@digitraffic/common 2022.10.5

package/src/aws/infra/stack/rest_apis.js

@@ -0,0 +1,179 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createIpRestrictionPolicyDocument = exports.createDefaultPolicyDocument = exports.createRestApi = exports.setReturnCodeForMissingAuthenticationToken = exports.add401Support = exports.add404Support = exports.DigitrafficRestApi = void 0;
+const aws_apigateway_1 = require("aws-cdk-lib/aws-apigateway");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const usage_plans_1 = require("../usage-plans");
+const api_model_1 = require("../../../utils/api-model");
+const mediatypes_1 = require("../../types/mediatypes");
+const R = require("ramda");
+class DigitrafficRestApi extends aws_apigateway_1.RestApi {
+    constructor(stack, apiId, apiName, allowFromIpAddresses, config) {
+        const policyDocument = allowFromIpAddresses == null ? createDefaultPolicyDocument() : createIpRestrictionPolicyDocument(allowFromIpAddresses);
+        // override default config with given extra config
+        const apiConfig = { ...{
+                deployOptions: {
+                    loggingLevel: aws_apigateway_1.MethodLoggingLevel.ERROR,
+                },
+                restApiName: apiName,
+                endpointTypes: [aws_apigateway_1.EndpointType.REGIONAL],
+                policy: policyDocument,
+            }, ...config };
+        super(stack, apiId, apiConfig);
+        this.apiKeyIds = [];
+        add404Support(this, stack);
+    }
+    hostname() {
+        return `${this.restApiId}.execute-api.${this.stack.region}.amazonaws.com`;
+    }
+    createUsagePlan(apiKeyId, apiKeyName) {
+        const newKeyId = (0, usage_plans_1.createUsagePlan)(this, apiKeyId, apiKeyName).keyId;
+        this.apiKeyIds.push(newKeyId);
+        return newKeyId;
+    }
+    createUsagePlanV2(apiName) {
+        const newKeyId = (0, usage_plans_1.createDefaultUsagePlan)(this, apiName).keyId;
+        this.apiKeyIds.push(newKeyId);
+        return newKeyId;
+    }
+    addJsonModel(modelName, schema) {
+        return this.getModelWithReference(this.addModel(modelName, {
+            contentType: mediatypes_1.MediaType.APPLICATION_JSON,
+            modelName,
+            schema,
+        }));
+    }
+    addCSVModel(modelName) {
+        return this.getModelWithReference(this.addModel(modelName, {
+            contentType: mediatypes_1.MediaType.TEXT_CSV,
+            modelName,
+            schema: {},
+        }));
+    }
+    getModelWithReference(model) {
+        return R.assoc('modelReference', (0, api_model_1.getModelReference)(model.modelId, this.restApiId), model);
+    }
+    addDocumentationPart(resource, parameterName, resourceName, type, properties) {
+        const location = {
+            type,
+            path: resource.path,
+            name: type !== 'METHOD' ? parameterName : undefined,
+        };
+        new aws_apigateway_1.CfnDocumentationPart(this.stack, resourceName, {
+            restApiId: resource.api.restApiId,
+            location,
+            properties: JSON.stringify(properties),
+        });
+    }
+    documentResource(resource, ...documentationPart) {
+        documentationPart.forEach(dp => this.addDocumentationPart(resource, dp.parameterName, `${resource.path}.${dp.parameterName}.Documentation`, dp.type, dp.documentationProperties));
+    }
+}
+exports.DigitrafficRestApi = DigitrafficRestApi;
+/**
+ * Due to AWS API design API Gateway will always return 403 'Missing Authentication Token' for requests
+ * with a non-existent endpoint. This function translates this response to a 404.
+ * Requests with an invalid or missing API key are not affected (still return 403 'Forbidden').
+ * @param restApi RestApi
+ * @param stack Construct
+ */
+function add404Support(restApi, stack) {
+    new aws_apigateway_1.GatewayResponse(stack, `MissingAuthenticationTokenResponse-${restApi.restApiName}`, {
+        restApi,
+        type: aws_apigateway_1.ResponseType.MISSING_AUTHENTICATION_TOKEN,
+        statusCode: '404',
+        templates: {
+            'application/json': '{"message": "Not found"}',
+        },
+    });
+}
+exports.add404Support = add404Support;
+function add401Support(restApi, stack) {
+    new aws_apigateway_1.GatewayResponse(stack, `AuthenticationFailedResponse-${restApi.restApiName}`, {
+        restApi,
+        type: aws_apigateway_1.ResponseType.UNAUTHORIZED,
+        statusCode: "401",
+        responseHeaders: {
+            'WWW-Authenticate': "'Basic'",
+        },
+    });
+}
+exports.add401Support = add401Support;
+/**
+ * Due to AWS API design API Gateway will always return 403 'Missing Authentication Token' for requests
+ * with a non-existent endpoint. This function converts this response to a custom one.
+ * Requests with an invalid or missing API key are not affected (still return 403 'Forbidden').
+ * @param returnCode
+ * @param message
+ * @param restApi RestApi
+ * @param stack Construct
+ */
+function setReturnCodeForMissingAuthenticationToken(returnCode, message, restApi, stack) {
+    new aws_apigateway_1.GatewayResponse(stack, `MissingAuthenticationTokenResponse-${restApi.restApiName}`, {
+        restApi,
+        type: aws_apigateway_1.ResponseType.MISSING_AUTHENTICATION_TOKEN,
+        statusCode: `${returnCode}`,
+        templates: {
+            'application/json': `{"message": ${message}}`,
+        },
+    });
+}
+exports.setReturnCodeForMissingAuthenticationToken = setReturnCodeForMissingAuthenticationToken;
+function createRestApi(stack, apiId, apiName, allowFromIpAddresses) {
+    const policyDocument = allowFromIpAddresses == null ? createDefaultPolicyDocument() : createIpRestrictionPolicyDocument(allowFromIpAddresses);
+    const restApi = new aws_apigateway_1.RestApi(stack, apiId, {
+        deployOptions: {
+            loggingLevel: aws_apigateway_1.MethodLoggingLevel.ERROR,
+        },
+        restApiName: apiName,
+        endpointTypes: [aws_apigateway_1.EndpointType.REGIONAL],
+        policy: policyDocument,
+    });
+    add404Support(restApi, stack);
+    return restApi;
+}
+exports.createRestApi = createRestApi;
+function createDefaultPolicyDocument() {
+    return new aws_iam_1.PolicyDocument({
+        statements: [
+            new aws_iam_1.PolicyStatement({
+                effect: aws_iam_1.Effect.ALLOW,
+                actions: [
+                    "execute-api:Invoke",
+                ],
+                resources: [
+                    "*",
+                ],
+                principals: [
+                    new aws_iam_1.AnyPrincipal(),
+                ],
+            }),
+        ],
+    });
+}
+exports.createDefaultPolicyDocument = createDefaultPolicyDocument;
+function createIpRestrictionPolicyDocument(allowFromIpAddresses) {
+    return new aws_iam_1.PolicyDocument({
+        statements: [
+            new aws_iam_1.PolicyStatement({
+                effect: aws_iam_1.Effect.ALLOW,
+                conditions: {
+                    "IpAddress": {
+                        "aws:SourceIp": allowFromIpAddresses,
+                    },
+                },
+                actions: [
+                    "execute-api:Invoke",
+                ],
+                resources: [
+                    "*",
+                ],
+                principals: [
+                    new aws_iam_1.AnyPrincipal(),
+                ],
+            }),
+        ],
+    });
+}
+exports.createIpRestrictionPolicyDocument = createIpRestrictionPolicyDocument;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVzdF9hcGlzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vc3JjL2F3cy9pbmZyYS9zdGFjay9yZXN0X2FwaXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsK0RBT29DO0FBQ3BDLGlEQUEwRjtBQUcxRixnREFBdUU7QUFFdkUsd0RBQTJEO0FBQzNELHVEQUFpRDtBQUdqRCwyQkFBNEI7QUFFNUIsTUFBYSxrQkFBbUIsU0FBUSx3QkFBTztJQUczQyxZQUNJLEtBQXVCLEVBQUUsS0FBYSxFQUFFLE9BQWUsRUFBRSxvQkFBMkMsRUFBRSxNQUE4QjtRQUVwSSxNQUFNLGNBQWMsR0FBRyxvQkFBb0IsSUFBSSxJQUFJLENBQUMsQ0FBQyxDQUFDLDJCQUEyQixFQUFFLENBQUMsQ0FBQyxDQUFDLGlDQUFpQyxDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFFOUksa0RBQWtEO1FBQ2xELE1BQU0sU0FBUyxHQUFHLEVBQUMsR0FBRztnQkFDbEIsYUFBYSxFQUFFO29CQUNYLFlBQVksRUFBRSxtQ0FBa0IsQ0FBQyxLQUFLO2lCQUN6QztnQkFDRCxXQUFXLEVBQUUsT0FBTztnQkFDcEIsYUFBYSxFQUFFLENBQUMsNkJBQVksQ0FBQyxRQUFRLENBQUM7Z0JBQ3RDLE1BQU0sRUFBRSxjQUFjO2FBQ3pCLEVBQUUsR0FBRyxNQUFNLEVBQUMsQ0FBQztRQUVkLEtBQUssQ0FBQyxLQUFLLEVBQUUsS0FBSyxFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBRS9CLElBQUksQ0FBQyxTQUFTLEdBQUcsRUFBRSxDQUFDO1FBRXBCLGFBQWEsQ0FBQyxJQUFJLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFDL0IsQ0FBQztJQUVELFFBQVE7UUFDSixPQUFPLEdBQUcsSUFBSSxDQUFDLFNBQVMsZ0JBQWlCLElBQUksQ0FBQyxLQUEwQixDQUFDLE1BQU0sZ0JBQWdCLENBQUM7SUFDcEcsQ0FBQztJQUVELGVBQWUsQ0FBQyxRQUFnQixFQUFFLFVBQWtCO1FBQ2hELE1BQU0sUUFBUSxHQUFHLElBQUEsNkJBQWUsRUFBQyxJQUFJLEVBQUUsUUFBUSxFQUFFLFVBQVUsQ0FBQyxDQUFDLEtBQUssQ0FBQztRQUVuRSxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUU5QixPQUFPLFFBQVEsQ0FBQztJQUNwQixDQUFDO0lBRUQsaUJBQWlCLENBQUMsT0FBZTtRQUM3QixNQUFNLFFBQVEsR0FBRyxJQUFBLG9DQUFzQixFQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQyxLQUFLLENBQUM7UUFFN0QsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFOUIsT0FBTyxRQUFRLENBQUM7SUFDcEIsQ0FBQztJQUVELFlBQVksQ0FBQyxTQUFpQixFQUFFLE1BQWtCO1FBQzlDLE9BQU8sSUFBSSxDQUFDLHFCQUFxQixDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsU0FBUyxFQUFFO1lBQ3ZELFdBQVcsRUFBRSxzQkFBUyxDQUFDLGdCQUFnQjtZQUN2QyxTQUFTO1lBQ1QsTUFBTTtTQUNULENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQztJQUVELFdBQVcsQ0FBQyxTQUFpQjtRQUN6QixPQUFPLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLFNBQVMsRUFBRTtZQUN2RCxXQUFXLEVBQUUsc0JBQVMsQ0FBQyxRQUFRO1lBQy9CLFNBQVM7WUFDVCxNQUFNLEVBQUUsRUFBRTtTQUNiLENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQztJQUVPLHFCQUFxQixDQUFDLEtBQVk7UUFDdEMsT0FBTyxDQUFDLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUFFLElBQUEsNkJBQWlCLEVBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsS0FBSyxDQUF1QixDQUFDO0lBQ3BILENBQUM7SUFFTyxvQkFBb0IsQ0FDeEIsUUFBa0IsRUFBRSxhQUFxQixFQUFFLFlBQW9CLEVBQUUsSUFBWSxFQUFFLFVBQW1DO1FBRWxILE1BQU0sUUFBUSxHQUEwQztZQUNwRCxJQUFJO1lBQ0osSUFBSSxFQUFFLFFBQVEsQ0FBQyxJQUFJO1lBQ25CLElBQUksRUFBRSxJQUFJLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDdEQsQ0FBQztRQUVGLElBQUkscUNBQW9CLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxZQUFZLEVBQUU7WUFDL0MsU0FBUyxFQUFFLFFBQVEsQ0FBQyxHQUFHLENBQUMsU0FBUztZQUNqQyxRQUFRO1lBQ1IsVUFBVSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDO1NBQ3pDLENBQUMsQ0FBQztJQUNQLENBQUM7SUFFRCxnQkFBZ0IsQ0FBQyxRQUFrQixFQUFFLEdBQUcsaUJBQXNDO1FBQzFFLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxvQkFBb0IsQ0FDckQsUUFBUSxFQUFFLEVBQUUsQ0FBQyxhQUFhLEVBQUUsR0FBRyxRQUFRLENBQUMsSUFBSSxJQUFJLEVBQUUsQ0FBQyxhQUFhLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLHVCQUF1QixDQUN4SCxDQUFDLENBQUM7SUFDUCxDQUFDO0NBQ0o7QUF0RkQsZ0RBc0ZDO0FBRUQ7Ozs7OztHQU1HO0FBQ0gsU0FBZ0IsYUFBYSxDQUFDLE9BQWdCLEVBQUUsS0FBZ0I7SUFDNUQsSUFBSSxnQ0FBZSxDQUFDLEtBQUssRUFBRSxzQ0FBc0MsT0FBTyxDQUFDLFdBQVcsRUFBRSxFQUFFO1FBQ3BGLE9BQU87UUFDUCxJQUFJLEVBQUUsNkJBQVksQ0FBQyw0QkFBNEI7UUFDL0MsVUFBVSxFQUFFLEtBQUs7UUFDakIsU0FBUyxFQUFFO1lBQ1Asa0JBQWtCLEVBQUUsMEJBQTBCO1NBQ2pEO0tBQ0osQ0FBQyxDQUFDO0FBQ1AsQ0FBQztBQVRELHNDQVNDO0FBRUQsU0FBZ0IsYUFBYSxDQUFDLE9BQWdCLEVBQUUsS0FBZ0I7SUFDNUQsSUFBSSxnQ0FBZSxDQUFDLEtBQUssRUFBRSxnQ0FBZ0MsT0FBTyxDQUFDLFdBQVcsRUFBRSxFQUFFO1FBQzlFLE9BQU87UUFDUCxJQUFJLEVBQUUsNkJBQVksQ0FBQyxZQUFZO1FBQy9CLFVBQVUsRUFBRSxLQUFLO1FBQ2pCLGVBQWUsRUFBRTtZQUNiLGtCQUFrQixFQUFFLFNBQVM7U0FDaEM7S0FDSixDQUFDLENBQUM7QUFDUCxDQUFDO0FBVEQsc0NBU0M7QUFFRDs7Ozs7Ozs7R0FRRztBQUNILFNBQWdCLDBDQUEwQyxDQUFDLFVBQWtCLEVBQ3pFLE9BQWUsRUFDZixPQUFnQixFQUNoQixLQUFnQjtJQUVoQixJQUFJLGdDQUFlLENBQUMsS0FBSyxFQUFFLHNDQUFzQyxPQUFPLENBQUMsV0FBVyxFQUFFLEVBQUU7UUFDcEYsT0FBTztRQUNQLElBQUksRUFBRSw2QkFBWSxDQUFDLDRCQUE0QjtRQUMvQyxVQUFVLEVBQUUsR0FBRyxVQUFVLEVBQUU7UUFDM0IsU0FBUyxFQUFFO1lBQ1Asa0JBQWtCLEVBQUUsZUFBZSxPQUFPLEdBQUc7U0FDaEQ7S0FDSixDQUFDLENBQUM7QUFDUCxDQUFDO0FBYkQsZ0dBYUM7QUFFRCxTQUFnQixhQUFhLENBQUMsS0FBZ0IsRUFBRSxLQUFhLEVBQUUsT0FBZSxFQUFFLG9CQUEyQztJQUN2SCxNQUFNLGNBQWMsR0FBRyxvQkFBb0IsSUFBSSxJQUFJLENBQUMsQ0FBQyxDQUFDLDJCQUEyQixFQUFFLENBQUMsQ0FBQyxDQUFDLGlDQUFpQyxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDOUksTUFBTSxPQUFPLEdBQUcsSUFBSSx3QkFBTyxDQUFDLEtBQUssRUFBRSxLQUFLLEVBQUU7UUFDdEMsYUFBYSxFQUFFO1lBQ1gsWUFBWSxFQUFFLG1DQUFrQixDQUFDLEtBQUs7U0FDekM7UUFDRCxXQUFXLEVBQUUsT0FBTztRQUNwQixhQUFhLEVBQUUsQ0FBQyw2QkFBWSxDQUFDLFFBQVEsQ0FBQztRQUN0QyxNQUFNLEVBQUUsY0FBYztLQUN6QixDQUFDLENBQUM7SUFDSCxhQUFhLENBQUMsT0FBTyxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQzlCLE9BQU8sT0FBTyxDQUFDO0FBQ25CLENBQUM7QUFaRCxzQ0FZQztBQUVELFNBQWdCLDJCQUEyQjtJQUN2QyxPQUFPLElBQUksd0JBQWMsQ0FBQztRQUN0QixVQUFVLEVBQUU7WUFDUixJQUFJLHlCQUFlLENBQUM7Z0JBQ2hCLE1BQU0sRUFBRSxnQkFBTSxDQUFDLEtBQUs7Z0JBQ3BCLE9BQU8sRUFBRTtvQkFDTCxvQkFBb0I7aUJBQ3ZCO2dCQUNELFNBQVMsRUFBRTtvQkFDUCxHQUFHO2lCQUNOO2dCQUNELFVBQVUsRUFBRTtvQkFDUixJQUFJLHNCQUFZLEVBQUU7aUJBQ3JCO2FBQ0osQ0FBQztTQUNMO0tBQ0osQ0FBQyxDQUFDO0FBQ1AsQ0FBQztBQWpCRCxrRUFpQkM7QUFHRCxTQUFnQixpQ0FBaUMsQ0FBQyxvQkFBOEI7SUFDNUUsT0FBTyxJQUFJLHdCQUFjLENBQUM7UUFDdEIsVUFBVSxFQUFFO1lBQ1IsSUFBSSx5QkFBZSxDQUFDO2dCQUNoQixNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLO2dCQUNwQixVQUFVLEVBQUU7b0JBQ1IsV0FBVyxFQUFFO3dCQUNULGNBQWMsRUFBRSxvQkFBb0I7cUJBQ3ZDO2lCQUNKO2dCQUNELE9BQU8sRUFBRTtvQkFDTCxvQkFBb0I7aUJBQ3ZCO2dCQUNELFNBQVMsRUFBRTtvQkFDUCxHQUFHO2lCQUNOO2dCQUNELFVBQVUsRUFBRTtvQkFDUixJQUFJLHNCQUFZLEVBQUU7aUJBQ3JCO2FBQ0osQ0FBQztTQUNMO0tBQ0osQ0FBQyxDQUFDO0FBQ1AsQ0FBQztBQXRCRCw4RUFzQkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge1xyXG4gICAgUmVzdEFwaSxcclxuICAgIE1ldGhvZExvZ2dpbmdMZXZlbCxcclxuICAgIEdhdGV3YXlSZXNwb25zZSxcclxuICAgIFJlc3BvbnNlVHlwZSxcclxuICAgIEVuZHBvaW50VHlwZSxcclxuICAgIFJlc3RBcGlQcm9wcywgSnNvblNjaGVtYSwgTW9kZWwsIENmbkRvY3VtZW50YXRpb25QYXJ0LCBSZXNvdXJjZSxcclxufSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtYXBpZ2F0ZXdheSc7XHJcbmltcG9ydCB7UG9saWN5RG9jdW1lbnQsIFBvbGljeVN0YXRlbWVudCwgRWZmZWN0LCBBbnlQcmluY2lwYWx9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1pYW0nO1xyXG5pbXBvcnQge0NvbnN0cnVjdH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcclxuaW1wb3J0IHtEaWdpdHJhZmZpY1N0YWNrfSBmcm9tIFwiLi9zdGFja1wiO1xyXG5pbXBvcnQge2NyZWF0ZURlZmF1bHRVc2FnZVBsYW4sIGNyZWF0ZVVzYWdlUGxhbn0gZnJvbSBcIi4uL3VzYWdlLXBsYW5zXCI7XHJcbmltcG9ydCB7TW9kZWxXaXRoUmVmZXJlbmNlfSBmcm9tIFwiLi4vLi4vdHlwZXMvbW9kZWwtd2l0aC1yZWZlcmVuY2VcIjtcclxuaW1wb3J0IHtnZXRNb2RlbFJlZmVyZW5jZX0gZnJvbSBcIi4uLy4uLy4uL3V0aWxzL2FwaS1tb2RlbFwiO1xyXG5pbXBvcnQge01lZGlhVHlwZX0gZnJvbSBcIi4uLy4uL3R5cGVzL21lZGlhdHlwZXNcIjtcclxuaW1wb3J0IHtEb2N1bWVudGF0aW9uUGFydCwgRG9jdW1lbnRhdGlvblByb3BlcnRpZXN9IGZyb20gXCIuLi9kb2N1bWVudGF0aW9uXCI7XHJcblxyXG5pbXBvcnQgUiA9IHJlcXVpcmUoJ3JhbWRhJyk7XHJcblxyXG5leHBvcnQgY2xhc3MgRGlnaXRyYWZmaWNSZXN0QXBpIGV4dGVuZHMgUmVzdEFwaSB7XHJcbiAgICByZWFkb25seSBhcGlLZXlJZHM6IHN0cmluZ1tdO1xyXG5cclxuICAgIGNvbnN0cnVjdG9yKFxyXG4gICAgICAgIHN0YWNrOiBEaWdpdHJhZmZpY1N0YWNrLCBhcGlJZDogc3RyaW5nLCBhcGlOYW1lOiBzdHJpbmcsIGFsbG93RnJvbUlwQWRkcmVzc2VzPzogc3RyaW5nW10gfCB1bmRlZmluZWQsIGNvbmZpZz86IFBhcnRpYWw8UmVzdEFwaVByb3BzPixcclxuICAgICkge1xyXG4gICAgICAgIGNvbnN0IHBvbGljeURvY3VtZW50ID0gYWxsb3dGcm9tSXBBZGRyZXNzZXMgPT0gbnVsbCA/IGNyZWF0ZURlZmF1bHRQb2xpY3lEb2N1bWVudCgpIDogY3JlYXRlSXBSZXN0cmljdGlvblBvbGljeURvY3VtZW50KGFsbG93RnJvbUlwQWRkcmVzc2VzKTtcclxuXHJcbiAgICAgICAgLy8gb3ZlcnJpZGUgZGVmYXVsdCBjb25maWcgd2l0aCBnaXZlbiBleHRyYSBjb25maWdcclxuICAgICAgICBjb25zdCBhcGlDb25maWcgPSB7Li4ue1xyXG4gICAgICAgICAgICBkZXBsb3lPcHRpb25zOiB7XHJcbiAgICAgICAgICAgICAgICBsb2dnaW5nTGV2ZWw6IE1ldGhvZExvZ2dpbmdMZXZlbC5FUlJPUixcclxuICAgICAgICAgICAgfSxcclxuICAgICAgICAgICAgcmVzdEFwaU5hbWU6IGFwaU5hbWUsXHJcbiAgICAgICAgICAgIGVuZHBvaW50VHlwZXM6IFtFbmRwb2ludFR5cGUuUkVHSU9OQUxdLFxyXG4gICAgICAgICAgICBwb2xpY3k6IHBvbGljeURvY3VtZW50LFxyXG4gICAgICAgIH0sIC4uLmNvbmZpZ307XHJcblxyXG4gICAgICAgIHN1cGVyKHN0YWNrLCBhcGlJZCwgYXBpQ29uZmlnKTtcclxuXHJcbiAgICAgICAgdGhpcy5hcGlLZXlJZHMgPSBbXTtcclxuXHJcbiAgICAgICAgYWRkNDA0U3VwcG9ydCh0aGlzLCBzdGFjayk7XHJcbiAgICB9XHJcblxyXG4gICAgaG9zdG5hbWUoKTogc3RyaW5nIHtcclxuICAgICAgICByZXR1cm4gYCR7dGhpcy5yZXN0QXBpSWR9LmV4ZWN1dGUtYXBpLiR7KHRoaXMuc3RhY2sgYXMgRGlnaXRyYWZmaWNTdGFjaykucmVnaW9ufS5hbWF6b25hd3MuY29tYDtcclxuICAgIH1cclxuXHJcbiAgICBjcmVhdGVVc2FnZVBsYW4oYXBpS2V5SWQ6IHN0cmluZywgYXBpS2V5TmFtZTogc3RyaW5nKTogc3RyaW5nIHtcclxuICAgICAgICBjb25zdCBuZXdLZXlJZCA9IGNyZWF0ZVVzYWdlUGxhbih0aGlzLCBhcGlLZXlJZCwgYXBpS2V5TmFtZSkua2V5SWQ7XHJcblxyXG4gICAgICAgIHRoaXMuYXBpS2V5SWRzLnB1c2gobmV3S2V5SWQpO1xyXG5cclxuICAgICAgICByZXR1cm4gbmV3S2V5SWQ7XHJcbiAgICB9XHJcblxyXG4gICAgY3JlYXRlVXNhZ2VQbGFuVjIoYXBpTmFtZTogc3RyaW5nKTogc3RyaW5nIHtcclxuICAgICAgICBjb25zdCBuZXdLZXlJZCA9IGNyZWF0ZURlZmF1bHRVc2FnZVBsYW4odGhpcywgYXBpTmFtZSkua2V5SWQ7XHJcblxyXG4gICAgICAgIHRoaXMuYXBpS2V5SWRzLnB1c2gobmV3S2V5SWQpO1xyXG5cclxuICAgICAgICByZXR1cm4gbmV3S2V5SWQ7XHJcbiAgICB9XHJcblxyXG4gICAgYWRkSnNvbk1vZGVsKG1vZGVsTmFtZTogc3RyaW5nLCBzY2hlbWE6IEpzb25TY2hlbWEpIHtcclxuICAgICAgICByZXR1cm4gdGhpcy5nZXRNb2RlbFdpdGhSZWZlcmVuY2UodGhpcy5hZGRNb2RlbChtb2RlbE5hbWUsIHtcclxuICAgICAgICAgICAgY29udGVudFR5cGU6IE1lZGlhVHlwZS5BUFBMSUNBVElPTl9KU09OLFxyXG4gICAgICAgICAgICBtb2RlbE5hbWUsXHJcbiAgICAgICAgICAgIHNjaGVtYSxcclxuICAgICAgICB9KSk7XHJcbiAgICB9XHJcblxyXG4gICAgYWRkQ1NWTW9kZWwobW9kZWxOYW1lOiBzdHJpbmcpIHtcclxuICAgICAgICByZXR1cm4gdGhpcy5nZXRNb2RlbFdpdGhSZWZlcmVuY2UodGhpcy5hZGRNb2RlbChtb2RlbE5hbWUsIHtcclxuICAgICAgICAgICAgY29udGVudFR5cGU6IE1lZGlhVHlwZS5URVhUX0NTVixcclxuICAgICAgICAgICAgbW9kZWxOYW1lLFxyXG4gICAgICAgICAgICBzY2hlbWE6IHt9LFxyXG4gICAgICAgIH0pKTtcclxuICAgIH1cclxuXHJcbiAgICBwcml2YXRlIGdldE1vZGVsV2l0aFJlZmVyZW5jZShtb2RlbDogTW9kZWwpOiBNb2RlbFdpdGhSZWZlcmVuY2Uge1xyXG4gICAgICAgIHJldHVybiBSLmFzc29jKCdtb2RlbFJlZmVyZW5jZScsIGdldE1vZGVsUmVmZXJlbmNlKG1vZGVsLm1vZGVsSWQsIHRoaXMucmVzdEFwaUlkKSwgbW9kZWwpIGFzIE1vZGVsV2l0aFJlZmVyZW5jZTtcclxuICAgIH1cclxuXHJcbiAgICBwcml2YXRlIGFkZERvY3VtZW50YXRpb25QYXJ0KFxyXG4gICAgICAgIHJlc291cmNlOiBSZXNvdXJjZSwgcGFyYW1ldGVyTmFtZTogc3RyaW5nLCByZXNvdXJjZU5hbWU6IHN0cmluZywgdHlwZTogc3RyaW5nLCBwcm9wZXJ0aWVzOiBEb2N1bWVudGF0aW9uUHJvcGVydGllcyxcclxuICAgICkge1xyXG4gICAgICAgIGNvbnN0IGxvY2F0aW9uOiBDZm5Eb2N1bWVudGF0aW9uUGFydC5Mb2NhdGlvblByb3BlcnR5ID0ge1xyXG4gICAgICAgICAgICB0eXBlLFxyXG4gICAgICAgICAgICBwYXRoOiByZXNvdXJjZS5wYXRoLFxyXG4gICAgICAgICAgICBuYW1lOiB0eXBlICE9PSAnTUVUSE9EJyA/IHBhcmFtZXRlck5hbWUgOiB1bmRlZmluZWQsXHJcbiAgICAgICAgfTtcclxuXHJcbiAgICAgICAgbmV3IENmbkRvY3VtZW50YXRpb25QYXJ0KHRoaXMuc3RhY2ssIHJlc291cmNlTmFtZSwge1xyXG4gICAgICAgICAgICByZXN0QXBpSWQ6IHJlc291cmNlLmFwaS5yZXN0QXBpSWQsXHJcbiAgICAgICAgICAgIGxvY2F0aW9uLFxyXG4gICAgICAgICAgICBwcm9wZXJ0aWVzOiBKU09OLnN0cmluZ2lmeShwcm9wZXJ0aWVzKSxcclxuICAgICAgICB9KTtcclxuICAgIH1cclxuXHJcbiAgICBkb2N1bWVudFJlc291cmNlKHJlc291cmNlOiBSZXNvdXJjZSwgLi4uZG9jdW1lbnRhdGlvblBhcnQ6IERvY3VtZW50YXRpb25QYXJ0W10pIHtcclxuICAgICAgICBkb2N1bWVudGF0aW9uUGFydC5mb3JFYWNoKGRwID0+IHRoaXMuYWRkRG9jdW1lbnRhdGlvblBhcnQoXHJcbiAgICAgICAgICAgIHJlc291cmNlLCBkcC5wYXJhbWV0ZXJOYW1lLCBgJHtyZXNvdXJjZS5wYXRofS4ke2RwLnBhcmFtZXRlck5hbWV9LkRvY3VtZW50YXRpb25gLCBkcC50eXBlLCBkcC5kb2N1bWVudGF0aW9uUHJvcGVydGllcyxcclxuICAgICAgICApKTtcclxuICAgIH1cclxufVxyXG5cclxuLyoqXHJcbiAqIER1ZSB0byBBV1MgQVBJIGRlc2lnbiBBUEkgR2F0ZXdheSB3aWxsIGFsd2F5cyByZXR1cm4gNDAzICdNaXNzaW5nIEF1dGhlbnRpY2F0aW9uIFRva2VuJyBmb3IgcmVxdWVzdHNcclxuICogd2l0aCBhIG5vbi1leGlzdGVudCBlbmRwb2ludC4gVGhpcyBmdW5jdGlvbiB0cmFuc2xhdGVzIHRoaXMgcmVzcG9uc2UgdG8gYSA0MDQuXHJcbiAqIFJlcXVlc3RzIHdpdGggYW4gaW52YWxpZCBvciBtaXNzaW5nIEFQSSBrZXkgYXJlIG5vdCBhZmZlY3RlZCAoc3RpbGwgcmV0dXJuIDQwMyAnRm9yYmlkZGVuJykuXHJcbiAqIEBwYXJhbSByZXN0QXBpIFJlc3RBcGlcclxuICogQHBhcmFtIHN0YWNrIENvbnN0cnVjdFxyXG4gKi9cclxuZXhwb3J0IGZ1bmN0aW9uIGFkZDQwNFN1cHBvcnQocmVzdEFwaTogUmVzdEFwaSwgc3RhY2s6IENvbnN0cnVjdCkge1xyXG4gICAgbmV3IEdhdGV3YXlSZXNwb25zZShzdGFjaywgYE1pc3NpbmdBdXRoZW50aWNhdGlvblRva2VuUmVzcG9uc2UtJHtyZXN0QXBpLnJlc3RBcGlOYW1lfWAsIHtcclxuICAgICAgICByZXN0QXBpLFxyXG4gICAgICAgIHR5cGU6IFJlc3BvbnNlVHlwZS5NSVNTSU5HX0FVVEhFTlRJQ0FUSU9OX1RPS0VOLFxyXG4gICAgICAgIHN0YXR1c0NvZGU6ICc0MDQnLFxyXG4gICAgICAgIHRlbXBsYXRlczoge1xyXG4gICAgICAgICAgICAnYXBwbGljYXRpb24vanNvbic6ICd7XCJtZXNzYWdlXCI6IFwiTm90IGZvdW5kXCJ9JyxcclxuICAgICAgICB9LFxyXG4gICAgfSk7XHJcbn1cclxuXHJcbmV4cG9ydCBmdW5jdGlvbiBhZGQ0MDFTdXBwb3J0KHJlc3RBcGk6IFJlc3RBcGksIHN0YWNrOiBDb25zdHJ1Y3QpIHtcclxuICAgIG5ldyBHYXRld2F5UmVzcG9uc2Uoc3RhY2ssIGBBdXRoZW50aWNhdGlvbkZhaWxlZFJlc3BvbnNlLSR7cmVzdEFwaS5yZXN0QXBpTmFtZX1gLCB7XHJcbiAgICAgICAgcmVzdEFwaSxcclxuICAgICAgICB0eXBlOiBSZXNwb25zZVR5cGUuVU5BVVRIT1JJWkVELFxyXG4gICAgICAgIHN0YXR1c0NvZGU6IFwiNDAxXCIsXHJcbiAgICAgICAgcmVzcG9uc2VIZWFkZXJzOiB7XHJcbiAgICAgICAgICAgICdXV1ctQXV0aGVudGljYXRlJzogXCInQmFzaWMnXCIsXHJcbiAgICAgICAgfSxcclxuICAgIH0pO1xyXG59XHJcblxyXG4vKipcclxuICogRHVlIHRvIEFXUyBBUEkgZGVzaWduIEFQSSBHYXRld2F5IHdpbGwgYWx3YXlzIHJldHVybiA0MDMgJ01pc3NpbmcgQXV0aGVudGljYXRpb24gVG9rZW4nIGZvciByZXF1ZXN0c1xyXG4gKiB3aXRoIGEgbm9uLWV4aXN0ZW50IGVuZHBvaW50LiBUaGlzIGZ1bmN0aW9uIGNvbnZlcnRzIHRoaXMgcmVzcG9uc2UgdG8gYSBjdXN0b20gb25lLlxyXG4gKiBSZXF1ZXN0cyB3aXRoIGFuIGludmFsaWQgb3IgbWlzc2luZyBBUEkga2V5IGFyZSBub3QgYWZmZWN0ZWQgKHN0aWxsIHJldHVybiA0MDMgJ0ZvcmJpZGRlbicpLlxyXG4gKiBAcGFyYW0gcmV0dXJuQ29kZVxyXG4gKiBAcGFyYW0gbWVzc2FnZVxyXG4gKiBAcGFyYW0gcmVzdEFwaSBSZXN0QXBpXHJcbiAqIEBwYXJhbSBzdGFjayBDb25zdHJ1Y3RcclxuICovXHJcbmV4cG9ydCBmdW5jdGlvbiBzZXRSZXR1cm5Db2RlRm9yTWlzc2luZ0F1dGhlbnRpY2F0aW9uVG9rZW4ocmV0dXJuQ29kZTogbnVtYmVyLFxyXG4gICAgbWVzc2FnZTogc3RyaW5nLFxyXG4gICAgcmVzdEFwaTogUmVzdEFwaSxcclxuICAgIHN0YWNrOiBDb25zdHJ1Y3QpIHtcclxuXHJcbiAgICBuZXcgR2F0ZXdheVJlc3BvbnNlKHN0YWNrLCBgTWlzc2luZ0F1dGhlbnRpY2F0aW9uVG9rZW5SZXNwb25zZS0ke3Jlc3RBcGkucmVzdEFwaU5hbWV9YCwge1xyXG4gICAgICAgIHJlc3RBcGksXHJcbiAgICAgICAgdHlwZTogUmVzcG9uc2VUeXBlLk1JU1NJTkdfQVVUSEVOVElDQVRJT05fVE9LRU4sXHJcbiAgICAgICAgc3RhdHVzQ29kZTogYCR7cmV0dXJuQ29kZX1gLFxyXG4gICAgICAgIHRlbXBsYXRlczoge1xyXG4gICAgICAgICAgICAnYXBwbGljYXRpb24vanNvbic6IGB7XCJtZXNzYWdlXCI6ICR7bWVzc2FnZX19YCxcclxuICAgICAgICB9LFxyXG4gICAgfSk7XHJcbn1cclxuXHJcbmV4cG9ydCBmdW5jdGlvbiBjcmVhdGVSZXN0QXBpKHN0YWNrOiBDb25zdHJ1Y3QsIGFwaUlkOiBzdHJpbmcsIGFwaU5hbWU6IHN0cmluZywgYWxsb3dGcm9tSXBBZGRyZXNzZXM/OiBzdHJpbmdbXSB8IHVuZGVmaW5lZCk6IFJlc3RBcGkge1xyXG4gICAgY29uc3QgcG9saWN5RG9jdW1lbnQgPSBhbGxvd0Zyb21JcEFkZHJlc3NlcyA9PSBudWxsID8gY3JlYXRlRGVmYXVsdFBvbGljeURvY3VtZW50KCkgOiBjcmVhdGVJcFJlc3RyaWN0aW9uUG9saWN5RG9jdW1lbnQoYWxsb3dGcm9tSXBBZGRyZXNzZXMpO1xyXG4gICAgY29uc3QgcmVzdEFwaSA9IG5ldyBSZXN0QXBpKHN0YWNrLCBhcGlJZCwge1xyXG4gICAgICAgIGRlcGxveU9wdGlvbnM6IHtcclxuICAgICAgICAgICAgbG9nZ2luZ0xldmVsOiBNZXRob2RMb2dnaW5nTGV2ZWwuRVJST1IsXHJcbiAgICAgICAgfSxcclxuICAgICAgICByZXN0QXBpTmFtZTogYXBpTmFtZSxcclxuICAgICAgICBlbmRwb2ludFR5cGVzOiBbRW5kcG9pbnRUeXBlLlJFR0lPTkFMXSxcclxuICAgICAgICBwb2xpY3k6IHBvbGljeURvY3VtZW50LFxyXG4gICAgfSk7XHJcbiAgICBhZGQ0MDRTdXBwb3J0KHJlc3RBcGksIHN0YWNrKTtcclxuICAgIHJldHVybiByZXN0QXBpO1xyXG59XHJcblxyXG5leHBvcnQgZnVuY3Rpb24gY3JlYXRlRGVmYXVsdFBvbGljeURvY3VtZW50KCkge1xyXG4gICAgcmV0dXJuIG5ldyBQb2xpY3lEb2N1bWVudCh7XHJcbiAgICAgICAgc3RhdGVtZW50czogW1xyXG4gICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcclxuICAgICAgICAgICAgICAgIGVmZmVjdDogRWZmZWN0LkFMTE9XLFxyXG4gICAgICAgICAgICAgICAgYWN0aW9uczogW1xyXG4gICAgICAgICAgICAgICAgICAgIFwiZXhlY3V0ZS1hcGk6SW52b2tlXCIsXHJcbiAgICAgICAgICAgICAgICBdLFxyXG4gICAgICAgICAgICAgICAgcmVzb3VyY2VzOiBbXHJcbiAgICAgICAgICAgICAgICAgICAgXCIqXCIsXHJcbiAgICAgICAgICAgICAgICBdLFxyXG4gICAgICAgICAgICAgICAgcHJpbmNpcGFsczogW1xyXG4gICAgICAgICAgICAgICAgICAgIG5ldyBBbnlQcmluY2lwYWwoKSxcclxuICAgICAgICAgICAgICAgIF0sXHJcbiAgICAgICAgICAgIH0pLFxyXG4gICAgICAgIF0sXHJcbiAgICB9KTtcclxufVxyXG5cclxuXHJcbmV4cG9ydCBmdW5jdGlvbiBjcmVhdGVJcFJlc3RyaWN0aW9uUG9saWN5RG9jdW1lbnQoYWxsb3dGcm9tSXBBZGRyZXNzZXM6IHN0cmluZ1tdKTogUG9saWN5RG9jdW1lbnQge1xyXG4gICAgcmV0dXJuIG5ldyBQb2xpY3lEb2N1bWVudCh7XHJcbiAgICAgICAgc3RhdGVtZW50czogW1xyXG4gICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcclxuICAgICAgICAgICAgICAgIGVmZmVjdDogRWZmZWN0LkFMTE9XLFxyXG4gICAgICAgICAgICAgICAgY29uZGl0aW9uczoge1xyXG4gICAgICAgICAgICAgICAgICAgIFwiSXBBZGRyZXNzXCI6IHtcclxuICAgICAgICAgICAgICAgICAgICAgICAgXCJhd3M6U291cmNlSXBcIjogYWxsb3dGcm9tSXBBZGRyZXNzZXMsXHJcbiAgICAgICAgICAgICAgICAgICAgfSxcclxuICAgICAgICAgICAgICAgIH0sXHJcbiAgICAgICAgICAgICAgICBhY3Rpb25zOiBbXHJcbiAgICAgICAgICAgICAgICAgICAgXCJleGVjdXRlLWFwaTpJbnZva2VcIixcclxuICAgICAgICAgICAgICAgIF0sXHJcbiAgICAgICAgICAgICAgICByZXNvdXJjZXM6IFtcclxuICAgICAgICAgICAgICAgICAgICBcIipcIixcclxuICAgICAgICAgICAgICAgIF0sXHJcbiAgICAgICAgICAgICAgICBwcmluY2lwYWxzOiBbXHJcbiAgICAgICAgICAgICAgICAgICAgbmV3IEFueVByaW5jaXBhbCgpLFxyXG4gICAgICAgICAgICAgICAgXSxcclxuICAgICAgICAgICAgfSksXHJcbiAgICAgICAgXSxcclxuICAgIH0pO1xyXG59XHJcbiJdfQ==

package/src/aws/infra/stack/stack-checking-aspect.js

@@ -0,0 +1,163 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StackCheckingAspect = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
+const aws_s3_1 = require("aws-cdk-lib/aws-s3");
+const stack_1 = require("./stack");
+const aws_apigateway_1 = require("aws-cdk-lib/aws-apigateway");
+const change_case_1 = require("change-case");
+const aws_sqs_1 = require("aws-cdk-lib/aws-sqs");
+const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+const MAX_CONCURRENCY_LIMIT = 100;
+const NODE_RUNTIME = aws_lambda_1.Runtime.NODEJS_14_X.name;
+var ResourceType;
+(function (ResourceType) {
+    ResourceType["stackName"] = "STACK_NAME";
+    ResourceType["reservedConcurrentConcurrency"] = "RESERVED_CONCURRENT_CONCURRENCY";
+    ResourceType["functionTimeout"] = "FUNCTION_TIMEOUT";
+    ResourceType["functionMemorySize"] = "FUNCTION_MEMORY_SIZE";
+    ResourceType["functionRuntime"] = "FUNCTION_RUNTIME";
+    ResourceType["functionName"] = "FUNCTION_NAME";
+    ResourceType["tagSolution"] = "TAG_SOLUTION";
+    ResourceType["bucketPublicity"] = "BUCKET_PUBLICITY";
+    ResourceType["resourcePath"] = "RESOURCE_PATH";
+    ResourceType["queueEncryption"] = "QUEUE_ENCRYPTION";
+    ResourceType["logGroupRetention"] = "LOG_GROUP_RETENTION";
+})(ResourceType || (ResourceType = {}));
+class StackCheckingAspect {
+    constructor(configuration) {
+        this.configuration = configuration;
+    }
+    static create(stack) {
+        return new StackCheckingAspect(stack.configuration);
+    }
+    visit(node) {
+        //console.info("visiting class " + node.constructor.name);
+        this.checkStack(node);
+        this.checkFunction(node);
+        this.checkTags(node);
+        this.checkBucket(node);
+        this.checkResourceCasing(node);
+        this.checkQueueEncryption(node);
+        this.checkLogGroupRetention(node);
+    }
+    isWhitelisted(key) {
+        return this?.configuration?.whitelistedResources?.some(wl => {
+            return key.matchAll(new RegExp(wl, 'g'));
+        });
+    }
+    addAnnotation(node, key, message, isError = true) {
+        const resourceKey = `${node.node.path}/${key}`;
+        const isWhiteListed = this.isWhitelisted(resourceKey);
+        const annotationMessage = `${resourceKey}:${message}`;
+        // error && whitelisted -> warning
+        // warning && whitelisted -> nothing
+        if (isError && !isWhiteListed) {
+            aws_cdk_lib_1.Annotations.of(node).addError(annotationMessage);
+        }
+        else if ((!isError && !isWhiteListed) || (isError && isWhiteListed)) {
+            aws_cdk_lib_1.Annotations.of(node).addWarning(annotationMessage);
+        }
+    }
+    checkStack(node) {
+        if (node instanceof stack_1.DigitrafficStack) {
+            if ((node.stackName.includes('Test') || node.stackName.includes('Tst')) && node.configuration?.production) {
+                this.addAnnotation(node, ResourceType.stackName, 'Production is set for Test-stack');
+            }
+            if ((node.stackName.includes('Prod') || node.stackName.includes('Prd')) && !node.configuration?.production) {
+                this.addAnnotation(node, ResourceType.stackName, 'Production is not set for Production-stack');
+            }
+        }
+    }
+    checkFunction(node) {
+        if (node instanceof aws_lambda_1.CfnFunction) {
+            if (!node.reservedConcurrentExecutions) {
+                this.addAnnotation(node, ResourceType.reservedConcurrentConcurrency, 'Function must have reservedConcurrentConcurrency');
+            }
+            else if (node.reservedConcurrentExecutions > MAX_CONCURRENCY_LIMIT) {
+                this.addAnnotation(node, ResourceType.reservedConcurrentConcurrency, 'Function reservedConcurrentConcurrency too high!');
+            }
+            if (!node.timeout) {
+                this.addAnnotation(node, ResourceType.functionTimeout, 'Function must have timeout');
+            }
+            if (!node.memorySize) {
+                this.addAnnotation(node, ResourceType.functionMemorySize, 'Function must have memorySize');
+            }
+            if (node.runtime !== NODE_RUNTIME) {
+                this.addAnnotation(node, ResourceType.functionRuntime, 'wrong runtime ' + node.runtime);
+            }
+            if (this.configuration?.shortName && node.functionName && node.functionName.indexOf(this.configuration.shortName) !== 0) {
+                this.addAnnotation(node, ResourceType.functionName, 'Function name does not begin with ' + this.configuration.shortName);
+            }
+        }
+    }
+    checkTags(node) {
+        if (node instanceof aws_cdk_lib_1.Stack) {
+            if (!node.tags.tagValues()[stack_1.SOLUTION_KEY]) {
+                this.addAnnotation(node, ResourceType.tagSolution, 'Solution tag is missing');
+            }
+        }
+    }
+    checkBucket(node) {
+        if (node instanceof aws_s3_1.CfnBucket) {
+            const c = node.publicAccessBlockConfiguration;
+            if (c) {
+                if (!c.blockPublicAcls || !c.blockPublicPolicy || !c.ignorePublicAcls || !c.restrictPublicBuckets) {
+                    this.addAnnotation(node, ResourceType.bucketPublicity, 'Check bucket publicity');
+                }
+            }
+        }
+    }
+    static isValidPath(path) {
+        // if path includes . or { check only the trailing part of path
+        if (path.includes('.')) {
+            return this.isValidPath(path.split('.')[0]);
+        }
+        if (path.includes('{')) {
+            return this.isValidPath(path.split('{')[0]);
+        }
+        return (0, change_case_1.paramCase)(path) === path;
+    }
+    static isValidQueryString(name) {
+        return (0, change_case_1.snakeCase)(name) === name;
+    }
+    checkResourceCasing(node) {
+        if (node instanceof aws_apigateway_1.CfnResource) {
+            if (!StackCheckingAspect.isValidPath(node.pathPart)) {
+                this.addAnnotation(node, ResourceType.resourcePath, 'Path part should be in kebab-case');
+            }
+        }
+        else if (node instanceof aws_apigateway_1.CfnMethod) {
+            const integration = node.integration;
+            if (integration && integration.requestParameters) {
+                Object.keys(integration.requestParameters).forEach(key => {
+                    const split = key.split('.');
+                    const type = split[2];
+                    const name = split[3];
+                    if (type === 'querystring' && !StackCheckingAspect.isValidQueryString(name)) {
+                        this.addAnnotation(node, name, 'Querystring should be in snake_case');
+                    }
+                });
+            }
+        }
+    }
+    checkQueueEncryption(node) {
+        if (node instanceof aws_sqs_1.CfnQueue) {
+            if (!node.kmsMasterKeyId) {
+                this.addAnnotation(node, ResourceType.queueEncryption, 'Queue must have encryption enabled');
+            }
+        }
+    }
+    checkLogGroupRetention(node) {
+        if (node instanceof aws_logs_1.LogRetention) {
+            const child = node.node.defaultChild;
+            const retention = child._cfnProperties.RetentionInDays;
+            if (!retention) {
+                this.addAnnotation(node, ResourceType.logGroupRetention, 'Log group must define log group retention');
+            }
+        }
+    }
+}
+exports.StackCheckingAspect = StackCheckingAspect;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RhY2stY2hlY2tpbmctYXNwZWN0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vc3JjL2F3cy9pbmZyYS9zdGFjay9zdGFjay1jaGVja2luZy1hc3BlY3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQXdEO0FBQ3hELHVEQUE0RDtBQUM1RCwrQ0FBNkM7QUFDN0MsbUNBQTJFO0FBRTNFLCtEQUFrRTtBQUNsRSw2Q0FBaUQ7QUFDakQsaURBQTZDO0FBQzdDLG1EQUFrRDtBQUdsRCxNQUFNLHFCQUFxQixHQUFHLEdBQUcsQ0FBQztBQUNsQyxNQUFNLFlBQVksR0FBRyxvQkFBTyxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUM7QUFFOUMsSUFBSyxZQVlKO0FBWkQsV0FBSyxZQUFZO0lBQ2Isd0NBQXdCLENBQUE7SUFDeEIsaUZBQWlFLENBQUE7SUFDakUsb0RBQW9DLENBQUE7SUFDcEMsMkRBQTJDLENBQUE7SUFDM0Msb0RBQW9DLENBQUE7SUFDcEMsOENBQThCLENBQUE7SUFDOUIsNENBQTRCLENBQUE7SUFDNUIsb0RBQW9DLENBQUE7SUFDcEMsOENBQThCLENBQUE7SUFDOUIsb0RBQW9DLENBQUE7SUFDcEMseURBQXlDLENBQUE7QUFDN0MsQ0FBQyxFQVpJLFlBQVksS0FBWixZQUFZLFFBWWhCO0FBRUQsTUFBYSxtQkFBbUI7SUFHNUIsWUFBWSxhQUFrQztRQUMxQyxJQUFJLENBQUMsYUFBYSxHQUFHLGFBQWEsQ0FBQztJQUN2QyxDQUFDO0lBRUQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUF1QjtRQUNqQyxPQUFPLElBQUksbUJBQW1CLENBQUMsS0FBSyxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQ3hELENBQUM7SUFFTSxLQUFLLENBQUMsSUFBZ0I7UUFDekIsMERBQTBEO1FBRTFELElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdEIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN6QixJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3JCLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdkIsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQy9CLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNoQyxJQUFJLENBQUMsc0JBQXNCLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVPLGFBQWEsQ0FBQyxHQUFXO1FBQzdCLE9BQU8sSUFBSSxFQUFFLGFBQWEsRUFBRSxvQkFBb0IsRUFBRSxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUU7WUFDeEQsT0FBTyxHQUFHLENBQUMsUUFBUSxDQUFDLElBQUksTUFBTSxDQUFDLEVBQUUsRUFBRSxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBQzdDLENBQUMsQ0FBQyxDQUFDO0lBQ1AsQ0FBQztJQUVPLGFBQWEsQ0FBQyxJQUFnQixFQUFFLEdBQTBCLEVBQUUsT0FBZSxFQUFFLE9BQU8sR0FBRyxJQUFJO1FBQy9GLE1BQU0sV0FBVyxHQUFHLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLElBQUksR0FBRyxFQUFFLENBQUM7UUFDL0MsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUN0RCxNQUFNLGlCQUFpQixHQUFHLEdBQUcsV0FBVyxJQUFJLE9BQU8sRUFBRSxDQUFDO1FBRXRELGtDQUFrQztRQUNsQyxvQ0FBb0M7UUFDcEMsSUFBSSxPQUFPLElBQUksQ0FBQyxhQUFhLEVBQUU7WUFDM0IseUJBQVcsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDLENBQUM7U0FDcEQ7YUFBTSxJQUFJLENBQUMsQ0FBQyxPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSxhQUFhLENBQUMsRUFBRTtZQUNuRSx5QkFBVyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxVQUFVLENBQUMsaUJBQWlCLENBQUMsQ0FBQztTQUN0RDtJQUNMLENBQUM7SUFFTyxVQUFVLENBQUMsSUFBZ0I7UUFDL0IsSUFBSSxJQUFJLFlBQVksd0JBQWdCLEVBQUU7WUFDbEMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLElBQUksSUFBSSxDQUFDLGFBQWEsRUFBRSxVQUFVLEVBQUU7Z0JBQ3ZHLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxTQUFTLEVBQUUsa0NBQWtDLENBQUMsQ0FBQzthQUN4RjtZQUVELElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxVQUFVLEVBQUU7Z0JBQ3hHLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxTQUFTLEVBQUUsNENBQTRDLENBQUMsQ0FBQzthQUNsRztTQUNKO0lBQ0wsQ0FBQztJQUVPLGFBQWEsQ0FBQyxJQUFnQjtRQUNsQyxJQUFJLElBQUksWUFBWSx3QkFBVyxFQUFFO1lBQzdCLElBQUksQ0FBQyxJQUFJLENBQUMsNEJBQTRCLEVBQUU7Z0JBQ3BDLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyw2QkFBNkIsRUFBRSxrREFBa0QsQ0FBQyxDQUFDO2FBQzVIO2lCQUFNLElBQUksSUFBSSxDQUFDLDRCQUE0QixHQUFHLHFCQUFxQixFQUFFO2dCQUNsRSxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksRUFBRSxZQUFZLENBQUMsNkJBQTZCLEVBQUUsa0RBQWtELENBQUMsQ0FBQzthQUM1SDtZQUVELElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFO2dCQUNmLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxlQUFlLEVBQUUsNEJBQTRCLENBQUMsQ0FBQzthQUN4RjtZQUVELElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFO2dCQUNsQixJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksRUFBRSxZQUFZLENBQUMsa0JBQWtCLEVBQUUsK0JBQStCLENBQUMsQ0FBQzthQUM5RjtZQUVELElBQUksSUFBSSxDQUFDLE9BQU8sS0FBSyxZQUFZLEVBQUU7Z0JBQy9CLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxlQUFlLEVBQUMsZ0JBQWdCLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2FBQzFGO1lBRUQsSUFBSSxJQUFJLENBQUMsYUFBYSxFQUFFLFNBQVMsSUFBSSxJQUFJLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQyxZQUFZLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxFQUFFO2dCQUNySCxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksRUFBRSxZQUFZLENBQUMsWUFBWSxFQUFFLG9DQUFvQyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsU0FBUyxDQUFDLENBQUM7YUFDNUg7U0FDSjtJQUNMLENBQUM7SUFFTyxTQUFTLENBQUMsSUFBZ0I7UUFDOUIsSUFBSSxJQUFJLFlBQVksbUJBQUssRUFBRTtZQUN2QixJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxvQkFBWSxDQUFDLEVBQUU7Z0JBQ3RDLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxXQUFXLEVBQUUseUJBQXlCLENBQUMsQ0FBQzthQUNqRjtTQUNKO0lBQ0wsQ0FBQztJQUVPLFdBQVcsQ0FBQyxJQUFnQjtRQUNoQyxJQUFJLElBQUksWUFBWSxrQkFBUyxFQUFFO1lBQzNCLE1BQU0sQ0FBQyxHQUFHLElBQUksQ0FBQyw4QkFBa0YsQ0FBQztZQUVsRyxJQUFJLENBQUMsRUFBRTtnQkFDSCxJQUFJLENBQUMsQ0FBQyxDQUFDLGVBQWUsSUFBSSxDQUFDLENBQUMsQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUMsQ0FBQyxnQkFBZ0IsSUFBSSxDQUFDLENBQUMsQ0FBQyxxQkFBcUIsRUFBRTtvQkFDL0YsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLEVBQUUsWUFBWSxDQUFDLGVBQWUsRUFBRSx3QkFBd0IsQ0FBQyxDQUFDO2lCQUNwRjthQUNKO1NBQ0o7SUFDTCxDQUFDO0lBRU8sTUFBTSxDQUFDLFdBQVcsQ0FBQyxJQUFZO1FBQ25DLCtEQUErRDtRQUMvRCxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDcEIsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUMvQztRQUVELElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRTtZQUNwQixPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQy9DO1FBRUQsT0FBTyxJQUFBLHVCQUFTLEVBQUMsSUFBSSxDQUFDLEtBQUssSUFBSSxDQUFDO0lBQ3BDLENBQUM7SUFFTyxNQUFNLENBQUMsa0JBQWtCLENBQUMsSUFBWTtRQUMxQyxPQUFPLElBQUEsdUJBQVMsRUFBQyxJQUFJLENBQUMsS0FBSyxJQUFJLENBQUM7SUFDcEMsQ0FBQztJQUVPLG1CQUFtQixDQUFDLElBQWdCO1FBQ3hDLElBQUksSUFBSSxZQUFZLDRCQUFXLEVBQUU7WUFDN0IsSUFBSSxDQUFDLG1CQUFtQixDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUU7Z0JBQ2pELElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxZQUFZLEVBQUUsbUNBQW1DLENBQUMsQ0FBQzthQUM1RjtTQUNKO2FBQU0sSUFBSSxJQUFJLFlBQVksMEJBQVMsRUFBRTtZQUNsQyxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsV0FBa0MsQ0FBQztZQUU1RCxJQUFJLFdBQVcsSUFBSSxXQUFXLENBQUMsaUJBQWlCLEVBQUU7Z0JBQzlDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLGlCQUFpQixDQUFDLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxFQUFFO29CQUNyRCxNQUFNLEtBQUssR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO29CQUM3QixNQUFNLElBQUksR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7b0JBQ3RCLE1BQU0sSUFBSSxHQUFHLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztvQkFFdEIsSUFBSSxJQUFJLEtBQUssYUFBYSxJQUFJLENBQUMsbUJBQW1CLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLEVBQUU7d0JBQ3pFLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRSxxQ0FBcUMsQ0FBQyxDQUFDO3FCQUN6RTtnQkFDTCxDQUFDLENBQUMsQ0FBQzthQUNOO1NBQ0o7SUFDTCxDQUFDO0lBRU8sb0JBQW9CLENBQUMsSUFBZ0I7UUFDekMsSUFBSSxJQUFJLFlBQVksa0JBQVEsRUFBRTtZQUMxQixJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsRUFBRTtnQkFDdEIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLEVBQUUsWUFBWSxDQUFDLGVBQWUsRUFBRSxvQ0FBb0MsQ0FBQyxDQUFDO2FBQ2hHO1NBQ0o7SUFDTCxDQUFDO0lBRU8sc0JBQXNCLENBQUMsSUFBZ0I7UUFDM0MsSUFBSSxJQUFJLFlBQVksdUJBQVksRUFBRTtZQUM5QixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQWlFLENBQUM7WUFDMUYsTUFBTSxTQUFTLEdBQUcsS0FBSyxDQUFDLGNBQWMsQ0FBQyxlQUFlLENBQUM7WUFFdkQsSUFBSSxDQUFDLFNBQVMsRUFBRTtnQkFDWixJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksRUFBRSxZQUFZLENBQUMsaUJBQWlCLEVBQUUsMkNBQTJDLENBQUMsQ0FBQzthQUN6RztTQUNKO0lBQ0wsQ0FBQztDQUNKO0FBOUpELGtEQThKQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7QW5ub3RhdGlvbnMsIElBc3BlY3QsIFN0YWNrfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7Q2ZuRnVuY3Rpb24sIFJ1bnRpbWV9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1sYW1iZGEnO1xuaW1wb3J0IHtDZm5CdWNrZXR9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcbmltcG9ydCB7RGlnaXRyYWZmaWNTdGFjaywgU09MVVRJT05fS0VZLCBTdGFja0NvbmZpZ3VyYXRpb259IGZyb20gXCIuL3N0YWNrXCI7XG5pbXBvcnQge0lDb25zdHJ1Y3R9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQge0Nmbk1ldGhvZCwgQ2ZuUmVzb3VyY2V9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtYXBpZ2F0ZXdheVwiO1xuaW1wb3J0IHtwYXJhbUNhc2UsIHNuYWtlQ2FzZX0gZnJvbSBcImNoYW5nZS1jYXNlXCI7XG5pbXBvcnQge0NmblF1ZXVlfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNxc1wiO1xuaW1wb3J0IHtMb2dSZXRlbnRpb259IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtbG9nc1wiO1xuaW1wb3J0IEludGVncmF0aW9uUHJvcGVydHkgPSBDZm5NZXRob2QuSW50ZWdyYXRpb25Qcm9wZXJ0eTtcblxuY29uc3QgTUFYX0NPTkNVUlJFTkNZX0xJTUlUID0gMTAwO1xuY29uc3QgTk9ERV9SVU5USU1FID0gUnVudGltZS5OT0RFSlNfMTRfWC5uYW1lO1xuXG5lbnVtIFJlc291cmNlVHlwZSB7XG4gICAgc3RhY2tOYW1lID0gXCJTVEFDS19OQU1FXCIsXG4gICAgcmVzZXJ2ZWRDb25jdXJyZW50Q29uY3VycmVuY3kgPSBcIlJFU0VSVkVEX0NPTkNVUlJFTlRfQ09OQ1VSUkVOQ1lcIixcbiAgICBmdW5jdGlvblRpbWVvdXQgPSBcIkZVTkNUSU9OX1RJTUVPVVRcIixcbiAgICBmdW5jdGlvbk1lbW9yeVNpemUgPSBcIkZVTkNUSU9OX01FTU9SWV9TSVpFXCIsXG4gICAgZnVuY3Rpb25SdW50aW1lID0gXCJGVU5DVElPTl9SVU5USU1FXCIsXG4gICAgZnVuY3Rpb25OYW1lID0gXCJGVU5DVElPTl9OQU1FXCIsXG4gICAgdGFnU29sdXRpb24gPSBcIlRBR19TT0xVVElPTlwiLFxuICAgIGJ1Y2tldFB1YmxpY2l0eSA9IFwiQlVDS0VUX1BVQkxJQ0lUWVwiLFxuICAgIHJlc291cmNlUGF0aCA9IFwiUkVTT1VSQ0VfUEFUSFwiLFxuICAgIHF1ZXVlRW5jcnlwdGlvbiA9IFwiUVVFVUVfRU5DUllQVElPTlwiLFxuICAgIGxvZ0dyb3VwUmV0ZW50aW9uID0gXCJMT0dfR1JPVVBfUkVURU5USU9OXCIsXG59XG5cbmV4cG9ydCBjbGFzcyBTdGFja0NoZWNraW5nQXNwZWN0IGltcGxlbWVudHMgSUFzcGVjdCB7XG4gICAgcHJpdmF0ZSByZWFkb25seSBjb25maWd1cmF0aW9uPzogU3RhY2tDb25maWd1cmF0aW9uO1xuXG4gICAgY29uc3RydWN0b3IoY29uZmlndXJhdGlvbj86IFN0YWNrQ29uZmlndXJhdGlvbikge1xuICAgICAgICB0aGlzLmNvbmZpZ3VyYXRpb24gPSBjb25maWd1cmF0aW9uO1xuICAgIH1cblxuICAgIHN0YXRpYyBjcmVhdGUoc3RhY2s6IERpZ2l0cmFmZmljU3RhY2spIHtcbiAgICAgICAgcmV0dXJuIG5ldyBTdGFja0NoZWNraW5nQXNwZWN0KHN0YWNrLmNvbmZpZ3VyYXRpb24pO1xuICAgIH1cblxuICAgIHB1YmxpYyB2aXNpdChub2RlOiBJQ29uc3RydWN0KTogdm9pZCB7XG4gICAgICAgIC8vY29uc29sZS5pbmZvKFwidmlzaXRpbmcgY2xhc3MgXCIgKyBub2RlLmNvbnN0cnVjdG9yLm5hbWUpO1xuXG4gICAgICAgIHRoaXMuY2hlY2tTdGFjayhub2RlKTtcbiAgICAgICAgdGhpcy5jaGVja0Z1bmN0aW9uKG5vZGUpO1xuICAgICAgICB0aGlzLmNoZWNrVGFncyhub2RlKTtcbiAgICAgICAgdGhpcy5jaGVja0J1Y2tldChub2RlKTtcbiAgICAgICAgdGhpcy5jaGVja1Jlc291cmNlQ2FzaW5nKG5vZGUpO1xuICAgICAgICB0aGlzLmNoZWNrUXVldWVFbmNyeXB0aW9uKG5vZGUpO1xuICAgICAgICB0aGlzLmNoZWNrTG9nR3JvdXBSZXRlbnRpb24obm9kZSk7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBpc1doaXRlbGlzdGVkKGtleTogc3RyaW5nKSB7XG4gICAgICAgIHJldHVybiB0aGlzPy5jb25maWd1cmF0aW9uPy53aGl0ZWxpc3RlZFJlc291cmNlcz8uc29tZSh3bCA9PiB7XG4gICAgICAgICAgICByZXR1cm4ga2V5Lm1hdGNoQWxsKG5ldyBSZWdFeHAod2wsICdnJykpO1xuICAgICAgICB9KTtcbiAgICB9XG5cbiAgICBwcml2YXRlIGFkZEFubm90YXRpb24obm9kZTogSUNvbnN0cnVjdCwga2V5OiBSZXNvdXJjZVR5cGUgfCBzdHJpbmcsIG1lc3NhZ2U6IHN0cmluZywgaXNFcnJvciA9IHRydWUpIHtcbiAgICAgICAgY29uc3QgcmVzb3VyY2VLZXkgPSBgJHtub2RlLm5vZGUucGF0aH0vJHtrZXl9YDtcbiAgICAgICAgY29uc3QgaXNXaGl0ZUxpc3RlZCA9IHRoaXMuaXNXaGl0ZWxpc3RlZChyZXNvdXJjZUtleSk7XG4gICAgICAgIGNvbnN0IGFubm90YXRpb25NZXNzYWdlID0gYCR7cmVzb3VyY2VLZXl9OiR7bWVzc2FnZX1gO1xuXG4gICAgICAgIC8vIGVycm9yICYmIHdoaXRlbGlzdGVkIC0+IHdhcm5pbmdcbiAgICAgICAgLy8gd2FybmluZyAmJiB3aGl0ZWxpc3RlZCAtPiBub3RoaW5nXG4gICAgICAgIGlmIChpc0Vycm9yICYmICFpc1doaXRlTGlzdGVkKSB7XG4gICAgICAgICAgICBBbm5vdGF0aW9ucy5vZihub2RlKS5hZGRFcnJvcihhbm5vdGF0aW9uTWVzc2FnZSk7XG4gICAgICAgIH0gZWxzZSBpZiAoKCFpc0Vycm9yICYmICFpc1doaXRlTGlzdGVkKSB8fCAoaXNFcnJvciAmJiBpc1doaXRlTGlzdGVkKSkge1xuICAgICAgICAgICAgQW5ub3RhdGlvbnMub2Yobm9kZSkuYWRkV2FybmluZyhhbm5vdGF0aW9uTWVzc2FnZSk7XG4gICAgICAgIH1cbiAgICB9XG5cbiAgICBwcml2YXRlIGNoZWNrU3RhY2sobm9kZTogSUNvbnN0cnVjdCkge1xuICAgICAgICBpZiAobm9kZSBpbnN0YW5jZW9mIERpZ2l0cmFmZmljU3RhY2spIHtcbiAgICAgICAgICAgIGlmICgobm9kZS5zdGFja05hbWUuaW5jbHVkZXMoJ1Rlc3QnKSB8fCBub2RlLnN0YWNrTmFtZS5pbmNsdWRlcygnVHN0JykpICYmIG5vZGUuY29uZmlndXJhdGlvbj8ucHJvZHVjdGlvbikge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUuc3RhY2tOYW1lLCAnUHJvZHVjdGlvbiBpcyBzZXQgZm9yIFRlc3Qtc3RhY2snKTtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgaWYgKChub2RlLnN0YWNrTmFtZS5pbmNsdWRlcygnUHJvZCcpIHx8IG5vZGUuc3RhY2tOYW1lLmluY2x1ZGVzKCdQcmQnKSkgJiYgIW5vZGUuY29uZmlndXJhdGlvbj8ucHJvZHVjdGlvbikge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUuc3RhY2tOYW1lLCAnUHJvZHVjdGlvbiBpcyBub3Qgc2V0IGZvciBQcm9kdWN0aW9uLXN0YWNrJyk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICB9XG5cbiAgICBwcml2YXRlIGNoZWNrRnVuY3Rpb24obm9kZTogSUNvbnN0cnVjdCkge1xuICAgICAgICBpZiAobm9kZSBpbnN0YW5jZW9mIENmbkZ1bmN0aW9uKSB7XG4gICAgICAgICAgICBpZiAoIW5vZGUucmVzZXJ2ZWRDb25jdXJyZW50RXhlY3V0aW9ucykge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUucmVzZXJ2ZWRDb25jdXJyZW50Q29uY3VycmVuY3ksICdGdW5jdGlvbiBtdXN0IGhhdmUgcmVzZXJ2ZWRDb25jdXJyZW50Q29uY3VycmVuY3knKTtcbiAgICAgICAgICAgIH0gZWxzZSBpZiAobm9kZS5yZXNlcnZlZENvbmN1cnJlbnRFeGVjdXRpb25zID4gTUFYX0NPTkNVUlJFTkNZX0xJTUlUKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5hZGRBbm5vdGF0aW9uKG5vZGUsIFJlc291cmNlVHlwZS5yZXNlcnZlZENvbmN1cnJlbnRDb25jdXJyZW5jeSwgJ0Z1bmN0aW9uIHJlc2VydmVkQ29uY3VycmVudENvbmN1cnJlbmN5IHRvbyBoaWdoIScpO1xuICAgICAgICAgICAgfVxuXG4gICAgICAgICAgICBpZiAoIW5vZGUudGltZW91dCkge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUuZnVuY3Rpb25UaW1lb3V0LCAnRnVuY3Rpb24gbXVzdCBoYXZlIHRpbWVvdXQnKTtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgaWYgKCFub2RlLm1lbW9yeVNpemUpIHtcbiAgICAgICAgICAgICAgICB0aGlzLmFkZEFubm90YXRpb24obm9kZSwgUmVzb3VyY2VUeXBlLmZ1bmN0aW9uTWVtb3J5U2l6ZSwgJ0Z1bmN0aW9uIG11c3QgaGF2ZSBtZW1vcnlTaXplJyk7XG4gICAgICAgICAgICB9XG5cbiAgICAgICAgICAgIGlmIChub2RlLnJ1bnRpbWUgIT09IE5PREVfUlVOVElNRSkge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUuZnVuY3Rpb25SdW50aW1lLCd3cm9uZyBydW50aW1lICcgKyBub2RlLnJ1bnRpbWUpO1xuICAgICAgICAgICAgfVxuXG4gICAgICAgICAgICBpZiAodGhpcy5jb25maWd1cmF0aW9uPy5zaG9ydE5hbWUgJiYgbm9kZS5mdW5jdGlvbk5hbWUgJiYgbm9kZS5mdW5jdGlvbk5hbWUuaW5kZXhPZih0aGlzLmNvbmZpZ3VyYXRpb24uc2hvcnROYW1lKSAhPT0gMCkge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUuZnVuY3Rpb25OYW1lLCAnRnVuY3Rpb24gbmFtZSBkb2VzIG5vdCBiZWdpbiB3aXRoICcgKyB0aGlzLmNvbmZpZ3VyYXRpb24uc2hvcnROYW1lKTtcbiAgICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgIH1cblxuICAgIHByaXZhdGUgY2hlY2tUYWdzKG5vZGU6IElDb25zdHJ1Y3QpIHtcbiAgICAgICAgaWYgKG5vZGUgaW5zdGFuY2VvZiBTdGFjaykge1xuICAgICAgICAgICAgaWYgKCFub2RlLnRhZ3MudGFnVmFsdWVzKClbU09MVVRJT05fS0VZXSkge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUudGFnU29sdXRpb24sICdTb2x1dGlvbiB0YWcgaXMgbWlzc2luZycpO1xuICAgICAgICAgICAgfVxuICAgICAgICB9XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBjaGVja0J1Y2tldChub2RlOiBJQ29uc3RydWN0KSB7XG4gICAgICAgIGlmIChub2RlIGluc3RhbmNlb2YgQ2ZuQnVja2V0KSB7XG4gICAgICAgICAgICBjb25zdCBjID0gbm9kZS5wdWJsaWNBY2Nlc3NCbG9ja0NvbmZpZ3VyYXRpb24gYXMgQ2ZuQnVja2V0LlB1YmxpY0FjY2Vzc0Jsb2NrQ29uZmlndXJhdGlvblByb3BlcnR5O1xuXG4gICAgICAgICAgICBpZiAoYykge1xuICAgICAgICAgICAgICAgIGlmICghYy5ibG9ja1B1YmxpY0FjbHMgfHwgIWMuYmxvY2tQdWJsaWNQb2xpY3kgfHwgIWMuaWdub3JlUHVibGljQWNscyB8fCAhYy5yZXN0cmljdFB1YmxpY0J1Y2tldHMpIHtcbiAgICAgICAgICAgICAgICAgICAgdGhpcy5hZGRBbm5vdGF0aW9uKG5vZGUsIFJlc291cmNlVHlwZS5idWNrZXRQdWJsaWNpdHksICdDaGVjayBidWNrZXQgcHVibGljaXR5Jyk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfVxuICAgICAgICB9XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBzdGF0aWMgaXNWYWxpZFBhdGgocGF0aDogc3RyaW5nKTogYm9vbGVhbiB7XG4gICAgICAgIC8vIGlmIHBhdGggaW5jbHVkZXMgLiBvciB7IGNoZWNrIG9ubHkgdGhlIHRyYWlsaW5nIHBhcnQgb2YgcGF0aFxuICAgICAgICBpZiAocGF0aC5pbmNsdWRlcygnLicpKSB7XG4gICAgICAgICAgICByZXR1cm4gdGhpcy5pc1ZhbGlkUGF0aChwYXRoLnNwbGl0KCcuJylbMF0pO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKHBhdGguaW5jbHVkZXMoJ3snKSkge1xuICAgICAgICAgICAgcmV0dXJuIHRoaXMuaXNWYWxpZFBhdGgocGF0aC5zcGxpdCgneycpWzBdKTtcbiAgICAgICAgfVxuXG4gICAgICAgIHJldHVybiBwYXJhbUNhc2UocGF0aCkgPT09IHBhdGg7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBzdGF0aWMgaXNWYWxpZFF1ZXJ5U3RyaW5nKG5hbWU6IHN0cmluZykge1xuICAgICAgICByZXR1cm4gc25ha2VDYXNlKG5hbWUpID09PSBuYW1lO1xuICAgIH1cblxuICAgIHByaXZhdGUgY2hlY2tSZXNvdXJjZUNhc2luZyhub2RlOiBJQ29uc3RydWN0KSB7XG4gICAgICAgIGlmIChub2RlIGluc3RhbmNlb2YgQ2ZuUmVzb3VyY2UpIHtcbiAgICAgICAgICAgIGlmICghU3RhY2tDaGVja2luZ0FzcGVjdC5pc1ZhbGlkUGF0aChub2RlLnBhdGhQYXJ0KSkge1xuICAgICAgICAgICAgICAgIHRoaXMuYWRkQW5ub3RhdGlvbihub2RlLCBSZXNvdXJjZVR5cGUucmVzb3VyY2VQYXRoLCAnUGF0aCBwYXJ0IHNob3VsZCBiZSBpbiBrZWJhYi1jYXNlJyk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH0gZWxzZSBpZiAobm9kZSBpbnN0YW5jZW9mIENmbk1ldGhvZCkge1xuICAgICAgICAgICAgY29uc3QgaW50ZWdyYXRpb24gPSBub2RlLmludGVncmF0aW9uIGFzIEludGVncmF0aW9uUHJvcGVydHk7XG5cbiAgICAgICAgICAgIGlmIChpbnRlZ3JhdGlvbiAmJiBpbnRlZ3JhdGlvbi5yZXF1ZXN0UGFyYW1ldGVycykge1xuICAgICAgICAgICAgICAgIE9iamVjdC5rZXlzKGludGVncmF0aW9uLnJlcXVlc3RQYXJhbWV0ZXJzKS5mb3JFYWNoKGtleSA9PiB7XG4gICAgICAgICAgICAgICAgICAgIGNvbnN0IHNwbGl0ID0ga2V5LnNwbGl0KCcuJyk7XG4gICAgICAgICAgICAgICAgICAgIGNvbnN0IHR5cGUgPSBzcGxpdFsyXTtcbiAgICAgICAgICAgICAgICAgICAgY29uc3QgbmFtZSA9IHNwbGl0WzNdO1xuXG4gICAgICAgICAgICAgICAgICAgIGlmICh0eXBlID09PSAncXVlcnlzdHJpbmcnICYmICFTdGFja0NoZWNraW5nQXNwZWN0LmlzVmFsaWRRdWVyeVN0cmluZyhuYW1lKSkge1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5hZGRBbm5vdGF0aW9uKG5vZGUsIG5hbWUsICdRdWVyeXN0cmluZyBzaG91bGQgYmUgaW4gc25ha2VfY2FzZScpO1xuICAgICAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICB9XG5cbiAgICBwcml2YXRlIGNoZWNrUXVldWVFbmNyeXB0aW9uKG5vZGU6IElDb25zdHJ1Y3QpIHtcbiAgICAgICAgaWYgKG5vZGUgaW5zdGFuY2VvZiBDZm5RdWV1ZSkge1xuICAgICAgICAgICAgaWYgKCFub2RlLmttc01hc3RlcktleUlkKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5hZGRBbm5vdGF0aW9uKG5vZGUsIFJlc291cmNlVHlwZS5xdWV1ZUVuY3J5cHRpb24sICdRdWV1ZSBtdXN0IGhhdmUgZW5jcnlwdGlvbiBlbmFibGVkJyk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICB9XG5cbiAgICBwcml2YXRlIGNoZWNrTG9nR3JvdXBSZXRlbnRpb24obm9kZTogSUNvbnN0cnVjdCkge1xuICAgICAgICBpZiAobm9kZSBpbnN0YW5jZW9mIExvZ1JldGVudGlvbikge1xuICAgICAgICAgICAgY29uc3QgY2hpbGQgPSBub2RlLm5vZGUuZGVmYXVsdENoaWxkIGFzIHVua25vd24gYXMgUmVjb3JkPHN0cmluZywgUmVjb3JkPHN0cmluZywgc3RyaW5nPj47XG4gICAgICAgICAgICBjb25zdCByZXRlbnRpb24gPSBjaGlsZC5fY2ZuUHJvcGVydGllcy5SZXRlbnRpb25JbkRheXM7XG5cbiAgICAgICAgICAgIGlmICghcmV0ZW50aW9uKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5hZGRBbm5vdGF0aW9uKG5vZGUsIFJlc291cmNlVHlwZS5sb2dHcm91cFJldGVudGlvbiwgJ0xvZyBncm91cCBtdXN0IGRlZmluZSBsb2cgZ3JvdXAgcmV0ZW50aW9uJyk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICB9XG59XG4iXX0=

package/src/aws/infra/stack/stack.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DigitrafficStack = exports.SSM_KEY_ALARM_TOPIC = exports.SSM_KEY_WARNING_TOPIC = exports.SOLUTION_KEY = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
+const aws_sns_1 = require("aws-cdk-lib/aws-sns");
+const aws_ssm_1 = require("aws-cdk-lib/aws-ssm");
+const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
+const stack_checking_aspect_1 = require("./stack-checking-aspect");
+const SSM_ROOT = '/digitraffic';
+exports.SOLUTION_KEY = 'Solution';
+const MONITORING_ROOT = '/monitoring';
+exports.SSM_KEY_WARNING_TOPIC = `${SSM_ROOT}${MONITORING_ROOT}/warning-topic`;
+exports.SSM_KEY_ALARM_TOPIC = `${SSM_ROOT}${MONITORING_ROOT}/alarm-topic`;
+class DigitrafficStack extends aws_cdk_lib_1.Stack {
+    constructor(scope, id, configuration) {
+        super(scope, id, configuration.stackProps);
+        this.configuration = configuration;
+        if (configuration.secretId) {
+            this.secret = aws_secretsmanager_1.Secret.fromSecretNameV2(this, 'Secret', configuration.secretId);
+        }
+        // VPC reference construction requires vpcId and availability zones
+        // private subnets are used in Lambda configuration
+        if (configuration.vpcId) {
+            this.vpc = aws_ec2_1.Vpc.fromVpcAttributes(this, 'vpc', {
+                vpcId: configuration.vpcId,
+                privateSubnetIds: configuration.privateSubnetIds,
+                availabilityZones: configuration.availabilityZones,
+            });
+        }
+        // security group that allows Lambda database access
+        if (configuration.lambdaDbSgId) {
+            this.lambdaDbSg = aws_ec2_1.SecurityGroup.fromSecurityGroupId(this, 'LambdaDbSG', configuration.lambdaDbSgId);
+        }
+        this.alarmTopic = aws_sns_1.Topic.fromTopicArn(this, 'AlarmTopic', aws_ssm_1.StringParameter.fromStringParameterName(this, 'AlarmTopicParam', exports.SSM_KEY_ALARM_TOPIC).stringValue);
+        this.warningTopic = aws_sns_1.Topic.fromTopicArn(this, 'WarningTopic', aws_ssm_1.StringParameter.fromStringParameterName(this, 'WarningTopicParam', exports.SSM_KEY_WARNING_TOPIC).stringValue);
+        this.addAspects();
+    }
+    addAspects() {
+        aws_cdk_lib_1.Aspects.of(this).add(stack_checking_aspect_1.StackCheckingAspect.create(this));
+    }
+    createLambdaEnvironment() {
+        return this.createDefaultLambdaEnvironment(this.configuration.shortName);
+    }
+    createDefaultLambdaEnvironment(dbApplication) {
+        return this.configuration.secretId ? {
+            SECRET_ID: this.configuration.secretId,
+            DB_APPLICATION: dbApplication,
+        } : {
+            DB_APPLICATION: dbApplication,
+        };
+    }
+    grantSecret(...lambdas) {
+        lambdas.forEach((l) => this.secret.grantRead(l));
+    }
+}
+exports.DigitrafficStack = DigitrafficStack;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RhY2suanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9zcmMvYXdzL2luZnJhL3N0YWNrL3N0YWNrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUF1RDtBQUN2RCxpREFBNkQ7QUFFN0QsaURBQWtEO0FBQ2xELGlEQUFvRDtBQUNwRCx1RUFBK0Q7QUFHL0QsbUVBQTREO0FBSzVELE1BQU0sUUFBUSxHQUFHLGNBQWMsQ0FBQztBQUNuQixRQUFBLFlBQVksR0FBRyxVQUFVLENBQUM7QUFDdkMsTUFBTSxlQUFlLEdBQUcsYUFBYSxDQUFDO0FBRXpCLFFBQUEscUJBQXFCLEdBQUcsR0FBRyxRQUFRLEdBQUcsZUFBZSxnQkFBZ0IsQ0FBQztBQUN0RSxRQUFBLG1CQUFtQixHQUFHLEdBQUcsUUFBUSxHQUFHLGVBQWUsY0FBYyxDQUFDO0FBc0IvRSxNQUFhLGdCQUFpQixTQUFRLG1CQUFLO0lBU3ZDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsYUFBaUM7UUFDdkUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsYUFBYSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRTNDLElBQUksQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDO1FBRW5DLElBQUksYUFBYSxDQUFDLFFBQVEsRUFBRTtZQUN4QixJQUFJLENBQUMsTUFBTSxHQUFHLDJCQUFNLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7U0FDakY7UUFFRCxtRUFBbUU7UUFDbkUsbURBQW1EO1FBQ25ELElBQUksYUFBYSxDQUFDLEtBQUssRUFBRTtZQUNyQixJQUFJLENBQUMsR0FBRyxHQUFHLGFBQUcsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsS0FBSyxFQUFFO2dCQUMxQyxLQUFLLEVBQUUsYUFBYSxDQUFDLEtBQUs7Z0JBQzFCLGdCQUFnQixFQUFFLGFBQWEsQ0FBQyxnQkFBZ0I7Z0JBQ2hELGlCQUFpQixFQUFFLGFBQWEsQ0FBQyxpQkFBNkI7YUFDakUsQ0FBQyxDQUFDO1NBQ047UUFFRCxvREFBb0Q7UUFDcEQsSUFBSSxhQUFhLENBQUMsWUFBWSxFQUFFO1lBQzVCLElBQUksQ0FBQyxVQUFVLEdBQUcsdUJBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsWUFBWSxFQUFFLGFBQWEsQ0FBQyxZQUFZLENBQUMsQ0FBQztTQUN2RztRQUVELElBQUksQ0FBQyxVQUFVLEdBQUcsZUFBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQ3JDLFlBQVksRUFDWix5QkFBZSxDQUFDLHVCQUF1QixDQUFDLElBQUksRUFBRSxpQkFBaUIsRUFBRSwyQkFBbUIsQ0FBQyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ3ZHLElBQUksQ0FBQyxZQUFZLEdBQUcsZUFBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsY0FBYyxFQUN2RCx5QkFBZSxDQUFDLHVCQUF1QixDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRSw2QkFBcUIsQ0FBQyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRTNHLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztJQUN0QixDQUFDO0lBRUQsVUFBVTtRQUNOLHFCQUFPLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsQ0FBQywyQ0FBbUIsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUMzRCxDQUFDO0lBRUQsdUJBQXVCO1FBQ25CLE9BQU8sSUFBSSxDQUFDLDhCQUE4QixDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsU0FBbUIsQ0FBQyxDQUFDO0lBQ3ZGLENBQUM7SUFFRCw4QkFBOEIsQ0FBQyxhQUFxQjtRQUNoRCxPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQztZQUNqQyxTQUFTLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRO1lBQ3RDLGNBQWMsRUFBRSxhQUFhO1NBQ2hDLENBQUMsQ0FBQyxDQUFDO1lBQ0EsY0FBYyxFQUFFLGFBQWE7U0FDaEMsQ0FBQztJQUNOLENBQUM7SUFFRCxXQUFXLENBQUMsR0FBRyxPQUFtQjtRQUM5QixPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBVyxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQy9ELENBQUM7Q0FDSjtBQTlERCw0Q0E4REMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge0FzcGVjdHMsIFN0YWNrLCBTdGFja1Byb3BzfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7SVZwYywgU2VjdXJpdHlHcm91cCwgVnBjfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiO1xuaW1wb3J0IHtJU2VjdXJpdHlHcm91cH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzIvbGliL3NlY3VyaXR5LWdyb3VwXCI7XG5pbXBvcnQge0lUb3BpYywgVG9waWN9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc25zXCI7XG5pbXBvcnQge1N0cmluZ1BhcmFtZXRlcn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zc21cIjtcbmltcG9ydCB7SVNlY3JldCwgU2VjcmV0fSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCI7XG5pbXBvcnQge0Z1bmN0aW9ufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxhbWJkYVwiO1xuXG5pbXBvcnQge1N0YWNrQ2hlY2tpbmdBc3BlY3R9IGZyb20gXCIuL3N0YWNrLWNoZWNraW5nLWFzcGVjdFwiO1xuaW1wb3J0IHtDb25zdHJ1Y3R9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQge1RyYWZmaWNUeXBlfSBmcm9tIFwiLi4vLi4vLi4vdHlwZXMvdHJhZmZpY3R5cGVcIjtcbmltcG9ydCB7REJMYW1iZGFFbnZpcm9ubWVudH0gZnJvbSBcIi4vbGFtYmRhLWNvbmZpZ3NcIjtcblxuY29uc3QgU1NNX1JPT1QgPSAnL2RpZ2l0cmFmZmljJztcbmV4cG9ydCBjb25zdCBTT0xVVElPTl9LRVkgPSAnU29sdXRpb24nO1xuY29uc3QgTU9OSVRPUklOR19ST09UID0gJy9tb25pdG9yaW5nJztcblxuZXhwb3J0IGNvbnN0IFNTTV9LRVlfV0FSTklOR19UT1BJQyA9IGAke1NTTV9ST09UfSR7TU9OSVRPUklOR19ST09UfS93YXJuaW5nLXRvcGljYDtcbmV4cG9ydCBjb25zdCBTU01fS0VZX0FMQVJNX1RPUElDID0gYCR7U1NNX1JPT1R9JHtNT05JVE9SSU5HX1JPT1R9L2FsYXJtLXRvcGljYDtcblxuZXhwb3J0IHR5cGUgU3RhY2tDb25maWd1cmF0aW9uID0ge1xuICAgIHJlYWRvbmx5IHNob3J0TmFtZT86IHN0cmluZztcbiAgICByZWFkb25seSBzZWNyZXRJZD86IHN0cmluZztcbiAgICByZWFkb25seSBhbGFybVRvcGljQXJuOiBzdHJpbmc7XG4gICAgcmVhZG9ubHkgd2FybmluZ1RvcGljQXJuOiBzdHJpbmc7XG4gICAgcmVhZG9ubHkgZW5hYmxlQ2FuYXJpZXM6IGJvb2xlYW47XG4gICAgcmVhZG9ubHkgbG9nc0Rlc3RpbmF0aW9uQXJuPzogc3RyaW5nO1xuXG4gICAgcmVhZG9ubHkgdnBjSWQ/OiBzdHJpbmc7XG4gICAgcmVhZG9ubHkgbGFtYmRhRGJTZ0lkPzogc3RyaW5nO1xuICAgIHJlYWRvbmx5IHByaXZhdGVTdWJuZXRJZHM/OiBzdHJpbmdbXTtcbiAgICByZWFkb25seSBhdmFpbGFiaWxpdHlab25lcz86IHN0cmluZ1tdO1xuXG4gICAgcmVhZG9ubHkgdHJhZmZpY1R5cGU6IFRyYWZmaWNUeXBlO1xuICAgIHJlYWRvbmx5IHByb2R1Y3Rpb246IGJvb2xlYW47XG4gICAgcmVhZG9ubHkgc3RhY2tQcm9wczogU3RhY2tQcm9wcztcblxuICAgIHJlYWRvbmx5IHdoaXRlbGlzdGVkUmVzb3VyY2VzPzogc3RyaW5nW107XG59XG5cbmV4cG9ydCBjbGFzcyBEaWdpdHJhZmZpY1N0YWNrIGV4dGVuZHMgU3RhY2sge1xuICAgIHJlYWRvbmx5IHZwYzogSVZwYztcbiAgICByZWFkb25seSBsYW1iZGFEYlNnOiBJU2VjdXJpdHlHcm91cDtcbiAgICByZWFkb25seSBhbGFybVRvcGljOiBJVG9waWM7XG4gICAgcmVhZG9ubHkgd2FybmluZ1RvcGljOiBJVG9waWM7XG4gICAgcmVhZG9ubHkgc2VjcmV0OiBJU2VjcmV0O1xuXG4gICAgcmVhZG9ubHkgY29uZmlndXJhdGlvbjogU3RhY2tDb25maWd1cmF0aW9uO1xuXG4gICAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgY29uZmlndXJhdGlvbjogU3RhY2tDb25maWd1cmF0aW9uKSB7XG4gICAgICAgIHN1cGVyKHNjb3BlLCBpZCwgY29uZmlndXJhdGlvbi5zdGFja1Byb3BzKTtcblxuICAgICAgICB0aGlzLmNvbmZpZ3VyYXRpb24gPSBjb25maWd1cmF0aW9uO1xuXG4gICAgICAgIGlmIChjb25maWd1cmF0aW9uLnNlY3JldElkKSB7XG4gICAgICAgICAgICB0aGlzLnNlY3JldCA9IFNlY3JldC5mcm9tU2VjcmV0TmFtZVYyKHRoaXMsICdTZWNyZXQnLCBjb25maWd1cmF0aW9uLnNlY3JldElkKTtcbiAgICAgICAgfVxuXG4gICAgICAgIC8vIFZQQyByZWZlcmVuY2UgY29uc3RydWN0aW9uIHJlcXVpcmVzIHZwY0lkIGFuZCBhdmFpbGFiaWxpdHkgem9uZXNcbiAgICAgICAgLy8gcHJpdmF0ZSBzdWJuZXRzIGFyZSB1c2VkIGluIExhbWJkYSBjb25maWd1cmF0aW9uXG4gICAgICAgIGlmIChjb25maWd1cmF0aW9uLnZwY0lkKSB7XG4gICAgICAgICAgICB0aGlzLnZwYyA9IFZwYy5mcm9tVnBjQXR0cmlidXRlcyh0aGlzLCAndnBjJywge1xuICAgICAgICAgICAgICAgIHZwY0lkOiBjb25maWd1cmF0aW9uLnZwY0lkLFxuICAgICAgICAgICAgICAgIHByaXZhdGVTdWJuZXRJZHM6IGNvbmZpZ3VyYXRpb24ucHJpdmF0ZVN1Ym5ldElkcyxcbiAgICAgICAgICAgICAgICBhdmFpbGFiaWxpdHlab25lczogY29uZmlndXJhdGlvbi5hdmFpbGFiaWxpdHlab25lcyBhcyBzdHJpbmdbXSxcbiAgICAgICAgICAgIH0pO1xuICAgICAgICB9XG5cbiAgICAgICAgLy8gc2VjdXJpdHkgZ3JvdXAgdGhhdCBhbGxvd3MgTGFtYmRhIGRhdGFiYXNlIGFjY2Vzc1xuICAgICAgICBpZiAoY29uZmlndXJhdGlvbi5sYW1iZGFEYlNnSWQpIHtcbiAgICAgICAgICAgIHRoaXMubGFtYmRhRGJTZyA9IFNlY3VyaXR5R3JvdXAuZnJvbVNlY3VyaXR5R3JvdXBJZCh0aGlzLCAnTGFtYmRhRGJTRycsIGNvbmZpZ3VyYXRpb24ubGFtYmRhRGJTZ0lkKTtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuYWxhcm1Ub3BpYyA9IFRvcGljLmZyb21Ub3BpY0Fybih0aGlzLFxuICAgICAgICAgICAgJ0FsYXJtVG9waWMnLFxuICAgICAgICAgICAgU3RyaW5nUGFyYW1ldGVyLmZyb21TdHJpbmdQYXJhbWV0ZXJOYW1lKHRoaXMsICdBbGFybVRvcGljUGFyYW0nLCBTU01fS0VZX0FMQVJNX1RPUElDKS5zdHJpbmdWYWx1ZSk7XG4gICAgICAgIHRoaXMud2FybmluZ1RvcGljID0gVG9waWMuZnJvbVRvcGljQXJuKHRoaXMsICdXYXJuaW5nVG9waWMnLFxuICAgICAgICAgICAgU3RyaW5nUGFyYW1ldGVyLmZyb21TdHJpbmdQYXJhbWV0ZXJOYW1lKHRoaXMsICdXYXJuaW5nVG9waWNQYXJhbScsIFNTTV9LRVlfV0FSTklOR19UT1BJQykuc3RyaW5nVmFsdWUpO1xuXG4gICAgICAgIHRoaXMuYWRkQXNwZWN0cygpO1xuICAgIH1cblxuICAgIGFkZEFzcGVjdHMoKSB7XG4gICAgICAgIEFzcGVjdHMub2YodGhpcykuYWRkKFN0YWNrQ2hlY2tpbmdBc3BlY3QuY3JlYXRlKHRoaXMpKTtcbiAgICB9XG5cbiAgICBjcmVhdGVMYW1iZGFFbnZpcm9ubWVudCgpOiBEQkxhbWJkYUVudmlyb25tZW50IHtcbiAgICAgICAgcmV0dXJuIHRoaXMuY3JlYXRlRGVmYXVsdExhbWJkYUVudmlyb25tZW50KHRoaXMuY29uZmlndXJhdGlvbi5zaG9ydE5hbWUgYXMgc3RyaW5nKTtcbiAgICB9XG5cbiAgICBjcmVhdGVEZWZhdWx0TGFtYmRhRW52aXJvbm1lbnQoZGJBcHBsaWNhdGlvbjogc3RyaW5nKTogREJMYW1iZGFFbnZpcm9ubWVudCB7XG4gICAgICAgIHJldHVybiB0aGlzLmNvbmZpZ3VyYXRpb24uc2VjcmV0SWQgPyB7XG4gICAgICAgICAgICBTRUNSRVRfSUQ6IHRoaXMuY29uZmlndXJhdGlvbi5zZWNyZXRJZCxcbiAgICAgICAgICAgIERCX0FQUExJQ0FUSU9OOiBkYkFwcGxpY2F0aW9uLFxuICAgICAgICB9IDoge1xuICAgICAgICAgICAgREJfQVBQTElDQVRJT046IGRiQXBwbGljYXRpb24sXG4gICAgICAgIH07XG4gICAgfVxuXG4gICAgZ3JhbnRTZWNyZXQoLi4ubGFtYmRhczogRnVuY3Rpb25bXSkge1xuICAgICAgICBsYW1iZGFzLmZvckVhY2goKGw6IEZ1bmN0aW9uKSA9PiB0aGlzLnNlY3JldC5ncmFudFJlYWQobCkpO1xuICAgIH1cbn1cbiJdfQ==

package/src/aws/infra/stack/subscription.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DigitrafficLogSubscriptions = exports.createSubscription = void 0;
+const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+/**
+ * Creates a subscription filter that subscribes to a Lambda Log Group and delivers the logs to another destination.
+ * https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-subscriptionfilter.html
+ * @param lambda The Lambda function, needed to create a dependency
+ * @param lambdaName The Lambda name from which the Log Group name is derived
+ * @param logDestinationArn Destination for streamed logs
+ * @param stack CloudFormation stack
+ */
+function createSubscription(lambda, lambdaName, logDestinationArn, stack) {
+    if (logDestinationArn == undefined) {
+        return undefined;
+    }
+    const filter = new aws_logs_1.CfnSubscriptionFilter(stack, `${lambdaName}LogsSubscription`, {
+        logGroupName: `/aws/lambda/${lambdaName}`,
+        filterPattern: '',
+        destinationArn: logDestinationArn,
+    });
+    filter.node.addDependency(lambda);
+    return filter;
+}
+exports.createSubscription = createSubscription;
+class DigitrafficLogSubscriptions {
+    constructor(stack, ...lambdas) {
+        if (stack.configuration.logsDestinationArn) {
+            lambdas.forEach(lambda => {
+                const filter = new aws_logs_1.CfnSubscriptionFilter(stack, `${lambda.givenName}LogsSubscription`, {
+                    logGroupName: `/aws/lambda/${lambda.givenName}`,
+                    filterPattern: '',
+                    destinationArn: stack.configuration.logsDestinationArn,
+                });
+                filter.node.addDependency(lambda);
+            });
+        }
+    }
+}
+exports.DigitrafficLogSubscriptions = DigitrafficLogSubscriptions;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3Vic2NyaXB0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vc3JjL2F3cy9pbmZyYS9zdGFjay9zdWJzY3JpcHRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsbURBQTJEO0FBTTNEOzs7Ozs7O0dBT0c7QUFDSCxTQUFnQixrQkFBa0IsQ0FBQyxNQUFnQixFQUFFLFVBQWtCLEVBQUUsaUJBQXFDLEVBQUUsS0FBZ0I7SUFDNUgsSUFBSSxpQkFBaUIsSUFBSSxTQUFTLEVBQUU7UUFDaEMsT0FBTyxTQUFTLENBQUM7S0FDcEI7SUFDRCxNQUFNLE1BQU0sR0FBRyxJQUFJLGdDQUFxQixDQUFDLEtBQUssRUFBRSxHQUFHLFVBQVUsa0JBQWtCLEVBQUU7UUFDN0UsWUFBWSxFQUFFLGVBQWUsVUFBVSxFQUFFO1FBQ3pDLGFBQWEsRUFBRSxFQUFFO1FBQ2pCLGNBQWMsRUFBRSxpQkFBaUI7S0FDcEMsQ0FBQyxDQUFDO0lBRUgsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFbEMsT0FBTyxNQUFNLENBQUM7QUFDbEIsQ0FBQztBQWJELGdEQWFDO0FBRUQsTUFBYSwyQkFBMkI7SUFDcEMsWUFBWSxLQUF1QixFQUFFLEdBQUcsT0FBNEI7UUFDaEUsSUFBSSxLQUFLLENBQUMsYUFBYSxDQUFDLGtCQUFrQixFQUFFO1lBQ3hDLE9BQU8sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLEVBQUU7Z0JBQ3JCLE1BQU0sTUFBTSxHQUFHLElBQUksZ0NBQXFCLENBQUMsS0FBSyxFQUFFLEdBQUcsTUFBTSxDQUFDLFNBQVMsa0JBQWtCLEVBQUU7b0JBQ25GLFlBQVksRUFBRSxlQUFlLE1BQU0sQ0FBQyxTQUFTLEVBQUU7b0JBQy9DLGFBQWEsRUFBRSxFQUFFO29CQUNqQixjQUFjLEVBQUUsS0FBSyxDQUFDLGFBQWEsQ0FBQyxrQkFBNEI7aUJBQ25FLENBQUMsQ0FBQztnQkFFSCxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUN0QyxDQUFDLENBQUMsQ0FBQztTQUNOO0lBQ0wsQ0FBQztDQUNKO0FBZEQsa0VBY0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge0NmblN1YnNjcmlwdGlvbkZpbHRlcn0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxvZ3MnO1xuaW1wb3J0IHtGdW5jdGlvbn0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQge0RpZ2l0cmFmZmljU3RhY2t9IGZyb20gXCIuL3N0YWNrXCI7XG5pbXBvcnQge0NvbnN0cnVjdH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7TW9uaXRvcmVkRnVuY3Rpb259IGZyb20gXCIuL21vbml0b3JlZGZ1bmN0aW9uXCI7XG5cbi8qKlxuICogQ3JlYXRlcyBhIHN1YnNjcmlwdGlvbiBmaWx0ZXIgdGhhdCBzdWJzY3JpYmVzIHRvIGEgTGFtYmRhIExvZyBHcm91cCBhbmQgZGVsaXZlcnMgdGhlIGxvZ3MgdG8gYW5vdGhlciBkZXN0aW5hdGlvbi5cbiAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NDbG91ZEZvcm1hdGlvbi9sYXRlc3QvVXNlckd1aWRlL2F3cy1yZXNvdXJjZS1sb2dzLXN1YnNjcmlwdGlvbmZpbHRlci5odG1sXG4gKiBAcGFyYW0gbGFtYmRhIFRoZSBMYW1iZGEgZnVuY3Rpb24sIG5lZWRlZCB0byBjcmVhdGUgYSBkZXBlbmRlbmN5XG4gKiBAcGFyYW0gbGFtYmRhTmFtZSBUaGUgTGFtYmRhIG5hbWUgZnJvbSB3aGljaCB0aGUgTG9nIEdyb3VwIG5hbWUgaXMgZGVyaXZlZFxuICogQHBhcmFtIGxvZ0Rlc3RpbmF0aW9uQXJuIERlc3RpbmF0aW9uIGZvciBzdHJlYW1lZCBsb2dzXG4gKiBAcGFyYW0gc3RhY2sgQ2xvdWRGb3JtYXRpb24gc3RhY2tcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGNyZWF0ZVN1YnNjcmlwdGlvbihsYW1iZGE6IEZ1bmN0aW9uLCBsYW1iZGFOYW1lOiBzdHJpbmcsIGxvZ0Rlc3RpbmF0aW9uQXJuOiBzdHJpbmcgfCB1bmRlZmluZWQsIHN0YWNrOiBDb25zdHJ1Y3QpOiBDZm5TdWJzY3JpcHRpb25GaWx0ZXIgfCB1bmRlZmluZWQge1xuICAgIGlmIChsb2dEZXN0aW5hdGlvbkFybiA9PSB1bmRlZmluZWQpIHtcbiAgICAgICAgcmV0dXJuIHVuZGVmaW5lZDtcbiAgICB9XG4gICAgY29uc3QgZmlsdGVyID0gbmV3IENmblN1YnNjcmlwdGlvbkZpbHRlcihzdGFjaywgYCR7bGFtYmRhTmFtZX1Mb2dzU3Vic2NyaXB0aW9uYCwge1xuICAgICAgICBsb2dHcm91cE5hbWU6IGAvYXdzL2xhbWJkYS8ke2xhbWJkYU5hbWV9YCxcbiAgICAgICAgZmlsdGVyUGF0dGVybjogJycsXG4gICAgICAgIGRlc3RpbmF0aW9uQXJuOiBsb2dEZXN0aW5hdGlvbkFybixcbiAgICB9KTtcblxuICAgIGZpbHRlci5ub2RlLmFkZERlcGVuZGVuY3kobGFtYmRhKTtcblxuICAgIHJldHVybiBmaWx0ZXI7XG59XG5cbmV4cG9ydCBjbGFzcyBEaWdpdHJhZmZpY0xvZ1N1YnNjcmlwdGlvbnMge1xuICAgIGNvbnN0cnVjdG9yKHN0YWNrOiBEaWdpdHJhZmZpY1N0YWNrLCAuLi5sYW1iZGFzOiBNb25pdG9yZWRGdW5jdGlvbltdKSB7XG4gICAgICAgIGlmIChzdGFjay5jb25maWd1cmF0aW9uLmxvZ3NEZXN0aW5hdGlvbkFybikge1xuICAgICAgICAgICAgbGFtYmRhcy5mb3JFYWNoKGxhbWJkYSA9PiB7XG4gICAgICAgICAgICAgICAgY29uc3QgZmlsdGVyID0gbmV3IENmblN1YnNjcmlwdGlvbkZpbHRlcihzdGFjaywgYCR7bGFtYmRhLmdpdmVuTmFtZX1Mb2dzU3Vic2NyaXB0aW9uYCwge1xuICAgICAgICAgICAgICAgICAgICBsb2dHcm91cE5hbWU6IGAvYXdzL2xhbWJkYS8ke2xhbWJkYS5naXZlbk5hbWV9YCxcbiAgICAgICAgICAgICAgICAgICAgZmlsdGVyUGF0dGVybjogJycsXG4gICAgICAgICAgICAgICAgICAgIGRlc3RpbmF0aW9uQXJuOiBzdGFjay5jb25maWd1cmF0aW9uLmxvZ3NEZXN0aW5hdGlvbkFybiBhcyBzdHJpbmcsXG4gICAgICAgICAgICAgICAgfSk7XG5cbiAgICAgICAgICAgICAgICBmaWx0ZXIubm9kZS5hZGREZXBlbmRlbmN5KGxhbWJkYSk7XG4gICAgICAgICAgICB9KTtcbiAgICAgICAgfVxuICAgIH1cbn1cbiJdfQ==

package/src/aws/infra/usage-plans.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createDefaultUsagePlan = exports.createUsagePlan = void 0;
+/**
+ * Creates an usage plan for a REST API with a single API key
+ * @param api The REST API
+ * @param apiKeyId Id for the API key, this is a surrogate id for CDK, not displayed anywhere
+ * @param apiKeyName Name for the API key, this is displayed in the AWS Console
+ * @deprecated Creates randomized API key names, use createDefaultUsagePlan instead
+ */
+function createUsagePlan(api, apiKeyId, apiKeyName) {
+    const apiKey = api.addApiKey(apiKeyId);
+    const plan = api.addUsagePlan(apiKeyName, {
+        name: apiKeyName,
+    });
+    plan.addApiStage({
+        stage: api.deploymentStage,
+    });
+    plan.addApiKey(apiKey);
+    return apiKey;
+}
+exports.createUsagePlan = createUsagePlan;
+/**
+ * Creates a default usage plan for a REST API with a single API key
+ * @param api The REST API
+ * @param apiName Name of the api. Will generate key: apiName + ' API Key' and plan: apiName + ' API Usage Plan'
+ */
+function createDefaultUsagePlan(api, apiName) {
+    const apiKeyName = apiName + ' API Key';
+    const usagePlanName = apiName + ' API Usage Plan';
+    const apiKey = api.addApiKey(apiKeyName, { apiKeyName: apiKeyName });
+    const plan = api.addUsagePlan(usagePlanName, {
+        name: usagePlanName,
+    });
+    plan.addApiStage({
+        stage: api.deploymentStage,
+    });
+    plan.addApiKey(apiKey);
+    return apiKey;
+}
+exports.createDefaultUsagePlan = createDefaultUsagePlan;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNhZ2UtcGxhbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYXdzL2luZnJhL3VzYWdlLXBsYW5zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBOzs7Ozs7R0FNRztBQUNILFNBQWdCLGVBQWUsQ0FBQyxHQUFZLEVBQUUsUUFBZ0IsRUFBRSxVQUFrQjtJQUM5RSxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3ZDLE1BQU0sSUFBSSxHQUFHLEdBQUcsQ0FBQyxZQUFZLENBQUMsVUFBVSxFQUFFO1FBQ3RDLElBQUksRUFBRSxVQUFVO0tBQ25CLENBQUMsQ0FBQztJQUNILElBQUksQ0FBQyxXQUFXLENBQUM7UUFDYixLQUFLLEVBQUUsR0FBRyxDQUFDLGVBQWU7S0FDN0IsQ0FBQyxDQUFDO0lBQ0gsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUV2QixPQUFPLE1BQU0sQ0FBQztBQUNsQixDQUFDO0FBWEQsMENBV0M7QUFFRDs7OztHQUlHO0FBQ0gsU0FBZ0Isc0JBQXNCLENBQUMsR0FBWSxFQUFFLE9BQWU7SUFDaEUsTUFBTSxVQUFVLEdBQUcsT0FBTyxHQUFHLFVBQVUsQ0FBQztJQUN4QyxNQUFNLGFBQWEsR0FBRyxPQUFPLEdBQUcsaUJBQWlCLENBQUM7SUFDbEQsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLFNBQVMsQ0FBQyxVQUFVLEVBQUUsRUFBRSxVQUFVLEVBQUUsVUFBVSxFQUFFLENBQUMsQ0FBQztJQUNyRSxNQUFNLElBQUksR0FBRyxHQUFHLENBQUMsWUFBWSxDQUFDLGFBQWEsRUFBRTtRQUN6QyxJQUFJLEVBQUUsYUFBYTtLQUN0QixDQUFDLENBQUM7SUFDSCxJQUFJLENBQUMsV0FBVyxDQUFDO1FBQ2IsS0FBSyxFQUFFLEdBQUcsQ0FBQyxlQUFlO0tBQzdCLENBQUMsQ0FBQztJQUNILElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFdkIsT0FBTyxNQUFNLENBQUM7QUFDbEIsQ0FBQztBQWJELHdEQWFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtJQXBpS2V5LCBSZXN0QXBpfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtYXBpZ2F0ZXdheSc7XHJcblxyXG4vKipcclxuICogQ3JlYXRlcyBhbiB1c2FnZSBwbGFuIGZvciBhIFJFU1QgQVBJIHdpdGggYSBzaW5nbGUgQVBJIGtleVxyXG4gKiBAcGFyYW0gYXBpIFRoZSBSRVNUIEFQSVxyXG4gKiBAcGFyYW0gYXBpS2V5SWQgSWQgZm9yIHRoZSBBUEkga2V5LCB0aGlzIGlzIGEgc3Vycm9nYXRlIGlkIGZvciBDREssIG5vdCBkaXNwbGF5ZWQgYW55d2hlcmVcclxuICogQHBhcmFtIGFwaUtleU5hbWUgTmFtZSBmb3IgdGhlIEFQSSBrZXksIHRoaXMgaXMgZGlzcGxheWVkIGluIHRoZSBBV1MgQ29uc29sZVxyXG4gKiBAZGVwcmVjYXRlZCBDcmVhdGVzIHJhbmRvbWl6ZWQgQVBJIGtleSBuYW1lcywgdXNlIGNyZWF0ZURlZmF1bHRVc2FnZVBsYW4gaW5zdGVhZFxyXG4gKi9cclxuZXhwb3J0IGZ1bmN0aW9uIGNyZWF0ZVVzYWdlUGxhbihhcGk6IFJlc3RBcGksIGFwaUtleUlkOiBzdHJpbmcsIGFwaUtleU5hbWU6IHN0cmluZyk6IElBcGlLZXkge1xyXG4gICAgY29uc3QgYXBpS2V5ID0gYXBpLmFkZEFwaUtleShhcGlLZXlJZCk7XHJcbiAgICBjb25zdCBwbGFuID0gYXBpLmFkZFVzYWdlUGxhbihhcGlLZXlOYW1lLCB7XHJcbiAgICAgICAgbmFtZTogYXBpS2V5TmFtZSxcclxuICAgIH0pO1xyXG4gICAgcGxhbi5hZGRBcGlTdGFnZSh7XHJcbiAgICAgICAgc3RhZ2U6IGFwaS5kZXBsb3ltZW50U3RhZ2UsXHJcbiAgICB9KTtcclxuICAgIHBsYW4uYWRkQXBpS2V5KGFwaUtleSk7XHJcblxyXG4gICAgcmV0dXJuIGFwaUtleTtcclxufVxyXG5cclxuLyoqXHJcbiAqIENyZWF0ZXMgYSBkZWZhdWx0IHVzYWdlIHBsYW4gZm9yIGEgUkVTVCBBUEkgd2l0aCBhIHNpbmdsZSBBUEkga2V5XHJcbiAqIEBwYXJhbSBhcGkgVGhlIFJFU1QgQVBJXHJcbiAqIEBwYXJhbSBhcGlOYW1lIE5hbWUgb2YgdGhlIGFwaS4gV2lsbCBnZW5lcmF0ZSBrZXk6IGFwaU5hbWUgKyAnIEFQSSBLZXknIGFuZCBwbGFuOiBhcGlOYW1lICsgJyBBUEkgVXNhZ2UgUGxhbidcclxuICovXHJcbmV4cG9ydCBmdW5jdGlvbiBjcmVhdGVEZWZhdWx0VXNhZ2VQbGFuKGFwaTogUmVzdEFwaSwgYXBpTmFtZTogc3RyaW5nKTogSUFwaUtleSB7XHJcbiAgICBjb25zdCBhcGlLZXlOYW1lID0gYXBpTmFtZSArICcgQVBJIEtleSc7XHJcbiAgICBjb25zdCB1c2FnZVBsYW5OYW1lID0gYXBpTmFtZSArICcgQVBJIFVzYWdlIFBsYW4nO1xyXG4gICAgY29uc3QgYXBpS2V5ID0gYXBpLmFkZEFwaUtleShhcGlLZXlOYW1lLCB7IGFwaUtleU5hbWU6IGFwaUtleU5hbWUgfSk7XHJcbiAgICBjb25zdCBwbGFuID0gYXBpLmFkZFVzYWdlUGxhbih1c2FnZVBsYW5OYW1lLCB7XHJcbiAgICAgICAgbmFtZTogdXNhZ2VQbGFuTmFtZSxcclxuICAgIH0pO1xyXG4gICAgcGxhbi5hZGRBcGlTdGFnZSh7XHJcbiAgICAgICAgc3RhZ2U6IGFwaS5kZXBsb3ltZW50U3RhZ2UsXHJcbiAgICB9KTtcclxuICAgIHBsYW4uYWRkQXBpS2V5KGFwaUtleSk7XHJcblxyXG4gICAgcmV0dXJuIGFwaUtleTtcclxufVxyXG4iXX0=

package/src/aws/runtime/apikey.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getApiKeyFromAPIGateway = void 0;
+const aws_sdk_1 = require("aws-sdk");
+function getApiKeyFromAPIGateway(keyId) {
+    const agw = new aws_sdk_1.APIGateway();
+    return agw.getApiKey({
+        apiKey: keyId,
+        includeValue: true,
+    }).promise();
+}
+exports.getApiKeyFromAPIGateway = getApiKeyFromAPIGateway;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBpa2V5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2F3cy9ydW50aW1lL2FwaWtleS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxxQ0FBbUM7QUFFbkMsU0FBZ0IsdUJBQXVCLENBQUMsS0FBYTtJQUNqRCxNQUFNLEdBQUcsR0FBRyxJQUFJLG9CQUFVLEVBQUUsQ0FBQztJQUM3QixPQUFPLEdBQUcsQ0FBQyxTQUFTLENBQUM7UUFDakIsTUFBTSxFQUFFLEtBQUs7UUFDYixZQUFZLEVBQUUsSUFBSTtLQUNyQixDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7QUFDakIsQ0FBQztBQU5ELDBEQU1DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtBUElHYXRld2F5fSBmcm9tIFwiYXdzLXNka1wiO1xuXG5leHBvcnQgZnVuY3Rpb24gZ2V0QXBpS2V5RnJvbUFQSUdhdGV3YXkoa2V5SWQ6IHN0cmluZyk6IFByb21pc2U8QVBJR2F0ZXdheS5UeXBlcy5BcGlLZXk+IHtcbiAgICBjb25zdCBhZ3cgPSBuZXcgQVBJR2F0ZXdheSgpO1xuICAgIHJldHVybiBhZ3cuZ2V0QXBpS2V5KHtcbiAgICAgICAgYXBpS2V5OiBrZXlJZCxcbiAgICAgICAgaW5jbHVkZVZhbHVlOiB0cnVlLFxuICAgIH0pLnByb21pc2UoKTtcbn1cbiJdfQ==

package/src/aws/runtime/digitraffic-integration-response.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DigitrafficIntegrationResponse = void 0;
+const mediatypes_1 = require("../types/mediatypes");
+const response_1 = require("../infra/api/response");
+class DigitrafficIntegrationResponse {
+    static ok(mediaType) {
+        return this.create("200", mediaType);
+    }
+    static badRequest(mediaType) {
+        return this.create("400", mediaType ?? mediatypes_1.MediaType.TEXT_PLAIN);
+    }
+    static notImplemented(mediaType) {
+        return this.create("501", mediaType ?? mediatypes_1.MediaType.TEXT_PLAIN);
+    }
+    static create(statusCode, mediaType) {
+        return {
+            statusCode,
+            responseTemplates: {
+                [mediaType]: response_1.RESPONSE_DEFAULT_LAMBDA,
+            },
+        };
+    }
+}
+exports.DigitrafficIntegrationResponse = DigitrafficIntegrationResponse;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGlnaXRyYWZmaWMtaW50ZWdyYXRpb24tcmVzcG9uc2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYXdzL3J1bnRpbWUvZGlnaXRyYWZmaWMtaW50ZWdyYXRpb24tcmVzcG9uc2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0Esb0RBQThDO0FBQzlDLG9EQUE4RDtBQUU5RCxNQUFzQiw4QkFBOEI7SUFFaEQsTUFBTSxDQUFDLEVBQUUsQ0FBQyxTQUFvQjtRQUMxQixPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7SUFFRCxNQUFNLENBQUMsVUFBVSxDQUFDLFNBQXFCO1FBQ25DLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLEVBQUUsU0FBUyxJQUFJLHNCQUFTLENBQUMsVUFBVSxDQUFDLENBQUM7SUFDakUsQ0FBQztJQUVELE1BQU0sQ0FBQyxjQUFjLENBQUMsU0FBcUI7UUFDdkMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxTQUFTLElBQUksc0JBQVMsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBRUQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxVQUFrQixFQUFFLFNBQW9CO1FBQ2xELE9BQU87WUFDSCxVQUFVO1lBQ1YsaUJBQWlCLEVBQUU7Z0JBQ2YsQ0FBQyxTQUFTLENBQUMsRUFBRSxrQ0FBdUI7YUFDdkM7U0FDSixDQUFDO0lBQ04sQ0FBQztDQUNKO0FBdEJELHdFQXNCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7SW50ZWdyYXRpb25SZXNwb25zZX0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1hcGlnYXRld2F5XCI7XG5pbXBvcnQge01lZGlhVHlwZX0gZnJvbSBcIi4uL3R5cGVzL21lZGlhdHlwZXNcIjtcbmltcG9ydCB7UkVTUE9OU0VfREVGQVVMVF9MQU1CREF9IGZyb20gXCIuLi9pbmZyYS9hcGkvcmVzcG9uc2VcIjtcblxuZXhwb3J0IGFic3RyYWN0IGNsYXNzIERpZ2l0cmFmZmljSW50ZWdyYXRpb25SZXNwb25zZSB7XG5cbiAgICBzdGF0aWMgb2sobWVkaWFUeXBlOiBNZWRpYVR5cGUpOiBJbnRlZ3JhdGlvblJlc3BvbnNlIHtcbiAgICAgICAgcmV0dXJuIHRoaXMuY3JlYXRlKFwiMjAwXCIsIG1lZGlhVHlwZSk7XG4gICAgfVxuXG4gICAgc3RhdGljIGJhZFJlcXVlc3QobWVkaWFUeXBlPzogTWVkaWFUeXBlKTogSW50ZWdyYXRpb25SZXNwb25zZSB7XG4gICAgICAgIHJldHVybiB0aGlzLmNyZWF0ZShcIjQwMFwiLCBtZWRpYVR5cGUgPz8gTWVkaWFUeXBlLlRFWFRfUExBSU4pO1xuICAgIH1cblxuICAgIHN0YXRpYyBub3RJbXBsZW1lbnRlZChtZWRpYVR5cGU/OiBNZWRpYVR5cGUpOiBJbnRlZ3JhdGlvblJlc3BvbnNlIHtcbiAgICAgICAgcmV0dXJuIHRoaXMuY3JlYXRlKFwiNTAxXCIsIG1lZGlhVHlwZSA/PyBNZWRpYVR5cGUuVEVYVF9QTEFJTik7XG4gICAgfVxuXG4gICAgc3RhdGljIGNyZWF0ZShzdGF0dXNDb2RlOiBzdHJpbmcsIG1lZGlhVHlwZTogTWVkaWFUeXBlKTogSW50ZWdyYXRpb25SZXNwb25zZSB7XG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgICBzdGF0dXNDb2RlLFxuICAgICAgICAgICAgcmVzcG9uc2VUZW1wbGF0ZXM6IHtcbiAgICAgICAgICAgICAgICBbbWVkaWFUeXBlXTogUkVTUE9OU0VfREVGQVVMVF9MQU1CREEsXG4gICAgICAgICAgICB9LFxuICAgICAgICB9O1xuICAgIH1cbn1cblxuIl19