@awsless/awsless 0.0.281 → 0.0.283
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin.js +22 -6
- package/dist/build-json-schema.js +14 -1
- package/dist/stack.json +1 -1
- package/package.json +6 -6
package/dist/bin.js
CHANGED
|
@@ -755,6 +755,18 @@ var CommandSchema = z12.string().describe(`The script you want to execute when t
|
|
|
755
755
|
var CodeSchema = LocalDirectorySchema.describe(`The code directory that will be deployed to your instance.`);
|
|
756
756
|
var ConnectSchema = z12.boolean().describe("Allows you to connect to all instances with an Instance Connect Endpoint.");
|
|
757
757
|
var EnvironmentSchema2 = z12.record(z12.string(), z12.string()).optional().describe("Environment variable key-value pairs.");
|
|
758
|
+
var ActionSchema2 = z12.string();
|
|
759
|
+
var ActionsSchema2 = z12.union([ActionSchema2.transform((v) => [v]), ActionSchema2.array()]);
|
|
760
|
+
var ArnSchema2 = z12.string().startsWith("arn:");
|
|
761
|
+
var WildcardSchema2 = z12.literal("*");
|
|
762
|
+
var ResourceSchema2 = z12.union([ArnSchema2, WildcardSchema2]).transform((v) => v);
|
|
763
|
+
var ResourcesSchema2 = z12.union([ResourceSchema2.transform((v) => [v]), ResourceSchema2.array()]);
|
|
764
|
+
var PermissionSchema2 = z12.object({
|
|
765
|
+
effect: z12.enum(["allow", "deny"]).default("allow"),
|
|
766
|
+
actions: ActionsSchema2,
|
|
767
|
+
resources: ResourcesSchema2
|
|
768
|
+
});
|
|
769
|
+
var PermissionsSchema2 = z12.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
|
|
758
770
|
var InstanceDefaultSchema = z12.object({
|
|
759
771
|
connect: ConnectSchema.default(false)
|
|
760
772
|
}).default({}).describe("Define the default settings for all instances in your stacks.");
|
|
@@ -766,7 +778,8 @@ var InstancesSchema = z12.record(
|
|
|
766
778
|
code: CodeSchema,
|
|
767
779
|
user: z12.string().default("ec2-user"),
|
|
768
780
|
command: CommandSchema.optional(),
|
|
769
|
-
environment: EnvironmentSchema2.optional()
|
|
781
|
+
environment: EnvironmentSchema2.optional(),
|
|
782
|
+
permissions: PermissionsSchema2.optional()
|
|
770
783
|
})
|
|
771
784
|
).optional().describe("Define the instances in your stack.");
|
|
772
785
|
|
|
@@ -3541,10 +3554,10 @@ var instanceFeature = defineFeature({
|
|
|
3541
3554
|
const code2 = [
|
|
3542
3555
|
`#!/bin/bash`,
|
|
3543
3556
|
`cd /home/${u}`,
|
|
3544
|
-
`sudo -u ${u} aws configure set default.s3.use_dualstack_endpoint true`,
|
|
3545
|
-
`sudo -u ${u} aws s3 cp s3://${bucketName2}/${name} .`,
|
|
3546
|
-
`sudo -u ${u} unzip -o ${name} -d ./code`,
|
|
3547
|
-
`sudo -u ${u} rm ./${name}`,
|
|
3557
|
+
`sudo -E -u ${u} aws configure set default.s3.use_dualstack_endpoint true`,
|
|
3558
|
+
`sudo -E -u ${u} aws s3 cp s3://${bucketName2}/${name} .`,
|
|
3559
|
+
`sudo -E -u ${u} unzip -o ${name} -d ./code`,
|
|
3560
|
+
`sudo -E -u ${u} rm ./${name}`,
|
|
3548
3561
|
`cd ./code`,
|
|
3549
3562
|
// system environment vars
|
|
3550
3563
|
...Object.entries(env).map(([key, value]) => {
|
|
@@ -3595,9 +3608,12 @@ var instanceFeature = defineFeature({
|
|
|
3595
3608
|
role: role.name
|
|
3596
3609
|
});
|
|
3597
3610
|
policy.addStatement({
|
|
3598
|
-
actions: ["s3
|
|
3611
|
+
actions: ["s3:GetObject", "s3:ListObjects", "s3:ListObjectsV2", "s3:HeadObject"],
|
|
3599
3612
|
resources: [bucketName.apply((bucket) => `arn:aws:s3:::${bucket}/${name}`)]
|
|
3600
3613
|
});
|
|
3614
|
+
if (props.permissions) {
|
|
3615
|
+
policy.addStatement(...props.permissions);
|
|
3616
|
+
}
|
|
3601
3617
|
ctx.registerPolicy(policy);
|
|
3602
3618
|
const profile = new aws10.iam.InstanceProfile(group, "profile", {
|
|
3603
3619
|
name,
|
|
@@ -475,6 +475,18 @@ var CommandSchema = z15.string().describe(`The script you want to execute when t
|
|
|
475
475
|
var CodeSchema = LocalDirectorySchema.describe(`The code directory that will be deployed to your instance.`);
|
|
476
476
|
var ConnectSchema = z15.boolean().describe("Allows you to connect to all instances with an Instance Connect Endpoint.");
|
|
477
477
|
var EnvironmentSchema2 = z15.record(z15.string(), z15.string()).optional().describe("Environment variable key-value pairs.");
|
|
478
|
+
var ActionSchema2 = z15.string();
|
|
479
|
+
var ActionsSchema2 = z15.union([ActionSchema2.transform((v) => [v]), ActionSchema2.array()]);
|
|
480
|
+
var ArnSchema2 = z15.string().startsWith("arn:");
|
|
481
|
+
var WildcardSchema2 = z15.literal("*");
|
|
482
|
+
var ResourceSchema2 = z15.union([ArnSchema2, WildcardSchema2]).transform((v) => v);
|
|
483
|
+
var ResourcesSchema2 = z15.union([ResourceSchema2.transform((v) => [v]), ResourceSchema2.array()]);
|
|
484
|
+
var PermissionSchema2 = z15.object({
|
|
485
|
+
effect: z15.enum(["allow", "deny"]).default("allow"),
|
|
486
|
+
actions: ActionsSchema2,
|
|
487
|
+
resources: ResourcesSchema2
|
|
488
|
+
});
|
|
489
|
+
var PermissionsSchema2 = z15.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
|
|
478
490
|
var InstanceDefaultSchema = z15.object({
|
|
479
491
|
connect: ConnectSchema.default(false)
|
|
480
492
|
}).default({}).describe("Define the default settings for all instances in your stacks.");
|
|
@@ -486,7 +498,8 @@ var InstancesSchema = z15.record(
|
|
|
486
498
|
code: CodeSchema,
|
|
487
499
|
user: z15.string().default("ec2-user"),
|
|
488
500
|
command: CommandSchema.optional(),
|
|
489
|
-
environment: EnvironmentSchema2.optional()
|
|
501
|
+
environment: EnvironmentSchema2.optional(),
|
|
502
|
+
permissions: PermissionsSchema2.optional()
|
|
490
503
|
})
|
|
491
504
|
).optional().describe("Define the instances in your stack.");
|
|
492
505
|
|