npm - @digitraffic/common - Versions diffs - 2024.1.10-1 → 2024.1.23-1 - Mend

@digitraffic/common 2024.1.10-1 → 2024.1.23-1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (292) hide show

package/dist/aws/infra/stack/{stack-checking-aspect.d.ts → stack-checking-aspect.d.mts} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { IAspect } from "aws-cdk-lib";
-import { DigitrafficStack } from "./stack";
+import { DigitrafficStack } from "./stack.mjs";
 import { IConstruct } from "constructs";
 export declare class StackCheckingAspect implements IAspect {
     private readonly stackShortName?;

package/dist/aws/infra/stack/{stack-checking-aspect.js → stack-checking-aspect.mjs} RENAMED Viewed

@@ -1,20 +1,14 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.StackCheckingAspect = void 0;
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
-const aws_s3_1 = require("aws-cdk-lib/aws-s3");
-const stack_1 = require("./stack");
-const aws_apigateway_1 = require("aws-cdk-lib/aws-apigateway");
-const aws_sqs_1 = require("aws-cdk-lib/aws-sqs");
-const aws_logs_1 = require("aws-cdk-lib/aws-logs");
-const change_case_1 = require("change-case");
-const lodash_1 = __importDefault(require("lodash"));
+import { Annotations, Stack } from "aws-cdk-lib";
+import { CfnFunction, Runtime } from "aws-cdk-lib/aws-lambda";
+import { CfnBucket } from "aws-cdk-lib/aws-s3";
+import { DigitrafficStack, SOLUTION_KEY } from "./stack.mjs";
+import { CfnMethod, CfnResource } from "aws-cdk-lib/aws-apigateway";
+import { CfnQueue } from "aws-cdk-lib/aws-sqs";
+import { LogRetention } from "aws-cdk-lib/aws-logs";
+import { kebabCase } from "change-case";
+import _ from "lodash";
 const MAX_CONCURRENCY_LIMIT = 100;
-const NODE_RUNTIMES = [aws_lambda_1.Runtime.NODEJS_20_X.name, aws_lambda_1.Runtime.NODEJS_18_X.name];
+const NODE_RUNTIMES = [Runtime.NODEJS_20_X.name, Runtime.NODEJS_18_X.name];
 var ResourceType;
 (function (ResourceType) {
     ResourceType["stackName"] = "STACK_NAME";
@@ -29,7 +23,7 @@ var ResourceType;
     ResourceType["queueEncryption"] = "QUEUE_ENCRYPTION";
     ResourceType["logGroupRetention"] = "LOG_GROUP_RETENTION";
 })(ResourceType || (ResourceType = {}));
-class StackCheckingAspect {
+export class StackCheckingAspect {
     constructor(stackShortName, whitelistedResources) {
         this.stackShortName = stackShortName;
         this.whitelistedResources = whitelistedResources;
@@ -59,14 +53,14 @@ class StackCheckingAspect {
         // error && whitelisted -> warning
         // warning && whitelisted -> nothing
         if (isError && !isWhiteListed) {
-            aws_cdk_lib_1.Annotations.of(node).addError(annotationMessage);
+            Annotations.of(node).addError(annotationMessage);
         }
         else if ((!isError && !isWhiteListed) || (isError && isWhiteListed)) {
-            aws_cdk_lib_1.Annotations.of(node).addWarning(annotationMessage);
+            Annotations.of(node).addWarning(annotationMessage);
         }
     }
     checkStack(node) {
-        if (node instanceof stack_1.DigitrafficStack) {
+        if (node instanceof DigitrafficStack) {
             if ((node.stackName.includes("Test") || node.stackName.includes("Tst")) &&
                 node.configuration.production) {
                 this.addAnnotation(node, ResourceType.stackName, "Production is set for Test-stack");
@@ -78,7 +72,7 @@ class StackCheckingAspect {
         }
     }
     checkFunction(node) {
-        if (node instanceof aws_lambda_1.CfnFunction) {
+        if (node instanceof CfnFunction) {
             if (!node.reservedConcurrentExecutions) {
                 this.addAnnotation(node, ResourceType.reservedConcurrentConcurrency, "Function must have reservedConcurrentConcurrency");
             }
@@ -102,14 +96,14 @@ class StackCheckingAspect {
         }
     }
     checkTags(node) {
-        if (node instanceof aws_cdk_lib_1.Stack) {
-            if (!node.tags.tagValues()[stack_1.SOLUTION_KEY]) {
+        if (node instanceof Stack) {
+            if (!node.tags.tagValues()[SOLUTION_KEY]) {
                 this.addAnnotation(node, ResourceType.tagSolution, "Solution tag is missing");
             }
         }
     }
     checkBucket(node) {
-        if (node instanceof aws_s3_1.CfnBucket) {
+        if (node instanceof CfnBucket) {
             const c = node.publicAccessBlockConfiguration;
             if (c &&
                 (!c.blockPublicAcls ||
@@ -128,18 +122,18 @@ class StackCheckingAspect {
         if (path.includes("{")) {
             return this.isValidPath(path.split("{")[0]);
         }
-        return (0, change_case_1.kebabCase)(path) === path;
+        return kebabCase(path) === path;
     }
     static isValidQueryString(name) {
-        return lodash_1.default.snakeCase(name) === name;
+        return _.snakeCase(name) === name;
     }
     checkResourceCasing(node) {
-        if (node instanceof aws_apigateway_1.CfnResource) {
+        if (node instanceof CfnResource) {
             if (!StackCheckingAspect.isValidPath(node.pathPart)) {
                 this.addAnnotation(node, ResourceType.resourcePath, "Path part should be in kebab-case");
             }
         }
-        else if (node instanceof aws_apigateway_1.CfnMethod) {
+        else if (node instanceof CfnMethod) {
             const integration = node.integration;
             if (integration?.requestParameters) {
                 Object.keys(integration.requestParameters).forEach((key) => {
@@ -154,14 +148,14 @@ class StackCheckingAspect {
         }
     }
     checkQueueEncryption(node) {
-        if (node instanceof aws_sqs_1.CfnQueue) {
+        if (node instanceof CfnQueue) {
             if (!node.kmsMasterKeyId) {
                 this.addAnnotation(node, ResourceType.queueEncryption, "Queue must have encryption enabled");
             }
         }
     }
     checkLogGroupRetention(node) {
-        if (node instanceof aws_logs_1.LogRetention) {
+        if (node instanceof LogRetention) {
             const child = node.node.defaultChild;
             const retention = child._cfnProperties.RetentionInDays;
             if (!retention) {
@@ -170,5 +164,4 @@ class StackCheckingAspect {
         }
     }
 }
-exports.StackCheckingAspect = StackCheckingAspect;
-//# sourceMappingURL=stack-checking-aspect.js.map
+//# sourceMappingURL=stack-checking-aspect.mjs.map

package/dist/aws/infra/stack/{stack.d.ts → stack.d.mts} RENAMED Viewed

@@ -1,12 +1,11 @@
 import { Stack, StackProps } from "aws-cdk-lib";
-import { IVpc } from "aws-cdk-lib/aws-ec2";
-import { ISecurityGroup } from "aws-cdk-lib/aws-ec2/lib/security-group";
+import { type ISecurityGroup, IVpc } from "aws-cdk-lib/aws-ec2";
 import { ITopic } from "aws-cdk-lib/aws-sns";
 import { ISecret } from "aws-cdk-lib/aws-secretsmanager";
 import { Function as AWSFunction } from "aws-cdk-lib/aws-lambda";
 import { Construct } from "constructs";
-import { TrafficType } from "../../../types/traffictype";
-import { DBLambdaEnvironment } from "./lambda-configs";
+import { TrafficType } from "../../../types/traffictype.mjs";
+import { DBLambdaEnvironment } from "./lambda-configs.mjs";
 export declare const SOLUTION_KEY = "Solution";
 export declare const SSM_KEY_WARNING_TOPIC = "/digitraffic/monitoring/warning-topic";
 export declare const SSM_KEY_ALARM_TOPIC = "/digitraffic/monitoring/alarm-topic";

package/dist/aws/infra/stack/stack.mjs ADDED Viewed

@@ -0,0 +1,63 @@
+import { Aspects, Stack } from "aws-cdk-lib";
+import { SecurityGroup, Vpc } from "aws-cdk-lib/aws-ec2";
+import { Topic } from "aws-cdk-lib/aws-sns";
+import { StringParameter } from "aws-cdk-lib/aws-ssm";
+import { Secret } from "aws-cdk-lib/aws-secretsmanager";
+import { StackCheckingAspect } from "./stack-checking-aspect.mjs";
+const SSM_ROOT = "/digitraffic";
+export const SOLUTION_KEY = "Solution";
+const MONITORING_ROOT = "/monitoring";
+export const SSM_KEY_WARNING_TOPIC = `${SSM_ROOT}${MONITORING_ROOT}/warning-topic`;
+export const SSM_KEY_ALARM_TOPIC = `${SSM_ROOT}${MONITORING_ROOT}/alarm-topic`;
+export class DigitrafficStack extends Stack {
+    constructor(scope, id, configuration) {
+        super(scope, id, configuration.stackProps);
+        this.configuration = configuration;
+        if (configuration.secretId) {
+            this.secret = Secret.fromSecretNameV2(this, "Secret", configuration.secretId);
+        }
+        // VPC reference construction requires vpcId and availability zones
+        // private subnets are used in Lambda configuration
+        if (configuration.vpcId) {
+            this.vpc = Vpc.fromVpcAttributes(this, "vpc", {
+                vpcId: configuration.vpcId,
+                privateSubnetIds: configuration.privateSubnetIds,
+                availabilityZones: configuration.availabilityZones ?? [],
+            });
+        }
+        // security group that allows Lambda database access
+        if (configuration.lambdaDbSgId) {
+            this.lambdaDbSg = SecurityGroup.fromSecurityGroupId(this, "LambdaDbSG", configuration.lambdaDbSgId);
+        }
+        this.alarmTopic = Topic.fromTopicArn(this, "AlarmTopic", StringParameter.fromStringParameterName(this, "AlarmTopicParam", SSM_KEY_ALARM_TOPIC).stringValue);
+        this.warningTopic = Topic.fromTopicArn(this, "WarningTopic", StringParameter.fromStringParameterName(this, "WarningTopicParam", SSM_KEY_WARNING_TOPIC).stringValue);
+        this.addAspects();
+    }
+    addAspects() {
+        Aspects.of(this).add(StackCheckingAspect.create(this));
+    }
+    createLambdaEnvironment() {
+        return this.createDefaultLambdaEnvironment(this.configuration.shortName);
+    }
+    createDefaultLambdaEnvironment(dbApplication) {
+        return this.configuration.secretId
+            ? {
+                SECRET_ID: this.configuration.secretId,
+                DB_APPLICATION: dbApplication,
+            }
+            : {
+                DB_APPLICATION: dbApplication,
+            };
+    }
+    getSecret() {
+        if (this.secret === undefined) {
+            throw new Error("Secret is undefined");
+        }
+        return this.secret;
+    }
+    grantSecret(...lambdas) {
+        const secret = this.getSecret();
+        lambdas.forEach((l) => secret.grantRead(l));
+    }
+}
+//# sourceMappingURL=stack.mjs.map

package/dist/aws/infra/stack/{subscription.d.ts → subscription.d.mts} RENAMED Viewed

@@ -1,8 +1,8 @@
 import { CfnSubscriptionFilter } from "aws-cdk-lib/aws-logs";
 import { Function as AWSFunction } from "aws-cdk-lib/aws-lambda";
-import { DigitrafficStack } from "./stack";
+import { DigitrafficStack } from "./stack.mjs";
 import { Construct } from "constructs";
-import { MonitoredFunction } from "./monitoredfunction";
+import { MonitoredFunction } from "./monitoredfunction.mjs";
 /**
  * Creates a subscription filter that subscribes to a Lambda Log Group and delivers the logs to another destination.
  * https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-subscriptionfilter.html

package/dist/aws/infra/stack/{subscription.js → subscription.mjs} RENAMED Viewed

@@ -1,7 +1,4 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DigitrafficLogSubscriptions = exports.createSubscription = void 0;
-const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+import { CfnSubscriptionFilter } from "aws-cdk-lib/aws-logs";
 /**
  * Creates a subscription filter that subscribes to a Lambda Log Group and delivers the logs to another destination.
  * https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-subscriptionfilter.html
@@ -10,11 +7,11 @@ const aws_logs_1 = require("aws-cdk-lib/aws-logs");
  * @param logDestinationArn Destination for streamed logs
  * @param stack CloudFormation stack
  */
-function createSubscription(lambda, lambdaName, logDestinationArn, stack) {
+export function createSubscription(lambda, lambdaName, logDestinationArn, stack) {
     if (logDestinationArn == undefined) {
         return undefined;
     }
-    const filter = new aws_logs_1.CfnSubscriptionFilter(stack, `${lambdaName}LogsSubscription`, {
+    const filter = new CfnSubscriptionFilter(stack, `${lambdaName}LogsSubscription`, {
         logGroupName: `/aws/lambda/${lambdaName}`,
         filterPattern: "",
         destinationArn: logDestinationArn,
@@ -22,13 +19,12 @@ function createSubscription(lambda, lambdaName, logDestinationArn, stack) {
     filter.node.addDependency(lambda);
     return filter;
 }
-exports.createSubscription = createSubscription;
-class DigitrafficLogSubscriptions {
+export class DigitrafficLogSubscriptions {
     constructor(stack, ...lambdas) {
         const destinationArn = stack.configuration.logsDestinationArn;
         if (destinationArn !== undefined) {
             lambdas.forEach((lambda) => {
-                const filter = new aws_logs_1.CfnSubscriptionFilter(stack, `${lambda.givenName}LogsSubscription`, {
+                const filter = new CfnSubscriptionFilter(stack, `${lambda.givenName}LogsSubscription`, {
                     logGroupName: `/aws/lambda/${lambda.givenName}`,
                     filterPattern: "",
                     destinationArn,
@@ -38,5 +34,4 @@ class DigitrafficLogSubscriptions {
         }
     }
 }
-exports.DigitrafficLogSubscriptions = DigitrafficLogSubscriptions;
-//# sourceMappingURL=subscription.js.map
+//# sourceMappingURL=subscription.mjs.map

package/dist/aws/infra/stacks/{db-dns-stack.d.ts → db-dns-stack.d.mts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { Stack } from "aws-cdk-lib";
-import { Construct } from "constructs/lib/construct";
-import { InfraStackConfiguration } from "./intra-stack-configuration";
+import { type Construct } from "constructs";
+import { InfraStackConfiguration } from "./intra-stack-configuration.mjs";
 /**
  * Creates a dns local zone and creates records for cluster endpoints and proxy endpoints.
  *

package/dist/aws/infra/stacks/db-dns-stack.mjs ADDED Viewed

@@ -0,0 +1,60 @@
+import { Duration, RemovalPolicy, Stack } from "aws-cdk-lib";
+import { PrivateHostedZone, RecordSet, RecordTarget, RecordType, } from "aws-cdk-lib/aws-route53";
+import { importVpc } from "../import-util.mjs";
+import { getParameterValue } from "../stack/parameters.mjs";
+const DEFAULT_RECORD_TTL = Duration.seconds(30);
+/**
+ * Creates a dns local zone and creates records for cluster endpoints and proxy endpoints.
+ *
+ * Please note, that created PrivateHostedZone has RETAIN removalPolicy, so if you want to delete this stack,
+ * you must remove the zone by hand after.
+ */
+export class DbDnsStack extends Stack {
+    constructor(scope, id, isc) {
+        super(scope, id, {
+            env: isc.env,
+        });
+        this.createDnsRecords(isc);
+    }
+    createDnsRecords(isc) {
+        const vpc = importVpc(this, isc.environmentName);
+        const zone = new PrivateHostedZone(this, "DNSHostedZone", {
+            zoneName: isc.environmentName + ".local",
+            vpc,
+        });
+        zone.applyRemovalPolicy(RemovalPolicy.RETAIN);
+        const clusterReaderEndpoint = getParameterValue(this, "cluster.reader");
+        const clusterWriterEndpoint = getParameterValue(this, "cluster.writer");
+        const proxyReaderEndpoint = getParameterValue(this, "proxy.reader");
+        const proxyWriterEndpoint = getParameterValue(this, "proxy.writer");
+        new RecordSet(this, "ReaderRecord", {
+            recordType: RecordType.CNAME,
+            recordName: `db-ro.${isc.environmentName}.local`,
+            target: RecordTarget.fromValues(clusterReaderEndpoint),
+            ttl: DEFAULT_RECORD_TTL,
+            zone,
+        });
+        new RecordSet(this, "WriterRecord", {
+            recordType: RecordType.CNAME,
+            recordName: `db.${isc.environmentName}.local`,
+            target: RecordTarget.fromValues(clusterWriterEndpoint),
+            ttl: DEFAULT_RECORD_TTL,
+            zone,
+        });
+        new RecordSet(this, "ProxyReaderRecord", {
+            recordType: RecordType.CNAME,
+            recordName: `proxy-ro.${isc.environmentName}.local`,
+            target: RecordTarget.fromValues(proxyReaderEndpoint),
+            ttl: DEFAULT_RECORD_TTL,
+            zone,
+        });
+        new RecordSet(this, "ProxyWriterRecord", {
+            recordType: RecordType.CNAME,
+            recordName: `proxy.${isc.environmentName}.local`,
+            target: RecordTarget.fromValues(proxyWriterEndpoint),
+            ttl: DEFAULT_RECORD_TTL,
+            zone,
+        });
+    }
+}
+//# sourceMappingURL=db-dns-stack.mjs.map

package/dist/aws/infra/stacks/{db-proxy-stack.d.ts → db-proxy-stack.d.mts} RENAMED Viewed

@@ -1,9 +1,9 @@
 import { CfnDBProxyEndpoint, DatabaseProxy } from "aws-cdk-lib/aws-rds";
 import { ISecret } from "aws-cdk-lib/aws-secretsmanager";
 import { IVpc } from "aws-cdk-lib/aws-ec2";
-import { InfraStackConfiguration } from "./intra-stack-configuration";
+import { InfraStackConfiguration } from "./intra-stack-configuration.mjs";
 import { Stack } from "aws-cdk-lib/core";
-import { Construct } from "constructs/lib/construct";
+import { Construct } from "constructs/lib/construct.js";
 export interface ProxyConfiguration {
     readonly secretArn: string;
     readonly name?: string;

package/dist/aws/infra/stacks/db-proxy-stack.mjs ADDED Viewed

@@ -0,0 +1,73 @@
+import { CfnDBProxyEndpoint, DatabaseCluster, DatabaseClusterEngine, DatabaseProxy, ProxyTarget, } from "aws-cdk-lib/aws-rds";
+import { Secret } from "aws-cdk-lib/aws-secretsmanager";
+import { SecurityGroup } from "aws-cdk-lib/aws-ec2";
+import { DbStack } from "./db-stack.mjs";
+import { exportValue, importVpc } from "../import-util.mjs";
+import { createParameter } from "../stack/parameters.mjs";
+import { Stack, Duration } from "aws-cdk-lib/core";
+/**
+ * A stack that creates a Database proxy.
+ */
+export class DbProxyStack extends Stack {
+    constructor(scope, id, isc, configuration) {
+        super(scope, id, {
+            env: isc.env,
+        });
+        this.isc = isc;
+        if (configuration.clusterIdentifier === "") {
+            throw new Error("Empty cluster identifier!");
+        }
+        const vpc = importVpc(this, isc.environmentName);
+        const secret = Secret.fromSecretAttributes(this, "proxy-secret", {
+            secretCompleteArn: configuration.secretArn,
+        });
+        const proxy = this.createProxy(vpc, secret, configuration);
+        const readerEndpoint = this.createProxyEndpoints(vpc, proxy, configuration.securityGroupId);
+        createParameter(this, "proxy.reader", readerEndpoint.attrEndpoint);
+        createParameter(this, "proxy.writer", proxy.endpoint);
+        this.setOutputs(proxy);
+    }
+    setOutputs(proxy) {
+        // if only one instance, then there is no reader-endpoint
+        exportValue(this, this.isc.environmentName, DbProxyStack.PROXY_READER_EXPORT_NAME, proxy.endpoint);
+        exportValue(this, this.isc.environmentName, DbProxyStack.PROXY_WRITER_EXPORT_NAME, proxy.endpoint);
+    }
+    createProxy(vpc, secret, configuration) {
+        const proxyId = `${this.isc.environmentName}-proxy`;
+        const securityGroup = SecurityGroup.fromSecurityGroupId(this, "securitygroup", configuration.securityGroupId);
+        const cluster = DatabaseCluster.fromDatabaseClusterAttributes(this, "db-cluster", {
+            clusterIdentifier: configuration.clusterIdentifier,
+            engine: DatabaseClusterEngine.AURORA_POSTGRESQL,
+            port: DbStack.CLUSTER_PORT,
+        });
+        // CDK tries to allow connections between proxy and cluster
+        // this does not work on cluster references
+        cluster.connections.allowDefaultPortFrom = () => {
+            /* nothing */
+        };
+        return new DatabaseProxy(this, proxyId, {
+            dbProxyName: configuration.name ?? "AuroraProxy",
+            securityGroups: [securityGroup],
+            proxyTarget: ProxyTarget.fromCluster(cluster),
+            idleClientTimeout: Duration.seconds(1800),
+            maxConnectionsPercent: 50,
+            maxIdleConnectionsPercent: 25,
+            borrowTimeout: Duration.seconds(120),
+            requireTLS: false,
+            secrets: [secret],
+            vpc: vpc,
+        });
+    }
+    createProxyEndpoints(vpc, proxy, securityGroupId) {
+        return new CfnDBProxyEndpoint(this, "ReaderEndpoint", {
+            dbProxyEndpointName: "ReaderEndpoint",
+            dbProxyName: proxy.dbProxyName,
+            vpcSubnetIds: vpc.privateSubnets.map((sub) => sub.subnetId),
+            vpcSecurityGroupIds: [securityGroupId],
+            targetRole: "READ_ONLY",
+        });
+    }
+}
+DbProxyStack.PROXY_READER_EXPORT_NAME = "db-reader-endpoint";
+DbProxyStack.PROXY_WRITER_EXPORT_NAME = "db-writer-endpoint";
+//# sourceMappingURL=db-proxy-stack.mjs.map

package/dist/aws/infra/stacks/{db-stack.d.ts → db-stack.d.mts} RENAMED Viewed

@@ -1,8 +1,7 @@
-import { InstanceType, IVpc } from "aws-cdk-lib/aws-ec2";
-import { ISecurityGroup } from "aws-cdk-lib/aws-ec2/lib/security-group";
+import { InstanceType, IVpc, type ISecurityGroup } from "aws-cdk-lib/aws-ec2";
 import { AuroraPostgresEngineVersion, DatabaseCluster, DatabaseClusterProps, IParameterGroup } from "aws-cdk-lib/aws-rds";
-import { Construct } from "constructs/lib/construct";
-import { InfraStackConfiguration } from "./intra-stack-configuration";
+import { Construct } from "constructs/lib/construct.js";
+import { InfraStackConfiguration } from "./intra-stack-configuration.mjs";
 import { Stack } from "aws-cdk-lib/core";
 export interface DbConfiguration {
     readonly cluster?: ClusterConfiguration;

package/dist/aws/infra/stacks/{db-stack.js → db-stack.mjs} RENAMED Viewed

@@ -1,12 +1,9 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DbStack = void 0;
-const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
-const aws_rds_1 = require("aws-cdk-lib/aws-rds");
-const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
-const import_util_1 = require("../import-util");
-const core_1 = require("aws-cdk-lib/core");
-const parameters_1 = require("../stack/parameters");
+import { SecurityGroup, SubnetType, } from "aws-cdk-lib/aws-ec2";
+import { CfnDBInstance, Credentials, DatabaseCluster, DatabaseClusterEngine, DatabaseClusterFromSnapshot, InstanceUpdateBehaviour, ParameterGroup, } from "aws-cdk-lib/aws-rds";
+import { Secret } from "aws-cdk-lib/aws-secretsmanager";
+import { exportValue, importVpc } from "../import-util.mjs";
+import { Duration, RemovalPolicy, Stack } from "aws-cdk-lib/core";
+import { createParameter } from "../stack/parameters.mjs";
 /**
  * Stack that creates DatabaseCluster.
  *
@@ -16,7 +13,7 @@ const parameters_1 = require("../stack/parameters");
  * You should deploy once with cluster and then without.  This way you can create the cluster with this
  * stack, but cluster is not part of the stack after that.
  */
-class DbStack extends core_1.Stack {
+export class DbStack extends Stack {
     constructor(scope, id, isc, configuration) {
         super(scope, id, {
             env: isc.env,
@@ -30,23 +27,23 @@ class DbStack extends core_1.Stack {
         // create cluster if this is wanted, should do it only once
         if (configuration.cluster) {
             const cluster = this.createAuroraCluster(isc, configuration, configuration.cluster, parameterGroups);
-            (0, import_util_1.exportValue)(this, isc.environmentName, DbStack.CLUSTER_IDENTIFIER_EXPORT_NAME, cluster.clusterIdentifier);
-            (0, import_util_1.exportValue)(this, isc.environmentName, DbStack.CLUSTER_WRITE_ENDPOINT_EXPORT_NAME, cluster.clusterEndpoint.hostname);
-            (0, import_util_1.exportValue)(this, isc.environmentName, DbStack.CLUSTER_READ_ENDPOINT_EXPORT_NAME, cluster.clusterReadEndpoint.hostname);
-            (0, parameters_1.createParameter)(this, "cluster.reader", cluster.clusterReadEndpoint.hostname);
-            (0, parameters_1.createParameter)(this, "cluster.writer", cluster.clusterEndpoint.hostname);
-            (0, parameters_1.createParameter)(this, "cluster.identifier", cluster.clusterIdentifier);
+            exportValue(this, isc.environmentName, DbStack.CLUSTER_IDENTIFIER_EXPORT_NAME, cluster.clusterIdentifier);
+            exportValue(this, isc.environmentName, DbStack.CLUSTER_WRITE_ENDPOINT_EXPORT_NAME, cluster.clusterEndpoint.hostname);
+            exportValue(this, isc.environmentName, DbStack.CLUSTER_READ_ENDPOINT_EXPORT_NAME, cluster.clusterReadEndpoint.hostname);
+            createParameter(this, "cluster.reader", cluster.clusterReadEndpoint.hostname);
+            createParameter(this, "cluster.writer", cluster.clusterEndpoint.hostname);
+            createParameter(this, "cluster.identifier", cluster.clusterIdentifier);
             this.clusterIdentifier = cluster.clusterIdentifier;
         }
         if (configuration.clusterImport) {
-            (0, parameters_1.createParameter)(this, "cluster.reader", configuration.clusterImport.clusterReadEndpoint);
-            (0, parameters_1.createParameter)(this, "cluster.writer", configuration.clusterImport.clusterWriteEndpoint);
+            createParameter(this, "cluster.reader", configuration.clusterImport.clusterReadEndpoint);
+            createParameter(this, "cluster.writer", configuration.clusterImport.clusterWriteEndpoint);
         }
     }
     createParameterGroups(customVersions, workmem) {
         return customVersions.map((version) => {
-            const pg = new aws_rds_1.ParameterGroup(this, `parameter-group-${version.auroraPostgresMajorVersion}`, {
-                engine: aws_rds_1.DatabaseClusterEngine.auroraPostgres({
+            const pg = new ParameterGroup(this, `parameter-group-${version.auroraPostgresMajorVersion}`, {
+                engine: DatabaseClusterEngine.auroraPostgres({
                     version,
                 }),
                 parameters: {
@@ -62,22 +59,22 @@ class DbStack extends core_1.Stack {
         });
     }
     createClusterParameters(secretArn, clusterConfiguration, instanceName, vpc, securityGroup, parameterGroup) {
-        const secret = aws_secretsmanager_1.Secret.fromSecretCompleteArn(this, "DBSecret", secretArn);
+        const secret = Secret.fromSecretCompleteArn(this, "DBSecret", secretArn);
         return {
-            engine: aws_rds_1.DatabaseClusterEngine.auroraPostgres({
+            engine: DatabaseClusterEngine.auroraPostgres({
                 version: clusterConfiguration.dbVersion,
             }),
             instances: clusterConfiguration.instances,
-            instanceUpdateBehaviour: aws_rds_1.InstanceUpdateBehaviour.ROLLING,
+            instanceUpdateBehaviour: InstanceUpdateBehaviour.ROLLING,
             instanceIdentifierBase: instanceName + "-",
             cloudwatchLogsExports: ["postgresql"],
             backup: {
-                retention: core_1.Duration.days(35),
+                retention: Duration.days(35),
                 preferredWindow: "01:00-02:00",
             },
             preferredMaintenanceWindow: "mon:03:00-mon:04:00",
             deletionProtection: true,
-            removalPolicy: core_1.RemovalPolicy.RETAIN,
+            removalPolicy: RemovalPolicy.RETAIN,
             port: DbStack.CLUSTER_PORT,
             instanceProps: {
                 autoMinorVersionUpgrade: true,
@@ -86,35 +83,35 @@ class DbStack extends core_1.Stack {
                 vpc,
                 securityGroups: [securityGroup],
                 vpcSubnets: {
-                    subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS,
+                    subnetType: SubnetType.PRIVATE_WITH_EGRESS,
                 },
                 instanceType: clusterConfiguration.dbInstanceType,
                 parameterGroup,
             },
-            credentials: aws_rds_1.Credentials.fromPassword(secret.secretValueFromJson("db.superuser").unsafeUnwrap(), secret.secretValueFromJson("db.superuser.password")),
+            credentials: Credentials.fromPassword(secret.secretValueFromJson("db.superuser").unsafeUnwrap(), secret.secretValueFromJson("db.superuser.password")),
             parameterGroup,
             //            storageEncrypted: clusterConfiguration.storageEncrypted ?? true,
-            monitoringInterval: core_1.Duration.seconds(30),
+            monitoringInterval: Duration.seconds(30),
         };
     }
     createAuroraCluster(isc, configuration, clusterConfiguration, parameterGroups) {
         const instanceName = isc.environmentName + "-db";
-        const securityGroup = aws_ec2_1.SecurityGroup.fromSecurityGroupId(this, "securitygroup", clusterConfiguration.securityGroupId);
+        const securityGroup = SecurityGroup.fromSecurityGroupId(this, "securitygroup", clusterConfiguration.securityGroupId);
         const vpc = configuration.vpc
             ? configuration.vpc
-            : (0, import_util_1.importVpc)(this, isc.environmentName);
+            : importVpc(this, isc.environmentName);
         const parameters = this.createClusterParameters(configuration.secretArn, clusterConfiguration, instanceName, vpc, securityGroup, parameterGroups[0]);
         // create cluster from the snapshot or from the scratch
         const cluster = clusterConfiguration.snapshotIdentifier
-            ? new aws_rds_1.DatabaseClusterFromSnapshot(this, instanceName, {
+            ? new DatabaseClusterFromSnapshot(this, instanceName, {
                 ...parameters,
                 ...{
                     snapshotIdentifier: clusterConfiguration.snapshotIdentifier,
                 },
             })
-            : new aws_rds_1.DatabaseCluster(this, instanceName, parameters);
+            : new DatabaseCluster(this, instanceName, parameters);
         // this workaround should prevent stack failing on version upgrade
-        const cfnInstances = cluster.node.children.filter((child) => child instanceof aws_rds_1.CfnDBInstance);
+        const cfnInstances = cluster.node.children.filter((child) => child instanceof CfnDBInstance);
         if (cfnInstances.length === 0) {
             throw new Error("Couldn't pull CfnDBInstances from the L1 constructs!");
         }
@@ -122,9 +119,8 @@ class DbStack extends core_1.Stack {
         return cluster;
     }
 }
-exports.DbStack = DbStack;
 DbStack.CLUSTER_PORT = 5432;
 DbStack.CLUSTER_IDENTIFIER_EXPORT_NAME = "db-cluster";
 DbStack.CLUSTER_READ_ENDPOINT_EXPORT_NAME = "db-cluster-reader-endpoint";
 DbStack.CLUSTER_WRITE_ENDPOINT_EXPORT_NAME = "db-cluster-writer-endpoint";
-//# sourceMappingURL=db-stack.js.map
+//# sourceMappingURL=db-stack.mjs.map

package/dist/aws/infra/stacks/intra-stack-configuration.mjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=intra-stack-configuration.mjs.map

package/dist/aws/infra/stacks/{network-stack.d.ts → network-stack.d.mts} RENAMED Viewed

@@ -1,7 +1,7 @@
 import { IVpc, Vpc } from "aws-cdk-lib/aws-ec2";
-import { InfraStackConfiguration } from "./intra-stack-configuration";
+import { InfraStackConfiguration } from "./intra-stack-configuration.mjs";
 import { Stack } from "aws-cdk-lib/core";
-import { Construct } from "constructs/lib/construct";
+import { Construct } from "constructs/lib/construct.js";
 export interface NetworkConfiguration {
     readonly vpcName: string;
     readonly cidr: string;

package/dist/aws/infra/stacks/network-stack.mjs ADDED Viewed

@@ -0,0 +1,40 @@
+import { IpAddresses, SubnetType, Vpc } from "aws-cdk-lib/aws-ec2";
+import { exportValue } from "../import-util.mjs";
+import { Stack } from "aws-cdk-lib/core";
+export class NetworkStack extends Stack {
+    constructor(scope, id, isc, configuration) {
+        super(scope, id, {
+            env: isc.env,
+        });
+        this.vpc = this.createVpc(configuration);
+        exportValue(this, isc.environmentName, "VPCID", this.vpc.vpcId);
+        exportValue(this, isc.environmentName, "digitrafficpublicASubnet", this.vpc.publicSubnets[0].subnetId);
+        exportValue(this, isc.environmentName, "digitrafficpublicBSubnet", this.vpc.publicSubnets[1].subnetId);
+        exportValue(this, isc.environmentName, "digitrafficprivateASubnet", this.vpc.privateSubnets[0].subnetId);
+        exportValue(this, isc.environmentName, "digitrafficprivateBSubnet", this.vpc.privateSubnets[1].subnetId);
+    }
+    createVpc(configuration) {
+        return new Vpc(this, "DigitrafficVPC", {
+            vpcName: configuration.vpcName,
+            availabilityZones: Stack.of(this)
+                .availabilityZones.sort()
+                .slice(0, 2), // take two first azs
+            enableDnsHostnames: true,
+            enableDnsSupport: true,
+            ipAddresses: IpAddresses.cidr(configuration.cidr),
+            subnetConfiguration: [
+                {
+                    name: "public",
+                    cidrMask: 24,
+                    subnetType: SubnetType.PUBLIC,
+                },
+                {
+                    name: "private",
+                    cidrMask: 24,
+                    subnetType: SubnetType.PRIVATE_WITH_EGRESS,
+                },
+            ],
+        });
+    }
+}
+//# sourceMappingURL=network-stack.mjs.map