Fix more cfn_nag issues

biffgaut · biffgaut · commit 82783b86ff4f · 2021-10-06T16:34:59.000-04:00
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json
@@ -1,7 +1,7 @@
 {
   "Description": "Integration Test for aws-route53-alb",
   "Resources": {
-    "testroute53albtestroute53albzone04BEDFE6": {
+    "privateapistackprivateapistackzone3E5194E7": {
       "Type": "AWS::Route53::HostedZone",
       "Properties": {
         "Name": "www.example.com.",
@@ -15,7 +15,7 @@
         ]
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "privateapistackprivateapistackalb7242E759": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -30,7 +30,7 @@
           {
             "Key": "access_logs.s3.bucket",
             "Value": {
-              "Ref": "testroute53albAC463A50"
+              "Ref": "privateapistack09C932BB"
             }
           },
           {
@@ -42,7 +42,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "privateapistackprivateapistackalbSecurityGroup5A8A9725",
               "GroupId"
             ]
           }
@@ -61,14 +61,14 @@
         "Type": "application"
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
+        "privateapistackPolicy98558170",
+        "privateapistack09C932BB"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "privateapistackprivateapistackalbSecurityGroup5A8A9725": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApitestroute53albtestroute53albalb1145D1AD",
+        "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiprivateapistackprivateapistackalb5DF93E18",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -83,11 +83,21 @@
         }
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
+        "privateapistackPolicy98558170",
+        "privateapistack09C932BB"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
     },
-    "testroute53albAC463A50": {
+    "privateapistack09C932BB": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
         "BucketEncryption": {
@@ -122,11 +132,11 @@
         }
       }
     },
-    "testroute53albPolicy478FC0AF": {
+    "privateapistackPolicy98558170": {
       "Type": "AWS::S3::BucketPolicy",
       "Properties": {
         "Bucket": {
-          "Ref": "testroute53albAC463A50"
+          "Ref": "privateapistack09C932BB"
         },
         "PolicyDocument": {
           "Statement": [
@@ -148,7 +158,7 @@
                     [
                       {
                         "Fn::GetAtt": [
-                          "testroute53albAC463A50",
+                          "privateapistack09C932BB",
                           "Arn"
                         ]
                       },
@@ -158,7 +168,7 @@
                 },
                 {
                   "Fn::GetAtt": [
-                    "testroute53albAC463A50",
+                    "privateapistack09C932BB",
                     "Arn"
                   ]
                 }
@@ -191,7 +201,7 @@
                   [
                     {
                       "Fn::GetAtt": [
-                        "testroute53albAC463A50",
+                        "privateapistack09C932BB",
                         "Arn"
                       ]
                     },
@@ -209,7 +219,7 @@
         }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "privateapistackprivateapistackalias54E3713F": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.example.com.",
@@ -222,7 +232,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "privateapistackprivateapistackalb7242E759",
                     "DNSName"
                   ]
                 }
@@ -231,13 +241,13 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "privateapistackprivateapistackalb7242E759",
               "CanonicalHostedZoneID"
             ]
           }
         },
         "HostedZoneId": {
-          "Ref": "testroute53albtestroute53albzone04BEDFE6"
+          "Ref": "privateapistackprivateapistackzone3E5194E7"
         }
       }
     },
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.ts
@@ -15,6 +15,8 @@
 import { App, Stack, Aws } from "@aws-cdk/core";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import * as defaults from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -31,7 +33,10 @@ const props: Route53ToAlbProps = {
   }
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'private-api-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.expected.json
@@ -716,9 +716,19 @@
         "VpcId": {
           "Ref": "Vpc8378EB38"
         }
+      },
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "publicapistackpublicapistackalias4096038C": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.test-example.com.",
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiExistingAlb.ts
@@ -18,6 +18,7 @@ import { ApplicationLoadBalancer } from "@aws-cdk/aws-elasticloadbalancingv2";
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
 import { generateIntegStackName } from '@aws-solutions-constructs/core';
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -53,7 +54,10 @@ const props: Route53ToAlbProps = {
   existingLoadBalancerObj: existingAlb,
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'public-api-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json
@@ -658,7 +658,7 @@
         "Name": "www.test-example.com."
       }
     },
-    "testroute53albtestroute53albalb7C171F50": {
+    "newalbstacknewalbstackalb50B67E3E": {
       "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
       "Properties": {
         "LoadBalancerAttributes": [
@@ -673,7 +673,7 @@
           {
             "Key": "access_logs.s3.bucket",
             "Value": {
-              "Ref": "testroute53albAC463A50"
+              "Ref": "newalbstackADB02838"
             }
           },
           {
@@ -686,7 +686,7 @@
         "SecurityGroups": [
           {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalbSecurityGroupC3716E02",
+              "newalbstacknewalbstackalbSecurityGroup7BBB827C",
               "GroupId"
             ]
           }
@@ -705,17 +705,17 @@
         "Type": "application"
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50",
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838",
         "VpcPublicSubnet1DefaultRoute3DA9E72A",
         "VpcPublicSubnet2DefaultRoute97F91067",
         "VpcPublicSubnet3DefaultRoute4697774F"
       ]
     },
-    "testroute53albtestroute53albalbSecurityGroupC3716E02": {
+    "newalbstacknewalbstackalbSecurityGroup7BBB827C": {
       "Type": "AWS::EC2::SecurityGroup",
       "Properties": {
-        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",
+        "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbnewalbstacknewalbstackalbC987D9E9",
         "SecurityGroupEgress": [
           {
             "CidrIp": "255.255.255.255/32",
@@ -730,11 +730,21 @@
         }
       },
       "DependsOn": [
-        "testroute53albPolicy478FC0AF",
-        "testroute53albAC463A50"
-      ]
+        "newalbstackPolicyB7C2D898",
+        "newalbstackADB02838"
+      ],
+      "Metadata": {
+        "cfn_nag": {
+          "rules_to_suppress": [
+            {
+              "id": "W29",
+              "reason": "CDK created rule that blocks all traffic."
+            }
+          ]
+        }
+      }
     },
-    "testroute53albAC463A50": {
+    "newalbstackADB02838": {
       "Type": "AWS::S3::Bucket",
       "Properties": {
         "BucketEncryption": {
@@ -769,11 +779,11 @@
         }
       }
     },
-    "testroute53albPolicy478FC0AF": {
+    "newalbstackPolicyB7C2D898": {
       "Type": "AWS::S3::BucketPolicy",
       "Properties": {
         "Bucket": {
-          "Ref": "testroute53albAC463A50"
+          "Ref": "newalbstackADB02838"
         },
         "PolicyDocument": {
           "Statement": [
@@ -795,7 +805,7 @@
                     [
                       {
                         "Fn::GetAtt": [
-                          "testroute53albAC463A50",
+                          "newalbstackADB02838",
                           "Arn"
                         ]
                       },
@@ -805,7 +815,7 @@
                 },
                 {
                   "Fn::GetAtt": [
-                    "testroute53albAC463A50",
+                    "newalbstackADB02838",
                     "Arn"
                   ]
                 }
@@ -838,7 +848,7 @@
                   [
                     {
                       "Fn::GetAtt": [
-                        "testroute53albAC463A50",
+                        "newalbstackADB02838",
                         "Arn"
                       ]
                     },
@@ -856,7 +866,7 @@
         }
       }
     },
-    "testroute53albtestroute53albaliasCCC6DDF3": {
+    "newalbstacknewalbstackalias05E0DF53": {
       "Type": "AWS::Route53::RecordSet",
       "Properties": {
         "Name": "www.test-example.com.",
@@ -869,7 +879,7 @@
                 "dualstack.",
                 {
                   "Fn::GetAtt": [
-                    "testroute53albtestroute53albalb7C171F50",
+                    "newalbstacknewalbstackalb50B67E3E",
                     "DNSName"
                   ]
                 }
@@ -878,7 +888,7 @@
           },
           "HostedZoneId": {
             "Fn::GetAtt": [
-              "testroute53albtestroute53albalb7C171F50",
+              "newalbstacknewalbstackalb50B67E3E",
               "CanonicalHostedZoneID"
             ]
           }
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.ts
@@ -16,6 +16,7 @@ import { App, Stack, Aws } from "@aws-cdk/core";
 import * as defaults from '@aws-solutions-constructs/core';
 import { PublicHostedZone } from "@aws-cdk/aws-route53";
 import { Route53ToAlb, Route53ToAlbProps } from "../lib";
+import { CfnSecurityGroup } from "@aws-cdk/aws-ec2";
 
 // Setup
 const app = new App();
@@ -47,7 +48,10 @@ const props: Route53ToAlbProps = {
   }
 };
 
-new Route53ToAlb(stack, 'test-route53-alb', props);
+const testConstruct = new Route53ToAlb(stack, 'new-alb-stack', props);
+
+const newSecurityGroup = testConstruct.loadBalancer.connections.securityGroups[0].node.defaultChild as CfnSecurityGroup;
+defaults.addCfnSuppressRules(newSecurityGroup, [{ id: 'W29', reason: 'CDK created rule that blocks all traffic.'}]);
 
 // Synth
 app.synth();
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.expected.json
diff --git a/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts b/source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployWithoutLogging.ts

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"Description": "Integration Test for aws-route53-alb",`
`3`	`3`	`"Resources": {`
`4`		`- "testroute53albtestroute53albzone04BEDFE6": {`
	`4`	`+ "privateapistackprivateapistackzone3E5194E7": {`
`5`	`5`	`"Type": "AWS::Route53::HostedZone",`
`6`	`6`	`"Properties": {`
`7`	`7`	`"Name": "www.example.com.",`
`@@ -15,7 +15,7 @@`
`15`	`15`	`]`
`16`	`16`	`}`
`17`	`17`	`},`
`18`		`- "testroute53albtestroute53albalb7C171F50": {`
	`18`	`+ "privateapistackprivateapistackalb7242E759": {`
`19`	`19`	`"Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",`
`20`	`20`	`"Properties": {`
`21`	`21`	`"LoadBalancerAttributes": [`
`@@ -30,7 +30,7 @@`
`30`	`30`	`{`
`31`	`31`	`"Key": "access_logs.s3.bucket",`
`32`	`32`	`"Value": {`
`33`		`- "Ref": "testroute53albAC463A50"`
	`33`	`+ "Ref": "privateapistack09C932BB"`
`34`	`34`	`}`
`35`	`35`	`},`
`36`	`36`	`{`
`@@ -42,7 +42,7 @@`
`42`	`42`	`"SecurityGroups": [`
`43`	`43`	`{`
`44`	`44`	`"Fn::GetAtt": [`
`45`		`- "testroute53albtestroute53albalbSecurityGroupC3716E02",`
	`45`	`+ "privateapistackprivateapistackalbSecurityGroup5A8A9725",`
`46`	`46`	`"GroupId"`
`47`	`47`	`]`
`48`	`48`	`}`
`@@ -61,14 +61,14 @@`
`61`	`61`	`"Type": "application"`
`62`	`62`	`},`
`63`	`63`	`"DependsOn": [`
`64`		`- "testroute53albPolicy478FC0AF",`
`65`		`- "testroute53albAC463A50"`
	`64`	`+ "privateapistackPolicy98558170",`
	`65`	`+ "privateapistack09C932BB"`
`66`	`66`	`]`
`67`	`67`	`},`
`68`		`- "testroute53albtestroute53albalbSecurityGroupC3716E02": {`
	`68`	`+ "privateapistackprivateapistackalbSecurityGroup5A8A9725": {`
`69`	`69`	`"Type": "AWS::EC2::SecurityGroup",`
`70`	`70`	`"Properties": {`
`71`		`- "GroupDescription": "Automatically created Security Group for ELB deployPrivateApitestroute53albtestroute53albalb1145D1AD",`
	`71`	`+ "GroupDescription": "Automatically created Security Group for ELB deployPrivateApiprivateapistackprivateapistackalb5DF93E18",`
`72`	`72`	`"SecurityGroupEgress": [`
`73`	`73`	`{`
`74`	`74`	`"CidrIp": "255.255.255.255/32",`
`@@ -83,11 +83,21 @@`
`83`	`83`	`}`
`84`	`84`	`},`
`85`	`85`	`"DependsOn": [`
`86`		`- "testroute53albPolicy478FC0AF",`
`87`		`- "testroute53albAC463A50"`
`88`		`- ]`
	`86`	`+ "privateapistackPolicy98558170",`
	`87`	`+ "privateapistack09C932BB"`
	`88`	`+ ],`
	`89`	`+ "Metadata": {`
	`90`	`+ "cfn_nag": {`
	`91`	`+ "rules_to_suppress": [`
	`92`	`+ {`
	`93`	`+ "id": "W29",`
	`94`	`+ "reason": "CDK created rule that blocks all traffic."`
	`95`	`+ }`
	`96`	`+ ]`
	`97`	`+ }`
	`98`	`+ }`
`89`	`99`	`},`
`90`		`- "testroute53albAC463A50": {`
	`100`	`+ "privateapistack09C932BB": {`
`91`	`101`	`"Type": "AWS::S3::Bucket",`
`92`	`102`	`"Properties": {`
`93`	`103`	`"BucketEncryption": {`
`@@ -122,11 +132,11 @@`
`122`	`132`	`}`
`123`	`133`	`}`
`124`	`134`	`},`
`125`		`- "testroute53albPolicy478FC0AF": {`
	`135`	`+ "privateapistackPolicy98558170": {`
`126`	`136`	`"Type": "AWS::S3::BucketPolicy",`
`127`	`137`	`"Properties": {`
`128`	`138`	`"Bucket": {`
`129`		`- "Ref": "testroute53albAC463A50"`
	`139`	`+ "Ref": "privateapistack09C932BB"`
`130`	`140`	`},`
`131`	`141`	`"PolicyDocument": {`
`132`	`142`	`"Statement": [`
`@@ -148,7 +158,7 @@`
`148`	`158`	`[`
`149`	`159`	`{`
`150`	`160`	`"Fn::GetAtt": [`
`151`		`- "testroute53albAC463A50",`
	`161`	`+ "privateapistack09C932BB",`
`152`	`162`	`"Arn"`
`153`	`163`	`]`
`154`	`164`	`},`
`@@ -158,7 +168,7 @@`
`158`	`168`	`},`
`159`	`169`	`{`
`160`	`170`	`"Fn::GetAtt": [`
`161`		`- "testroute53albAC463A50",`
	`171`	`+ "privateapistack09C932BB",`
`162`	`172`	`"Arn"`
`163`	`173`	`]`
`164`	`174`	`}`
`@@ -191,7 +201,7 @@`
`191`	`201`	`[`
`192`	`202`	`{`
`193`	`203`	`"Fn::GetAtt": [`
`194`		`- "testroute53albAC463A50",`
	`204`	`+ "privateapistack09C932BB",`
`195`	`205`	`"Arn"`
`196`	`206`	`]`
`197`	`207`	`},`
`@@ -209,7 +219,7 @@`
`209`	`219`	`}`
`210`	`220`	`}`
`211`	`221`	`},`
`212`		`- "testroute53albtestroute53albaliasCCC6DDF3": {`
	`222`	`+ "privateapistackprivateapistackalias54E3713F": {`
`213`	`223`	`"Type": "AWS::Route53::RecordSet",`
`214`	`224`	`"Properties": {`
`215`	`225`	`"Name": "www.example.com.",`
`@@ -222,7 +232,7 @@`
`222`	`232`	`"dualstack.",`
`223`	`233`	`{`
`224`	`234`	`"Fn::GetAtt": [`
`225`		`- "testroute53albtestroute53albalb7C171F50",`
	`235`	`+ "privateapistackprivateapistackalb7242E759",`
`226`	`236`	`"DNSName"`
`227`	`237`	`]`
`228`	`238`	`}`
`@@ -231,13 +241,13 @@`
`231`	`241`	`},`
`232`	`242`	`"HostedZoneId": {`
`233`	`243`	`"Fn::GetAtt": [`
`234`		`- "testroute53albtestroute53albalb7C171F50",`
	`244`	`+ "privateapistackprivateapistackalb7242E759",`
`235`	`245`	`"CanonicalHostedZoneID"`
`236`	`246`	`]`
`237`	`247`	`}`
`238`	`248`	`},`
`239`	`249`	`"HostedZoneId": {`
`240`		`- "Ref": "testroute53albtestroute53albzone04BEDFE6"`
	`250`	`+ "Ref": "privateapistackprivateapistackzone3E5194E7"`
`241`	`251`	`}`
`242`	`252`	`}`
`243`	`253`	`},`
Original file line number	Diff line number	Diff line change
`@@ -658,7 +658,7 @@`
`658`	`658`	`"Name": "www.test-example.com."`
`659`	`659`	`}`
`660`	`660`	`},`
`661`		`- "testroute53albtestroute53albalb7C171F50": {`
	`661`	`+ "newalbstacknewalbstackalb50B67E3E": {`
`662`	`662`	`"Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",`
`663`	`663`	`"Properties": {`
`664`	`664`	`"LoadBalancerAttributes": [`
`@@ -673,7 +673,7 @@`
`673`	`673`	`{`
`674`	`674`	`"Key": "access_logs.s3.bucket",`
`675`	`675`	`"Value": {`
`676`		`- "Ref": "testroute53albAC463A50"`
	`676`	`+ "Ref": "newalbstackADB02838"`
`677`	`677`	`}`
`678`	`678`	`},`
`679`	`679`	`{`
`@@ -686,7 +686,7 @@`
`686`	`686`	`"SecurityGroups": [`
`687`	`687`	`{`
`688`	`688`	`"Fn::GetAtt": [`
`689`		`- "testroute53albtestroute53albalbSecurityGroupC3716E02",`
	`689`	`+ "newalbstacknewalbstackalbSecurityGroup7BBB827C",`
`690`	`690`	`"GroupId"`
`691`	`691`	`]`
`692`	`692`	`}`
`@@ -705,17 +705,17 @@`
`705`	`705`	`"Type": "application"`
`706`	`706`	`},`
`707`	`707`	`"DependsOn": [`
`708`		`- "testroute53albPolicy478FC0AF",`
`709`		`- "testroute53albAC463A50",`
	`708`	`+ "newalbstackPolicyB7C2D898",`
	`709`	`+ "newalbstackADB02838",`
`710`	`710`	`"VpcPublicSubnet1DefaultRoute3DA9E72A",`
`711`	`711`	`"VpcPublicSubnet2DefaultRoute97F91067",`
`712`	`712`	`"VpcPublicSubnet3DefaultRoute4697774F"`
`713`	`713`	`]`
`714`	`714`	`},`
`715`		`- "testroute53albtestroute53albalbSecurityGroupC3716E02": {`
	`715`	`+ "newalbstacknewalbstackalbSecurityGroup7BBB827C": {`
`716`	`716`	`"Type": "AWS::EC2::SecurityGroup",`
`717`	`717`	`"Properties": {`
`718`		`- "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbtestroute53albtestroute53albalbC4C12C26",`
	`718`	`+ "GroupDescription": "Automatically created Security Group for ELB deployPublicApiNewAlbnewalbstacknewalbstackalbC987D9E9",`
`719`	`719`	`"SecurityGroupEgress": [`
`720`	`720`	`{`
`721`	`721`	`"CidrIp": "255.255.255.255/32",`
`@@ -730,11 +730,21 @@`
`730`	`730`	`}`
`731`	`731`	`},`
`732`	`732`	`"DependsOn": [`
`733`		`- "testroute53albPolicy478FC0AF",`
`734`		`- "testroute53albAC463A50"`
`735`		`- ]`
	`733`	`+ "newalbstackPolicyB7C2D898",`
	`734`	`+ "newalbstackADB02838"`
	`735`	`+ ],`
	`736`	`+ "Metadata": {`
	`737`	`+ "cfn_nag": {`
	`738`	`+ "rules_to_suppress": [`
	`739`	`+ {`
	`740`	`+ "id": "W29",`
	`741`	`+ "reason": "CDK created rule that blocks all traffic."`
	`742`	`+ }`
	`743`	`+ ]`
	`744`	`+ }`
	`745`	`+ }`
`736`	`746`	`},`
`737`		`- "testroute53albAC463A50": {`
	`747`	`+ "newalbstackADB02838": {`
`738`	`748`	`"Type": "AWS::S3::Bucket",`
`739`	`749`	`"Properties": {`
`740`	`750`	`"BucketEncryption": {`
`@@ -769,11 +779,11 @@`
`769`	`779`	`}`
`770`	`780`	`}`
`771`	`781`	`},`
`772`		`- "testroute53albPolicy478FC0AF": {`
	`782`	`+ "newalbstackPolicyB7C2D898": {`
`773`	`783`	`"Type": "AWS::S3::BucketPolicy",`
`774`	`784`	`"Properties": {`
`775`	`785`	`"Bucket": {`
`776`		`- "Ref": "testroute53albAC463A50"`
	`786`	`+ "Ref": "newalbstackADB02838"`
`777`	`787`	`},`
`778`	`788`	`"PolicyDocument": {`
`779`	`789`	`"Statement": [`
`@@ -795,7 +805,7 @@`
`795`	`805`	`[`
`796`	`806`	`{`
`797`	`807`	`"Fn::GetAtt": [`
`798`		`- "testroute53albAC463A50",`
	`808`	`+ "newalbstackADB02838",`
`799`	`809`	`"Arn"`
`800`	`810`	`]`
`801`	`811`	`},`
`@@ -805,7 +815,7 @@`
`805`	`815`	`},`
`806`	`816`	`{`
`807`	`817`	`"Fn::GetAtt": [`
`808`		`- "testroute53albAC463A50",`
	`818`	`+ "newalbstackADB02838",`
`809`	`819`	`"Arn"`
`810`	`820`	`]`
`811`	`821`	`}`
`@@ -838,7 +848,7 @@`
`838`	`848`	`[`
`839`	`849`	`{`
`840`	`850`	`"Fn::GetAtt": [`
`841`		`- "testroute53albAC463A50",`
	`851`	`+ "newalbstackADB02838",`
`842`	`852`	`"Arn"`
`843`	`853`	`]`
`844`	`854`	`},`
`@@ -856,7 +866,7 @@`
`856`	`866`	`}`
`857`	`867`	`}`
`858`	`868`	`},`
`859`		`- "testroute53albtestroute53albaliasCCC6DDF3": {`
	`869`	`+ "newalbstacknewalbstackalias05E0DF53": {`
`860`	`870`	`"Type": "AWS::Route53::RecordSet",`
`861`	`871`	`"Properties": {`
`862`	`872`	`"Name": "www.test-example.com.",`
`@@ -869,7 +879,7 @@`
`869`	`879`	`"dualstack.",`
`870`	`880`	`{`
`871`	`881`	`"Fn::GetAtt": [`
`872`		`- "testroute53albtestroute53albalb7C171F50",`
	`882`	`+ "newalbstacknewalbstackalb50B67E3E",`
`873`	`883`	`"DNSName"`
`874`	`884`	`]`
`875`	`885`	`}`
`@@ -878,7 +888,7 @@`
`878`	`888`	`},`
`879`	`889`	`"HostedZoneId": {`
`880`	`890`	`"Fn::GetAtt": [`
`881`		`- "testroute53albtestroute53albalb7C171F50",`
	`891`	`+ "newalbstacknewalbstackalb50B67E3E",`
`882`	`892`	`"CanonicalHostedZoneID"`
`883`	`893`	`]`
`884`	`894`	`}`