@composurecdk/iam 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/managed-policy-builder.d.ts +3 -1
- package/dist/managed-policy-builder.d.ts.map +1 -1
- package/dist/managed-policy-builder.js +6 -1
- package/dist/managed-policy-builder.js.map +1 -1
- package/dist/role-builder.d.ts +5 -2
- package/dist/role-builder.d.ts.map +1 -1
- package/dist/role-builder.js +7 -2
- package/dist/role-builder.js.map +1 -1
- package/package.json +3 -2
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { ManagedPolicy, type ManagedPolicyProps, PolicyStatement } from "aws-cdk-lib/aws-iam";
|
|
2
2
|
import type { IConstruct } from "constructs";
|
|
3
|
-
import { type IBuilder, type Lifecycle } from "@composurecdk/core";
|
|
3
|
+
import { COPY_STATE, type IBuilder, type Lifecycle } from "@composurecdk/core";
|
|
4
4
|
import { StatementBuilder } from "./statement-builder.js";
|
|
5
5
|
/**
|
|
6
6
|
* Configuration properties for the customer-managed IAM policy builder.
|
|
@@ -47,6 +47,8 @@ declare class ManagedPolicyBuilder implements Lifecycle<ManagedPolicyBuilderResu
|
|
|
47
47
|
* validation runs at the composition boundary.
|
|
48
48
|
*/
|
|
49
49
|
addStatements(statements: (PolicyStatement | StatementBuilder)[]): this;
|
|
50
|
+
/** @internal — see ADR-0005. */
|
|
51
|
+
[COPY_STATE](target: ManagedPolicyBuilder): void;
|
|
50
52
|
build(scope: IConstruct, id: string): ManagedPolicyBuilderResult;
|
|
51
53
|
}
|
|
52
54
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"managed-policy-builder.d.ts","sourceRoot":"","sources":["../src/managed-policy-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,KAAK,kBAAkB,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC9F,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAW,KAAK,QAAQ,EAAE,KAAK,SAAS,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"managed-policy-builder.d.ts","sourceRoot":"","sources":["../src/managed-policy-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,KAAK,kBAAkB,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC9F,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAW,UAAU,EAAE,KAAK,QAAQ,EAAE,KAAK,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACxF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,GAAG,kBAAkB,CAAC;AAE3D;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,0DAA0D;IAC1D,MAAM,EAAE,aAAa,CAAC;CACvB;AAED;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,MAAM,qBAAqB,GAAG,QAAQ,CAAC,yBAAyB,EAAE,oBAAoB,CAAC,CAAC;AAE9F,cAAM,oBAAqB,YAAW,SAAS,CAAC,0BAA0B,CAAC;;IACzE,KAAK,EAAE,OAAO,CAAC,yBAAyB,CAAC,CAAM;IAG/C;;;;;;OAMG;IACH,aAAa,CAAC,UAAU,EAAE,CAAC,eAAe,GAAG,gBAAgB,CAAC,EAAE,GAAG,IAAI;IAKvE,gCAAgC;IAChC,CAAC,UAAU,CAAC,CAAC,MAAM,EAAE,oBAAoB,GAAG,IAAI;IAIhD,KAAK,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,GAAG,0BAA0B;CAajE;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,IAAI,qBAAqB,CAGlE"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { ManagedPolicy } from "aws-cdk-lib/aws-iam";
|
|
2
|
-
import { Builder } from "@composurecdk/core";
|
|
2
|
+
import { Builder, COPY_STATE } from "@composurecdk/core";
|
|
3
3
|
import { StatementBuilder } from "./statement-builder.js";
|
|
4
4
|
class ManagedPolicyBuilder {
|
|
5
5
|
props = {};
|
|
@@ -15,6 +15,10 @@ class ManagedPolicyBuilder {
|
|
|
15
15
|
this.#extraStatements.push(...statements);
|
|
16
16
|
return this;
|
|
17
17
|
}
|
|
18
|
+
/** @internal — see ADR-0005. */
|
|
19
|
+
[COPY_STATE](target) {
|
|
20
|
+
target.#extraStatements.push(...this.#extraStatements);
|
|
21
|
+
}
|
|
18
22
|
build(scope, id) {
|
|
19
23
|
const resolvedExtras = this.#extraStatements.map((s) => s instanceof StatementBuilder ? s.build() : s);
|
|
20
24
|
const mergedProps = {
|
|
@@ -32,6 +36,7 @@ class ManagedPolicyBuilder {
|
|
|
32
36
|
* @returns A fluent builder for a customer-managed policy.
|
|
33
37
|
*/
|
|
34
38
|
export function createManagedPolicyBuilder() {
|
|
39
|
+
// eslint-disable-next-line composurecdk/builder-must-be-tagged -- AWS::IAM::ManagedPolicy has no Tags property
|
|
35
40
|
return Builder(ManagedPolicyBuilder);
|
|
36
41
|
}
|
|
37
42
|
//# sourceMappingURL=managed-policy-builder.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"managed-policy-builder.js","sourceRoot":"","sources":["../src/managed-policy-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAA4C,MAAM,qBAAqB,CAAC;AAE9F,OAAO,EAAE,OAAO,EAAiC,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"managed-policy-builder.js","sourceRoot":"","sources":["../src/managed-policy-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAA4C,MAAM,qBAAqB,CAAC;AAE9F,OAAO,EAAE,OAAO,EAAE,UAAU,EAAiC,MAAM,oBAAoB,CAAC;AACxF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAwC1D,MAAM,oBAAoB;IACxB,KAAK,GAAuC,EAAE,CAAC;IACtC,gBAAgB,GAA2C,EAAE,CAAC;IAEvE;;;;;;OAMG;IACH,aAAa,CAAC,UAAkD;QAC9D,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gCAAgC;IAChC,CAAC,UAAU,CAAC,CAAC,MAA4B;QACvC,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,KAAiB,EAAE,EAAU;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACrD,CAAC,YAAY,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,CAC9C,CAAC;QAEF,MAAM,WAAW,GAAuB;YACtC,GAAG,IAAI,CAAC,KAAK;YACb,UAAU,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC,EAAE,GAAG,cAAc,CAAC;SAClE,CAAC;QAEF,MAAM,MAAM,GAAG,IAAI,aAAa,CAAC,KAAK,EAAE,EAAE,EAAE,WAAW,CAAC,CAAC;QACzD,OAAO,EAAE,MAAM,EAAE,CAAC;IACpB,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,0BAA0B;IACxC,+GAA+G;IAC/G,OAAO,OAAO,CAAkD,oBAAoB,CAAC,CAAC;AACxF,CAAC"}
|
package/dist/role-builder.d.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { type IManagedPolicy, PolicyDocument, PolicyStatement, Role, type RoleProps } from "aws-cdk-lib/aws-iam";
|
|
2
2
|
import type { IConstruct } from "constructs";
|
|
3
|
-
import {
|
|
3
|
+
import { COPY_STATE, type Lifecycle, type Resolvable } from "@composurecdk/core";
|
|
4
|
+
import { type ITaggedBuilder } from "@composurecdk/cloudformation";
|
|
4
5
|
import { StatementBuilder } from "./statement-builder.js";
|
|
5
6
|
/**
|
|
6
7
|
* Configuration properties for the IAM role builder.
|
|
@@ -74,7 +75,7 @@ export interface RoleBuilderResult {
|
|
|
74
75
|
* ]);
|
|
75
76
|
* ```
|
|
76
77
|
*/
|
|
77
|
-
export type IRoleBuilder =
|
|
78
|
+
export type IRoleBuilder = ITaggedBuilder<RoleBuilderProps, RoleBuilder>;
|
|
78
79
|
declare class RoleBuilder implements Lifecycle<RoleBuilderResult> {
|
|
79
80
|
#private;
|
|
80
81
|
props: Partial<RoleBuilderProps>;
|
|
@@ -90,6 +91,8 @@ declare class RoleBuilder implements Lifecycle<RoleBuilderResult> {
|
|
|
90
91
|
* rather than at configuration time).
|
|
91
92
|
*/
|
|
92
93
|
addInlinePolicyStatements(name: string, statements: (PolicyStatement | StatementBuilder)[]): this;
|
|
94
|
+
/** @internal — see ADR-0005. */
|
|
95
|
+
[COPY_STATE](target: RoleBuilder): void;
|
|
93
96
|
build(scope: IConstruct, id: string, context?: Record<string, object>): RoleBuilderResult;
|
|
94
97
|
}
|
|
95
98
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role-builder.d.ts","sourceRoot":"","sources":["../src/role-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,cAAc,EACnB,cAAc,EACd,eAAe,EACf,IAAI,EACJ,KAAK,SAAS,EACf,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,
|
|
1
|
+
{"version":3,"file":"role-builder.d.ts","sourceRoot":"","sources":["../src/role-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,cAAc,EACnB,cAAc,EACd,eAAe,EACf,IAAI,EACJ,KAAK,SAAS,EACf,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,KAAK,SAAS,EAAW,KAAK,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAC1F,OAAO,EAAE,KAAK,cAAc,EAAiB,MAAM,8BAA8B,CAAC;AAElF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,WAAW,gBAAiB,SAAQ,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC;IAC9E;;;;;;;;OAQG;IACH,mBAAmB,CAAC,EAAE,UAAU,CAAC,cAAc,CAAC,CAAC;CAClD;AAED;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,qDAAqD;IACrD,IAAI,EAAE,IAAI,CAAC;IAEX;;;;;;;;;;;OAWG;IACH,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;CAChD;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,MAAM,YAAY,GAAG,cAAc,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAAC;AAOzE,cAAM,WAAY,YAAW,SAAS,CAAC,iBAAiB,CAAC;;IACvD,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAM;IAGtC;;;;;;;;;;OAUG;IACH,yBAAyB,CACvB,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,CAAC,eAAe,GAAG,gBAAgB,CAAC,EAAE,GACjD,IAAI;IAKP,gCAAgC;IAChC,CAAC,UAAU,CAAC,CAAC,MAAM,EAAE,WAAW,GAAG,IAAI;IAIvC,KAAK,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,GAAG,iBAAiB;CA8C9F;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,IAAI,YAAY,CAEhD"}
|
package/dist/role-builder.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { PolicyDocument, Role, } from "aws-cdk-lib/aws-iam";
|
|
2
|
-
import {
|
|
2
|
+
import { COPY_STATE, resolve } from "@composurecdk/core";
|
|
3
|
+
import { taggedBuilder } from "@composurecdk/cloudformation";
|
|
3
4
|
import { ROLE_DEFAULTS } from "./role-defaults.js";
|
|
4
5
|
import { StatementBuilder } from "./statement-builder.js";
|
|
5
6
|
class RoleBuilder {
|
|
@@ -20,6 +21,10 @@ class RoleBuilder {
|
|
|
20
21
|
this.#inlinePolicies.push({ name, statements });
|
|
21
22
|
return this;
|
|
22
23
|
}
|
|
24
|
+
/** @internal — see ADR-0005. */
|
|
25
|
+
[COPY_STATE](target) {
|
|
26
|
+
target.#inlinePolicies.push(...this.#inlinePolicies);
|
|
27
|
+
}
|
|
23
28
|
build(scope, id, context = {}) {
|
|
24
29
|
const { permissionsBoundary, assumedBy, inlinePolicies: propsInlinePolicies, ...rest } = this.props;
|
|
25
30
|
if (!assumedBy) {
|
|
@@ -65,6 +70,6 @@ class RoleBuilder {
|
|
|
65
70
|
* ```
|
|
66
71
|
*/
|
|
67
72
|
export function createRoleBuilder() {
|
|
68
|
-
return
|
|
73
|
+
return taggedBuilder(RoleBuilder);
|
|
69
74
|
}
|
|
70
75
|
//# sourceMappingURL=role-builder.js.map
|
package/dist/role-builder.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role-builder.js","sourceRoot":"","sources":["../src/role-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,cAAc,EAEd,IAAI,GAEL,MAAM,qBAAqB,CAAC;AAE7B,OAAO,
|
|
1
|
+
{"version":3,"file":"role-builder.js","sourceRoot":"","sources":["../src/role-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,cAAc,EAEd,IAAI,GAEL,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAkB,OAAO,EAAmB,MAAM,oBAAoB,CAAC;AAC1F,OAAO,EAAuB,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAoF1D,MAAM,WAAW;IACf,KAAK,GAA8B,EAAE,CAAC;IAC7B,eAAe,GAAwB,EAAE,CAAC;IAEnD;;;;;;;;;;OAUG;IACH,yBAAyB,CACvB,IAAY,EACZ,UAAkD;QAElD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gCAAgC;IAChC,CAAC,UAAU,CAAC,CAAC,MAAmB;QAC9B,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,CAAC;IACvD,CAAC;IAED,KAAK,CAAC,KAAiB,EAAE,EAAU,EAAE,UAAkC,EAAE;QACvE,MAAM,EACJ,mBAAmB,EACnB,SAAS,EACT,cAAc,EAAE,mBAAmB,EACnC,GAAG,IAAI,EACR,GAAG,IAAI,CAAC,KAAK,CAAC;QAEf,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,gBAAgB,EAAE,mDAAmD;gBACnE,gDAAgD,CACnD,CAAC;QACJ,CAAC;QAED,MAAM,gBAAgB,GAAG,mBAAmB;YAC1C,CAAC,CAAC,OAAO,CAAC,mBAAmB,EAAE,OAAO,CAAC;YACvC,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,mBAAmB,GAAmC,EAAE,CAAC;QAC/D,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzC,MAAM,kBAAkB,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACpD,CAAC,YAAY,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,CAC9C,CAAC;YACF,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,cAAc,CAAC,EAAE,UAAU,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,oBAAoB,GAAmC;YAC3D,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;YAC9B,GAAG,mBAAmB;SACvB,CAAC;QAEF,MAAM,WAAW,GAAc;YAC7B,GAAG,aAAa;YAChB,GAAG,IAAI;YACP,SAAS;YACT,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,EAAE,cAAc,EAAE,oBAAoB,EAAE;gBAC1C,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACvE,CAAC;QAEF,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,WAAW,CAAC,CAAC;QAE9C,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,mBAAmB,EAAE,CAAC;IACvD,CAAC;CACF;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,aAAa,CAAgC,WAAW,CAAC,CAAC;AACnE,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@composurecdk/iam",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.7.0",
|
|
4
4
|
"description": "Composable IAM role, policy, and statement builders with well-architected defaults",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -35,7 +35,8 @@
|
|
|
35
35
|
},
|
|
36
36
|
"type": "module",
|
|
37
37
|
"peerDependencies": {
|
|
38
|
-
"@composurecdk/
|
|
38
|
+
"@composurecdk/cloudformation": "^0.7.0",
|
|
39
|
+
"@composurecdk/core": "^0.7.0",
|
|
39
40
|
"aws-cdk-lib": "^2.0.0",
|
|
40
41
|
"constructs": "^10.0.0"
|
|
41
42
|
},
|