diff --git a/.projen/deps.json b/.projen/deps.json
index 947d3314..2378e8bc 100644
--- a/.projen/deps.json
+++ b/.projen/deps.json
@@ -116,7 +116,7 @@
},
{
"name": "aws-cdk-lib",
- "version": "^2.1.0",
+ "version": "^2.144.0",
"type": "peer"
},
{
diff --git a/.projenrc.js b/.projenrc.js
index 47a5ead0..d34c029b 100644
--- a/.projenrc.js
+++ b/.projenrc.js
@@ -2,7 +2,7 @@ const { awscdk } = require('projen');
const project = new awscdk.AwsCdkConstructLibrary({
author: 'Markus Siebert',
authorAddress: 'markus.siebert@deutschebahn.com',
- cdkVersion: '2.1.0',
+ cdkVersion: '2.144.0',
stability: 'stable',
homepage: 'https://constructs.dev/packages/cdk-sops-secrets',
description:
diff --git a/API.md b/API.md
index 61109b12..ba95126d 100644
--- a/API.md
+++ b/API.md
@@ -564,10 +564,14 @@ new SopsSyncProvider(scope: Construct, id?: string)
| applyRemovalPolicy
| Apply the given removal policy to this resource. |
| addEventSource
| Adds an event source to this function. |
| addEventSourceMapping
| Adds an event source that maps to this AWS Lambda function. |
+| addFunctionUrl
| Adds a url to this lambda function. |
| addPermission
| Adds a permission to the Lambda resource policy. |
| addToRolePolicy
| Adds a statement to the IAM role assumed by the instance. |
| configureAsyncInvoke
| Configures options for asynchronous invocation. |
+| considerWarningOnInvokeFunctionPermissions
| A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function. |
| grantInvoke
| Grant the given identity permissions to invoke this Lambda. |
+| grantInvokeCompositePrincipal
| Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
+| grantInvokeUrl
| Grant the given identity permissions to invoke this Lambda Function URL. |
| metric
| Return the given named metric for this Function. |
| metricDuration
| How long execution of this Lambda takes. |
| metricErrors
| How many invocations of this Lambda fail. |
@@ -619,11 +623,11 @@ public addEventSource(source: IEventSource): void
Adds an event source to this function.
-Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module.
+Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
```
-import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources';
+import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
```
@@ -653,6 +657,20 @@ Adds an event source that maps to this AWS Lambda function.
---
+##### `addFunctionUrl`
+
+```typescript
+public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
+```
+
+Adds a url to this lambda function.
+
+###### `options`Optional
+
+- *Type:* aws-cdk-lib.aws_lambda.FunctionUrlOptions
+
+---
+
##### `addPermission`
```typescript
@@ -701,6 +719,31 @@ Configures options for asynchronous invocation.
---
+##### `considerWarningOnInvokeFunctionPermissions`
+
+```typescript
+public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
+```
+
+A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
+
+function.currentVersion is invoked before or after the permission is created.
+
+This applies only to permissions on Lambda functions, not versions or aliases.
+This function is overridden as a noOp for QualifiedFunctionBase.
+
+###### `scope`Required
+
+- *Type:* constructs.Construct
+
+---
+
+###### `action`Required
+
+- *Type:* string
+
+---
+
##### `grantInvoke`
```typescript
@@ -715,6 +758,34 @@ Grant the given identity permissions to invoke this Lambda.
---
+##### `grantInvokeCompositePrincipal`
+
+```typescript
+public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
+```
+
+Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
+
+###### `compositePrincipal`Required
+
+- *Type:* aws-cdk-lib.aws_iam.CompositePrincipal
+
+---
+
+##### `grantInvokeUrl`
+
+```typescript
+public grantInvokeUrl(grantee: IGrantable): Grant
+```
+
+Grant the given identity permissions to invoke this Lambda Function URL.
+
+###### `grantee`Required
+
+- *Type:* aws-cdk-lib.aws_iam.IGrantable
+
+---
+
##### `metric`
```typescript
@@ -894,6 +965,7 @@ public addAgeKey(key: SecretValue): void
| **Name** | **Description** |
| --- | --- |
| isConstruct
| Checks if `x` is a construct. |
+| isOwnedResource
| Returns true if the construct was created by CDK, and false otherwise. |
| isResource
| Check whether the given construct is a Resource. |
---
@@ -916,6 +988,22 @@ Any object.
---
+##### `isOwnedResource`
+
+```typescript
+import { SopsSyncProvider } from 'cdk-sops-secrets'
+
+SopsSyncProvider.isOwnedResource(construct: IConstruct)
+```
+
+Returns true if the construct was created by CDK, and false otherwise.
+
+###### `construct`Required
+
+- *Type:* constructs.IConstruct
+
+---
+
##### `isResource`
```typescript
@@ -939,6 +1027,7 @@ Check whether the given construct is a Resource.
| node
| constructs.Node
| The tree node. |
| env
| aws-cdk-lib.ResourceEnvironment
| The environment this resource belongs to. |
| stack
| aws-cdk-lib.Stack
| The stack in which this resource is defined. |
+| architecture
| aws-cdk-lib.aws_lambda.Architecture
| The architecture of this Lambda Function. |
| connections
| aws-cdk-lib.aws_ec2.Connections
| Access the Connections object. |
| functionArn
| string
| The ARN fo the function. |
| functionName
| string
| The name of the function. |
@@ -946,6 +1035,7 @@ Check whether the given construct is a Resource.
| isBoundToVpc
| boolean
| Whether or not this Lambda function was bound to a VPC. |
| latestVersion
| aws-cdk-lib.aws_lambda.IVersion
| The `$LATEST` version of this function. |
| permissionsNode
| constructs.Node
| The construct node where permissions are attached. |
+| resourceArnsForGrantInvoke
| string[]
| The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
| role
| aws-cdk-lib.aws_iam.IRole
| The IAM role associated with this function. |
| currentVersion
| aws-cdk-lib.aws_lambda.Version
| Returns a `lambda.Version` which represents the current version of this singleton Lambda function. A new version will be created every time the function's configuration changes. |
| logGroup
| aws-cdk-lib.aws_logs.ILogGroup
| The LogGroup where the Lambda function's logs are made available. |
@@ -996,6 +1086,18 @@ The stack in which this resource is defined.
---
+##### `architecture`Required
+
+```typescript
+public readonly architecture: Architecture;
+```
+
+- *Type:* aws-cdk-lib.aws_lambda.Architecture
+
+The architecture of this Lambda Function.
+
+---
+
##### `connections`Required
```typescript
@@ -1091,6 +1193,18 @@ The construct node where permissions are attached.
---
+##### `resourceArnsForGrantInvoke`Required
+
+```typescript
+public readonly resourceArnsForGrantInvoke: string[];
+```
+
+- *Type:* string[]
+
+The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
+
+---
+
##### `role`Optional
```typescript
@@ -1176,6 +1290,9 @@ const sopsSecretProps: SopsSecretProps = { ... }
| removalPolicy
| aws-cdk-lib.RemovalPolicy
| Policy to apply when the secret is removed from this stack. |
| replicaRegions
| aws-cdk-lib.aws_secretsmanager.ReplicaRegion[]
| A list of regions where to replicate this secret. |
| secretName
| string
| A name for the secret. |
+| secretObjectValue
| {[ key: string ]: aws-cdk-lib.SecretValue}
| Initial value for a JSON secret. |
+| secretStringBeta1
| aws-cdk-lib.aws_secretsmanager.SecretStringValueBeta1
| Initial value for the secret. |
+| secretStringValue
| aws-cdk-lib.SecretValue
| Initial value for the secret. |
| convertToJSON
| boolean
| Should the encrypted sops value should be converted to JSON? |
| flatten
| boolean
| Should the structure be flattened? |
| sopsAgeKey
| aws-cdk-lib.SecretValue
| The age key that should be used for encryption. |
@@ -1227,6 +1344,8 @@ public readonly generateSecretString: SecretStringGenerator;
Configuration for how to generate a secret value.
+Only one of `secretString` and `generateSecretString` can be provided.
+
---
##### `removalPolicy`Optional
@@ -1271,6 +1390,96 @@ Note that deleting secrets from SecretsManager does not happen immediately, but
---
+##### `secretObjectValue`Optional
+
+```typescript
+public readonly secretObjectValue: {[ key: string ]: SecretValue};
+```
+
+- *Type:* {[ key: string ]: aws-cdk-lib.SecretValue}
+- *Default:* SecretsManager generates a new secret value.
+
+Initial value for a JSON secret.
+
+**NOTE:** *It is **highly** encouraged to leave this field undefined and allow SecretsManager to create the secret value.
+The secret object -- if provided -- will be included in the output of the cdk as part of synthesis,
+and will appear in the CloudFormation template in the console. This can be secure(-ish) if that value is merely reference to
+another resource (or one of its attributes), but if the value is a plaintext string, it will be visible to anyone with access
+to the CloudFormation template (via the AWS Console, SDKs, or CLI).
+
+Specifies a JSON object that you want to encrypt and store in this new version of the secret.
+To specify a simple string value instead, use `SecretProps.secretStringValue`
+
+Only one of `secretStringBeta1`, `secretStringValue`, 'secretObjectValue', and `generateSecretString` can be provided.
+
+---
+
+*Example*
+
+```typescript
+declare const user: iam.User;
+declare const accessKey: iam.AccessKey;
+declare const stack: Stack;
+new secretsmanager.Secret(stack, 'JSONSecret', {
+ secretObjectValue: {
+ username: SecretValue.unsafePlainText(user.userName), // intrinsic reference, not exposed as plaintext
+ database: SecretValue.unsafePlainText('foo'), // rendered as plain text, but not a secret
+ password: accessKey.secretAccessKey, // SecretValue
+ },
+});
+```
+
+
+##### ~~`secretStringBeta1`~~Optional
+
+- *Deprecated:* Use `secretStringValue` instead.
+
+```typescript
+public readonly secretStringBeta1: SecretStringValueBeta1;
+```
+
+- *Type:* aws-cdk-lib.aws_secretsmanager.SecretStringValueBeta1
+- *Default:* SecretsManager generates a new secret value.
+
+Initial value for the secret.
+
+**NOTE:** *It is **highly** encouraged to leave this field undefined and allow SecretsManager to create the secret value.
+The secret string -- if provided -- will be included in the output of the cdk as part of synthesis,
+and will appear in the CloudFormation template in the console. This can be secure(-ish) if that value is merely reference to
+another resource (or one of its attributes), but if the value is a plaintext string, it will be visible to anyone with access
+to the CloudFormation template (via the AWS Console, SDKs, or CLI).
+
+Specifies text data that you want to encrypt and store in this new version of the secret.
+May be a simple string value, or a string representation of a JSON structure.
+
+Only one of `secretStringBeta1`, `secretStringValue`, and `generateSecretString` can be provided.
+
+---
+
+##### `secretStringValue`Optional
+
+```typescript
+public readonly secretStringValue: SecretValue;
+```
+
+- *Type:* aws-cdk-lib.SecretValue
+- *Default:* SecretsManager generates a new secret value.
+
+Initial value for the secret.
+
+**NOTE:** *It is **highly** encouraged to leave this field undefined and allow SecretsManager to create the secret value.
+The secret string -- if provided -- will be included in the output of the cdk as part of synthesis,
+and will appear in the CloudFormation template in the console. This can be secure(-ish) if that value is merely reference to
+another resource (or one of its attributes), but if the value is a plaintext string, it will be visible to anyone with access
+to the CloudFormation template (via the AWS Console, SDKs, or CLI).
+
+Specifies text data that you want to encrypt and store in this new version of the secret.
+May be a simple string value. To provide a string representation of JSON structure, use `SecretProps.secretObjectValue` instead.
+
+Only one of `secretStringBeta1`, `secretStringValue`, 'secretObjectValue', and `generateSecretString` can be provided.
+
+---
+
##### `convertToJSON`Optional
```typescript
diff --git a/lambda/main.go b/lambda/main.go
index a38879bf..b2821252 100644
--- a/lambda/main.go
+++ b/lambda/main.go
@@ -76,9 +76,8 @@ func decryptSopsFileContent(content []byte, format string) (data []byte, err err
func (a AWS) updateSecret(sopsHash string, secretArn string, secretContent []byte) (data *secretsmanager.PutSecretValueOutput, err error) {
secretContentString := string(secretContent)
input := &secretsmanager.PutSecretValueInput{
- SecretId: &secretArn,
- SecretString: &secretContentString,
-
+ SecretId: &secretArn,
+ SecretString: &secretContentString,
ClientRequestToken: &sopsHash,
}
secretResp, secretErr := a.secretsmanager.PutSecretValue(input)
@@ -156,7 +155,6 @@ func (a AWS) syncSopsToSecretsmanager(ctx context.Context, event cfn.Event) (phy
if err != nil {
return tempArn, nil, err
}
- //log.Println(string(decryptedContent))
var decryptedInterface interface{}
switch resourceProperties.Format {
case "json":
@@ -197,6 +195,7 @@ func (a AWS) syncSopsToSecretsmanager(ctx context.Context, event cfn.Event) (phy
{
resourceProperties.Flatten = "false"
resourceProperties.StringifyValues = "false"
+ resourceProperties.ConvertToJSON = "false"
}
default:
return "", nil, errors.New(fmt.Sprintf("Format %s not supported", resourceProperties.Format))
@@ -254,7 +253,6 @@ func (a AWS) syncSopsToSecretsmanager(ctx context.Context, event cfn.Event) (phy
return tempArn, nil, err
}
}
-
// Write the secret
updateSecretResp, err := a.updateSecret(sopsHash, resourceProperties.SecretARN, decryptedContent)
if err != nil {
diff --git a/package.json b/package.json
index 1bbe7dde..2207ff43 100644
--- a/package.json
+++ b/package.json
@@ -64,7 +64,7 @@
"@typescript-eslint/eslint-plugin": "^6",
"@typescript-eslint/parser": "^6",
"aws-cdk": "^2",
- "aws-cdk-lib": "2.1.0",
+ "aws-cdk-lib": "2.144.0",
"constructs": "10.0.5",
"eslint": "^8",
"eslint-config-prettier": "^8.10.0",
@@ -86,7 +86,7 @@
"typescript": "^4.9.5"
},
"peerDependencies": {
- "aws-cdk-lib": "^2.1.0",
+ "aws-cdk-lib": "^2.144.0",
"constructs": "^10.0.5"
},
"resolutions": {
diff --git a/test/secret-asset.integ.snapshot/SecretIntegrationAsset.assets.json b/test/secret-asset.integ.snapshot/SecretIntegrationAsset.assets.json
index 59931601..7c190c4b 100644
--- a/test/secret-asset.integ.snapshot/SecretIntegrationAsset.assets.json
+++ b/test/secret-asset.integ.snapshot/SecretIntegrationAsset.assets.json
@@ -1,15 +1,15 @@
{
- "version": "15.0.0",
+ "version": "36.0.0",
"files": {
- "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
+ "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67": {
"source": {
- "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "path": "asset.ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "objectKey": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
@@ -79,7 +79,7 @@
}
}
},
- "3df20cebd8befd8c2eee521149078eeef238b022cabf42327fc78fa91a5e1539": {
+ "6877367a0b0bf6c211df7db09e390a34f27dde480c9c7591a54f097775ed6c47": {
"source": {
"path": "SecretIntegrationAsset.template.json",
"packaging": "file"
@@ -87,7 +87,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "3df20cebd8befd8c2eee521149078eeef238b022cabf42327fc78fa91a5e1539.json",
+ "objectKey": "6877367a0b0bf6c211df7db09e390a34f27dde480c9c7591a54f097775ed6c47.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/test/secret-asset.integ.snapshot/SecretIntegrationAsset.template.json b/test/secret-asset.integ.snapshot/SecretIntegrationAsset.template.json
index 00076ac5..2977d3b3 100644
--- a/test/secret-asset.integ.snapshot/SecretIntegrationAsset.template.json
+++ b/test/secret-asset.integ.snapshot/SecretIntegrationAsset.template.json
@@ -1,991 +1,991 @@
{
- "Resources": {
- "SopsSecretJSON72040543": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "Resources": {
+ "SopsSecretJSON72040543": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretJSONSopsSync701F9A56": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
},
- "SopsSecretJSONSopsSync701F9A56": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
- ]
- },
- "SecretARN": {
- "Ref": "SopsSecretJSON72040543"
+ "SecretARN": {
+ "Ref": "SopsSecretJSON72040543"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "2e0bdd84bc2fecdd9795887da1814888ec0b5d184a7324c5fda69c4bd54fa649.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "SopsS3File": {
- "Bucket": {
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
+ ]
+ }
+ ]
+ }
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
+ "Type": "AWS::IAM::Policy",
+ "Properties": {
+ "PolicyDocument": {
+ "Statement": [
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretJSON72040543"
+ }
+ },
+ {
+ "Action": [
+ "s3:GetObject*",
+ "s3:GetBucket*",
+ "s3:List*"
+ ],
+ "Effect": "Allow",
+ "Resource": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":s3:::",
+ {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "2e0bdd84bc2fecdd9795887da1814888ec0b5d184a7324c5fda69c4bd54fa649.json"
+ }
+ ]
+ ]
},
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":s3:::",
+ {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "/*"
+ ]
+ ]
+ }
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
- ]
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretYAMLC392F558"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretYAMLasJSON64419C04"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretJSONAD4C2662"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopComplexSecretYAMLF52D88F2"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopComplexSecretYAMLFlatD9CE8782"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsBinaryAsBinary6FB08519"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
- "Type": "AWS::IAM::Policy",
- "Properties": {
- "PolicyDocument": {
- "Statement": [
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretJSON72040543"
- }
- },
- {
- "Action": [
- "s3:GetObject*",
- "s3:GetBucket*",
- "s3:List*"
- ],
- "Effect": "Allow",
- "Resource": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":s3:::",
- {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- }
- ]
- ]
- },
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":s3:::",
- {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "/*"
- ]
- ]
- }
- ]
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretYAMLC392F558"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretYAMLasJSON64419C04"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretJSONAD4C2662"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopComplexSecretYAMLF52D88F2"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopComplexSecretYAMLFlatD9CE8782"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsBinaryAsBinary6FB08519"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "Roles": [
- {
- "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
- }
- ]
+ "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "Roles": [
+ {
+ "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ }
+ ]
+ }
+ },
+ "SingletonLambdaSopsSyncProviderAA18D140": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "S3Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "S3Key": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip"
+ },
+ "Environment": {
+ "Variables": {
+ "SOPS_AGE_KEY": "AGE-SECRET-KEY-1EFUWJ0G2XJTJFWTAM2DGMA4VCK3R05W58FSMHZP3MZQ0ZTAQEAFQC6T7T3"
+ }
+ },
+ "Handler": "bootstrap",
+ "Role": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
+ "Arn"
+ ]
+ },
+ "Runtime": "provided.al2",
+ "Timeout": 60
+ },
+ "DependsOn": [
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ]
+ },
+ "SopsSecretYAMLC392F558": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLSopsSyncD61C4640": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLC392F558"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f.yaml"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSON64419C04": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSONSopsSync5F0877FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLasJSON64419C04"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f.yaml"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONAD4C2662": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONSopsSyncCABA63FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONAD4C2662"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatF5FC1D69": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLF52D88F2": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLSopsSync4B881273": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLF52D88F2"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
+ },
+ "ConvertToJSON": false,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatD9CE8782": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLFlatD9CE8782"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONEAE81DB0": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsBinaryAsBinary6FB08519": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsBinaryAsBinarySopsSyncEC998F91": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsBinaryAsBinary6FB08519"
+ },
+ "SopsS3File": {
+ "Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "Key": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.binary"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "binary",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "TestFunctionServiceRole6ABD93C7": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderAA18D140": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "S3Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
- },
- "Role": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SOPS_AGE_KEY": "AGE-SECRET-KEY-1EFUWJ0G2XJTJFWTAM2DGMA4VCK3R05W58FSMHZP3MZQ0ZTAQEAFQC6T7T3"
- }
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "Handler": "bootstrap",
- "Runtime": "provided.al2",
- "Timeout": 60
- },
- "DependsOn": [
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
]
+ }
+ ]
+ }
+ },
+ "TestFunction22AD90FC": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "ZipFile": "test"
},
- "SopsSecretYAMLC392F558": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLSopsSyncD61C4640": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "Environment": {
+ "Variables": {
+ "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLC392F558"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f.yaml"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSON64419C04": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSONSopsSync5F0877FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLasJSON64419C04"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f.yaml"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONAD4C2662": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONSopsSyncCABA63FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretJSONAD4C2662"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282.json"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "json",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatF5FC1D69": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282.json"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLF52D88F2": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLSopsSync4B881273": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLF52D88F2"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
- },
- "ConvertToJSON": false,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatD9CE8782": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLFlatD9CE8782"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONEAE81DB0": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2.yaml"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsBinaryAsBinary6FB08519": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsBinaryAsBinarySopsSyncEC998F91": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsBinaryAsBinary6FB08519"
- },
- "SopsS3File": {
- "Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "Key": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.binary"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "binary",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "TestFunctionServiceRole6ABD93C7": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
+ "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
]
+ ]
}
+ }
},
- "TestFunction22AD90FC": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "ZipFile": "test"
- },
- "Role": {
- "Fn::GetAtt": [
- "TestFunctionServiceRole6ABD93C7",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- }
- }
- },
- "Handler": "test",
- "Runtime": "nodejs14.x"
- },
- "DependsOn": [
- "TestFunctionServiceRole6ABD93C7"
- ]
- }
- },
- "Parameters": {
- "BootstrapVersion": {
- "Type": "AWS::SSM::Parameter::Value",
- "Default": "/cdk-bootstrap/hnb659fds/version",
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
- }
- },
- "Rules": {
- "CheckBootstrapVersion": {
- "Assertions": [
- {
- "Assert": {
- "Fn::Not": [
- {
- "Fn::Contains": [
- [
- "1",
- "2",
- "3",
- "4",
- "5"
- ],
- {
- "Ref": "BootstrapVersion"
- }
- ]
- }
- ]
- },
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
- }
+ "Handler": "test",
+ "Role": {
+ "Fn::GetAtt": [
+ "TestFunctionServiceRole6ABD93C7",
+ "Arn"
+ ]
+ },
+ "Runtime": "nodejs20.x"
+ },
+ "DependsOn": [
+ "TestFunctionServiceRole6ABD93C7"
+ ]
+ }
+ },
+ "Parameters": {
+ "BootstrapVersion": {
+ "Type": "AWS::SSM::Parameter::Value",
+ "Default": "/cdk-bootstrap/hnb659fds/version",
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+ }
+ },
+ "Rules": {
+ "CheckBootstrapVersion": {
+ "Assertions": [
+ {
+ "Assert": {
+ "Fn::Not": [
+ {
+ "Fn::Contains": [
+ [
+ "1",
+ "2",
+ "3",
+ "4",
+ "5"
+ ],
+ {
+ "Ref": "BootstrapVersion"
+ }
+ ]
+ }
]
+ },
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
+ ]
}
+ }
}
\ No newline at end of file
diff --git a/test/secret-asset.integ.ts b/test/secret-asset.integ.ts
index 6de456d3..9e5b3f05 100644
--- a/test/secret-asset.integ.ts
+++ b/test/secret-asset.integ.ts
@@ -119,7 +119,7 @@ new SopsSecret(stack, 'SopsBinaryAsBinary', {
new Function(stack, 'TestFunction', {
code: Code.fromInline('test'),
handler: 'test',
- runtime: Runtime.NODEJS_14_X,
+ runtime: Runtime.NODEJS_20_X,
environment: {
...createMapComplex('SopsComplexSecretJSONFlat', sopsComplexSecretJSONFlat),
...createMapComplex(
diff --git a/test/secret-inline.integ.snapshot/SecretIntegrationInline.assets.json b/test/secret-inline.integ.snapshot/SecretIntegrationInline.assets.json
index 06649be8..79e104f3 100644
--- a/test/secret-inline.integ.snapshot/SecretIntegrationInline.assets.json
+++ b/test/secret-inline.integ.snapshot/SecretIntegrationInline.assets.json
@@ -1,20 +1,20 @@
{
- "version": "15.0.0",
+ "version": "36.0.0",
"files": {
- "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
+ "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67": {
"source": {
- "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "path": "asset.ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "objectKey": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
- "049126fed367ff9a3a1334931bcb725bde8d35e20fb44992ef6b0bc5ff958f86": {
+ "d315c0942526cd564dc7208017fea1cac5f06645a896160d1f1bba1e782da9ea": {
"source": {
"path": "SecretIntegrationInline.template.json",
"packaging": "file"
@@ -22,7 +22,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "049126fed367ff9a3a1334931bcb725bde8d35e20fb44992ef6b0bc5ff958f86.json",
+ "objectKey": "d315c0942526cd564dc7208017fea1cac5f06645a896160d1f1bba1e782da9ea.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/test/secret-inline.integ.snapshot/SecretIntegrationInline.template.json b/test/secret-inline.integ.snapshot/SecretIntegrationInline.template.json
index 4f63015a..d7855a09 100644
--- a/test/secret-inline.integ.snapshot/SecretIntegrationInline.template.json
+++ b/test/secret-inline.integ.snapshot/SecretIntegrationInline.template.json
@@ -1,972 +1,972 @@
{
- "Resources": {
- "SopsSecretJSON72040543": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "Resources": {
+ "SopsSecretJSON72040543": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretJSONSopsSync701F9A56": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
},
- "SopsSecretJSONSopsSync701F9A56": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
- ]
- },
- "SecretARN": {
- "Ref": "SopsSecretJSON72040543"
- },
- "SopsInline": {
- "Content": "ewoJImtleTEiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpBclNqQzBWZCxpdjpORnJJajFla00yZFU4SkNVNk5wbW5IRm13Y0ZhRVFhZ0N3L2Z4S1YyYjZBPSx0YWc6R3JHZ2VObXRxRnV5aVRqS0ovNzhrdz09LHR5cGU6c3RyXSIsCgkia2V5MiI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOk5lb2FuZFk9LGl2OjJvQ2NCazBSL1h4dkgvTythYUNJYTdWOXBGc3k3ZGhDS1o3MGViamM1RHM9LHRhZzpHVlpYVUZGd2JwTVZZL0tDTE5FTkFRPT0sdHlwZTpmbG9hdF0iLAoJImtleTMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTp5NHRCYU5nPSxpdjptSHVZcnRmMEtlL29IQmN1bnBnZFBwemFZa0J4N1VqTWNPUWdwbVZjOC9RPSx0YWc6Y3VFZzJVRTE3UG82b3BmcEg4aWtvZz09LHR5cGU6Ym9vbF0iLAoJInNvcHMiOiB7CgkJImttcyI6IG51bGwsCgkJImdjcF9rbXMiOiBudWxsLAoJCSJhenVyZV9rdiI6IG51bGwsCgkJImhjX3ZhdWx0IjogbnVsbCwKCQkiYWdlIjogWwoJCQl7CgkJCQkicmVjaXBpZW50IjogImFnZTFkamxsdzJwenVwcnJxYzBlbjVtOHZjOGs1Z2UzdG0wZjZnN2NqMGMwZ2xmenA0NHZkYzRxbDhuZ3Z1IiwKCQkJCSJlbmMiOiAiLS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQk9XbEF4ZWtWTk5YZGplblY1Y21kUlxuWkRsUVUzTjVXQzlvZUVOVWJVcFljV3hrZVU5a1ZTOVRlVVIzQ201emJHaElMMEo2V0c5VFdpOUtSM1pVVFZwaFxuYmxwaVVEWnRRa2xuV2xSclNHWnpUWGxaTjJaNldqZ0tMUzB0SURJM1pITkhSME5tV1RNemRUZzBkRXRYY1U5M1xuYkVkTlduZEtkV1JPV0dkTGRIQXdUR0Z0Ukdsc2FEUUtWN0hKRzYyOXJQV0RCWTA0Nkh4ajR1dHhVa2V4M1N3VVxuVlVRUlgwMHA2cjlmZmMraUM1REdVbS9LT2tldEFIdW5PNEtuMHVPUzRXSGcrSmcyQ3d1NzJRPT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4iCgkJCX0KCQldLAoJCSJsYXN0bW9kaWZpZWQiOiAiMjAyMi0wMy0yOVQyMTowMjozMloiLAoJCSJtYWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YToydm16d1c3NE9TSnExOEdFY1NjcE1INzZBV3JoSmRFTmxLdzJ2UnpHclFmUGl4VE5jcndKMG5lVEgrQnZHS2ZSOU9sTFIyRVpUaGVScGhRMElrYjRTZGhmSW5vRGpIbyswalhON1JRNG5lVGxrbzRqL1lSVmVrNjFvZVBnQUtBcWNtdkwySWh6UkdPMlZSOG5EUHVKdXZSQ21QNXdPTU9Ca2VyeWRSS0hlRGM9LGl2Ok5IV1BOV0RtdWhla0pVSUpwQzFjREo1MWxMS1RzWExFNmRDNHRwdy9xU0k9LHRhZzp5VjVuZ1JkSVlaZlVnajZudHNZNUNRPT0sdHlwZTpzdHJdIiwKCQkicGdwIjogbnVsbCwKCQkidW5lbmNyeXB0ZWRfc3VmZml4IjogIl91bmVuY3J5cHRlZCIsCgkJInZlcnNpb24iOiAiMy43LjIiCgl9Cn0=",
- "Hash": "2e0bdd84bc2fecdd9795887da1814888ec0b5d184a7324c5fda69c4bd54fa649"
+ "SecretARN": {
+ "Ref": "SopsSecretJSON72040543"
+ },
+ "SopsInline": {
+ "Content": "ewoJImtleTEiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpBclNqQzBWZCxpdjpORnJJajFla00yZFU4SkNVNk5wbW5IRm13Y0ZhRVFhZ0N3L2Z4S1YyYjZBPSx0YWc6R3JHZ2VObXRxRnV5aVRqS0ovNzhrdz09LHR5cGU6c3RyXSIsCgkia2V5MiI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOk5lb2FuZFk9LGl2OjJvQ2NCazBSL1h4dkgvTythYUNJYTdWOXBGc3k3ZGhDS1o3MGViamM1RHM9LHRhZzpHVlpYVUZGd2JwTVZZL0tDTE5FTkFRPT0sdHlwZTpmbG9hdF0iLAoJImtleTMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTp5NHRCYU5nPSxpdjptSHVZcnRmMEtlL29IQmN1bnBnZFBwemFZa0J4N1VqTWNPUWdwbVZjOC9RPSx0YWc6Y3VFZzJVRTE3UG82b3BmcEg4aWtvZz09LHR5cGU6Ym9vbF0iLAoJInNvcHMiOiB7CgkJImttcyI6IG51bGwsCgkJImdjcF9rbXMiOiBudWxsLAoJCSJhenVyZV9rdiI6IG51bGwsCgkJImhjX3ZhdWx0IjogbnVsbCwKCQkiYWdlIjogWwoJCQl7CgkJCQkicmVjaXBpZW50IjogImFnZTFkamxsdzJwenVwcnJxYzBlbjVtOHZjOGs1Z2UzdG0wZjZnN2NqMGMwZ2xmenA0NHZkYzRxbDhuZ3Z1IiwKCQkJCSJlbmMiOiAiLS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQk9XbEF4ZWtWTk5YZGplblY1Y21kUlxuWkRsUVUzTjVXQzlvZUVOVWJVcFljV3hrZVU5a1ZTOVRlVVIzQ201emJHaElMMEo2V0c5VFdpOUtSM1pVVFZwaFxuYmxwaVVEWnRRa2xuV2xSclNHWnpUWGxaTjJaNldqZ0tMUzB0SURJM1pITkhSME5tV1RNemRUZzBkRXRYY1U5M1xuYkVkTlduZEtkV1JPV0dkTGRIQXdUR0Z0Ukdsc2FEUUtWN0hKRzYyOXJQV0RCWTA0Nkh4ajR1dHhVa2V4M1N3VVxuVlVRUlgwMHA2cjlmZmMraUM1REdVbS9LT2tldEFIdW5PNEtuMHVPUzRXSGcrSmcyQ3d1NzJRPT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4iCgkJCX0KCQldLAoJCSJsYXN0bW9kaWZpZWQiOiAiMjAyMi0wMy0yOVQyMTowMjozMloiLAoJCSJtYWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YToydm16d1c3NE9TSnExOEdFY1NjcE1INzZBV3JoSmRFTmxLdzJ2UnpHclFmUGl4VE5jcndKMG5lVEgrQnZHS2ZSOU9sTFIyRVpUaGVScGhRMElrYjRTZGhmSW5vRGpIbyswalhON1JRNG5lVGxrbzRqL1lSVmVrNjFvZVBnQUtBcWNtdkwySWh6UkdPMlZSOG5EUHVKdXZSQ21QNXdPTU9Ca2VyeWRSS0hlRGM9LGl2Ok5IV1BOV0RtdWhla0pVSUpwQzFjREo1MWxMS1RzWExFNmRDNHRwdy9xU0k9LHRhZzp5VjVuZ1JkSVlaZlVnajZudHNZNUNRPT0sdHlwZTpzdHJdIiwKCQkicGdwIjogbnVsbCwKCQkidW5lbmNyeXB0ZWRfc3VmZml4IjogIl91bmVuY3J5cHRlZCIsCgkJInZlcnNpb24iOiAiMy43LjIiCgl9Cn0=",
+ "Hash": "2e0bdd84bc2fecdd9795887da1814888ec0b5d184a7324c5fda69c4bd54fa649"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
+ ]
+ }
+ ]
+ }
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
+ "Type": "AWS::IAM::Policy",
+ "Properties": {
+ "PolicyDocument": {
+ "Statement": [
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretJSON72040543"
+ }
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
- ]
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretYAMLC392F558"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretYAMLasJSON64419C04"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretDOTENV13EC93B6"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretDOTENVasJSONC46F5173"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretJSONAD4C2662"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopComplexSecretYAMLF52D88F2"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopComplexSecretYAMLFlatD9CE8782"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
+ }
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
- "Type": "AWS::IAM::Policy",
- "Properties": {
- "PolicyDocument": {
- "Statement": [
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretJSON72040543"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretYAMLC392F558"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretYAMLasJSON64419C04"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretDOTENV13EC93B6"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretDOTENVasJSONC46F5173"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretJSONAD4C2662"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopComplexSecretYAMLF52D88F2"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopComplexSecretYAMLFlatD9CE8782"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
- }
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "Roles": [
- {
- "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
- }
- ]
+ "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "Roles": [
+ {
+ "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ }
+ ]
+ }
+ },
+ "SingletonLambdaSopsSyncProviderAA18D140": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "S3Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "S3Key": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip"
+ },
+ "Environment": {
+ "Variables": {
+ "SOPS_AGE_KEY": "AGE-SECRET-KEY-1EFUWJ0G2XJTJFWTAM2DGMA4VCK3R05W58FSMHZP3MZQ0ZTAQEAFQC6T7T3"
+ }
+ },
+ "Handler": "bootstrap",
+ "Role": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
+ "Arn"
+ ]
+ },
+ "Runtime": "provided.al2",
+ "Timeout": 60
+ },
+ "DependsOn": [
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ]
+ },
+ "SopsSecretYAMLC392F558": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLSopsSyncD61C4640": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLC392F558"
+ },
+ "SopsInline": {
+ "Content": "a2V5MTogRU5DW0FFUzI1Nl9HQ00sZGF0YTpod2ZNM2JEMCxpdjo1T0JEMjg4c1B5TGhXdE82b2FWTkduT2NtazFOcmFCQ2QyVnhvcFd2S0R3PSx0YWc6a1JrYnNwK09Jd0l3aGUvaVhKbFB4UT09LHR5cGU6c3RyXQprZXkyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkgrdlpWTVU9LGl2Omxub08xckc4LzY0MDU0R3B2enA3SGRvd2g2TmhJQWNhYW5YZUZ3KzZWM3M9LHRhZzpNZkQrZmVKeDZDcGtnMTNyMkw1bENnPT0sdHlwZTppbnRdCmtleTM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6UnE4Y2FhMD0saXY6OW56c1ArSElYN3o1RjNzdHlSa1U0NDd0WE44NkdaL3l5bnN4QlFLM1lvTT0sdGFnOjhOUW1Hd2M0SEY5a3d5ZDF4dGk5aHc9PSx0eXBlOmJvb2xdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JOZVdkM2RHVjZNVTFzZERCWU5EVnQKICAgICAgICAgICAgYzJGNlMxSlNTazVqU25FMk0wVlZTMDgxZEZKT1dXTlllbXhWQ201TVVVWlVVRFZOT1Vod2RXRmFZalpRZDFWdwogICAgICAgICAgICBOWGtySzJJdmJtZ3hRVk5pVWxKa1pWaFRhbFJLU2trS0xTMHRJRkpIYVhneVRrMUhkMk5yZUV4V1dIRnVOVUp6CiAgICAgICAgICAgIFJVcFpUVVJ5VjFkRVRFMDVjbFZ1UTNScmVHc3JTbThLWjkxMFZXekZaajd1QU9oRTRvblBwemVmb2t1SCt4bnoKICAgICAgICAgICAgQlBKUFRodkQ4MFF3UFdVZGpKN1Fua1p6VzhGaGROM01JU2QwRzZ2TElqcTNTcUthY2RjcjZnPT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDFUMjA6NDA6MTlaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjM5ZS9FbVdYeGVZZHpIZ01WRGQ4WUtRNW8zNk9DZGdGSk9HamU1cm5uRVU2bi8raWhmUDhUQlhBYTYySml0WFJEUW15Vm4wbWx2K3MrYjFJbzB6THNjd3d5ZHBLOUI2a25laFpBMjlwd1dJUy9hRkF1WStGMDhja2c5TjhIUUhRcXFaL0FLd0Q4UnRUMWdET0hXeG54MEpnQ2grdkw2Z0NOMlZIVzJpQzlIND0saXY6dEhnbjNqcEJJUTcyTHhRVjJHMTBrVzIxekMwbVNtQTZlNTVBUTNGcjJhMD0sdGFnOktraFhhVFpFS2kvSG5xVXpnWVJVTnc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSON64419C04": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSONSopsSync5F0877FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLasJSON64419C04"
+ },
+ "SopsInline": {
+ "Content": "a2V5MTogRU5DW0FFUzI1Nl9HQ00sZGF0YTpod2ZNM2JEMCxpdjo1T0JEMjg4c1B5TGhXdE82b2FWTkduT2NtazFOcmFCQ2QyVnhvcFd2S0R3PSx0YWc6a1JrYnNwK09Jd0l3aGUvaVhKbFB4UT09LHR5cGU6c3RyXQprZXkyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkgrdlpWTVU9LGl2Omxub08xckc4LzY0MDU0R3B2enA3SGRvd2g2TmhJQWNhYW5YZUZ3KzZWM3M9LHRhZzpNZkQrZmVKeDZDcGtnMTNyMkw1bENnPT0sdHlwZTppbnRdCmtleTM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6UnE4Y2FhMD0saXY6OW56c1ArSElYN3o1RjNzdHlSa1U0NDd0WE44NkdaL3l5bnN4QlFLM1lvTT0sdGFnOjhOUW1Hd2M0SEY5a3d5ZDF4dGk5aHc9PSx0eXBlOmJvb2xdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JOZVdkM2RHVjZNVTFzZERCWU5EVnQKICAgICAgICAgICAgYzJGNlMxSlNTazVqU25FMk0wVlZTMDgxZEZKT1dXTlllbXhWQ201TVVVWlVVRFZOT1Vod2RXRmFZalpRZDFWdwogICAgICAgICAgICBOWGtySzJJdmJtZ3hRVk5pVWxKa1pWaFRhbFJLU2trS0xTMHRJRkpIYVhneVRrMUhkMk5yZUV4V1dIRnVOVUp6CiAgICAgICAgICAgIFJVcFpUVVJ5VjFkRVRFMDVjbFZ1UTNScmVHc3JTbThLWjkxMFZXekZaajd1QU9oRTRvblBwemVmb2t1SCt4bnoKICAgICAgICAgICAgQlBKUFRodkQ4MFF3UFdVZGpKN1Fua1p6VzhGaGROM01JU2QwRzZ2TElqcTNTcUthY2RjcjZnPT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDFUMjA6NDA6MTlaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjM5ZS9FbVdYeGVZZHpIZ01WRGQ4WUtRNW8zNk9DZGdGSk9HamU1cm5uRVU2bi8raWhmUDhUQlhBYTYySml0WFJEUW15Vm4wbWx2K3MrYjFJbzB6THNjd3d5ZHBLOUI2a25laFpBMjlwd1dJUy9hRkF1WStGMDhja2c5TjhIUUhRcXFaL0FLd0Q4UnRUMWdET0hXeG54MEpnQ2grdkw2Z0NOMlZIVzJpQzlIND0saXY6dEhnbjNqcEJJUTcyTHhRVjJHMTBrVzIxekMwbVNtQTZlNTVBUTNGcjJhMD0sdGFnOktraFhhVFpFS2kvSG5xVXpnWVJVTnc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretDOTENV13EC93B6": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretDOTENVSopsSyncCF15A60A": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretDOTENV13EC93B6"
+ },
+ "SopsInline": {
+ "Content": "YmFuYW5lPUVOQ1tBRVMyNTZfR0NNLGRhdGE6S2ZDYm83WjgsaXY6ZXdES1ZaSDcvZkw0d1Jrc0N5U2I0TTlISWhaNCt3NDNtWGdtWVV0S3pVOD0sdGFnOkt1b0ZGVUE0N0xKTFdwREpKd2I3Y0E9PSx0eXBlOnN0cl0KY3J5cHQ9RU5DW0FFUzI1Nl9HQ00sZGF0YToyQnBXVjR3RzdHbzU5Znl4VG1RYXFLbkl1Zz09LGl2OklmRUh3UytSZTJHOElIY091eW9tdldmZ2IwRzZYNnNsUlNOb05jbEROajQ9LHRhZzo1NDFRVFBMVUpjdW52cDhMWkl2K3hRPT0sdHlwZTpzdHJdCnNvcHNfYWdlX19saXN0XzBfX21hcF9lbmM9LS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQXdWRUpCY1hCcU1FdDZMM2xRVEZaTVxuWVVwbFNHUlBSRFZzTDJZME5GQk5ZV0Y1Y21aTGNYcGhjakZGQ21GeVVUVXZSalJSUlZoc09WZG1kMDluYmtaclxuZEc1d1RqZENZbFp4VG5sTVFXTkZkM0ZhVDNGdEswMEtMUzB0SUVJeVMycGpZVGxTU0RONVIwRnJlalpNZFVaa1xuTWxwbVJEVmpaazFTWlVWR1IwTkRkblZoV2podlZUZ0tzQjJNdlZyVWlKVTJxdk44eDhrVWhaZHZLUDFScXFmZFxudUh2YVhuVlowcHVMQ3lXNmJKUFBINDA4Tituc216Y1pJUzlYUHc5YVJwdFF2VVY1M081TlZ3PT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4Kc29wc19hZ2VfX2xpc3RfMF9fbWFwX3JlY2lwaWVudD1hZ2UxZGpsbHcycHp1cHJycWMwZW41bTh2YzhrNWdlM3RtMGY2ZzdjajBjMGdsZnpwNDR2ZGM0cWw4bmd2dQpzb3BzX2xhc3Rtb2RpZmllZD0yMDI0LTA0LTI5VDExOjU4OjI3Wgpzb3BzX21hYz1FTkNbQUVTMjU2X0dDTSxkYXRhOldFWWdMdlNBaVpwYmdUcTY3b2F3UFlpZTN2dWpIVmlZRlI1MXExS05ZQ3ZwdFo5WFZtNndVQ2Z1VmVuRDc5TWdTU3lTVEVGeFY3QlhjYnFNSUtUUCthRzdLNVBLZUh1dUE5MXVFUHdLdXYvWDJFcmNRMHR0SFZkK1JERGxvdjk3dzhOT0tXcmdxTmhXbFE4UE00dUNveXNwdDBEUlRMREZtRWRMeTkvTEpuWT0saXY6VURJUUpEV24wbWdnWVpTdHo5eDB6SjlPSlFRN0dMcTBldXI4TTRLMXUwbz0sdGFnOmtwWW9LTjlBdVgrSTZYcFJRZldPRFE9PSx0eXBlOnN0cl0Kc29wc191bmVuY3J5cHRlZF9zdWZmaXg9X3VuZW5jcnlwdGVkCnNvcHNfdmVyc2lvbj0zLjguMQo=",
+ "Hash": "50e5eafdf09ae2e57258067e3833ee033c15faeff45ae85f22a3b74c7302d7fd"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "dotenv",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretDOTENVasJSONC46F5173": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretDOTENVasJSONSopsSync598B1279": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretDOTENVasJSONC46F5173"
+ },
+ "SopsInline": {
+ "Content": "YmFuYW5lPUVOQ1tBRVMyNTZfR0NNLGRhdGE6S2ZDYm83WjgsaXY6ZXdES1ZaSDcvZkw0d1Jrc0N5U2I0TTlISWhaNCt3NDNtWGdtWVV0S3pVOD0sdGFnOkt1b0ZGVUE0N0xKTFdwREpKd2I3Y0E9PSx0eXBlOnN0cl0KY3J5cHQ9RU5DW0FFUzI1Nl9HQ00sZGF0YToyQnBXVjR3RzdHbzU5Znl4VG1RYXFLbkl1Zz09LGl2OklmRUh3UytSZTJHOElIY091eW9tdldmZ2IwRzZYNnNsUlNOb05jbEROajQ9LHRhZzo1NDFRVFBMVUpjdW52cDhMWkl2K3hRPT0sdHlwZTpzdHJdCnNvcHNfYWdlX19saXN0XzBfX21hcF9lbmM9LS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQXdWRUpCY1hCcU1FdDZMM2xRVEZaTVxuWVVwbFNHUlBSRFZzTDJZME5GQk5ZV0Y1Y21aTGNYcGhjakZGQ21GeVVUVXZSalJSUlZoc09WZG1kMDluYmtaclxuZEc1d1RqZENZbFp4VG5sTVFXTkZkM0ZhVDNGdEswMEtMUzB0SUVJeVMycGpZVGxTU0RONVIwRnJlalpNZFVaa1xuTWxwbVJEVmpaazFTWlVWR1IwTkRkblZoV2podlZUZ0tzQjJNdlZyVWlKVTJxdk44eDhrVWhaZHZLUDFScXFmZFxudUh2YVhuVlowcHVMQ3lXNmJKUFBINDA4Tituc216Y1pJUzlYUHc5YVJwdFF2VVY1M081TlZ3PT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4Kc29wc19hZ2VfX2xpc3RfMF9fbWFwX3JlY2lwaWVudD1hZ2UxZGpsbHcycHp1cHJycWMwZW41bTh2YzhrNWdlM3RtMGY2ZzdjajBjMGdsZnpwNDR2ZGM0cWw4bmd2dQpzb3BzX2xhc3Rtb2RpZmllZD0yMDI0LTA0LTI5VDExOjU4OjI3Wgpzb3BzX21hYz1FTkNbQUVTMjU2X0dDTSxkYXRhOldFWWdMdlNBaVpwYmdUcTY3b2F3UFlpZTN2dWpIVmlZRlI1MXExS05ZQ3ZwdFo5WFZtNndVQ2Z1VmVuRDc5TWdTU3lTVEVGeFY3QlhjYnFNSUtUUCthRzdLNVBLZUh1dUE5MXVFUHdLdXYvWDJFcmNRMHR0SFZkK1JERGxvdjk3dzhOT0tXcmdxTmhXbFE4UE00dUNveXNwdDBEUlRMREZtRWRMeTkvTEpuWT0saXY6VURJUUpEV24wbWdnWVpTdHo5eDB6SjlPSlFRN0dMcTBldXI4TTRLMXUwbz0sdGFnOmtwWW9LTjlBdVgrSTZYcFJRZldPRFE9PSx0eXBlOnN0cl0Kc29wc191bmVuY3J5cHRlZF9zdWZmaXg9X3VuZW5jcnlwdGVkCnNvcHNfdmVyc2lvbj0zLjguMQo=",
+ "Hash": "50e5eafdf09ae2e57258067e3833ee033c15faeff45ae85f22a3b74c7302d7fd"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "dotenv",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONAD4C2662": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONSopsSyncCABA63FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONAD4C2662"
+ },
+ "SopsInline": {
+ "Content": "ewoJInNvbWUiOiB7CgkJImRlZXAiOiB7CgkJCSJuZXN0ZWQiOiB7CgkJCQkib2JqZWN0IjogIkVOQ1tBRVMyNTZfR0NNLGRhdGE6eXVrSHVHc0Qwd2dZLGl2OlVnaG44T2dOY2RJUFN6MWhYQ3BjbkpPRFNEcmsxOXkwVU1jd1F6VFJKRmM9LHRhZzp3T3BhMDNQZHA2M2VlVkwxdDlHUHdBPT0sdHlwZTpzdHJdIiwKCQkJCSJhcnJheXMiOiBbCgkJCQkJIkVOQ1tBRVMyNTZfR0NNLGRhdGE6TTMrOHZnPT0saXY6R0RyUWxSbkgwUDMybWxEOWVaTW92aEo0Tms2ck1iL0U3OUdRNXVQYmEwND0sdGFnOmFiT3YzeXNVMVlrOTZtdXhMR3lPSFE9PSx0eXBlOnN0cl0iLAoJCQkJCSJFTkNbQUVTMjU2X0dDTSxkYXRhOjBOQzBHTDVwUkE9PSxpdjorSkg2MlJTa253NkFYTjZ2TVBEQjJnbTlSUnRuQ2h4UHo4dHc5OVgvNnkwPSx0YWc6WlBLekhDWTY2SEswQmF1a2p2Wmx2UT09LHR5cGU6c3RyXSIsCgkJCQkJewoJCQkJCQkidmFsdWVzIjogewoJCQkJCQkJImFuZCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOlBWam5aMlptOWc9PSxpdjpXQWVORFQ0eGw5WEtYbmtHQXJzREthTjZUeFJUSTh1V090bjh4K0cwaG5NPSx0YWc6U3lMaWI4UlBONjVweXFrRmdQaGxWQT09LHR5cGU6c3RyXSIKCQkJCQkJfQoJCQkJCX0KCQkJCV0KCQkJfQoJCX0sCgkJIm5vdHNvZGVlcCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOktTZjZwbDFlLGl2Ok9LUjUraHc2R0N6Ym03NTBzQWxBWFc4L0c0U2U4QnUxRldISHRFZW5ZZVU9LHRhZzo1aGxGMDNPbTdxVmNKVUczVTk1dXZRPT0sdHlwZTpzdHJdIgoJfSwKCSJhbmQgbm93IjogewoJCSJzb21lIjogWwoJCQl7CgkJCQkiYmFzaWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpLQm80L2swPSxpdjprcDRneGhDcFduUC9WdkluRkJObHdYVEU2c2s0OE4zMjJzQWFHc05lZWJrPSx0YWc6RTQ1encxMmxrUmdLZEVJSC9BUm55QT09LHR5cGU6Ym9vbF0iCgkJCX0sCgkJCXsKCQkJCSJuZXN0ZWQiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpyekpzMW04PSxpdjorb1JuWFlQYTZKYnYvaU50MVFrbnloZFI3WjY3ZlZIVnEybnZxM0daT1RVPSx0YWc6QVdMaHRENEUvK0VISURKZ2lwcU0xQT09LHR5cGU6ZmxvYXRdIgoJCQl9LAoJCQl7CgkJCQkidHlwZSI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm5haFYzQk5FLGl2OmlkZGppenRqUmFVcVRhUzZ1VlRQUERpWEhOWVJEQytvSVBEODE5L0dDUnM9LHRhZzpxRDRienRDR3c5QzR3aTBLbDd2TFV3PT0sdHlwZTpmbG9hdF0iCgkJCX0sCgkJCXsKCQkJCSJ0ZXN0cyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOjhvZlhUSE5ENnc9PSxpdjpEcktvNHJ2M3ZWL044YjFTNWRUaUpHeUxITmx2bnJYOGdJWkRxTnpxMWVnPSx0YWc6Z0ZQbmRWOTZyT2sxUjBkQXplZm11QT09LHR5cGU6c3RyXSIKCQkJfQoJCV0KCX0sCgkic29wcyI6IHsKCQkia21zIjogbnVsbCwKCQkiZ2NwX2ttcyI6IG51bGwsCgkJImF6dXJlX2t2IjogbnVsbCwKCQkiaGNfdmF1bHQiOiBudWxsLAoJCSJhZ2UiOiBbCgkJCXsKCQkJCSJyZWNpcGllbnQiOiAiYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUiLAoJCQkJImVuYyI6ICItLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG5ZV2RsTFdWdVkzSjVjSFJwYjI0dWIzSm5MM1l4Q2kwK0lGZ3lOVFV4T1NBeFQzTkdVMEpFVDBOaVkxTlFjbTluXG5aRlpRU0NzMU56ZFphRWt2U0dobVREVjZiRkJIWTJWWmEyZGpDa2xDWmtKNFZ5OVNUbEJ1ZDJwclNtNUtSMWhyXG5OMGhwYURkb1dHdHhha1I2TVdnNVVqSTBTWEJpYlVVS0xTMHRJSGR0UjI5U1dUSXhXbWhNZW5sYWVVNXhlbTl1XG5LemhLYTNOS2JHcDJkRlZ4TVRWdVdpOVZkWEozTVc4S2FuejNEcElnUFhPOXU0NFRVc1RQdGd3VExiUDZZcFVmXG5Kb3Y0VDJvTHk0VW82NjhSTkNCMWZiS250NW55Y21SSnhlK3JZbU92bjJWZUw5dldjdzBrWnc9PVxuLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS1cbiIKCQkJfQoJCV0sCgkJImxhc3Rtb2RpZmllZCI6ICIyMDIyLTA0LTAzVDE3OjI0OjI0WiIsCgkJIm1hYyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm1VU0tGeVlxYnhRV2lyZnpOdnlOTXZySjkraiszUTlzL0FSak9XSlpPSnJBeXBKWVB0YlphL2R1U0w0Q3pCVzZLZExmOVlSZkk3SGppS1g1RzhTVUw5ZjVCekFYSUdCcS9EQUVmYVhaOEFyekhmSzR0dHg5UGUydEwrRGpPLy9tSEdFSjg4SllFVmpyRU1MRytORGE5YXJwREtLOCtPNEx1RUNTb0NhYWFxST0saXY6MlcyVnRDVkdmc2tvb1dNQWlMb0xMY0RndTlQdXcyQ2YzZGkyaVRZdlBjVT0sdGFnOjVlcG44U2FFOERFMkVLUm1iSW8xZ2c9PSx0eXBlOnN0cl0iLAoJCSJwZ3AiOiBudWxsLAoJCSJ1bmVuY3J5cHRlZF9zdWZmaXgiOiAiX3VuZW5jcnlwdGVkIiwKCQkidmVyc2lvbiI6ICIzLjcuMiIKCX0KfQ==",
+ "Hash": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatF5FC1D69": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ "SopsInline": {
+ "Content": "ewoJInNvbWUiOiB7CgkJImRlZXAiOiB7CgkJCSJuZXN0ZWQiOiB7CgkJCQkib2JqZWN0IjogIkVOQ1tBRVMyNTZfR0NNLGRhdGE6eXVrSHVHc0Qwd2dZLGl2OlVnaG44T2dOY2RJUFN6MWhYQ3BjbkpPRFNEcmsxOXkwVU1jd1F6VFJKRmM9LHRhZzp3T3BhMDNQZHA2M2VlVkwxdDlHUHdBPT0sdHlwZTpzdHJdIiwKCQkJCSJhcnJheXMiOiBbCgkJCQkJIkVOQ1tBRVMyNTZfR0NNLGRhdGE6TTMrOHZnPT0saXY6R0RyUWxSbkgwUDMybWxEOWVaTW92aEo0Tms2ck1iL0U3OUdRNXVQYmEwND0sdGFnOmFiT3YzeXNVMVlrOTZtdXhMR3lPSFE9PSx0eXBlOnN0cl0iLAoJCQkJCSJFTkNbQUVTMjU2X0dDTSxkYXRhOjBOQzBHTDVwUkE9PSxpdjorSkg2MlJTa253NkFYTjZ2TVBEQjJnbTlSUnRuQ2h4UHo4dHc5OVgvNnkwPSx0YWc6WlBLekhDWTY2SEswQmF1a2p2Wmx2UT09LHR5cGU6c3RyXSIsCgkJCQkJewoJCQkJCQkidmFsdWVzIjogewoJCQkJCQkJImFuZCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOlBWam5aMlptOWc9PSxpdjpXQWVORFQ0eGw5WEtYbmtHQXJzREthTjZUeFJUSTh1V090bjh4K0cwaG5NPSx0YWc6U3lMaWI4UlBONjVweXFrRmdQaGxWQT09LHR5cGU6c3RyXSIKCQkJCQkJfQoJCQkJCX0KCQkJCV0KCQkJfQoJCX0sCgkJIm5vdHNvZGVlcCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOktTZjZwbDFlLGl2Ok9LUjUraHc2R0N6Ym03NTBzQWxBWFc4L0c0U2U4QnUxRldISHRFZW5ZZVU9LHRhZzo1aGxGMDNPbTdxVmNKVUczVTk1dXZRPT0sdHlwZTpzdHJdIgoJfSwKCSJhbmQgbm93IjogewoJCSJzb21lIjogWwoJCQl7CgkJCQkiYmFzaWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpLQm80L2swPSxpdjprcDRneGhDcFduUC9WdkluRkJObHdYVEU2c2s0OE4zMjJzQWFHc05lZWJrPSx0YWc6RTQ1encxMmxrUmdLZEVJSC9BUm55QT09LHR5cGU6Ym9vbF0iCgkJCX0sCgkJCXsKCQkJCSJuZXN0ZWQiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpyekpzMW04PSxpdjorb1JuWFlQYTZKYnYvaU50MVFrbnloZFI3WjY3ZlZIVnEybnZxM0daT1RVPSx0YWc6QVdMaHRENEUvK0VISURKZ2lwcU0xQT09LHR5cGU6ZmxvYXRdIgoJCQl9LAoJCQl7CgkJCQkidHlwZSI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm5haFYzQk5FLGl2OmlkZGppenRqUmFVcVRhUzZ1VlRQUERpWEhOWVJEQytvSVBEODE5L0dDUnM9LHRhZzpxRDRienRDR3c5QzR3aTBLbDd2TFV3PT0sdHlwZTpmbG9hdF0iCgkJCX0sCgkJCXsKCQkJCSJ0ZXN0cyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOjhvZlhUSE5ENnc9PSxpdjpEcktvNHJ2M3ZWL044YjFTNWRUaUpHeUxITmx2bnJYOGdJWkRxTnpxMWVnPSx0YWc6Z0ZQbmRWOTZyT2sxUjBkQXplZm11QT09LHR5cGU6c3RyXSIKCQkJfQoJCV0KCX0sCgkic29wcyI6IHsKCQkia21zIjogbnVsbCwKCQkiZ2NwX2ttcyI6IG51bGwsCgkJImF6dXJlX2t2IjogbnVsbCwKCQkiaGNfdmF1bHQiOiBudWxsLAoJCSJhZ2UiOiBbCgkJCXsKCQkJCSJyZWNpcGllbnQiOiAiYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUiLAoJCQkJImVuYyI6ICItLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG5ZV2RsTFdWdVkzSjVjSFJwYjI0dWIzSm5MM1l4Q2kwK0lGZ3lOVFV4T1NBeFQzTkdVMEpFVDBOaVkxTlFjbTluXG5aRlpRU0NzMU56ZFphRWt2U0dobVREVjZiRkJIWTJWWmEyZGpDa2xDWmtKNFZ5OVNUbEJ1ZDJwclNtNUtSMWhyXG5OMGhwYURkb1dHdHhha1I2TVdnNVVqSTBTWEJpYlVVS0xTMHRJSGR0UjI5U1dUSXhXbWhNZW5sYWVVNXhlbTl1XG5LemhLYTNOS2JHcDJkRlZ4TVRWdVdpOVZkWEozTVc4S2FuejNEcElnUFhPOXU0NFRVc1RQdGd3VExiUDZZcFVmXG5Kb3Y0VDJvTHk0VW82NjhSTkNCMWZiS250NW55Y21SSnhlK3JZbU92bjJWZUw5dldjdzBrWnc9PVxuLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS1cbiIKCQkJfQoJCV0sCgkJImxhc3Rtb2RpZmllZCI6ICIyMDIyLTA0LTAzVDE3OjI0OjI0WiIsCgkJIm1hYyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm1VU0tGeVlxYnhRV2lyZnpOdnlOTXZySjkraiszUTlzL0FSak9XSlpPSnJBeXBKWVB0YlphL2R1U0w0Q3pCVzZLZExmOVlSZkk3SGppS1g1RzhTVUw5ZjVCekFYSUdCcS9EQUVmYVhaOEFyekhmSzR0dHg5UGUydEwrRGpPLy9tSEdFSjg4SllFVmpyRU1MRytORGE5YXJwREtLOCtPNEx1RUNTb0NhYWFxST0saXY6MlcyVnRDVkdmc2tvb1dNQWlMb0xMY0RndTlQdXcyQ2YzZGkyaVRZdlBjVT0sdGFnOjVlcG44U2FFOERFMkVLUm1iSW8xZ2c9PSx0eXBlOnN0cl0iLAoJCSJwZ3AiOiBudWxsLAoJCSJ1bmVuY3J5cHRlZF9zdWZmaXgiOiAiX3VuZW5jcnlwdGVkIiwKCQkidmVyc2lvbiI6ICIzLjcuMiIKCX0KfQ==",
+ "Hash": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLF52D88F2": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLSopsSync4B881273": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLF52D88F2"
+ },
+ "SopsInline": {
+ "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
+ },
+ "ConvertToJSON": false,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatD9CE8782": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLFlatD9CE8782"
+ },
+ "SopsInline": {
+ "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONEAE81DB0": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
+ },
+ "SopsInline": {
+ "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ "SopsInline": {
+ "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
+ "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "TestFunctionServiceRole6ABD93C7": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderAA18D140": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "S3Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
- },
- "Role": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SOPS_AGE_KEY": "AGE-SECRET-KEY-1EFUWJ0G2XJTJFWTAM2DGMA4VCK3R05W58FSMHZP3MZQ0ZTAQEAFQC6T7T3"
- }
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "Handler": "bootstrap",
- "Runtime": "provided.al2",
- "Timeout": 60
- },
- "DependsOn": [
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
]
+ }
+ ]
+ }
+ },
+ "TestFunction22AD90FC": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "ZipFile": "test"
},
- "SopsSecretYAMLC392F558": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLSopsSyncD61C4640": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "Environment": {
+ "Variables": {
+ "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLC392F558"
- },
- "SopsInline": {
- "Content": "a2V5MTogRU5DW0FFUzI1Nl9HQ00sZGF0YTpod2ZNM2JEMCxpdjo1T0JEMjg4c1B5TGhXdE82b2FWTkduT2NtazFOcmFCQ2QyVnhvcFd2S0R3PSx0YWc6a1JrYnNwK09Jd0l3aGUvaVhKbFB4UT09LHR5cGU6c3RyXQprZXkyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkgrdlpWTVU9LGl2Omxub08xckc4LzY0MDU0R3B2enA3SGRvd2g2TmhJQWNhYW5YZUZ3KzZWM3M9LHRhZzpNZkQrZmVKeDZDcGtnMTNyMkw1bENnPT0sdHlwZTppbnRdCmtleTM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6UnE4Y2FhMD0saXY6OW56c1ArSElYN3o1RjNzdHlSa1U0NDd0WE44NkdaL3l5bnN4QlFLM1lvTT0sdGFnOjhOUW1Hd2M0SEY5a3d5ZDF4dGk5aHc9PSx0eXBlOmJvb2xdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JOZVdkM2RHVjZNVTFzZERCWU5EVnQKICAgICAgICAgICAgYzJGNlMxSlNTazVqU25FMk0wVlZTMDgxZEZKT1dXTlllbXhWQ201TVVVWlVVRFZOT1Vod2RXRmFZalpRZDFWdwogICAgICAgICAgICBOWGtySzJJdmJtZ3hRVk5pVWxKa1pWaFRhbFJLU2trS0xTMHRJRkpIYVhneVRrMUhkMk5yZUV4V1dIRnVOVUp6CiAgICAgICAgICAgIFJVcFpUVVJ5VjFkRVRFMDVjbFZ1UTNScmVHc3JTbThLWjkxMFZXekZaajd1QU9oRTRvblBwemVmb2t1SCt4bnoKICAgICAgICAgICAgQlBKUFRodkQ4MFF3UFdVZGpKN1Fua1p6VzhGaGROM01JU2QwRzZ2TElqcTNTcUthY2RjcjZnPT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDFUMjA6NDA6MTlaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjM5ZS9FbVdYeGVZZHpIZ01WRGQ4WUtRNW8zNk9DZGdGSk9HamU1cm5uRVU2bi8raWhmUDhUQlhBYTYySml0WFJEUW15Vm4wbWx2K3MrYjFJbzB6THNjd3d5ZHBLOUI2a25laFpBMjlwd1dJUy9hRkF1WStGMDhja2c5TjhIUUhRcXFaL0FLd0Q4UnRUMWdET0hXeG54MEpnQ2grdkw2Z0NOMlZIVzJpQzlIND0saXY6dEhnbjNqcEJJUTcyTHhRVjJHMTBrVzIxekMwbVNtQTZlNTVBUTNGcjJhMD0sdGFnOktraFhhVFpFS2kvSG5xVXpnWVJVTnc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSON64419C04": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSONSopsSync5F0877FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLasJSON64419C04"
- },
- "SopsInline": {
- "Content": "a2V5MTogRU5DW0FFUzI1Nl9HQ00sZGF0YTpod2ZNM2JEMCxpdjo1T0JEMjg4c1B5TGhXdE82b2FWTkduT2NtazFOcmFCQ2QyVnhvcFd2S0R3PSx0YWc6a1JrYnNwK09Jd0l3aGUvaVhKbFB4UT09LHR5cGU6c3RyXQprZXkyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkgrdlpWTVU9LGl2Omxub08xckc4LzY0MDU0R3B2enA3SGRvd2g2TmhJQWNhYW5YZUZ3KzZWM3M9LHRhZzpNZkQrZmVKeDZDcGtnMTNyMkw1bENnPT0sdHlwZTppbnRdCmtleTM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6UnE4Y2FhMD0saXY6OW56c1ArSElYN3o1RjNzdHlSa1U0NDd0WE44NkdaL3l5bnN4QlFLM1lvTT0sdGFnOjhOUW1Hd2M0SEY5a3d5ZDF4dGk5aHc9PSx0eXBlOmJvb2xdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JOZVdkM2RHVjZNVTFzZERCWU5EVnQKICAgICAgICAgICAgYzJGNlMxSlNTazVqU25FMk0wVlZTMDgxZEZKT1dXTlllbXhWQ201TVVVWlVVRFZOT1Vod2RXRmFZalpRZDFWdwogICAgICAgICAgICBOWGtySzJJdmJtZ3hRVk5pVWxKa1pWaFRhbFJLU2trS0xTMHRJRkpIYVhneVRrMUhkMk5yZUV4V1dIRnVOVUp6CiAgICAgICAgICAgIFJVcFpUVVJ5VjFkRVRFMDVjbFZ1UTNScmVHc3JTbThLWjkxMFZXekZaajd1QU9oRTRvblBwemVmb2t1SCt4bnoKICAgICAgICAgICAgQlBKUFRodkQ4MFF3UFdVZGpKN1Fua1p6VzhGaGROM01JU2QwRzZ2TElqcTNTcUthY2RjcjZnPT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDFUMjA6NDA6MTlaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjM5ZS9FbVdYeGVZZHpIZ01WRGQ4WUtRNW8zNk9DZGdGSk9HamU1cm5uRVU2bi8raWhmUDhUQlhBYTYySml0WFJEUW15Vm4wbWx2K3MrYjFJbzB6THNjd3d5ZHBLOUI2a25laFpBMjlwd1dJUy9hRkF1WStGMDhja2c5TjhIUUhRcXFaL0FLd0Q4UnRUMWdET0hXeG54MEpnQ2grdkw2Z0NOMlZIVzJpQzlIND0saXY6dEhnbjNqcEJJUTcyTHhRVjJHMTBrVzIxekMwbVNtQTZlNTVBUTNGcjJhMD0sdGFnOktraFhhVFpFS2kvSG5xVXpnWVJVTnc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "c0d63dcd2d506c5d270284d70d1805688ff5d3a2e0d7515bfa56b1b3ed416c4f"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretDOTENV13EC93B6": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretDOTENVSopsSyncCF15A60A": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretDOTENV13EC93B6"
- },
- "SopsInline": {
- "Content": "YmFuYW5lPUVOQ1tBRVMyNTZfR0NNLGRhdGE6S2ZDYm83WjgsaXY6ZXdES1ZaSDcvZkw0d1Jrc0N5U2I0TTlISWhaNCt3NDNtWGdtWVV0S3pVOD0sdGFnOkt1b0ZGVUE0N0xKTFdwREpKd2I3Y0E9PSx0eXBlOnN0cl0KY3J5cHQ9RU5DW0FFUzI1Nl9HQ00sZGF0YToyQnBXVjR3RzdHbzU5Znl4VG1RYXFLbkl1Zz09LGl2OklmRUh3UytSZTJHOElIY091eW9tdldmZ2IwRzZYNnNsUlNOb05jbEROajQ9LHRhZzo1NDFRVFBMVUpjdW52cDhMWkl2K3hRPT0sdHlwZTpzdHJdCnNvcHNfYWdlX19saXN0XzBfX21hcF9lbmM9LS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQXdWRUpCY1hCcU1FdDZMM2xRVEZaTVxuWVVwbFNHUlBSRFZzTDJZME5GQk5ZV0Y1Y21aTGNYcGhjakZGQ21GeVVUVXZSalJSUlZoc09WZG1kMDluYmtaclxuZEc1d1RqZENZbFp4VG5sTVFXTkZkM0ZhVDNGdEswMEtMUzB0SUVJeVMycGpZVGxTU0RONVIwRnJlalpNZFVaa1xuTWxwbVJEVmpaazFTWlVWR1IwTkRkblZoV2podlZUZ0tzQjJNdlZyVWlKVTJxdk44eDhrVWhaZHZLUDFScXFmZFxudUh2YVhuVlowcHVMQ3lXNmJKUFBINDA4Tituc216Y1pJUzlYUHc5YVJwdFF2VVY1M081TlZ3PT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4Kc29wc19hZ2VfX2xpc3RfMF9fbWFwX3JlY2lwaWVudD1hZ2UxZGpsbHcycHp1cHJycWMwZW41bTh2YzhrNWdlM3RtMGY2ZzdjajBjMGdsZnpwNDR2ZGM0cWw4bmd2dQpzb3BzX2xhc3Rtb2RpZmllZD0yMDI0LTA0LTI5VDExOjU4OjI3Wgpzb3BzX21hYz1FTkNbQUVTMjU2X0dDTSxkYXRhOldFWWdMdlNBaVpwYmdUcTY3b2F3UFlpZTN2dWpIVmlZRlI1MXExS05ZQ3ZwdFo5WFZtNndVQ2Z1VmVuRDc5TWdTU3lTVEVGeFY3QlhjYnFNSUtUUCthRzdLNVBLZUh1dUE5MXVFUHdLdXYvWDJFcmNRMHR0SFZkK1JERGxvdjk3dzhOT0tXcmdxTmhXbFE4UE00dUNveXNwdDBEUlRMREZtRWRMeTkvTEpuWT0saXY6VURJUUpEV24wbWdnWVpTdHo5eDB6SjlPSlFRN0dMcTBldXI4TTRLMXUwbz0sdGFnOmtwWW9LTjlBdVgrSTZYcFJRZldPRFE9PSx0eXBlOnN0cl0Kc29wc191bmVuY3J5cHRlZF9zdWZmaXg9X3VuZW5jcnlwdGVkCnNvcHNfdmVyc2lvbj0zLjguMQo=",
- "Hash": "50e5eafdf09ae2e57258067e3833ee033c15faeff45ae85f22a3b74c7302d7fd"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "dotenv",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretDOTENVasJSONC46F5173": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretDOTENVasJSONSopsSync598B1279": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretDOTENVasJSONC46F5173"
- },
- "SopsInline": {
- "Content": "YmFuYW5lPUVOQ1tBRVMyNTZfR0NNLGRhdGE6S2ZDYm83WjgsaXY6ZXdES1ZaSDcvZkw0d1Jrc0N5U2I0TTlISWhaNCt3NDNtWGdtWVV0S3pVOD0sdGFnOkt1b0ZGVUE0N0xKTFdwREpKd2I3Y0E9PSx0eXBlOnN0cl0KY3J5cHQ9RU5DW0FFUzI1Nl9HQ00sZGF0YToyQnBXVjR3RzdHbzU5Znl4VG1RYXFLbkl1Zz09LGl2OklmRUh3UytSZTJHOElIY091eW9tdldmZ2IwRzZYNnNsUlNOb05jbEROajQ9LHRhZzo1NDFRVFBMVUpjdW52cDhMWkl2K3hRPT0sdHlwZTpzdHJdCnNvcHNfYWdlX19saXN0XzBfX21hcF9lbmM9LS0tLS1CRUdJTiBBR0UgRU5DUllQVEVEIEZJTEUtLS0tLVxuWVdkbExXVnVZM0o1Y0hScGIyNHViM0puTDNZeENpMCtJRmd5TlRVeE9TQXdWRUpCY1hCcU1FdDZMM2xRVEZaTVxuWVVwbFNHUlBSRFZzTDJZME5GQk5ZV0Y1Y21aTGNYcGhjakZGQ21GeVVUVXZSalJSUlZoc09WZG1kMDluYmtaclxuZEc1d1RqZENZbFp4VG5sTVFXTkZkM0ZhVDNGdEswMEtMUzB0SUVJeVMycGpZVGxTU0RONVIwRnJlalpNZFVaa1xuTWxwbVJEVmpaazFTWlVWR1IwTkRkblZoV2podlZUZ0tzQjJNdlZyVWlKVTJxdk44eDhrVWhaZHZLUDFScXFmZFxudUh2YVhuVlowcHVMQ3lXNmJKUFBINDA4Tituc216Y1pJUzlYUHc5YVJwdFF2VVY1M081TlZ3PT1cbi0tLS0tRU5EIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG4Kc29wc19hZ2VfX2xpc3RfMF9fbWFwX3JlY2lwaWVudD1hZ2UxZGpsbHcycHp1cHJycWMwZW41bTh2YzhrNWdlM3RtMGY2ZzdjajBjMGdsZnpwNDR2ZGM0cWw4bmd2dQpzb3BzX2xhc3Rtb2RpZmllZD0yMDI0LTA0LTI5VDExOjU4OjI3Wgpzb3BzX21hYz1FTkNbQUVTMjU2X0dDTSxkYXRhOldFWWdMdlNBaVpwYmdUcTY3b2F3UFlpZTN2dWpIVmlZRlI1MXExS05ZQ3ZwdFo5WFZtNndVQ2Z1VmVuRDc5TWdTU3lTVEVGeFY3QlhjYnFNSUtUUCthRzdLNVBLZUh1dUE5MXVFUHdLdXYvWDJFcmNRMHR0SFZkK1JERGxvdjk3dzhOT0tXcmdxTmhXbFE4UE00dUNveXNwdDBEUlRMREZtRWRMeTkvTEpuWT0saXY6VURJUUpEV24wbWdnWVpTdHo5eDB6SjlPSlFRN0dMcTBldXI4TTRLMXUwbz0sdGFnOmtwWW9LTjlBdVgrSTZYcFJRZldPRFE9PSx0eXBlOnN0cl0Kc29wc191bmVuY3J5cHRlZF9zdWZmaXg9X3VuZW5jcnlwdGVkCnNvcHNfdmVyc2lvbj0zLjguMQo=",
- "Hash": "50e5eafdf09ae2e57258067e3833ee033c15faeff45ae85f22a3b74c7302d7fd"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "dotenv",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONAD4C2662": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONSopsSyncCABA63FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretJSONAD4C2662"
- },
- "SopsInline": {
- "Content": "ewoJInNvbWUiOiB7CgkJImRlZXAiOiB7CgkJCSJuZXN0ZWQiOiB7CgkJCQkib2JqZWN0IjogIkVOQ1tBRVMyNTZfR0NNLGRhdGE6eXVrSHVHc0Qwd2dZLGl2OlVnaG44T2dOY2RJUFN6MWhYQ3BjbkpPRFNEcmsxOXkwVU1jd1F6VFJKRmM9LHRhZzp3T3BhMDNQZHA2M2VlVkwxdDlHUHdBPT0sdHlwZTpzdHJdIiwKCQkJCSJhcnJheXMiOiBbCgkJCQkJIkVOQ1tBRVMyNTZfR0NNLGRhdGE6TTMrOHZnPT0saXY6R0RyUWxSbkgwUDMybWxEOWVaTW92aEo0Tms2ck1iL0U3OUdRNXVQYmEwND0sdGFnOmFiT3YzeXNVMVlrOTZtdXhMR3lPSFE9PSx0eXBlOnN0cl0iLAoJCQkJCSJFTkNbQUVTMjU2X0dDTSxkYXRhOjBOQzBHTDVwUkE9PSxpdjorSkg2MlJTa253NkFYTjZ2TVBEQjJnbTlSUnRuQ2h4UHo4dHc5OVgvNnkwPSx0YWc6WlBLekhDWTY2SEswQmF1a2p2Wmx2UT09LHR5cGU6c3RyXSIsCgkJCQkJewoJCQkJCQkidmFsdWVzIjogewoJCQkJCQkJImFuZCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOlBWam5aMlptOWc9PSxpdjpXQWVORFQ0eGw5WEtYbmtHQXJzREthTjZUeFJUSTh1V090bjh4K0cwaG5NPSx0YWc6U3lMaWI4UlBONjVweXFrRmdQaGxWQT09LHR5cGU6c3RyXSIKCQkJCQkJfQoJCQkJCX0KCQkJCV0KCQkJfQoJCX0sCgkJIm5vdHNvZGVlcCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOktTZjZwbDFlLGl2Ok9LUjUraHc2R0N6Ym03NTBzQWxBWFc4L0c0U2U4QnUxRldISHRFZW5ZZVU9LHRhZzo1aGxGMDNPbTdxVmNKVUczVTk1dXZRPT0sdHlwZTpzdHJdIgoJfSwKCSJhbmQgbm93IjogewoJCSJzb21lIjogWwoJCQl7CgkJCQkiYmFzaWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpLQm80L2swPSxpdjprcDRneGhDcFduUC9WdkluRkJObHdYVEU2c2s0OE4zMjJzQWFHc05lZWJrPSx0YWc6RTQ1encxMmxrUmdLZEVJSC9BUm55QT09LHR5cGU6Ym9vbF0iCgkJCX0sCgkJCXsKCQkJCSJuZXN0ZWQiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpyekpzMW04PSxpdjorb1JuWFlQYTZKYnYvaU50MVFrbnloZFI3WjY3ZlZIVnEybnZxM0daT1RVPSx0YWc6QVdMaHRENEUvK0VISURKZ2lwcU0xQT09LHR5cGU6ZmxvYXRdIgoJCQl9LAoJCQl7CgkJCQkidHlwZSI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm5haFYzQk5FLGl2OmlkZGppenRqUmFVcVRhUzZ1VlRQUERpWEhOWVJEQytvSVBEODE5L0dDUnM9LHRhZzpxRDRienRDR3c5QzR3aTBLbDd2TFV3PT0sdHlwZTpmbG9hdF0iCgkJCX0sCgkJCXsKCQkJCSJ0ZXN0cyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOjhvZlhUSE5ENnc9PSxpdjpEcktvNHJ2M3ZWL044YjFTNWRUaUpHeUxITmx2bnJYOGdJWkRxTnpxMWVnPSx0YWc6Z0ZQbmRWOTZyT2sxUjBkQXplZm11QT09LHR5cGU6c3RyXSIKCQkJfQoJCV0KCX0sCgkic29wcyI6IHsKCQkia21zIjogbnVsbCwKCQkiZ2NwX2ttcyI6IG51bGwsCgkJImF6dXJlX2t2IjogbnVsbCwKCQkiaGNfdmF1bHQiOiBudWxsLAoJCSJhZ2UiOiBbCgkJCXsKCQkJCSJyZWNpcGllbnQiOiAiYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUiLAoJCQkJImVuYyI6ICItLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG5ZV2RsTFdWdVkzSjVjSFJwYjI0dWIzSm5MM1l4Q2kwK0lGZ3lOVFV4T1NBeFQzTkdVMEpFVDBOaVkxTlFjbTluXG5aRlpRU0NzMU56ZFphRWt2U0dobVREVjZiRkJIWTJWWmEyZGpDa2xDWmtKNFZ5OVNUbEJ1ZDJwclNtNUtSMWhyXG5OMGhwYURkb1dHdHhha1I2TVdnNVVqSTBTWEJpYlVVS0xTMHRJSGR0UjI5U1dUSXhXbWhNZW5sYWVVNXhlbTl1XG5LemhLYTNOS2JHcDJkRlZ4TVRWdVdpOVZkWEozTVc4S2FuejNEcElnUFhPOXU0NFRVc1RQdGd3VExiUDZZcFVmXG5Kb3Y0VDJvTHk0VW82NjhSTkNCMWZiS250NW55Y21SSnhlK3JZbU92bjJWZUw5dldjdzBrWnc9PVxuLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS1cbiIKCQkJfQoJCV0sCgkJImxhc3Rtb2RpZmllZCI6ICIyMDIyLTA0LTAzVDE3OjI0OjI0WiIsCgkJIm1hYyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm1VU0tGeVlxYnhRV2lyZnpOdnlOTXZySjkraiszUTlzL0FSak9XSlpPSnJBeXBKWVB0YlphL2R1U0w0Q3pCVzZLZExmOVlSZkk3SGppS1g1RzhTVUw5ZjVCekFYSUdCcS9EQUVmYVhaOEFyekhmSzR0dHg5UGUydEwrRGpPLy9tSEdFSjg4SllFVmpyRU1MRytORGE5YXJwREtLOCtPNEx1RUNTb0NhYWFxST0saXY6MlcyVnRDVkdmc2tvb1dNQWlMb0xMY0RndTlQdXcyQ2YzZGkyaVRZdlBjVT0sdGFnOjVlcG44U2FFOERFMkVLUm1iSW8xZ2c9PSx0eXBlOnN0cl0iLAoJCSJwZ3AiOiBudWxsLAoJCSJ1bmVuY3J5cHRlZF9zdWZmaXgiOiAiX3VuZW5jcnlwdGVkIiwKCQkidmVyc2lvbiI6ICIzLjcuMiIKCX0KfQ==",
- "Hash": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "json",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatF5FC1D69": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "SopsComplexSecretJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- "SopsInline": {
- "Content": "ewoJInNvbWUiOiB7CgkJImRlZXAiOiB7CgkJCSJuZXN0ZWQiOiB7CgkJCQkib2JqZWN0IjogIkVOQ1tBRVMyNTZfR0NNLGRhdGE6eXVrSHVHc0Qwd2dZLGl2OlVnaG44T2dOY2RJUFN6MWhYQ3BjbkpPRFNEcmsxOXkwVU1jd1F6VFJKRmM9LHRhZzp3T3BhMDNQZHA2M2VlVkwxdDlHUHdBPT0sdHlwZTpzdHJdIiwKCQkJCSJhcnJheXMiOiBbCgkJCQkJIkVOQ1tBRVMyNTZfR0NNLGRhdGE6TTMrOHZnPT0saXY6R0RyUWxSbkgwUDMybWxEOWVaTW92aEo0Tms2ck1iL0U3OUdRNXVQYmEwND0sdGFnOmFiT3YzeXNVMVlrOTZtdXhMR3lPSFE9PSx0eXBlOnN0cl0iLAoJCQkJCSJFTkNbQUVTMjU2X0dDTSxkYXRhOjBOQzBHTDVwUkE9PSxpdjorSkg2MlJTa253NkFYTjZ2TVBEQjJnbTlSUnRuQ2h4UHo4dHc5OVgvNnkwPSx0YWc6WlBLekhDWTY2SEswQmF1a2p2Wmx2UT09LHR5cGU6c3RyXSIsCgkJCQkJewoJCQkJCQkidmFsdWVzIjogewoJCQkJCQkJImFuZCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOlBWam5aMlptOWc9PSxpdjpXQWVORFQ0eGw5WEtYbmtHQXJzREthTjZUeFJUSTh1V090bjh4K0cwaG5NPSx0YWc6U3lMaWI4UlBONjVweXFrRmdQaGxWQT09LHR5cGU6c3RyXSIKCQkJCQkJfQoJCQkJCX0KCQkJCV0KCQkJfQoJCX0sCgkJIm5vdHNvZGVlcCI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOktTZjZwbDFlLGl2Ok9LUjUraHc2R0N6Ym03NTBzQWxBWFc4L0c0U2U4QnUxRldISHRFZW5ZZVU9LHRhZzo1aGxGMDNPbTdxVmNKVUczVTk1dXZRPT0sdHlwZTpzdHJdIgoJfSwKCSJhbmQgbm93IjogewoJCSJzb21lIjogWwoJCQl7CgkJCQkiYmFzaWMiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpLQm80L2swPSxpdjprcDRneGhDcFduUC9WdkluRkJObHdYVEU2c2s0OE4zMjJzQWFHc05lZWJrPSx0YWc6RTQ1encxMmxrUmdLZEVJSC9BUm55QT09LHR5cGU6Ym9vbF0iCgkJCX0sCgkJCXsKCQkJCSJuZXN0ZWQiOiAiRU5DW0FFUzI1Nl9HQ00sZGF0YTpyekpzMW04PSxpdjorb1JuWFlQYTZKYnYvaU50MVFrbnloZFI3WjY3ZlZIVnEybnZxM0daT1RVPSx0YWc6QVdMaHRENEUvK0VISURKZ2lwcU0xQT09LHR5cGU6ZmxvYXRdIgoJCQl9LAoJCQl7CgkJCQkidHlwZSI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm5haFYzQk5FLGl2OmlkZGppenRqUmFVcVRhUzZ1VlRQUERpWEhOWVJEQytvSVBEODE5L0dDUnM9LHRhZzpxRDRienRDR3c5QzR3aTBLbDd2TFV3PT0sdHlwZTpmbG9hdF0iCgkJCX0sCgkJCXsKCQkJCSJ0ZXN0cyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOjhvZlhUSE5ENnc9PSxpdjpEcktvNHJ2M3ZWL044YjFTNWRUaUpHeUxITmx2bnJYOGdJWkRxTnpxMWVnPSx0YWc6Z0ZQbmRWOTZyT2sxUjBkQXplZm11QT09LHR5cGU6c3RyXSIKCQkJfQoJCV0KCX0sCgkic29wcyI6IHsKCQkia21zIjogbnVsbCwKCQkiZ2NwX2ttcyI6IG51bGwsCgkJImF6dXJlX2t2IjogbnVsbCwKCQkiaGNfdmF1bHQiOiBudWxsLAoJCSJhZ2UiOiBbCgkJCXsKCQkJCSJyZWNpcGllbnQiOiAiYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUiLAoJCQkJImVuYyI6ICItLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tXG5ZV2RsTFdWdVkzSjVjSFJwYjI0dWIzSm5MM1l4Q2kwK0lGZ3lOVFV4T1NBeFQzTkdVMEpFVDBOaVkxTlFjbTluXG5aRlpRU0NzMU56ZFphRWt2U0dobVREVjZiRkJIWTJWWmEyZGpDa2xDWmtKNFZ5OVNUbEJ1ZDJwclNtNUtSMWhyXG5OMGhwYURkb1dHdHhha1I2TVdnNVVqSTBTWEJpYlVVS0xTMHRJSGR0UjI5U1dUSXhXbWhNZW5sYWVVNXhlbTl1XG5LemhLYTNOS2JHcDJkRlZ4TVRWdVdpOVZkWEozTVc4S2FuejNEcElnUFhPOXU0NFRVc1RQdGd3VExiUDZZcFVmXG5Kb3Y0VDJvTHk0VW82NjhSTkNCMWZiS250NW55Y21SSnhlK3JZbU92bjJWZUw5dldjdzBrWnc9PVxuLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS1cbiIKCQkJfQoJCV0sCgkJImxhc3Rtb2RpZmllZCI6ICIyMDIyLTA0LTAzVDE3OjI0OjI0WiIsCgkJIm1hYyI6ICJFTkNbQUVTMjU2X0dDTSxkYXRhOm1VU0tGeVlxYnhRV2lyZnpOdnlOTXZySjkraiszUTlzL0FSak9XSlpPSnJBeXBKWVB0YlphL2R1U0w0Q3pCVzZLZExmOVlSZkk3SGppS1g1RzhTVUw5ZjVCekFYSUdCcS9EQUVmYVhaOEFyekhmSzR0dHg5UGUydEwrRGpPLy9tSEdFSjg4SllFVmpyRU1MRytORGE5YXJwREtLOCtPNEx1RUNTb0NhYWFxST0saXY6MlcyVnRDVkdmc2tvb1dNQWlMb0xMY0RndTlQdXcyQ2YzZGkyaVRZdlBjVT0sdGFnOjVlcG44U2FFOERFMkVLUm1iSW8xZ2c9PSx0eXBlOnN0cl0iLAoJCSJwZ3AiOiBudWxsLAoJCSJ1bmVuY3J5cHRlZF9zdWZmaXgiOiAiX3VuZW5jcnlwdGVkIiwKCQkidmVyc2lvbiI6ICIzLjcuMiIKCX0KfQ==",
- "Hash": "313aad921c737076a990ead756b250f1677aecc927177440df0c809cd56bf282"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLF52D88F2": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLSopsSync4B881273": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLF52D88F2"
- },
- "SopsInline": {
- "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
- },
- "ConvertToJSON": false,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatD9CE8782": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLFlatD9CE8782"
- },
- "SopsInline": {
- "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONEAE81DB0": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
- },
- "SopsInline": {
- "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- "SopsInline": {
- "Content": "c29tZToKICAgIGRlZXA6CiAgICAgICAgbmVzdGVkOgogICAgICAgICAgICBvYmplY3Q6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6WW1kZVJGRUdLS1VULGl2OjhPOVFVdlU3ZzFFK2F3WUtYU3hra3pVS3pCYzhhZFVEdG1QaXdqdFBQYjA9LHRhZzozT3Q4eU5DbzJwM1JIMERUNStBa2JRPT0sdHlwZTpzdHJdCiAgICAgICAgICAgIGFycmF5czoKICAgICAgICAgICAgICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpoYWFEWnc9PSxpdjo0L2FVZ3NFbXNVcEUvMUs1aUdiQjJJQmNiWm0wUDdrM2lMNElSOWtPbkFJPSx0YWc6bkFhc1MvLzEvWEFBU3Myc2I2dklUQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlZvalRZbUVpbHc9PSxpdjppMi9zRm05TXBMYjRML1dZeWtCNGJ4THVvN3FadjVOcmRTSGNNK2dZaGh3PSx0YWc6NS8rTTZlRUlkc2IvYjN3clhQanNtQT09LHR5cGU6c3RyXQogICAgICAgICAgICAgICAgLSB2YWx1ZXM6CiAgICAgICAgICAgICAgICAgICAgYW5kOiBFTkNbQUVTMjU2X0dDTSxkYXRhOkJnOTI0dExUWmc9PSxpdjprOEFFYkw4Vkd0NXViS0tOV1JYVVBlTVF4ODRjeFBDb1EweVd4NkR2d29jPSx0YWc6bzhjUnRHSnh0Q3RKYTdCajNaMG0yQT09LHR5cGU6c3RyXQogICAgbm90c29kZWVwOiBFTkNbQUVTMjU2X0dDTSxkYXRhOndwaU15cExoLGl2OmhpTG9BZGd6RTlQYlNrMjEydTNJamlnRXp4aU5nYUtWZysyU2pqRUZ1bkU9LHRhZzpkTGwxdTVSOUYxMDVKN3FJNWMzb0V3PT0sdHlwZTpzdHJdCmFuZCBub3c6CiAgICBzb21lOgogICAgICAgIC0gYmFzaWM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6bU9od0duYz0saXY6ZGdNaklaTkl6QlZUZE0wTHllVHdKYk92cmh0TDNDZUVWSlFRYVplRkdvWT0sdGFnOm9CU3dEanlEQXlGZ2xJVFlCdnNIZVE9PSx0eXBlOmJvb2xdCiAgICAgICAgLSBuZXN0ZWQ6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6c2dzcTJLYz0saXY6MmoxQ0R6cXdDU3dvK1E4eHpOV2FpUVB3ZUMvOFZSMGlwMjVmeFFuNitubz0sdGFnOjl4RHFyZERjSDA3VkVock9hSzdMemc9PSx0eXBlOmludF0KICAgICAgICAtIHR5cGU6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6dDlpSUpVazAsaXY6NVl1K2tDV1BJNzZ1QzR0OUZqMTdnRVdWYytScHB2eXNZSFluMVJQV1ZRMD0sdGFnOlRCaHowb0d2aGJPRWZoU0FsMEFsd3c9PSx0eXBlOmZsb2F0XQogICAgICAgIC0gdGVzdHM6IEVOQ1tBRVMyNTZfR0NNLGRhdGE6S2xoa21RREQxQT09LGl2Om1zT1dBb0duc0I4bGNreTBIZUJ1WFlYN0JYY2xxVmZNMm95cldKcm5FNzA9LHRhZzphcENTNlFtYVZiVXpkc3VsOWw5V0NnPT0sdHlwZTpzdHJdCnNvcHM6CiAgICBrbXM6IFtdCiAgICBnY3Bfa21zOiBbXQogICAgYXp1cmVfa3Y6IFtdCiAgICBoY192YXVsdDogW10KICAgIGFnZToKICAgICAgICAtIHJlY2lwaWVudDogYWdlMWRqbGx3MnB6dXBycnFjMGVuNW04dmM4azVnZTN0bTBmNmc3Y2owYzBnbGZ6cDQ0dmRjNHFsOG5ndnUKICAgICAgICAgIGVuYzogfAogICAgICAgICAgICAtLS0tLUJFR0lOIEFHRSBFTkNSWVBURUQgRklMRS0tLS0tCiAgICAgICAgICAgIFlXZGxMV1Z1WTNKNWNIUnBiMjR1YjNKbkwzWXhDaTArSUZneU5UVXhPU0JhVVZCQ1JWaDFTbVZxYkc1RGVuRmEKICAgICAgICAgICAgYnk5SVUyNHJPSGRWTWtjMFkxTkNhQ3RxUVRFd2R6WnFXVzF2Q2t4NU5YQk1aa1pDZVRrdlFXMXRVRWR2UjJseQogICAgICAgICAgICBNV2xTVEUxalZXdEhkMFJvYTNSUFMzVktRalJUWWxVS0xTMHRJRGhDWjNNMlFWZFZiMmwwUzBOUE1ETlNhbFZTCiAgICAgICAgICAgIE5WbzRaVlZTTkhGUFJHRnllbkJxTjJ0UE5XUndOemdLeHBUZmlKRkJtTjlPd1F5SDJrSVMxUHBoTmllQ0tNcFoKICAgICAgICAgICAgeWtXQXRoS1oyYTM1dnpHcGRiMFVWVFVjM2hReG93Nm5KQ0dlUExndkxHQ05FSytCWDluUTV3PT0KICAgICAgICAgICAgLS0tLS1FTkQgQUdFIEVOQ1JZUFRFRCBGSUxFLS0tLS0KICAgIGxhc3Rtb2RpZmllZDogIjIwMjItMDQtMDNUMTc6MjU6MjRaIgogICAgbWFjOiBFTkNbQUVTMjU2X0dDTSxkYXRhOnNZRGo5eGsrUktYZ3pCR0JOVHpzcUNjSGdMVjBqak9JMXE1U3lTTGhsYnNHNjNjaDdmWGVkWkxzT0p0V2hGNXgxdjIyZmZVU1lVK0hITVFnQnBQUklsa0h1R1FDU1hrOEt5dGg0eUlmUnBZcmVKYlUzaC9ZNmNEMjcycWNYWHJqK0V5QlFEM3k1dzZiU2RGYXRLeFgvVmk0VG1uZ3JNL2F6ajRqTHp1L3UrST0saXY6ajBiMFd2d0paa3RuNWwxcG91V2RFOE1xNllsMXlqdWxDNTlKbENUMGhFdz0sdGFnOmY2RzBEQjc3bURwcWxvV25hZGMzVWc9PSx0eXBlOnN0cl0KICAgIHBncDogW10KICAgIHVuZW5jcnlwdGVkX3N1ZmZpeDogX3VuZW5jcnlwdGVkCiAgICB2ZXJzaW9uOiAzLjcuMgo=",
- "Hash": "4547532a137611d83958d17095c6c2d38ae0036a760c3b79c9dd5957d1c20cf2"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "TestFunctionServiceRole6ABD93C7": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
+ "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
]
+ ]
}
+ }
},
- "TestFunction22AD90FC": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "ZipFile": "test"
- },
- "Role": {
- "Fn::GetAtt": [
- "TestFunctionServiceRole6ABD93C7",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- }
- }
- },
- "Handler": "test",
- "Runtime": "nodejs14.x"
- },
- "DependsOn": [
- "TestFunctionServiceRole6ABD93C7"
- ]
- }
- },
- "Parameters": {
- "BootstrapVersion": {
- "Type": "AWS::SSM::Parameter::Value",
- "Default": "/cdk-bootstrap/hnb659fds/version",
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
- }
- },
- "Rules": {
- "CheckBootstrapVersion": {
- "Assertions": [
- {
- "Assert": {
- "Fn::Not": [
- {
- "Fn::Contains": [
- [
- "1",
- "2",
- "3",
- "4",
- "5"
- ],
- {
- "Ref": "BootstrapVersion"
- }
- ]
- }
- ]
- },
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
- }
+ "Handler": "test",
+ "Role": {
+ "Fn::GetAtt": [
+ "TestFunctionServiceRole6ABD93C7",
+ "Arn"
+ ]
+ },
+ "Runtime": "nodejs14.x"
+ },
+ "DependsOn": [
+ "TestFunctionServiceRole6ABD93C7"
+ ]
+ }
+ },
+ "Parameters": {
+ "BootstrapVersion": {
+ "Type": "AWS::SSM::Parameter::Value",
+ "Default": "/cdk-bootstrap/hnb659fds/version",
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+ }
+ },
+ "Rules": {
+ "CheckBootstrapVersion": {
+ "Assertions": [
+ {
+ "Assert": {
+ "Fn::Not": [
+ {
+ "Fn::Contains": [
+ [
+ "1",
+ "2",
+ "3",
+ "4",
+ "5"
+ ],
+ {
+ "Ref": "BootstrapVersion"
+ }
+ ]
+ }
]
+ },
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
+ ]
}
+ }
}
\ No newline at end of file
diff --git a/test/secret-manual.integ.snapshot/SecretIntegrationAsset.assets.json b/test/secret-manual.integ.snapshot/SecretIntegrationAsset.assets.json
index 547dcc1a..7024bb6a 100644
--- a/test/secret-manual.integ.snapshot/SecretIntegrationAsset.assets.json
+++ b/test/secret-manual.integ.snapshot/SecretIntegrationAsset.assets.json
@@ -1,20 +1,20 @@
{
- "version": "15.0.0",
+ "version": "36.0.0",
"files": {
- "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
+ "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67": {
"source": {
- "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "path": "asset.ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "objectKey": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
- "022d32671e6fbd021c620bba93a72070d50d1939b49527bf8adf048e7389f025": {
+ "a10f8631073a4b4c6e469817de297c7580bb1e4280158f3300516c5a25f09166": {
"source": {
"path": "SecretIntegrationAsset.template.json",
"packaging": "file"
@@ -22,7 +22,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "022d32671e6fbd021c620bba93a72070d50d1939b49527bf8adf048e7389f025.json",
+ "objectKey": "a10f8631073a4b4c6e469817de297c7580bb1e4280158f3300516c5a25f09166.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/test/secret-manual.integ.snapshot/SecretIntegrationAsset.template.json b/test/secret-manual.integ.snapshot/SecretIntegrationAsset.template.json
index 2f7a3168..65ee63ff 100644
--- a/test/secret-manual.integ.snapshot/SecretIntegrationAsset.template.json
+++ b/test/secret-manual.integ.snapshot/SecretIntegrationAsset.template.json
@@ -1,781 +1,781 @@
{
- "Resources": {
- "SopsSecretJSON72040543": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "Resources": {
+ "SopsSecretJSON72040543": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretJSONSopsSync701F9A56": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
},
- "SopsSecretJSONSopsSync701F9A56": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
- ]
- },
- "SecretARN": {
- "Ref": "SopsSecretJSON72040543"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.json"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
- ]
+ "SecretARN": {
+ "Ref": "SopsSecretJSON72040543"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderAA18D140": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "S3Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
- },
- "Role": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SOPS_AGE_KEY": ""
- }
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "Handler": "bootstrap",
- "Runtime": "provided.al2",
- "Timeout": 60
- },
- "DependsOn": [
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
]
+ }
+ ]
+ }
+ },
+ "SingletonLambdaSopsSyncProviderAA18D140": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "S3Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "S3Key": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip"
},
- "SopsSecretYAMLC392F558": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "Environment": {
+ "Variables": {
+ "SOPS_AGE_KEY": ""
+ }
+ },
+ "Handler": "bootstrap",
+ "Role": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
+ "Arn"
+ ]
+ },
+ "Runtime": "provided.al2",
+ "Timeout": 60
+ },
+ "DependsOn": [
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ]
+ },
+ "SopsSecretYAMLC392F558": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLSopsSyncD61C4640": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLC392F558"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.json"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSON64419C04": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretYAMLasJSONSopsSync5F0877FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsSecretYAMLasJSON64419C04"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONAD4C2662": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONSopsSyncCABA63FF": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONAD4C2662"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatF5FC1D69": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.json"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "json",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLF52D88F2": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLSopsSync4B881273": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
},
- "SopsSecretYAMLSopsSyncD61C4640": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLF52D88F2"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.yaml"
+ },
+ "ConvertToJSON": false,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatD9CE8782": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopComplexSecretYAMLFlatD9CE8782"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.yaml"
+ },
+ "ConvertToJSON": false,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONEAE81DB0": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.yaml"
+ },
+ "ConvertToJSON": true,
+ "Flatten": false,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
+ },
+ "SecretARN": {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ "SopsS3File": {
+ "Bucket": "testbucket",
+ "Key": "secret.yaml"
+ },
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "TestFunctionServiceRole6ABD93C7": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
+ ]
+ }
+ ]
+ }
+ },
+ "TestFunction22AD90FC": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "ZipFile": "test"
+ },
+ "Environment": {
+ "Variables": {
+ "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLC392F558"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.json"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSON64419C04": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsSecretYAMLasJSONSopsSync5F0877FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsSecretYAMLasJSON64419C04"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.json"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONAD4C2662": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONSopsSyncCABA63FF": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretJSONAD4C2662"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.json"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "json",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatF5FC1D69": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretJSONFlatSopsSyncC4165B67": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "SopsComplexSecretJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.json"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "json",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLF52D88F2": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "SopsComplexSecretJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretJSONFlatSopsSyncC4165B67",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLSopsSync4B881273": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[0].basic::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLF52D88F2"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.yaml"
- },
- "ConvertToJSON": false,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatD9CE8782": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[1].nested::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopComplexSecretYAMLFlatSopsSync8B86CE19": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[2].type::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopComplexSecretYAMLFlatD9CE8782"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.yaml"
- },
- "ConvertToJSON": false,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONEAE81DB0": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:and now.some[3].tests::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONSopsSyncC4061B33": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[0]::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
- "Ref": "SopsComplexSecretYAMLasJSONEAE81DB0"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.yaml"
- },
- "ConvertToJSON": true,
- "Flatten": false,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlat9FD04B78": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[1]::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.deep.nested.arrays[2].values.and::",
+ {
"Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
]
- },
- "SecretARN": {
+ },
+ "}}"
+ ]
+ ]
+ },
+ "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
"Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- "SopsS3File": {
- "Bucket": "testbucket",
- "Key": "secret.yaml"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
+ },
+ ":SecretString:some.deep.nested.object::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
+ ]
+ ]
},
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
- },
- "TestFunctionServiceRole6ABD93C7": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
+ "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
+ "Fn::Join": [
+ "",
+ [
+ "{{resolve:secretsmanager:",
+ {
+ "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
+ },
+ ":SecretString:some.notsodeep::",
+ {
+ "Fn::GetAtt": [
+ "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
+ "VersionId"
+ ]
+ },
+ "}}"
]
+ ]
}
+ }
},
- "TestFunction22AD90FC": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "ZipFile": "test"
- },
- "Role": {
- "Fn::GetAtt": [
- "TestFunctionServiceRole6ABD93C7",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SopsComplexSecretJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "SopsComplexSecretJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretJSONFlatF5FC1D69"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretJSONFlatSopsSyncC4165B67",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_0_basic": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[0].basic::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_1_nested": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[1].nested::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_2_type": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[2].type::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_and_now_some_3_tests": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:and now.some[3].tests::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_0": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[0]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_1": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[1]::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_arrays_2_values_and": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.arrays[2].values.and::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_deep_nested_object": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.deep.nested.object::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- },
- "sopsComplexSecretYAMLasJSONFlat_some_notsodeep": {
- "Fn::Join": [
- "",
- [
- "{{resolve:secretsmanager:",
- {
- "Ref": "SopsComplexSecretYAMLasJSONFlat9FD04B78"
- },
- ":SecretString:some.notsodeep::",
- {
- "Fn::GetAtt": [
- "SopsComplexSecretYAMLasJSONFlatSopsSync05F4A91A",
- "VersionId"
- ]
- },
- "}}"
- ]
- ]
- }
- }
- },
- "Handler": "test",
- "Runtime": "nodejs14.x"
- },
- "DependsOn": [
- "TestFunctionServiceRole6ABD93C7"
- ]
- }
- },
- "Parameters": {
- "BootstrapVersion": {
- "Type": "AWS::SSM::Parameter::Value",
- "Default": "/cdk-bootstrap/hnb659fds/version",
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
- }
- },
- "Rules": {
- "CheckBootstrapVersion": {
- "Assertions": [
- {
- "Assert": {
- "Fn::Not": [
- {
- "Fn::Contains": [
- [
- "1",
- "2",
- "3",
- "4",
- "5"
- ],
- {
- "Ref": "BootstrapVersion"
- }
- ]
- }
- ]
- },
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
- }
+ "Handler": "test",
+ "Role": {
+ "Fn::GetAtt": [
+ "TestFunctionServiceRole6ABD93C7",
+ "Arn"
+ ]
+ },
+ "Runtime": "nodejs14.x"
+ },
+ "DependsOn": [
+ "TestFunctionServiceRole6ABD93C7"
+ ]
+ }
+ },
+ "Parameters": {
+ "BootstrapVersion": {
+ "Type": "AWS::SSM::Parameter::Value",
+ "Default": "/cdk-bootstrap/hnb659fds/version",
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+ }
+ },
+ "Rules": {
+ "CheckBootstrapVersion": {
+ "Assertions": [
+ {
+ "Assert": {
+ "Fn::Not": [
+ {
+ "Fn::Contains": [
+ [
+ "1",
+ "2",
+ "3",
+ "4",
+ "5"
+ ],
+ {
+ "Ref": "BootstrapVersion"
+ }
+ ]
+ }
]
+ },
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
+ ]
}
+ }
}
\ No newline at end of file
diff --git a/test/secret-multikms.integ.snapshot/SecretMultiKms.assets.json b/test/secret-multikms.integ.snapshot/SecretMultiKms.assets.json
index 9cc2a39b..ce2f570d 100644
--- a/test/secret-multikms.integ.snapshot/SecretMultiKms.assets.json
+++ b/test/secret-multikms.integ.snapshot/SecretMultiKms.assets.json
@@ -1,20 +1,20 @@
{
- "version": "15.0.0",
+ "version": "36.0.0",
"files": {
- "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
+ "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67": {
"source": {
- "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "path": "asset.ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
+ "objectKey": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
- "6fd9d449eef6bf5ecffa43e95c14b74b0bdf4edce4045b913fb88cdf08c885e6": {
+ "4071c031f93e72accb68caa03122b1b25bf090a8ed02d004f40c8216ecb47eb6": {
"source": {
"path": "SecretMultiKms.template.json",
"packaging": "file"
@@ -22,7 +22,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "6fd9d449eef6bf5ecffa43e95c14b74b0bdf4edce4045b913fb88cdf08c885e6.json",
+ "objectKey": "4071c031f93e72accb68caa03122b1b25bf090a8ed02d004f40c8216ecb47eb6.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/test/secret-multikms.integ.snapshot/SecretMultiKms.template.json b/test/secret-multikms.integ.snapshot/SecretMultiKms.template.json
index 7c5ddfcc..1d226e5d 100644
--- a/test/secret-multikms.integ.snapshot/SecretMultiKms.template.json
+++ b/test/secret-multikms.integ.snapshot/SecretMultiKms.template.json
@@ -1,176 +1,176 @@
{
- "Resources": {
- "SopsSecretF929FB43": {
- "Type": "AWS::SecretsManager::Secret",
- "Properties": {
- "GenerateSecretString": {}
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "Resources": {
+ "SopsSecretF929FB43": {
+ "Type": "AWS::SecretsManager::Secret",
+ "Properties": {
+ "GenerateSecretString": {}
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SopsSecretSopsSync7D825417": {
+ "Type": "Custom::SopsSync",
+ "Properties": {
+ "ServiceToken": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderAA18D140",
+ "Arn"
+ ]
},
- "SopsSecretSopsSync7D825417": {
- "Type": "Custom::SopsSync",
- "Properties": {
- "ServiceToken": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderAA18D140",
- "Arn"
- ]
- },
- "SecretARN": {
- "Ref": "SopsSecretF929FB43"
- },
- "SopsInline": {
- "Content": "IyBUaGlzIHNlY3JldCBpcyBub3Qgd29ya2luZywganVzdCBmb3IgdGVzdGluZyByZWNvZ25pdGlvbiBvZiBzZXZlcmFsIGttcyBrZXlzCgpoZWxsbzogRU5DW0FFUzI1Nl9HQ00sZGF0YTpzc3diUkhjY0l1aXNiR3lPK21HL0VXYisxSmN0cU5Vb3JPelFVYU1SbjNIa0F5V3RyZU51WnloWVlsa3ZjZz09LGl2OlhwSGlsaHlDUlhhOGNsR2lFY2twcXVDcVNaR1dBODBIMGVEVW1SODB4aEU9LHRhZzpXc3V4STRsVUh3SkVhczc2T0RReFVBPT0sdHlwZTpzdHJdCmV4YW1wbGVfa2V5OiBFTkNbQUVTMjU2X0dDTSxkYXRhOi80T3RpSDNub29UVlp1ekMrZz09LGl2OlI2cXJOWTdHQXhjSXdSNDJidkUyNzc0dWYrSWZROXB2OVVBNzhMbWl0VTA9LHRhZzpqRm9nVnN5Y3VmU1hSdkJLWExWQTlnPT0sdHlwZTpzdHJdCiNFTkNbQUVTMjU2X0dDTSxkYXRhOmFGakhsK0tLMzdPSXNGa2hCcWJXQWEwPSxpdjpaU1FQNjVRaDZpc2dRTDZhUXFrOVE0YlBDeHFkL2swdys5cXpuYXVtMVBBPSx0YWc6N0NVdXFuZEc0YjNKM3YvZzVPS08yUT09LHR5cGU6Y29tbWVudF0KZXhhbXBsZV9hcnJheToKICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpVeFdmc0JhR2NncmVnbURmS01JPSxpdjpYQnMyT0NvSFdPbW9iajFPUGQvY2xiVUpGYlBUZEFkb3RGSFZHUW0xVFAwPSx0YWc6Q1RUMTVaWWQxbkc4a0phckRETFpMQT09LHR5cGU6c3RyXQogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlFQOFpLYTg4bjdTbkphSy9aTGs9LGl2OlE3YUJzV3JJdjBHOEQzM0l3NjVLUnFPUndxeVVXamFBdklCU2JXTkhBV3c9LHRhZzp3QkI3dFJjYzZ5UnY1Y0E1M2s1am9nPT0sdHlwZTpzdHJdCmV4YW1wbGVfbnVtYmVyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjQxUXZKb0NKNU11RUxRPT0saXY6UWV4Sk0rcndodVpjeERMM1RERXN3cGs4cXdVZVU2YkdrNWk1VENkdWlFaz0sdGFnOnJ6eWtNWXJtSHl2M1VIakVHUnJOSGc9PSx0eXBlOmZsb2F0XQpleGFtcGxlX2Jvb2xlYW5zOgogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOjJzRmhEZz09LGl2OmhCTVoweC8xUkpDLzJOZVEvQkV1Z1BEVkNDb252VkhDWmsxVGFrOXZsbjg9LHRhZzpDSnF5eDd5QXRObkZBRHZEYWtmWGJBPT0sdHlwZTpib29sXQogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOjUxVDNoOUE9LGl2OjBWdXdNSndVUlQ4QXlaRUFwdFFDNWtkNWsrZGZaREhSNThNcjRaNFRWSUk9LHRhZzptVEsxdlFFOWVYbGhBa0xRb2dqZGZ3PT0sdHlwZTpib29sXQpzb3BzOgogICAga21zOgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMC0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMS0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMi0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMy0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgZ2NwX2ttczogW10KICAgIGF6dXJlX2t2OiBbXQogICAgaGNfdmF1bHQ6IFtdCiAgICBhZ2U6IFtdCiAgICBsYXN0bW9kaWZpZWQ6ICIyMDIyLTA0LTAzVDE3OjM0OjU2WiIKICAgIG1hYzogRU5DW0FFUzI1Nl9HQ00sZGF0YTpxRGkvQ2FBR2ZYYmNDeFBYeEhSVm5EaVAzYXlMaEw1K09yZHYrckN5Ri9NMGlCbE82UEVCZXo0bVcrMEpFNEY4RThhM2xNSk9SaGFFR1RtUnRHeXpQWG02MkRvTkxwVmVwcWo4ZmRCTmd6eERRZGJUWDJ5ZlBvU2x0U215Q3A3bHBuYlVqR3dTSFZIc0dLOCsxRUVvb2NUbjgxZWZQMGh5dFJTb2NZRUtPTlk9LGl2Ojh2WjQxN05ocDZCTzJrRTVJYzRIUmt6S2pTNzllbnJmVkpsc1llcTU5Rm89LHRhZzptcEUrT3RvK0hQTGQydHNXdXRldVNBPT0sdHlwZTpzdHJdCiAgICBwZ3A6IFtdCiAgICB1bmVuY3J5cHRlZF9zdWZmaXg6IF91bmVuY3J5cHRlZAogICAgdmVyc2lvbjogMy43LjIK",
- "Hash": "64b76be8cee263a01e4ce4865e9951772393a250904834cd69a8268dcaa77578"
- },
- "ConvertToJSON": true,
- "Flatten": true,
- "Format": "yaml",
- "StringifiedValues": true
- },
- "UpdateReplacePolicy": "Delete",
- "DeletionPolicy": "Delete"
+ "SecretARN": {
+ "Ref": "SopsSecretF929FB43"
},
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Action": "sts:AssumeRole",
- "Effect": "Allow",
- "Principal": {
- "Service": "lambda.amazonaws.com"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "ManagedPolicyArns": [
- {
- "Fn::Join": [
- "",
- [
- "arn:",
- {
- "Ref": "AWS::Partition"
- },
- ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
- ]
- ]
- }
- ]
- }
+ "SopsInline": {
+ "Content": "IyBUaGlzIHNlY3JldCBpcyBub3Qgd29ya2luZywganVzdCBmb3IgdGVzdGluZyByZWNvZ25pdGlvbiBvZiBzZXZlcmFsIGttcyBrZXlzCgpoZWxsbzogRU5DW0FFUzI1Nl9HQ00sZGF0YTpzc3diUkhjY0l1aXNiR3lPK21HL0VXYisxSmN0cU5Vb3JPelFVYU1SbjNIa0F5V3RyZU51WnloWVlsa3ZjZz09LGl2OlhwSGlsaHlDUlhhOGNsR2lFY2twcXVDcVNaR1dBODBIMGVEVW1SODB4aEU9LHRhZzpXc3V4STRsVUh3SkVhczc2T0RReFVBPT0sdHlwZTpzdHJdCmV4YW1wbGVfa2V5OiBFTkNbQUVTMjU2X0dDTSxkYXRhOi80T3RpSDNub29UVlp1ekMrZz09LGl2OlI2cXJOWTdHQXhjSXdSNDJidkUyNzc0dWYrSWZROXB2OVVBNzhMbWl0VTA9LHRhZzpqRm9nVnN5Y3VmU1hSdkJLWExWQTlnPT0sdHlwZTpzdHJdCiNFTkNbQUVTMjU2X0dDTSxkYXRhOmFGakhsK0tLMzdPSXNGa2hCcWJXQWEwPSxpdjpaU1FQNjVRaDZpc2dRTDZhUXFrOVE0YlBDeHFkL2swdys5cXpuYXVtMVBBPSx0YWc6N0NVdXFuZEc0YjNKM3YvZzVPS08yUT09LHR5cGU6Y29tbWVudF0KZXhhbXBsZV9hcnJheToKICAgIC0gRU5DW0FFUzI1Nl9HQ00sZGF0YTpVeFdmc0JhR2NncmVnbURmS01JPSxpdjpYQnMyT0NvSFdPbW9iajFPUGQvY2xiVUpGYlBUZEFkb3RGSFZHUW0xVFAwPSx0YWc6Q1RUMTVaWWQxbkc4a0phckRETFpMQT09LHR5cGU6c3RyXQogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOlFQOFpLYTg4bjdTbkphSy9aTGs9LGl2OlE3YUJzV3JJdjBHOEQzM0l3NjVLUnFPUndxeVVXamFBdklCU2JXTkhBV3c9LHRhZzp3QkI3dFJjYzZ5UnY1Y0E1M2s1am9nPT0sdHlwZTpzdHJdCmV4YW1wbGVfbnVtYmVyOiBFTkNbQUVTMjU2X0dDTSxkYXRhOjQxUXZKb0NKNU11RUxRPT0saXY6UWV4Sk0rcndodVpjeERMM1RERXN3cGs4cXdVZVU2YkdrNWk1VENkdWlFaz0sdGFnOnJ6eWtNWXJtSHl2M1VIakVHUnJOSGc9PSx0eXBlOmZsb2F0XQpleGFtcGxlX2Jvb2xlYW5zOgogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOjJzRmhEZz09LGl2OmhCTVoweC8xUkpDLzJOZVEvQkV1Z1BEVkNDb252VkhDWmsxVGFrOXZsbjg9LHRhZzpDSnF5eDd5QXRObkZBRHZEYWtmWGJBPT0sdHlwZTpib29sXQogICAgLSBFTkNbQUVTMjU2X0dDTSxkYXRhOjUxVDNoOUE9LGl2OjBWdXdNSndVUlQ4QXlaRUFwdFFDNWtkNWsrZGZaREhSNThNcjRaNFRWSUk9LHRhZzptVEsxdlFFOWVYbGhBa0xRb2dqZGZ3PT0sdHlwZTpib29sXQpzb3BzOgogICAga21zOgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMC0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMS0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMi0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgICAgIC0gYXJuOiBhcm46YXdzOmttczphd3MtcmVnaW9uLTE6MTIzNDU2Nzg5MDExOmtleS8wMDAwMDAwMy0xMjM0LTQzMjEtYWJjZC0xMjM0YWJjZDEyYWIKICAgICAgICAgIGNyZWF0ZWRfYXQ6ICIyMDIyLTA0LTAzVDE3OjM0OjQ1WiIKICAgICAgICAgIGVuYzogQVFJQ0FIaVNnWm9MUDZmRHJVQllZUFUyb0pPQi8zcUZBUjVtRVl1WlkyRFFxellyQmdHQVBTK1NpTzV5Yi9iWGJVZG9VUGVaQUFBQWZqQjhCZ2txaGtpRzl3MEJCd2FnYnpCdEFnRUFNR2dHQ1NxR1NJYjNEUUVIQVRBZUJnbGdoa2dCWlFNRUFTNHdFUVFNWFpQcFBVM0dpYklPTks2VkFnRVFnRHUxNTRZcG5Zb2UyZjhZRnVXZUJwR1hmRGRhdWQ1b01EZnF1d3FZMlVXRzhjbG5aVjkzNTV6K1Y3Y3FDaSs0UEVCb2F2ZU1MTGNMWXNMT0FBPT0KICAgICAgICAgIGF3c19wcm9maWxlOiAiIgogICAgZ2NwX2ttczogW10KICAgIGF6dXJlX2t2OiBbXQogICAgaGNfdmF1bHQ6IFtdCiAgICBhZ2U6IFtdCiAgICBsYXN0bW9kaWZpZWQ6ICIyMDIyLTA0LTAzVDE3OjM0OjU2WiIKICAgIG1hYzogRU5DW0FFUzI1Nl9HQ00sZGF0YTpxRGkvQ2FBR2ZYYmNDeFBYeEhSVm5EaVAzYXlMaEw1K09yZHYrckN5Ri9NMGlCbE82UEVCZXo0bVcrMEpFNEY4RThhM2xNSk9SaGFFR1RtUnRHeXpQWG02MkRvTkxwVmVwcWo4ZmRCTmd6eERRZGJUWDJ5ZlBvU2x0U215Q3A3bHBuYlVqR3dTSFZIc0dLOCsxRUVvb2NUbjgxZWZQMGh5dFJTb2NZRUtPTlk9LGl2Ojh2WjQxN05ocDZCTzJrRTVJYzRIUmt6S2pTNzllbnJmVkpsc1llcTU5Rm89LHRhZzptcEUrT3RvK0hQTGQydHNXdXRldVNBPT0sdHlwZTpzdHJdCiAgICBwZ3A6IFtdCiAgICB1bmVuY3J5cHRlZF9zdWZmaXg6IF91bmVuY3J5cHRlZAogICAgdmVyc2lvbjogMy43LjIK",
+ "Hash": "64b76be8cee263a01e4ce4865e9951772393a250904834cd69a8268dcaa77578"
},
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
- "Type": "AWS::IAM::Policy",
- "Properties": {
- "PolicyDocument": {
- "Statement": [
- {
- "Action": "kms:Decrypt",
- "Effect": "Allow",
- "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000000-1234-4321-abcd-1234abcd12ab"
- },
- {
- "Action": "kms:Decrypt",
- "Effect": "Allow",
- "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000001-1234-4321-abcd-1234abcd12ab"
- },
- {
- "Action": "kms:Decrypt",
- "Effect": "Allow",
- "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000002-1234-4321-abcd-1234abcd12ab"
- },
- {
- "Action": "kms:Decrypt",
- "Effect": "Allow",
- "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000003-1234-4321-abcd-1234abcd12ab"
- },
- {
- "Action": [
- "secretsmanager:PutSecretValue",
- "secretsmanager:UpdateSecret"
- ],
- "Effect": "Allow",
- "Resource": {
- "Ref": "SopsSecretF929FB43"
- }
- }
- ],
- "Version": "2012-10-17"
- },
- "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "Roles": [
- {
- "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
- }
- ]
+ "ConvertToJSON": true,
+ "Flatten": true,
+ "Format": "yaml",
+ "StringifiedValues": true
+ },
+ "UpdateReplacePolicy": "Delete",
+ "DeletionPolicy": "Delete"
+ },
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "lambda.amazonaws.com"
+ }
}
+ ],
+ "Version": "2012-10-17"
},
- "SingletonLambdaSopsSyncProviderAA18D140": {
- "Type": "AWS::Lambda::Function",
- "Properties": {
- "Code": {
- "S3Bucket": {
- "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
- },
- "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
- },
- "Role": {
- "Fn::GetAtt": [
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
- "Arn"
- ]
- },
- "Environment": {
- "Variables": {
- "SOPS_AGE_KEY": ""
- }
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
},
- "Handler": "bootstrap",
- "Runtime": "provided.al2",
- "Timeout": 60
- },
- "DependsOn": [
- "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
- "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+ ]
]
- }
+ }
+ ]
+ }
},
- "Parameters": {
- "BootstrapVersion": {
- "Type": "AWS::SSM::Parameter::Value",
- "Default": "/cdk-bootstrap/hnb659fds/version",
- "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
- }
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6": {
+ "Type": "AWS::IAM::Policy",
+ "Properties": {
+ "PolicyDocument": {
+ "Statement": [
+ {
+ "Action": "kms:Decrypt",
+ "Effect": "Allow",
+ "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000000-1234-4321-abcd-1234abcd12ab"
+ },
+ {
+ "Action": "kms:Decrypt",
+ "Effect": "Allow",
+ "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000001-1234-4321-abcd-1234abcd12ab"
+ },
+ {
+ "Action": "kms:Decrypt",
+ "Effect": "Allow",
+ "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000002-1234-4321-abcd-1234abcd12ab"
+ },
+ {
+ "Action": "kms:Decrypt",
+ "Effect": "Allow",
+ "Resource": "arn:aws:kms:aws-region-1:123456789011:key/00000003-1234-4321-abcd-1234abcd12ab"
+ },
+ {
+ "Action": [
+ "secretsmanager:PutSecretValue",
+ "secretsmanager:UpdateSecret"
+ ],
+ "Effect": "Allow",
+ "Resource": {
+ "Ref": "SopsSecretF929FB43"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "PolicyName": "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "Roles": [
+ {
+ "Ref": "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ }
+ ]
+ }
},
- "Rules": {
- "CheckBootstrapVersion": {
- "Assertions": [
- {
- "Assert": {
- "Fn::Not": [
- {
- "Fn::Contains": [
- [
- "1",
- "2",
- "3",
- "4",
- "5"
- ],
- {
- "Ref": "BootstrapVersion"
- }
- ]
- }
- ]
- },
- "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
- }
+ "SingletonLambdaSopsSyncProviderAA18D140": {
+ "Type": "AWS::Lambda::Function",
+ "Properties": {
+ "Code": {
+ "S3Bucket": {
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+ },
+ "S3Key": "ba702541966a10511eb4b7534ec99ec011e3eb46bf38fe5a5d95c03b97bcde67.zip"
+ },
+ "Environment": {
+ "Variables": {
+ "SOPS_AGE_KEY": ""
+ }
+ },
+ "Handler": "bootstrap",
+ "Role": {
+ "Fn::GetAtt": [
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25",
+ "Arn"
+ ]
+ },
+ "Runtime": "provided.al2",
+ "Timeout": 60
+ },
+ "DependsOn": [
+ "SingletonLambdaSopsSyncProviderServiceRoleDefaultPolicy45D64FF6",
+ "SingletonLambdaSopsSyncProviderServiceRoleC45BBD25"
+ ]
+ }
+ },
+ "Parameters": {
+ "BootstrapVersion": {
+ "Type": "AWS::SSM::Parameter::Value",
+ "Default": "/cdk-bootstrap/hnb659fds/version",
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+ }
+ },
+ "Rules": {
+ "CheckBootstrapVersion": {
+ "Assertions": [
+ {
+ "Assert": {
+ "Fn::Not": [
+ {
+ "Fn::Contains": [
+ [
+ "1",
+ "2",
+ "3",
+ "4",
+ "5"
+ ],
+ {
+ "Ref": "BootstrapVersion"
+ }
+ ]
+ }
]
+ },
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
}
+ ]
}
+ }
}
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index cb45a4a2..25f55d85 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -10,6 +10,21 @@
"@jridgewell/gen-mapping" "^0.3.5"
"@jridgewell/trace-mapping" "^0.3.24"
+"@aws-cdk/asset-awscli-v1@^2.2.202":
+ version "2.2.202"
+ resolved "https://registry.yarnpkg.com/@aws-cdk/asset-awscli-v1/-/asset-awscli-v1-2.2.202.tgz#4627201d71f6a5c60db36385ce09cb81005f4b32"
+ integrity sha512-JqlF0D4+EVugnG5dAsNZMqhu3HW7ehOXm5SDMxMbXNDMdsF0pxtQKNHRl52z1U9igsHmaFpUgSGjbhAJ+0JONg==
+
+"@aws-cdk/asset-kubectl-v20@^2.1.2":
+ version "2.1.2"
+ resolved "https://registry.yarnpkg.com/@aws-cdk/asset-kubectl-v20/-/asset-kubectl-v20-2.1.2.tgz#d8e20b5f5dc20128ea2000dc479ca3c7ddc27248"
+ integrity sha512-3M2tELJOxQv0apCIiuKQ4pAbncz9GuLwnKFqxifWfe77wuMxyTRPmxssYHs42ePqzap1LT6GDcPygGs+hHstLg==
+
+"@aws-cdk/asset-node-proxy-agent-v6@^2.0.3":
+ version "2.0.3"
+ resolved "https://registry.yarnpkg.com/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.3.tgz#9b5d213b5ce5ad4461f6a4720195ff8de72e6523"
+ integrity sha512-twhuEG+JPOYCYPx/xy5uH2+VUsIEhPTzDY0F1KuB+ocjWWB/KEDiOVL19nHvbPCB6fhWnkykXEMJ4HHcKvjtvg==
+
"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.12.13", "@babel/code-frame@^7.24.6":
version "7.24.6"
resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.24.6.tgz#ab88da19344445c3d8889af2216606d3329f3ef2"
@@ -995,7 +1010,7 @@ ajv@^6.12.4:
json-schema-traverse "^0.4.1"
uri-js "^4.2.2"
-ajv@^8.12.0:
+ajv@^8.0.1, ajv@^8.12.0:
version "8.14.0"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.14.0.tgz#f514ddfd4756abb200e1704414963620a625ebbb"
integrity sha512-oYs1UUtO97ZO2lJ4bwnWeQW8/zvOIQLGKcvPTsWmvc2SYgBb+upuNS5NxoLaMU4h8Ju3Nbj6Cq8mD2LQoqVKFA==
@@ -1147,16 +1162,16 @@ arrify@^1.0.1:
resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d"
integrity sha512-3CYzex9M9FGQjCGMGyi6/31c8GJbgb0qGyrx5HWxPd0aCwh4cB2YjMb2Xf9UuoogrMrlO9cTqnB5rI5GHZTcUA==
+astral-regex@^2.0.0:
+ version "2.0.0"
+ resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31"
+ integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==
+
asynckit@^0.4.0:
version "0.4.0"
resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"
integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==
-at-least-node@^1.0.0:
- version "1.0.0"
- resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2"
- integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg==
-
available-typed-arrays@^1.0.7:
version "1.0.7"
resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz#a5cc375d6a03c2efc87a553f3e0b1522def14846"
@@ -1164,19 +1179,24 @@ available-typed-arrays@^1.0.7:
dependencies:
possible-typed-array-names "^1.0.0"
-aws-cdk-lib@2.1.0:
- version "2.1.0"
- resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.1.0.tgz#2497484cfd4e2eeaba99b070bbfa54486d52ae34"
- integrity sha512-W607G3aSrWpawpcqzIuUYKlU+grfvkbszyqikyVYqJgMHFCCQXq0S1ynPMzfQ49CwjlwZsu4LIsPM+dNR+Yj6g==
+aws-cdk-lib@2.144.0:
+ version "2.144.0"
+ resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.144.0.tgz#0e224634d361cea0a8019b4677a517752600609b"
+ integrity sha512-DpyIyTs8NHX6WgAyYM2mGorirIk+eTjWzXGQRfzAe40qkwcqsb5Ax4JEl5gz1OEo9QIJIgWDtmImgWN0tUbILA==
dependencies:
+ "@aws-cdk/asset-awscli-v1" "^2.2.202"
+ "@aws-cdk/asset-kubectl-v20" "^2.1.2"
+ "@aws-cdk/asset-node-proxy-agent-v6" "^2.0.3"
"@balena/dockerignore" "^1.0.2"
case "1.6.3"
- fs-extra "^9.1.0"
- ignore "^5.1.9"
- jsonschema "^1.4.0"
- minimatch "^3.0.4"
- punycode "^2.1.1"
- semver "^7.3.5"
+ fs-extra "^11.2.0"
+ ignore "^5.3.1"
+ jsonschema "^1.4.1"
+ mime-types "^2.1.35"
+ minimatch "^3.1.2"
+ punycode "^2.3.1"
+ semver "^7.6.0"
+ table "^6.8.2"
yaml "1.10.2"
aws-cdk@^2:
@@ -2401,6 +2421,15 @@ fs-extra@^10.1.0:
jsonfile "^6.0.1"
universalify "^2.0.0"
+fs-extra@^11.2.0:
+ version "11.2.0"
+ resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-11.2.0.tgz#e70e17dfad64232287d01929399e0ea7c86b0e5b"
+ integrity sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==
+ dependencies:
+ graceful-fs "^4.2.0"
+ jsonfile "^6.0.1"
+ universalify "^2.0.0"
+
fs-extra@^8.1.0:
version "8.1.0"
resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0"
@@ -2410,16 +2439,6 @@ fs-extra@^8.1.0:
jsonfile "^4.0.0"
universalify "^0.1.0"
-fs-extra@^9.1.0:
- version "9.1.0"
- resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.1.0.tgz#5954460c764a8da2094ba3554bf839e6b9a7c86d"
- integrity sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==
- dependencies:
- at-least-node "^1.0.0"
- graceful-fs "^4.2.0"
- jsonfile "^6.0.1"
- universalify "^2.0.0"
-
fs.realpath@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
@@ -2753,7 +2772,7 @@ iconv-lite@0.4.24:
dependencies:
safer-buffer ">= 2.1.2 < 3"
-ignore@^5.1.9, ignore@^5.2.0, ignore@^5.2.4:
+ignore@^5.2.0, ignore@^5.2.4, ignore@^5.3.1:
version "5.3.1"
resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.1.tgz#5073e554cd42c5b33b394375f538b8593e34d4ef"
integrity sha512-5Fytz/IraMjqpwfd34ke28PTVMjZjJG2MPn5t7OE4eUCUNf8BAa7b5WUS9/Qvr6mwOQS7Mk6vdsMno5he+T8Xw==
@@ -3686,7 +3705,7 @@ jsonparse@^1.2.0:
resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
integrity sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==
-jsonschema@^1.4.0:
+jsonschema@^1.4.1:
version "1.4.1"
resolved "https://registry.yarnpkg.com/jsonschema/-/jsonschema-1.4.1.tgz#cc4c3f0077fb4542982973d8a083b6b34f482dab"
integrity sha512-S6cATIPVv1z0IlxdN+zUk5EPjkGCdnhN4wVSBlvoUO1tOLJootbo9CquNJmbIh4yikWHiUedhRYrNPn1arpEmQ==
@@ -3781,6 +3800,11 @@ lodash.merge@^4.6.2:
resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
+lodash.truncate@^4.4.2:
+ version "4.4.2"
+ resolved "https://registry.yarnpkg.com/lodash.truncate/-/lodash.truncate-4.4.2.tgz#5a350da0b1113b837ecfffd5812cbe58d6eae193"
+ integrity sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw==
+
lodash@^4.17.15, lodash@^4.7.0:
version "4.17.21"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
@@ -3885,7 +3909,7 @@ mime-db@1.52.0:
resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70"
integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==
-mime-types@^2.1.12:
+mime-types@^2.1.12, mime-types@^2.1.35:
version "2.1.35"
resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a"
integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==
@@ -4320,7 +4344,7 @@ psl@^1.1.33:
resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7"
integrity sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==
-punycode@^2.1.0, punycode@^2.1.1:
+punycode@^2.1.0, punycode@^2.1.1, punycode@^2.3.1:
version "2.3.1"
resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5"
integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==
@@ -4561,7 +4585,7 @@ semver-intersect@^1.4.0:
resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8"
integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==
-semver@7.x, semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.7, semver@^7.5.3, semver@^7.5.4, semver@^7.6.2:
+semver@7.x, semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.7, semver@^7.5.3, semver@^7.5.4, semver@^7.6.0, semver@^7.6.2:
version "7.6.2"
resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13"
integrity sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w==
@@ -4647,6 +4671,15 @@ slash@^3.0.0:
resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634"
integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==
+slice-ansi@^4.0.0:
+ version "4.0.0"
+ resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-4.0.0.tgz#500e8dd0fd55b05815086255b3195adf2a45fe6b"
+ integrity sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==
+ dependencies:
+ ansi-styles "^4.0.0"
+ astral-regex "^2.0.0"
+ is-fullwidth-code-point "^3.0.0"
+
sort-json@^2.0.1:
version "2.0.1"
resolved "https://registry.yarnpkg.com/sort-json/-/sort-json-2.0.1.tgz#7338783bef807185dc37d5b02e3afd905d537cfb"
@@ -4914,6 +4947,17 @@ symbol-tree@^3.2.4:
resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2"
integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==
+table@^6.8.2:
+ version "6.8.2"
+ resolved "https://registry.yarnpkg.com/table/-/table-6.8.2.tgz#c5504ccf201213fa227248bdc8c5569716ac6c58"
+ integrity sha512-w2sfv80nrAh2VCbqR5AK27wswXhqcck2AhfnNW76beQXskGZ1V12GwS//yYVa3d3fcvAip2OUnbDAjW2k3v9fA==
+ dependencies:
+ ajv "^8.0.1"
+ lodash.truncate "^4.4.2"
+ slice-ansi "^4.0.0"
+ string-width "^4.2.3"
+ strip-ansi "^6.0.1"
+
terminal-link@^2.0.0:
version "2.1.1"
resolved "https://registry.yarnpkg.com/terminal-link/-/terminal-link-2.1.1.tgz#14a64a27ab3c0df933ea546fba55f2d078edc994"