diff --git a/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap b/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap index 29c4063f5..319220ad0 100644 --- a/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap +++ b/template/lambda-sqs-worker-cdk/infra/__snapshots__/appStack.test.ts.snap @@ -10,181 +10,6 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` }, }, "Resources": { - "codedeployalarm9F48D05F": { - "Properties": { - "ComparisonOperator": "GreaterThanOrEqualToThreshold", - "Dimensions": [ - { - "Name": "FunctionName", - "Value": { - "Ref": "worker28EA3E30", - }, - }, - { - "Name": "Resource", - "Value": { - "Fn::Join": [ - "", - [ - { - "Ref": "worker28EA3E30", - }, - ":live", - ], - ], - }, - }, - ], - "EvaluationPeriods": 1, - "MetricName": "Errors", - "Namespace": "AWS/Lambda", - "Period": 60, - "Statistic": "Sum", - "Threshold": 1, - }, - "Type": "AWS::CloudWatch::Alarm", - }, - "codedeployapplicationF49B9864": { - "Properties": { - "ComputePlatform": "Lambda", - }, - "Type": "AWS::CodeDeploy::Application", - }, - "codedeploygroup441B094B": { - "Properties": { - "AlarmConfiguration": { - "Alarms": [ - { - "Name": { - "Ref": "codedeployalarm9F48D05F", - }, - }, - ], - "Enabled": true, - }, - "ApplicationName": { - "Ref": "codedeployapplicationF49B9864", - }, - "AutoRollbackConfiguration": { - "Enabled": true, - "Events": [ - "DEPLOYMENT_FAILURE", - "DEPLOYMENT_STOP_ON_ALARM", - ], - }, - "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce", - "DeploymentStyle": { - "DeploymentOption": "WITH_TRAFFIC_CONTROL", - "DeploymentType": "BLUE_GREEN", - }, - "ServiceRoleArn": { - "Fn::GetAtt": [ - "codedeploygroupServiceRole1BD49E37", - "Arn", - ], - }, - }, - "Type": "AWS::CodeDeploy::DeploymentGroup", - }, - "codedeploygroupServiceRole1BD49E37": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "codedeploy.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "codedeploygroupServiceRoleDefaultPolicy2027BC9A": { - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "workerprehook415B13CE", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "workerprehook415B13CE", - "Arn", - ], - }, - ":*", - ], - ], - }, - ], - }, - { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "workerposthook150842D6", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "workerposthook150842D6", - "Arn", - ], - }, - ":*", - ], - ], - }, - ], - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "codedeploygroupServiceRoleDefaultPolicy2027BC9A", - "Roles": [ - { - "Ref": "codedeploygroupServiceRole1BD49E37", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, "kmskey49FBC3B3": { "DeletionPolicy": "Retain", "Properties": { @@ -354,11 +179,17 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` ], }, "Runtime": "nodejs20.x", + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], "Timeout": 30, }, "Type": "AWS::Lambda::Function", }, - "workerAliaslive62FE5FAF": { + "workerAliasLive4B82F015": { "Properties": { "Description": "The Lambda version currently receiving traffic", "FunctionName": { @@ -370,27 +201,81 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` "Version", ], }, - "Name": "live", + "Name": "Live", }, "Type": "AWS::Lambda::Alias", "UpdatePolicy": { "CodeDeployLambdaAliasUpdate": { "AfterAllowTrafficHook": { - "Ref": "workerposthook150842D6", + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-AfterAllowTraffic", + ], + ], + }, + ], + }, + ], }, "ApplicationName": { - "Ref": "codedeployapplicationF49B9864", + "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D", }, "BeforeAllowTrafficHook": { - "Ref": "workerprehook415B13CE", + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-BeforeAllowTraffic", + ], + ], + }, + ], + }, + ], }, "DeploymentGroupName": { - "Ref": "codedeploygroup441B094B", + "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA", }, }, }, }, - "workerAliasliveSqsEventSourceappStackworkerqueue8281B9F42DEDB47B": { + "workerAliasLiveSqsEventSourceappStackworkerqueue8281B9F443B0CF93": { "Properties": { "EventSourceArn": { "Fn::GetAtt": [ @@ -409,19 +294,16 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` "Fn::Split": [ ":", { - "Ref": "workerAliaslive62FE5FAF", + "Ref": "workerAliasLive4B82F015", }, ], }, ], }, - ":live", + ":Live", ], ], }, - "ScalingConfig": { - "MaximumConcurrency": 2, - }, }, "Type": "AWS::Lambda::EventSourceMapping", }, @@ -433,7 +315,50 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` }, "Type": "AWS::Lambda::Version", }, - "workerServiceRole2130CC7F": { + "workerDeploymentCodeDeployLambdaApplication9974008D": { + "Properties": { + "ComputePlatform": "Lambda", + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], + }, + "Type": "AWS::CodeDeploy::Application", + }, + "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA": { + "Properties": { + "ApplicationName": { + "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D", + }, + "AutoRollbackConfiguration": { + "Enabled": true, + "Events": [ + "DEPLOYMENT_FAILURE", + ], + }, + "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce", + "DeploymentStyle": { + "DeploymentOption": "WITH_TRAFFIC_CONTROL", + "DeploymentType": "BLUE_GREEN", + }, + "ServiceRoleArn": { + "Fn::GetAtt": [ + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE", + "Arn", + ], + }, + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], + }, + "Type": "AWS::CodeDeploy::DeploymentGroup", + }, + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ @@ -441,7 +366,7 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": "lambda.amazonaws.com", + "Service": "codedeploy.amazonaws.com", }, }, ], @@ -456,257 +381,129 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` { "Ref": "AWS::Partition", }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", ], ], }, ], + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], }, "Type": "AWS::IAM::Role", }, - "workerServiceRoleDefaultPolicyBA498553": { + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5": { "Properties": { "PolicyDocument": { "Statement": [ { - "Action": [ - "sqs:ReceiveMessage", - "sqs:ChangeMessageVisibility", - "sqs:GetQueueUrl", - "sqs:DeleteMessage", - "sqs:GetQueueAttributes", - ], + "Action": "lambda:InvokeFunction", "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "workerqueueA05CE5C6", - "Arn", - ], - }, + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-BeforeAllowTraffic", + ], + ], + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-BeforeAllowTraffic:*", + ], + ], + }, + ], }, { - "Action": "kms:Decrypt", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", - ], - }, - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "workerServiceRoleDefaultPolicyBA498553", - "Roles": [ - { - "Ref": "workerServiceRole2130CC7F", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, - "workerposthook150842D6": { - "DependsOn": [ - "workerposthookServiceRoleDefaultPolicy6A92F69C", - "workerposthookServiceRole25452300", - ], - "Properties": { - "Architectures": [ - "arm64", - ], - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", - }, - "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip", - }, - "Environment": { - "Variables": { - "ENVIRONMENT": "dev", - "FUNCTION_NAME_TO_PRUNE": { - "Ref": "worker28EA3E30", - }, - "NODE_ENV": "production", - "NODE_OPTIONS": "--enable-source-maps", - "SERVICE": "serviceName", - "VERSION": "local", - }, - }, - "FunctionName": "serviceName-post-hook", - "Handler": "index.handler", - "KmsKeyArn": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", - ], - }, - "Role": { - "Fn::GetAtt": [ - "workerposthookServiceRole25452300", - "Arn", - ], - }, - "Runtime": "nodejs20.x", - "Timeout": 30, - }, - "Type": "AWS::Lambda::Function", - }, - "workerposthookServiceRole25452300": { - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "workerposthookServiceRoleDefaultPolicy6A92F69C": { - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "lambda:ListAliases", - "lambda:ListVersionsByFunction", - "lambda:DeleteFunction", - ], + "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-AfterAllowTraffic", + ], ], }, { "Fn::Join": [ "", [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], + "Ref": "AWS::AccountId", }, - ":*", + ":function:aws-codedeploy-hook-AfterAllowTraffic:*", ], ], }, ], }, - { - "Action": "codedeploy:PutLifecycleEventHookExecutionStatus", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codedeploy:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":deploymentgroup:", - { - "Ref": "codedeployapplicationF49B9864", - }, - "/", - { - "Ref": "codedeploygroup441B094B", - }, - ], - ], - }, - }, ], "Version": "2012-10-17", }, - "PolicyName": "workerposthookServiceRoleDefaultPolicy6A92F69C", + "PolicyName": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5", "Roles": [ { - "Ref": "workerposthookServiceRole25452300", + "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE", }, ], }, "Type": "AWS::IAM::Policy", }, - "workerprehook415B13CE": { - "DependsOn": [ - "workerprehookServiceRoleDefaultPolicy991A21B9", - "workerprehookServiceRole8F8D9379", - ], - "Properties": { - "Architectures": [ - "arm64", - ], - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", - }, - "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip", - }, - "Environment": { - "Variables": { - "ENVIRONMENT": "dev", - "FUNCTION_NAME_TO_INVOKE": { - "Ref": "worker28EA3E30", - }, - "NODE_ENV": "production", - "NODE_OPTIONS": "--enable-source-maps", - "SERVICE": "serviceName", - "VERSION": "local", - }, - }, - "FunctionName": "serviceName-pre-hook", - "Handler": "index.handler", - "KmsKeyArn": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", - ], - }, - "Role": { - "Fn::GetAtt": [ - "workerprehookServiceRole8F8D9379", - "Arn", - ], - }, - "Runtime": "nodejs20.x", - "Timeout": 120, - }, - "Type": "AWS::Lambda::Function", - }, - "workerprehookServiceRole8F8D9379": { + "workerServiceRole2130CC7F": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ @@ -734,77 +531,52 @@ exports[`returns expected CloudFormation stack for dev 1`] = ` ], }, ], + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], }, "Type": "AWS::IAM::Role", }, - "workerprehookServiceRoleDefaultPolicy991A21B9": { + "workerServiceRoleDefaultPolicyBA498553": { "Properties": { "PolicyDocument": { "Statement": [ { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], - }, - ":*", - ], - ], - }, + "Action": [ + "sqs:ReceiveMessage", + "sqs:ChangeMessageVisibility", + "sqs:GetQueueUrl", + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "workerqueueA05CE5C6", + "Arn", + ], + }, }, { - "Action": "codedeploy:PutLifecycleEventHookExecutionStatus", + "Action": "kms:Decrypt", "Effect": "Allow", "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codedeploy:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":deploymentgroup:", - { - "Ref": "codedeployapplicationF49B9864", - }, - "/", - { - "Ref": "codedeploygroup441B094B", - }, - ], + "Fn::GetAtt": [ + "kmskey49FBC3B3", + "Arn", ], }, }, ], "Version": "2012-10-17", }, - "PolicyName": "workerprehookServiceRoleDefaultPolicy991A21B9", + "PolicyName": "workerServiceRoleDefaultPolicyBA498553", "Roles": [ { - "Ref": "workerprehookServiceRole8F8D9379", + "Ref": "workerServiceRole2130CC7F", }, ], }, @@ -941,190 +713,15 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` }, }, "Resources": { - "codedeployalarm9F48D05F": { - "Properties": { - "ComparisonOperator": "GreaterThanOrEqualToThreshold", - "Dimensions": [ - { - "Name": "FunctionName", - "Value": { - "Ref": "worker28EA3E30", - }, - }, - { - "Name": "Resource", - "Value": { - "Fn::Join": [ - "", - [ - { - "Ref": "worker28EA3E30", - }, - ":live", - ], - ], - }, - }, - ], - "EvaluationPeriods": 1, - "MetricName": "Errors", - "Namespace": "AWS/Lambda", - "Period": 60, - "Statistic": "Sum", - "Threshold": 1, - }, - "Type": "AWS::CloudWatch::Alarm", - }, - "codedeployapplicationF49B9864": { - "Properties": { - "ComputePlatform": "Lambda", - }, - "Type": "AWS::CodeDeploy::Application", - }, - "codedeploygroup441B094B": { - "Properties": { - "AlarmConfiguration": { - "Alarms": [ - { - "Name": { - "Ref": "codedeployalarm9F48D05F", - }, - }, - ], - "Enabled": true, - }, - "ApplicationName": { - "Ref": "codedeployapplicationF49B9864", - }, - "AutoRollbackConfiguration": { - "Enabled": true, - "Events": [ - "DEPLOYMENT_FAILURE", - "DEPLOYMENT_STOP_ON_ALARM", - ], - }, - "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce", - "DeploymentStyle": { - "DeploymentOption": "WITH_TRAFFIC_CONTROL", - "DeploymentType": "BLUE_GREEN", - }, - "ServiceRoleArn": { - "Fn::GetAtt": [ - "codedeploygroupServiceRole1BD49E37", - "Arn", - ], - }, - }, - "Type": "AWS::CodeDeploy::DeploymentGroup", - }, - "codedeploygroupServiceRole1BD49E37": { + "kmskey49FBC3B3": { + "DeletionPolicy": "Retain", "Properties": { - "AssumeRolePolicyDocument": { + "Description": "serviceName", + "EnableKeyRotation": true, + "KeyPolicy": { "Statement": [ { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "codedeploy.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "codedeploygroupServiceRoleDefaultPolicy2027BC9A": { - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "workerprehook415B13CE", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "workerprehook415B13CE", - "Arn", - ], - }, - ":*", - ], - ], - }, - ], - }, - { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "workerposthook150842D6", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "workerposthook150842D6", - "Arn", - ], - }, - ":*", - ], - ], - }, - ], - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "codedeploygroupServiceRoleDefaultPolicy2027BC9A", - "Roles": [ - { - "Ref": "codedeploygroupServiceRole1BD49E37", - }, - ], - }, - "Type": "AWS::IAM::Policy", - }, - "kmskey49FBC3B3": { - "DeletionPolicy": "Retain", - "Properties": { - "Description": "serviceName", - "EnableKeyRotation": true, - "KeyPolicy": { - "Statement": [ - { - "Action": "kms:*", + "Action": "kms:*", "Effect": "Allow", "Principal": { "AWS": { @@ -1285,11 +882,17 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` ], }, "Runtime": "nodejs20.x", + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], "Timeout": 30, }, "Type": "AWS::Lambda::Function", }, - "workerAliaslive62FE5FAF": { + "workerAliasLive4B82F015": { "Properties": { "Description": "The Lambda version currently receiving traffic", "FunctionName": { @@ -1301,27 +904,81 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` "Version", ], }, - "Name": "live", + "Name": "Live", }, "Type": "AWS::Lambda::Alias", "UpdatePolicy": { "CodeDeployLambdaAliasUpdate": { "AfterAllowTrafficHook": { - "Ref": "workerposthook150842D6", + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-AfterAllowTraffic", + ], + ], + }, + ], + }, + ], }, "ApplicationName": { - "Ref": "codedeployapplicationF49B9864", + "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D", }, "BeforeAllowTrafficHook": { - "Ref": "workerprehook415B13CE", + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-BeforeAllowTraffic", + ], + ], + }, + ], + }, + ], }, "DeploymentGroupName": { - "Ref": "codedeploygroup441B094B", + "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA", }, }, }, }, - "workerAliasliveSqsEventSourceappStackworkerqueue8281B9F42DEDB47B": { + "workerAliasLiveSqsEventSourceappStackworkerqueue8281B9F443B0CF93": { "Properties": { "EventSourceArn": { "Fn::GetAtt": [ @@ -1340,19 +997,16 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` "Fn::Split": [ ":", { - "Ref": "workerAliaslive62FE5FAF", + "Ref": "workerAliasLive4B82F015", }, ], }, ], }, - ":live", + ":Live", ], ], }, - "ScalingConfig": { - "MaximumConcurrency": 20, - }, }, "Type": "AWS::Lambda::EventSourceMapping", }, @@ -1364,126 +1018,50 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` }, "Type": "AWS::Lambda::Version", }, - "workerServiceRole2130CC7F": { + "workerDeploymentCodeDeployLambdaApplication9974008D": { "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - }, - ], - "Version": "2012-10-17", - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", - ], - ], - }, - ], - }, - "Type": "AWS::IAM::Role", - }, - "workerServiceRoleDefaultPolicyBA498553": { - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "sqs:ReceiveMessage", - "sqs:ChangeMessageVisibility", - "sqs:GetQueueUrl", - "sqs:DeleteMessage", - "sqs:GetQueueAttributes", - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "workerqueueA05CE5C6", - "Arn", - ], - }, - }, - { - "Action": "kms:Decrypt", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", - ], - }, - }, - ], - "Version": "2012-10-17", - }, - "PolicyName": "workerServiceRoleDefaultPolicyBA498553", - "Roles": [ + "ComputePlatform": "Lambda", + "Tags": [ { - "Ref": "workerServiceRole2130CC7F", + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", }, ], }, - "Type": "AWS::IAM::Policy", + "Type": "AWS::CodeDeploy::Application", }, - "workerposthook150842D6": { - "DependsOn": [ - "workerposthookServiceRoleDefaultPolicy6A92F69C", - "workerposthookServiceRole25452300", - ], + "workerDeploymentCodeDeployLambdaDeploymentGroupF884ECDA": { "Properties": { - "Architectures": [ - "arm64", - ], - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", - }, - "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip", - }, - "Environment": { - "Variables": { - "ENVIRONMENT": "prod", - "FUNCTION_NAME_TO_PRUNE": { - "Ref": "worker28EA3E30", - }, - "NODE_ENV": "production", - "NODE_OPTIONS": "--enable-source-maps", - "SERVICE": "serviceName", - "VERSION": "local", - }, + "ApplicationName": { + "Ref": "workerDeploymentCodeDeployLambdaApplication9974008D", }, - "FunctionName": "serviceName-post-hook", - "Handler": "index.handler", - "KmsKeyArn": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", + "AutoRollbackConfiguration": { + "Enabled": true, + "Events": [ + "DEPLOYMENT_FAILURE", ], }, - "Role": { + "DeploymentConfigName": "CodeDeployDefault.LambdaAllAtOnce", + "DeploymentStyle": { + "DeploymentOption": "WITH_TRAFFIC_CONTROL", + "DeploymentType": "BLUE_GREEN", + }, + "ServiceRoleArn": { "Fn::GetAtt": [ - "workerposthookServiceRole25452300", + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE", "Arn", ], }, - "Runtime": "nodejs20.x", - "Timeout": 30, + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], }, - "Type": "AWS::Lambda::Function", + "Type": "AWS::CodeDeploy::DeploymentGroup", }, - "workerposthookServiceRole25452300": { + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ @@ -1491,7 +1069,7 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": "lambda.amazonaws.com", + "Service": "codedeploy.amazonaws.com", }, }, ], @@ -1506,138 +1084,129 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` { "Ref": "AWS::Partition", }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ":iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", ], ], }, ], + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], }, "Type": "AWS::IAM::Role", }, - "workerposthookServiceRoleDefaultPolicy6A92F69C": { + "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5": { "Properties": { "PolicyDocument": { "Statement": [ { - "Action": [ - "lambda:ListAliases", - "lambda:ListVersionsByFunction", - "lambda:DeleteFunction", - ], + "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": [ { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-BeforeAllowTraffic", + ], ], }, { "Fn::Join": [ "", [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], + "Ref": "AWS::AccountId", }, - ":*", + ":function:aws-codedeploy-hook-BeforeAllowTraffic:*", ], ], }, ], }, { - "Action": "codedeploy:PutLifecycleEventHookExecutionStatus", + "Action": "lambda:InvokeFunction", "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codedeploy:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":deploymentgroup:", - { - "Ref": "codedeployapplicationF49B9864", - }, - "/", - { - "Ref": "codedeploygroup441B094B", - }, + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-AfterAllowTraffic", + ], ], - ], - }, + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":lambda:", + { + "Ref": "AWS::Region", + }, + ":", + { + "Ref": "AWS::AccountId", + }, + ":function:aws-codedeploy-hook-AfterAllowTraffic:*", + ], + ], + }, + ], }, ], "Version": "2012-10-17", }, - "PolicyName": "workerposthookServiceRoleDefaultPolicy6A92F69C", + "PolicyName": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRoleDefaultPolicy30B750B5", "Roles": [ { - "Ref": "workerposthookServiceRole25452300", + "Ref": "workerDeploymentCodeDeployLambdaDeploymentGroupServiceRole351C6FAE", }, ], }, "Type": "AWS::IAM::Policy", }, - "workerprehook415B13CE": { - "DependsOn": [ - "workerprehookServiceRoleDefaultPolicy991A21B9", - "workerprehookServiceRole8F8D9379", - ], - "Properties": { - "Architectures": [ - "arm64", - ], - "Code": { - "S3Bucket": { - "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", - }, - "S3Key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.zip", - }, - "Environment": { - "Variables": { - "ENVIRONMENT": "prod", - "FUNCTION_NAME_TO_INVOKE": { - "Ref": "worker28EA3E30", - }, - "NODE_ENV": "production", - "NODE_OPTIONS": "--enable-source-maps", - "SERVICE": "serviceName", - "VERSION": "local", - }, - }, - "FunctionName": "serviceName-pre-hook", - "Handler": "index.handler", - "KmsKeyArn": { - "Fn::GetAtt": [ - "kmskey49FBC3B3", - "Arn", - ], - }, - "Role": { - "Fn::GetAtt": [ - "workerprehookServiceRole8F8D9379", - "Arn", - ], - }, - "Runtime": "nodejs20.x", - "Timeout": 120, - }, - "Type": "AWS::Lambda::Function", - }, - "workerprehookServiceRole8F8D9379": { + "workerServiceRole2130CC7F": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ @@ -1665,77 +1234,52 @@ exports[`returns expected CloudFormation stack for prod 1`] = ` ], }, ], + "Tags": [ + { + "Key": "aws-codedeploy-hooks", + "Value": "2.1.1-8a9d620b7ff7fbe76112f7c96c06f51e36bb2cb3", + }, + ], }, "Type": "AWS::IAM::Role", }, - "workerprehookServiceRoleDefaultPolicy991A21B9": { + "workerServiceRoleDefaultPolicyBA498553": { "Properties": { "PolicyDocument": { "Statement": [ { - "Action": "lambda:InvokeFunction", - "Effect": "Allow", - "Resource": [ - { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], - }, - { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "worker28EA3E30", - "Arn", - ], - }, - ":*", - ], - ], - }, + "Action": [ + "sqs:ReceiveMessage", + "sqs:ChangeMessageVisibility", + "sqs:GetQueueUrl", + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "workerqueueA05CE5C6", + "Arn", + ], + }, }, { - "Action": "codedeploy:PutLifecycleEventHookExecutionStatus", + "Action": "kms:Decrypt", "Effect": "Allow", "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition", - }, - ":codedeploy:", - { - "Ref": "AWS::Region", - }, - ":", - { - "Ref": "AWS::AccountId", - }, - ":deploymentgroup:", - { - "Ref": "codedeployapplicationF49B9864", - }, - "/", - { - "Ref": "codedeploygroup441B094B", - }, - ], + "Fn::GetAtt": [ + "kmskey49FBC3B3", + "Arn", ], }, }, ], "Version": "2012-10-17", }, - "PolicyName": "workerprehookServiceRoleDefaultPolicy991A21B9", + "PolicyName": "workerServiceRoleDefaultPolicyBA498553", "Roles": [ { - "Ref": "workerprehookServiceRole8F8D9379", + "Ref": "workerServiceRole2130CC7F", }, ], },