UNPKG

@taimos/cdk-controltower

Version:

[![npm version](https://badge.fury.io/js/@taimos%2Fcdk-controltower.svg)](https://badge.fury.io/js/@taimos%2Fcdk-controltower)

github.com/taimos/cdk-controltower

taimos/cdk-controltower

23 lines 3.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.LogBucketStack = void 0; const aws_cdk_lib_1 = require("aws-cdk-lib"); class LogBucketStack extends aws_cdk_lib_1.Stack { constructor(scope, id, props) { super(scope, id, props); const encryptionKey = new aws_cdk_lib_1.aws_kms.Key(this, 'FlowLogsKey', { enableKeyRotation: false, alias: 'vpc-flow-logs', }); encryptionKey.grantEncryptDecrypt(new aws_cdk_lib_1.aws_iam.ServicePrincipal('delivery.logs.amazonaws.com')); this.flowLogsBucketName = `${props.orgPrincipalEnv.account}-vpc-flow-logs`; const flowLogsBucket = new aws_cdk_lib_1.aws_s3.Bucket(this, 'FlowLogs', { blockPublicAccess: aws_cdk_lib_1.aws_s3.BlockPublicAccess.BLOCK_ALL, encryptionKey, bucketName: this.flowLogsBucketName, }); flowLogsBucket.grantReadWrite(new aws_cdk_lib_1.aws_iam.ServicePrincipal('delivery.logs.amazonaws.com')); } } exports.LogBucketStack = LogBucketStack; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9nLWJ1Y2tldHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvbG9nLWJ1Y2tldHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBTXFCO0FBTXJCLE1BQWEsY0FBZSxTQUFRLG1CQUFLO0lBSXZDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBMEI7UUFDbEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFFeEIsTUFBTSxhQUFhLEdBQUcsSUFBSSxxQkFBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsYUFBYSxFQUFFO1lBQ3JELGlCQUFpQixFQUFFLEtBQUs7WUFDeEIsS0FBSyxFQUFFLGVBQWU7U0FDdkIsQ0FBQyxDQUFDO1FBQ0gsYUFBYSxDQUFDLG1CQUFtQixDQUFDLElBQUkscUJBQUcsQ0FBQyxnQkFBZ0IsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDLENBQUM7UUFFM0YsSUFBSSxDQUFDLGtCQUFrQixHQUFHLEdBQUcsS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUFRLGdCQUFnQixDQUFDO1FBQzVFLE1BQU0sY0FBYyxHQUFHLElBQUksb0JBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUNyRCxpQkFBaUIsRUFBRSxvQkFBRSxDQUFDLGlCQUFpQixDQUFDLFNBQVM7WUFDakQsYUFBYTtZQUNiLFVBQVUsRUFBRSxJQUFJLENBQUMsa0JBQWtCO1NBQ3BDLENBQUMsQ0FBQztRQUNILGNBQWMsQ0FBQyxjQUFjLENBQUMsSUFBSSxxQkFBRyxDQUFDLGdCQUFnQixDQUFDLDZCQUE2QixDQUFDLENBQUMsQ0FBQztJQUV6RixDQUFDO0NBQ0Y7QUF0QkQsd0NBc0JDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtcbiAgYXdzX2lhbSBhcyBpYW0sXG4gIGF3c19rbXMgYXMga21zLFxuICBhd3NfczMgYXMgczMsXG4gIFN0YWNrLFxuICBTdGFja1Byb3BzLFxufSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IE9yZ1ByaW5jaXBhbEF3YXJlIH0gZnJvbSAnLi9hd3Mtb3JnJztcblxuZXhwb3J0IHR5cGUgTG9nQnVja2V0U3RhY2tQcm9wcyA9IFN0YWNrUHJvcHMgJiBPcmdQcmluY2lwYWxBd2FyZTtcblxuZXhwb3J0IGNsYXNzIExvZ0J1Y2tldFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuXG4gIHB1YmxpYyByZWFkb25seSBmbG93TG9nc0J1Y2tldE5hbWU6IHN0cmluZztcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogTG9nQnVja2V0U3RhY2tQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwgcHJvcHMpO1xuXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IG5ldyBrbXMuS2V5KHRoaXMsICdGbG93TG9nc0tleScsIHtcbiAgICAgIGVuYWJsZUtleVJvdGF0aW9uOiBmYWxzZSxcbiAgICAgIGFsaWFzOiAndnBjLWZsb3ctbG9ncycsXG4gICAgfSk7XG4gICAgZW5jcnlwdGlvbktleS5ncmFudEVuY3J5cHREZWNyeXB0KG5ldyBpYW0uU2VydmljZVByaW5jaXBhbCgnZGVsaXZlcnkubG9ncy5hbWF6b25hd3MuY29tJykpO1xuXG4gICAgdGhpcy5mbG93TG9nc0J1Y2tldE5hbWUgPSBgJHtwcm9wcy5vcmdQcmluY2lwYWxFbnYuYWNjb3VudCF9LXZwYy1mbG93LWxvZ3NgO1xuICAgIGNvbnN0IGZsb3dMb2dzQnVja2V0ID0gbmV3IHMzLkJ1Y2tldCh0aGlzLCAnRmxvd0xvZ3MnLCB7XG4gICAgICBibG9ja1B1YmxpY0FjY2VzczogczMuQmxvY2tQdWJsaWNBY2Nlc3MuQkxPQ0tfQUxMLFxuICAgICAgZW5jcnlwdGlvbktleSxcbiAgICAgIGJ1Y2tldE5hbWU6IHRoaXMuZmxvd0xvZ3NCdWNrZXROYW1lLFxuICAgIH0pO1xuICAgIGZsb3dMb2dzQnVja2V0LmdyYW50UmVhZFdyaXRlKG5ldyBpYW0uU2VydmljZVByaW5jaXBhbCgnZGVsaXZlcnkubG9ncy5hbWF6b25hd3MuY29tJykpO1xuXG4gIH1cbn0iXX0=