npm - @effortless-aws/cli - Versions diffs - 0.2.1 → 0.2.2 - Mend

@effortless-aws/cli 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/cli/index.js +13 -37
package/package.json +1 -1

package/dist/cli/index.js CHANGED Viewed

@@ -1943,56 +1943,36 @@ var ensureFunctionUrl = (functionName) => Effect13.gen(function* () {
     )
   );
   if (existing) {
-    yield* Effect13.logDebug(`Function URL already exists: ${existing.FunctionUrl}`);
+    yield* lambda_exports.make("update_function_url_config", {
+      FunctionName: functionName,
+      AuthType: "NONE"
+    });
     return { functionUrl: existing.FunctionUrl };
   }
   yield* Effect13.logDebug(`Creating Function URL for: ${functionName}`);
   const result = yield* lambda_exports.make("create_function_url_config", {
     FunctionName: functionName,
-    AuthType: "AWS_IAM",
+    AuthType: "NONE",
     InvokeMode: "BUFFERED"
   });
   return { functionUrl: result.FunctionUrl };
 });
-var addCloudFrontPermission = (functionName, distributionArn) => Effect13.gen(function* () {
+var addFunctionUrlPublicAccess = (functionName) => Effect13.gen(function* () {
   const statements = [
-    {
-      statementId: "cloudfront-oac",
-      action: "lambda:InvokeFunctionUrl",
-      authType: "AWS_IAM"
-    },
-    {
-      statementId: "cloudfront-oac-invoke",
-      action: "lambda:InvokeFunction",
-      authType: void 0
-    }
+    { statementId: "function-url-public", action: "lambda:InvokeFunctionUrl", urlAuthType: "NONE" },
+    { statementId: "function-url-invoke", action: "lambda:InvokeFunction", urlAuthType: void 0 }
   ];
   for (const stmt of statements) {
     yield* lambda_exports.make("add_permission", {
       FunctionName: functionName,
       StatementId: stmt.statementId,
       Action: stmt.action,
-      Principal: "cloudfront.amazonaws.com",
-      SourceArn: distributionArn,
-      ...stmt.authType ? { FunctionUrlAuthType: stmt.authType } : {}
+      Principal: "*",
+      ...stmt.urlAuthType ? { FunctionUrlAuthType: stmt.urlAuthType } : {}
     }).pipe(
       Effect13.catchIf(
         (e) => e._tag === "LambdaError" && e.is("ResourceConflictException"),
-        () => Effect13.gen(function* () {
-          yield* Effect13.logDebug(`Permission ${stmt.statementId} exists for ${functionName}, replacing...`);
-          yield* lambda_exports.make("remove_permission", {
-            FunctionName: functionName,
-            StatementId: stmt.statementId
-          });
-          yield* lambda_exports.make("add_permission", {
-            FunctionName: functionName,
-            StatementId: stmt.statementId,
-            Action: stmt.action,
-            Principal: "cloudfront.amazonaws.com",
-            SourceArn: distributionArn,
-            ...stmt.authType ? { FunctionUrlAuthType: stmt.authType } : {}
-          });
-        })
+        () => Effect13.logDebug(`Permission ${stmt.statementId} already exists for ${functionName}`)
       )
     );
   }
@@ -3627,7 +3607,7 @@ var ensureDistribution = (input) => Effect21.gen(function* () {
   };
 });
 var ensureSsrDistribution = (input) => Effect21.gen(function* () {
-  const { project, stage, handlerName, bucketName, bucketRegion, s3OacId, lambdaOriginDomain, lambdaOacId, assetPatterns, tags, aliases, acmCertificateArn, apiOriginDomain, routePatterns } = input;
+  const { project, stage, handlerName, bucketName, bucketRegion, s3OacId, lambdaOriginDomain, assetPatterns, tags, aliases, acmCertificateArn, apiOriginDomain, routePatterns } = input;
   const comment = makeDistComment(project, stage, handlerName);
   const lambdaOriginId = `Lambda-${project}-${stage}-${handlerName}`;
   const s3OriginId = `S3-${bucketName}`;
@@ -3648,7 +3628,6 @@ var ensureSsrDistribution = (input) => Effect21.gen(function* () {
       Id: lambdaOriginId,
       DomainName: lambdaOriginDomain,
       OriginPath: "",
-      OriginAccessControlId: lambdaOacId,
       CustomOriginConfig: {
         HTTPPort: 80,
         HTTPSPort: 443,
@@ -5009,8 +4988,6 @@ var deployApp = (input) => Effect29.gen(function* () {
   });
   const s3OacName = `${project}-${stage}-oac`;
   const { oacId: s3OacId } = yield* ensureOAC({ name: s3OacName, originType: "s3" });
-  const lambdaOacName = `${project}-${stage}-lambda-oac`;
-  const { oacId: lambdaOacId } = yield* ensureOAC({ name: lambdaOacName, originType: "lambda" });
   const assetsDir = path5.resolve(projectDir, config.assets);
   const assetPatterns = detectAssetPatterns(assetsDir);
   yield* Effect29.logDebug(`Detected ${assetPatterns.length} asset pattern(s): ${assetPatterns.join(", ")}`);
@@ -5030,14 +5007,13 @@ var deployApp = (input) => Effect29.gen(function* () {
     bucketRegion: region,
     s3OacId,
     lambdaOriginDomain,
-    lambdaOacId,
     assetPatterns,
     tags: makeTags(tagCtx, "cloudfront-distribution"),
     aliases,
     acmCertificateArn,
     ...input.apiOriginDomain && routePatterns.length > 0 ? { apiOriginDomain: input.apiOriginDomain, routePatterns } : {}
   });
-  yield* addCloudFrontPermission(lambdaName, distributionArn);
+  yield* addFunctionUrlPublicAccess(lambdaName);
   yield* putBucketPolicyForOAC(bucketName, distributionArn);
   yield* syncFiles({ bucketName, sourceDir: assetsDir });
   yield* invalidateDistribution(distributionId);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@effortless-aws/cli",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "license": "MIT",
   "type": "module",
   "description": "CLI and deploy tooling for effortless-aws",