0B4","CidrBlock"]},":443"]]}}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Endpoint/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCEndpoint","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCEndpoint","aws:cdk:cloudformation:props":{"privateDnsEnabled":true,"securityGroupIds":[{"Fn::GetAtt":["EndpointSecurityGroup3A4D971B","GroupId"]}],"serviceName":{"Fn::Join":["",["com.amazonaws.",{"Ref":"AWS::Region"},".secretsmanager"]]},"subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}],"vpcEndpointType":"Interface","vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Database":{"id":"Database","path":"aws-cdk-rds-cluster-rotation/Database","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseCluster","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*","supportedLogTypes":"*","combineImportAndExportRoles":true},"vpc":"*","writer":"*","readers":"*"}]},"children":{"Subnets":{"id":"Subnets","path":"aws-cdk-rds-cluster-rotation/Database/Subnets","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.SubnetGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*","vpcSubnets":"*","removalPolicy":"*"}]},"children":{"Default":{"id":"Default","path":"aws-cdk-rds-cluster-rotation/Database/Subnets/Default","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBSubnetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnets for Database database","subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-cluster-rotation/Database/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"RDS security group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}":{"id":"from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}","path":"aws-cdk-rds-cluster-rotation/Database/SecurityGroup/from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"from awscdkrdsclusterrotationDatabaseRotationSingleUserSecurityGroup0FFF34B1:{IndirectPort}","fromPort":{"Fn::GetAtt":["DatabaseB269D8BB","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["DatabaseRotationSingleUserSecurityGroupAC6E0E73","GroupId"]},"toPort":{"Fn::GetAtt":["DatabaseB269D8BB","Endpoint.Port"]}}}}}},"AuroraMySqlDatabaseClusterEngineDefaultParameterGroup":{"id":"AuroraMySqlDatabaseClusterEngineDefaultParameterGroup","path":"aws-cdk-rds-cluster-rotation/Database/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"Secret":{"id":"Secret","path":"aws-cdk-rds-cluster-rotation/Database/Secret","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseSecret","version":"0.0.0","metadata":[{"encryptionKey":"*","secretName":"*","replicaRegions":"*"},{"username":"*","secretName":"*","encryptionKey":"*","excludeCharacters":"*","replaceOnPasswordCriteriaChanges":"*","replicaRegions":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecret","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::Secret","aws:cdk:cloudformation:props":{"description":{"Fn::Join":["",["Generated by the CDK for stack: ",{"Ref":"AWS::StackName"}]]},"generateSecretString":{"passwordLength":30,"secretStringTemplate":"{\"username\":\"admin\"}","generateStringKey":"password","excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"Attachment":{"id":"Attachment","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Attachment","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment","version":"0.0.0","metadata":[{"secret":"*","target":"*"},{"addToResourcePolicy":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::SecretTargetAttachment","aws:cdk:cloudformation:props":{"secretId":{"Ref":"DatabaseSecret3B817195"},"targetId":{"Ref":"DatabaseB269D8BB"},"targetType":"AWS::RDS::DBCluster"}}},"RotationSchedule":{"id":"RotationSchedule","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.RotationSchedule","version":"0.0.0","metadata":[{"secret":"*","rotationLambda":"*","automaticallyAfter":"*","rotateImmediatelyOnUpdate":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Attachment/RotationSchedule/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::RotationSchedule","aws:cdk:cloudformation:props":{"rotationLambdaArn":{"Fn::GetAtt":["DatabaseRotationSingleUser65F55654","Outputs.RotationLambdaARN"]},"rotationRules":{"scheduleExpression":"rate(30 days)"},"secretId":{"Ref":"DatabaseSecretAttachmentE5D1B020"}}}}}}}},"Policy":{"id":"Policy","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.ResourcePolicy","version":"0.0.0","metadata":[{"secret":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/Secret/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::ResourcePolicy","aws:cdk:cloudformation:props":{"resourcePolicy":{"Statement":[{"Action":"secretsmanager:DeleteSecret","Effect":"Deny","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"},"secretId":{"Ref":"DatabaseSecret3B817195"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBCluster","aws:cdk:cloudformation:props":{"copyTagsToSnapshot":true,"dbClusterParameterGroupName":"default.aurora-mysql8.0","dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql","engineVersion":"8.0.mysql_aurora.3.07.1","masterUsername":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"DatabaseSecret3B817195"},":SecretString:username::}}"]]},"masterUserPassword":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"DatabaseSecret3B817195"},":SecretString:password::}}"]]},"vpcSecurityGroupIds":[{"Fn::GetAtt":["DatabaseSecurityGroup5C91FDCB","GroupId"]}]}}},"Instance1Wrapper":{"id":"Instance1Wrapper","path":"aws-cdk-rds-cluster-rotation/Database/Instance1Wrapper","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Instance1":{"id":"Instance1","path":"aws-cdk-rds-cluster-rotation/Database/Instance1","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.t3.medium","dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql"}}},"Instance2Wrapper":{"id":"Instance2Wrapper","path":"aws-cdk-rds-cluster-rotation/Database/Instance2Wrapper","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Instance2":{"id":"Instance2","path":"aws-cdk-rds-cluster-rotation/Database/Instance2","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"DatabaseB269D8BB"},"dbInstanceClass":"db.t3.medium","dbSubnetGroupName":{"Ref":"DatabaseSubnets56F17B9A"},"engine":"aurora-mysql"}}},"RotationSingleUser":{"id":"RotationSingleUser","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretRotation","version":"0.0.0"},"children":{"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"SARMapping":{"id":"SARMapping","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/SARMapping","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_sam.CfnApplication","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Serverless::Application","aws:cdk:cloudformation:props":{"location":{"applicationId":{"Fn::FindInMap":["DatabaseRotationSingleUserSARMapping9AEB3E55",{"Ref":"AWS::Partition"},"applicationId"]},"semanticVersion":{"Fn::FindInMap":["DatabaseRotationSingleUserSARMapping9AEB3E55",{"Ref":"AWS::Partition"},"semanticVersion"]}},"parameters":{"endpoint":{"Fn::Join":["",["https://secretsmanager.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"}]]},"functionName":"awscdkrdsclusterrotationDatabaseRotationSingleUser171A8E3A","vpcSubnetIds":{"Fn::Join":["",[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},",",{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]]},"vpcSecurityGroupIds":{"Fn::GetAtt":["DatabaseRotationSingleUserSecurityGroupAC6E0E73","GroupId"]},"excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"RotationLambda":{"id":"RotationLambda","path":"aws-cdk-rds-cluster-rotation/Database/RotationSingleUser/RotationLambda","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.FunctionBase","version":"0.0.0","metadata":[]}}}}}},"CustomRotationOptions":{"id":"CustomRotationOptions","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseCluster","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*","supportedLogTypes":"*","combineImportAndExportRoles":true},"vpc":"*","writer":"*","readers":"*"}]},"children":{"Subnets":{"id":"Subnets","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.SubnetGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*","vpcSubnets":"*","removalPolicy":"*"}]},"children":{"Default":{"id":"Default","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Subnets/Default","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBSubnetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnets for CustomRotationOptions database","subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"RDS security group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}":{"id":"from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/SecurityGroup/from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"from awscdkrdsclusterrotationSecurityGroupB986D266:{IndirectPort}","fromPort":{"Fn::GetAtt":["CustomRotationOptions7CA9E132","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["CustomRotationOptionsSecurityGroup9F3B46A1","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["SecurityGroupDD263621","GroupId"]},"toPort":{"Fn::GetAtt":["CustomRotationOptions7CA9E132","Endpoint.Port"]}}}}}},"AuroraMySqlDatabaseClusterEngineDefaultParameterGroup":{"id":"AuroraMySqlDatabaseClusterEngineDefaultParameterGroup","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/AuroraMySqlDatabaseClusterEngineDefaultParameterGroup","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"Secret":{"id":"Secret","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseSecret","version":"0.0.0","metadata":[{"encryptionKey":"*","secretName":"*","replicaRegions":"*"},{"username":"*","secretName":"*","encryptionKey":"*","excludeCharacters":"*","replaceOnPasswordCriteriaChanges":"*","replicaRegions":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecret","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::Secret","aws:cdk:cloudformation:props":{"description":{"Fn::Join":["",["Generated by the CDK for stack: ",{"Ref":"AWS::StackName"}]]},"generateSecretString":{"passwordLength":30,"secretStringTemplate":"{\"username\":\"admin\"}","generateStringKey":"password","excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"Attachment":{"id":"Attachment","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment","version":"0.0.0","metadata":[{"secret":"*","target":"*"},{"addToResourcePolicy":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::SecretTargetAttachment","aws:cdk:cloudformation:props":{"secretId":{"Ref":"CustomRotationOptionsSecret7DCFFFDB"},"targetId":{"Ref":"CustomRotationOptions7CA9E132"},"targetType":"AWS::RDS::DBCluster"}}},"RotationSchedule":{"id":"RotationSchedule","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.RotationSchedule","version":"0.0.0","metadata":[{"secret":"*","rotationLambda":"*","automaticallyAfter":"*","rotateImmediatelyOnUpdate":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Attachment/RotationSchedule/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::RotationSchedule","aws:cdk:cloudformation:props":{"rotateImmediatelyOnUpdate":false,"rotationLambdaArn":{"Fn::GetAtt":["CustomRotationOptionsRotationSingleUserC555446F","Outputs.RotationLambdaARN"]},"rotationRules":{"scheduleExpression":"rate(7 days)"},"secretId":{"Ref":"CustomRotationOptionsSecretAttachment697A23BF"}}}}}}}},"Policy":{"id":"Policy","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.ResourcePolicy","version":"0.0.0","metadata":[{"secret":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Secret/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::ResourcePolicy","aws:cdk:cloudformation:props":{"resourcePolicy":{"Statement":[{"Action":"secretsmanager:DeleteSecret","Effect":"Deny","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"},"secretId":{"Ref":"CustomRotationOptionsSecret7DCFFFDB"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBCluster","aws:cdk:cloudformation:props":{"copyTagsToSnapshot":true,"dbClusterParameterGroupName":"default.aurora-mysql8.0","dbSubnetGroupName":{"Ref":"CustomRotationOptionsSubnets52AEBCED"},"engine":"aurora-mysql","engineVersion":"8.0.mysql_aurora.3.07.1","masterUsername":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"CustomRotationOptionsSecret7DCFFFDB"},":SecretString:username::}}"]]},"masterUserPassword":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"CustomRotationOptionsSecret7DCFFFDB"},":SecretString:password::}}"]]},"vpcSecurityGroupIds":[{"Fn::GetAtt":["CustomRotationOptionsSecurityGroup9F3B46A1","GroupId"]}]}}},"Instance1Wrapper":{"id":"Instance1Wrapper","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1Wrapper","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Instance1":{"id":"Instance1","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance1","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"CustomRotationOptions7CA9E132"},"dbInstanceClass":"db.t3.medium","dbSubnetGroupName":{"Ref":"CustomRotationOptionsSubnets52AEBCED"},"engine":"aurora-mysql"}}},"Instance2Wrapper":{"id":"Instance2Wrapper","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2Wrapper","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Instance2":{"id":"Instance2","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/Instance2","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"dbClusterIdentifier":{"Ref":"CustomRotationOptions7CA9E132"},"dbInstanceClass":"db.t3.medium","dbSubnetGroupName":{"Ref":"CustomRotationOptionsSubnets52AEBCED"},"engine":"aurora-mysql"}}},"RotationSingleUser":{"id":"RotationSingleUser","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretRotation","version":"0.0.0"},"children":{"SARMapping":{"id":"SARMapping","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/SARMapping","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Resource":{"id":"Resource","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_sam.CfnApplication","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Serverless::Application","aws:cdk:cloudformation:props":{"location":{"applicationId":{"Fn::FindInMap":["CustomRotationOptionsRotationSingleUserSARMapping635D6F45",{"Ref":"AWS::Partition"},"applicationId"]},"semanticVersion":{"Fn::FindInMap":["CustomRotationOptionsRotationSingleUserSARMapping635D6F45",{"Ref":"AWS::Partition"},"semanticVersion"]}},"parameters":{"endpoint":{"Fn::Join":["",["https://",{"Ref":"EndpointEEF1FD8F"},".secretsmanager.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"}]]},"functionName":"dsclusterrotationCustomRotationOptionsRotationSingleUserBBE9175F","vpcSubnetIds":{"Fn::Join":["",[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},",",{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]]},"vpcSecurityGroupIds":{"Fn::GetAtt":["SecurityGroupDD263621","GroupId"]},"excludeCharacters":"!@#$%^&*"}}}},"RotationLambda":{"id":"RotationLambda","path":"aws-cdk-rds-cluster-rotation/CustomRotationOptions/RotationSingleUser/RotationLambda","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.FunctionBase","version":"0.0.0","metadata":[]}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-rds-cluster-rotation/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-rds-cluster-rotation/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"test-rds-cluster-rotation":{"id":"test-rds-cluster-rotation","path":"test-rds-cluster-rotation","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"test-rds-cluster-rotation/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"test-rds-cluster-rotation/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"test-rds-cluster-rotation/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"test-rds-cluster-rotation/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"test-rds-cluster-rotation/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.assets.json index 6ac37dec0c715..ad3936e56c7a1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.assets.json @@ -29,16 +29,16 @@ } } }, - "b9b0f58bf70ee4631a7e117c79b5fced1c115c944a844f1303a2c7be6566b4f2": { + "9cbb6563eac1a6651a3d7c2cd75f9092560f0d276ce7ecb54375959b15935fb5": { "displayName": "cdk-integ-cluster-snapshot Template", "source": { "path": "cdk-integ-cluster-snapshot.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region-de1ec58e": { + "current_account-current_region-318e60f4": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b9b0f58bf70ee4631a7e117c79b5fced1c115c944a844f1303a2c7be6566b4f2.json", + "objectKey": "9cbb6563eac1a6651a3d7c2cd75f9092560f0d276ce7ecb54375959b15935fb5.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json index 495f47c829352..7fe9b0a610dc4 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json @@ -1846,7 +1846,7 @@ "FromSnapshotRotationSingleUserSARMapping4464D796": { "aws": { "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSMySQLRotationSingleUser", - "semanticVersion": "1.1.367" + "semanticVersion": "1.1.618" }, "aws-cn": { "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSMySQLRotationSingleUser", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/manifest.json index e28de25945d67..0ca770522b427 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b9b0f58bf70ee4631a7e117c79b5fced1c115c944a844f1303a2c7be6566b4f2.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9cbb6563eac1a6651a3d7c2cd75f9092560f0d276ce7ecb54375959b15935fb5.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.assets.json index c7ad421ea3855..8d4707d872cc7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.assets.json @@ -15,16 +15,16 @@ } } }, - "c12a0c50ec439968b9872f4ccbbca0e7bba32ae6c51dcb24f3b96180b8304a93": { + "f5d18e8489e5200512f020e4a15a4c6a935e1cde3ff34a38fad10c2bf83cc753": { "displayName": "aws-cdk-rds-instance Template", "source": { "path": "aws-cdk-rds-instance.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region-cca70c91": { + "current_account-current_region-4270e608": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "c12a0c50ec439968b9872f4ccbbca0e7bba32ae6c51dcb24f3b96180b8304a93.json", + "objectKey": "f5d18e8489e5200512f020e4a15a4c6a935e1cde3ff34a38fad10c2bf83cc753.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json index b3b692420e8bf..98f58f26ef1e6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json @@ -1146,7 +1146,7 @@ "InstanceRotationSingleUserSARMappingFEA0C86E": { "aws": { "applicationId": "arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSOracleRotationSingleUser", - "semanticVersion": "1.1.367" + "semanticVersion": "1.1.618" }, "aws-cn": { "applicationId": "arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSOracleRotationSingleUser", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/manifest.json index a87bdc83d8f54..aed8275d5ee6a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c12a0c50ec439968b9872f4ccbbca0e7bba32ae6c51dcb24f3b96180b8304a93.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/f5d18e8489e5200512f020e4a15a4c6a935e1cde3ff34a38fad10c2bf83cc753.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json index 99982771167ca..f079b24c02707 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-rds-instance":{"id":"aws-cdk-rds-instance","path":"aws-cdk-rds-instance","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"VPC":{"id":"VPC","path":"aws-cdk-rds-instance/VPC","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/VPC/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-rds-instance/VPC/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet1EIP6AD938E8","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"},"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-rds-instance/VPC/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet2EIP4947BC00","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"},"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"},"subnetId":{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet1NATGatewayE0556630"},"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"},"subnetId":{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet2NATGateway3C070193"},"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-rds-instance/VPC/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-rds-instance/VPC/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VPCIGWB7E252D3"},"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"ParameterGroup":{"id":"ParameterGroup","path":"aws-cdk-rds-instance/ParameterGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.ParameterGroup","version":"0.0.0","metadata":[{"engine":{"engineType":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"parameters":"*"},{"bindToInstance":["*"]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/ParameterGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBParameterGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBParameterGroup","aws:cdk:cloudformation:props":{"description":"Parameter group for oracle-se2-19","family":"oracle-se2-19","parameters":{"open_cursors":"2500"}}}}}},"OptionGroup":{"id":"OptionGroup","path":"aws-cdk-rds-instance/OptionGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.OptionGroup","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"configurations":[{"name":"*"},{"name":"*","port":"*","vpc":"*"}]},{"addConfiguration":[{"name":"*"}]},{"addConfiguration":[{"name":"*","port":"*","vpc":"*"}]}]},"children":{"SecurityGroupOEM":{"id":"SecurityGroupOEM","path":"aws-cdk-rds-instance/OptionGroup/SecurityGroupOEM","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/OptionGroup/SecurityGroupOEM/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Security group for OEM option","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"securityGroupIngress":[{"cidrIp":"0.0.0.0/0","ipProtocol":"tcp","fromPort":1158,"toPort":1158,"description":"from 0.0.0.0/0:1158"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/OptionGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnOptionGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::OptionGroup","aws:cdk:cloudformation:props":{"engineName":"oracle-se2","majorEngineVersion":"19","optionConfigurations":[{"optionName":"LOCATOR"},{"optionName":"OEM","port":1158,"vpcSecurityGroupMemberships":[{"Fn::GetAtt":["OptionGroupSecurityGroupOEM7E39FD8C","GroupId"]}]}],"optionGroupDescription":"Option group for oracle-se2 19"}}}}},"Instance":{"id":"Instance","path":"aws-cdk-rds-instance/Instance","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseInstance","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"licenseModel":"bring-your-own-license","instanceType":"*","multiAz":true,"storageType":"io1","credentials":"*","vpc":"*","databaseName":"*","storageEncrypted":true,"backupRetention":"*","monitoringInterval":"*","enablePerformanceInsights":true,"cloudwatchLogsExports":"*","cloudwatchLogsRetention":30,"autoMinorVersionUpgrade":true,"optionGroup":"*","parameterGroup":"*","removalPolicy":"destroy"}]},"children":{"SubnetGroup":{"id":"SubnetGroup","path":"aws-cdk-rds-instance/Instance/SubnetGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.SubnetGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*","vpcSubnets":"*","removalPolicy":"*"}]},"children":{"Default":{"id":"Default","path":"aws-cdk-rds-instance/Instance/SubnetGroup/Default","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBSubnetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnet group for Instance database","subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-instance/Instance/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Security group for Instance database","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from 0.0.0.0_0:{IndirectPort}":{"id":"from 0.0.0.0_0:{IndirectPort}","path":"aws-cdk-rds-instance/Instance/SecurityGroup/from 0.0.0.0_0:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"cidrIp":"0.0.0.0/0","description":"from 0.0.0.0/0:{IndirectPort}","fromPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]},"ipProtocol":"tcp","toPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]}}}},"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}":{"id":"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","path":"aws-cdk-rds-instance/Instance/SecurityGroup/from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","fromPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["InstanceRotationSingleUserSecurityGroupF3FB5C25","GroupId"]},"toPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]}}}}}},"MonitoringRole":{"id":"MonitoringRole","path":"aws-cdk-rds-instance/Instance/MonitoringRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportMonitoringRole":{"id":"ImportMonitoringRole","path":"aws-cdk-rds-instance/Instance/MonitoringRole/ImportMonitoringRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/MonitoringRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"monitoring.rds.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"]]}]}}}}},"Secret":{"id":"Secret","path":"aws-cdk-rds-instance/Instance/Secret","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseSecret","version":"0.0.0","metadata":[{"encryptionKey":"*","secretName":"*","replicaRegions":"*"},{"username":"*","secretName":"*","encryptionKey":"*","excludeCharacters":"*","replaceOnPasswordCriteriaChanges":"*","replicaRegions":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecret","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::Secret","aws:cdk:cloudformation:props":{"description":{"Fn::Join":["",["Generated by the CDK for stack: ",{"Ref":"AWS::StackName"}]]},"generateSecretString":{"passwordLength":30,"secretStringTemplate":"{\"username\":\"syscdk\"}","generateStringKey":"password","excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"Attachment":{"id":"Attachment","path":"aws-cdk-rds-instance/Instance/Secret/Attachment","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment","version":"0.0.0","metadata":[{"secret":"*","target":"*"},{"addToResourcePolicy":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::SecretTargetAttachment","aws:cdk:cloudformation:props":{"secretId":{"Ref":"InstanceSecret478E0A47"},"targetId":{"Ref":"InstanceC1063A87"},"targetType":"AWS::RDS::DBInstance"}}},"RotationSchedule":{"id":"RotationSchedule","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/RotationSchedule","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.RotationSchedule","version":"0.0.0","metadata":[{"secret":"*","rotationLambda":"*","automaticallyAfter":"*","rotateImmediatelyOnUpdate":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/RotationSchedule/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::RotationSchedule","aws:cdk:cloudformation:props":{"rotationLambdaArn":{"Fn::GetAtt":["InstanceRotationSingleUser90E8AB49","Outputs.RotationLambdaARN"]},"rotationRules":{"scheduleExpression":"rate(30 days)"},"secretId":{"Ref":"InstanceSecretAttachment83BEE581"}}}}}}}},"Policy":{"id":"Policy","path":"aws-cdk-rds-instance/Instance/Secret/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.ResourcePolicy","version":"0.0.0","metadata":[{"secret":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::ResourcePolicy","aws:cdk:cloudformation:props":{"resourcePolicy":{"Statement":[{"Action":"secretsmanager:DeleteSecret","Effect":"Deny","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"},"secretId":{"Ref":"InstanceSecret478E0A47"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"allocatedStorage":"100","autoMinorVersionUpgrade":true,"backupRetentionPeriod":7,"copyTagsToSnapshot":true,"dbInstanceClass":"db.t3.medium","dbName":"ORCL","dbParameterGroupName":{"Ref":"ParameterGroup5E32DECB"},"dbSubnetGroupName":{"Ref":"InstanceSubnetGroupF2CBA54F"},"enableCloudwatchLogsExports":["trace","audit","alert","listener"],"enablePerformanceInsights":true,"engine":"oracle-se2","engineVersion":"19.0.0.0.ru-2020-04.rur-2020-04.r1","iops":1000,"licenseModel":"bring-your-own-license","masterUsername":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"InstanceSecret478E0A47"},":SecretString:username::}}"]]},"masterUserPassword":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"InstanceSecret478E0A47"},":SecretString:password::}}"]]},"monitoringInterval":60,"monitoringRoleArn":{"Fn::GetAtt":["InstanceMonitoringRole3E2B4286","Arn"]},"multiAz":true,"optionGroupName":{"Ref":"OptionGroupACA43DC1"},"performanceInsightsRetentionPeriod":7,"storageEncrypted":true,"storageType":"io1","vpcSecurityGroups":[{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]}]}}},"LogRetentiontrace":{"id":"LogRetentiontrace","path":"aws-cdk-rds-instance/Instance/LogRetentiontrace","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentiontrace/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.206]}trace":{"id":"LogGroup${Token[TOKEN.206]}trace","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.206]}trace","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionaudit":{"id":"LogRetentionaudit","path":"aws-cdk-rds-instance/Instance/LogRetentionaudit","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionaudit/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.206]}audit":{"id":"LogGroup${Token[TOKEN.206]}audit","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.206]}audit","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionalert":{"id":"LogRetentionalert","path":"aws-cdk-rds-instance/Instance/LogRetentionalert","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionalert/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.206]}alert":{"id":"LogGroup${Token[TOKEN.206]}alert","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.206]}alert","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionlistener":{"id":"LogRetentionlistener","path":"aws-cdk-rds-instance/Instance/LogRetentionlistener","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionlistener/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.206]}listener":{"id":"LogGroup${Token[TOKEN.206]}listener","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.206]}listener","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RotationSingleUser":{"id":"RotationSingleUser","path":"aws-cdk-rds-instance/Instance/RotationSingleUser","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretRotation","version":"0.0.0"},"children":{"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"SARMapping":{"id":"SARMapping","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SARMapping","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_sam.CfnApplication","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Serverless::Application","aws:cdk:cloudformation:props":{"location":{"applicationId":{"Fn::FindInMap":["InstanceRotationSingleUserSARMappingFEA0C86E",{"Ref":"AWS::Partition"},"applicationId"]},"semanticVersion":{"Fn::FindInMap":["InstanceRotationSingleUserSARMappingFEA0C86E",{"Ref":"AWS::Partition"},"semanticVersion"]}},"parameters":{"endpoint":{"Fn::Join":["",["https://secretsmanager.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"}]]},"functionName":"awscdkrdsinstanceInstanceRotationSingleUserAFE3C214","vpcSubnetIds":{"Fn::Join":["",[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},",",{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]]},"vpcSecurityGroupIds":{"Fn::GetAtt":["InstanceRotationSingleUserSecurityGroupF3FB5C25","GroupId"]},"excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"RotationLambda":{"id":"RotationLambda","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/RotationLambda","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.FunctionBase","version":"0.0.0","metadata":[]}}}},"Availability":{"id":"Availability","path":"aws-cdk-rds-instance/Instance/Availability","constructInfo":{"fqn":"aws-cdk-lib.aws_events.Rule","version":"0.0.0","metadata":[{},{"addEventPattern":["*"]},{"addEventPattern":[{"source":"*","resources":"*"}]},{"addTarget":[{}]},{"addEventPattern":[{"detail":"*"}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Availability/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnRule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::Rule","aws:cdk:cloudformation:props":{"eventPattern":{"source":["aws.rds"],"resources":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":rds:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":db:",{"Ref":"InstanceC1063A87"}]]}],"detail":{"EventCategories":["availability"]}},"state":"ENABLED","targets":[{"id":"Target0","arn":{"Fn::GetAtt":["Function76856677","Arn"]}}]}}},"AllowEventRuleawscdkrdsinstanceFunctionD515EE19":{"id":"AllowEventRuleawscdkrdsinstanceFunctionD515EE19","path":"aws-cdk-rds-instance/Instance/Availability/AllowEventRuleawscdkrdsinstanceFunctionD515EE19","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnPermission","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Permission","aws:cdk:cloudformation:props":{"action":"lambda:InvokeFunction","functionName":{"Fn::GetAtt":["Function76856677","Arn"]},"principal":"events.amazonaws.com","sourceArn":{"Fn::GetAtt":["InstanceAvailabilityAD5D452C","Arn"]}}}}}}}},"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a":{"id":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Code":{"id":"Code","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["logs:DeleteRetentionPolicy","logs:PutRetentionPolicy"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB","roles":[{"Ref":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"}]}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-rds-instance/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"HighCPU":{"id":"HighCPU","path":"aws-cdk-rds-instance/HighCPU","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudwatch.Alarm","version":"0.0.0","metadata":[{"metric":{"warnings":"*"},"threshold":"*","evaluationPeriods":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/HighCPU/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudwatch.CfnAlarm","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudWatch::Alarm","aws:cdk:cloudformation:props":{"comparisonOperator":"GreaterThanOrEqualToThreshold","dimensions":[{"name":"DBInstanceIdentifier","value":{"Ref":"InstanceC1063A87"}}],"evaluationPeriods":1,"metricName":"CPUUtilization","namespace":"AWS/RDS","period":300,"statistic":"Average","threshold":90}}}}},"Function":{"id":"Function","path":"aws-cdk-rds-instance/Function","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","handler":"*","runtime":"*"}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-rds-instance/Function/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-rds-instance/Function/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Function/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Function/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"zipFile":"exports.handler = (event) => console.log(event);"},"handler":"index.handler","role":{"Fn::GetAtt":["FunctionServiceRole675BB04A","Arn"]},"runtime":"nodejs18.x"}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-rds-instance/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-rds-instance/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-rds-instance":{"id":"aws-cdk-rds-instance","path":"aws-cdk-rds-instance","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"VPC":{"id":"VPC","path":"aws-cdk-rds-instance/VPC","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/VPC/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-rds-instance/VPC/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet1RouteTableFEE4B781"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-instance/VPC/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet1EIP6AD938E8","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet1SubnetB4246D30"},"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-rds-instance/VPC/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VPCIGWB7E252D3"},"routeTableId":{"Ref":"VPCPublicSubnet2RouteTable6F1A15F1"}}}},"EIP":{"id":"EIP","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-rds-instance/VPC/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VPCPublicSubnet2EIP4947BC00","AllocationId"]},"subnetId":{"Ref":"VPCPublicSubnet2Subnet74179F39"},"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"},"subnetId":{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet1NATGatewayE0556630"},"routeTableId":{"Ref":"VPCPrivateSubnet1RouteTableBE8A6027"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"Acl":{"id":"Acl","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC/PrivateSubnet2"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"},"subnetId":{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-rds-instance/VPC/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VPCPublicSubnet2NATGateway3C070193"},"routeTableId":{"Ref":"VPCPrivateSubnet2RouteTable0A19E10E"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-rds-instance/VPC/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-rds-instance/VPC"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-rds-instance/VPC/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VPCIGWB7E252D3"},"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"ParameterGroup":{"id":"ParameterGroup","path":"aws-cdk-rds-instance/ParameterGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.ParameterGroup","version":"0.0.0","metadata":[{"engine":{"engineType":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"parameters":"*"},{"bindToInstance":["*"]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/ParameterGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBParameterGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBParameterGroup","aws:cdk:cloudformation:props":{"description":"Parameter group for oracle-se2-19","family":"oracle-se2-19","parameters":{"open_cursors":"2500"}}}}}},"OptionGroup":{"id":"OptionGroup","path":"aws-cdk-rds-instance/OptionGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.OptionGroup","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"configurations":[{"name":"*"},{"name":"*","port":"*","vpc":"*"}]},{"addConfiguration":[{"name":"*"}]},{"addConfiguration":[{"name":"*","port":"*","vpc":"*"}]}]},"children":{"SecurityGroupOEM":{"id":"SecurityGroupOEM","path":"aws-cdk-rds-instance/OptionGroup/SecurityGroupOEM","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/OptionGroup/SecurityGroupOEM/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Security group for OEM option","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"securityGroupIngress":[{"cidrIp":"0.0.0.0/0","ipProtocol":"tcp","fromPort":1158,"toPort":1158,"description":"from 0.0.0.0/0:1158"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/OptionGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnOptionGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::OptionGroup","aws:cdk:cloudformation:props":{"engineName":"oracle-se2","majorEngineVersion":"19","optionConfigurations":[{"optionName":"LOCATOR"},{"optionName":"OEM","port":1158,"vpcSecurityGroupMemberships":[{"Fn::GetAtt":["OptionGroupSecurityGroupOEM7E39FD8C","GroupId"]}]}],"optionGroupDescription":"Option group for oracle-se2 19"}}}}},"Instance":{"id":"Instance","path":"aws-cdk-rds-instance/Instance","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseInstance","version":"0.0.0","metadata":[{"engine":{"engineType":"*","singleUserRotationApplication":"*","engineVersion":{"fullVersion":"*","majorVersion":"*"},"parameterGroupFamily":"*","engineFamily":"*"},"licenseModel":"bring-your-own-license","instanceType":"*","multiAz":true,"storageType":"io1","credentials":"*","vpc":"*","databaseName":"*","storageEncrypted":true,"backupRetention":"*","monitoringInterval":"*","enablePerformanceInsights":true,"cloudwatchLogsExports":"*","cloudwatchLogsRetention":30,"autoMinorVersionUpgrade":true,"optionGroup":"*","parameterGroup":"*","removalPolicy":"destroy"}]},"children":{"SubnetGroup":{"id":"SubnetGroup","path":"aws-cdk-rds-instance/Instance/SubnetGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.SubnetGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*","vpcSubnets":"*","removalPolicy":"*"}]},"children":{"Default":{"id":"Default","path":"aws-cdk-rds-instance/Instance/SubnetGroup/Default","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBSubnetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBSubnetGroup","aws:cdk:cloudformation:props":{"dbSubnetGroupDescription":"Subnet group for Instance database","subnetIds":[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]}}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-instance/Instance/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"description":"*","vpc":"*"},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Security group for Instance database","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}},"from 0.0.0.0_0:{IndirectPort}":{"id":"from 0.0.0.0_0:{IndirectPort}","path":"aws-cdk-rds-instance/Instance/SecurityGroup/from 0.0.0.0_0:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"cidrIp":"0.0.0.0/0","description":"from 0.0.0.0/0:{IndirectPort}","fromPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]},"ipProtocol":"tcp","toPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]}}}},"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}":{"id":"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","path":"aws-cdk-rds-instance/Instance/SecurityGroup/from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"from awscdkrdsinstanceInstanceRotationSingleUserSecurityGroupE959D912:{IndirectPort}","fromPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]},"groupId":{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["InstanceRotationSingleUserSecurityGroupF3FB5C25","GroupId"]},"toPort":{"Fn::GetAtt":["InstanceC1063A87","Endpoint.Port"]}}}}}},"MonitoringRole":{"id":"MonitoringRole","path":"aws-cdk-rds-instance/Instance/MonitoringRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportMonitoringRole":{"id":"ImportMonitoringRole","path":"aws-cdk-rds-instance/Instance/MonitoringRole/ImportMonitoringRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/MonitoringRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"monitoring.rds.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"]]}]}}}}},"Secret":{"id":"Secret","path":"aws-cdk-rds-instance/Instance/Secret","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.DatabaseSecret","version":"0.0.0","metadata":[{"encryptionKey":"*","secretName":"*","replicaRegions":"*"},{"username":"*","secretName":"*","encryptionKey":"*","excludeCharacters":"*","replaceOnPasswordCriteriaChanges":"*","replicaRegions":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecret","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::Secret","aws:cdk:cloudformation:props":{"description":{"Fn::Join":["",["Generated by the CDK for stack: ",{"Ref":"AWS::StackName"}]]},"generateSecretString":{"passwordLength":30,"secretStringTemplate":"{\"username\":\"syscdk\"}","generateStringKey":"password","excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"Attachment":{"id":"Attachment","path":"aws-cdk-rds-instance/Instance/Secret/Attachment","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment","version":"0.0.0","metadata":[{"secret":"*","target":"*"},{"addToResourcePolicy":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::SecretTargetAttachment","aws:cdk:cloudformation:props":{"secretId":{"Ref":"InstanceSecret478E0A47"},"targetId":{"Ref":"InstanceC1063A87"},"targetType":"AWS::RDS::DBInstance"}}},"RotationSchedule":{"id":"RotationSchedule","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/RotationSchedule","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.RotationSchedule","version":"0.0.0","metadata":[{"secret":"*","rotationLambda":"*","automaticallyAfter":"*","rotateImmediatelyOnUpdate":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Attachment/RotationSchedule/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::RotationSchedule","aws:cdk:cloudformation:props":{"rotationLambdaArn":{"Fn::GetAtt":["InstanceRotationSingleUser90E8AB49","Outputs.RotationLambdaARN"]},"rotationRules":{"scheduleExpression":"rate(30 days)"},"secretId":{"Ref":"InstanceSecretAttachment83BEE581"}}}}}}}},"Policy":{"id":"Policy","path":"aws-cdk-rds-instance/Instance/Secret/Policy","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.ResourcePolicy","version":"0.0.0","metadata":[{"secret":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Secret/Policy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.CfnResourcePolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::SecretsManager::ResourcePolicy","aws:cdk:cloudformation:props":{"resourcePolicy":{"Statement":[{"Action":"secretsmanager:DeleteSecret","Effect":"Deny","Principal":{"AWS":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::",{"Ref":"AWS::AccountId"},":root"]]}},"Resource":"*"}],"Version":"2012-10-17"},"secretId":{"Ref":"InstanceSecret478E0A47"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_rds.CfnDBInstance","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::RDS::DBInstance","aws:cdk:cloudformation:props":{"allocatedStorage":"100","autoMinorVersionUpgrade":true,"backupRetentionPeriod":7,"copyTagsToSnapshot":true,"dbInstanceClass":"db.t3.medium","dbName":"ORCL","dbParameterGroupName":{"Ref":"ParameterGroup5E32DECB"},"dbSubnetGroupName":{"Ref":"InstanceSubnetGroupF2CBA54F"},"enableCloudwatchLogsExports":["trace","audit","alert","listener"],"enablePerformanceInsights":true,"engine":"oracle-se2","engineVersion":"19.0.0.0.ru-2020-04.rur-2020-04.r1","iops":1000,"licenseModel":"bring-your-own-license","masterUsername":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"InstanceSecret478E0A47"},":SecretString:username::}}"]]},"masterUserPassword":{"Fn::Join":["",["{{resolve:secretsmanager:",{"Ref":"InstanceSecret478E0A47"},":SecretString:password::}}"]]},"monitoringInterval":60,"monitoringRoleArn":{"Fn::GetAtt":["InstanceMonitoringRole3E2B4286","Arn"]},"multiAz":true,"optionGroupName":{"Ref":"OptionGroupACA43DC1"},"performanceInsightsRetentionPeriod":7,"storageEncrypted":true,"storageType":"io1","vpcSecurityGroups":[{"Fn::GetAtt":["InstanceSecurityGroupB4E5FA83","GroupId"]}]}}},"LogRetentiontrace":{"id":"LogRetentiontrace","path":"aws-cdk-rds-instance/Instance/LogRetentiontrace","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentiontrace/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.199]}trace":{"id":"LogGroup${Token[TOKEN.199]}trace","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.199]}trace","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionaudit":{"id":"LogRetentionaudit","path":"aws-cdk-rds-instance/Instance/LogRetentionaudit","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionaudit/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.199]}audit":{"id":"LogGroup${Token[TOKEN.199]}audit","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.199]}audit","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionalert":{"id":"LogRetentionalert","path":"aws-cdk-rds-instance/Instance/LogRetentionalert","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionalert/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.199]}alert":{"id":"LogGroup${Token[TOKEN.199]}alert","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.199]}alert","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"LogRetentionlistener":{"id":"LogRetentionlistener","path":"aws-cdk-rds-instance/Instance/LogRetentionlistener","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogRetention","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/LogRetentionlistener/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LogGroup${Token[TOKEN.199]}listener":{"id":"LogGroup${Token[TOKEN.199]}listener","path":"aws-cdk-rds-instance/Instance/LogGroup${Token[TOKEN.199]}listener","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RotationSingleUser":{"id":"RotationSingleUser","path":"aws-cdk-rds-instance/Instance/RotationSingleUser","constructInfo":{"fqn":"aws-cdk-lib.aws_secretsmanager.SecretRotation","version":"0.0.0"},"children":{"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-cdk-rds-instance/Instance/RotationSingleUser/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"VPCB9E5F0B4"}}}}}},"SARMapping":{"id":"SARMapping","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/SARMapping","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_sam.CfnApplication","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Serverless::Application","aws:cdk:cloudformation:props":{"location":{"applicationId":{"Fn::FindInMap":["InstanceRotationSingleUserSARMappingFEA0C86E",{"Ref":"AWS::Partition"},"applicationId"]},"semanticVersion":{"Fn::FindInMap":["InstanceRotationSingleUserSARMappingFEA0C86E",{"Ref":"AWS::Partition"},"semanticVersion"]}},"parameters":{"endpoint":{"Fn::Join":["",["https://secretsmanager.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"}]]},"functionName":"awscdkrdsinstanceInstanceRotationSingleUserAFE3C214","vpcSubnetIds":{"Fn::Join":["",[{"Ref":"VPCPrivateSubnet1Subnet8BCA10E0"},",",{"Ref":"VPCPrivateSubnet2SubnetCFCDAA7A"}]]},"vpcSecurityGroupIds":{"Fn::GetAtt":["InstanceRotationSingleUserSecurityGroupF3FB5C25","GroupId"]},"excludeCharacters":" %+~`#$&*()|[]{}:;<>?!'/@\"\\"}}}},"RotationLambda":{"id":"RotationLambda","path":"aws-cdk-rds-instance/Instance/RotationSingleUser/RotationLambda","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.FunctionBase","version":"0.0.0","metadata":[]}}}},"Availability":{"id":"Availability","path":"aws-cdk-rds-instance/Instance/Availability","constructInfo":{"fqn":"aws-cdk-lib.aws_events.Rule","version":"0.0.0","metadata":[{},{"addEventPattern":["*"]},{"addEventPattern":[{"source":"*","resources":"*"}]},{"addTarget":[{}]},{"addEventPattern":[{"detail":"*"}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Instance/Availability/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_events.CfnRule","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Events::Rule","aws:cdk:cloudformation:props":{"eventPattern":{"source":["aws.rds"],"resources":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":rds:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":db:",{"Ref":"InstanceC1063A87"}]]}],"detail":{"EventCategories":["availability"]}},"state":"ENABLED","targets":[{"id":"Target0","arn":{"Fn::GetAtt":["Function76856677","Arn"]}}]}}},"AllowEventRuleawscdkrdsinstanceFunctionD515EE19":{"id":"AllowEventRuleawscdkrdsinstanceFunctionD515EE19","path":"aws-cdk-rds-instance/Instance/Availability/AllowEventRuleawscdkrdsinstanceFunctionD515EE19","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnPermission","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Permission","aws:cdk:cloudformation:props":{"action":"lambda:InvokeFunction","functionName":{"Fn::GetAtt":["Function76856677","Arn"]},"principal":"events.amazonaws.com","sourceArn":{"Fn::GetAtt":["InstanceAvailabilityAD5D452C","Arn"]}}}}}}}},"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a":{"id":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Code":{"id":"Code","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["logs:DeleteRetentionPolicy","logs:PutRetentionPolicy"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB","roles":[{"Ref":"LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"}]}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Resource","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-rds-instance/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"HighCPU":{"id":"HighCPU","path":"aws-cdk-rds-instance/HighCPU","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudwatch.Alarm","version":"0.0.0","metadata":[{"metric":{"warnings":"*"},"threshold":"*","evaluationPeriods":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/HighCPU/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_cloudwatch.CfnAlarm","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudWatch::Alarm","aws:cdk:cloudformation:props":{"comparisonOperator":"GreaterThanOrEqualToThreshold","dimensions":[{"name":"DBInstanceIdentifier","value":{"Ref":"InstanceC1063A87"}}],"evaluationPeriods":1,"metricName":"CPUUtilization","namespace":"AWS/RDS","period":300,"statistic":"Average","threshold":90}}}}},"Function":{"id":"Function","path":"aws-cdk-rds-instance/Function","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","handler":"*","runtime":"*"}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-rds-instance/Function/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-rds-instance/Function/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Function/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Resource":{"id":"Resource","path":"aws-cdk-rds-instance/Function/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"zipFile":"exports.handler = (event) => console.log(event);"},"handler":"index.handler","role":{"Fn::GetAtt":["FunctionServiceRole675BB04A","Arn"]},"runtime":"nodejs18.x"}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-rds-instance/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-rds-instance/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-secretsmanager/lib/secret-rotation.ts b/packages/aws-cdk-lib/aws-secretsmanager/lib/secret-rotation.ts index 23a2542393e31..0da676a2e8d74 100644 --- a/packages/aws-cdk-lib/aws-secretsmanager/lib/secret-rotation.ts +++ b/packages/aws-cdk-lib/aws-secretsmanager/lib/secret-rotation.ts @@ -24,84 +24,84 @@ export class SecretRotationApplication { /** * Conducts an AWS SecretsManager secret rotation for RDS MariaDB using the single user rotation scheme */ - public static readonly MARIADB_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSMariaDBRotationSingleUser', '1.1.367'); + public static readonly MARIADB_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSMariaDBRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for RDS MariaDB using the multi user rotation scheme */ - public static readonly MARIADB_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSMariaDBRotationMultiUser', '1.1.367', { + public static readonly MARIADB_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSMariaDBRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for RDS MySQL using the single user rotation scheme */ - public static readonly MYSQL_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSMySQLRotationSingleUser', '1.1.367'); + public static readonly MYSQL_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSMySQLRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for RDS MySQL using the multi user rotation scheme */ - public static readonly MYSQL_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSMySQLRotationMultiUser', '1.1.367', { + public static readonly MYSQL_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSMySQLRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for RDS Oracle using the single user rotation scheme */ - public static readonly ORACLE_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSOracleRotationSingleUser', '1.1.367'); + public static readonly ORACLE_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSOracleRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for RDS Oracle using the multi user rotation scheme */ - public static readonly ORACLE_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSOracleRotationMultiUser', '1.1.367', { + public static readonly ORACLE_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSOracleRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for RDS PostgreSQL using the single user rotation scheme */ - public static readonly POSTGRES_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSPostgreSQLRotationSingleUser', '1.1.367'); + public static readonly POSTGRES_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSPostgreSQLRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for RDS PostgreSQL using the multi user rotation scheme */ - public static readonly POSTGRES_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSPostgreSQLRotationMultiUser', '1.1.367', { + public static readonly POSTGRES_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSPostgreSQLRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for RDS SQL Server using the single user rotation scheme */ - public static readonly SQLSERVER_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSSQLServerRotationSingleUser', '1.1.367'); + public static readonly SQLSERVER_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRDSSQLServerRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for RDS SQL Server using the multi user rotation scheme */ - public static readonly SQLSERVER_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSSQLServerRotationMultiUser', '1.1.367', { + public static readonly SQLSERVER_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRDSSQLServerRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for Amazon Redshift using the single user rotation scheme */ - public static readonly REDSHIFT_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRedshiftRotationSingleUser', '1.1.367'); + public static readonly REDSHIFT_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerRedshiftRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for Amazon Redshift using the multi user rotation scheme */ - public static readonly REDSHIFT_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRedshiftRotationMultiUser', '1.1.367', { + public static readonly REDSHIFT_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerRedshiftRotationMultiUser', '1.1.618', { isMultiUser: true, }); /** * Conducts an AWS SecretsManager secret rotation for MongoDB using the single user rotation scheme */ - public static readonly MONGODB_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerMongoDBRotationSingleUser', '1.1.367'); + public static readonly MONGODB_ROTATION_SINGLE_USER = new SecretRotationApplication('SecretsManagerMongoDBRotationSingleUser', '1.1.618'); /** * Conducts an AWS SecretsManager secret rotation for MongoDB using the multi user rotation scheme */ - public static readonly MONGODB_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerMongoDBRotationMultiUser', '1.1.367', { + public static readonly MONGODB_ROTATION_MULTI_USER = new SecretRotationApplication('SecretsManagerMongoDBRotationMultiUser', '1.1.618', { isMultiUser: true, });