@fjall/components-infrastructure 0.88.1 → 0.88.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/app.d.ts +34 -11
- package/dist/lib/app.js +83 -39
- package/dist/lib/aspects/index.d.ts +1 -0
- package/dist/lib/aspects/index.js +6 -0
- package/dist/lib/config/aws/accountAuditRole.d.ts +20 -0
- package/dist/lib/config/aws/accountAuditRole.js +38 -0
- package/dist/lib/config/aws/accountMonitoringRole.d.ts +22 -0
- package/dist/lib/config/aws/accountMonitoringRole.js +133 -0
- package/dist/lib/config/aws/cloudTrail.d.ts +0 -3
- package/dist/lib/config/aws/cloudTrail.js +2 -2
- package/dist/lib/config/aws/disasterRecovery.js +26 -14
- package/dist/lib/config/aws/ecrDefaultImage.js +4 -3
- package/dist/lib/config/aws/identityCenter.d.ts +4 -4
- package/dist/lib/config/aws/identityCenter.js +17 -62
- package/dist/lib/config/aws/identityCenterGroupMembership.js +27 -37
- package/dist/lib/config/aws/index.d.ts +4 -7
- package/dist/lib/config/aws/index.js +5 -8
- package/dist/lib/config/aws/oidcConnector.d.ts +8 -0
- package/dist/lib/config/aws/oidcConnector.js +46 -0
- package/dist/lib/config/aws/platform.d.ts +2 -0
- package/dist/lib/config/aws/platform.js +6 -0
- package/dist/lib/config/index.d.ts +2 -0
- package/dist/lib/config/index.js +21 -0
- package/dist/lib/layers/layers/secrets-resolver/bin/resolve-secrets +30 -0
- package/dist/lib/layers/layers/secrets-resolver/bin/resolve-secrets.mjs +212 -0
- package/dist/lib/layers/secrets-resolver/bin/resolve-secrets +30 -0
- package/dist/lib/layers/secrets-resolver/bin/resolve-secrets.mjs +212 -0
- package/dist/lib/patterns/aws/account.js +45 -19
- package/dist/lib/patterns/aws/cdn.d.ts +19 -40
- package/dist/lib/patterns/aws/cdn.js +21 -17
- package/dist/lib/patterns/aws/compute.d.ts +6 -7
- package/dist/lib/patterns/aws/compute.js +7 -9
- package/dist/lib/patterns/aws/database.d.ts +9 -89
- package/dist/lib/patterns/aws/database.js +17 -40
- package/dist/lib/patterns/aws/index.d.ts +1 -1
- package/dist/lib/patterns/aws/index.js +2 -2
- package/dist/lib/patterns/aws/interfaces/cdn.d.ts +26 -0
- package/dist/lib/patterns/aws/interfaces/cdn.js +14 -0
- package/dist/lib/patterns/aws/interfaces/connector.d.ts +4 -181
- package/dist/lib/patterns/aws/interfaces/connector.js +16 -113
- package/dist/lib/patterns/aws/interfaces/index.d.ts +1 -0
- package/dist/lib/patterns/aws/interfaces/index.js +5 -2
- package/dist/lib/patterns/aws/interfaces/pattern.d.ts +6 -6
- package/dist/lib/patterns/aws/interfaces/pattern.js +1 -1
- package/dist/lib/patterns/aws/network.js +6 -9
- package/dist/lib/patterns/aws/organisation.d.ts +6 -17
- package/dist/lib/patterns/aws/organisation.js +22 -67
- package/dist/lib/patterns/aws/payload.js +11 -12
- package/dist/lib/patterns/aws/storage.d.ts +3 -2
- package/dist/lib/patterns/aws/storage.js +1 -1
- package/dist/lib/resources/aws/audit/auditRole.js +4 -4
- package/dist/lib/resources/aws/audit/index.d.ts +1 -0
- package/dist/lib/resources/aws/audit/index.js +6 -0
- package/dist/lib/resources/aws/backup/backupPlan.js +3 -2
- package/dist/lib/resources/aws/backup/backupVault.js +5 -3
- package/dist/lib/resources/aws/base/awsStack.d.ts +4 -2
- package/dist/lib/resources/aws/base/awsStack.js +8 -2
- package/dist/lib/resources/aws/cdn/cloudFront.d.ts +14 -0
- package/dist/lib/resources/aws/cdn/cloudFront.js +52 -18
- package/dist/lib/resources/aws/compute/ec2.js +18 -22
- package/dist/lib/resources/aws/compute/ecs.d.ts +9 -8
- package/dist/lib/resources/aws/compute/ecs.js +53 -41
- package/dist/lib/resources/aws/compute/index.d.ts +1 -0
- package/dist/lib/resources/aws/compute/index.js +2 -1
- package/dist/lib/resources/aws/compute/lambda.d.ts +12 -3
- package/dist/lib/resources/aws/compute/lambda.js +48 -36
- package/dist/lib/resources/aws/database/dynamodb.js +3 -13
- package/dist/lib/resources/aws/database/index.d.ts +8 -2
- package/dist/lib/resources/aws/database/index.js +19 -3
- package/dist/lib/resources/aws/database/rdsAurora.d.ts +2 -3
- package/dist/lib/resources/aws/database/rdsAurora.js +33 -69
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.d.ts +6 -6
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.js +25 -29
- package/dist/lib/resources/aws/database/rdsDefaults.d.ts +11 -0
- package/dist/lib/resources/aws/database/rdsDefaults.js +15 -0
- package/dist/lib/resources/aws/database/rdsHelpers.d.ts +39 -0
- package/dist/lib/resources/aws/database/rdsHelpers.js +75 -0
- package/dist/lib/resources/aws/database/rdsInstance.d.ts +7 -8
- package/dist/lib/resources/aws/database/rdsInstance.js +40 -84
- package/dist/lib/resources/aws/database/rdsProxyOutput.d.ts +7 -0
- package/dist/lib/resources/aws/database/rdsProxyOutput.js +18 -0
- package/dist/lib/resources/aws/iam/identityCenter/assignment.d.ts +0 -2
- package/dist/lib/resources/aws/iam/identityCenter/assignment.js +9 -45
- package/dist/lib/resources/aws/iam/identityCenter/group.d.ts +1 -3
- package/dist/lib/resources/aws/iam/identityCenter/group.js +7 -82
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.d.ts +1 -3
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.js +9 -93
- package/dist/lib/resources/aws/iam/index.d.ts +0 -1
- package/dist/lib/resources/aws/iam/index.js +1 -2
- package/dist/lib/resources/aws/index.d.ts +0 -1
- package/dist/lib/resources/aws/index.js +1 -2
- package/dist/lib/resources/aws/logging/cloudTrail.js +13 -3
- package/dist/lib/resources/aws/logging/index.d.ts +2 -0
- package/dist/lib/resources/aws/logging/index.js +19 -0
- package/dist/lib/resources/aws/messaging/index.d.ts +3 -2
- package/dist/lib/resources/aws/messaging/index.js +4 -3
- package/dist/lib/resources/aws/messaging/sqs.js +14 -11
- package/dist/lib/resources/aws/messaging/utils.d.ts +1 -2
- package/dist/lib/resources/aws/messaging/utils.js +3 -4
- package/dist/lib/resources/aws/monitoring/index.d.ts +0 -1
- package/dist/lib/resources/aws/monitoring/index.js +4 -17
- package/dist/lib/resources/aws/networking/hostedZone.d.ts +28 -0
- package/dist/lib/resources/aws/networking/hostedZone.js +153 -0
- package/dist/lib/resources/aws/networking/index.d.ts +2 -0
- package/dist/lib/resources/aws/networking/index.js +3 -1
- package/dist/lib/resources/aws/networking/ipamPool.js +110 -31
- package/dist/lib/resources/aws/networking/securityGroup.d.ts +5 -0
- package/dist/lib/resources/aws/networking/securityGroup.js +14 -0
- package/dist/lib/resources/aws/networking/vpc.js +9 -4
- package/dist/lib/resources/aws/organisation/costAllocationTagActivator.d.ts +17 -0
- package/dist/lib/resources/aws/organisation/costAllocationTagActivator.js +66 -0
- package/dist/lib/resources/aws/organisation/index.d.ts +1 -0
- package/dist/lib/resources/aws/organisation/index.js +4 -2
- package/dist/lib/resources/aws/secrets/index.d.ts +0 -1
- package/dist/lib/resources/aws/secrets/index.js +1 -2
- package/dist/lib/resources/aws/secrets/parameter.js +5 -3
- package/dist/lib/resources/aws/storage/ecr.d.ts +0 -1
- package/dist/lib/resources/aws/storage/ecr.js +5 -7
- package/dist/lib/resources/aws/storage/s3.d.ts +3 -3
- package/dist/lib/resources/aws/storage/s3.js +1 -1
- package/dist/lib/resources/aws/utilities/index.d.ts +5 -0
- package/dist/lib/resources/aws/utilities/index.js +22 -0
- package/dist/lib/utils/backupTierMapping.d.ts +11 -0
- package/dist/lib/utils/backupTierMapping.js +17 -0
- package/dist/lib/utils/capitaliseString.d.ts +6 -0
- package/dist/lib/utils/capitaliseString.js +10 -1
- package/dist/lib/utils/connections.d.ts +46 -0
- package/dist/lib/utils/connections.js +159 -0
- package/dist/lib/utils/connector.d.ts +183 -0
- package/dist/lib/utils/connector.js +117 -0
- package/dist/lib/utils/databaseTypes.d.ts +85 -0
- package/dist/lib/utils/databaseTypes.js +34 -0
- package/dist/lib/utils/env.d.ts +42 -0
- package/dist/lib/utils/env.js +128 -0
- package/dist/lib/utils/getConfig.d.ts +0 -2
- package/dist/lib/utils/getConfig.js +1 -4
- package/dist/lib/utils/index.d.ts +6 -0
- package/dist/lib/utils/index.js +7 -1
- package/dist/lib/utils/removalPolicy.d.ts +2 -0
- package/dist/lib/utils/removalPolicy.js +16 -0
- package/dist/lib/utils/resourceNaming.js +4 -7
- package/dist/lib/utils/standardTagsAspect.d.ts +4 -0
- package/dist/lib/utils/standardTagsAspect.js +8 -8
- package/dist/lib/utils/vpcUtils.d.ts +14 -0
- package/dist/lib/utils/vpcUtils.js +28 -0
- package/package.json +8 -8
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
|
-
import { type Role } from "..";
|
|
3
2
|
export declare class Assignment extends Construct {
|
|
4
3
|
constructor(scope: Construct, id: string, props: {
|
|
5
4
|
instanceArn: string;
|
|
@@ -8,6 +7,5 @@ export declare class Assignment extends Construct {
|
|
|
8
7
|
principalId: string;
|
|
9
8
|
targetType: string;
|
|
10
9
|
targetId: string;
|
|
11
|
-
role: Role;
|
|
12
10
|
});
|
|
13
11
|
}
|
|
@@ -2,55 +2,19 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.Assignment = void 0;
|
|
4
4
|
const constructs_1 = require("constructs");
|
|
5
|
-
const
|
|
6
|
-
const awsCustomResource_1 = require("../../utilities/awsCustomResource");
|
|
5
|
+
const aws_sso_1 = require("aws-cdk-lib/aws-sso");
|
|
7
6
|
class Assignment extends constructs_1.Construct {
|
|
8
7
|
constructor(scope, id, props) {
|
|
9
8
|
super(scope, id);
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
TargetId: props.targetId,
|
|
18
|
-
TargetType: props.targetType,
|
|
19
|
-
PermissionSetArn: props.permissionSetArn,
|
|
20
|
-
PrincipalType: props.principalType,
|
|
21
|
-
PrincipalId: props.principalId
|
|
22
|
-
},
|
|
23
|
-
physicalResourceId: customResources.PhysicalResourceId.of(physicalId)
|
|
24
|
-
},
|
|
25
|
-
onDelete: {
|
|
26
|
-
service: "sso-admin",
|
|
27
|
-
action: "DeleteAccountAssignment", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/DeleteAccountAssignmentCommand
|
|
28
|
-
parameters: {
|
|
29
|
-
InstanceArn: props.instanceArn,
|
|
30
|
-
TargetId: props.targetId,
|
|
31
|
-
TargetType: props.targetType,
|
|
32
|
-
PermissionSetArn: props.permissionSetArn,
|
|
33
|
-
PrincipalType: props.principalType,
|
|
34
|
-
PrincipalId: props.principalId
|
|
35
|
-
}
|
|
36
|
-
},
|
|
37
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
38
|
-
resources: ["*"]
|
|
39
|
-
}),
|
|
40
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
41
|
-
// role: props.role,
|
|
42
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
43
|
-
// new PolicyStatement({
|
|
44
|
-
// actions: [
|
|
45
|
-
// "sso:CreateAccountAssignment",
|
|
46
|
-
// "sso:DeleteAccountAssignment"
|
|
47
|
-
// ],
|
|
48
|
-
// resources: ["*"]
|
|
49
|
-
// })
|
|
50
|
-
// ]),
|
|
51
|
-
resourceType: "Custom::SSOAccountAssignment"
|
|
9
|
+
new aws_sso_1.CfnAssignment(this, "Assignment", {
|
|
10
|
+
instanceArn: props.instanceArn,
|
|
11
|
+
targetId: props.targetId,
|
|
12
|
+
targetType: props.targetType,
|
|
13
|
+
permissionSetArn: props.permissionSetArn,
|
|
14
|
+
principalType: props.principalType,
|
|
15
|
+
principalId: props.principalId
|
|
52
16
|
});
|
|
53
17
|
}
|
|
54
18
|
}
|
|
55
19
|
exports.Assignment = Assignment;
|
|
56
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXNzaWdubWVudC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9hc3NpZ25tZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2QyxpREFBb0Q7QUFFcEQsTUFBYSxVQUFXLFNBQVEsc0JBQVM7SUFDdkMsWUFDRSxLQUFnQixFQUNoQixFQUFVLEVBQ1YsS0FPQztRQUVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSx1QkFBYSxDQUFDLElBQUksRUFBRSxZQUFZLEVBQUU7WUFDcEMsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQzlCLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtZQUN4QixVQUFVLEVBQUUsS0FBSyxDQUFDLFVBQVU7WUFDNUIsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtZQUN4QyxhQUFhLEVBQUUsS0FBSyxDQUFDLGFBQWE7WUFDbEMsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1NBQy9CLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXhCRCxnQ0F3QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgQ2ZuQXNzaWdubWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc3NvXCI7XG5cbmV4cG9ydCBjbGFzcyBBc3NpZ25tZW50IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiB7XG4gICAgICBpbnN0YW5jZUFybjogc3RyaW5nO1xuICAgICAgcGVybWlzc2lvblNldEFybjogc3RyaW5nO1xuICAgICAgcHJpbmNpcGFsVHlwZTogc3RyaW5nO1xuICAgICAgcHJpbmNpcGFsSWQ6IHN0cmluZztcbiAgICAgIHRhcmdldFR5cGU6IHN0cmluZztcbiAgICAgIHRhcmdldElkOiBzdHJpbmc7XG4gICAgfVxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgbmV3IENmbkFzc2lnbm1lbnQodGhpcywgXCJBc3NpZ25tZW50XCIsIHtcbiAgICAgIGluc3RhbmNlQXJuOiBwcm9wcy5pbnN0YW5jZUFybixcbiAgICAgIHRhcmdldElkOiBwcm9wcy50YXJnZXRJZCxcbiAgICAgIHRhcmdldFR5cGU6IHByb3BzLnRhcmdldFR5cGUsXG4gICAgICBwZXJtaXNzaW9uU2V0QXJuOiBwcm9wcy5wZXJtaXNzaW9uU2V0QXJuLFxuICAgICAgcHJpbmNpcGFsVHlwZTogcHJvcHMucHJpbmNpcGFsVHlwZSxcbiAgICAgIHByaW5jaXBhbElkOiBwcm9wcy5wcmluY2lwYWxJZFxuICAgIH0pO1xuICB9XG59XG4iXX0=
|
|
@@ -1,13 +1,11 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
|
-
import { type Role } from "..";
|
|
3
2
|
interface GroupProps {
|
|
4
3
|
displayName: string;
|
|
5
4
|
identityStoreId: string;
|
|
6
5
|
description?: string;
|
|
7
|
-
role: Role;
|
|
8
6
|
}
|
|
9
7
|
export declare class Group extends Construct {
|
|
10
|
-
private
|
|
8
|
+
private cfnGroup;
|
|
11
9
|
constructor(scope: Construct, id: string, props: GroupProps);
|
|
12
10
|
getGroupId(): string;
|
|
13
11
|
}
|
|
@@ -2,94 +2,19 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.Group = void 0;
|
|
4
4
|
const constructs_1 = require("constructs");
|
|
5
|
-
const
|
|
6
|
-
const awsCustomResource_1 = require("../../utilities/awsCustomResource");
|
|
5
|
+
const aws_identitystore_1 = require("aws-cdk-lib/aws-identitystore");
|
|
7
6
|
class Group extends constructs_1.Construct {
|
|
8
7
|
constructor(scope, id, props) {
|
|
9
8
|
super(scope, id);
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
service: "identitystore",
|
|
15
|
-
action: "CreateGroup", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/identitystore/command/CreateGroupCommand
|
|
16
|
-
parameters: {
|
|
17
|
-
DisplayName: props.displayName,
|
|
18
|
-
IdentityStoreId: props.identityStoreId,
|
|
19
|
-
Description: props.description
|
|
20
|
-
},
|
|
21
|
-
physicalResourceId: customResources.PhysicalResourceId.of(physicalId)
|
|
22
|
-
},
|
|
23
|
-
role: props.role
|
|
24
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
25
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
26
|
-
// new PolicyStatement({
|
|
27
|
-
// actions: ["identitystore:CreateGroup"],
|
|
28
|
-
// resources: ["*"]
|
|
29
|
-
// })
|
|
30
|
-
// ])
|
|
31
|
-
});
|
|
32
|
-
this.groupId = createGroup.getResponseField("GroupId");
|
|
33
|
-
// Update Group
|
|
34
|
-
const updateGroup = new awsCustomResource_1.AwsCustomResource(this, "updateIdentityStoreGroup", {
|
|
35
|
-
onUpdate: {
|
|
36
|
-
service: "identitystore",
|
|
37
|
-
action: "UpdateGroup", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/identitystore/command/UpdateGroupCommand
|
|
38
|
-
parameters: {
|
|
39
|
-
GroupId: this.groupId,
|
|
40
|
-
IdentityStoreId: props.identityStoreId,
|
|
41
|
-
// TODO: Suppport taking in any changes and updating them
|
|
42
|
-
Operations: [
|
|
43
|
-
{
|
|
44
|
-
AttributePath: "DisplayName",
|
|
45
|
-
AttributeValue: props.displayName
|
|
46
|
-
},
|
|
47
|
-
{
|
|
48
|
-
AttributePath: "Description",
|
|
49
|
-
AttributeValue: props.description
|
|
50
|
-
}
|
|
51
|
-
]
|
|
52
|
-
},
|
|
53
|
-
physicalResourceId: customResources.PhysicalResourceId.of(physicalId)
|
|
54
|
-
},
|
|
55
|
-
role: props.role,
|
|
56
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
57
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
58
|
-
// new PolicyStatement({
|
|
59
|
-
// actions: ["identitystore:UpdateGroup"],
|
|
60
|
-
// resources: ["*"]
|
|
61
|
-
// })
|
|
62
|
-
// ]),
|
|
63
|
-
resourceType: "Custom::Group"
|
|
64
|
-
});
|
|
65
|
-
// Delete Group
|
|
66
|
-
const deleteGroup = new awsCustomResource_1.AwsCustomResource(this, "deleteIdentityStoreGroup", {
|
|
67
|
-
onDelete: {
|
|
68
|
-
service: "identitystore",
|
|
69
|
-
action: "DeleteGroup", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/identitystore/command/DeleteGroupCommand
|
|
70
|
-
parameters: {
|
|
71
|
-
GroupId: this.groupId,
|
|
72
|
-
IdentityStoreId: props.identityStoreId
|
|
73
|
-
}
|
|
74
|
-
},
|
|
75
|
-
role: props.role,
|
|
76
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
77
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
78
|
-
// new PolicyStatement({
|
|
79
|
-
// actions: ["identitystore:DeleteGroup"],
|
|
80
|
-
// resources: ["*"]
|
|
81
|
-
// })
|
|
82
|
-
// ]),
|
|
83
|
-
resourceType: "Custom::Group"
|
|
84
|
-
});
|
|
85
|
-
// Implement Dependable to make construct dependable
|
|
86
|
-
constructs_1.Dependable.implement(this, {
|
|
87
|
-
dependencyRoots: [createGroup, updateGroup, deleteGroup]
|
|
9
|
+
this.cfnGroup = new aws_identitystore_1.CfnGroup(this, "Group", {
|
|
10
|
+
displayName: props.displayName,
|
|
11
|
+
identityStoreId: props.identityStoreId,
|
|
12
|
+
description: props.description
|
|
88
13
|
});
|
|
89
14
|
}
|
|
90
15
|
getGroupId() {
|
|
91
|
-
return this.
|
|
16
|
+
return this.cfnGroup.attrGroupId;
|
|
92
17
|
}
|
|
93
18
|
}
|
|
94
19
|
exports.Group = Group;
|
|
95
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ3JvdXAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9pYW0vaWRlbnRpdHlDZW50ZXIvZ3JvdXAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsMkNBQXVDO0FBQ3ZDLHFFQUF5RDtBQVF6RCxNQUFhLEtBQU0sU0FBUSxzQkFBUztJQUdsQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWlCO1FBQ3pELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLDRCQUFRLENBQUMsSUFBSSxFQUFFLE9BQU8sRUFBRTtZQUMxQyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlO1lBQ3RDLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztTQUMvQixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU8sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUM7SUFDbkMsQ0FBQztDQUNGO0FBaEJELHNCQWdCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDZm5Hcm91cCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWRlbnRpdHlzdG9yZVwiO1xuXG5pbnRlcmZhY2UgR3JvdXBQcm9wcyB7XG4gIGRpc3BsYXlOYW1lOiBzdHJpbmc7XG4gIGlkZW50aXR5U3RvcmVJZDogc3RyaW5nO1xuICBkZXNjcmlwdGlvbj86IHN0cmluZztcbn1cblxuZXhwb3J0IGNsYXNzIEdyb3VwIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHJpdmF0ZSBjZm5Hcm91cDogQ2ZuR3JvdXA7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEdyb3VwUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5jZm5Hcm91cCA9IG5ldyBDZm5Hcm91cCh0aGlzLCBcIkdyb3VwXCIsIHtcbiAgICAgIGRpc3BsYXlOYW1lOiBwcm9wcy5kaXNwbGF5TmFtZSxcbiAgICAgIGlkZW50aXR5U3RvcmVJZDogcHJvcHMuaWRlbnRpdHlTdG9yZUlkLFxuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgZ2V0R3JvdXBJZCgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLmNmbkdyb3VwLmF0dHJHcm91cElkO1xuICB9XG59XG4iXX0=
|
|
@@ -1,13 +1,11 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
2
|
import { type KeyValue } from "../../../../types";
|
|
3
|
-
import { type Role } from "..";
|
|
4
3
|
export declare class PermissionSet extends Construct {
|
|
5
|
-
private
|
|
4
|
+
private cfnPermissionSet;
|
|
6
5
|
constructor(scope: Construct, id: string, props: {
|
|
7
6
|
name: string;
|
|
8
7
|
instanceArn: string;
|
|
9
8
|
description?: string;
|
|
10
|
-
role: Role;
|
|
11
9
|
managedPolicies?: string[];
|
|
12
10
|
tags?: KeyValue[];
|
|
13
11
|
});
|
|
@@ -2,105 +2,21 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.PermissionSet = void 0;
|
|
4
4
|
const constructs_1 = require("constructs");
|
|
5
|
-
const
|
|
6
|
-
const awsCustomResource_1 = require("../../utilities/awsCustomResource");
|
|
7
|
-
function transformTags(tags) {
|
|
8
|
-
return tags?.map(({ key, value }) => ({ Key: key, Value: value }));
|
|
9
|
-
}
|
|
5
|
+
const aws_sso_1 = require("aws-cdk-lib/aws-sso");
|
|
10
6
|
class PermissionSet extends constructs_1.Construct {
|
|
11
7
|
constructor(scope, id, props) {
|
|
12
8
|
super(scope, id);
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
Name: props.name,
|
|
20
|
-
InstanceArn: props.instanceArn,
|
|
21
|
-
Description: props.description,
|
|
22
|
-
Tags: transformTags(props.tags)
|
|
23
|
-
},
|
|
24
|
-
physicalResourceId: customResources.PhysicalResourceId.of(permissionSetPhysicalId)
|
|
25
|
-
},
|
|
26
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
27
|
-
resources: ["*"]
|
|
28
|
-
}),
|
|
29
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
30
|
-
// role: props.role,
|
|
31
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
32
|
-
// new PolicyStatement({
|
|
33
|
-
// actions: [
|
|
34
|
-
// "sso:CreatePermissionSet",
|
|
35
|
-
// "sso:ProvisionPermissionSet",
|
|
36
|
-
// "sso:TagResource"
|
|
37
|
-
// ],
|
|
38
|
-
// resources: ["*"]
|
|
39
|
-
// })
|
|
40
|
-
// ]),
|
|
41
|
-
resourceType: "Custom::PermissionSet"
|
|
42
|
-
});
|
|
43
|
-
this.permissionSetArn = createPermissionSet.getResponseField("PermissionSet.PermissionSetArn");
|
|
44
|
-
const updatePermissionSet = new awsCustomResource_1.AwsCustomResource(this, "updatePermissionSet", {
|
|
45
|
-
onUpdate: {
|
|
46
|
-
service: "sso-admin",
|
|
47
|
-
action: "UpdatePermissionSet", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/UpdatePermissionSetCommand
|
|
48
|
-
parameters: {
|
|
49
|
-
InstanceArn: props.instanceArn,
|
|
50
|
-
PermissionSetArn: this.permissionSetArn,
|
|
51
|
-
Description: props.description
|
|
52
|
-
},
|
|
53
|
-
physicalResourceId: customResources.PhysicalResourceId.of(permissionSetPhysicalId)
|
|
54
|
-
},
|
|
55
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
56
|
-
resources: ["*"]
|
|
57
|
-
}),
|
|
58
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
59
|
-
// role: props.role,
|
|
60
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
61
|
-
// new PolicyStatement({
|
|
62
|
-
// actions: [
|
|
63
|
-
// "sso:UpdatePermissionSet",
|
|
64
|
-
// "sso:ProvisionPermissionSet",
|
|
65
|
-
// "sso:TagResource"
|
|
66
|
-
// ],
|
|
67
|
-
// resources: ["*"]
|
|
68
|
-
// })
|
|
69
|
-
// ]),
|
|
70
|
-
resourceType: "Custom::PermissionSet"
|
|
71
|
-
});
|
|
72
|
-
updatePermissionSet.node.addDependency(createPermissionSet);
|
|
73
|
-
const deletePermissionSet = new awsCustomResource_1.AwsCustomResource(this, "deletePermissionSet", {
|
|
74
|
-
onDelete: {
|
|
75
|
-
service: "sso-admin",
|
|
76
|
-
action: "DeletePermissionSet", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/DeletePermissionSetCommand
|
|
77
|
-
parameters: {
|
|
78
|
-
InstanceArn: props.instanceArn,
|
|
79
|
-
PermissionSetArn: this.permissionSetArn
|
|
80
|
-
}
|
|
81
|
-
},
|
|
82
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
83
|
-
resources: ["*"]
|
|
84
|
-
}),
|
|
85
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
86
|
-
// role: props.role,
|
|
87
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
88
|
-
// new PolicyStatement({
|
|
89
|
-
// actions: [
|
|
90
|
-
// "sso:UpdatePermissionSet",
|
|
91
|
-
// "sso:DeletePermissionSet",
|
|
92
|
-
// "sso:TagResource"
|
|
93
|
-
// ],
|
|
94
|
-
// resources: ["*"]
|
|
95
|
-
// })
|
|
96
|
-
// ]),
|
|
97
|
-
resourceType: "Custom::PermissionSet"
|
|
9
|
+
this.cfnPermissionSet = new aws_sso_1.CfnPermissionSet(this, "PermissionSet", {
|
|
10
|
+
name: props.name,
|
|
11
|
+
instanceArn: props.instanceArn,
|
|
12
|
+
description: props.description,
|
|
13
|
+
managedPolicies: props.managedPolicies,
|
|
14
|
+
tags: props.tags?.map((t) => ({ key: t.key, value: t.value }))
|
|
98
15
|
});
|
|
99
|
-
deletePermissionSet.node.addDependency(createPermissionSet);
|
|
100
16
|
}
|
|
101
17
|
getPermissionSetArn() {
|
|
102
|
-
return this.
|
|
18
|
+
return this.cfnPermissionSet.attrPermissionSetArn;
|
|
103
19
|
}
|
|
104
20
|
}
|
|
105
21
|
exports.PermissionSet = PermissionSet;
|
|
106
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybWlzc2lvblNldC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9wZXJtaXNzaW9uU2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2QyxnRUFBZ0U7QUFDaEUseUVBQXNFO0FBSXRFLFNBQVMsYUFBYSxDQUFDLElBQWlCO0lBQ3RDLE9BQU8sSUFBSSxFQUFFLEdBQUcsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEtBQUssRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBQ3JFLENBQUM7QUFFRCxNQUFhLGFBQWMsU0FBUSxzQkFBUztJQUcxQyxZQUNFLEtBQWdCLEVBQ2hCLEVBQVUsRUFDVixLQU9DO1FBRUQsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLHVCQUF1QixHQUFHLGdCQUFnQixLQUFLLENBQUMsSUFBSSxFQUFFLENBQUM7UUFFN0QsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLHFDQUFpQixDQUMvQyxJQUFJLEVBQ0oscUJBQXFCLEVBQ3JCO1lBQ0UsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUscUJBQXFCLEVBQUUsNkdBQTZHO2dCQUM1SSxVQUFVLEVBQUU7b0JBQ1YsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO29CQUNoQixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7b0JBQzlCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztvQkFDOUIsSUFBSSxFQUFFLGFBQWEsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDO2lCQUNoQztnQkFDRCxrQkFBa0IsRUFBRSxlQUFlLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUN2RCx1QkFBdUIsQ0FDeEI7YUFDRjtZQUNELE1BQU0sRUFBRSxlQUFlLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO2dCQUMzRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLDJGQUEyRjtZQUMzRixvQkFBb0I7WUFDcEIsbUVBQW1FO1lBQ25FLDBCQUEwQjtZQUMxQixpQkFBaUI7WUFDakIsbUNBQW1DO1lBQ25DLHNDQUFzQztZQUN0QywwQkFBMEI7WUFDMUIsU0FBUztZQUNULHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSx1QkFBdUI7U0FDdEMsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLGdCQUFnQixHQUFHLG1CQUFtQixDQUFDLGdCQUFnQixDQUMxRCxnQ0FBZ0MsQ0FDakMsQ0FBQztRQUVGLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxxQ0FBaUIsQ0FDL0MsSUFBSSxFQUNKLHFCQUFxQixFQUNyQjtZQUNFLFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsV0FBVztnQkFDcEIsTUFBTSxFQUFFLHFCQUFxQixFQUFFLDZHQUE2RztnQkFDNUksVUFBVSxFQUFFO29CQUNWLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztvQkFDOUIsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLGdCQUFnQjtvQkFDdkMsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO2lCQUMvQjtnQkFDRCxrQkFBa0IsRUFBRSxlQUFlLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUN2RCx1QkFBdUIsQ0FDeEI7YUFDRjtZQUVELE1BQU0sRUFBRSxlQUFlLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO2dCQUMzRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLDJGQUEyRjtZQUMzRixvQkFBb0I7WUFDcEIsbUVBQW1FO1lBQ25FLDBCQUEwQjtZQUMxQixpQkFBaUI7WUFDakIsbUNBQW1DO1lBQ25DLHNDQUFzQztZQUN0QywwQkFBMEI7WUFDMUIsU0FBUztZQUNULHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSx1QkFBdUI7U0FDdEMsQ0FDRixDQUFDO1FBQ0YsbUJBQW1CLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1FBRTVELE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxxQ0FBaUIsQ0FDL0MsSUFBSSxFQUNKLHFCQUFxQixFQUNyQjtZQUNFLFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsV0FBVztnQkFDcEIsTUFBTSxFQUFFLHFCQUFxQixFQUFFLDZHQUE2RztnQkFDNUksVUFBVSxFQUFFO29CQUNWLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztvQkFDOUIsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLGdCQUFnQjtpQkFDeEM7YUFDRjtZQUNELE1BQU0sRUFBRSxlQUFlLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO2dCQUMzRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLDJGQUEyRjtZQUMzRixvQkFBb0I7WUFDcEIsbUVBQW1FO1lBQ25FLDBCQUEwQjtZQUMxQixpQkFBaUI7WUFDakIsbUNBQW1DO1lBQ25DLG1DQUFtQztZQUNuQywwQkFBMEI7WUFDMUIsU0FBUztZQUNULHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSx1QkFBdUI7U0FDdEMsQ0FDRixDQUFDO1FBQ0YsbUJBQW1CLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQzlELENBQUM7SUFDTSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7SUFDL0IsQ0FBQztDQUNGO0FBbklELHNDQW1JQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgKiBhcyBjdXN0b21SZXNvdXJjZXMgZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IEF3c0N1c3RvbVJlc291cmNlIH0gZnJvbSBcIi4uLy4uL3V0aWxpdGllcy9hd3NDdXN0b21SZXNvdXJjZVwiO1xuaW1wb3J0IHsgdHlwZSBLZXlWYWx1ZSB9IGZyb20gXCIuLi8uLi8uLi8uLi90eXBlc1wiO1xuaW1wb3J0IHsgdHlwZSBSb2xlIH0gZnJvbSBcIi4uXCI7XG5cbmZ1bmN0aW9uIHRyYW5zZm9ybVRhZ3ModGFncz86IEtleVZhbHVlW10pIHtcbiAgcmV0dXJuIHRhZ3M/Lm1hcCgoeyBrZXksIHZhbHVlIH0pID0+ICh7IEtleToga2V5LCBWYWx1ZTogdmFsdWUgfSkpO1xufVxuXG5leHBvcnQgY2xhc3MgUGVybWlzc2lvblNldCBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHByaXZhdGUgcGVybWlzc2lvblNldEFybjogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKFxuICAgIHNjb3BlOiBDb25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczoge1xuICAgICAgbmFtZTogc3RyaW5nO1xuICAgICAgaW5zdGFuY2VBcm46IHN0cmluZztcbiAgICAgIGRlc2NyaXB0aW9uPzogc3RyaW5nO1xuICAgICAgcm9sZTogUm9sZTtcbiAgICAgIG1hbmFnZWRQb2xpY2llcz86IHN0cmluZ1tdO1xuICAgICAgdGFncz86IEtleVZhbHVlW107XG4gICAgfVxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgcGVybWlzc2lvblNldFBoeXNpY2FsSWQgPSBgcGVybWlzc2lvblNldCR7cHJvcHMubmFtZX1gO1xuXG4gICAgY29uc3QgY3JlYXRlUGVybWlzc2lvblNldCA9IG5ldyBBd3NDdXN0b21SZXNvdXJjZShcbiAgICAgIHRoaXMsXG4gICAgICBcImNyZWF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgIHtcbiAgICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgICBzZXJ2aWNlOiBcInNzby1hZG1pblwiLFxuICAgICAgICAgIGFjdGlvbjogXCJDcmVhdGVQZXJtaXNzaW9uU2V0XCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL3YzL2xhdGVzdC9jbGllbnQvc3NvLWFkbWluL2NvbW1hbmQvQ3JlYXRlUGVybWlzc2lvblNldENvbW1hbmRcbiAgICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgICBOYW1lOiBwcm9wcy5uYW1lLFxuICAgICAgICAgICAgSW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgICAgICAgRGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uLFxuICAgICAgICAgICAgVGFnczogdHJhbnNmb3JtVGFncyhwcm9wcy50YWdzKVxuICAgICAgICAgIH0sXG4gICAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBjdXN0b21SZXNvdXJjZXMuUGh5c2ljYWxSZXNvdXJjZUlkLm9mKFxuICAgICAgICAgICAgcGVybWlzc2lvblNldFBoeXNpY2FsSWRcbiAgICAgICAgICApXG4gICAgICAgIH0sXG4gICAgICAgIHBvbGljeTogY3VzdG9tUmVzb3VyY2VzLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TZGtDYWxscyh7XG4gICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgIH0pLFxuICAgICAgICAvLyBUT0RPOiBMb2NrIGRvd24gcGVybWlzc2lvbnMsIHdoZW4gd2UncmUgcmVhZHkgdG8gdHJvdWJsZXNob290IGludGVybWl0dGVudCBwb2xpY3kgZXJyb3JzXG4gICAgICAgIC8vIHJvbGU6IHByb3BzLnJvbGUsXG4gICAgICAgIC8vIHBvbGljeTogY3VzdG9tUmVzb3VyY2VzLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TdGF0ZW1lbnRzKFtcbiAgICAgICAgLy8gICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgLy8gICAgIGFjdGlvbnM6IFtcbiAgICAgICAgLy8gICAgICAgXCJzc286Q3JlYXRlUGVybWlzc2lvblNldFwiLFxuICAgICAgICAvLyAgICAgICBcInNzbzpQcm92aXNpb25QZXJtaXNzaW9uU2V0XCIsXG4gICAgICAgIC8vICAgICAgIFwic3NvOlRhZ1Jlc291cmNlXCJcbiAgICAgICAgLy8gICAgIF0sXG4gICAgICAgIC8vICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgLy8gICB9KVxuICAgICAgICAvLyBdKSxcbiAgICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6UGVybWlzc2lvblNldFwiXG4gICAgICB9XG4gICAgKTtcblxuICAgIHRoaXMucGVybWlzc2lvblNldEFybiA9IGNyZWF0ZVBlcm1pc3Npb25TZXQuZ2V0UmVzcG9uc2VGaWVsZChcbiAgICAgIFwiUGVybWlzc2lvblNldC5QZXJtaXNzaW9uU2V0QXJuXCJcbiAgICApO1xuXG4gICAgY29uc3QgdXBkYXRlUGVybWlzc2lvblNldCA9IG5ldyBBd3NDdXN0b21SZXNvdXJjZShcbiAgICAgIHRoaXMsXG4gICAgICBcInVwZGF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgIHtcbiAgICAgICAgb25VcGRhdGU6IHtcbiAgICAgICAgICBzZXJ2aWNlOiBcInNzby1hZG1pblwiLFxuICAgICAgICAgIGFjdGlvbjogXCJVcGRhdGVQZXJtaXNzaW9uU2V0XCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL3YzL2xhdGVzdC9jbGllbnQvc3NvLWFkbWluL2NvbW1hbmQvVXBkYXRlUGVybWlzc2lvblNldENvbW1hbmRcbiAgICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgICBJbnN0YW5jZUFybjogcHJvcHMuaW5zdGFuY2VBcm4sXG4gICAgICAgICAgICBQZXJtaXNzaW9uU2V0QXJuOiB0aGlzLnBlcm1pc3Npb25TZXRBcm4sXG4gICAgICAgICAgICBEZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb25cbiAgICAgICAgICB9LFxuICAgICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcbiAgICAgICAgICAgIHBlcm1pc3Npb25TZXRQaHlzaWNhbElkXG4gICAgICAgICAgKVxuICAgICAgICB9LFxuXG4gICAgICAgIHBvbGljeTogY3VzdG9tUmVzb3VyY2VzLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TZGtDYWxscyh7XG4gICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgIH0pLFxuICAgICAgICAvLyBUT0RPOiBMb2NrIGRvd24gcGVybWlzc2lvbnMsIHdoZW4gd2UncmUgcmVhZHkgdG8gdHJvdWJsZXNob290IGludGVybWl0dGVudCBwb2xpY3kgZXJyb3JzXG4gICAgICAgIC8vIHJvbGU6IHByb3BzLnJvbGUsXG4gICAgICAgIC8vIHBvbGljeTogY3VzdG9tUmVzb3VyY2VzLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TdGF0ZW1lbnRzKFtcbiAgICAgICAgLy8gICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgLy8gICAgIGFjdGlvbnM6IFtcbiAgICAgICAgLy8gICAgICAgXCJzc286VXBkYXRlUGVybWlzc2lvblNldFwiLFxuICAgICAgICAvLyAgICAgICBcInNzbzpQcm92aXNpb25QZXJtaXNzaW9uU2V0XCIsXG4gICAgICAgIC8vICAgICAgIFwic3NvOlRhZ1Jlc291cmNlXCJcbiAgICAgICAgLy8gICAgIF0sXG4gICAgICAgIC8vICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgLy8gICB9KVxuICAgICAgICAvLyBdKSxcbiAgICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6UGVybWlzc2lvblNldFwiXG4gICAgICB9XG4gICAgKTtcbiAgICB1cGRhdGVQZXJtaXNzaW9uU2V0Lm5vZGUuYWRkRGVwZW5kZW5jeShjcmVhdGVQZXJtaXNzaW9uU2V0KTtcblxuICAgIGNvbnN0IGRlbGV0ZVBlcm1pc3Npb25TZXQgPSBuZXcgQXdzQ3VzdG9tUmVzb3VyY2UoXG4gICAgICB0aGlzLFxuICAgICAgXCJkZWxldGVQZXJtaXNzaW9uU2V0XCIsXG4gICAgICB7XG4gICAgICAgIG9uRGVsZXRlOiB7XG4gICAgICAgICAgc2VydmljZTogXCJzc28tYWRtaW5cIixcbiAgICAgICAgICBhY3Rpb246IFwiRGVsZXRlUGVybWlzc2lvblNldFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy92My9sYXRlc3QvY2xpZW50L3Nzby1hZG1pbi9jb21tYW5kL0RlbGV0ZVBlcm1pc3Npb25TZXRDb21tYW5kXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgSW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgICAgICAgUGVybWlzc2lvblNldEFybjogdGhpcy5wZXJtaXNzaW9uU2V0QXJuXG4gICAgICAgICAgfVxuICAgICAgICB9LFxuICAgICAgICBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICB9KSxcbiAgICAgICAgLy8gVE9ETzogTG9jayBkb3duIHBlcm1pc3Npb25zLCB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgICAgICAvLyByb2xlOiBwcm9wcy5yb2xlLFxuICAgICAgICAvLyBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU3RhdGVtZW50cyhbXG4gICAgICAgIC8vICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIC8vICAgICBhY3Rpb25zOiBbXG4gICAgICAgIC8vICAgICAgIFwic3NvOlVwZGF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgICAgLy8gICAgICAgXCJzc286RGVsZXRlUGVybWlzc2lvblNldFwiLFxuICAgICAgICAvLyAgICAgICBcInNzbzpUYWdSZXNvdXJjZVwiXG4gICAgICAgIC8vICAgICBdLFxuICAgICAgICAvLyAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgIC8vICAgfSlcbiAgICAgICAgLy8gXSksXG4gICAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OlBlcm1pc3Npb25TZXRcIlxuICAgICAgfVxuICAgICk7XG4gICAgZGVsZXRlUGVybWlzc2lvblNldC5ub2RlLmFkZERlcGVuZGVuY3koY3JlYXRlUGVybWlzc2lvblNldCk7XG4gIH1cbiAgcHVibGljIGdldFBlcm1pc3Npb25TZXRBcm4oKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5wZXJtaXNzaW9uU2V0QXJuO1xuICB9XG59XG4iXX0=
|
|
22
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybWlzc2lvblNldC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9wZXJtaXNzaW9uU2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2QyxpREFBdUQ7QUFHdkQsTUFBYSxhQUFjLFNBQVEsc0JBQVM7SUFHMUMsWUFDRSxLQUFnQixFQUNoQixFQUFVLEVBQ1YsS0FNQztRQUVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLGdCQUFnQixHQUFHLElBQUksMEJBQWdCLENBQUMsSUFBSSxFQUFFLGVBQWUsRUFBRTtZQUNsRSxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7WUFDaEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQzlCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWU7WUFDdEMsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQyxHQUFHLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDO1NBQy9ELENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsb0JBQW9CLENBQUM7SUFDcEQsQ0FBQztDQUNGO0FBNUJELHNDQTRCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDZm5QZXJtaXNzaW9uU2V0IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zc29cIjtcbmltcG9ydCB7IHR5cGUgS2V5VmFsdWUgfSBmcm9tIFwiLi4vLi4vLi4vLi4vdHlwZXNcIjtcblxuZXhwb3J0IGNsYXNzIFBlcm1pc3Npb25TZXQgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwcml2YXRlIGNmblBlcm1pc3Npb25TZXQ6IENmblBlcm1pc3Npb25TZXQ7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiB7XG4gICAgICBuYW1lOiBzdHJpbmc7XG4gICAgICBpbnN0YW5jZUFybjogc3RyaW5nO1xuICAgICAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gICAgICBtYW5hZ2VkUG9saWNpZXM/OiBzdHJpbmdbXTtcbiAgICAgIHRhZ3M/OiBLZXlWYWx1ZVtdO1xuICAgIH1cbiAgKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuY2ZuUGVybWlzc2lvblNldCA9IG5ldyBDZm5QZXJtaXNzaW9uU2V0KHRoaXMsIFwiUGVybWlzc2lvblNldFwiLCB7XG4gICAgICBuYW1lOiBwcm9wcy5uYW1lLFxuICAgICAgaW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uLFxuICAgICAgbWFuYWdlZFBvbGljaWVzOiBwcm9wcy5tYW5hZ2VkUG9saWNpZXMsXG4gICAgICB0YWdzOiBwcm9wcy50YWdzPy5tYXAoKHQpID0+ICh7IGtleTogdC5rZXksIHZhbHVlOiB0LnZhbHVlIH0pKVxuICAgIH0pO1xuICB9XG5cbiAgcHVibGljIGdldFBlcm1pc3Npb25TZXRBcm4oKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5jZm5QZXJtaXNzaW9uU2V0LmF0dHJQZXJtaXNzaW9uU2V0QXJuO1xuICB9XG59XG4iXX0=
|
|
@@ -17,6 +17,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
17
17
|
__exportStar(require("./instanceProfile"), exports);
|
|
18
18
|
__exportStar(require("./managedPolicy"), exports);
|
|
19
19
|
__exportStar(require("./policy"), exports);
|
|
20
|
-
__exportStar(require("./securityGroup"), exports);
|
|
21
20
|
__exportStar(require("./role"), exports);
|
|
22
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
21
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9pYW0vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLG9EQUFrQztBQUNsQyxrREFBZ0M7QUFDaEMsMkNBQXlCO0FBQ3pCLHlDQUF1QiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL2luc3RhbmNlUHJvZmlsZVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vbWFuYWdlZFBvbGljeVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vcG9saWN5XCI7XG5leHBvcnQgKiBmcm9tIFwiLi9yb2xlXCI7XG4iXX0=
|
|
@@ -18,8 +18,7 @@ __exportStar(require("./networking"), exports);
|
|
|
18
18
|
__exportStar(require("./storage"), exports);
|
|
19
19
|
__exportStar(require("./base"), exports);
|
|
20
20
|
__exportStar(require("./backup"), exports);
|
|
21
|
-
__exportStar(require("./monitoring"), exports);
|
|
22
21
|
__exportStar(require("./cdn"), exports);
|
|
23
22
|
__exportStar(require("./messaging"), exports);
|
|
24
23
|
__exportStar(require("./organisation"), exports);
|
|
25
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
24
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsK0NBQTZCO0FBQzdCLDRDQUEwQjtBQUMxQix5Q0FBdUI7QUFDdkIsMkNBQXlCO0FBQ3pCLHdDQUFzQjtBQUN0Qiw4Q0FBNEI7QUFDNUIsaURBQStCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSBcIi4vbmV0d29ya2luZ1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vc3RvcmFnZVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vYmFzZVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vYmFja3VwXCI7XG5leHBvcnQgKiBmcm9tIFwiLi9jZG5cIjtcbmV4cG9ydCAqIGZyb20gXCIuL21lc3NhZ2luZ1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vb3JnYW5pc2F0aW9uXCI7XG4iXX0=
|
|
@@ -12,7 +12,8 @@ class Trail extends constructs_1.Construct {
|
|
|
12
12
|
constructor(scope, id, props) {
|
|
13
13
|
super(scope, id);
|
|
14
14
|
const encryptionKey = new secrets_1.CustomerManagedKey(this, `${id}CloudTrailEncryptionKey`, {
|
|
15
|
-
aliasName: `cmk/cloudtrail/${id}/encryptionKey
|
|
15
|
+
aliasName: `cmk/cloudtrail/${id}/encryptionKey`,
|
|
16
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY
|
|
16
17
|
});
|
|
17
18
|
this.bucket = new storage_1.S3Bucket(this, `${id}CloudTrailBucket`, {
|
|
18
19
|
bucketName: props.bucketName,
|
|
@@ -20,7 +21,6 @@ class Trail extends constructs_1.Construct {
|
|
|
20
21
|
encryption: aws_s3_1.BucketEncryption.KMS,
|
|
21
22
|
encryptionKey: encryptionKey.key,
|
|
22
23
|
versioned: false,
|
|
23
|
-
removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN,
|
|
24
24
|
lifecycleRules: [{ expiration: aws_cdk_lib_1.Duration.days(365), enabled: true }]
|
|
25
25
|
});
|
|
26
26
|
this.bucket.grantReadWrite(new aws_iam_1.ServicePrincipal("cloudtrail.amazonaws.com"));
|
|
@@ -30,6 +30,16 @@ class Trail extends constructs_1.Construct {
|
|
|
30
30
|
trailName: props.trailName || `${id}Trail`,
|
|
31
31
|
encryptionKey: encryptionKey.key
|
|
32
32
|
});
|
|
33
|
+
// TODO: Revert to RemovalPolicy.RETAIN for production
|
|
34
|
+
this.trail.applyRemovalPolicy(aws_cdk_lib_1.RemovalPolicy.DESTROY);
|
|
35
|
+
// Ensure the autoDeleteObjects custom resource is fully provisioned before
|
|
36
|
+
// the trail starts writing to the bucket. Without this, a create-rollback
|
|
37
|
+
// leaves the bucket non-empty (CloudTrail writes logs immediately) and the
|
|
38
|
+
// auto-delete Lambda was never created — causing ROLLBACK_FAILED.
|
|
39
|
+
const autoDeleteResource = this.bucket.node.tryFindChild("AutoDeleteObjectsCustomResource");
|
|
40
|
+
if (autoDeleteResource) {
|
|
41
|
+
this.trail.node.addDependency(autoDeleteResource);
|
|
42
|
+
}
|
|
33
43
|
}
|
|
34
44
|
}
|
|
35
45
|
exports.Trail = Trail;
|
|
@@ -42,4 +52,4 @@ class TrailStack extends aws_cdk_lib_1.Stack {
|
|
|
42
52
|
}
|
|
43
53
|
}
|
|
44
54
|
exports.TrailStack = TrailStack;
|
|
45
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
55
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRUcmFpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2xvZ2dpbmcvY2xvdWRUcmFpbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBNkQ7QUFDN0QseURBQXlEO0FBQ3pELDJDQUF1QztBQUN2Qyx3Q0FBZ0Q7QUFDaEQsd0NBQXNDO0FBQ3RDLCtDQUFzRDtBQUN0RCxpREFBdUQ7QUFNdkQsTUFBYSxLQUFNLFNBQVEsc0JBQVM7SUFJbEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFzQjtRQUM5RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLE1BQU0sYUFBYSxHQUFHLElBQUksNEJBQWtCLENBQzFDLElBQUksRUFDSixHQUFHLEVBQUUseUJBQXlCLEVBQzlCO1lBQ0UsU0FBUyxFQUFFLGtCQUFrQixFQUFFLGdCQUFnQjtZQUMvQyxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1NBQ3JDLENBQ0YsQ0FBQztRQUVGLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxrQkFBUSxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsa0JBQWtCLEVBQUU7WUFDeEQsVUFBVSxFQUFFLEtBQUssQ0FBQyxVQUFVO1lBQzVCLGdCQUFnQixFQUFFLElBQUk7WUFDdEIsVUFBVSxFQUFFLHlCQUFnQixDQUFDLEdBQUc7WUFDaEMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxHQUFHO1lBQ2hDLFNBQVMsRUFBRSxLQUFLO1lBQ2hCLGNBQWMsRUFBRSxDQUFDLEVBQUUsVUFBVSxFQUFFLHNCQUFRLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztTQUNwRSxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FDeEIsSUFBSSwwQkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUNqRCxDQUFDO1FBRUYsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLFVBQVUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUU7WUFDekQsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1lBQ25CLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLEdBQUcsRUFBRSxPQUFPO1lBQzFDLGFBQWEsRUFBRSxhQUFhLENBQUMsR0FBRztTQUNqQyxDQUFDLENBQUM7UUFDSCxzREFBc0Q7UUFDdEQsSUFBSSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQywyQkFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRXJELDJFQUEyRTtRQUMzRSwwRUFBMEU7UUFDMUUsMkVBQTJFO1FBQzNFLGtFQUFrRTtRQUNsRSxNQUFNLGtCQUFrQixHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FDdEQsaUNBQWlDLENBQ2xDLENBQUM7UUFDRixJQUFJLGtCQUFrQixFQUFFLENBQUM7WUFDdkIsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGtCQUErQixDQUFDLENBQUM7UUFDakUsQ0FBQztJQUNILENBQUM7Q0FDRjtBQWhERCxzQkFnREM7QUFFRCxNQUFhLFVBQVcsU0FBUSxtQkFBSztJQUNuQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQXNCO1FBQzlELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxLQUFLLENBQUMsSUFBSSxFQUFFLEVBQUUsRUFBRTtZQUNsQixHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFSRCxnQ0FRQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IER1cmF0aW9uLCBSZW1vdmFsUG9saWN5LCBTdGFjayB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0ICogYXMgQ2xvdWRUcmFpbCBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNsb3VkdHJhaWxcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDdXN0b21lck1hbmFnZWRLZXkgfSBmcm9tIFwiLi4vc2VjcmV0c1wiO1xuaW1wb3J0IHsgUzNCdWNrZXQgfSBmcm9tIFwiLi4vc3RvcmFnZVwiO1xuaW1wb3J0IHsgQnVja2V0RW5jcnlwdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcbmltcG9ydCB7IFNlcnZpY2VQcmluY2lwYWwgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuXG5pbnRlcmZhY2UgQ2xvdWRUcmFpbFByb3BzIGV4dGVuZHMgQ2xvdWRUcmFpbC5UcmFpbFByb3BzIHtcbiAgYnVja2V0TmFtZTogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgVHJhaWwgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgdHJhaWw6IENsb3VkVHJhaWwuVHJhaWw7XG4gIHB1YmxpYyByZWFkb25seSBidWNrZXQ6IFMzQnVja2V0O1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBDbG91ZFRyYWlsUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IG5ldyBDdXN0b21lck1hbmFnZWRLZXkoXG4gICAgICB0aGlzLFxuICAgICAgYCR7aWR9Q2xvdWRUcmFpbEVuY3J5cHRpb25LZXlgLFxuICAgICAge1xuICAgICAgICBhbGlhc05hbWU6IGBjbWsvY2xvdWR0cmFpbC8ke2lkfS9lbmNyeXB0aW9uS2V5YCxcbiAgICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZXG4gICAgICB9XG4gICAgKTtcblxuICAgIHRoaXMuYnVja2V0ID0gbmV3IFMzQnVja2V0KHRoaXMsIGAke2lkfUNsb3VkVHJhaWxCdWNrZXRgLCB7XG4gICAgICBidWNrZXROYW1lOiBwcm9wcy5idWNrZXROYW1lLFxuICAgICAgYnVja2V0S2V5RW5hYmxlZDogdHJ1ZSxcbiAgICAgIGVuY3J5cHRpb246IEJ1Y2tldEVuY3J5cHRpb24uS01TLFxuICAgICAgZW5jcnlwdGlvbktleTogZW5jcnlwdGlvbktleS5rZXksXG4gICAgICB2ZXJzaW9uZWQ6IGZhbHNlLFxuICAgICAgbGlmZWN5Y2xlUnVsZXM6IFt7IGV4cGlyYXRpb246IER1cmF0aW9uLmRheXMoMzY1KSwgZW5hYmxlZDogdHJ1ZSB9XVxuICAgIH0pO1xuICAgIHRoaXMuYnVja2V0LmdyYW50UmVhZFdyaXRlKFxuICAgICAgbmV3IFNlcnZpY2VQcmluY2lwYWwoXCJjbG91ZHRyYWlsLmFtYXpvbmF3cy5jb21cIilcbiAgICApO1xuXG4gICAgdGhpcy50cmFpbCA9IG5ldyBDbG91ZFRyYWlsLlRyYWlsKHRoaXMsIGAke2lkfUNsb3VkVHJhaWxgLCB7XG4gICAgICAuLi5wcm9wcyxcbiAgICAgIGJ1Y2tldDogdGhpcy5idWNrZXQsXG4gICAgICB0cmFpbE5hbWU6IHByb3BzLnRyYWlsTmFtZSB8fCBgJHtpZH1UcmFpbGAsXG4gICAgICBlbmNyeXB0aW9uS2V5OiBlbmNyeXB0aW9uS2V5LmtleVxuICAgIH0pO1xuICAgIC8vIFRPRE86IFJldmVydCB0byBSZW1vdmFsUG9saWN5LlJFVEFJTiBmb3IgcHJvZHVjdGlvblxuICAgIHRoaXMudHJhaWwuYXBwbHlSZW1vdmFsUG9saWN5KFJlbW92YWxQb2xpY3kuREVTVFJPWSk7XG5cbiAgICAvLyBFbnN1cmUgdGhlIGF1dG9EZWxldGVPYmplY3RzIGN1c3RvbSByZXNvdXJjZSBpcyBmdWxseSBwcm92aXNpb25lZCBiZWZvcmVcbiAgICAvLyB0aGUgdHJhaWwgc3RhcnRzIHdyaXRpbmcgdG8gdGhlIGJ1Y2tldC4gV2l0aG91dCB0aGlzLCBhIGNyZWF0ZS1yb2xsYmFja1xuICAgIC8vIGxlYXZlcyB0aGUgYnVja2V0IG5vbi1lbXB0eSAoQ2xvdWRUcmFpbCB3cml0ZXMgbG9ncyBpbW1lZGlhdGVseSkgYW5kIHRoZVxuICAgIC8vIGF1dG8tZGVsZXRlIExhbWJkYSB3YXMgbmV2ZXIgY3JlYXRlZCDigJQgY2F1c2luZyBST0xMQkFDS19GQUlMRUQuXG4gICAgY29uc3QgYXV0b0RlbGV0ZVJlc291cmNlID0gdGhpcy5idWNrZXQubm9kZS50cnlGaW5kQ2hpbGQoXG4gICAgICBcIkF1dG9EZWxldGVPYmplY3RzQ3VzdG9tUmVzb3VyY2VcIlxuICAgICk7XG4gICAgaWYgKGF1dG9EZWxldGVSZXNvdXJjZSkge1xuICAgICAgdGhpcy50cmFpbC5ub2RlLmFkZERlcGVuZGVuY3koYXV0b0RlbGV0ZVJlc291cmNlIGFzIENvbnN0cnVjdCk7XG4gICAgfVxuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBUcmFpbFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ2xvdWRUcmFpbFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBUcmFpbCh0aGlzLCBpZCwge1xuICAgICAgLi4ucHJvcHNcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./cloudTrail"), exports);
|
|
18
|
+
__exportStar(require("./logGroup"), exports);
|
|
19
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9sb2dnaW5nL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwrQ0FBNkI7QUFDN0IsNkNBQTJCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSBcIi4vY2xvdWRUcmFpbFwiO1xuZXhwb3J0ICogZnJvbSBcIi4vbG9nR3JvdXBcIjtcbiJdfQ==
|
|
@@ -14,7 +14,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./sqs"), exports);
|
|
18
|
-
__exportStar(require("./sns"), exports);
|
|
19
17
|
__exportStar(require("./eventbridge"), exports);
|
|
20
|
-
|
|
18
|
+
__exportStar(require("./sns"), exports);
|
|
19
|
+
__exportStar(require("./sqs"), exports);
|
|
20
|
+
__exportStar(require("./utils"), exports);
|
|
21
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9tZXNzYWdpbmcvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLGdEQUE4QjtBQUM5Qix3Q0FBc0I7QUFDdEIsd0NBQXNCO0FBQ3RCLDBDQUF3QiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL2V2ZW50YnJpZGdlXCI7XG5leHBvcnQgKiBmcm9tIFwiLi9zbnNcIjtcbmV4cG9ydCAqIGZyb20gXCIuL3Nxc1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vdXRpbHNcIjtcbiJdfQ==
|