@fjall/components-infrastructure 0.77.4 → 0.78.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/app.d.ts +8 -5
- package/dist/lib/app.js +19 -7
- package/dist/lib/patterns/aws/buildkite.js +4 -7
- package/dist/lib/patterns/aws/compute.d.ts +479 -48
- package/dist/lib/patterns/aws/compute.js +307 -94
- package/dist/lib/patterns/aws/database.d.ts +1 -0
- package/dist/lib/patterns/aws/database.js +4 -1
- package/dist/lib/patterns/aws/hostedZone.js +4 -7
- package/dist/lib/patterns/aws/loadBalancer.d.ts +163 -0
- package/dist/lib/patterns/aws/loadBalancer.js +278 -0
- package/dist/lib/patterns/aws/network.d.ts +1 -0
- package/dist/lib/patterns/aws/network.js +2 -1
- package/dist/lib/resources/aws/compute/capacityProviderDrainWaiter.d.ts +20 -0
- package/dist/lib/resources/aws/compute/capacityProviderDrainWaiter.js +180 -0
- package/dist/lib/resources/aws/compute/ecs.d.ts +294 -57
- package/dist/lib/resources/aws/compute/ecs.js +745 -261
- package/dist/lib/resources/aws/compute/ecsFreeTier.js +1 -1
- package/dist/lib/resources/aws/compute/ecsSpot.js +1 -1
- package/dist/lib/resources/aws/compute/utilities/capacityProviderDrainWaiter.d.ts +20 -0
- package/dist/lib/resources/aws/compute/utilities/capacityProviderDrainWaiter.js +180 -0
- package/dist/lib/resources/aws/database/rdsAurora.d.ts +1 -0
- package/dist/lib/resources/aws/database/rdsAurora.js +2 -2
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.d.ts +1 -0
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.js +2 -1
- package/dist/lib/resources/aws/database/rdsDeletionWaiter.d.ts +33 -0
- package/dist/lib/resources/aws/database/rdsDeletionWaiter.js +74 -0
- package/dist/lib/resources/aws/database/rdsInstance.d.ts +1 -0
- package/dist/lib/resources/aws/database/rdsInstance.js +3 -3
- package/dist/lib/resources/aws/networking/vpc.d.ts +1 -0
- package/dist/lib/resources/aws/networking/vpc.js +4 -3
- package/dist/lib/resources/aws/networking/vpcEndpoint.d.ts +2 -2
- package/dist/lib/resources/aws/networking/vpcEndpoint.js +1 -1
- package/dist/lib/resources/aws/networking/vpcEndpoints.d.ts +71 -0
- package/dist/lib/resources/aws/networking/vpcEndpoints.js +125 -0
- package/dist/lib/resources/aws/secrets/kms.d.ts +14 -0
- package/dist/lib/resources/aws/secrets/kms.js +5 -2
- package/dist/lib/resources/aws/secrets/secret.js +1 -1
- package/dist/lib/utils/standardTagsAspect.d.ts +26 -12
- package/dist/lib/utils/standardTagsAspect.js +67 -477
- package/dist/lib/utils/tagResource.d.ts +18 -3
- package/dist/lib/utils/tagResource.js +23 -6
- package/package.json +3 -3
- package/dist/lib/aspects/resourceInventory.d.ts +0 -41
- package/dist/lib/aspects/resourceInventory.js +0 -56
- package/dist/lib/config/audit.d.ts +0 -18
- package/dist/lib/config/audit.js +0 -22
- package/dist/lib/patterns/aws/auditRole.d.ts +0 -44
- package/dist/lib/patterns/aws/auditRole.js +0 -58
- package/dist/lib/patterns/aws/basicApp.d.ts +0 -0
- package/dist/lib/patterns/aws/basicApp.js +0 -150
- package/dist/lib/patterns/aws/ec2.d.ts +0 -43
- package/dist/lib/patterns/aws/ec2.js +0 -123
- package/dist/lib/patterns/aws/freeTierApp.d.ts +0 -44
- package/dist/lib/patterns/aws/freeTierApp.js +0 -83
- package/dist/lib/patterns/aws/spotInstanceApp.d.ts +0 -45
- package/dist/lib/patterns/aws/spotInstanceApp.js +0 -85
- package/dist/lib/resources/aws/audit/auditRole.d.ts +0 -32
- package/dist/lib/resources/aws/audit/auditRole.js +0 -46
- package/dist/lib/resources/aws/database/databaseFreeTier.d.ts +0 -15
- package/dist/lib/resources/aws/database/databaseFreeTier.js +0 -29
- package/dist/lib/resources/aws/database/rdsFreeTier.d.ts +0 -37
- package/dist/lib/resources/aws/database/rdsFreeTier.js +0 -84
- package/dist/lib/utils/getCidr.d.ts +0 -8
- package/dist/lib/utils/getCidr.js +0 -40
|
@@ -1,8 +1,22 @@
|
|
|
1
|
+
import { RemovalPolicy } from "aws-cdk-lib";
|
|
1
2
|
import { Alias, Key } from "aws-cdk-lib/aws-kms";
|
|
2
3
|
import { Construct } from "constructs";
|
|
3
4
|
interface CustomerManagedKeyProps {
|
|
4
5
|
description?: string;
|
|
5
6
|
aliasName?: string;
|
|
7
|
+
/**
|
|
8
|
+
* Removal policy for the KMS key.
|
|
9
|
+
*
|
|
10
|
+
* IMPORTANT: KMS keys cannot be immediately deleted. When RemovalPolicy.DESTROY
|
|
11
|
+
* is used, the key will be scheduled for deletion with a 7-day waiting period
|
|
12
|
+
* (AWS minimum). During this period, the key is disabled but can be recovered.
|
|
13
|
+
*
|
|
14
|
+
* For production workloads, always use RETAIN (default) to prevent accidental
|
|
15
|
+
* data loss - deleting a KMS key makes all encrypted data permanently unrecoverable.
|
|
16
|
+
*
|
|
17
|
+
* @default RemovalPolicy.RETAIN
|
|
18
|
+
*/
|
|
19
|
+
removalPolicy?: RemovalPolicy;
|
|
6
20
|
}
|
|
7
21
|
export declare class CustomerManagedKey extends Construct {
|
|
8
22
|
readonly key: Key;
|
|
@@ -9,7 +9,10 @@ class CustomerManagedKey extends constructs_1.Construct {
|
|
|
9
9
|
super(scope, id);
|
|
10
10
|
this.key = new aws_kms_1.Key(this, `${id}Key`, {
|
|
11
11
|
description: props.description || `${id} KMS Key`,
|
|
12
|
-
removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN
|
|
12
|
+
removalPolicy: props.removalPolicy ?? aws_cdk_lib_1.RemovalPolicy.RETAIN,
|
|
13
|
+
pendingWindow: props.removalPolicy === aws_cdk_lib_1.RemovalPolicy.DESTROY
|
|
14
|
+
? aws_cdk_lib_1.Duration.days(14)
|
|
15
|
+
: undefined
|
|
13
16
|
});
|
|
14
17
|
new aws_cdk_lib_1.CfnOutput(this, `${id}KeyArn`, {
|
|
15
18
|
key: `${id}Arn`,
|
|
@@ -28,4 +31,4 @@ class CustomerManagedKey extends constructs_1.Construct {
|
|
|
28
31
|
}
|
|
29
32
|
}
|
|
30
33
|
exports.CustomerManagedKey = CustomerManagedKey;
|
|
31
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
34
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia21zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc2VjcmV0cy9rbXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQWlFO0FBQ2pFLGlEQUFpRDtBQUNqRCwyQ0FBdUM7QUFvQnZDLE1BQWEsa0JBQW1CLFNBQVEsc0JBQVM7SUFJL0MsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUE4QjtRQUN0RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksQ0FBQyxHQUFHLEdBQUcsSUFBSSxhQUFHLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUU7WUFDbkMsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksR0FBRyxFQUFFLFVBQVU7WUFDakQsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhLElBQUksMkJBQWEsQ0FBQyxNQUFNO1lBQzFELGFBQWEsRUFDWCxLQUFLLENBQUMsYUFBYSxLQUFLLDJCQUFhLENBQUMsT0FBTztnQkFDM0MsQ0FBQyxDQUFDLHNCQUFRLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDbkIsQ0FBQyxDQUFDLFNBQVM7U0FDaEIsQ0FBQyxDQUFDO1FBQ0gsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsUUFBUSxFQUFFO1lBQ2pDLEdBQUcsRUFBRSxHQUFHLEVBQUUsS0FBSztZQUNmLEtBQUssRUFBRSxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU07WUFDdEIsVUFBVSxFQUFFLEdBQUcsRUFBRSxRQUFRO1NBQzFCLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxLQUFLLEdBQUcsSUFBSSxlQUFLLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxVQUFVLEVBQUU7WUFDNUMsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTLElBQUksT0FBTyxFQUFFLEVBQUU7WUFDekMsU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHO1NBQ3BCLENBQUMsQ0FBQztRQUNILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxFQUFFLGFBQWEsRUFBRTtZQUN0QyxHQUFHLEVBQUUsR0FBRyxFQUFFLFVBQVU7WUFDcEIsS0FBSyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUTtZQUMxQixVQUFVLEVBQUUsR0FBRyxFQUFFLGFBQWE7U0FDL0IsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBL0JELGdEQStCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCwgRHVyYXRpb24sIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IEFsaWFzLCBLZXkgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWttc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuaW50ZXJmYWNlIEN1c3RvbWVyTWFuYWdlZEtleVByb3BzIHtcbiAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gIGFsaWFzTmFtZT86IHN0cmluZztcbiAgLyoqXG4gICAqIFJlbW92YWwgcG9saWN5IGZvciB0aGUgS01TIGtleS5cbiAgICpcbiAgICogSU1QT1JUQU5UOiBLTVMga2V5cyBjYW5ub3QgYmUgaW1tZWRpYXRlbHkgZGVsZXRlZC4gV2hlbiBSZW1vdmFsUG9saWN5LkRFU1RST1lcbiAgICogaXMgdXNlZCwgdGhlIGtleSB3aWxsIGJlIHNjaGVkdWxlZCBmb3IgZGVsZXRpb24gd2l0aCBhIDctZGF5IHdhaXRpbmcgcGVyaW9kXG4gICAqIChBV1MgbWluaW11bSkuIER1cmluZyB0aGlzIHBlcmlvZCwgdGhlIGtleSBpcyBkaXNhYmxlZCBidXQgY2FuIGJlIHJlY292ZXJlZC5cbiAgICpcbiAgICogRm9yIHByb2R1Y3Rpb24gd29ya2xvYWRzLCBhbHdheXMgdXNlIFJFVEFJTiAoZGVmYXVsdCkgdG8gcHJldmVudCBhY2NpZGVudGFsXG4gICAqIGRhdGEgbG9zcyAtIGRlbGV0aW5nIGEgS01TIGtleSBtYWtlcyBhbGwgZW5jcnlwdGVkIGRhdGEgcGVybWFuZW50bHkgdW5yZWNvdmVyYWJsZS5cbiAgICpcbiAgICogQGRlZmF1bHQgUmVtb3ZhbFBvbGljeS5SRVRBSU5cbiAgICovXG4gIHJlbW92YWxQb2xpY3k/OiBSZW1vdmFsUG9saWN5O1xufVxuXG5leHBvcnQgY2xhc3MgQ3VzdG9tZXJNYW5hZ2VkS2V5IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IGtleTogS2V5O1xuICBwdWJsaWMgcmVhZG9ubHkgYWxpYXM6IEFsaWFzO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBDdXN0b21lck1hbmFnZWRLZXlQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICB0aGlzLmtleSA9IG5ldyBLZXkodGhpcywgYCR7aWR9S2V5YCwge1xuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGAke2lkfSBLTVMgS2V5YCxcbiAgICAgIHJlbW92YWxQb2xpY3k6IHByb3BzLnJlbW92YWxQb2xpY3kgPz8gUmVtb3ZhbFBvbGljeS5SRVRBSU4sXG4gICAgICBwZW5kaW5nV2luZG93OlxuICAgICAgICBwcm9wcy5yZW1vdmFsUG9saWN5ID09PSBSZW1vdmFsUG9saWN5LkRFU1RST1lcbiAgICAgICAgICA/IER1cmF0aW9uLmRheXMoMTQpXG4gICAgICAgICAgOiB1bmRlZmluZWRcbiAgICB9KTtcbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke2lkfUtleUFybmAsIHtcbiAgICAgIGtleTogYCR7aWR9QXJuYCxcbiAgICAgIHZhbHVlOiB0aGlzLmtleS5rZXlBcm4sXG4gICAgICBleHBvcnROYW1lOiBgJHtpZH1LZXlBcm5gXG4gICAgfSk7XG5cbiAgICB0aGlzLmFsaWFzID0gbmV3IEFsaWFzKHRoaXMsIGAke2lkfUtleUFsaWFzYCwge1xuICAgICAgYWxpYXNOYW1lOiBwcm9wcy5hbGlhc05hbWUgfHwgYGNtay8ke2lkfWAsXG4gICAgICB0YXJnZXRLZXk6IHRoaXMua2V5XG4gICAgfSk7XG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtpZH1LZXlBbGlhc0FybmAsIHtcbiAgICAgIGtleTogYCR7aWR9QWxpYXNBcm5gLFxuICAgICAgdmFsdWU6IHRoaXMuYWxpYXMuYWxpYXNBcm4sXG4gICAgICBleHBvcnROYW1lOiBgJHtpZH1LZXlBbGlhc0FybmBcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -72,4 +72,4 @@ class Secret extends constructs_1.Construct {
|
|
|
72
72
|
}
|
|
73
73
|
}
|
|
74
74
|
exports.Secret = Secret;
|
|
75
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
75
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjcmV0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc2VjcmV0cy9zZWNyZXQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQTBDO0FBQzFDLHVFQUt3QztBQUN4QywyQ0FBdUM7QUFFdkMsK0JBQTJDO0FBa0MzQyxNQUFhLE1BQU8sU0FBUSxzQkFBUztJQUtuQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWtCO1FBQzFELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUM7UUFFYixzRkFBc0Y7UUFDdEYsSUFBSSxLQUFLLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDekIscUVBQXFFO1lBQ3JFLElBQUksQ0FBQyxNQUFNLEdBQUcsMkJBQVMsQ0FBQyxnQkFBZ0IsQ0FDdEMsSUFBSSxFQUNKLEdBQUcsRUFBRSxRQUFRLEVBQ2IsS0FBSyxDQUFDLFVBQVUsQ0FDakIsQ0FBQztZQUNGLHlDQUF5QztZQUN6QyxPQUFPO1FBQ1QsQ0FBQztRQUVELHNDQUFzQztRQUN0QyxJQUFJLENBQUMseUJBQXlCLEdBQUcsSUFBSSx3QkFBa0IsQ0FDckQsSUFBSSxFQUNKLEdBQUcsRUFBRSxvQkFBb0IsRUFDekI7WUFDRSxTQUFTLEVBQUUsT0FBTyxFQUFFLEVBQUU7U0FDdkIsQ0FDRixDQUFDO1FBRUY7O1dBRUc7UUFDSCxNQUFNLGlCQUFpQixHQUFHLEtBQUssQ0FBQyxpQkFBaUI7WUFDL0MsQ0FBQyxDQUFDO2dCQUNFLGlCQUFpQixFQUFFLHlCQUFXLENBQUMsZUFBZSxDQUM1QyxLQUFLLENBQUMsaUJBQWlCLElBQUksRUFBRSxDQUM5QjthQUNGO1lBQ0gsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUVQOzs7V0FHRztRQUNILE1BQU0sb0JBQW9CLEdBQ3hCLENBQUMsS0FBSyxDQUFDLGlCQUFpQixJQUFJLEtBQUssQ0FBQyxvQkFBb0I7WUFDcEQsQ0FBQyxDQUFDLEVBQUUsb0JBQW9CLEVBQUUsS0FBSyxDQUFDLG9CQUFvQixFQUFFO1lBQ3RELENBQUMsQ0FBQyxFQUFFLENBQUM7UUFFVCx3REFBd0Q7UUFDeEQsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLGNBQWM7WUFDekMsQ0FBQyxDQUFDO2dCQUNFLGNBQWMsRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztvQkFDcEQsTUFBTTtpQkFDUCxDQUFDLENBQUM7YUFDSjtZQUNILENBQUMsQ0FBQyxFQUFFLENBQUM7UUFFUCwyQ0FBMkM7UUFDM0MsTUFBTSxhQUFhLEdBQUc7WUFDcEIsVUFBVSxFQUFFLEtBQUssQ0FBQyxVQUFVO1lBQzVCLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7WUFDMUMsYUFBYSxFQUFFLElBQUksQ0FBQyx5QkFBMEIsQ0FBQyxHQUFHO1lBQ2xELFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixHQUFHLGlCQUFpQjtZQUNwQixHQUFHLG9CQUFvQjtZQUN2QixHQUFHLGNBQWM7U0FDbEIsQ0FBQztRQUVGLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSwyQkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsUUFBUSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQ2xFLENBQUM7SUFFRCxTQUFTLENBQUMsV0FBb0I7UUFDNUIsT0FBTztZQUNMLEVBQUUsRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLFFBQVE7WUFDdEIsSUFBSSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVTtZQUM1QixLQUFLLEVBQUUsV0FBVztTQUNuQixDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQ1YsRUFBVSxFQUNWLEtBQWtCO1FBRWxCLE9BQU8sQ0FBQyxFQUFnQixFQUFFLEVBQUU7WUFDMUIsTUFBTSxRQUFRLEdBQWdCO2dCQUM1QixHQUFHLEtBQUs7YUFDVCxDQUFDO1lBQ0YsT0FBTyxJQUFJLElBQUksQ0FBQyxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQy9DLENBQUMsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQTdGRCx3QkE2RkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBTZWNyZXRWYWx1ZSB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHtcbiAgU2VjcmV0IGFzIENka1NlY3JldCxcbiAgdHlwZSBTZWNyZXRTdHJpbmdHZW5lcmF0b3IsXG4gIFJlcGxpY2FSZWdpb24sXG4gIHR5cGUgSVNlY3JldFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgdHlwZSBTdGFja0J1aWxkZXIgfSBmcm9tIFwiLi4vYmFzZS9hd3NTdGFja1wiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5IH0gZnJvbSBcIi4va21zXCI7XG5pbXBvcnQgeyBLZXlWYWx1ZSB9IGZyb20gXCIuLi8uLi8uLi90eXBlc1wiO1xuXG5pbnRlcmZhY2UgU2VjcmV0UHJvcHMge1xuICBzZWNyZXROYW1lOiBzdHJpbmc7XG4gIHNlY3JldE9iamVjdFZhbHVlPzoge1xuICAgIFtrZXk6IHN0cmluZ106IFNlY3JldFZhbHVlO1xuICB9O1xuICBzZWNyZXRTdHJpbmdWYWx1ZT86IHN0cmluZztcbiAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gIGFsaWFzTmFtZT86IHN0cmluZztcbiAgZ2VuZXJhdGVTZWNyZXRTdHJpbmc/OiBTZWNyZXRTdHJpbmdHZW5lcmF0b3I7XG4gIC8qKiBSZWdpb25zIHdoZXJlIHRoaXMgc2VjcmV0IHNob3VsZCBiZSByZXBsaWNhdGVkIChmb3IgR2xvYmFsIEF1cm9yYSkgKi9cbiAgcmVwbGljYVJlZ2lvbnM/OiBzdHJpbmdbXTtcbiAgLyoqIFNldCB0byB0cnVlIHRvIGltcG9ydCBhbiBleGlzdGluZyBzZWNyZXQgaW5zdGVhZCBvZiBjcmVhdGluZyBhIG5ldyBvbmUgKGZvciByZXBsaWNhdGVkIHNlY3JldHMpICovXG4gIGltcG9ydEV4aXN0aW5nPzogYm9vbGVhbjtcbn1cblxuZXhwb3J0IHR5cGUgU2VjcmV0SW1wb3J0ID0ge1xuICAvKipcbiAgICogU2VjcmV0IElEXG4gICAqL1xuICBpZDogc3RyaW5nO1xuICAvKipcbiAgICogU2VjcmV0IG5hbWVcbiAgICovXG4gIG5hbWU6IHN0cmluZztcblxuICAvKipcbiAgICogT3B0aW9uYWwgLSBtYXkgYmUgdXNlZCB0byBpbXBvcnQgYSBzcGVjaWZpYyBmaWVsZCBmcm9tIHRoZSBzZWNyZXRcbiAgICovXG4gIGZpZWxkPzogc3RyaW5nO1xufTtcblxuZXhwb3J0IGNsYXNzIFNlY3JldCBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyBpZDogc3RyaW5nO1xuICBwdWJsaWMgcmVhZG9ubHkgc2VjcmV0OiBJU2VjcmV0O1xuICBwdWJsaWMgcmVhZG9ubHkgc2VjcmV0c0N1c3RvbWVyTWFuYWdlZEtleT86IEN1c3RvbWVyTWFuYWdlZEtleTtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogU2VjcmV0UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5pZCA9IGlkO1xuXG4gICAgLy8gSWYgaW1wb3J0RXhpc3RpbmcgaXMgdHJ1ZSwgcmVmZXJlbmNlIGFuIGV4aXN0aW5nIHNlY3JldCBpbnN0ZWFkIG9mIGNyZWF0aW5nIG5ldyBvbmVcbiAgICBpZiAocHJvcHMuaW1wb3J0RXhpc3RpbmcpIHtcbiAgICAgIC8vIEltcG9ydCB0aGUgZXhpc3Rpbmcgc2VjcmV0IChsaWtlbHkgcmVwbGljYXRlZCBmcm9tIGFub3RoZXIgcmVnaW9uKVxuICAgICAgdGhpcy5zZWNyZXQgPSBDZGtTZWNyZXQuZnJvbVNlY3JldE5hbWVWMihcbiAgICAgICAgdGhpcyxcbiAgICAgICAgYCR7aWR9U2VjcmV0YCxcbiAgICAgICAgcHJvcHMuc2VjcmV0TmFtZVxuICAgICAgKTtcbiAgICAgIC8vIE5vIEtNUyBrZXkgbmVlZGVkIGZvciBpbXBvcnRlZCBzZWNyZXRzXG4gICAgICByZXR1cm47XG4gICAgfVxuXG4gICAgLy8gQ3JlYXRlIEtNUyBrZXkgZm9yIG5ldyBzZWNyZXRzIG9ubHlcbiAgICB0aGlzLnNlY3JldHNDdXN0b21lck1hbmFnZWRLZXkgPSBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KFxuICAgICAgdGhpcyxcbiAgICAgIGAke2lkfUN1c3RvbWVyTWFuYWdlZEtleWAsXG4gICAgICB7XG4gICAgICAgIGFsaWFzTmFtZTogYGNtay8ke2lkfWBcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLyoqXG4gICAgICogSWYgYSBzZWNyZXRTdHJpbmdWYWx1ZSBpcyBwcm92aWRlZCwgdXNlIGl0IHRvIGNyZWF0ZSB0aGUgc2VjcmV0LlxuICAgICAqL1xuICAgIGNvbnN0IHNlY3JldFN0cmluZ1ZhbHVlID0gcHJvcHMuc2VjcmV0U3RyaW5nVmFsdWVcbiAgICAgID8ge1xuICAgICAgICAgIHNlY3JldFN0cmluZ1ZhbHVlOiBTZWNyZXRWYWx1ZS51bnNhZmVQbGFpblRleHQoXG4gICAgICAgICAgICBwcm9wcy5zZWNyZXRTdHJpbmdWYWx1ZSB8fCBcIlwiXG4gICAgICAgICAgKVxuICAgICAgICB9XG4gICAgICA6IHt9O1xuXG4gICAgLyoqXG4gICAgICogSWYgYSBnZW5lcmF0ZVNlY3JldFN0cmluZyBpcyBwcm92aWRlZCwgdXNlIGl0IHRvIGNyZWF0ZSB0aGUgc2VjcmV0LlxuICAgICAqIElmIGEgc2VjcmV0U3RyaW5nVmFsdWUgaXMgcHJvdmlkZWQsIGlnbm9yZSB0aGUgZ2VuZXJhdGVTZWNyZXRTdHJpbmcuXG4gICAgICovXG4gICAgY29uc3QgZ2VuZXJhdGVTZWNyZXRTdHJpbmcgPVxuICAgICAgIXByb3BzLnNlY3JldFN0cmluZ1ZhbHVlICYmIHByb3BzLmdlbmVyYXRlU2VjcmV0U3RyaW5nXG4gICAgICAgID8geyBnZW5lcmF0ZVNlY3JldFN0cmluZzogcHJvcHMuZ2VuZXJhdGVTZWNyZXRTdHJpbmcgfVxuICAgICAgICA6IHt9O1xuXG4gICAgLy8gQ29uZmlndXJlIHNlY3JldCByZXBsaWNhdGlvbiBpZiByZWdpb25zIGFyZSBzcGVjaWZpZWRcbiAgICBjb25zdCByZXBsaWNhUmVnaW9ucyA9IHByb3BzLnJlcGxpY2FSZWdpb25zXG4gICAgICA/IHtcbiAgICAgICAgICByZXBsaWNhUmVnaW9uczogcHJvcHMucmVwbGljYVJlZ2lvbnMubWFwKChyZWdpb24pID0+ICh7XG4gICAgICAgICAgICByZWdpb25cbiAgICAgICAgICB9KSlcbiAgICAgICAgfVxuICAgICAgOiB7fTtcblxuICAgIC8vIENvbnN0cnVjdCB0aGUgYmFzZSBvcHRpb25zIGZvciBDZGtTZWNyZXRcbiAgICBjb25zdCBzZWNyZXRPcHRpb25zID0ge1xuICAgICAgc2VjcmV0TmFtZTogcHJvcHMuc2VjcmV0TmFtZSxcbiAgICAgIHNlY3JldE9iamVjdFZhbHVlOiBwcm9wcy5zZWNyZXRPYmplY3RWYWx1ZSxcbiAgICAgIGVuY3J5cHRpb25LZXk6IHRoaXMuc2VjcmV0c0N1c3RvbWVyTWFuYWdlZEtleSEua2V5LFxuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uLFxuICAgICAgLi4uc2VjcmV0U3RyaW5nVmFsdWUsXG4gICAgICAuLi5nZW5lcmF0ZVNlY3JldFN0cmluZyxcbiAgICAgIC4uLnJlcGxpY2FSZWdpb25zXG4gICAgfTtcblxuICAgIHRoaXMuc2VjcmV0ID0gbmV3IENka1NlY3JldCh0aGlzLCBgJHtpZH1TZWNyZXRgLCBzZWNyZXRPcHRpb25zKTtcbiAgfVxuXG4gIGdldEltcG9ydChzZWNyZXRGaWVsZD86IHN0cmluZyk6IFNlY3JldEltcG9ydCB7XG4gICAgcmV0dXJuIHtcbiAgICAgIGlkOiBgJHt0aGlzLmlkfVNlY3JldGAsXG4gICAgICBuYW1lOiB0aGlzLnNlY3JldC5zZWNyZXROYW1lLFxuICAgICAgZmllbGQ6IHNlY3JldEZpZWxkXG4gICAgfTtcbiAgfVxuXG4gIHN0YXRpYyBidWlsZChcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiBTZWNyZXRQcm9wc1xuICApOiAoc2I6IFN0YWNrQnVpbGRlcikgPT4gQ29uc3RydWN0IHtcbiAgICByZXR1cm4gKHNiOiBTdGFja0J1aWxkZXIpID0+IHtcbiAgICAgIGNvbnN0IG5ld1Byb3BzOiBTZWNyZXRQcm9wcyA9IHtcbiAgICAgICAgLi4ucHJvcHNcbiAgICAgIH07XG4gICAgICByZXR1cm4gbmV3IHRoaXMoc2IuZ2V0U3RhY2soKSwgaWQsIG5ld1Byb3BzKTtcbiAgICB9O1xuICB9XG59XG4iXX0=
|
|
@@ -1,20 +1,34 @@
|
|
|
1
1
|
import { type IAspect } from "aws-cdk-lib";
|
|
2
2
|
import { type IConstruct } from "constructs";
|
|
3
3
|
/**
|
|
4
|
-
* Aspect to
|
|
4
|
+
* Aspect to apply special Fjall tags to specific resource types.
|
|
5
5
|
*
|
|
6
|
-
*
|
|
7
|
-
* -
|
|
8
|
-
* -
|
|
9
|
-
*
|
|
6
|
+
* This aspect handles tags that depend on resource-specific properties:
|
|
7
|
+
* - fjall:operations:pool on VPCs with IPAM configuration
|
|
8
|
+
* - fjall:disasterRecovery:tier on S3 buckets with backup configuration
|
|
9
|
+
*
|
|
10
|
+
* Standard Fjall tags (costAllocation:environment, costAllocation:service, etc.)
|
|
11
|
+
* are applied via Tags.of(app).add() in the App class, which properly merges
|
|
12
|
+
* with existing tags from L2 constructs.
|
|
13
|
+
*
|
|
14
|
+
* This aspect uses Tags.of(node).add() to properly merge with existing tags
|
|
10
15
|
*/
|
|
11
16
|
export declare class StandardTagsAspect implements IAspect {
|
|
12
|
-
private readonly
|
|
13
|
-
private readonly taggedResources;
|
|
14
|
-
constructor(requiredTags: {
|
|
15
|
-
[key: string]: string;
|
|
16
|
-
});
|
|
17
|
+
private readonly processedResources;
|
|
17
18
|
visit(node: IConstruct): void;
|
|
18
|
-
|
|
19
|
-
|
|
19
|
+
/**
|
|
20
|
+
* Add IPAM pool tag to VPCs that use IPAM for IP address allocation.
|
|
21
|
+
* Tag format: fjall:operations:pool = "{accountId}-{region}"
|
|
22
|
+
*/
|
|
23
|
+
private addIpamPoolTag;
|
|
24
|
+
/**
|
|
25
|
+
* Add disaster recovery tier tag to S3 buckets with backupVaultTier property.
|
|
26
|
+
* Tag format: fjall:disasterRecovery:tier = "{tier}"
|
|
27
|
+
*
|
|
28
|
+
* Tier mapping:
|
|
29
|
+
* - standard -> "default" (matches existing backup plans)
|
|
30
|
+
* - resilient -> "resilient"
|
|
31
|
+
* - enterprise -> "enterprise"
|
|
32
|
+
*/
|
|
33
|
+
private addBackupTierTag;
|
|
20
34
|
}
|