@aws-solutions-constructs/aws-cloudfront-s3 2.51.0 → 2.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintignore +2 -0
- package/.jsii +50 -5
- package/integ.config.json +7 -0
- package/lib/index.js +1 -1
- package/package.json +11 -10
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +6 -3
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.assets.json +45 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.template.json +960 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.assets.json +19 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithcmkprovidedasexistingbucketIntegDefaultTestDeployAssertF6031114.template.json +36 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/manifest.json +221 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js.snapshot/tree.json +1326 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +6 -3
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +19 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +594 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.assets.json +19 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cfts3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert03A82C16.template.json +36 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +167 -0
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +790 -0
- package/test/integ.cfts3-bucket-with-http-origin.js +6 -3
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.assets.json +19 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3-bucket-with-http-origin.template.json +559 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.assets.json +19 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/cfts3bucketwithhttporiginIntegDefaultTestDeployAssert75EB76AB.template.json +36 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/manifest.json +161 -0
- package/test/integ.cfts3-bucket-with-http-origin.js.snapshot/tree.json +753 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +6 -3
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.d.ts +30 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f/index.js +127 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/cfn-response.js +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/consts.js +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/framework.js +3 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/outbound.js +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94/util.js +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.assets.json +45 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3-cmk-provided-as-bucket-prop.template.json +960 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.assets.json +19 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/cfts3cmkprovidedasbucketpropIntegDefaultTestDeployAssert38E63D55.template.json +36 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/manifest.json +221 -0
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.js.snapshot/tree.json +1326 -0
- package/test/integ.cfts3-custom-headers.js +6 -3
- package/test/integ.cfts3-custom-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.assets.json +32 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3-custom-headers.template.json +981 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.assets.json +19 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/cfts3customheadersIntegDefaultTestDeployAssert6EEC9973.template.json +36 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/manifest.json +215 -0
- package/test/integ.cfts3-custom-headers.js.snapshot/tree.json +1167 -0
- package/test/integ.cfts3-custom-originPath.js +6 -3
- package/test/integ.cfts3-custom-originPath.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.assets.json +32 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3-custom-originPath.template.json +950 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.assets.json +19 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/cfts3customoriginPathIntegDefaultTestDeployAssert61F499B2.template.json +36 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/manifest.json +209 -0
- package/test/integ.cfts3-custom-originPath.js.snapshot/tree.json +1117 -0
- package/test/integ.cfts3-customLoggingBuckets.js +6 -3
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.assets.json +32 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3-customLoggingBuckets.template.json +987 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.assets.json +19 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/cfts3customLoggingBucketsIntegDefaultTestDeployAssert4D171F9F.template.json +36 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/manifest.json +209 -0
- package/test/integ.cfts3-customLoggingBuckets.js.snapshot/tree.json +1156 -0
- package/test/integ.cfts3-existing-bucket.js +6 -3
- package/test/integ.cfts3-existing-bucket.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.assets.json +32 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3-existing-bucket.template.json +1014 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.assets.json +19 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/cfts3existingbucketIntegDefaultTestDeployAssertA6D4EB49.template.json +36 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/manifest.json +221 -0
- package/test/integ.cfts3-existing-bucket.js.snapshot/tree.json +1229 -0
- package/test/integ.cfts3-no-arguments.js +6 -3
- package/test/integ.cfts3-no-arguments.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.assets.json +32 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3-no-arguments.template.json +959 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.assets.json +19 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/cfts3noargumentsIntegDefaultTestDeployAssertBA5AFA25.template.json +36 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/manifest.json +209 -0
- package/test/integ.cfts3-no-arguments.js.snapshot/tree.json +1117 -0
- package/test/integ.cfts3-no-security-headers.js +6 -3
- package/test/integ.cfts3-no-security-headers.js.snapshot/asset.b7f33614a69548d6bafe224d751a7ef238cde19097415e553fe8b63a4c8fd8a6/index.js +1 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cdk.out +1 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.assets.json +32 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3-no-security-headers.template.json +926 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.assets.json +19 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/cfts3nosecurityheadersIntegDefaultTestDeployAssert38FE05BE.template.json +36 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/integ.json +12 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/manifest.json +203 -0
- package/test/integ.cfts3-no-security-headers.js.snapshot/tree.json +1076 -0
- package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.expected.json +0 -960
- package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.expected.json +0 -594
- package/test/integ.cfts3-bucket-with-http-origin.expected.json +0 -559
- package/test/integ.cfts3-cmk-encryption.expected.json +0 -527
- package/test/integ.cfts3-cmk-provided-as-bucket-prop.expected.json +0 -960
- package/test/integ.cfts3-custom-headers.expected.json +0 -981
- package/test/integ.cfts3-custom-originPath.expected.json +0 -950
- package/test/integ.cfts3-customCloudFrontLoggingBucket.expected.json +0 -700
- package/test/integ.cfts3-customLoggingBuckets.expected.json +0 -987
- package/test/integ.cfts3-existing-bucket.expected.json +0 -1014
- package/test/integ.cfts3-no-arguments.expected.json +0 -959
- package/test/integ.cfts3-no-security-headers.expected.json +0 -926
|
@@ -17,6 +17,7 @@ const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
|
17
17
|
const lib_1 = require("../lib");
|
|
18
18
|
const core_1 = require("@aws-solutions-constructs/core");
|
|
19
19
|
const aws_s3_1 = require("aws-cdk-lib/aws-s3");
|
|
20
|
+
const integ_tests_alpha_1 = require("@aws-cdk/integ-tests-alpha");
|
|
20
21
|
// Setup
|
|
21
22
|
const app = new aws_cdk_lib_1.App();
|
|
22
23
|
const stack = new aws_cdk_lib_1.Stack(app, core_1.generateIntegStackName(__filename));
|
|
@@ -35,7 +36,9 @@ const props = {
|
|
|
35
36
|
insertHttpSecurityHeaders: false
|
|
36
37
|
};
|
|
37
38
|
new lib_1.CloudFrontToS3(stack, 'test-cloudfront-s3-cmk-encryption-key', props);
|
|
38
|
-
core_1.
|
|
39
|
+
core_1.suppressCustomHandlerCfnNagWarnings(stack, 'Custom::S3AutoDeleteObjectsCustomResourceProvider');
|
|
39
40
|
// Synth
|
|
40
|
-
|
|
41
|
-
|
|
41
|
+
new integ_tests_alpha_1.IntegTest(stack, 'Integ', { testCases: [
|
|
42
|
+
stack
|
|
43
|
+
] });
|
|
44
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcuY2Z0czMtY21rLXByb3ZpZGVkLWFzLWJ1Y2tldC1wcm9wLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcuY2Z0czMtY21rLXByb3ZpZGVkLWFzLWJ1Y2tldC1wcm9wLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFFSCxVQUFVO0FBQ1YsNkNBQWlFO0FBQ2pFLGdDQUE2RDtBQUM3RCx5REFBNkc7QUFDN0csK0NBQXNEO0FBQ3RELGtFQUF1RDtBQUV2RCxRQUFRO0FBQ1IsTUFBTSxHQUFHLEdBQUcsSUFBSSxpQkFBRyxFQUFFLENBQUM7QUFDdEIsTUFBTSxLQUFLLEdBQUcsSUFBSSxtQkFBSyxDQUFDLEdBQUcsRUFBRSw2QkFBc0IsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0FBQ2pFLEtBQUssQ0FBQyxlQUFlLENBQUMsV0FBVyxHQUFHLHdDQUF3QyxDQUFDO0FBRTdFLGNBQWM7QUFDZCxNQUFNLGFBQWEsR0FBRyxJQUFJLHFCQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRSxRQUFRLEVBQUU7SUFDckQsaUJBQWlCLEVBQUUsSUFBSTtJQUN2QixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO0NBQ3JDLENBQUMsQ0FBQztBQUVILE1BQU0sS0FBSyxHQUF3QjtJQUNqQyxXQUFXLEVBQUU7UUFDWCxVQUFVLEVBQUUsSUFBSTtRQUNoQixVQUFVLEVBQUUseUJBQWdCLENBQUMsR0FBRztRQUNoQyxhQUFhO0tBQ2Q7SUFDRCx5QkFBeUIsRUFBRSxLQUFLO0NBQ2pDLENBQUM7QUFFRixJQUFJLG9CQUFjLENBQUMsS0FBSyxFQUFFLHVDQUF1QyxFQUFFLEtBQUssQ0FBQyxDQUFDO0FBRTFFLDBDQUFtQyxDQUFDLEtBQUssRUFBRSxtREFBbUQsQ0FBQyxDQUFDO0FBRWhHLFFBQVE7QUFDUixJQUFJLDZCQUFTLENBQUMsS0FBSyxFQUFFLE9BQU8sRUFBRSxFQUFFLFNBQVMsRUFBRTtRQUN6QyxLQUFLO0tBQ04sRUFBRSxDQUFDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqICBDb3B5cmlnaHQgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbiAqXG4gKiAgTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlIFwiTGljZW5zZVwiKS4gWW91IG1heSBub3QgdXNlIHRoaXMgZmlsZSBleGNlcHQgaW4gY29tcGxpYW5jZVxuICogIHdpdGggdGhlIExpY2Vuc2UuIEEgY29weSBvZiB0aGUgTGljZW5zZSBpcyBsb2NhdGVkIGF0XG4gKlxuICogICAgICBodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvTElDRU5TRS0yLjBcbiAqXG4gKiAgb3IgaW4gdGhlICdsaWNlbnNlJyBmaWxlIGFjY29tcGFueWluZyB0aGlzIGZpbGUuIFRoaXMgZmlsZSBpcyBkaXN0cmlidXRlZCBvbiBhbiAnQVMgSVMnIEJBU0lTLCBXSVRIT1VUIFdBUlJBTlRJRVNcbiAqICBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBleHByZXNzIG9yIGltcGxpZWQuIFNlZSB0aGUgTGljZW5zZSBmb3IgdGhlIHNwZWNpZmljIGxhbmd1YWdlIGdvdmVybmluZyBwZXJtaXNzaW9uc1xuICogIGFuZCBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS5cbiAqL1xuXG4vLyBJbXBvcnRzXG5pbXBvcnQgeyBBcHAsIFN0YWNrLCBSZW1vdmFsUG9saWN5LCBhd3Nfa21zIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBDbG91ZEZyb250VG9TMywgQ2xvdWRGcm9udFRvUzNQcm9wcyB9IGZyb20gXCIuLi9saWJcIjtcbmltcG9ydCB7IGdlbmVyYXRlSW50ZWdTdGFja05hbWUsIHN1cHByZXNzQ3VzdG9tSGFuZGxlckNmbk5hZ1dhcm5pbmdzIH0gZnJvbSAnQGF3cy1zb2x1dGlvbnMtY29uc3RydWN0cy9jb3JlJztcbmltcG9ydCB7IEJ1Y2tldEVuY3J5cHRpb24gfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXMzXCI7XG5pbXBvcnQgeyBJbnRlZ1Rlc3QgfSBmcm9tICdAYXdzLWNkay9pbnRlZy10ZXN0cy1hbHBoYSc7XG5cbi8vIFNldHVwXG5jb25zdCBhcHAgPSBuZXcgQXBwKCk7XG5jb25zdCBzdGFjayA9IG5ldyBTdGFjayhhcHAsIGdlbmVyYXRlSW50ZWdTdGFja05hbWUoX19maWxlbmFtZSkpO1xuc3RhY2sudGVtcGxhdGVPcHRpb25zLmRlc2NyaXB0aW9uID0gJ0ludGVncmF0aW9uIFRlc3QgZm9yIGF3cy1jbG91ZGZyb250LXMzJztcblxuLy8gRGVmaW5pdGlvbnNcbmNvbnN0IGVuY3J5cHRpb25LZXkgPSBuZXcgYXdzX2ttcy5LZXkoc3RhY2ssICdjbWtLZXknLCB7XG4gIGVuYWJsZUtleVJvdGF0aW9uOiB0cnVlLFxuICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1lcbn0pO1xuXG5jb25zdCBwcm9wczogQ2xvdWRGcm9udFRvUzNQcm9wcyA9IHtcbiAgYnVja2V0UHJvcHM6IHtcbiAgICBlbmZvcmNlU1NMOiB0cnVlLFxuICAgIGVuY3J5cHRpb246IEJ1Y2tldEVuY3J5cHRpb24uS01TLFxuICAgIGVuY3J5cHRpb25LZXlcbiAgfSxcbiAgaW5zZXJ0SHR0cFNlY3VyaXR5SGVhZGVyczogZmFsc2Vcbn07XG5cbm5ldyBDbG91ZEZyb250VG9TMyhzdGFjaywgJ3Rlc3QtY2xvdWRmcm9udC1zMy1jbWstZW5jcnlwdGlvbi1rZXknLCBwcm9wcyk7XG5cbnN1cHByZXNzQ3VzdG9tSGFuZGxlckNmbk5hZ1dhcm5pbmdzKHN0YWNrLCAnQ3VzdG9tOjpTM0F1dG9EZWxldGVPYmplY3RzQ3VzdG9tUmVzb3VyY2VQcm92aWRlcicpO1xuXG4vLyBTeW50aFxubmV3IEludGVnVGVzdChzdGFjaywgJ0ludGVnJywgeyB0ZXN0Q2FzZXM6IFtcbiAgc3RhY2tcbl0gfSk7XG4iXX0=
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
|
|
5
|
+
* with the License. A copy of the License is located at
|
|
6
|
+
*
|
|
7
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
*
|
|
9
|
+
* or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
|
|
10
|
+
* OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
|
|
11
|
+
* and limitations under the License.
|
|
12
|
+
*/
|
|
13
|
+
export declare const handler: (event: any, context: any) => Promise<{
|
|
14
|
+
Status: string;
|
|
15
|
+
Reason: string;
|
|
16
|
+
PhysicalResourceId: any;
|
|
17
|
+
StackId: any;
|
|
18
|
+
RequestId: any;
|
|
19
|
+
LogicalResourceId: any;
|
|
20
|
+
Data: {};
|
|
21
|
+
}>;
|
|
22
|
+
/**
|
|
23
|
+
* Updates a provided key policy with a provided key policy statement. First checks whether the provided key policy statement
|
|
24
|
+
* already exists. If an existing key policy is found with a matching sid, the provided key policy will overwrite the existing
|
|
25
|
+
* key policy. If no matching key policy is found, the provided key policy will be appended onto the array of policy statements.
|
|
26
|
+
* @param keyPolicy - the JSON.parse'd result of the otherwise stringified key policy.
|
|
27
|
+
* @param keyPolicyStatement - the key policy statement to be added to the key policy.
|
|
28
|
+
* @returns keyPolicy - the updated key policy.
|
|
29
|
+
*/
|
|
30
|
+
export declare const updateKeyPolicy: (keyPolicy: any, keyPolicyStatement: any) => any;
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
*
|
|
5
|
+
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
|
|
6
|
+
* with the License. A copy of the License is located at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
|
|
11
|
+
* OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
|
|
12
|
+
* and limitations under the License.
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.updateKeyPolicy = exports.handler = void 0;
|
|
16
|
+
const client_kms_1 = require("@aws-sdk/client-kms");
|
|
17
|
+
const kmsClient = new client_kms_1.KMSClient();
|
|
18
|
+
exports.handler = async (event, context) => {
|
|
19
|
+
let status = 'SUCCESS';
|
|
20
|
+
let responseData = {};
|
|
21
|
+
if (event.RequestType === 'Create' || event.RequestType === 'Update') {
|
|
22
|
+
try {
|
|
23
|
+
const kmsKeyId = event.ResourceProperties.KmsKeyId;
|
|
24
|
+
const cloudFrontDistributionId = event.ResourceProperties.CloudFrontDistributionId;
|
|
25
|
+
const accountId = event.ResourceProperties.AccountId;
|
|
26
|
+
const region = process.env.AWS_REGION;
|
|
27
|
+
const describeKeyCommandResponse = await kmsClient.send(new client_kms_1.DescribeKeyCommand({
|
|
28
|
+
KeyId: kmsKeyId
|
|
29
|
+
}));
|
|
30
|
+
if (describeKeyCommandResponse.KeyMetadata?.KeyManager === client_kms_1.KeyManagerType.AWS) {
|
|
31
|
+
return {
|
|
32
|
+
Status: 'SUCCESS',
|
|
33
|
+
Reason: 'An AWS managed key was provided, no action needed from the custom resource, exiting now.',
|
|
34
|
+
PhysicalResourceId: event.PhysicalResourceId ?? context.logStreamName,
|
|
35
|
+
StackId: event.StackId,
|
|
36
|
+
RequestId: event.RequestId,
|
|
37
|
+
LogicalResourceId: event.LogicalResourceId,
|
|
38
|
+
Data: 'An AWS managed key was provided, no action needed from the custom resource, exiting now.',
|
|
39
|
+
};
|
|
40
|
+
}
|
|
41
|
+
// The PolicyName is specified as "default" below because that is the only valid name as
|
|
42
|
+
// written in the documentation for @aws-sdk/client-kms.GetKeyPolicyCommandInput:
|
|
43
|
+
// https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-kms/Interface/GetKeyPolicyCommandInput/
|
|
44
|
+
const getKeyPolicyCommandResponse = await kmsClient.send(new client_kms_1.GetKeyPolicyCommand({
|
|
45
|
+
KeyId: kmsKeyId,
|
|
46
|
+
PolicyName: 'default'
|
|
47
|
+
}));
|
|
48
|
+
if (!getKeyPolicyCommandResponse.Policy) {
|
|
49
|
+
return {
|
|
50
|
+
Status: 'FAILED',
|
|
51
|
+
Reason: 'An error occurred while retrieving the key policy.',
|
|
52
|
+
PhysicalResourceId: event.PhysicalResourceId ?? context.logStreamName,
|
|
53
|
+
StackId: event.StackId,
|
|
54
|
+
RequestId: event.RequestId,
|
|
55
|
+
LogicalResourceId: event.LogicalResourceId,
|
|
56
|
+
Data: 'An error occurred while retrieving the key policy.',
|
|
57
|
+
};
|
|
58
|
+
}
|
|
59
|
+
// Define the updated key policy to allow CloudFront access
|
|
60
|
+
const keyPolicy = JSON.parse(getKeyPolicyCommandResponse?.Policy);
|
|
61
|
+
const keyPolicyStatement = {
|
|
62
|
+
Sid: 'Grant-CloudFront-Distribution-Key-Usage',
|
|
63
|
+
Effect: 'Allow',
|
|
64
|
+
Principal: {
|
|
65
|
+
Service: 'cloudfront.amazonaws.com',
|
|
66
|
+
},
|
|
67
|
+
Action: [
|
|
68
|
+
'kms:Decrypt',
|
|
69
|
+
'kms:Encrypt',
|
|
70
|
+
'kms:GenerateDataKey*',
|
|
71
|
+
'kms:ReEncrypt*'
|
|
72
|
+
],
|
|
73
|
+
Resource: `arn:aws:kms:${region}:${accountId}:key/${kmsKeyId}`,
|
|
74
|
+
Condition: {
|
|
75
|
+
StringEquals: {
|
|
76
|
+
'AWS:SourceArn': `arn:aws:cloudfront::${accountId}:distribution/${cloudFrontDistributionId}`
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
};
|
|
80
|
+
const updatedKeyPolicy = exports.updateKeyPolicy(keyPolicy, keyPolicyStatement);
|
|
81
|
+
await kmsClient.send(new client_kms_1.PutKeyPolicyCommand({
|
|
82
|
+
KeyId: kmsKeyId,
|
|
83
|
+
Policy: JSON.stringify(updatedKeyPolicy),
|
|
84
|
+
PolicyName: 'default'
|
|
85
|
+
}));
|
|
86
|
+
}
|
|
87
|
+
catch (err) {
|
|
88
|
+
status = 'FAILED';
|
|
89
|
+
responseData = {
|
|
90
|
+
Error: JSON.stringify(err)
|
|
91
|
+
};
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
return {
|
|
95
|
+
Status: status,
|
|
96
|
+
Reason: JSON.stringify(responseData),
|
|
97
|
+
PhysicalResourceId: event.PhysicalResourceId ?? context.logStreamName,
|
|
98
|
+
StackId: event.StackId,
|
|
99
|
+
RequestId: event.RequestId,
|
|
100
|
+
LogicalResourceId: event.LogicalResourceId,
|
|
101
|
+
Data: responseData,
|
|
102
|
+
};
|
|
103
|
+
};
|
|
104
|
+
/**
|
|
105
|
+
* Updates a provided key policy with a provided key policy statement. First checks whether the provided key policy statement
|
|
106
|
+
* already exists. If an existing key policy is found with a matching sid, the provided key policy will overwrite the existing
|
|
107
|
+
* key policy. If no matching key policy is found, the provided key policy will be appended onto the array of policy statements.
|
|
108
|
+
* @param keyPolicy - the JSON.parse'd result of the otherwise stringified key policy.
|
|
109
|
+
* @param keyPolicyStatement - the key policy statement to be added to the key policy.
|
|
110
|
+
* @returns keyPolicy - the updated key policy.
|
|
111
|
+
*/
|
|
112
|
+
exports.updateKeyPolicy = (keyPolicy, keyPolicyStatement) => {
|
|
113
|
+
// Check to see if a duplicate key policy exists by matching on the sid. This is to prevent duplicate key policies
|
|
114
|
+
// from being added/updated in response to a stack being updated one or more times after initial creation.
|
|
115
|
+
const existingKeyPolicyIndex = keyPolicy.Statement.findIndex((statement) => statement.Sid === keyPolicyStatement.Sid);
|
|
116
|
+
// If a match is found, overwrite the key policy statement...
|
|
117
|
+
// Otherwise, push the new key policy to the array of statements
|
|
118
|
+
if (existingKeyPolicyIndex > -1) {
|
|
119
|
+
keyPolicy.Statement[existingKeyPolicyIndex] = keyPolicyStatement;
|
|
120
|
+
}
|
|
121
|
+
else {
|
|
122
|
+
keyPolicy.Statement.push(keyPolicyStatement);
|
|
123
|
+
}
|
|
124
|
+
// Return the result
|
|
125
|
+
return keyPolicy;
|
|
126
|
+
};
|
|
127
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7O0dBV0c7OztBQUVILG9EQUE4SDtBQUU5SCxNQUFNLFNBQVMsR0FBRyxJQUFJLHNCQUFTLEVBQUUsQ0FBQztBQUVyQixRQUFBLE9BQU8sR0FBRyxLQUFLLEVBQUUsS0FBVSxFQUFFLE9BQVksRUFBRSxFQUFFO0lBRXhELElBQUksTUFBTSxHQUFHLFNBQVMsQ0FBQztJQUN2QixJQUFJLFlBQVksR0FBRyxFQUFFLENBQUM7SUFFdEIsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUVwRSxJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQztZQUNuRCxNQUFNLHdCQUF3QixHQUFHLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyx3QkFBd0IsQ0FBQztZQUNuRixNQUFNLFNBQVMsR0FBRyxLQUFLLENBQUMsa0JBQWtCLENBQUMsU0FBUyxDQUFDO1lBQ3JELE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDO1lBRXRDLE1BQU0sMEJBQTBCLEdBQUcsTUFBTSxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksK0JBQWtCLENBQUM7Z0JBQzdFLEtBQUssRUFBRSxRQUFRO2FBQ2hCLENBQUMsQ0FBQyxDQUFDO1lBRUosSUFBSSwwQkFBMEIsQ0FBQyxXQUFXLEVBQUUsVUFBVSxLQUFLLDJCQUFjLENBQUMsR0FBRyxFQUFFO2dCQUM3RSxPQUFPO29CQUNMLE1BQU0sRUFBRSxTQUFTO29CQUNqQixNQUFNLEVBQUUsMEZBQTBGO29CQUNsRyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLElBQUksT0FBTyxDQUFDLGFBQWE7b0JBQ3JFLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztvQkFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO29CQUMxQixpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO29CQUMxQyxJQUFJLEVBQUUsMEZBQTBGO2lCQUNqRyxDQUFDO2FBQ0g7WUFFRCx3RkFBd0Y7WUFDeEYsaUZBQWlGO1lBQ2pGLHlIQUF5SDtZQUN6SCxNQUFNLDJCQUEyQixHQUFHLE1BQU0sU0FBUyxDQUFDLElBQUksQ0FBQyxJQUFJLGdDQUFtQixDQUFDO2dCQUMvRSxLQUFLLEVBQUUsUUFBUTtnQkFDZixVQUFVLEVBQUUsU0FBUzthQUN0QixDQUFDLENBQUMsQ0FBQztZQUVKLElBQUksQ0FBQywyQkFBMkIsQ0FBQyxNQUFNLEVBQUU7Z0JBQ3ZDLE9BQU87b0JBQ0wsTUFBTSxFQUFFLFFBQVE7b0JBQ2hCLE1BQU0sRUFBRSxvREFBb0Q7b0JBQzVELGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSxPQUFPLENBQUMsYUFBYTtvQkFDckUsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO29CQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7b0JBQzFCLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7b0JBQzFDLElBQUksRUFBRSxvREFBb0Q7aUJBQzNELENBQUM7YUFDSDtZQUVELDJEQUEyRDtZQUMzRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLDJCQUEyQixFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ2xFLE1BQU0sa0JBQWtCLEdBQUc7Z0JBQ3pCLEdBQUcsRUFBRSx5Q0FBeUM7Z0JBQzlDLE1BQU0sRUFBRSxPQUFPO2dCQUNmLFNBQVMsRUFBRTtvQkFDVCxPQUFPLEVBQUUsMEJBQTBCO2lCQUNwQztnQkFDRCxNQUFNLEVBQUU7b0JBQ04sYUFBYTtvQkFDYixhQUFhO29CQUNiLHNCQUFzQjtvQkFDdEIsZ0JBQWdCO2lCQUNqQjtnQkFDRCxRQUFRLEVBQUUsZUFBZSxNQUFNLElBQUksU0FBUyxRQUFRLFFBQVEsRUFBRTtnQkFDOUQsU0FBUyxFQUFFO29CQUNULFlBQVksRUFBRTt3QkFDWixlQUFlLEVBQUUsdUJBQXVCLFNBQVMsaUJBQWlCLHdCQUF3QixFQUFFO3FCQUM3RjtpQkFDRjthQUNGLENBQUM7WUFDRixNQUFNLGdCQUFnQixHQUFHLHVCQUFlLENBQUMsU0FBUyxFQUFFLGtCQUFrQixDQUFDLENBQUM7WUFFeEUsTUFBTSxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksZ0NBQW1CLENBQUM7Z0JBQzNDLEtBQUssRUFBRSxRQUFRO2dCQUNmLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGdCQUFnQixDQUFDO2dCQUN4QyxVQUFVLEVBQUUsU0FBUzthQUN0QixDQUFDLENBQUMsQ0FBQztTQUNMO1FBQUMsT0FBTyxHQUFHLEVBQUU7WUFDWixNQUFNLEdBQUcsUUFBUSxDQUFDO1lBQ2xCLFlBQVksR0FBRztnQkFDYixLQUFLLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUM7YUFDM0IsQ0FBQztTQUNIO0tBQ0Y7SUFFRCxPQUFPO1FBQ0wsTUFBTSxFQUFFLE1BQU07UUFDZCxNQUFNLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxZQUFZLENBQUM7UUFDcEMsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLE9BQU8sQ0FBQyxhQUFhO1FBQ3JFLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztRQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7UUFDMUIsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtRQUMxQyxJQUFJLEVBQUUsWUFBWTtLQUNuQixDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBRUY7Ozs7Ozs7R0FPRztBQUNVLFFBQUEsZUFBZSxHQUFHLENBQUMsU0FBYyxFQUFFLGtCQUF1QixFQUFFLEVBQUU7SUFDekUsa0hBQWtIO0lBQ2xILDBHQUEwRztJQUMxRyxNQUFNLHNCQUFzQixHQUFHLFNBQVMsQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLENBQUMsU0FBYyxFQUFFLEVBQUUsQ0FBQyxTQUFTLENBQUMsR0FBRyxLQUFLLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzNILDZEQUE2RDtJQUM3RCxnRUFBZ0U7SUFDaEUsSUFBSSxzQkFBc0IsR0FBRyxDQUFDLENBQUMsRUFBRTtRQUMvQixTQUFTLENBQUMsU0FBUyxDQUFDLHNCQUFzQixDQUFDLEdBQUcsa0JBQWtCLENBQUM7S0FDbEU7U0FBTTtRQUNMLFNBQVMsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLENBQUM7S0FDOUM7SUFDRCxvQkFBb0I7SUFDcEIsT0FBTyxTQUFTLENBQUM7QUFDbkIsQ0FBQyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiAgQ29weXJpZ2h0IEFtYXpvbi5jb20sIEluYy4gb3IgaXRzIGFmZmlsaWF0ZXMuIEFsbCBSaWdodHMgUmVzZXJ2ZWQuXG4gKlxuICogIExpY2Vuc2VkIHVuZGVyIHRoZSBBcGFjaGUgTGljZW5zZSwgVmVyc2lvbiAyLjAgKHRoZSBcIkxpY2Vuc2VcIikuIFlvdSBtYXkgbm90IHVzZSB0aGlzIGZpbGUgZXhjZXB0IGluIGNvbXBsaWFuY2VcbiAqICB3aXRoIHRoZSBMaWNlbnNlLiBBIGNvcHkgb2YgdGhlIExpY2Vuc2UgaXMgbG9jYXRlZCBhdFxuICpcbiAqICAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzL0xJQ0VOU0UtMi4wXG4gKlxuICogIG9yIGluIHRoZSAnbGljZW5zZScgZmlsZSBhY2NvbXBhbnlpbmcgdGhpcyBmaWxlLiBUaGlzIGZpbGUgaXMgZGlzdHJpYnV0ZWQgb24gYW4gJ0FTIElTJyBCQVNJUywgV0lUSE9VVCBXQVJSQU5USUVTXG4gKiAgT1IgQ09ORElUSU9OUyBPRiBBTlkgS0lORCwgZXhwcmVzcyBvciBpbXBsaWVkLiBTZWUgdGhlIExpY2Vuc2UgZm9yIHRoZSBzcGVjaWZpYyBsYW5ndWFnZSBnb3Zlcm5pbmcgcGVybWlzc2lvbnNcbiAqICBhbmQgbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuaW1wb3J0IHsgS01TQ2xpZW50LCBHZXRLZXlQb2xpY3lDb21tYW5kLCBEZXNjcmliZUtleUNvbW1hbmQsIFB1dEtleVBvbGljeUNvbW1hbmQsIEtleU1hbmFnZXJUeXBlIH0gZnJvbSBcIkBhd3Mtc2RrL2NsaWVudC1rbXNcIjtcblxuY29uc3Qga21zQ2xpZW50ID0gbmV3IEtNU0NsaWVudCgpO1xuXG5leHBvcnQgY29uc3QgaGFuZGxlciA9IGFzeW5jIChldmVudDogYW55LCBjb250ZXh0OiBhbnkpID0+IHtcblxuICBsZXQgc3RhdHVzID0gJ1NVQ0NFU1MnO1xuICBsZXQgcmVzcG9uc2VEYXRhID0ge307XG5cbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJyB8fCBldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcblxuICAgIHRyeSB7XG4gICAgICBjb25zdCBrbXNLZXlJZCA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5LbXNLZXlJZDtcbiAgICAgIGNvbnN0IGNsb3VkRnJvbnREaXN0cmlidXRpb25JZCA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5DbG91ZEZyb250RGlzdHJpYnV0aW9uSWQ7XG4gICAgICBjb25zdCBhY2NvdW50SWQgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuQWNjb3VudElkO1xuICAgICAgY29uc3QgcmVnaW9uID0gcHJvY2Vzcy5lbnYuQVdTX1JFR0lPTjtcblxuICAgICAgY29uc3QgZGVzY3JpYmVLZXlDb21tYW5kUmVzcG9uc2UgPSBhd2FpdCBrbXNDbGllbnQuc2VuZChuZXcgRGVzY3JpYmVLZXlDb21tYW5kKHtcbiAgICAgICAgS2V5SWQ6IGttc0tleUlkXG4gICAgICB9KSk7XG5cbiAgICAgIGlmIChkZXNjcmliZUtleUNvbW1hbmRSZXNwb25zZS5LZXlNZXRhZGF0YT8uS2V5TWFuYWdlciA9PT0gS2V5TWFuYWdlclR5cGUuQVdTKSB7XG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgU3RhdHVzOiAnU1VDQ0VTUycsXG4gICAgICAgICAgUmVhc29uOiAnQW4gQVdTIG1hbmFnZWQga2V5IHdhcyBwcm92aWRlZCwgbm8gYWN0aW9uIG5lZWRlZCBmcm9tIHRoZSBjdXN0b20gcmVzb3VyY2UsIGV4aXRpbmcgbm93LicsXG4gICAgICAgICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY29udGV4dC5sb2dTdHJlYW1OYW1lLFxuICAgICAgICAgIFN0YWNrSWQ6IGV2ZW50LlN0YWNrSWQsXG4gICAgICAgICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgICAgICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgICAgICAgIERhdGE6ICdBbiBBV1MgbWFuYWdlZCBrZXkgd2FzIHByb3ZpZGVkLCBubyBhY3Rpb24gbmVlZGVkIGZyb20gdGhlIGN1c3RvbSByZXNvdXJjZSwgZXhpdGluZyBub3cuJyxcbiAgICAgICAgfTtcbiAgICAgIH1cblxuICAgICAgLy8gVGhlIFBvbGljeU5hbWUgaXMgc3BlY2lmaWVkIGFzIFwiZGVmYXVsdFwiIGJlbG93IGJlY2F1c2UgdGhhdCBpcyB0aGUgb25seSB2YWxpZCBuYW1lIGFzXG4gICAgICAvLyB3cml0dGVuIGluIHRoZSBkb2N1bWVudGF0aW9uIGZvciBAYXdzLXNkay9jbGllbnQta21zLkdldEtleVBvbGljeUNvbW1hbmRJbnB1dDpcbiAgICAgIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL3YzL2xhdGVzdC9QYWNrYWdlLy1hd3Mtc2RrLWNsaWVudC1rbXMvSW50ZXJmYWNlL0dldEtleVBvbGljeUNvbW1hbmRJbnB1dC9cbiAgICAgIGNvbnN0IGdldEtleVBvbGljeUNvbW1hbmRSZXNwb25zZSA9IGF3YWl0IGttc0NsaWVudC5zZW5kKG5ldyBHZXRLZXlQb2xpY3lDb21tYW5kKHtcbiAgICAgICAgS2V5SWQ6IGttc0tleUlkLFxuICAgICAgICBQb2xpY3lOYW1lOiAnZGVmYXVsdCdcbiAgICAgIH0pKTtcblxuICAgICAgaWYgKCFnZXRLZXlQb2xpY3lDb21tYW5kUmVzcG9uc2UuUG9saWN5KSB7XG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgU3RhdHVzOiAnRkFJTEVEJyxcbiAgICAgICAgICBSZWFzb246ICdBbiBlcnJvciBvY2N1cnJlZCB3aGlsZSByZXRyaWV2aW5nIHRoZSBrZXkgcG9saWN5LicsXG4gICAgICAgICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY29udGV4dC5sb2dTdHJlYW1OYW1lLFxuICAgICAgICAgIFN0YWNrSWQ6IGV2ZW50LlN0YWNrSWQsXG4gICAgICAgICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgICAgICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgICAgICAgIERhdGE6ICdBbiBlcnJvciBvY2N1cnJlZCB3aGlsZSByZXRyaWV2aW5nIHRoZSBrZXkgcG9saWN5LicsXG4gICAgICAgIH07XG4gICAgICB9XG5cbiAgICAgIC8vIERlZmluZSB0aGUgdXBkYXRlZCBrZXkgcG9saWN5IHRvIGFsbG93IENsb3VkRnJvbnQgYWNjZXNzXG4gICAgICBjb25zdCBrZXlQb2xpY3kgPSBKU09OLnBhcnNlKGdldEtleVBvbGljeUNvbW1hbmRSZXNwb25zZT8uUG9saWN5KTtcbiAgICAgIGNvbnN0IGtleVBvbGljeVN0YXRlbWVudCA9IHtcbiAgICAgICAgU2lkOiAnR3JhbnQtQ2xvdWRGcm9udC1EaXN0cmlidXRpb24tS2V5LVVzYWdlJyxcbiAgICAgICAgRWZmZWN0OiAnQWxsb3cnLFxuICAgICAgICBQcmluY2lwYWw6IHtcbiAgICAgICAgICBTZXJ2aWNlOiAnY2xvdWRmcm9udC5hbWF6b25hd3MuY29tJyxcbiAgICAgICAgfSxcbiAgICAgICAgQWN0aW9uOiBbXG4gICAgICAgICAgJ2ttczpEZWNyeXB0JyxcbiAgICAgICAgICAna21zOkVuY3J5cHQnLFxuICAgICAgICAgICdrbXM6R2VuZXJhdGVEYXRhS2V5KicsXG4gICAgICAgICAgJ2ttczpSZUVuY3J5cHQqJ1xuICAgICAgICBdLFxuICAgICAgICBSZXNvdXJjZTogYGFybjphd3M6a21zOiR7cmVnaW9ufToke2FjY291bnRJZH06a2V5LyR7a21zS2V5SWR9YCxcbiAgICAgICAgQ29uZGl0aW9uOiB7XG4gICAgICAgICAgU3RyaW5nRXF1YWxzOiB7XG4gICAgICAgICAgICAnQVdTOlNvdXJjZUFybic6IGBhcm46YXdzOmNsb3VkZnJvbnQ6OiR7YWNjb3VudElkfTpkaXN0cmlidXRpb24vJHtjbG91ZEZyb250RGlzdHJpYnV0aW9uSWR9YFxuICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgICAgfTtcbiAgICAgIGNvbnN0IHVwZGF0ZWRLZXlQb2xpY3kgPSB1cGRhdGVLZXlQb2xpY3koa2V5UG9saWN5LCBrZXlQb2xpY3lTdGF0ZW1lbnQpO1xuXG4gICAgICBhd2FpdCBrbXNDbGllbnQuc2VuZChuZXcgUHV0S2V5UG9saWN5Q29tbWFuZCh7XG4gICAgICAgIEtleUlkOiBrbXNLZXlJZCxcbiAgICAgICAgUG9saWN5OiBKU09OLnN0cmluZ2lmeSh1cGRhdGVkS2V5UG9saWN5KSxcbiAgICAgICAgUG9saWN5TmFtZTogJ2RlZmF1bHQnXG4gICAgICB9KSk7XG4gICAgfSBjYXRjaCAoZXJyKSB7XG4gICAgICBzdGF0dXMgPSAnRkFJTEVEJztcbiAgICAgIHJlc3BvbnNlRGF0YSA9IHtcbiAgICAgICAgRXJyb3I6IEpTT04uc3RyaW5naWZ5KGVycilcbiAgICAgIH07XG4gICAgfVxuICB9XG5cbiAgcmV0dXJuIHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IEpTT04uc3RyaW5naWZ5KHJlc3BvbnNlRGF0YSksXG4gICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY29udGV4dC5sb2dTdHJlYW1OYW1lLFxuICAgIFN0YWNrSWQ6IGV2ZW50LlN0YWNrSWQsXG4gICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgIERhdGE6IHJlc3BvbnNlRGF0YSxcbiAgfTtcbn07XG5cbi8qKlxuICogVXBkYXRlcyBhIHByb3ZpZGVkIGtleSBwb2xpY3kgd2l0aCBhIHByb3ZpZGVkIGtleSBwb2xpY3kgc3RhdGVtZW50LiBGaXJzdCBjaGVja3Mgd2hldGhlciB0aGUgcHJvdmlkZWQga2V5IHBvbGljeSBzdGF0ZW1lbnRcbiAqIGFscmVhZHkgZXhpc3RzLiBJZiBhbiBleGlzdGluZyBrZXkgcG9saWN5IGlzIGZvdW5kIHdpdGggYSBtYXRjaGluZyBzaWQsIHRoZSBwcm92aWRlZCBrZXkgcG9saWN5IHdpbGwgb3ZlcndyaXRlIHRoZSBleGlzdGluZ1xuICoga2V5IHBvbGljeS4gSWYgbm8gbWF0Y2hpbmcga2V5IHBvbGljeSBpcyBmb3VuZCwgdGhlIHByb3ZpZGVkIGtleSBwb2xpY3kgd2lsbCBiZSBhcHBlbmRlZCBvbnRvIHRoZSBhcnJheSBvZiBwb2xpY3kgc3RhdGVtZW50cy5cbiAqIEBwYXJhbSBrZXlQb2xpY3kgLSB0aGUgSlNPTi5wYXJzZSdkIHJlc3VsdCBvZiB0aGUgb3RoZXJ3aXNlIHN0cmluZ2lmaWVkIGtleSBwb2xpY3kuXG4gKiBAcGFyYW0ga2V5UG9saWN5U3RhdGVtZW50IC0gdGhlIGtleSBwb2xpY3kgc3RhdGVtZW50IHRvIGJlIGFkZGVkIHRvIHRoZSBrZXkgcG9saWN5LlxuICogQHJldHVybnMga2V5UG9saWN5IC0gdGhlIHVwZGF0ZWQga2V5IHBvbGljeS5cbiAqL1xuZXhwb3J0IGNvbnN0IHVwZGF0ZUtleVBvbGljeSA9IChrZXlQb2xpY3k6IGFueSwga2V5UG9saWN5U3RhdGVtZW50OiBhbnkpID0+IHtcbiAgLy8gQ2hlY2sgdG8gc2VlIGlmIGEgZHVwbGljYXRlIGtleSBwb2xpY3kgZXhpc3RzIGJ5IG1hdGNoaW5nIG9uIHRoZSBzaWQuIFRoaXMgaXMgdG8gcHJldmVudCBkdXBsaWNhdGUga2V5IHBvbGljaWVzXG4gIC8vIGZyb20gYmVpbmcgYWRkZWQvdXBkYXRlZCBpbiByZXNwb25zZSB0byBhIHN0YWNrIGJlaW5nIHVwZGF0ZWQgb25lIG9yIG1vcmUgdGltZXMgYWZ0ZXIgaW5pdGlhbCBjcmVhdGlvbi5cbiAgY29uc3QgZXhpc3RpbmdLZXlQb2xpY3lJbmRleCA9IGtleVBvbGljeS5TdGF0ZW1lbnQuZmluZEluZGV4KChzdGF0ZW1lbnQ6IGFueSkgPT4gc3RhdGVtZW50LlNpZCA9PT0ga2V5UG9saWN5U3RhdGVtZW50LlNpZCk7XG4gIC8vIElmIGEgbWF0Y2ggaXMgZm91bmQsIG92ZXJ3cml0ZSB0aGUga2V5IHBvbGljeSBzdGF0ZW1lbnQuLi5cbiAgLy8gT3RoZXJ3aXNlLCBwdXNoIHRoZSBuZXcga2V5IHBvbGljeSB0byB0aGUgYXJyYXkgb2Ygc3RhdGVtZW50c1xuICBpZiAoZXhpc3RpbmdLZXlQb2xpY3lJbmRleCA+IC0xKSB7XG4gICAga2V5UG9saWN5LlN0YXRlbWVudFtleGlzdGluZ0tleVBvbGljeUluZGV4XSA9IGtleVBvbGljeVN0YXRlbWVudDtcbiAgfSBlbHNlIHtcbiAgICBrZXlQb2xpY3kuU3RhdGVtZW50LnB1c2goa2V5UG9saWN5U3RhdGVtZW50KTtcbiAgfVxuICAvLyBSZXR1cm4gdGhlIHJlc3VsdFxuICByZXR1cm4ga2V5UG9saWN5O1xufTtcbiJdfQ==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Retry=exports.safeHandler=exports.includeStackTraces=exports.submitResponse=exports.MISSING_PHYSICAL_ID_MARKER=exports.CREATE_FAILED_PHYSICAL_ID_MARKER=void 0;const url=require("url"),outbound_1=require("./outbound"),util_1=require("./util");exports.CREATE_FAILED_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::CREATE_FAILED",exports.MISSING_PHYSICAL_ID_MARKER="AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID";async function submitResponse(status,event,options={}){const json={Status:status,Reason:options.reason||status,StackId:event.StackId,RequestId:event.RequestId,PhysicalResourceId:event.PhysicalResourceId||exports.MISSING_PHYSICAL_ID_MARKER,LogicalResourceId:event.LogicalResourceId,NoEcho:options.noEcho,Data:event.Data};(0,util_1.log)("submit response to cloudformation",json);const responseBody=JSON.stringify(json),parsedUrl=url.parse(event.ResponseURL),retryOptions={attempts:5,sleep:1e3};await(0,util_1.withRetries)(retryOptions,outbound_1.httpRequest)({hostname:parsedUrl.hostname,path:parsedUrl.path,method:"PUT",headers:{"content-type":"","content-length":Buffer.byteLength(responseBody,"utf8")}},responseBody)}exports.submitResponse=submitResponse,exports.includeStackTraces=!0;function safeHandler(block){return async event=>{if(event.RequestType==="Delete"&&event.PhysicalResourceId===exports.CREATE_FAILED_PHYSICAL_ID_MARKER){(0,util_1.log)("ignoring DELETE event caused by a failed CREATE event"),await submitResponse("SUCCESS",event);return}try{await block(event)}catch(e){if(e instanceof Retry)throw(0,util_1.log)("retry requested by handler"),e;event.PhysicalResourceId||(event.RequestType==="Create"?((0,util_1.log)("CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored"),event.PhysicalResourceId=exports.CREATE_FAILED_PHYSICAL_ID_MARKER):(0,util_1.log)(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify({...event,ResponseURL:"..."})}`)),await submitResponse("FAILED",event,{reason:exports.includeStackTraces?e.stack:e.message})}}}exports.safeHandler=safeHandler;class Retry extends Error{}exports.Retry=Retry;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME=exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME=exports.FRAMEWORK_ON_EVENT_HANDLER_NAME=exports.WAITER_STATE_MACHINE_ARN_ENV=exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV=exports.USER_ON_EVENT_FUNCTION_ARN_ENV=void 0,exports.USER_ON_EVENT_FUNCTION_ARN_ENV="USER_ON_EVENT_FUNCTION_ARN",exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV="USER_IS_COMPLETE_FUNCTION_ARN",exports.WAITER_STATE_MACHINE_ARN_ENV="WAITER_STATE_MACHINE_ARN",exports.FRAMEWORK_ON_EVENT_HANDLER_NAME="onEvent",exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME="isComplete",exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME="onTimeout";
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
"use strict";const cfnResponse=require("./cfn-response"),consts=require("./consts"),outbound_1=require("./outbound"),util_1=require("./util");async function onEvent(cfnRequest){const sanitizedRequest={...cfnRequest,ResponseURL:"..."};(0,util_1.log)("onEventHandler",sanitizedRequest),cfnRequest.ResourceProperties=cfnRequest.ResourceProperties||{};const onEventResult=await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV,sanitizedRequest,cfnRequest.ResponseURL);(0,util_1.log)("onEvent returned:",onEventResult);const resourceEvent=createResponseEvent(cfnRequest,onEventResult);if((0,util_1.log)("event:",onEventResult),!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV])return cfnResponse.submitResponse("SUCCESS",resourceEvent,{noEcho:resourceEvent.NoEcho});const waiter={stateMachineArn:(0,util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV),name:resourceEvent.RequestId,input:JSON.stringify(resourceEvent)};(0,util_1.log)("starting waiter",waiter),await(0,outbound_1.startExecution)(waiter)}async function isComplete(event){const sanitizedRequest={...event,ResponseURL:"..."};(0,util_1.log)("isComplete",sanitizedRequest);const isCompleteResult=await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV,sanitizedRequest,event.ResponseURL);if((0,util_1.log)("user isComplete returned:",isCompleteResult),!isCompleteResult.IsComplete)throw isCompleteResult.Data&&Object.keys(isCompleteResult.Data).length>0?new Error('"Data" is not allowed if "IsComplete" is "False"'):new cfnResponse.Retry(JSON.stringify(event));const response={...event,...isCompleteResult,Data:{...event.Data,...isCompleteResult.Data}};await cfnResponse.submitResponse("SUCCESS",response,{noEcho:event.NoEcho})}async function onTimeout(timeoutEvent){(0,util_1.log)("timeoutHandler",timeoutEvent);const isCompleteRequest=JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage);await cfnResponse.submitResponse("FAILED",isCompleteRequest,{reason:"Operation timed out"})}async function invokeUserFunction(functionArnEnv,sanitizedPayload,responseUrl){const functionArn=(0,util_1.getEnv)(functionArnEnv);(0,util_1.log)(`executing user function ${functionArn} with payload`,sanitizedPayload);const resp=await(0,outbound_1.invokeFunction)({FunctionName:functionArn,Payload:JSON.stringify({...sanitizedPayload,ResponseURL:responseUrl})});(0,util_1.log)("user function response:",resp,typeof resp);const jsonPayload=(0,util_1.parseJsonPayload)(resp.Payload);if(resp.FunctionError){(0,util_1.log)("user function threw an error:",resp.FunctionError);const errorMessage=jsonPayload.errorMessage||"error",arn=functionArn.split(":"),functionName=arn[arn.length-1],message=[errorMessage,"",`Logs: /aws/lambda/${functionName}`,""].join(`
|
|
2
|
+
`),e=new Error(message);throw jsonPayload.trace&&(e.stack=[message,...jsonPayload.trace.slice(1)].join(`
|
|
3
|
+
`)),e}return jsonPayload}function createResponseEvent(cfnRequest,onEventResult){onEventResult=onEventResult||{};const physicalResourceId=onEventResult.PhysicalResourceId||defaultPhysicalResourceId(cfnRequest);if(cfnRequest.RequestType==="Delete"&&physicalResourceId!==cfnRequest.PhysicalResourceId)throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`);return cfnRequest.RequestType==="Update"&&physicalResourceId!==cfnRequest.PhysicalResourceId&&(0,util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`),{...cfnRequest,...onEventResult,PhysicalResourceId:physicalResourceId}}function defaultPhysicalResourceId(req){switch(req.RequestType){case"Create":return req.RequestId;case"Update":case"Delete":return req.PhysicalResourceId;default:throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`)}}module.exports={[consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]:cfnResponse.safeHandler(onEvent),[consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]:cfnResponse.safeHandler(isComplete),[consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]:onTimeout};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.httpRequest=exports.invokeFunction=exports.startExecution=void 0;const https=require("https"),client_lambda_1=require("@aws-sdk/client-lambda"),client_sfn_1=require("@aws-sdk/client-sfn"),FRAMEWORK_HANDLER_TIMEOUT=9e5,awsSdkConfig={httpOptions:{timeout:FRAMEWORK_HANDLER_TIMEOUT}};async function defaultHttpRequest(options,responseBody){return new Promise((resolve,reject)=>{try{const request=https.request(options,resolve);request.on("error",reject),request.write(responseBody),request.end()}catch(e){reject(e)}})}let sfn,lambda;async function defaultStartExecution(req){return sfn||(sfn=new client_sfn_1.SFN(awsSdkConfig)),sfn.startExecution(req)}async function defaultInvokeFunction(req){lambda||(lambda=new client_lambda_1.Lambda(awsSdkConfig));try{return await lambda.invoke(req)}catch{return await(0,client_lambda_1.waitUntilFunctionActiveV2)({client:lambda,maxWaitTime:300},{FunctionName:req.FunctionName}),await lambda.invoke(req)}}exports.startExecution=defaultStartExecution,exports.invokeFunction=defaultInvokeFunction,exports.httpRequest=defaultHttpRequest;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.parseJsonPayload=exports.withRetries=exports.log=exports.getEnv=void 0;function getEnv(name){const value=process.env[name];if(!value)throw new Error(`The environment variable "${name}" is not defined`);return value}exports.getEnv=getEnv;function log(title,...args){console.log("[provider-framework]",title,...args.map(x=>typeof x=="object"?JSON.stringify(x,void 0,2):x))}exports.log=log;function withRetries(options,fn){return async(...xs)=>{let attempts=options.attempts,ms=options.sleep;for(;;)try{return await fn(...xs)}catch(e){if(attempts--<=0)throw e;await sleep(Math.floor(Math.random()*ms)),ms*=2}}}exports.withRetries=withRetries;async function sleep(ms){return new Promise(ok=>setTimeout(ok,ms))}function parseJsonPayload(payload){const text=new TextDecoder().decode(Buffer.from(payload??""));if(!text)return{};try{return JSON.parse(text)}catch{throw new Error(`return values from user-handlers must be JSON objects. got: "${text}"`)}}exports.parseJsonPayload=parseJsonPayload;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":"36.0.0"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": "36.0.0",
|
|
3
|
+
"files": {
|
|
4
|
+
"4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f": {
|
|
5
|
+
"source": {
|
|
6
|
+
"path": "asset.4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f",
|
|
7
|
+
"packaging": "zip"
|
|
8
|
+
},
|
|
9
|
+
"destinations": {
|
|
10
|
+
"current_account-current_region": {
|
|
11
|
+
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
12
|
+
"objectKey": "4a4b024f310aca2784b69bcb790e9ccaef785e9ad5d1b73624144f88c4465b4f.zip",
|
|
13
|
+
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
14
|
+
}
|
|
15
|
+
}
|
|
16
|
+
},
|
|
17
|
+
"7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94": {
|
|
18
|
+
"source": {
|
|
19
|
+
"path": "asset.7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94",
|
|
20
|
+
"packaging": "zip"
|
|
21
|
+
},
|
|
22
|
+
"destinations": {
|
|
23
|
+
"current_account-current_region": {
|
|
24
|
+
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
25
|
+
"objectKey": "7382a0addb9f34974a1ea6c6c9b063882af874828f366f5c93b2b7b64db15c94.zip",
|
|
26
|
+
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
},
|
|
30
|
+
"3b916da5e0b7278b836a8f72b65c811103da6d358dc17a76cb930355bb5bf377": {
|
|
31
|
+
"source": {
|
|
32
|
+
"path": "cfts3-cmk-provided-as-bucket-prop.template.json",
|
|
33
|
+
"packaging": "file"
|
|
34
|
+
},
|
|
35
|
+
"destinations": {
|
|
36
|
+
"current_account-current_region": {
|
|
37
|
+
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
|
|
38
|
+
"objectKey": "3b916da5e0b7278b836a8f72b65c811103da6d358dc17a76cb930355bb5bf377.json",
|
|
39
|
+
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
},
|
|
44
|
+
"dockerImages": {}
|
|
45
|
+
}
|