diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip index 270a85f97b1e6..22515aed82d4a 100644 Binary files a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip and b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip differ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip index 74ca70692b47c..397af7d718bb9 100644 Binary files a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip and b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip differ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip index 9671899c8393e..981c8b4205a54 100644 Binary files a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip and b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/asset.c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip differ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.assets.json index 5751ff1aa2385..bbabc077478e8 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.assets.json @@ -8,7 +8,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-daa2790b": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -22,7 +22,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-429f33a1": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -36,7 +36,7 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-be344fbd": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "75f7b6a23d8f39fbba91063166ea824a6b248a2b6eb9e9f6ce75ac58d33a1941.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -50,7 +50,7 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-8bd9c5bb": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -64,7 +64,7 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-b2c2e8f0": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "c491874c6f9e547809cebf58ee410359efeaa16c82cafaf131b323fd1f502f2c.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -78,7 +78,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-f7e0d18f": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -92,7 +92,7 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-403381c4": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "2ef56be7a7906182ed8d1a8479be348cf836b925a9956cafededbd08199ba5c4.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -106,7 +106,7 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-22f72fad": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "0d94926290549a70008a6e1e24fe1f1b29c5b53364bc1c09c60ef9cb02f562ca.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" @@ -120,51 +120,51 @@ "packaging": "zip" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-45729aa5": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "5f49893093e1ad14831626016699156d48da5f0890f19eb930bc3c46cf5f636d.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "765ef6fa51b285b0c95845b543ef922a05bd8170ea38e5d4c2abffa90da40afc": { + "f35ac439cc58dcf23012fb036da09eb7802e1096868b030abfe64f314cdfb4f3": { "displayName": "@aws-cdk--aws-eks.ClusterResourceProvider Nested Stack Template", "source": { "path": "awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderC3126E77.nested.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-9a6e27c6": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "765ef6fa51b285b0c95845b543ef922a05bd8170ea38e5d4c2abffa90da40afc.json", + "objectKey": "f35ac439cc58dcf23012fb036da09eb7802e1096868b030abfe64f314cdfb4f3.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "abcf277699474780b06cdd38f8f76c2b12c15a0cb01c6773af28bae23ce4648a": { + "79eea88c968b6c1449fdf954d6586a2e12b00c187f453783dcdbb341e0555ea9": { "displayName": "@aws-cdk--aws-eks.KubectlProvider Nested Stack Template", "source": { "path": "awscdkeksclusteralbcontrollerawscdkawseksKubectlProvider935399DC.nested.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-0264383c": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "abcf277699474780b06cdd38f8f76c2b12c15a0cb01c6773af28bae23ce4648a.json", + "objectKey": "79eea88c968b6c1449fdf954d6586a2e12b00c187f453783dcdbb341e0555ea9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "880f1ce480dce782d907d62806595bf9548dddad11a217a688f738f3922a24b2": { + "dd9acc2bd90302df9a11c481fa169f6ecc5e5a59c22661f182e6b352e6502a4a": { "displayName": "aws-cdk-eks-cluster-alb-controller Template", "source": { "path": "aws-cdk-eks-cluster-alb-controller.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-19ef762f": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "880f1ce480dce782d907d62806595bf9548dddad11a217a688f738f3922a24b2.json", + "objectKey": "dd9acc2bd90302df9a11c481fa169f6ecc5e5a59c22661f182e6b352e6502a4a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.template.json index d8bb1f5ac5ecf..0cc0c471f094d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/aws-cdk-eks-cluster-alb-controller.template.json @@ -1057,7 +1057,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "/765ef6fa51b285b0c95845b543ef922a05bd8170ea38e5d4c2abffa90da40afc.json" + "/f35ac439cc58dcf23012fb036da09eb7802e1096868b030abfe64f314cdfb4f3.json" ] ] } @@ -1107,7 +1107,7 @@ { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "/abcf277699474780b06cdd38f8f76c2b12c15a0cb01c6773af28bae23ce4648a.json" + "/79eea88c968b6c1449fdf954d6586a2e12b00c187f453783dcdbb341e0555ea9.json" ] ] } @@ -1235,19 +1235,24 @@ "ec2:DescribeCoipPools", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", + "ec2:DescribeIpamPools", "ec2:DescribeNetworkInterfaces", + "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:GetCoipPoolUsage", + "ec2:GetSecurityGroupsForVpc", "ec2:RevokeSecurityGroupIngress", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", + "elasticloadbalancing:DescribeCapacityReservation", + "elasticloadbalancing:DescribeListenerAttributes", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", @@ -1262,6 +1267,7 @@ "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetWebAcl", "iam:GetServerCertificate", "iam:ListServerCertificates", @@ -1337,6 +1343,9 @@ "ec2:RevokeSecurityGroupIngress", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools", + "elasticloadbalancing:ModifyListenerAttributes", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", @@ -1623,7 +1632,7 @@ }, "Release": "aws-load-balancer-controller", "Chart": "aws-load-balancer-controller", - "Version": "1.8.2", + "Version": "1.13.3", "Wait": true, "Timeout": "900s", "Values": { @@ -1642,7 +1651,7 @@ { "Ref": "Vpc8378EB38" }, - "\",\"image\":{\"repository\":\"602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller\",\"tag\":\"v2.8.2\"},\"enableWafv2\":false}" + "\",\"image\":{\"repository\":\"602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller\",\"tag\":\"v2.13.3\"},\"enableWafv2\":false}" ] ] }, @@ -2022,10 +2031,6 @@ } }, "Handler": "framework.onEvent", - "LoggingConfig": { - "ApplicationLogLevel": "FATAL", - "LogFormat": "JSON" - }, "Role": { "Fn::GetAtt": [ "IngressPingerProviderframeworkonEventServiceRole89300FAD", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkclusteralbcontrollerintegDefaultTestDeployAssert5A4A7C6A.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkclusteralbcontrollerintegDefaultTestDeployAssert5A4A7C6A.assets.json index 905a84fc377f1..1dc5b1986ba8d 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkclusteralbcontrollerintegDefaultTestDeployAssert5A4A7C6A.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkclusteralbcontrollerintegDefaultTestDeployAssert5A4A7C6A.assets.json @@ -8,7 +8,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderC3126E77.nested.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderC3126E77.nested.template.json index 203c125f61864..22bb676cfe7dc 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderC3126E77.nested.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderC3126E77.nested.template.json @@ -306,10 +306,6 @@ } }, "Handler": "framework.onEvent", - "LoggingConfig": { - "ApplicationLogLevel": "FATAL", - "LogFormat": "JSON" - }, "Role": { "Fn::GetAtt": [ "ProviderframeworkonEventServiceRole9FF04296", @@ -470,10 +466,6 @@ } }, "Handler": "framework.isComplete", - "LoggingConfig": { - "ApplicationLogLevel": "FATAL", - "LogFormat": "JSON" - }, "Role": { "Fn::GetAtt": [ "ProviderframeworkisCompleteServiceRoleB1087139", @@ -634,10 +626,6 @@ } }, "Handler": "framework.onTimeout", - "LoggingConfig": { - "ApplicationLogLevel": "FATAL", - "LogFormat": "JSON" - }, "Role": { "Fn::GetAtt": [ "ProviderframeworkonTimeoutServiceRole28643D26", @@ -727,6 +715,22 @@ ] } ] + }, + { + "Action": [ + "logs:CreateLogDelivery", + "logs:CreateLogStream", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutLogEvents", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ], + "Effect": "Allow", + "Resource": "*" } ], "Version": "2012-10-17" @@ -739,6 +743,26 @@ ] } }, + "ProviderwaiterstatemachineLogGroupDD693A98": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "LogGroupName": { + "Fn::Join": [ + "", + [ + "/aws/vendedlogs/states/waiter-state-machine-", + { + "Ref": "ProviderframeworkisComplete26D7B0CB" + }, + "-c871eac2d03f98bfe821ecde318bbe59eec566ee48" + ] + ] + }, + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, "Providerwaiterstatemachine5D4A9DF0": { "Type": "AWS::StepFunctions::StateMachine", "Properties": { @@ -764,6 +788,22 @@ ] ] }, + "LoggingConfiguration": { + "Destinations": [ + { + "CloudWatchLogsLogGroup": { + "LogGroupArn": { + "Fn::GetAtt": [ + "ProviderwaiterstatemachineLogGroupDD693A98", + "Arn" + ] + } + } + } + ], + "IncludeExecutionData": false, + "Level": "ERROR" + }, "RoleArn": { "Fn::GetAtt": [ "ProviderwaiterstatemachineRole0C7159F9", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksKubectlProvider935399DC.nested.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksKubectlProvider935399DC.nested.template.json index 7733c7be452a6..4d8efc9c8579f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksKubectlProvider935399DC.nested.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/awscdkeksclusteralbcontrollerawscdkawseksKubectlProvider935399DC.nested.template.json @@ -175,10 +175,6 @@ } }, "Handler": "framework.onEvent", - "LoggingConfig": { - "ApplicationLogLevel": "FATAL", - "LogFormat": "JSON" - }, "Role": { "Fn::GetAtt": [ "ProviderframeworkonEventServiceRole9FF04296", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/manifest.json index 1e87931135d88..64a329678fcf6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/880f1ce480dce782d907d62806595bf9548dddad11a217a688f738f3922a24b2.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/dd9acc2bd90302df9a11c481fa169f6ecc5e5a59c22661f182e6b352e6502a4a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -1101,8 +1101,6 @@ "runtime": "*", "handler": "*", "timeout": "*", - "logFormat": "*", - "applicationLogLevelV2": "FATAL", "logGroup": "*", "vpc": "*", "vpcSubnets": "*", @@ -1307,8 +1305,6 @@ "runtime": "*", "handler": "*", "timeout": "*", - "logFormat": "*", - "applicationLogLevelV2": "FATAL", "logGroup": "*", "vpc": "*", "vpcSubnets": "*", @@ -1488,8 +1484,6 @@ "runtime": "*", "handler": "*", "timeout": "*", - "logFormat": "*", - "applicationLogLevelV2": "FATAL", "logGroup": "*", "vpc": "*", "vpcSubnets": "*", @@ -1694,6 +1688,14 @@ ] } }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, { "type": "aws:cdk:analytics:method", "data": { @@ -1744,6 +1746,14 @@ ] } }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, { "type": "aws:cdk:analytics:method", "data": { @@ -1759,6 +1769,20 @@ "data": "ProviderwaiterstatemachineRoleDefaultPolicyD3C3DA1A" } ], + "/aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/LogGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "logGroupName": "*" + } + } + ], + "/aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ProviderwaiterstatemachineLogGroupDD693A98" + } + ], "/aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Resource": [ { "type": "aws:cdk:logicalId", @@ -1870,8 +1894,6 @@ "runtime": "*", "handler": "*", "timeout": "*", - "logFormat": "*", - "applicationLogLevelV2": "FATAL", "logGroup": "*", "vpc": "*", "vpcSubnets": { @@ -2541,8 +2563,6 @@ "runtime": "*", "handler": "*", "timeout": "*", - "logFormat": "*", - "applicationLogLevelV2": "FATAL", "logGroup": "*", "vpc": "*", "vpcSubnets": "*", @@ -3079,6 +3099,10 @@ "recommendedValue": true, "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model." }, + "@aws-cdk/core:explicitStackTags": { + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { "userValue": false, "recommendedValue": false, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/tree.json index 9d3a867704c7f..181aa8aee1771 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-eks-cluster-alb-controller":{"id":"aws-cdk-eks-cluster-alb-controller","path":"aws-cdk-eks-cluster-alb-controller","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Vpc":{"id":"Vpc","path":"aws-cdk-eks-cluster-alb-controller/Vpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","natGateways":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Vpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"}}}},"EIP":{"id":"EIP","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet1EIPD7E02669","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"}}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"},"subnetId":{"Ref":"VpcPrivateSubnet1Subnet536B997A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"},"subnetId":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-eks-cluster-alb-controller/Vpc/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-eks-cluster-alb-controller/Vpc/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VpcIGWD7BA715C"},"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"KubectlLayer":{"id":"KubectlLayer","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer","constructInfo":{"fqn":"@aws-cdk/lambda-layer-kubectl-v30.KubectlV30Layer","version":"2.0.4","metadata":["*"]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip"},"description":"/opt/kubectl/kubectl 1.30; /opt/helm/helm 3.17.1","licenseInfo":"Apache-2.0"}}}}},"Cluster":{"id":"Cluster","path":"aws-cdk-eks-cluster-alb-controller/Cluster","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.Cluster","version":"0.0.0","metadata":[{"vpc":"*","version":"*","kubectlLayer":"*","albController":{"version":"*","additionalHelmChartValues":{"enableWafv2":false}}},{"addNodegroupCapacity":["*",{"minSize":"*"}]},{"getIngressLoadBalancerAddress":["*",{"timeout":"*"}]}]},"children":{"KubectlHandlerRole":{"id":"KubectlHandlerRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportKubectlHandlerRole":{"id":"ImportKubectlHandlerRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/ImportKubectlHandlerRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]]},{"Fn::If":["ClusterHasEcrPublic8EE1114E",{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly"]]},{"Ref":"AWS::NoValue"}]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"eks:DescribeCluster","Effect":"Allow","Resource":{"Fn::GetAtt":["Cluster9EE0221C","Arn"]}},{"Action":"sts:AssumeRole","Effect":"Allow","Resource":{"Fn::GetAtt":["ClusterCreationRole360249B6","Arn"]}}],"Version":"2012-10-17"},"policyName":"ClusterKubectlHandlerRoleDefaultPolicyE44083DD","roles":[{"Ref":"ClusterKubectlHandlerRole94549F93"}]}}}}}}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"eks.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKSClusterPolicy"]]}]}}}}},"ControlPlaneSecurityGroup":{"id":"ControlPlaneSecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ControlPlaneSecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ControlPlaneSecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"EKS Control Plane Security Group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"CreationRole":{"id":"CreationRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"grant":["*","*"]}]},"children":{"ImportCreationRole":{"id":"ImportCreationRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/ImportCreationRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"AWS":[{"Fn::GetAtt":["ClusterKubectlHandlerRole94549F93","Arn"]},{"Fn::GetAtt":["awscdkawseksClusterResourceProviderNestedStackawscdkawseksClusterResourceProviderNestedStackResource9827C454","Outputs.awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn"]},{"Fn::GetAtt":["awscdkawseksClusterResourceProviderNestedStackawscdkawseksClusterResourceProviderNestedStackResource9827C454","Outputs.awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn"]}]}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"iam:PassRole","Effect":"Allow","Resource":{"Fn::GetAtt":["ClusterRoleFA261979","Arn"]}},{"Action":["eks:CreateCluster","eks:CreateFargateProfile","eks:DeleteCluster","eks:DescribeCluster","eks:DescribeUpdate","eks:TagResource","eks:UntagResource","eks:UpdateClusterConfig","eks:UpdateClusterVersion"],"Effect":"Allow","Resource":"*"},{"Action":["eks:DeleteFargateProfile","eks:DescribeFargateProfile"],"Effect":"Allow","Resource":"*"},{"Action":["ec2:DescribeDhcpOptions","ec2:DescribeInstances","ec2:DescribeNetworkInterfaces","ec2:DescribeRouteTables","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:DescribeVpcs","iam:CreateServiceLinkedRole","iam:GetRole","iam:listAttachedRolePolicies"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"ClusterCreationRoleDefaultPolicyE8BDFC7B","roles":[{"Ref":"ClusterCreationRole360249B6"}]}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*","*","*","*","*","*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"KubectlReadyBarrier":{"id":"KubectlReadyBarrier","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlReadyBarrier","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"ClusterSecurityGroup":{"id":"ClusterSecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ClusterSecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"HasEcrPublic":{"id":"HasEcrPublic","path":"aws-cdk-eks-cluster-alb-controller/Cluster/HasEcrPublic","constructInfo":{"fqn":"aws-cdk-lib.CfnCondition","version":"0.0.0"}},"OpenIdConnectProvider":{"id":"OpenIdConnectProvider","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.OpenIdConnectProvider","version":"0.0.0","metadata":[{"url":"*"},{"url":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"AwsAuth":{"id":"AwsAuth","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.AwsAuth","version":"0.0.0"},"children":{"manifest":{"id":"manifest","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"NodegroupDefaultCapacity":{"id":"NodegroupDefaultCapacity","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.Nodegroup","version":"0.0.0","metadata":[{"cluster":"*","instanceTypes":"*","minSize":"*"}]},"children":{"NodeGroupRole":{"id":"NodeGroupRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]}]},"children":{"ImportNodeGroupRole":{"id":"ImportNodeGroupRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole/ImportNodeGroupRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKSWorkerNodePolicy"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKS_CNI_Policy"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]]}]}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.CfnNodegroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EKS::Nodegroup","aws:cdk:cloudformation:props":{"amiType":"AL2_x86_64","clusterName":{"Ref":"Cluster9EE0221C"},"forceUpdateEnabled":true,"instanceTypes":["m5.large"],"nodeRole":{"Fn::GetAtt":["ClusterNodegroupDefaultCapacityNodeGroupRole55953B04","Arn"]},"scalingConfig":{"desiredSize":2,"maxSize":2,"minSize":2},"subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}]}}}}},"echo-server":{"id":"echo-server","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress":{"id":"hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesObjectValue","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"@aws-cdk--aws-eks.ClusterResourceProvider":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.NestedStack","version":"0.0.0"},"children":{"NodeProxyAgentLayer":{"id":"NodeProxyAgentLayer","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer","constructInfo":{"fqn":"aws-cdk-lib.lambda_layer_node_proxy_agent.NodeProxyAgentLayer","version":"0.0.0","metadata":[{}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip"},"description":"/opt/nodejs/node_modules/proxy-agent"}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"OnEventHandler":{"id":"OnEventHandler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"description":"*","environment":"*","timeout":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","layers":["*"],"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"75f7b6a23d8f39fbba91063166ea824a6b248a2b6eb9e9f6ce75ac58d33a1941.zip"},"description":"onEvent handler for EKS cluster resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.onEvent","layers":[{"Ref":"NodeProxyAgentLayer924C1971"}],"role":{"Fn::GetAtt":["OnEventHandlerServiceRole15A26729","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":60}}}}},"IsCompleteHandler":{"id":"IsCompleteHandler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"description":"*","environment":"*","timeout":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","layers":["*"],"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"75f7b6a23d8f39fbba91063166ea824a6b248a2b6eb9e9f6ce75ac58d33a1941.zip"},"description":"isComplete handler for EKS cluster resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.isComplete","layers":[{"Ref":"NodeProxyAgentLayer924C1971"}],"role":{"Fn::GetAtt":["IsCompleteHandlerServiceRole5810CC58","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":60}}}}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logFormat":"*","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]},{"Action":"states:StartExecution","Effect":"Allow","Resource":{"Ref":"Providerwaiterstatemachine5D4A9DF0"}}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonEventServiceRoleDefaultPolicy48CD2133","roles":[{"Ref":"ProviderframeworkonEventServiceRole9FF04296"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},"WAITER_STATE_MACHINE_ARN":{"Ref":"Providerwaiterstatemachine5D4A9DF0"}}},"handler":"framework.onEvent","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["ProviderframeworkonEventServiceRole9FF04296","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"framework-isComplete":{"id":"framework-isComplete","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logFormat":"*","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]}],"Version":"2012-10-17"},"policyName":"ProviderframeworkisCompleteServiceRoleDefaultPolicy2E7140AC","roles":[{"Ref":"ProviderframeworkisCompleteServiceRoleB1087139"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - isComplete (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]}}},"handler":"framework.isComplete","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["ProviderframeworkisCompleteServiceRoleB1087139","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"framework-onTimeout":{"id":"framework-onTimeout","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logFormat":"*","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonTimeoutServiceRoleDefaultPolicy2688969F","roles":[{"Ref":"ProviderframeworkonTimeoutServiceRole28643D26"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onTimeout (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]}}},"handler":"framework.onTimeout","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["ProviderframeworkonTimeoutServiceRole28643D26","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"waiter-state-machine":{"id":"waiter-state-machine","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.WaiterStateMachine","version":"0.0.0"},"children":{"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"states.amazonaws.com"}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},":*"]]}]}],"Version":"2012-10-17"},"policyName":"ProviderwaiterstatemachineRoleDefaultPolicyD3C3DA1A","roles":[{"Ref":"ProviderwaiterstatemachineRole0C7159F9"}]}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_stepfunctions.CfnStateMachine","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::StepFunctions::StateMachine","aws:cdk:cloudformation:props":{"definitionString":{"Fn::Join":["",["{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":60,\"MaxAttempts\":60,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"",{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},"\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"",{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},"\"}}}"]]},"roleArn":{"Fn::GetAtt":["ProviderwaiterstatemachineRole0C7159F9","Arn"]}}}}}}}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}}}},"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource","constructInfo":{"fqn":"aws-cdk-lib.CfnStack","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFormation::Stack","aws:cdk:cloudformation:props":{"templateUrl":{"Fn::Join":["",["https://s3.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"},"/",{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"/765ef6fa51b285b0c95845b543ef922a05bd8170ea38e5d4c2abffa90da40afc.json"]]}}}}}},"@aws-cdk--aws-eks.KubectlProvider":{"id":"@aws-cdk--aws-eks.KubectlProvider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubectlProvider","version":"0.0.0"},"children":{"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"timeout":"*","description":"*","memorySize":"*","environment":"*","role":"*","vpc":"*","securityGroups":["*"],"vpcSubnets":{"subnets":["*","*"]},"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]},{"addLayers":["*"]}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"c491874c6f9e547809cebf58ee410359efeaa16c82cafaf131b323fd1f502f2c.zip"},"description":"onEvent handler for EKS kubectl resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.handler","layers":[{"Ref":"AwsCliLayerF44AAF94"},{"Ref":"referencetoawscdkeksclusteralbcontrollerKubectlLayer4221D1EERef"}],"memorySize":1024,"role":{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn"},"runtime":"python3.11","timeout":900,"vpcConfig":{"subnetIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef"},{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref"}],"securityGroupIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId"}]}}}}}},"AwsCliLayer":{"id":"AwsCliLayer","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer","constructInfo":{"fqn":"aws-cdk-lib.lambda_layer_awscli.AwsCliLayer","version":"0.0.0","metadata":[{}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip"},"description":"/opt/awscli/aws"}}}}},"ConditionalPolicyArn":{"id":"ConditionalPolicyArn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/ConditionalPolicyArn","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"conditionalPolicy":{"id":"conditionalPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/conditionalPolicy","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logFormat":"*","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":{"subnets":["*","*"]},"securityGroups":["*"],"role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"},{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["Handler886CB40B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["Handler886CB40B","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["Handler886CB40B","Arn"]}}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonEventServiceRoleDefaultPolicy48CD2133","roles":[{"Ref":"ProviderframeworkonEventServiceRole9FF04296"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["Handler886CB40B","Arn"]}}},"handler":"framework.onEvent","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["ProviderframeworkonEventServiceRole9FF04296","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900,"vpcConfig":{"subnetIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef"},{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref"}],"securityGroupIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId"}]}}}}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef":{"id":"reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn":{"id":"reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef":{"id":"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref":{"id":"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId":{"id":"reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}}}},"@aws-cdk--aws-eks.KubectlProvider.NestedStack":{"id":"@aws-cdk--aws-eks.KubectlProvider.NestedStack","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider.NestedStack","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"@aws-cdk--aws-eks.KubectlProvider.NestedStackResource":{"id":"@aws-cdk--aws-eks.KubectlProvider.NestedStackResource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider.NestedStack/@aws-cdk--aws-eks.KubectlProvider.NestedStackResource","constructInfo":{"fqn":"aws-cdk-lib.CfnStack","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFormation::Stack","aws:cdk:cloudformation:props":{"parameters":{"referencetoawscdkeksclusteralbcontrollerKubectlLayer4221D1EERef":{"Ref":"KubectlLayer600207B5"},"referencetoawscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn":{"Fn::GetAtt":["ClusterKubectlHandlerRole94549F93","Arn"]},"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef":{"Ref":"VpcPrivateSubnet1Subnet536B997A"},"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"},"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId":{"Fn::GetAtt":["Cluster9EE0221C","ClusterSecurityGroupId"]}},"templateUrl":{"Fn::Join":["",["https://s3.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"},"/",{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"/abcf277699474780b06cdd38f8f76c2b12c15a0cb01c6773af28bae23ce4648a.json"]]}}}}}},"awscdkeksclusteralbcontrollerCluster0686D58B-AlbController":{"id":"awscdkeksclusteralbcontrollerCluster0686D58B-AlbController","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.AlbController","version":"0.0.0"},"children":{"alb-sa":{"id":"alb-sa","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.ServiceAccount","version":"0.0.0"},"children":{"ConditionJson":{"id":"ConditionJson","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson","constructInfo":{"fqn":"aws-cdk-lib.CfnJson","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRoleWithWebIdentity","Condition":{"StringEquals":{"Fn::GetAtt":["awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaConditionJson853930C0","Value"]}},"Effect":"Allow","Principal":{"Federated":{"Ref":"ClusterOpenIdConnectProviderE7EB0530"}}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"iam:CreateServiceLinkedRole","Condition":{"StringEquals":{"iam:AWSServiceName":"elasticloadbalancing.amazonaws.com"}},"Effect":"Allow","Resource":"*"},{"Action":["acm:DescribeCertificate","acm:ListCertificates","cognito-idp:DescribeUserPoolClient","ec2:AuthorizeSecurityGroupIngress","ec2:CreateSecurityGroup","ec2:DescribeAccountAttributes","ec2:DescribeAddresses","ec2:DescribeAvailabilityZones","ec2:DescribeCoipPools","ec2:DescribeInstances","ec2:DescribeInternetGateways","ec2:DescribeNetworkInterfaces","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:DescribeTags","ec2:DescribeVpcPeeringConnections","ec2:DescribeVpcs","ec2:GetCoipPoolUsage","ec2:RevokeSecurityGroupIngress","elasticloadbalancing:AddListenerCertificates","elasticloadbalancing:CreateListener","elasticloadbalancing:CreateRule","elasticloadbalancing:DeleteListener","elasticloadbalancing:DeleteRule","elasticloadbalancing:DescribeListenerCertificates","elasticloadbalancing:DescribeListeners","elasticloadbalancing:DescribeLoadBalancerAttributes","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeRules","elasticloadbalancing:DescribeSSLPolicies","elasticloadbalancing:DescribeTags","elasticloadbalancing:DescribeTargetGroupAttributes","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth","elasticloadbalancing:DescribeTrustStores","elasticloadbalancing:ModifyListener","elasticloadbalancing:ModifyRule","elasticloadbalancing:RemoveListenerCertificates","elasticloadbalancing:SetWebAcl","iam:GetServerCertificate","iam:ListServerCertificates","shield:CreateProtection","shield:DeleteProtection","shield:DescribeProtection","shield:GetSubscriptionState","waf-regional:AssociateWebACL","waf-regional:DisassociateWebACL","waf-regional:GetWebACL","waf-regional:GetWebACLForResource","wafv2:AssociateWebACL","wafv2:DisassociateWebACL","wafv2:GetWebACL","wafv2:GetWebACLForResource"],"Effect":"Allow","Resource":"*"},{"Action":"ec2:CreateTags","Condition":{"StringEquals":{"ec2:CreateAction":"CreateSecurityGroup"},"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":ec2:*:*:security-group/*"]]}},{"Action":["ec2:CreateTags","ec2:DeleteTags"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"true","aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":ec2:*:*:security-group/*"]]}},{"Action":["ec2:AuthorizeSecurityGroupIngress","ec2:DeleteSecurityGroup","ec2:RevokeSecurityGroupIngress","elasticloadbalancing:DeleteLoadBalancer","elasticloadbalancing:DeleteTargetGroup","elasticloadbalancing:ModifyLoadBalancerAttributes","elasticloadbalancing:ModifyTargetGroup","elasticloadbalancing:ModifyTargetGroupAttributes","elasticloadbalancing:SetIpAddressType","elasticloadbalancing:SetSecurityGroups","elasticloadbalancing:SetSubnets"],"Condition":{"Null":{"aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":"*"},{"Action":["elasticloadbalancing:CreateLoadBalancer","elasticloadbalancing:CreateTargetGroup"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":"*"},{"Action":["elasticloadbalancing:AddTags","elasticloadbalancing:RemoveTags"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"true","aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/app/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/net/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}]},{"Action":["elasticloadbalancing:AddTags","elasticloadbalancing:RemoveTags"],"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener-rule/app/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener-rule/net/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener/app/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener/net/*/*/*"]]}]},{"Action":"elasticloadbalancing:AddTags","Condition":{"StringEquals":{"elasticloadbalancing:CreateAction":["CreateTargetGroup","CreateLoadBalancer"]},"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/app/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/net/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}]},{"Action":["elasticloadbalancing:DeregisterTargets","elasticloadbalancing:RegisterTargets"],"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}}],"Version":"2012-10-17"},"policyName":"awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaRoleDefaultPolicy0BB22F48","roles":[{"Ref":"awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaRoleE08C7B02"}]}}}}}}},"manifest-alb-saServiceAccountResource":{"id":"manifest-alb-saServiceAccountResource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.HelmChart","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider":{"id":"Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"AWSCDKCfnUtilsProviderCustomResourceProvider":{"id":"AWSCDKCfnUtilsProviderCustomResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"IngressPinger":{"id":"IngressPinger","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Function":{"id":"Function","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","handler":"*","runtime":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","timeout":"*"}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"},{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":"*","allowAllIpv6Outbound":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Automatic security group for Lambda Function awscdkeksclusteralbcontrollerIngressPingerFunctionCB8DD6F2","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"5f49893093e1ad14831626016699156d48da5f0890f19eb930bc3c46cf5f636d.zip"},"handler":"index.handler","role":{"Fn::GetAtt":["IngressPingerFunctionServiceRoleD01E9C19","Arn"]},"runtime":"python3.9","timeout":600,"vpcConfig":{"subnetIds":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroupIds":[{"Fn::GetAtt":["IngressPingerFunctionSecurityGroup77C60B1A","GroupId"]}]}}}}}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logFormat":"*","applicationLogLevelV2":"FATAL","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]}}],"Version":"2012-10-17"},"policyName":"IngressPingerProviderframeworkonEventServiceRoleDefaultPolicy7CC73E26","roles":[{"Ref":"IngressPingerProviderframeworkonEventServiceRole89300FAD"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]}}},"handler":"framework.onEvent","loggingConfig":{"logFormat":"JSON","applicationLogLevel":"FATAL"},"role":{"Fn::GetAtt":["IngressPingerProviderframeworkonEventServiceRole89300FAD","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"IngressPingerResponse":{"id":"IngressPingerResponse","path":"aws-cdk-eks-cluster-alb-controller/IngressPingerResponse","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-eks-cluster-alb-controller/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-eks-cluster-alb-controller/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"aws-cdk-cluster-alb-controller-integ":{"id":"aws-cdk-cluster-alb-controller-integ","path":"aws-cdk-cluster-alb-controller-integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-cdk-eks-cluster-alb-controller":{"id":"aws-cdk-eks-cluster-alb-controller","path":"aws-cdk-eks-cluster-alb-controller","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Vpc":{"id":"Vpc","path":"aws-cdk-eks-cluster-alb-controller/Vpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","natGateways":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Vpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"}}}},"EIP":{"id":"EIP","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet1EIPD7E02669","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"}}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"},"subnetId":{"Ref":"VpcPrivateSubnet1Subnet536B997A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"kubernetes.io/role/internal-elb","value":"1"},{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"},"subnetId":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-cdk-eks-cluster-alb-controller/Vpc/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"}}}}}},"IGW":{"id":"IGW","path":"aws-cdk-eks-cluster-alb-controller/Vpc/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-cdk-eks-cluster-alb-controller/Vpc"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-cdk-eks-cluster-alb-controller/Vpc/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VpcIGWD7BA715C"},"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"KubectlLayer":{"id":"KubectlLayer","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer","constructInfo":{"fqn":"@aws-cdk/lambda-layer-kubectl-v30.KubectlV30Layer","version":"2.0.4","metadata":["*"]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/KubectlLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"9953ad4c3e84d120643ece4b2e51caf43fd9850063641b4d78bf30fbe6b4d381.zip"},"description":"/opt/kubectl/kubectl 1.30; /opt/helm/helm 3.17.1","licenseInfo":"Apache-2.0"}}}}},"Cluster":{"id":"Cluster","path":"aws-cdk-eks-cluster-alb-controller/Cluster","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.Cluster","version":"0.0.0","metadata":[{"vpc":"*","version":"*","kubectlLayer":"*","albController":{"version":"*","additionalHelmChartValues":{"enableWafv2":false}}},{"addNodegroupCapacity":["*",{"minSize":"*"}]},{"getIngressLoadBalancerAddress":["*",{"timeout":"*"}]}]},"children":{"KubectlHandlerRole":{"id":"KubectlHandlerRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportKubectlHandlerRole":{"id":"ImportKubectlHandlerRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/ImportKubectlHandlerRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]]},{"Fn::If":["ClusterHasEcrPublic8EE1114E",{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly"]]},{"Ref":"AWS::NoValue"}]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlHandlerRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"eks:DescribeCluster","Effect":"Allow","Resource":{"Fn::GetAtt":["Cluster9EE0221C","Arn"]}},{"Action":"sts:AssumeRole","Effect":"Allow","Resource":{"Fn::GetAtt":["ClusterCreationRole360249B6","Arn"]}}],"Version":"2012-10-17"},"policyName":"ClusterKubectlHandlerRoleDefaultPolicyE44083DD","roles":[{"Ref":"ClusterKubectlHandlerRole94549F93"}]}}}}}}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"eks.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKSClusterPolicy"]]}]}}}}},"ControlPlaneSecurityGroup":{"id":"ControlPlaneSecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ControlPlaneSecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ControlPlaneSecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"EKS Control Plane Security Group","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"CreationRole":{"id":"CreationRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"grant":["*","*"]}]},"children":{"ImportCreationRole":{"id":"ImportCreationRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/ImportCreationRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"AWS":[{"Fn::GetAtt":["ClusterKubectlHandlerRole94549F93","Arn"]},{"Fn::GetAtt":["awscdkawseksClusterResourceProviderNestedStackawscdkawseksClusterResourceProviderNestedStackResource9827C454","Outputs.awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn"]},{"Fn::GetAtt":["awscdkawseksClusterResourceProviderNestedStackawscdkawseksClusterResourceProviderNestedStackResource9827C454","Outputs.awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn"]}]}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/CreationRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"iam:PassRole","Effect":"Allow","Resource":{"Fn::GetAtt":["ClusterRoleFA261979","Arn"]}},{"Action":["eks:CreateCluster","eks:CreateFargateProfile","eks:DeleteCluster","eks:DescribeCluster","eks:DescribeUpdate","eks:TagResource","eks:UntagResource","eks:UpdateClusterConfig","eks:UpdateClusterVersion"],"Effect":"Allow","Resource":"*"},{"Action":["eks:DeleteFargateProfile","eks:DescribeFargateProfile"],"Effect":"Allow","Resource":"*"},{"Action":["ec2:DescribeDhcpOptions","ec2:DescribeInstances","ec2:DescribeNetworkInterfaces","ec2:DescribeRouteTables","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:DescribeVpcs","iam:CreateServiceLinkedRole","iam:GetRole","iam:listAttachedRolePolicies"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"ClusterCreationRoleDefaultPolicyE8BDFC7B","roles":[{"Ref":"ClusterCreationRole360249B6"}]}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*","*","*","*","*","*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/Resource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"KubectlReadyBarrier":{"id":"KubectlReadyBarrier","path":"aws-cdk-eks-cluster-alb-controller/Cluster/KubectlReadyBarrier","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"ClusterSecurityGroup":{"id":"ClusterSecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/Cluster/ClusterSecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"HasEcrPublic":{"id":"HasEcrPublic","path":"aws-cdk-eks-cluster-alb-controller/Cluster/HasEcrPublic","constructInfo":{"fqn":"aws-cdk-lib.CfnCondition","version":"0.0.0"}},"OpenIdConnectProvider":{"id":"OpenIdConnectProvider","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.OpenIdConnectProvider","version":"0.0.0","metadata":[{"url":"*"},{"url":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/OpenIdConnectProvider/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"AwsAuth":{"id":"AwsAuth","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.AwsAuth","version":"0.0.0"},"children":{"manifest":{"id":"manifest","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/AwsAuth/manifest/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"NodegroupDefaultCapacity":{"id":"NodegroupDefaultCapacity","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.Nodegroup","version":"0.0.0","metadata":[{"cluster":"*","instanceTypes":"*","minSize":"*"}]},"children":{"NodeGroupRole":{"id":"NodeGroupRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]},{"addManagedPolicy":[{"managedPolicyArn":"*"}]}]},"children":{"ImportNodeGroupRole":{"id":"ImportNodeGroupRole","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole/ImportNodeGroupRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/NodeGroupRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKSWorkerNodePolicy"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEKS_CNI_Policy"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]]}]}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/NodegroupDefaultCapacity/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.CfnNodegroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EKS::Nodegroup","aws:cdk:cloudformation:props":{"amiType":"AL2_x86_64","clusterName":{"Ref":"Cluster9EE0221C"},"forceUpdateEnabled":true,"instanceTypes":["m5.large"],"nodeRole":{"Fn::GetAtt":["ClusterNodegroupDefaultCapacityNodeGroupRole55953B04","Arn"]},"scalingConfig":{"desiredSize":2,"maxSize":2,"minSize":2},"subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}]}}}}},"echo-server":{"id":"echo-server","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/echo-server/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress":{"id":"hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesObjectValue","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/Cluster/hello-server-deployment-service-ingress-c896bd7eLoadBalancerAddress/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"@aws-cdk--aws-eks.ClusterResourceProvider":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.NestedStack","version":"0.0.0"},"children":{"NodeProxyAgentLayer":{"id":"NodeProxyAgentLayer","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer","constructInfo":{"fqn":"aws-cdk-lib.lambda_layer_node_proxy_agent.NodeProxyAgentLayer","version":"0.0.0","metadata":[{}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/NodeProxyAgentLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"93d96d34e0d3cd20eb082652b91012b131bdc34fcf2bc16eb4170e04772fddb1.zip"},"description":"/opt/nodejs/node_modules/proxy-agent"}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"OnEventHandler":{"id":"OnEventHandler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"description":"*","environment":"*","timeout":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","layers":["*"],"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/OnEventHandler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"75f7b6a23d8f39fbba91063166ea824a6b248a2b6eb9e9f6ce75ac58d33a1941.zip"},"description":"onEvent handler for EKS cluster resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.onEvent","layers":[{"Ref":"NodeProxyAgentLayer924C1971"}],"role":{"Fn::GetAtt":["OnEventHandlerServiceRole15A26729","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":60}}}}},"IsCompleteHandler":{"id":"IsCompleteHandler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"description":"*","environment":"*","timeout":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","layers":["*"],"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/IsCompleteHandler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"75f7b6a23d8f39fbba91063166ea824a6b248a2b6eb9e9f6ce75ac58d33a1941.zip"},"description":"isComplete handler for EKS cluster resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.isComplete","layers":[{"Ref":"NodeProxyAgentLayer924C1971"}],"role":{"Fn::GetAtt":["IsCompleteHandlerServiceRole5810CC58","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":60}}}}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]},{"Action":"states:StartExecution","Effect":"Allow","Resource":{"Ref":"Providerwaiterstatemachine5D4A9DF0"}}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonEventServiceRoleDefaultPolicy48CD2133","roles":[{"Ref":"ProviderframeworkonEventServiceRole9FF04296"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},"WAITER_STATE_MACHINE_ARN":{"Ref":"Providerwaiterstatemachine5D4A9DF0"}}},"handler":"framework.onEvent","role":{"Fn::GetAtt":["ProviderframeworkonEventServiceRole9FF04296","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"framework-isComplete":{"id":"framework-isComplete","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]}],"Version":"2012-10-17"},"policyName":"ProviderframeworkisCompleteServiceRoleDefaultPolicy2E7140AC","roles":[{"Ref":"ProviderframeworkisCompleteServiceRoleB1087139"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-isComplete/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - isComplete (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]}}},"handler":"framework.isComplete","role":{"Fn::GetAtt":["ProviderframeworkisCompleteServiceRoleB1087139","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"framework-onTimeout":{"id":"framework-onTimeout","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]},{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]}]}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonTimeoutServiceRoleDefaultPolicy2688969F","roles":[{"Ref":"ProviderframeworkonTimeoutServiceRole28643D26"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/framework-onTimeout/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onTimeout (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["OnEventHandler42BEBAE0","Arn"]},"USER_IS_COMPLETE_FUNCTION_ARN":{"Fn::GetAtt":["IsCompleteHandler7073F4DA","Arn"]}}},"handler":"framework.onTimeout","role":{"Fn::GetAtt":["ProviderframeworkonTimeoutServiceRole28643D26","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}},"waiter-state-machine":{"id":"waiter-state-machine","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.WaiterStateMachine","version":"0.0.0"},"children":{"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"states.amazonaws.com"}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Role/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},":*"]]},{"Fn::Join":["",[{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},":*"]]}]},{"Action":["logs:CreateLogDelivery","logs:CreateLogStream","logs:DeleteLogDelivery","logs:DescribeLogGroups","logs:DescribeResourcePolicies","logs:GetLogDelivery","logs:ListLogDeliveries","logs:PutLogEvents","logs:PutResourcePolicy","logs:UpdateLogDelivery"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"policyName":"ProviderwaiterstatemachineRoleDefaultPolicyD3C3DA1A","roles":[{"Ref":"ProviderwaiterstatemachineRole0C7159F9"}]}}}}}}},"LogGroup":{"id":"LogGroup","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/LogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"logGroupName":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/LogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{"logGroupName":{"Fn::Join":["",["/aws/vendedlogs/states/waiter-state-machine-",{"Ref":"ProviderframeworkisComplete26D7B0CB"},"-c871eac2d03f98bfe821ecde318bbe59eec566ee48"]]},"retentionInDays":731}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/Provider/waiter-state-machine/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_stepfunctions.CfnStateMachine","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::StepFunctions::StateMachine","aws:cdk:cloudformation:props":{"definitionString":{"Fn::Join":["",["{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":60,\"MaxAttempts\":60,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"",{"Fn::GetAtt":["ProviderframeworkisComplete26D7B0CB","Arn"]},"\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"",{"Fn::GetAtt":["ProviderframeworkonTimeout0B47CA38","Arn"]},"\"}}}"]]},"loggingConfiguration":{"destinations":[{"cloudWatchLogsLogGroup":{"logGroupArn":{"Fn::GetAtt":["ProviderwaiterstatemachineLogGroupDD693A98","Arn"]}}}],"includeExecutionData":false,"level":"ERROR"},"roleArn":{"Fn::GetAtt":["ProviderwaiterstatemachineRole0C7159F9","Arn"]}}}}}}}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderOnEventHandlerServiceRoleD37D32B7Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderIsCompleteHandlerServiceRole75085195Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider/awscdkeksclusteralbcontrollerawscdkawseksClusterResourceProviderframeworkonEvent9A4DBD44Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}}}},"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource":{"id":"@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStack/@aws-cdk--aws-eks.ClusterResourceProvider.NestedStackResource","constructInfo":{"fqn":"aws-cdk-lib.CfnStack","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFormation::Stack","aws:cdk:cloudformation:props":{"templateUrl":{"Fn::Join":["",["https://s3.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"},"/",{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"/f35ac439cc58dcf23012fb036da09eb7802e1096868b030abfe64f314cdfb4f3.json"]]}}}}}},"@aws-cdk--aws-eks.KubectlProvider":{"id":"@aws-cdk--aws-eks.KubectlProvider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubectlProvider","version":"0.0.0"},"children":{"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"timeout":"*","description":"*","memorySize":"*","environment":"*","role":"*","vpc":"*","securityGroups":["*"],"vpcSubnets":{"subnets":["*","*"]},"code":"*","handler":"*","runtime":"*"},{"addEnvironment":["*","*"]},{"addLayers":["*"]},{"addLayers":["*"]}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Handler/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"c491874c6f9e547809cebf58ee410359efeaa16c82cafaf131b323fd1f502f2c.zip"},"description":"onEvent handler for EKS kubectl resource provider","environment":{"variables":{"AWS_STS_REGIONAL_ENDPOINTS":"regional"}},"handler":"index.handler","layers":[{"Ref":"AwsCliLayerF44AAF94"},{"Ref":"referencetoawscdkeksclusteralbcontrollerKubectlLayer4221D1EERef"}],"memorySize":1024,"role":{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn"},"runtime":"python3.11","timeout":900,"vpcConfig":{"subnetIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef"},{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref"}],"securityGroupIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId"}]}}}}}},"AwsCliLayer":{"id":"AwsCliLayer","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer","constructInfo":{"fqn":"aws-cdk-lib.lambda_layer_awscli.AwsCliLayer","version":"0.0.0","metadata":[{}]},"children":{"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/AwsCliLayer/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnLayerVersion","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::LayerVersion","aws:cdk:cloudformation:props":{"content":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"c49d356cac773d491c5f7ac148995a1181498a8e289429f8612a7f7e3814f535.zip"},"description":"/opt/awscli/aws"}}}}},"ConditionalPolicyArn":{"id":"ConditionalPolicyArn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/ConditionalPolicyArn","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"conditionalPolicy":{"id":"conditionalPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/conditionalPolicy","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":{"subnets":["*","*"]},"securityGroups":["*"],"role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"},{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["Handler886CB40B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["Handler886CB40B","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["Handler886CB40B","Arn"]}}],"Version":"2012-10-17"},"policyName":"ProviderframeworkonEventServiceRoleDefaultPolicy48CD2133","roles":[{"Ref":"ProviderframeworkonEventServiceRole9FF04296"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["Handler886CB40B","Arn"]}}},"handler":"framework.onEvent","role":{"Fn::GetAtt":["ProviderframeworkonEventServiceRole9FF04296","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900,"vpcConfig":{"subnetIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef"},{"Ref":"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref"}],"securityGroupIds":[{"Ref":"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId"}]}}}}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn":{"id":"awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/awscdkeksclusteralbcontrollerawscdkawseksKubectlProviderframeworkonEvent17CBA575Arn","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef":{"id":"reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerKubectlLayer4221D1EERef","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn":{"id":"reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef":{"id":"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref":{"id":"reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId":{"id":"reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider/reference-to-awscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}}}},"@aws-cdk--aws-eks.KubectlProvider.NestedStack":{"id":"@aws-cdk--aws-eks.KubectlProvider.NestedStack","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider.NestedStack","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"@aws-cdk--aws-eks.KubectlProvider.NestedStackResource":{"id":"@aws-cdk--aws-eks.KubectlProvider.NestedStackResource","path":"aws-cdk-eks-cluster-alb-controller/@aws-cdk--aws-eks.KubectlProvider.NestedStack/@aws-cdk--aws-eks.KubectlProvider.NestedStackResource","constructInfo":{"fqn":"aws-cdk-lib.CfnStack","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::CloudFormation::Stack","aws:cdk:cloudformation:props":{"parameters":{"referencetoawscdkeksclusteralbcontrollerKubectlLayer4221D1EERef":{"Ref":"KubectlLayer600207B5"},"referencetoawscdkeksclusteralbcontrollerClusterKubectlHandlerRoleC392E7EDArn":{"Fn::GetAtt":["ClusterKubectlHandlerRole94549F93","Arn"]},"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet1SubnetE39C0DCCRef":{"Ref":"VpcPrivateSubnet1Subnet536B997A"},"referencetoawscdkeksclusteralbcontrollerVpcPrivateSubnet2SubnetAB95E4A2Ref":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"},"referencetoawscdkeksclusteralbcontrollerClusterABDFE911ClusterSecurityGroupId":{"Fn::GetAtt":["Cluster9EE0221C","ClusterSecurityGroupId"]}},"templateUrl":{"Fn::Join":["",["https://s3.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"},"/",{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"/79eea88c968b6c1449fdf954d6586a2e12b00c187f453783dcdbb341e0555ea9.json"]]}}}}}},"awscdkeksclusteralbcontrollerCluster0686D58B-AlbController":{"id":"awscdkeksclusteralbcontrollerCluster0686D58B-AlbController","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.AlbController","version":"0.0.0"},"children":{"alb-sa":{"id":"alb-sa","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.ServiceAccount","version":"0.0.0"},"children":{"ConditionJson":{"id":"ConditionJson","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson","constructInfo":{"fqn":"aws-cdk-lib.CfnJson","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/ConditionJson/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportRole":{"id":"ImportRole","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/ImportRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRoleWithWebIdentity","Condition":{"StringEquals":{"Fn::GetAtt":["awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaConditionJson853930C0","Value"]}},"Effect":"Allow","Principal":{"Federated":{"Ref":"ClusterOpenIdConnectProviderE7EB0530"}}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/Role/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"iam:CreateServiceLinkedRole","Condition":{"StringEquals":{"iam:AWSServiceName":"elasticloadbalancing.amazonaws.com"}},"Effect":"Allow","Resource":"*"},{"Action":["acm:DescribeCertificate","acm:ListCertificates","cognito-idp:DescribeUserPoolClient","ec2:AuthorizeSecurityGroupIngress","ec2:CreateSecurityGroup","ec2:DescribeAccountAttributes","ec2:DescribeAddresses","ec2:DescribeAvailabilityZones","ec2:DescribeCoipPools","ec2:DescribeInstances","ec2:DescribeInternetGateways","ec2:DescribeIpamPools","ec2:DescribeNetworkInterfaces","ec2:DescribeRouteTables","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:DescribeTags","ec2:DescribeVpcPeeringConnections","ec2:DescribeVpcs","ec2:GetCoipPoolUsage","ec2:GetSecurityGroupsForVpc","ec2:RevokeSecurityGroupIngress","elasticloadbalancing:AddListenerCertificates","elasticloadbalancing:CreateListener","elasticloadbalancing:CreateRule","elasticloadbalancing:DeleteListener","elasticloadbalancing:DeleteRule","elasticloadbalancing:DescribeCapacityReservation","elasticloadbalancing:DescribeListenerAttributes","elasticloadbalancing:DescribeListenerCertificates","elasticloadbalancing:DescribeListeners","elasticloadbalancing:DescribeLoadBalancerAttributes","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeRules","elasticloadbalancing:DescribeSSLPolicies","elasticloadbalancing:DescribeTags","elasticloadbalancing:DescribeTargetGroupAttributes","elasticloadbalancing:DescribeTargetGroups","elasticloadbalancing:DescribeTargetHealth","elasticloadbalancing:DescribeTrustStores","elasticloadbalancing:ModifyListener","elasticloadbalancing:ModifyRule","elasticloadbalancing:RemoveListenerCertificates","elasticloadbalancing:SetRulePriorities","elasticloadbalancing:SetWebAcl","iam:GetServerCertificate","iam:ListServerCertificates","shield:CreateProtection","shield:DeleteProtection","shield:DescribeProtection","shield:GetSubscriptionState","waf-regional:AssociateWebACL","waf-regional:DisassociateWebACL","waf-regional:GetWebACL","waf-regional:GetWebACLForResource","wafv2:AssociateWebACL","wafv2:DisassociateWebACL","wafv2:GetWebACL","wafv2:GetWebACLForResource"],"Effect":"Allow","Resource":"*"},{"Action":"ec2:CreateTags","Condition":{"StringEquals":{"ec2:CreateAction":"CreateSecurityGroup"},"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":ec2:*:*:security-group/*"]]}},{"Action":["ec2:CreateTags","ec2:DeleteTags"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"true","aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":ec2:*:*:security-group/*"]]}},{"Action":["ec2:AuthorizeSecurityGroupIngress","ec2:DeleteSecurityGroup","ec2:RevokeSecurityGroupIngress","elasticloadbalancing:DeleteLoadBalancer","elasticloadbalancing:DeleteTargetGroup","elasticloadbalancing:ModifyCapacityReservation","elasticloadbalancing:ModifyIpPools","elasticloadbalancing:ModifyListenerAttributes","elasticloadbalancing:ModifyLoadBalancerAttributes","elasticloadbalancing:ModifyTargetGroup","elasticloadbalancing:ModifyTargetGroupAttributes","elasticloadbalancing:SetIpAddressType","elasticloadbalancing:SetSecurityGroups","elasticloadbalancing:SetSubnets"],"Condition":{"Null":{"aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":"*"},{"Action":["elasticloadbalancing:CreateLoadBalancer","elasticloadbalancing:CreateTargetGroup"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":"*"},{"Action":["elasticloadbalancing:AddTags","elasticloadbalancing:RemoveTags"],"Condition":{"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"true","aws:ResourceTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/app/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/net/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}]},{"Action":["elasticloadbalancing:AddTags","elasticloadbalancing:RemoveTags"],"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener-rule/app/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener-rule/net/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener/app/*/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:listener/net/*/*/*"]]}]},{"Action":"elasticloadbalancing:AddTags","Condition":{"StringEquals":{"elasticloadbalancing:CreateAction":["CreateTargetGroup","CreateLoadBalancer"]},"Null":{"aws:RequestTag/elbv2.k8s.aws/cluster":"false"}},"Effect":"Allow","Resource":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/app/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:loadbalancer/net/*/*"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}]},{"Action":["elasticloadbalancing:DeregisterTargets","elasticloadbalancing:RegisterTargets"],"Effect":"Allow","Resource":{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":elasticloadbalancing:*:*:targetgroup/*/*"]]}}],"Version":"2012-10-17"},"policyName":"awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaRoleDefaultPolicy0BB22F48","roles":[{"Ref":"awscdkeksclusteralbcontrollerCluster0686D58BAlbControlleralbsaRoleE08C7B02"}]}}}}}}},"manifest-alb-saServiceAccountResource":{"id":"manifest-alb-saServiceAccountResource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.KubernetesManifest","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/alb-sa/manifest-alb-saServiceAccountResource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_eks.HelmChart","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/awscdkeksclusteralbcontrollerCluster0686D58B-AlbController/Resource/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}}}},"LatestNodeRuntimeMap":{"id":"LatestNodeRuntimeMap","path":"aws-cdk-eks-cluster-alb-controller/LatestNodeRuntimeMap","constructInfo":{"fqn":"aws-cdk-lib.CfnMapping","version":"0.0.0"}},"Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider":{"id":"Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/Custom::AWSCDKOpenIdConnectProviderCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"AWSCDKCfnUtilsProviderCustomResourceProvider":{"id":"AWSCDKCfnUtilsProviderCustomResourceProvider","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider","constructInfo":{"fqn":"aws-cdk-lib.CustomResourceProviderBase","version":"0.0.0"},"children":{"Staging":{"id":"Staging","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Staging","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"Role":{"id":"Role","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Role","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}},"Handler":{"id":"Handler","path":"aws-cdk-eks-cluster-alb-controller/AWSCDKCfnUtilsProviderCustomResourceProvider/Handler","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}},"IngressPinger":{"id":"IngressPinger","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Function":{"id":"Function","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","handler":"*","runtime":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","timeout":"*"}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"},{"managedPolicyArn":"*"}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]},{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]]}]}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":"*","allowAllIpv6Outbound":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Automatic security group for Lambda Function awscdkeksclusteralbcontrollerIngressPingerFunctionCB8DD6F2","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Function/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"5f49893093e1ad14831626016699156d48da5f0890f19eb930bc3c46cf5f636d.zip"},"handler":"index.handler","role":{"Fn::GetAtt":["IngressPingerFunctionServiceRoleD01E9C19","Arn"]},"runtime":"python3.9","timeout":600,"vpcConfig":{"subnetIds":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroupIds":[{"Fn::GetAtt":["IngressPingerFunctionSecurityGroup77C60B1A","GroupId"]}]}}}}}},"Provider":{"id":"Provider","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider","constructInfo":{"fqn":"aws-cdk-lib.custom_resources.Provider","version":"0.0.0"},"children":{"framework-onEvent":{"id":"framework-onEvent","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.Function","version":"0.0.0","metadata":[{"code":"*","description":"*","runtime":"*","handler":"*","timeout":"*","logGroup":"*","vpc":"*","vpcSubnets":"*","securityGroups":"*","role":"*","functionName":"*","environmentEncryption":"*"},{"addEnvironment":["*","*"]}]},"children":{"ServiceRole":{"id":"ServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]},{"addToPrincipalPolicy":[{}]}]},"children":{"ImportServiceRole":{"id":"ImportServiceRole","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/ImportServiceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]]}]}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":[{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]},":*"]]}]},{"Action":"lambda:GetFunction","Effect":"Allow","Resource":{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]}}],"Version":"2012-10-17"},"policyName":"IngressPingerProviderframeworkonEventServiceRoleDefaultPolicy7CC73E26","roles":[{"Ref":"IngressPingerProviderframeworkonEventServiceRole89300FAD"}]}}}}}}},"Code":{"id":"Code","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code","constructInfo":{"fqn":"aws-cdk-lib.aws_s3_assets.Asset","version":"0.0.0"},"children":{"Stage":{"id":"Stage","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code/Stage","constructInfo":{"fqn":"aws-cdk-lib.AssetStaging","version":"0.0.0"}},"AssetBucket":{"id":"AssetBucket","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Code/AssetBucket","constructInfo":{"fqn":"aws-cdk-lib.aws_s3.BucketBase","version":"0.0.0","metadata":[]}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider/framework-onEvent/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_lambda.CfnFunction","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Lambda::Function","aws:cdk:cloudformation:props":{"code":{"s3Bucket":{"Fn::Sub":"cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"},"s3Key":"39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip"},"description":"AWS CDK resource provider framework - onEvent (aws-cdk-eks-cluster-alb-controller/IngressPinger/Provider)","environment":{"variables":{"USER_ON_EVENT_FUNCTION_ARN":{"Fn::GetAtt":["IngressPingerFunction54746D9B","Arn"]}}},"handler":"framework.onEvent","role":{"Fn::GetAtt":["IngressPingerProviderframeworkonEventServiceRole89300FAD","Arn"]},"runtime":{"Fn::FindInMap":["LatestNodeRuntimeMap",{"Ref":"AWS::Region"},"value"]},"timeout":900}}}}}}},"Resource":{"id":"Resource","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Resource","constructInfo":{"fqn":"aws-cdk-lib.CustomResource","version":"0.0.0","metadata":["*","*"]},"children":{"Default":{"id":"Default","path":"aws-cdk-eks-cluster-alb-controller/IngressPinger/Resource/Default","constructInfo":{"fqn":"aws-cdk-lib.CfnResource","version":"0.0.0"}}}}}},"IngressPingerResponse":{"id":"IngressPingerResponse","path":"aws-cdk-eks-cluster-alb-controller/IngressPingerResponse","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-eks-cluster-alb-controller/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-eks-cluster-alb-controller/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"aws-cdk-cluster-alb-controller-integ":{"id":"aws-cdk-cluster-alb-controller-integ","path":"aws-cdk-cluster-alb-controller-integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-cdk-cluster-alb-controller-integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.ts index 1da01512c9983..1aae526f1e77b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.ts @@ -9,7 +9,7 @@ import { Pinger } from './pinger/pinger'; import * as eks from 'aws-cdk-lib/aws-eks'; import { IAM_OIDC_REJECT_UNAUTHORIZED_CONNECTIONS } from 'aws-cdk-lib/cx-api'; -const LATEST_VERSION: eks.AlbControllerVersion = eks.AlbControllerVersion.V2_8_2; +const LATEST_VERSION: eks.AlbControllerVersion = eks.AlbControllerVersion.V2_13_3; class EksClusterAlbControllerStack extends Stack { constructor(scope: App, id: string) { super(scope, id); diff --git a/packages/aws-cdk-lib/aws-eks/README.md b/packages/aws-cdk-lib/aws-eks/README.md index b7b8b8404c1f6..48af770a01b79 100644 --- a/packages/aws-cdk-lib/aws-eks/README.md +++ b/packages/aws-cdk-lib/aws-eks/README.md @@ -688,7 +688,7 @@ import { KubectlV33Layer } from '@aws-cdk/lambda-layer-kubectl-v33'; new eks.Cluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_33, albController: { - version: eks.AlbControllerVersion.V2_8_2, + version: eks.AlbControllerVersion.V2_13_3, }, kubectlLayer: new KubectlV33Layer(this, 'kubectl'), }); @@ -702,7 +702,7 @@ import { KubectlV33Layer } from '@aws-cdk/lambda-layer-kubectl-v33'; new eks.Cluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_33, albController: { - version: eks.AlbControllerVersion.V2_8_2, + version: eks.AlbControllerVersion.V2_13_3, additionalHelmChartValues: { enableWafv2: false } diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.0.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.0.json new file mode 100644 index 0000000000000..603c5b280b6ad --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.0.json @@ -0,0 +1,245 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.1.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.1.json new file mode 100644 index 0000000000000..603c5b280b6ad --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.10.1.json @@ -0,0 +1,245 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.11.0.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.11.0.json new file mode 100644 index 0000000000000..1a5b4d614b7ad --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.11.0.json @@ -0,0 +1,247 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.12.0.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.12.0.json new file mode 100644 index 0000000000000..fe197617025cf --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.12.0.json @@ -0,0 +1,250 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.0.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.0.json new file mode 100644 index 0000000000000..761d0e733c410 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.0.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.1.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.1.json new file mode 100644 index 0000000000000..761d0e733c410 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.1.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.2.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.2.json new file mode 100644 index 0000000000000..761d0e733c410 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.2.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.3.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.3.json new file mode 100644 index 0000000000000..761d0e733c410 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.13.3.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.8.3.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.8.3.json new file mode 100644 index 0000000000000..e8a05f8e64a16 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.8.3.json @@ -0,0 +1,242 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.0.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.0.json new file mode 100644 index 0000000000000..0480ec2db32b4 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.0.json @@ -0,0 +1,244 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.1.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.1.json new file mode 100644 index 0000000000000..0480ec2db32b4 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.1.json @@ -0,0 +1,244 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.2.json b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.2.json new file mode 100644 index 0000000000000..0480ec2db32b4 --- /dev/null +++ b/packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.9.2.json @@ -0,0 +1,244 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule" + ], + "Resource": "*" + } + ] +} diff --git a/packages/aws-cdk-lib/aws-eks/lib/alb-controller.ts b/packages/aws-cdk-lib/aws-eks/lib/alb-controller.ts index da378a568af8b..d4ba29c00b03c 100644 --- a/packages/aws-cdk-lib/aws-eks/lib/alb-controller.ts +++ b/packages/aws-cdk-lib/aws-eks/lib/alb-controller.ts @@ -186,6 +186,66 @@ export class AlbControllerVersion { */ public static readonly V2_8_2 = new AlbControllerVersion('v2.8.2', '1.8.2', false); + /** + * v2.8.3 + */ + public static readonly V2_8_3 = new AlbControllerVersion('v2.8.3', '1.8.4', false); + + /** + * v2.9.0 + */ + public static readonly V2_9_0 = new AlbControllerVersion('v2.9.0', '1.9.0', false); + + /** + * v2.9.1 + */ + public static readonly V2_9_1 = new AlbControllerVersion('v2.9.1', '1.9.1', false); + + /** + * v2.9.2 + */ + public static readonly V2_9_2 = new AlbControllerVersion('v2.9.2', '1.9.2', false); + + /** + * v2.10.0 + */ + public static readonly V2_10_0 = new AlbControllerVersion('v2.10.0', '1.10.0', false); + + /** + * v2.10.1 + */ + public static readonly V2_10_1 = new AlbControllerVersion('v2.10.1', '1.10.1', false); + + /** + * v2.11.0 + */ + public static readonly V2_11_0 = new AlbControllerVersion('v2.11.0', '1.11.0', false); + + /** + * v2.12.0 + */ + public static readonly V2_12_0 = new AlbControllerVersion('v2.12.0', '1.12.0', false); + + /** + * v2.13.0 + */ + public static readonly V2_13_0 = new AlbControllerVersion('v2.13.0', '1.13.0', false); + + /** + * v2.13.1 + */ + public static readonly V2_13_1 = new AlbControllerVersion('v2.13.1', '1.13.1', false); + + /** + * v2.13.2 + */ + public static readonly V2_13_2 = new AlbControllerVersion('v2.13.2', '1.13.2', false); + + /** + * v2.13.3 + */ + public static readonly V2_13_3 = new AlbControllerVersion('v2.13.3', '1.13.3', false); + /** * Specify a custom version and an associated helm chart version. * Use this if the version you need is not available in one of the predefined versions.