@aws-solutions-constructs/aws-cloudfront-oai-s3 2.79.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/.jsii +4403 -0
  2. package/README.md +109 -0
  3. package/architecture.png +0 -0
  4. package/integ.config.json +7 -0
  5. package/lib/index.d.ts +118 -0
  6. package/lib/index.js +106 -0
  7. package/package.json +95 -0
  8. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.d.ts +13 -0
  9. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +56 -0
  10. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  11. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  12. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +32 -0
  13. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +1061 -0
  14. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.assets.json +19 -0
  15. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.template.json +36 -0
  16. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  17. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +215 -0
  18. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1105 -0
  19. package/test/integ.cftoais3-custom-headers.d.ts +13 -0
  20. package/test/integ.cftoais3-custom-headers.js +71 -0
  21. package/test/integ.cftoais3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  22. package/test/integ.cftoais3-custom-headers.js.snapshot/cdk.out +1 -0
  23. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.assets.json +32 -0
  24. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.template.json +1116 -0
  25. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.assets.json +19 -0
  26. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.template.json +36 -0
  27. package/test/integ.cftoais3-custom-headers.js.snapshot/integ.json +12 -0
  28. package/test/integ.cftoais3-custom-headers.js.snapshot/manifest.json +227 -0
  29. package/test/integ.cftoais3-custom-headers.js.snapshot/tree.json +1196 -0
  30. package/test/integ.cftoais3-custom-originPath.d.ts +13 -0
  31. package/test/integ.cftoais3-custom-originPath.js +48 -0
  32. package/test/integ.cftoais3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  33. package/test/integ.cftoais3-custom-originPath.js.snapshot/cdk.out +1 -0
  34. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.assets.json +32 -0
  35. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.template.json +1085 -0
  36. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.assets.json +19 -0
  37. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.template.json +36 -0
  38. package/test/integ.cftoais3-custom-originPath.js.snapshot/integ.json +12 -0
  39. package/test/integ.cftoais3-custom-originPath.js.snapshot/manifest.json +221 -0
  40. package/test/integ.cftoais3-custom-originPath.js.snapshot/tree.json +1147 -0
  41. package/test/integ.cftoais3-customLoggingBuckets.d.ts +13 -0
  42. package/test/integ.cftoais3-customLoggingBuckets.js +64 -0
  43. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  44. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  45. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.assets.json +32 -0
  46. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.template.json +1109 -0
  47. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.assets.json +19 -0
  48. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.template.json +36 -0
  49. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  50. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/manifest.json +221 -0
  51. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/tree.json +1172 -0
  52. package/test/integ.cftoais3-existing-bucket.d.ts +13 -0
  53. package/test/integ.cftoais3-existing-bucket.js +59 -0
  54. package/test/integ.cftoais3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  55. package/test/integ.cftoais3-existing-bucket.js.snapshot/cdk.out +1 -0
  56. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.assets.json +32 -0
  57. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.template.json +1131 -0
  58. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.assets.json +19 -0
  59. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.template.json +36 -0
  60. package/test/integ.cftoais3-existing-bucket.js.snapshot/integ.json +12 -0
  61. package/test/integ.cftoais3-existing-bucket.js.snapshot/manifest.json +233 -0
  62. package/test/integ.cftoais3-existing-bucket.js.snapshot/tree.json +1240 -0
  63. package/test/integ.cftoais3-no-arguments.d.ts +13 -0
  64. package/test/integ.cftoais3-no-arguments.js +53 -0
  65. package/test/integ.cftoais3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  66. package/test/integ.cftoais3-no-arguments.js.snapshot/cdk.out +1 -0
  67. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.assets.json +32 -0
  68. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.template.json +1094 -0
  69. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.assets.json +19 -0
  70. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.template.json +36 -0
  71. package/test/integ.cftoais3-no-arguments.js.snapshot/integ.json +12 -0
  72. package/test/integ.cftoais3-no-arguments.js.snapshot/manifest.json +356 -0
  73. package/test/integ.cftoais3-no-arguments.js.snapshot/tree.json +1146 -0
  74. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.d.ts +13 -0
  75. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js +60 -0
  76. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  77. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -0
  78. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.assets.json +32 -0
  79. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.template.json +743 -0
  80. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets.json +19 -0
  81. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.template.json +36 -0
  82. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +12 -0
  83. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +185 -0
  84. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +726 -0
  85. package/test/integ.cftoais3-no-logging.d.ts +13 -0
  86. package/test/integ.cftoais3-no-logging.js +56 -0
  87. package/test/integ.cftoais3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  88. package/test/integ.cftoais3-no-logging.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.assets.json +32 -0
  90. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.template.json +576 -0
  91. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.assets.json +19 -0
  92. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.template.json +36 -0
  93. package/test/integ.cftoais3-no-logging.js.snapshot/integ.json +12 -0
  94. package/test/integ.cftoais3-no-logging.js.snapshot/manifest.json +167 -0
  95. package/test/integ.cftoais3-no-logging.js.snapshot/tree.json +542 -0
  96. package/test/integ.cftoais3-no-security-headers.d.ts +13 -0
  97. package/test/integ.cftoais3-no-security-headers.js +50 -0
  98. package/test/integ.cftoais3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  99. package/test/integ.cftoais3-no-security-headers.js.snapshot/cdk.out +1 -0
  100. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.assets.json +32 -0
  101. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.template.json +1061 -0
  102. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.assets.json +19 -0
  103. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.template.json +36 -0
  104. package/test/integ.cftoais3-no-security-headers.js.snapshot/integ.json +12 -0
  105. package/test/integ.cftoais3-no-security-headers.js.snapshot/manifest.json +215 -0
  106. package/test/integ.cftoais3-no-security-headers.js.snapshot/tree.json +1105 -0
  107. package/test/test.cloudfront-oai-s3.test.d.ts +13 -0
  108. package/test/test.cloudfront-oai-s3.test.js +702 -0
@@ -0,0 +1,13 @@
1
+ /**
2
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3
+ *
4
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
5
+ * with the License. A copy of the License is located at
6
+ *
7
+ * http://www.apache.org/licenses/LICENSE-2.0
8
+ *
9
+ * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
10
+ * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
11
+ * and limitations under the License.
12
+ */
13
+ export {};
@@ -0,0 +1,71 @@
1
+ "use strict";
2
+ /**
3
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
6
+ * with the License. A copy of the License is located at
7
+ *
8
+ * http://www.apache.org/licenses/LICENSE-2.0
9
+ *
10
+ * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
11
+ * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
12
+ * and limitations under the License.
13
+ */
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ // Imports
16
+ const aws_cdk_lib_1 = require("aws-cdk-lib");
17
+ const lib_1 = require("../lib");
18
+ const core_1 = require("@aws-solutions-constructs/core");
19
+ const cloudfront = require("aws-cdk-lib/aws-cloudfront");
20
+ const integ_tests_alpha_1 = require("@aws-cdk/integ-tests-alpha");
21
+ // Setup
22
+ const app = new aws_cdk_lib_1.App();
23
+ const stack = new aws_cdk_lib_1.Stack(app, (0, core_1.generateIntegStackName)(__filename));
24
+ stack.templateOptions.description = 'Integration Test for aws-cloudfront-oai-s3';
25
+ // custom cloudfront function
26
+ const cloudfrontFunction = new cloudfront.Function(stack, "MyFunction", {
27
+ code: cloudfront.FunctionCode.fromInline("function handler(event) { var response = event.response; \
28
+ var headers = response.headers; \
29
+ headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; \
30
+ headers['content-security-policy'] = { value: \"default-src 'none'; base-uri 'self'; img-src 'self'; script-src 'self'; style-src 'self' https:; object-src 'none'; frame-ancestors 'none'; font-src 'self' https:; form-action 'self'; manifest-src 'self'; connect-src 'self'\" }; \
31
+ headers['x-content-type-options'] = { value: 'nosniff'}; \
32
+ headers['x-frame-options'] = {value: 'DENY'}; \
33
+ headers['x-xss-protection'] = {value: '1; mode=block'}; \
34
+ headers['referrer-policy'] = { value: 'same-origin' }; \
35
+ return response; \
36
+ }")
37
+ });
38
+ new lib_1.CloudFrontToOaiToS3(stack, 'test-cloudfront-oai-s3', {
39
+ cloudFrontLoggingBucketProps: {
40
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
41
+ autoDeleteObjects: true
42
+ },
43
+ cloudFrontDistributionProps: {
44
+ defaultBehavior: {
45
+ functionAssociations: [
46
+ {
47
+ eventType: cloudfront.FunctionEventType.VIEWER_RESPONSE,
48
+ function: cloudfrontFunction
49
+ }
50
+ ],
51
+ }
52
+ },
53
+ bucketProps: {
54
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
55
+ autoDeleteObjects: true
56
+ },
57
+ loggingBucketProps: {
58
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
59
+ autoDeleteObjects: true
60
+ },
61
+ cloudFrontLoggingBucketAccessLogBucketProps: {
62
+ removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
63
+ autoDeleteObjects: true
64
+ },
65
+ });
66
+ (0, core_1.suppressCustomHandlerCfnNagWarnings)(stack, 'Custom::S3AutoDeleteObjectsCustomResourceProvider');
67
+ // Synth
68
+ new integ_tests_alpha_1.IntegTest(stack, 'Integ', { testCases: [
69
+ stack
70
+ ] });
71
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcuY2Z0b2FpczMtY3VzdG9tLWhlYWRlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbnRlZy5jZnRvYWlzMy1jdXN0b20taGVhZGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7O0dBV0c7O0FBRUgsVUFBVTtBQUNWLDZDQUF3RDtBQUN4RCxnQ0FBNkM7QUFDN0MseURBQTZHO0FBQzdHLHlEQUF5RDtBQUN6RCxrRUFBdUQ7QUFFdkQsUUFBUTtBQUNSLE1BQU0sR0FBRyxHQUFHLElBQUksaUJBQUcsRUFBRSxDQUFDO0FBQ3RCLE1BQU0sS0FBSyxHQUFHLElBQUksbUJBQUssQ0FBQyxHQUFHLEVBQUUsSUFBQSw2QkFBc0IsRUFBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0FBQ2pFLEtBQUssQ0FBQyxlQUFlLENBQUMsV0FBVyxHQUFHLDRDQUE0QyxDQUFDO0FBRWpGLDZCQUE2QjtBQUM3QixNQUFNLGtCQUFrQixHQUFHLElBQUksVUFBVSxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsWUFBWSxFQUFFO0lBQ3RFLElBQUksRUFBRSxVQUFVLENBQUMsWUFBWSxDQUFDLFVBQVUsQ0FBQzs7Ozs7Ozs7O0lBU3ZDLENBQUM7Q0FDSixDQUFDLENBQUM7QUFFSCxJQUFJLHlCQUFtQixDQUFDLEtBQUssRUFBRSx3QkFBd0IsRUFBRTtJQUN2RCw0QkFBNEIsRUFBRTtRQUM1QixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1FBQ3BDLGlCQUFpQixFQUFFLElBQUk7S0FDeEI7SUFDRCwyQkFBMkIsRUFBRTtRQUMzQixlQUFlLEVBQUU7WUFDZixvQkFBb0IsRUFBRTtnQkFDcEI7b0JBQ0UsU0FBUyxFQUFFLFVBQVUsQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlO29CQUN2RCxRQUFRLEVBQUUsa0JBQWtCO2lCQUM3QjthQUNGO1NBQ0Y7S0FDRjtJQUNELFdBQVcsRUFBRTtRQUNYLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87UUFDcEMsaUJBQWlCLEVBQUUsSUFBSTtLQUN4QjtJQUNELGtCQUFrQixFQUFFO1FBQ2xCLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87UUFDcEMsaUJBQWlCLEVBQUUsSUFBSTtLQUN4QjtJQUNELDJDQUEyQyxFQUFFO1FBQzNDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87UUFDcEMsaUJBQWlCLEVBQUUsSUFBSTtLQUN4QjtDQUNGLENBQUMsQ0FBQztBQUVILElBQUEsMENBQW1DLEVBQUMsS0FBSyxFQUFFLG1EQUFtRCxDQUFDLENBQUM7QUFDaEcsUUFBUTtBQUNSLElBQUksNkJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBTyxFQUFFLEVBQUUsU0FBUyxFQUFFO1FBQ3pDLEtBQUs7S0FDTixFQUFFLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7IEFwcCwgU3RhY2ssIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENsb3VkRnJvbnRUb09haVRvUzMgfSBmcm9tIFwiLi4vbGliXCI7XG5pbXBvcnQgeyBnZW5lcmF0ZUludGVnU3RhY2tOYW1lLCBzdXBwcmVzc0N1c3RvbUhhbmRsZXJDZm5OYWdXYXJuaW5ncyB9IGZyb20gJ0Bhd3Mtc29sdXRpb25zLWNvbnN0cnVjdHMvY29yZSc7XG5pbXBvcnQgKiBhcyBjbG91ZGZyb250IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtY2xvdWRmcm9udFwiO1xuaW1wb3J0IHsgSW50ZWdUZXN0IH0gZnJvbSAnQGF3cy1jZGsvaW50ZWctdGVzdHMtYWxwaGEnO1xuXG4vLyBTZXR1cFxuY29uc3QgYXBwID0gbmV3IEFwcCgpO1xuY29uc3Qgc3RhY2sgPSBuZXcgU3RhY2soYXBwLCBnZW5lcmF0ZUludGVnU3RhY2tOYW1lKF9fZmlsZW5hbWUpKTtcbnN0YWNrLnRlbXBsYXRlT3B0aW9ucy5kZXNjcmlwdGlvbiA9ICdJbnRlZ3JhdGlvbiBUZXN0IGZvciBhd3MtY2xvdWRmcm9udC1vYWktczMnO1xuXG4vLyBjdXN0b20gY2xvdWRmcm9udCBmdW5jdGlvblxuY29uc3QgY2xvdWRmcm9udEZ1bmN0aW9uID0gbmV3IGNsb3VkZnJvbnQuRnVuY3Rpb24oc3RhY2ssIFwiTXlGdW5jdGlvblwiLCB7XG4gIGNvZGU6IGNsb3VkZnJvbnQuRnVuY3Rpb25Db2RlLmZyb21JbmxpbmUoXCJmdW5jdGlvbiBoYW5kbGVyKGV2ZW50KSB7IHZhciByZXNwb25zZSA9IGV2ZW50LnJlc3BvbnNlOyBcXFxuICAgIHZhciBoZWFkZXJzID0gcmVzcG9uc2UuaGVhZGVyczsgXFxcbiAgICBoZWFkZXJzWydzdHJpY3QtdHJhbnNwb3J0LXNlY3VyaXR5J10gPSB7IHZhbHVlOiAnbWF4LWFnZT02MzA3MjAwMDsgaW5jbHVkZVN1YmRvbWFpbnM7IHByZWxvYWQnfTsgXFxcbiAgICBoZWFkZXJzWydjb250ZW50LXNlY3VyaXR5LXBvbGljeSddID0geyB2YWx1ZTogXFxcImRlZmF1bHQtc3JjICdub25lJzsgYmFzZS11cmkgJ3NlbGYnOyBpbWctc3JjICdzZWxmJzsgc2NyaXB0LXNyYyAnc2VsZic7IHN0eWxlLXNyYyAnc2VsZicgaHR0cHM6OyBvYmplY3Qtc3JjICdub25lJzsgZnJhbWUtYW5jZXN0b3JzICdub25lJzsgZm9udC1zcmMgJ3NlbGYnIGh0dHBzOjsgZm9ybS1hY3Rpb24gJ3NlbGYnOyBtYW5pZmVzdC1zcmMgJ3NlbGYnOyBjb25uZWN0LXNyYyAnc2VsZidcXFwiIH07IFxcXG4gICAgaGVhZGVyc1sneC1jb250ZW50LXR5cGUtb3B0aW9ucyddID0geyB2YWx1ZTogJ25vc25pZmYnfTsgXFxcbiAgICBoZWFkZXJzWyd4LWZyYW1lLW9wdGlvbnMnXSA9IHt2YWx1ZTogJ0RFTlknfTsgXFxcbiAgICBoZWFkZXJzWyd4LXhzcy1wcm90ZWN0aW9uJ10gPSB7dmFsdWU6ICcxOyBtb2RlPWJsb2NrJ307IFxcXG4gICAgaGVhZGVyc1sncmVmZXJyZXItcG9saWN5J10gPSB7IHZhbHVlOiAnc2FtZS1vcmlnaW4nIH07IFxcXG4gICAgcmV0dXJuIHJlc3BvbnNlOyBcXFxuICB9XCIpXG59KTtcblxubmV3IENsb3VkRnJvbnRUb09haVRvUzMoc3RhY2ssICd0ZXN0LWNsb3VkZnJvbnQtb2FpLXMzJywge1xuICBjbG91ZEZyb250TG9nZ2luZ0J1Y2tldFByb3BzOiB7XG4gICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICAgIGF1dG9EZWxldGVPYmplY3RzOiB0cnVlXG4gIH0sXG4gIGNsb3VkRnJvbnREaXN0cmlidXRpb25Qcm9wczoge1xuICAgIGRlZmF1bHRCZWhhdmlvcjoge1xuICAgICAgZnVuY3Rpb25Bc3NvY2lhdGlvbnM6IFtcbiAgICAgICAge1xuICAgICAgICAgIGV2ZW50VHlwZTogY2xvdWRmcm9udC5GdW5jdGlvbkV2ZW50VHlwZS5WSUVXRVJfUkVTUE9OU0UsXG4gICAgICAgICAgZnVuY3Rpb246IGNsb3VkZnJvbnRGdW5jdGlvblxuICAgICAgICB9XG4gICAgICBdLFxuICAgIH1cbiAgfSxcbiAgYnVja2V0UHJvcHM6IHtcbiAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1ksXG4gICAgYXV0b0RlbGV0ZU9iamVjdHM6IHRydWVcbiAgfSxcbiAgbG9nZ2luZ0J1Y2tldFByb3BzOiB7XG4gICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICAgIGF1dG9EZWxldGVPYmplY3RzOiB0cnVlXG4gIH0sXG4gIGNsb3VkRnJvbnRMb2dnaW5nQnVja2V0QWNjZXNzTG9nQnVja2V0UHJvcHM6IHtcbiAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1ksXG4gICAgYXV0b0RlbGV0ZU9iamVjdHM6IHRydWVcbiAgfSxcbn0pO1xuXG5zdXBwcmVzc0N1c3RvbUhhbmRsZXJDZm5OYWdXYXJuaW5ncyhzdGFjaywgJ0N1c3RvbTo6UzNBdXRvRGVsZXRlT2JqZWN0c0N1c3RvbVJlc291cmNlUHJvdmlkZXInKTtcbi8vIFN5bnRoXG5uZXcgSW50ZWdUZXN0KHN0YWNrLCAnSW50ZWcnLCB7IHRlc3RDYXNlczogW1xuICBzdGFja1xuXSB9KTtcbiJdfQ==
@@ -0,0 +1 @@
1
+ "use strict";var f=Object.create,i=Object.defineProperty,I=Object.getOwnPropertyDescriptor,C=Object.getOwnPropertyNames,w=Object.getPrototypeOf,P=Object.prototype.hasOwnProperty,A=(t,e)=>{for(var o in e)i(t,o,{get:e[o],enumerable:!0})},d=(t,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of C(e))!P.call(t,s)&&s!==o&&i(t,s,{get:()=>e[s],enumerable:!(r=I(e,s))||r.enumerable});return t},l=(t,e,o)=>(o=t!=null?f(w(t)):{},d(e||!t||!t.__esModule?i(o,"default",{value:t,enumerable:!0}):o,t)),B=t=>d(i({},"__esModule",{value:!0}),t),q={};A(q,{autoDeleteHandler:()=>S,handler:()=>H}),module.exports=B(q);var h=require("@aws-sdk/client-s3"),y=l(require("https")),m=l(require("url")),a={sendHttpRequest:D,log:T,includeStackTraces:!0,userHandlerIndex:"./index"},p="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",L="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";function R(t){return async(e,o)=>{let r={...e,ResponseURL:"..."};if(a.log(JSON.stringify(r,void 0,2)),e.RequestType==="Delete"&&e.PhysicalResourceId===p){a.log("ignoring DELETE event caused by a failed CREATE event"),await u("SUCCESS",e);return}try{let s=await t(r,o),n=k(e,s);await u("SUCCESS",n)}catch(s){let n={...e,Reason:a.includeStackTraces?s.stack:s.message};n.PhysicalResourceId||(e.RequestType==="Create"?(a.log("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),n.PhysicalResourceId=p):a.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(e)}`)),await u("FAILED",n)}}}function k(t,e={}){let o=e.PhysicalResourceId??t.PhysicalResourceId??t.RequestId;if(t.RequestType==="Delete"&&o!==t.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${t.PhysicalResourceId}" to "${e.PhysicalResourceId}" during deletion`);return{...t,...e,PhysicalResourceId:o}}async function u(t,e){let o={Status:t,Reason:e.Reason??t,StackId:e.StackId,RequestId:e.RequestId,PhysicalResourceId:e.PhysicalResourceId||L,LogicalResourceId:e.LogicalResourceId,NoEcho:e.NoEcho,Data:e.Data},r=m.parse(e.ResponseURL),s=`${r.protocol}//${r.hostname}/${r.pathname}?***`;a.log("submit response to cloudformation",s,o);let n=JSON.stringify(o),E={hostname:r.hostname,path:r.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(n,"utf8")}};await O({attempts:5,sleep:1e3},a.sendHttpRequest)(E,n)}async function D(t,e){return new Promise((o,r)=>{try{let s=y.request(t,n=>{n.resume(),!n.statusCode||n.statusCode>=400?r(new Error(`Unsuccessful HTTP response: ${n.statusCode}`)):o()});s.on("error",r),s.write(e),s.end()}catch(s){r(s)}})}function T(t,...e){console.log(t,...e)}function O(t,e){return async(...o)=>{let r=t.attempts,s=t.sleep;for(;;)try{return await e(...o)}catch(n){if(r--<=0)throw n;await b(Math.floor(Math.random()*s)),s*=2}}}async function b(t){return new Promise(e=>setTimeout(e,t))}var g="aws-cdk:auto-delete-objects",x=JSON.stringify({Version:"2012-10-17",Statement:[]}),c=new h.S3({}),H=R(S);async function S(t){switch(t.RequestType){case"Create":return;case"Update":return{PhysicalResourceId:(await F(t)).PhysicalResourceId};case"Delete":return N(t.ResourceProperties?.BucketName)}}async function F(t){let e=t,o=e.OldResourceProperties?.BucketName;return{PhysicalResourceId:e.ResourceProperties?.BucketName??o}}async function _(t){try{let e=(await c.getBucketPolicy({Bucket:t}))?.Policy??x,o=JSON.parse(e);o.Statement.push({Principal:"*",Effect:"Deny",Action:["s3:PutObject"],Resource:[`arn:aws:s3:::${t}/*`]}),await c.putBucketPolicy({Bucket:t,Policy:JSON.stringify(o)})}catch(e){if(e.name==="NoSuchBucket")throw e;console.log(`Could not set new object deny policy on bucket '${t}' prior to deletion.`)}}async function U(t){let e;do{e=await c.listObjectVersions({Bucket:t});let o=[...e.Versions??[],...e.DeleteMarkers??[]];if(o.length===0)return;let r=o.map(s=>({Key:s.Key,VersionId:s.VersionId}));await c.deleteObjects({Bucket:t,Delete:{Objects:r}})}while(e?.IsTruncated)}async function N(t){if(!t)throw new Error("No BucketName was provided.");try{if(!await W(t)){console.log(`Bucket does not have '${g}' tag, skipping cleaning.`);return}await _(t),await U(t)}catch(e){if(e.name==="NoSuchBucket"){console.log(`Bucket '${t}' does not exist.`);return}throw e}}async function W(t){return(await c.getBucketTagging({Bucket:t})).TagSet?.some(o=>o.Key===g&&o.Value==="true")}
@@ -0,0 +1 @@
1
+ {"version":"39.0.0"}
@@ -0,0 +1,32 @@
1
+ {
2
+ "version": "39.0.0",
3
+ "files": {
4
+ "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6": {
5
+ "source": {
6
+ "path": "asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6",
7
+ "packaging": "zip"
8
+ },
9
+ "destinations": {
10
+ "current_account-current_region": {
11
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
12
+ "objectKey": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip",
13
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
14
+ }
15
+ }
16
+ },
17
+ "f6153949838b54febf87fbd9d963cfa64b58fdb917f0278405f6d4a71d8c1954": {
18
+ "source": {
19
+ "path": "cftoais3-custom-headers.template.json",
20
+ "packaging": "file"
21
+ },
22
+ "destinations": {
23
+ "current_account-current_region": {
24
+ "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
25
+ "objectKey": "f6153949838b54febf87fbd9d963cfa64b58fdb917f0278405f6d4a71d8c1954.json",
26
+ "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
27
+ }
28
+ }
29
+ }
30
+ },
31
+ "dockerImages": {}
32
+ }