@de-otio/chaoskb-server 0.2.0

package/dist/lib/admin-handler/routes/tenants.ts

@@ -0,0 +1,134 @@
+import { DynamoDBDocumentClient, ScanCommand, QueryCommand } from '@aws-sdk/lib-dynamodb';
+import { logger } from '../../handler/logger.js';
+
+interface RouteResult {
+  statusCode: number;
+  body: string;
+  headers: Record<string, string>;
+}
+
+const PAGE_SIZE = 25;
+
+export async function handleListTenants(
+  page: number,
+  ddb: DynamoDBDocumentClient,
+  tableName: string,
+): Promise<RouteResult> {
+  try {
+    const validPage = Math.max(1, page);
+
+    // Scan for all META records to get tenant list
+    const allTenants: Record<string, unknown>[] = [];
+    let exclusiveStartKey: Record<string, unknown> | undefined;
+
+    do {
+      const result = await ddb.send(
+        new ScanCommand({
+          TableName: tableName,
+          FilterExpression: 'SK = :sk',
+          ExpressionAttributeValues: { ':sk': 'META' },
+          ProjectionExpression: 'PK, publicKey, createdAt, updatedAt, storageUsedBytes',
+          ExclusiveStartKey: exclusiveStartKey,
+        }),
+      );
+
+      if (result.Items) {
+        allTenants.push(...result.Items);
+      }
+      exclusiveStartKey = result.LastEvaluatedKey;
+    } while (exclusiveStartKey);
+
+    const total = allTenants.length;
+    const startIndex = (validPage - 1) * PAGE_SIZE;
+    const paginatedTenants = allTenants.slice(startIndex, startIndex + PAGE_SIZE).map((item) => ({
+      tenantId: (item['PK'] as string).replace('TENANT#', ''),
+      publicKey: item['publicKey'],
+      createdAt: item['createdAt'],
+      updatedAt: item['updatedAt'],
+      storageUsedBytes: item['storageUsedBytes'] ?? 0,
+    }));
+
+    return {
+      statusCode: 200,
+      body: JSON.stringify({
+        tenants: paginatedTenants,
+        total,
+        page: validPage,
+        pageSize: PAGE_SIZE,
+      }),
+      headers: { 'Content-Type': 'application/json' },
+    };
+  } catch (err) {
+    logger.error('Failed to list tenants', { error: String(err) });
+    return {
+      statusCode: 500,
+      body: JSON.stringify({ error: 'internal_error', message: 'Failed to list tenants' }),
+      headers: { 'Content-Type': 'application/json' },
+    };
+  }
+}
+
+export async function handleGetTenantDetail(
+  tenantId: string,
+  ddb: DynamoDBDocumentClient,
+  tableName: string,
+): Promise<RouteResult> {
+  try {
+    // Query for the META record
+    const metaResult = await ddb.send(
+      new QueryCommand({
+        TableName: tableName,
+        KeyConditionExpression: 'PK = :pk AND SK = :sk',
+        ExpressionAttributeValues: {
+          ':pk': `TENANT#${tenantId}`,
+          ':sk': 'META',
+        },
+      }),
+    );
+
+    if (!metaResult.Items || metaResult.Items.length === 0) {
+      return {
+        statusCode: 404,
+        body: JSON.stringify({ error: 'not_found', message: 'Tenant not found' }),
+        headers: { 'Content-Type': 'application/json' },
+      };
+    }
+
+    const meta = metaResult.Items[0];
+
+    // Count blobs for this tenant
+    const blobResult = await ddb.send(
+      new QueryCommand({
+        TableName: tableName,
+        KeyConditionExpression: 'PK = :pk AND begins_with(SK, :sk)',
+        ExpressionAttributeValues: {
+          ':pk': `TENANT#${tenantId}`,
+          ':sk': 'BLOB#',
+        },
+        Select: 'COUNT',
+      }),
+    );
+
+    const blobCount = blobResult.Count ?? 0;
+
+    return {
+      statusCode: 200,
+      body: JSON.stringify({
+        tenantId,
+        publicKey: meta['publicKey'],
+        createdAt: meta['createdAt'],
+        updatedAt: meta['updatedAt'],
+        storageUsedBytes: meta['storageUsedBytes'] ?? 0,
+        blobCount,
+      }),
+      headers: { 'Content-Type': 'application/json' },
+    };
+  } catch (err) {
+    logger.error('Failed to get tenant detail', { error: String(err) });
+    return {
+      statusCode: 500,
+      body: JSON.stringify({ error: 'internal_error', message: 'Failed to get tenant detail' }),
+      headers: { 'Content-Type': 'application/json' },
+    };
+  }
+}

package/dist/lib/chaoskb-stack.d.ts

@@ -0,0 +1,22 @@
+import { Stack, StackProps } from 'aws-cdk-lib';
+import { Construct } from 'constructs';
+import { BlobStore } from './constructs/blob-store.js';
+import { Auth } from './constructs/auth.js';
+import { Api } from './constructs/api.js';
+import { AdminDashboard } from './constructs/admin-dashboard.js';
+import { AdminApi } from './constructs/admin-api.js';
+export interface ChaosKBStackProps extends StackProps {
+    readonly environment: string;
+    readonly signupsEnabled?: boolean;
+    readonly reservedConcurrency?: number;
+    readonly allowedOrigins?: string[];
+}
+export declare class ChaosKBStack extends Stack {
+    readonly blobStore: BlobStore;
+    readonly auth: Auth;
+    readonly api: Api;
+    readonly adminDashboard: AdminDashboard;
+    readonly adminApi: AdminApi;
+    constructor(scope: Construct, id: string, props: ChaosKBStackProps);
+}
+//# sourceMappingURL=chaoskb-stack.d.ts.map

package/dist/lib/chaoskb-stack.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chaoskb-stack.d.ts","sourceRoot":"","sources":["../../lib/chaoskb-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,UAAU,EAAa,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAErD,MAAM,WAAW,iBAAkB,SAAQ,UAAU;IACnD,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAClC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IACtC,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CACpC;AAED,qBAAa,YAAa,SAAQ,KAAK;IACrC,SAAgB,SAAS,EAAE,SAAS,CAAC;IACrC,SAAgB,IAAI,EAAE,IAAI,CAAC;IAC3B,SAAgB,GAAG,EAAE,GAAG,CAAC;IACzB,SAAgB,cAAc,EAAE,cAAc,CAAC;IAC/C,SAAgB,QAAQ,EAAE,QAAQ,CAAC;gBAEvB,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB;CAmDnE"}

package/dist/lib/chaoskb-stack.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ChaosKBStack = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const blob_store_js_1 = require("./constructs/blob-store.js");
+const auth_js_1 = require("./constructs/auth.js");
+const api_js_1 = require("./constructs/api.js");
+const admin_dashboard_js_1 = require("./constructs/admin-dashboard.js");
+const admin_api_js_1 = require("./constructs/admin-api.js");
+class ChaosKBStack extends aws_cdk_lib_1.Stack {
+    blobStore;
+    auth;
+    api;
+    adminDashboard;
+    adminApi;
+    constructor(scope, id, props) {
+        super(scope, id, props);
+        this.blobStore = new blob_store_js_1.BlobStore(this, 'BlobStore', {
+            environment: props.environment,
+        });
+        this.auth = new auth_js_1.Auth(this, 'Auth', {
+            environment: props.environment,
+            signupsEnabled: props.signupsEnabled ?? true,
+        });
+        this.api = new api_js_1.Api(this, 'Api', {
+            table: this.blobStore.table,
+            environment: props.environment,
+            signupsEnabledParam: this.auth.signupsEnabledParam,
+            reservedConcurrency: props.reservedConcurrency,
+        });
+        this.adminDashboard = new admin_dashboard_js_1.AdminDashboard(this, 'AdminDashboard', {
+            environment: props.environment,
+            lambdaFunction: this.api.handler,
+            table: this.blobStore.table,
+        });
+        this.adminApi = new admin_api_js_1.AdminApi(this, 'AdminApi', {
+            table: this.blobStore.table,
+            environment: props.environment,
+            allowedOrigins: props.allowedOrigins ?? [],
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'FunctionUrl', {
+            value: this.api.functionUrl.url,
+            description: 'ChaosKB API Function URL',
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'TableName', {
+            value: this.blobStore.table.tableName,
+            description: 'ChaosKB DynamoDB table name',
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'AlarmTopicArn', {
+            value: this.adminDashboard.alarmTopic.topicArn,
+            description: 'ChaosKB alarm SNS topic ARN',
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'AdminApiUrl', {
+            value: this.adminApi.functionUrl.url,
+            description: 'ChaosKB Admin API Function URL',
+        });
+    }
+}
+exports.ChaosKBStack = ChaosKBStack;
+//# sourceMappingURL=chaoskb-stack.js.map

package/dist/lib/chaoskb-stack.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chaoskb-stack.js","sourceRoot":"","sources":["../../lib/chaoskb-stack.ts"],"names":[],"mappings":";;;AAAA,6CAA2D;AAE3D,8DAAuD;AACvD,kDAA4C;AAC5C,gDAA0C;AAC1C,wEAAiE;AACjE,4DAAqD;AASrD,MAAa,YAAa,SAAQ,mBAAK;IACrB,SAAS,CAAY;IACrB,IAAI,CAAO;IACX,GAAG,CAAM;IACT,cAAc,CAAiB;IAC/B,QAAQ,CAAW;IAEnC,YAAY,KAAgB,EAAE,EAAU,EAAE,KAAwB;QAChE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAExB,IAAI,CAAC,SAAS,GAAG,IAAI,yBAAS,CAAC,IAAI,EAAE,WAAW,EAAE;YAChD,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,GAAG,IAAI,cAAI,CAAC,IAAI,EAAE,MAAM,EAAE;YACjC,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,IAAI;SAC7C,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,GAAG,IAAI,YAAG,CAAC,IAAI,EAAE,KAAK,EAAE;YAC9B,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK;YAC3B,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,mBAAmB,EAAE,IAAI,CAAC,IAAI,CAAC,mBAAmB;YAClD,mBAAmB,EAAE,KAAK,CAAC,mBAAmB;SAC/C,CAAC,CAAC;QAEH,IAAI,CAAC,cAAc,GAAG,IAAI,mCAAc,CAAC,IAAI,EAAE,gBAAgB,EAAE;YAC/D,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,cAAc,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO;YAChC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK;SAC5B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,GAAG,IAAI,uBAAQ,CAAC,IAAI,EAAE,UAAU,EAAE;YAC7C,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK;YAC3B,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,EAAE;SAC3C,CAAC,CAAC;QAEH,IAAI,uBAAS,CAAC,IAAI,EAAE,aAAa,EAAE;YACjC,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG;YAC/B,WAAW,EAAE,0BAA0B;SACxC,CAAC,CAAC;QAEH,IAAI,uBAAS,CAAC,IAAI,EAAE,WAAW,EAAE;YAC/B,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS;YACrC,WAAW,EAAE,6BAA6B;SAC3C,CAAC,CAAC;QAEH,IAAI,uBAAS,CAAC,IAAI,EAAE,eAAe,EAAE;YACnC,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,QAAQ;YAC9C,WAAW,EAAE,6BAA6B;SAC3C,CAAC,CAAC;QAEH,IAAI,uBAAS,CAAC,IAAI,EAAE,aAAa,EAAE;YACjC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG;YACpC,WAAW,EAAE,gCAAgC;SAC9C,CAAC,CAAC;IACL,CAAC;CACF;AA1DD,oCA0DC"}

package/dist/lib/constructs/admin-api.d.ts

@@ -0,0 +1,16 @@
+import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs';
+import { FunctionUrl } from 'aws-cdk-lib/aws-lambda';
+import { TableV2 } from 'aws-cdk-lib/aws-dynamodb';
+import { Construct } from 'constructs';
+export interface AdminApiProps {
+    readonly environment: string;
+    readonly table: TableV2;
+    readonly allowedOrigins: string[];
+    readonly reservedConcurrency?: number;
+}
+export declare class AdminApi extends Construct {
+    readonly handler: NodejsFunction;
+    readonly functionUrl: FunctionUrl;
+    constructor(scope: Construct, id: string, props: AdminApiProps);
+}
+//# sourceMappingURL=admin-api.d.ts.map

package/dist/lib/constructs/admin-api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-api.d.ts","sourceRoot":"","sources":["../../../lib/constructs/admin-api.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAuD,MAAM,wBAAwB,CAAC;AAC1G,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAEnD,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAGvC,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;IAClC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;CACvC;AAED,qBAAa,QAAS,SAAQ,SAAS;IACrC,SAAgB,OAAO,EAAE,cAAc,CAAC;IACxC,SAAgB,WAAW,EAAE,WAAW,CAAC;gBAE7B,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa;CAwD/D"}

package/dist/lib/constructs/admin-api.js

@@ -0,0 +1,93 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminApi = void 0;
+const cdk = __importStar(require("aws-cdk-lib"));
+const aws_lambda_nodejs_1 = require("aws-cdk-lib/aws-lambda-nodejs");
+const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const constructs_1 = require("constructs");
+const path = __importStar(require("path"));
+class AdminApi extends constructs_1.Construct {
+    handler;
+    functionUrl;
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.handler = new aws_lambda_nodejs_1.NodejsFunction(this, 'Handler', {
+            runtime: aws_lambda_1.Runtime.NODEJS_22_X,
+            architecture: aws_lambda_1.Architecture.ARM_64,
+            entry: path.join(__dirname, '../admin-handler/index.ts'),
+            handler: 'handler',
+            memorySize: 256,
+            timeout: cdk.Duration.seconds(30),
+            reservedConcurrentExecutions: props.reservedConcurrency ?? 5,
+            tracing: aws_lambda_1.Tracing.ACTIVE,
+            environment: {
+                TABLE_NAME: props.table.tableName,
+                ENVIRONMENT: props.environment,
+                ALLOWED_ORIGINS: props.allowedOrigins.join(','),
+            },
+            bundling: {
+                minify: true,
+                sourceMap: true,
+                target: 'node22',
+                format: undefined, // default cjs for Lambda
+            },
+        });
+        this.functionUrl = this.handler.addFunctionUrl({
+            authType: aws_lambda_1.FunctionUrlAuthType.NONE,
+        });
+        // DynamoDB read-only access
+        this.handler.addToRolePolicy(new aws_iam_1.PolicyStatement({
+            effect: aws_iam_1.Effect.ALLOW,
+            actions: ['dynamodb:Scan', 'dynamodb:Query', 'dynamodb:GetItem'],
+            resources: [props.table.tableArn],
+        }));
+        // CloudWatch read access
+        this.handler.addToRolePolicy(new aws_iam_1.PolicyStatement({
+            effect: aws_iam_1.Effect.ALLOW,
+            actions: ['cloudwatch:DescribeAlarms', 'cloudwatch:GetMetricData'],
+            resources: ['*'],
+        }));
+        // Cost Explorer read access
+        this.handler.addToRolePolicy(new aws_iam_1.PolicyStatement({
+            effect: aws_iam_1.Effect.ALLOW,
+            actions: ['ce:GetCostAndUsage', 'ce:GetCostForecast'],
+            resources: ['*'],
+        }));
+    }
+}
+exports.AdminApi = AdminApi;
+//# sourceMappingURL=admin-api.js.map

package/dist/lib/constructs/admin-api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-api.js","sourceRoot":"","sources":["../../../lib/constructs/admin-api.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,qEAA+D;AAC/D,uDAA0G;AAE1G,iDAA8D;AAC9D,2CAAuC;AACvC,2CAA6B;AAS7B,MAAa,QAAS,SAAQ,sBAAS;IACrB,OAAO,CAAiB;IACxB,WAAW,CAAc;IAEzC,YAAY,KAAgB,EAAE,EAAU,EAAE,KAAoB;QAC5D,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjB,IAAI,CAAC,OAAO,GAAG,IAAI,kCAAc,CAAC,IAAI,EAAE,SAAS,EAAE;YACjD,OAAO,EAAE,oBAAO,CAAC,WAAW;YAC5B,YAAY,EAAE,yBAAY,CAAC,MAAM;YACjC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,2BAA2B,CAAC;YACxD,OAAO,EAAE,SAAS;YAClB,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,4BAA4B,EAAE,KAAK,CAAC,mBAAmB,IAAI,CAAC;YAC5D,OAAO,EAAE,oBAAO,CAAC,MAAM;YACvB,WAAW,EAAE;gBACX,UAAU,EAAE,KAAK,CAAC,KAAK,CAAC,SAAS;gBACjC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,eAAe,EAAE,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC;aAChD;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,IAAI;gBACf,MAAM,EAAE,QAAQ;gBAChB,MAAM,EAAE,SAAS,EAAE,yBAAyB;aAC7C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YAC7C,QAAQ,EAAE,gCAAmB,CAAC,IAAI;SACnC,CAAC,CAAC;QAEH,4BAA4B;QAC5B,IAAI,CAAC,OAAO,CAAC,eAAe,CAC1B,IAAI,yBAAe,CAAC;YAClB,MAAM,EAAE,gBAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,CAAC;YAChE,SAAS,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC;SAClC,CAAC,CACH,CAAC;QAEF,yBAAyB;QACzB,IAAI,CAAC,OAAO,CAAC,eAAe,CAC1B,IAAI,yBAAe,CAAC;YAClB,MAAM,EAAE,gBAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,2BAA2B,EAAE,0BAA0B,CAAC;YAClE,SAAS,EAAE,CAAC,GAAG,CAAC;SACjB,CAAC,CACH,CAAC;QAEF,4BAA4B;QAC5B,IAAI,CAAC,OAAO,CAAC,eAAe,CAC1B,IAAI,yBAAe,CAAC;YAClB,MAAM,EAAE,gBAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,oBAAoB,EAAE,oBAAoB,CAAC;YACrD,SAAS,EAAE,CAAC,GAAG,CAAC;SACjB,CAAC,CACH,CAAC;IACJ,CAAC;CACF;AA5DD,4BA4DC"}

package/dist/lib/constructs/admin-dashboard.d.ts

@@ -0,0 +1,18 @@
+import { Dashboard } from 'aws-cdk-lib/aws-cloudwatch';
+import { Topic } from 'aws-cdk-lib/aws-sns';
+import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs';
+import { TableV2 } from 'aws-cdk-lib/aws-dynamodb';
+import { LogGroup } from 'aws-cdk-lib/aws-logs';
+import { Construct } from 'constructs';
+export interface AdminDashboardProps {
+    readonly environment: string;
+    readonly lambdaFunction: NodejsFunction;
+    readonly table: TableV2;
+    readonly lambdaLogGroup?: LogGroup;
+}
+export declare class AdminDashboard extends Construct {
+    readonly alarmTopic: Topic;
+    readonly dashboard: Dashboard;
+    constructor(scope: Construct, id: string, props: AdminDashboardProps);
+}
+//# sourceMappingURL=admin-dashboard.d.ts.map

package/dist/lib/constructs/admin-dashboard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-dashboard.d.ts","sourceRoot":"","sources":["../../../lib/constructs/admin-dashboard.ts"],"names":[],"mappings":"AACA,OAAO,EACL,SAAS,EAQV,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAC5C,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AACnD,OAAO,EAAE,QAAQ,EAA+B,MAAM,sBAAsB,CAAC;AAC7E,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,cAAc,CAAC,EAAE,QAAQ,CAAC;CACpC;AAED,qBAAa,cAAe,SAAQ,SAAS;IAC3C,SAAgB,UAAU,EAAE,KAAK,CAAC;IAClC,SAAgB,SAAS,EAAE,SAAS,CAAC;gBAEzB,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,mBAAmB;CAkLrE"}

package/dist/lib/constructs/admin-dashboard.js

@@ -0,0 +1,172 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminDashboard = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_cloudwatch_1 = require("aws-cdk-lib/aws-cloudwatch");
+const aws_cloudwatch_actions_1 = require("aws-cdk-lib/aws-cloudwatch-actions");
+const aws_sns_1 = require("aws-cdk-lib/aws-sns");
+const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+const constructs_1 = require("constructs");
+class AdminDashboard extends constructs_1.Construct {
+    alarmTopic;
+    dashboard;
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.alarmTopic = new aws_sns_1.Topic(this, 'AlarmTopic', {
+            displayName: `ChaosKB ${props.environment} Alarms`,
+        });
+        const snsAction = new aws_cloudwatch_actions_1.SnsAction(this.alarmTopic);
+        // Lambda metrics
+        const invocations = props.lambdaFunction.metricInvocations({ period: aws_cdk_lib_1.Duration.minutes(5) });
+        const errors = props.lambdaFunction.metricErrors({ period: aws_cdk_lib_1.Duration.minutes(5) });
+        const durationP50 = props.lambdaFunction.metricDuration({ period: aws_cdk_lib_1.Duration.minutes(5), statistic: 'p50' });
+        const durationP95 = props.lambdaFunction.metricDuration({ period: aws_cdk_lib_1.Duration.minutes(5), statistic: 'p95' });
+        const durationP99 = props.lambdaFunction.metricDuration({ period: aws_cdk_lib_1.Duration.minutes(5), statistic: 'p99' });
+        // DynamoDB metrics
+        const readCapacity = new aws_cloudwatch_1.Metric({
+            namespace: 'AWS/DynamoDB',
+            metricName: 'ConsumedReadCapacityUnits',
+            dimensionsMap: { TableName: props.table.tableName },
+            period: aws_cdk_lib_1.Duration.minutes(5),
+            statistic: 'Sum',
+        });
+        const writeCapacity = new aws_cloudwatch_1.Metric({
+            namespace: 'AWS/DynamoDB',
+            metricName: 'ConsumedWriteCapacityUnits',
+            dimensionsMap: { TableName: props.table.tableName },
+            period: aws_cdk_lib_1.Duration.minutes(5),
+            statistic: 'Sum',
+        });
+        const throttledRequests = new aws_cloudwatch_1.Metric({
+            namespace: 'AWS/DynamoDB',
+            metricName: 'ThrottledRequests',
+            dimensionsMap: { TableName: props.table.tableName },
+            period: aws_cdk_lib_1.Duration.minutes(1),
+            statistic: 'Sum',
+        });
+        // Dashboard
+        this.dashboard = new aws_cloudwatch_1.Dashboard(this, 'Dashboard', {
+            // CDK auto-generates the dashboard name
+            widgets: [
+                [
+                    new aws_cloudwatch_1.GraphWidget({
+                        title: 'Lambda Invocations & Errors',
+                        left: [invocations],
+                        right: [errors],
+                        width: 12,
+                    }),
+                    new aws_cloudwatch_1.GraphWidget({
+                        title: 'Lambda Duration (p50/p95/p99)',
+                        left: [durationP50, durationP95, durationP99],
+                        width: 12,
+                    }),
+                ],
+                [
+                    new aws_cloudwatch_1.GraphWidget({
+                        title: 'DynamoDB Read/Write Capacity',
+                        left: [readCapacity],
+                        right: [writeCapacity],
+                        width: 12,
+                    }),
+                    new aws_cloudwatch_1.GraphWidget({
+                        title: 'DynamoDB Throttled Requests',
+                        left: [throttledRequests],
+                        width: 12,
+                    }),
+                ],
+            ],
+        });
+        // Alarms
+        // Lambda error rate > 1% over 5 min
+        const errorRate = new aws_cloudwatch_1.MathExpression({
+            expression: 'IF(invocations > 0, 100 * errors / invocations, 0)',
+            usingMetrics: {
+                errors,
+                invocations,
+            },
+            period: aws_cdk_lib_1.Duration.minutes(5),
+        });
+        const errorRateAlarm = new aws_cloudwatch_1.Alarm(this, 'LambdaErrorRateAlarm', {
+            alarmDescription: 'Lambda error rate exceeds 1%',
+            metric: errorRate,
+            threshold: 1,
+            evaluationPeriods: 1,
+            comparisonOperator: aws_cloudwatch_1.ComparisonOperator.GREATER_THAN_THRESHOLD,
+            treatMissingData: aws_cloudwatch_1.TreatMissingData.NOT_BREACHING,
+        });
+        errorRateAlarm.addAlarmAction(snsAction);
+        // DynamoDB throttles > 0 over 1 min
+        const throttleAlarm = new aws_cloudwatch_1.Alarm(this, 'DynamoThrottleAlarm', {
+            alarmDescription: 'DynamoDB throttled requests detected',
+            metric: throttledRequests,
+            threshold: 0,
+            evaluationPeriods: 1,
+            comparisonOperator: aws_cloudwatch_1.ComparisonOperator.GREATER_THAN_THRESHOLD,
+            treatMissingData: aws_cloudwatch_1.TreatMissingData.NOT_BREACHING,
+        });
+        throttleAlarm.addAlarmAction(snsAction);
+        // Lambda duration p99 > 5s
+        const durationAlarm = new aws_cloudwatch_1.Alarm(this, 'LambdaDurationAlarm', {
+            alarmDescription: 'Lambda p99 duration exceeds 5 seconds',
+            metric: props.lambdaFunction.metricDuration({
+                period: aws_cdk_lib_1.Duration.minutes(5),
+                statistic: 'p99',
+                unit: aws_cloudwatch_1.Unit.MILLISECONDS,
+            }),
+            threshold: 5000,
+            evaluationPeriods: 1,
+            comparisonOperator: aws_cloudwatch_1.ComparisonOperator.GREATER_THAN_THRESHOLD,
+            treatMissingData: aws_cloudwatch_1.TreatMissingData.NOT_BREACHING,
+        });
+        durationAlarm.addAlarmAction(snsAction);
+        // Metric filters for sync operations and auth failures (if log group provided)
+        if (props.lambdaLogGroup) {
+            const _syncOpsFilter = new aws_logs_1.MetricFilter(this, 'SyncOpsMetricFilter', {
+                logGroup: props.lambdaLogGroup,
+                filterPattern: aws_logs_1.FilterPattern.literal('{ $.operation = "sync" }'),
+                metricNamespace: 'ChaosKB',
+                metricName: 'SyncOperations',
+                metricValue: '1',
+            });
+            const _authFailuresFilter = new aws_logs_1.MetricFilter(this, 'AuthFailuresMetricFilter', {
+                logGroup: props.lambdaLogGroup,
+                filterPattern: aws_logs_1.FilterPattern.literal('{ $.error = "auth_error" }'),
+                metricNamespace: 'ChaosKB',
+                metricName: 'AuthFailures',
+                metricValue: '1',
+            });
+            const syncOpsMetric = new aws_cloudwatch_1.Metric({
+                namespace: 'ChaosKB',
+                metricName: 'SyncOperations',
+                period: aws_cdk_lib_1.Duration.minutes(5),
+                statistic: 'Sum',
+            });
+            const authFailuresMetric = new aws_cloudwatch_1.Metric({
+                namespace: 'ChaosKB',
+                metricName: 'AuthFailures',
+                period: aws_cdk_lib_1.Duration.minutes(5),
+                statistic: 'Sum',
+            });
+            const authFailuresAlarm = new aws_cloudwatch_1.Alarm(this, 'AuthFailuresAlarm', {
+                alarmDescription: 'Auth failures exceed 10 in 5 minutes',
+                metric: authFailuresMetric,
+                threshold: 10,
+                evaluationPeriods: 1,
+                comparisonOperator: aws_cloudwatch_1.ComparisonOperator.GREATER_THAN_THRESHOLD,
+                treatMissingData: aws_cloudwatch_1.TreatMissingData.NOT_BREACHING,
+            });
+            authFailuresAlarm.addAlarmAction(snsAction);
+            this.dashboard.addWidgets(new aws_cloudwatch_1.GraphWidget({
+                title: 'Sync Operations',
+                left: [syncOpsMetric],
+                width: 12,
+            }), new aws_cloudwatch_1.GraphWidget({
+                title: 'Auth Failures',
+                left: [authFailuresMetric],
+                width: 12,
+            }));
+        }
+    }
+}
+exports.AdminDashboard = AdminDashboard;
+//# sourceMappingURL=admin-dashboard.js.map

package/dist/lib/constructs/admin-dashboard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-dashboard.js","sourceRoot":"","sources":["../../../lib/constructs/admin-dashboard.ts"],"names":[],"mappings":";;;AAAA,6CAAuC;AACvC,+DASoC;AACpC,+EAA+D;AAC/D,iDAA4C;AAG5C,mDAA6E;AAC7E,2CAAuC;AASvC,MAAa,cAAe,SAAQ,sBAAS;IAC3B,UAAU,CAAQ;IAClB,SAAS,CAAY;IAErC,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA0B;QAClE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjB,IAAI,CAAC,UAAU,GAAG,IAAI,eAAK,CAAC,IAAI,EAAE,YAAY,EAAE;YAC9C,WAAW,EAAE,WAAW,KAAK,CAAC,WAAW,SAAS;SACnD,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,IAAI,kCAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAEjD,iBAAiB;QACjB,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC5F,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAClF,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3G,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3G,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAE3G,mBAAmB;QACnB,MAAM,YAAY,GAAG,IAAI,uBAAM,CAAC;YAC9B,SAAS,EAAE,cAAc;YACzB,UAAU,EAAE,2BAA2B;YACvC,aAAa,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE;YACnD,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3B,SAAS,EAAE,KAAK;SACjB,CAAC,CAAC;QAEH,MAAM,aAAa,GAAG,IAAI,uBAAM,CAAC;YAC/B,SAAS,EAAE,cAAc;YACzB,UAAU,EAAE,4BAA4B;YACxC,aAAa,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE;YACnD,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3B,SAAS,EAAE,KAAK;SACjB,CAAC,CAAC;QAEH,MAAM,iBAAiB,GAAG,IAAI,uBAAM,CAAC;YACnC,SAAS,EAAE,cAAc;YACzB,UAAU,EAAE,mBAAmB;YAC/B,aAAa,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE;YACnD,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3B,SAAS,EAAE,KAAK;SACjB,CAAC,CAAC;QAEH,YAAY;QACZ,IAAI,CAAC,SAAS,GAAG,IAAI,0BAAS,CAAC,IAAI,EAAE,WAAW,EAAE;YAChD,wCAAwC;YACxC,OAAO,EAAE;gBACP;oBACE,IAAI,4BAAW,CAAC;wBACd,KAAK,EAAE,6BAA6B;wBACpC,IAAI,EAAE,CAAC,WAAW,CAAC;wBACnB,KAAK,EAAE,CAAC,MAAM,CAAC;wBACf,KAAK,EAAE,EAAE;qBACV,CAAC;oBACF,IAAI,4BAAW,CAAC;wBACd,KAAK,EAAE,+BAA+B;wBACtC,IAAI,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,WAAW,CAAC;wBAC7C,KAAK,EAAE,EAAE;qBACV,CAAC;iBACH;gBACD;oBACE,IAAI,4BAAW,CAAC;wBACd,KAAK,EAAE,8BAA8B;wBACrC,IAAI,EAAE,CAAC,YAAY,CAAC;wBACpB,KAAK,EAAE,CAAC,aAAa,CAAC;wBACtB,KAAK,EAAE,EAAE;qBACV,CAAC;oBACF,IAAI,4BAAW,CAAC;wBACd,KAAK,EAAE,6BAA6B;wBACpC,IAAI,EAAE,CAAC,iBAAiB,CAAC;wBACzB,KAAK,EAAE,EAAE;qBACV,CAAC;iBACH;aACF;SACF,CAAC,CAAC;QAEH,SAAS;QAET,oCAAoC;QACpC,MAAM,SAAS,GAAG,IAAI,+BAAc,CAAC;YACnC,UAAU,EAAE,oDAAoD;YAChE,YAAY,EAAE;gBACZ,MAAM;gBACN,WAAW;aACZ;YACD,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;SAC5B,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,sBAAK,CAAC,IAAI,EAAE,sBAAsB,EAAE;YAC7D,gBAAgB,EAAE,8BAA8B;YAChD,MAAM,EAAE,SAAS;YACjB,SAAS,EAAE,CAAC;YACZ,iBAAiB,EAAE,CAAC;YACpB,kBAAkB,EAAE,mCAAkB,CAAC,sBAAsB;YAC7D,gBAAgB,EAAE,iCAAgB,CAAC,aAAa;SACjD,CAAC,CAAC;QACH,cAAc,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAEzC,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,sBAAK,CAAC,IAAI,EAAE,qBAAqB,EAAE;YAC3D,gBAAgB,EAAE,sCAAsC;YACxD,MAAM,EAAE,iBAAiB;YACzB,SAAS,EAAE,CAAC;YACZ,iBAAiB,EAAE,CAAC;YACpB,kBAAkB,EAAE,mCAAkB,CAAC,sBAAsB;YAC7D,gBAAgB,EAAE,iCAAgB,CAAC,aAAa;SACjD,CAAC,CAAC;QACH,aAAa,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAExC,2BAA2B;QAC3B,MAAM,aAAa,GAAG,IAAI,sBAAK,CAAC,IAAI,EAAE,qBAAqB,EAAE;YAC3D,gBAAgB,EAAE,uCAAuC;YACzD,MAAM,EAAE,KAAK,CAAC,cAAc,CAAC,cAAc,CAAC;gBAC1C,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;gBAC3B,SAAS,EAAE,KAAK;gBAChB,IAAI,EAAE,qBAAI,CAAC,YAAY;aACxB,CAAC;YACF,SAAS,EAAE,IAAI;YACf,iBAAiB,EAAE,CAAC;YACpB,kBAAkB,EAAE,mCAAkB,CAAC,sBAAsB;YAC7D,gBAAgB,EAAE,iCAAgB,CAAC,aAAa;SACjD,CAAC,CAAC;QACH,aAAa,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAExC,+EAA+E;QAC/E,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,cAAc,GAAG,IAAI,uBAAY,CAAC,IAAI,EAAE,qBAAqB,EAAE;gBACnE,QAAQ,EAAE,KAAK,CAAC,cAAc;gBAC9B,aAAa,EAAE,wBAAa,CAAC,OAAO,CAAC,0BAA0B,CAAC;gBAChE,eAAe,EAAE,SAAS;gBAC1B,UAAU,EAAE,gBAAgB;gBAC5B,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,MAAM,mBAAmB,GAAG,IAAI,uBAAY,CAAC,IAAI,EAAE,0BAA0B,EAAE;gBAC7E,QAAQ,EAAE,KAAK,CAAC,cAAc;gBAC9B,aAAa,EAAE,wBAAa,CAAC,OAAO,CAAC,4BAA4B,CAAC;gBAClE,eAAe,EAAE,SAAS;gBAC1B,UAAU,EAAE,cAAc;gBAC1B,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,IAAI,uBAAM,CAAC;gBAC/B,SAAS,EAAE,SAAS;gBACpB,UAAU,EAAE,gBAAgB;gBAC5B,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;gBAC3B,SAAS,EAAE,KAAK;aACjB,CAAC,CAAC;YAEH,MAAM,kBAAkB,GAAG,IAAI,uBAAM,CAAC;gBACpC,SAAS,EAAE,SAAS;gBACpB,UAAU,EAAE,cAAc;gBAC1B,MAAM,EAAE,sBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;gBAC3B,SAAS,EAAE,KAAK;aACjB,CAAC,CAAC;YAEH,MAAM,iBAAiB,GAAG,IAAI,sBAAK,CAAC,IAAI,EAAE,mBAAmB,EAAE;gBAC7D,gBAAgB,EAAE,sCAAsC;gBACxD,MAAM,EAAE,kBAAkB;gBAC1B,SAAS,EAAE,EAAE;gBACb,iBAAiB,EAAE,CAAC;gBACpB,kBAAkB,EAAE,mCAAkB,CAAC,sBAAsB;gBAC7D,gBAAgB,EAAE,iCAAgB,CAAC,aAAa;aACjD,CAAC,CAAC;YACH,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YAE5C,IAAI,CAAC,SAAS,CAAC,UAAU,CACvB,IAAI,4BAAW,CAAC;gBACd,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EAAE,CAAC,aAAa,CAAC;gBACrB,KAAK,EAAE,EAAE;aACV,CAAC,EACF,IAAI,4BAAW,CAAC;gBACd,KAAK,EAAE,eAAe;gBACtB,IAAI,EAAE,CAAC,kBAAkB,CAAC;gBAC1B,KAAK,EAAE,EAAE;aACV,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAtLD,wCAsLC"}

package/dist/lib/constructs/api.d.ts

@@ -0,0 +1,17 @@
+import { FunctionUrl } from 'aws-cdk-lib/aws-lambda';
+import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs';
+import { TableV2 } from 'aws-cdk-lib/aws-dynamodb';
+import { StringParameter } from 'aws-cdk-lib/aws-ssm';
+import { Construct } from 'constructs';
+export interface ApiProps {
+    readonly table: TableV2;
+    readonly environment: string;
+    readonly signupsEnabledParam: StringParameter;
+    readonly reservedConcurrency?: number;
+}
+export declare class Api extends Construct {
+    readonly functionUrl: FunctionUrl;
+    readonly handler: NodejsFunction;
+    constructor(scope: Construct, id: string, props: ApiProps);
+}
+//# sourceMappingURL=api.d.ts.map

package/dist/lib/constructs/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../lib/constructs/api.ts"],"names":[],"mappings":"AACA,OAAO,EAAgB,WAAW,EAAyC,MAAM,wBAAwB,CAAC;AAC1G,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAEnD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAGvC,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,mBAAmB,EAAE,eAAe,CAAC;IAC9C,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;CACvC;AAED,qBAAa,GAAI,SAAQ,SAAS;IAChC,SAAgB,WAAW,EAAE,WAAW,CAAC;IACzC,SAAgB,OAAO,EAAE,cAAc,CAAC;gBAE5B,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ;CAqC1D"}

package/dist/lib/constructs/api.js

@@ -0,0 +1,81 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Api = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
+const aws_lambda_nodejs_1 = require("aws-cdk-lib/aws-lambda-nodejs");
+const aws_sqs_1 = require("aws-cdk-lib/aws-sqs");
+const constructs_1 = require("constructs");
+const path = __importStar(require("path"));
+class Api extends constructs_1.Construct {
+    functionUrl;
+    handler;
+    constructor(scope, id, props) {
+        super(scope, id);
+        const deadLetterQueue = new aws_sqs_1.Queue(this, 'DeadLetterQueue', {
+            retentionPeriod: aws_cdk_lib_1.Duration.days(14),
+        });
+        this.handler = new aws_lambda_nodejs_1.NodejsFunction(this, 'Handler', {
+            runtime: aws_lambda_1.Runtime.NODEJS_22_X,
+            architecture: aws_lambda_1.Architecture.ARM_64,
+            entry: path.join(__dirname, '..', 'handler', 'index.ts'),
+            handler: 'handler',
+            memorySize: 256,
+            timeout: aws_cdk_lib_1.Duration.seconds(30),
+            environment: {
+                TABLE_NAME: props.table.tableName,
+                ENVIRONMENT: props.environment,
+                SIGNUPS_ENABLED_PARAM: props.signupsEnabledParam.parameterName,
+            },
+            reservedConcurrentExecutions: props.reservedConcurrency ?? 10,
+            deadLetterQueue,
+            tracing: aws_lambda_1.Tracing.ACTIVE,
+            bundling: {
+                minify: true,
+                sourceMap: true,
+                target: 'node22',
+                format: undefined, // default cjs for Lambda
+            },
+        });
+        this.functionUrl = this.handler.addFunctionUrl({
+            authType: aws_lambda_1.FunctionUrlAuthType.NONE,
+        });
+        props.table.grantReadWriteData(this.handler);
+        props.signupsEnabledParam.grantRead(this.handler);
+    }
+}
+exports.Api = Api;
+//# sourceMappingURL=api.js.map