@fjall/components-infrastructure 0.89.4 → 0.89.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +50 -21
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -18
- package/dist/lib/app.d.ts +12 -12
- package/dist/lib/app.js +61 -56
- package/dist/lib/aspects/index.d.ts +1 -1
- package/dist/lib/aspects/index.js +1 -6
- package/dist/lib/aspects/resourceInventory.js +6 -13
- package/dist/lib/config/audit.js +1 -5
- package/dist/lib/config/aws/accessAnalyser.d.ts +11 -0
- package/dist/lib/config/aws/accessAnalyser.js +17 -0
- package/dist/lib/config/aws/accountAuditRole.js +11 -15
- package/dist/lib/config/aws/accountMonitoringRole.js +25 -29
- package/dist/lib/config/aws/alarmTopic.d.ts +8 -0
- package/dist/lib/config/aws/alarmTopic.js +19 -0
- package/dist/lib/config/aws/cloudTrail.js +4 -9
- package/dist/lib/config/aws/configRecorder.d.ts +16 -0
- package/dist/lib/config/aws/configRecorder.js +51 -0
- package/dist/lib/config/aws/configRulePreset.d.ts +13 -0
- package/dist/lib/config/aws/configRulePreset.js +62 -0
- package/dist/lib/config/aws/disasterRecovery.d.ts +1 -1
- package/dist/lib/config/aws/disasterRecovery.js +56 -73
- package/dist/lib/config/aws/ebsDefaultEncryption.d.ts +8 -0
- package/dist/lib/config/aws/ebsDefaultEncryption.js +41 -0
- package/dist/lib/config/aws/ecrDefaultImage.js +25 -30
- package/dist/lib/config/aws/eventBus.js +8 -11
- package/dist/lib/config/aws/guardDutyDetector.d.ts +16 -0
- package/dist/lib/config/aws/guardDutyDetector.js +26 -0
- package/dist/lib/config/aws/identityCenter.d.ts +1 -1
- package/dist/lib/config/aws/identityCenter.js +23 -25
- package/dist/lib/config/aws/identityCenterGroupMembership.js +18 -22
- package/dist/lib/config/aws/index.d.ts +19 -8
- package/dist/lib/config/aws/index.js +19 -25
- package/dist/lib/config/aws/inspectorEnablement.d.ts +9 -0
- package/dist/lib/config/aws/inspectorEnablement.js +51 -0
- package/dist/lib/config/aws/ipam.js +9 -13
- package/dist/lib/config/aws/oidcConnector.js +8 -12
- package/dist/lib/config/aws/platform.js +1 -5
- package/dist/lib/config/aws/s3BlockPublicAccess.d.ts +9 -0
- package/dist/lib/config/aws/s3BlockPublicAccess.js +55 -0
- package/dist/lib/config/aws/scpPreset.d.ts +21 -0
- package/dist/lib/config/aws/scpPreset.js +311 -0
- package/dist/lib/config/aws/securityBaseline.d.ts +15 -0
- package/dist/lib/config/aws/securityBaseline.js +27 -0
- package/dist/lib/config/aws/securityHubHub.d.ts +15 -0
- package/dist/lib/config/aws/securityHubHub.js +28 -0
- package/dist/lib/config/aws/securityServicesAdmin.d.ts +20 -0
- package/dist/lib/config/aws/securityServicesAdmin.js +115 -0
- package/dist/lib/config/index.d.ts +2 -2
- package/dist/lib/config/index.js +2 -21
- package/dist/lib/index.d.ts +4 -4
- package/dist/lib/index.js +5 -26
- package/dist/lib/patterns/aws/account.d.ts +17 -1
- package/dist/lib/patterns/aws/account.js +61 -33
- package/dist/lib/patterns/aws/apexDomainPattern.d.ts +26 -0
- package/dist/lib/patterns/aws/apexDomainPattern.js +91 -0
- package/dist/lib/patterns/aws/auditRole.js +13 -16
- package/dist/lib/patterns/aws/buildkite.d.ts +1 -1
- package/dist/lib/patterns/aws/buildkite.js +70 -75
- package/dist/lib/patterns/aws/cdn.d.ts +5 -5
- package/dist/lib/patterns/aws/cdn.js +22 -28
- package/dist/lib/patterns/aws/compute.d.ts +1 -1
- package/dist/lib/patterns/aws/compute.js +31 -44
- package/dist/lib/patterns/aws/computeEc2.d.ts +1 -1
- package/dist/lib/patterns/aws/computeEc2.js +11 -14
- package/dist/lib/patterns/aws/computeEcs.d.ts +18 -2
- package/dist/lib/patterns/aws/computeEcs.js +41 -31
- package/dist/lib/patterns/aws/computeLambda.d.ts +2 -2
- package/dist/lib/patterns/aws/computeLambda.js +24 -31
- package/dist/lib/patterns/aws/database.d.ts +16 -7
- package/dist/lib/patterns/aws/database.js +81 -73
- package/dist/lib/patterns/aws/delegatedDomainPattern.d.ts +17 -0
- package/dist/lib/patterns/aws/delegatedDomainPattern.js +54 -0
- package/dist/lib/patterns/aws/dnsRecordComposer.d.ts +25 -0
- package/dist/lib/patterns/aws/dnsRecordComposer.js +225 -0
- package/dist/lib/patterns/aws/domain.d.ts +32 -0
- package/dist/lib/patterns/aws/domain.js +115 -0
- package/dist/lib/patterns/aws/domainDelegation.d.ts +3 -3
- package/dist/lib/patterns/aws/domainDelegation.js +28 -37
- package/dist/lib/patterns/aws/domainFactory.d.ts +20 -5
- package/dist/lib/patterns/aws/domainFactory.js +48 -10
- package/dist/lib/patterns/aws/domainValidation.d.ts +11 -0
- package/dist/lib/patterns/aws/domainValidation.js +145 -0
- package/dist/lib/patterns/aws/externalRecordsPattern.d.ts +18 -0
- package/dist/lib/patterns/aws/externalRecordsPattern.js +141 -0
- package/dist/lib/patterns/aws/fivetranProxy.d.ts +1 -1
- package/dist/lib/patterns/aws/fivetranProxy.js +6 -11
- package/dist/lib/patterns/aws/index.d.ts +21 -19
- package/dist/lib/patterns/aws/index.js +25 -36
- package/dist/lib/patterns/aws/interfaces/cdn.js +1 -5
- package/dist/lib/patterns/aws/interfaces/compute.js +4 -11
- package/dist/lib/patterns/aws/interfaces/connector.js +1 -15
- package/dist/lib/patterns/aws/interfaces/database.d.ts +1 -1
- package/dist/lib/patterns/aws/interfaces/database.js +6 -15
- package/dist/lib/patterns/aws/interfaces/domain.d.ts +80 -2
- package/dist/lib/patterns/aws/interfaces/domain.js +1 -6
- package/dist/lib/patterns/aws/interfaces/index.js +8 -41
- package/dist/lib/patterns/aws/interfaces/messaging.js +4 -11
- package/dist/lib/patterns/aws/interfaces/organisation.d.ts +1 -1
- package/dist/lib/patterns/aws/interfaces/organisation.js +4 -11
- package/dist/lib/patterns/aws/interfaces/pattern.js +2 -7
- package/dist/lib/patterns/aws/interfaces/storage.js +1 -5
- package/dist/lib/patterns/aws/managedIdentityCenter.js +7 -12
- package/dist/lib/patterns/aws/messaging.d.ts +7 -7
- package/dist/lib/patterns/aws/messaging.js +22 -33
- package/dist/lib/patterns/aws/network.d.ts +2 -2
- package/dist/lib/patterns/aws/network.js +9 -14
- package/dist/lib/patterns/aws/organisation.d.ts +6 -2
- package/dist/lib/patterns/aws/organisation.js +34 -35
- package/dist/lib/patterns/aws/organisationFactory.d.ts +3 -3
- package/dist/lib/patterns/aws/organisationFactory.js +7 -12
- package/dist/lib/patterns/aws/pattern.js +6 -12
- package/dist/lib/patterns/aws/payload.js +73 -63
- package/dist/lib/patterns/aws/platform.d.ts +6 -3
- package/dist/lib/patterns/aws/platform.js +15 -15
- package/dist/lib/patterns/aws/storage.d.ts +6 -4
- package/dist/lib/patterns/aws/storage.js +35 -40
- package/dist/lib/patterns/aws/subdomainHostedZone.js +11 -16
- package/dist/lib/patterns/aws/targets/fjallTargets.d.ts +37 -0
- package/dist/lib/patterns/aws/targets/fjallTargets.js +66 -0
- package/dist/lib/patterns/aws/targets/index.d.ts +2 -0
- package/dist/lib/patterns/aws/targets/index.js +2 -0
- package/dist/lib/patterns/aws/targets/targetResolution.d.ts +76 -0
- package/dist/lib/patterns/aws/targets/targetResolution.js +119 -0
- package/dist/lib/patterns/index.d.ts +1 -0
- package/dist/lib/patterns/index.js +1 -0
- package/dist/lib/resources/aws/analytics/clickhouse.d.ts +15 -0
- package/dist/lib/resources/aws/analytics/clickhouse.js +292 -0
- package/dist/lib/resources/aws/analytics/clickhouseConstants.d.ts +73 -0
- package/dist/lib/resources/aws/analytics/clickhouseConstants.js +87 -0
- package/dist/lib/resources/aws/analytics/clickhouseSecurityGroup.d.ts +13 -0
- package/dist/lib/resources/aws/analytics/clickhouseSecurityGroup.js +28 -0
- package/dist/lib/resources/aws/analytics/clickhouseTypes.d.ts +47 -0
- package/dist/lib/resources/aws/analytics/clickhouseTypes.js +1 -0
- package/dist/lib/resources/aws/analytics/clickhouseUserData.d.ts +5 -0
- package/dist/lib/resources/aws/analytics/clickhouseUserData.js +248 -0
- package/dist/lib/resources/aws/analytics/index.d.ts +2 -0
- package/dist/lib/resources/aws/analytics/index.js +1 -0
- package/dist/lib/resources/aws/audit/auditRole.js +10 -15
- package/dist/lib/resources/aws/audit/index.d.ts +1 -1
- package/dist/lib/resources/aws/audit/index.js +1 -6
- package/dist/lib/resources/aws/backup/backupPlan.d.ts +1 -1
- package/dist/lib/resources/aws/backup/backupPlan.js +14 -16
- package/dist/lib/resources/aws/backup/backupVault.d.ts +1 -1
- package/dist/lib/resources/aws/backup/backupVault.js +13 -15
- package/dist/lib/resources/aws/backup/index.d.ts +2 -2
- package/dist/lib/resources/aws/backup/index.js +2 -19
- package/dist/lib/resources/aws/base/awsStack.js +17 -19
- package/dist/lib/resources/aws/base/index.d.ts +1 -1
- package/dist/lib/resources/aws/base/index.js +1 -18
- package/dist/lib/resources/aws/cdn/cloudFront.js +40 -42
- package/dist/lib/resources/aws/cdn/index.d.ts +1 -1
- package/dist/lib/resources/aws/cdn/index.js +1 -18
- package/dist/lib/resources/aws/compute/ec2.js +39 -39
- package/dist/lib/resources/aws/compute/ecs.d.ts +18 -396
- package/dist/lib/resources/aws/compute/ecs.js +105 -976
- package/dist/lib/resources/aws/compute/ecsCapacityProviderAspect.d.ts +22 -0
- package/dist/lib/resources/aws/compute/ecsCapacityProviderAspect.js +35 -0
- package/dist/lib/resources/aws/compute/ecsConstants.d.ts +20 -0
- package/dist/lib/resources/aws/compute/ecsConstants.js +49 -0
- package/dist/lib/resources/aws/compute/ecsContext.d.ts +12 -0
- package/dist/lib/resources/aws/compute/ecsContext.js +1 -0
- package/dist/lib/resources/aws/compute/ecsImages.d.ts +4 -0
- package/dist/lib/resources/aws/compute/ecsImages.js +35 -0
- package/dist/lib/resources/aws/compute/ecsNetworking.d.ts +28 -0
- package/dist/lib/resources/aws/compute/ecsNetworking.js +290 -0
- package/dist/lib/resources/aws/compute/ecsRoles.d.ts +15 -0
- package/dist/lib/resources/aws/compute/ecsRoles.js +110 -0
- package/dist/lib/resources/aws/compute/ecsServiceFactory.d.ts +33 -0
- package/dist/lib/resources/aws/compute/ecsServiceFactory.js +183 -0
- package/dist/lib/resources/aws/compute/ecsTaskDefinition.d.ts +30 -0
- package/dist/lib/resources/aws/compute/ecsTaskDefinition.js +168 -0
- package/dist/lib/resources/aws/compute/ecsTypes.d.ts +337 -0
- package/dist/lib/resources/aws/compute/ecsTypes.js +10 -0
- package/dist/lib/resources/aws/compute/ecsValidation.d.ts +18 -0
- package/dist/lib/resources/aws/compute/ecsValidation.js +72 -0
- package/dist/lib/resources/aws/compute/index.d.ts +3 -3
- package/dist/lib/resources/aws/compute/index.js +3 -20
- package/dist/lib/resources/aws/compute/lambda.d.ts +10 -2
- package/dist/lib/resources/aws/compute/lambda.js +82 -70
- package/dist/lib/resources/aws/database/dynamodb.js +27 -28
- package/dist/lib/resources/aws/database/index.d.ts +7 -7
- package/dist/lib/resources/aws/database/index.js +14 -33
- package/dist/lib/resources/aws/database/rdsAurora.d.ts +10 -2
- package/dist/lib/resources/aws/database/rdsAurora.js +76 -61
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.d.ts +2 -2
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.js +24 -21
- package/dist/lib/resources/aws/database/rdsDefaults.js +3 -7
- package/dist/lib/resources/aws/database/rdsHelpers.d.ts +2 -2
- package/dist/lib/resources/aws/database/rdsHelpers.js +21 -29
- package/dist/lib/resources/aws/database/rdsInstance.d.ts +11 -3
- package/dist/lib/resources/aws/database/rdsInstance.js +101 -83
- package/dist/lib/resources/aws/database/rdsProxyOutput.js +5 -9
- package/dist/lib/resources/aws/iam/delegationRole.d.ts +18 -0
- package/dist/lib/resources/aws/iam/delegationRole.js +60 -0
- package/dist/lib/resources/aws/iam/identityCenter/assignment.js +4 -9
- package/dist/lib/resources/aws/iam/identityCenter/group.js +5 -9
- package/dist/lib/resources/aws/iam/identityCenter/index.d.ts +3 -3
- package/dist/lib/resources/aws/iam/identityCenter/index.js +3 -20
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.d.ts +1 -1
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.js +5 -9
- package/dist/lib/resources/aws/iam/index.d.ts +5 -4
- package/dist/lib/resources/aws/iam/index.js +5 -21
- package/dist/lib/resources/aws/iam/instanceProfile.js +2 -7
- package/dist/lib/resources/aws/iam/managedPolicy.js +2 -7
- package/dist/lib/resources/aws/iam/policy.js +2 -7
- package/dist/lib/resources/aws/iam/role.js +2 -7
- package/dist/lib/resources/aws/index.d.ts +7 -7
- package/dist/lib/resources/aws/index.js +7 -24
- package/dist/lib/resources/aws/logging/cloudTrail.d.ts +1 -1
- package/dist/lib/resources/aws/logging/cloudTrail.js +18 -22
- package/dist/lib/resources/aws/logging/index.d.ts +2 -2
- package/dist/lib/resources/aws/logging/index.js +2 -19
- package/dist/lib/resources/aws/logging/logGroup.js +4 -10
- package/dist/lib/resources/aws/messaging/eventbridge.js +11 -14
- package/dist/lib/resources/aws/messaging/index.d.ts +4 -4
- package/dist/lib/resources/aws/messaging/index.js +4 -21
- package/dist/lib/resources/aws/messaging/sns.js +11 -14
- package/dist/lib/resources/aws/messaging/sqs.js +32 -34
- package/dist/lib/resources/aws/messaging/utils.d.ts +1 -1
- package/dist/lib/resources/aws/messaging/utils.js +1 -6
- package/dist/lib/resources/aws/monitoring/alarmDefaults.d.ts +36 -0
- package/dist/lib/resources/aws/monitoring/alarmDefaults.js +34 -0
- package/dist/lib/resources/aws/monitoring/ecsAlarms.d.ts +21 -0
- package/dist/lib/resources/aws/monitoring/ecsAlarms.js +88 -0
- package/dist/lib/resources/aws/monitoring/index.d.ts +4 -0
- package/dist/lib/resources/aws/monitoring/index.js +4 -5
- package/dist/lib/resources/aws/monitoring/lambdaAlarms.d.ts +18 -0
- package/dist/lib/resources/aws/monitoring/lambdaAlarms.js +44 -0
- package/dist/lib/resources/aws/monitoring/rdsAlarms.d.ts +20 -0
- package/dist/lib/resources/aws/monitoring/rdsAlarms.js +52 -0
- package/dist/lib/resources/aws/networking/crossAccountDelegationRecord.d.ts +17 -0
- package/dist/lib/resources/aws/networking/crossAccountDelegationRecord.js +26 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aRecord.js +21 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aaaaRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aaaaRecord.js +22 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aliasRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/aliasRecord.js +23 -0
- package/dist/lib/resources/aws/networking/dnsRecord/caaRecord.d.ts +17 -0
- package/dist/lib/resources/aws/networking/dnsRecord/caaRecord.js +21 -0
- package/dist/lib/resources/aws/networking/dnsRecord/cnameRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/cnameRecord.js +22 -0
- package/dist/lib/resources/aws/networking/dnsRecord/dnsRecordBase.d.ts +17 -0
- package/dist/lib/resources/aws/networking/dnsRecord/dnsRecordBase.js +17 -0
- package/dist/lib/resources/aws/networking/dnsRecord/index.d.ts +10 -0
- package/dist/lib/resources/aws/networking/dnsRecord/index.js +10 -0
- package/dist/lib/resources/aws/networking/dnsRecord/mxRecord.d.ts +16 -0
- package/dist/lib/resources/aws/networking/dnsRecord/mxRecord.js +21 -0
- package/dist/lib/resources/aws/networking/dnsRecord/nsRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/nsRecord.js +21 -0
- package/dist/lib/resources/aws/networking/dnsRecord/srvRecord.d.ts +18 -0
- package/dist/lib/resources/aws/networking/dnsRecord/srvRecord.js +21 -0
- package/dist/lib/resources/aws/networking/dnsRecord/txtRecord.d.ts +12 -0
- package/dist/lib/resources/aws/networking/dnsRecord/txtRecord.js +21 -0
- package/dist/lib/resources/aws/networking/domain.d.ts +1 -1
- package/dist/lib/resources/aws/networking/domain.js +32 -34
- package/dist/lib/resources/aws/networking/domainCertificate.d.ts +8 -3
- package/dist/lib/resources/aws/networking/domainCertificate.js +22 -16
- package/dist/lib/resources/aws/networking/hostedZone.d.ts +23 -19
- package/dist/lib/resources/aws/networking/hostedZone.js +70 -134
- package/dist/lib/resources/aws/networking/index.d.ts +8 -7
- package/dist/lib/resources/aws/networking/index.js +8 -24
- package/dist/lib/resources/aws/networking/ipam.js +2 -7
- package/dist/lib/resources/aws/networking/ipamPool.d.ts +1 -1
- package/dist/lib/resources/aws/networking/ipamPool.js +45 -55
- package/dist/lib/resources/aws/networking/securityGroup.js +2 -7
- package/dist/lib/resources/aws/networking/vpc.d.ts +1 -1
- package/dist/lib/resources/aws/networking/vpc.js +17 -21
- package/dist/lib/resources/aws/organisation/costAllocationTagActivator.d.ts +1 -1
- package/dist/lib/resources/aws/organisation/costAllocationTagActivator.js +11 -15
- package/dist/lib/resources/aws/organisation/index.d.ts +5 -5
- package/dist/lib/resources/aws/organisation/index.js +4 -12
- package/dist/lib/resources/aws/organisation/organisation.js +5 -7
- package/dist/lib/resources/aws/organisation/organisationAccount.js +7 -10
- package/dist/lib/resources/aws/organisation/organisationPolicy.js +5 -9
- package/dist/lib/resources/aws/organisation/organisationalUnit.js +1 -3
- package/dist/lib/resources/aws/secrets/alias.js +2 -7
- package/dist/lib/resources/aws/secrets/index.d.ts +4 -4
- package/dist/lib/resources/aws/secrets/index.js +4 -21
- package/dist/lib/resources/aws/secrets/kms.js +15 -18
- package/dist/lib/resources/aws/secrets/parameter.d.ts +3 -3
- package/dist/lib/resources/aws/secrets/parameter.js +19 -22
- package/dist/lib/resources/aws/secrets/secret.d.ts +2 -2
- package/dist/lib/resources/aws/secrets/secret.js +12 -14
- package/dist/lib/resources/aws/storage/ecr.d.ts +2 -2
- package/dist/lib/resources/aws/storage/ecr.js +7 -13
- package/dist/lib/resources/aws/storage/index.d.ts +2 -2
- package/dist/lib/resources/aws/storage/index.js +2 -19
- package/dist/lib/resources/aws/storage/s3.d.ts +1 -1
- package/dist/lib/resources/aws/storage/s3.js +24 -12
- package/dist/lib/resources/aws/utilities/awsCustomResource.js +3 -7
- package/dist/lib/resources/aws/utilities/codeBuild.js +7 -12
- package/dist/lib/resources/aws/utilities/customResource.js +14 -17
- package/dist/lib/resources/aws/utilities/customResourceProvider.js +2 -7
- package/dist/lib/resources/aws/utilities/index.d.ts +5 -5
- package/dist/lib/resources/aws/utilities/index.js +5 -22
- package/dist/lib/resources/aws/utilities/resourceShare.js +2 -7
- package/dist/lib/resources/index.d.ts +1 -1
- package/dist/lib/resources/index.js +1 -18
- package/dist/lib/types.js +1 -3
- package/dist/lib/utils/accountsUtils.d.ts +5 -0
- package/dist/lib/utils/accountsUtils.js +18 -0
- package/dist/lib/utils/addSuffixToEmail.js +1 -5
- package/dist/lib/utils/backupTierMapping.js +2 -6
- package/dist/lib/utils/capitaliseString.js +1 -10
- package/dist/lib/utils/connections.js +9 -13
- package/dist/lib/utils/connector.js +10 -23
- package/dist/lib/utils/constructMap.d.ts +33 -0
- package/dist/lib/utils/constructMap.js +154 -0
- package/dist/lib/utils/databaseTypes.js +4 -10
- package/dist/lib/utils/dnsRecords.d.ts +1 -1
- package/dist/lib/utils/dnsRecords.js +23 -27
- package/dist/lib/utils/domainTypes.d.ts +0 -1
- package/dist/lib/utils/domainTypes.js +2 -10
- package/dist/lib/utils/env.js +14 -26
- package/dist/lib/utils/getAccountId.js +3 -7
- package/dist/lib/utils/getAsync.js +7 -10
- package/dist/lib/utils/getConfig.d.ts +0 -2
- package/dist/lib/utils/getConfig.js +29 -47
- package/dist/lib/utils/getStackOutput.js +4 -8
- package/dist/lib/utils/index.d.ts +12 -12
- package/dist/lib/utils/index.js +12 -29
- package/dist/lib/utils/manifestWriter.d.ts +14 -3
- package/dist/lib/utils/manifestWriter.js +60 -43
- package/dist/lib/utils/orgConfigParser.d.ts +14 -0
- package/dist/lib/utils/orgConfigParser.js +49 -0
- package/dist/lib/utils/removalPolicy.js +5 -9
- package/dist/lib/utils/resourceNaming.js +11 -16
- package/dist/lib/utils/standardTagsAspect.js +9 -16
- package/dist/lib/utils/stripAndCamelCase.js +1 -5
- package/dist/lib/utils/validationLogger.js +12 -18
- package/dist/lib/utils/vpcUtils.js +5 -10
- package/package.json +25 -8
- package/dist/lib/config/aws/accountId.d.ts +0 -6
- package/dist/lib/config/aws/accountId.js +0 -32
- package/dist/lib/config/aws/backupGlobalSettings.d.ts +0 -29
- package/dist/lib/config/aws/backupGlobalSettings.js +0 -49
- package/dist/lib/config/aws/costAllocationTags.d.ts +0 -12
- package/dist/lib/config/aws/costAllocationTags.js +0 -47
- package/dist/lib/config/aws/ipamDelegateAdmin.d.ts +0 -8
- package/dist/lib/config/aws/ipamDelegateAdmin.js +0 -57
- package/dist/lib/config/aws/ipamPoolId.d.ts +0 -16
- package/dist/lib/config/aws/ipamPoolId.js +0 -42
- package/dist/lib/config/aws/organisation.d.ts +0 -30
- package/dist/lib/config/aws/organisation.js +0 -92
- package/dist/lib/config/aws/organisationId.d.ts +0 -7
- package/dist/lib/config/aws/organisationId.js +0 -45
- package/dist/lib/config/aws/organisationsAccess.d.ts +0 -10
- package/dist/lib/config/aws/organisationsAccess.js +0 -49
- package/dist/lib/config/aws/ramSharing.d.ts +0 -4
- package/dist/lib/config/aws/ramSharing.js +0 -34
- package/dist/lib/config/monitoring.d.ts +0 -18
- package/dist/lib/config/monitoring.js +0 -22
- package/dist/lib/patterns/aws/connections.d.ts +0 -46
- package/dist/lib/patterns/aws/connections.js +0 -159
- package/dist/lib/patterns/aws/hostedZone.d.ts +0 -28
- package/dist/lib/patterns/aws/hostedZone.js +0 -150
- package/dist/lib/patterns/aws/managedAccount.d.ts +0 -9
- package/dist/lib/patterns/aws/managedAccount.js +0 -55
- package/dist/lib/patterns/aws/managedOrganisation.d.ts +0 -36
- package/dist/lib/patterns/aws/managedOrganisation.js +0 -97
- package/dist/lib/patterns/aws/managedPlatform.d.ts +0 -12
- package/dist/lib/patterns/aws/managedPlatform.js +0 -29
- package/dist/lib/resources/aws/database/database.d.ts +0 -14
- package/dist/lib/resources/aws/database/database.js +0 -28
- package/dist/lib/resources/aws/database/databaseInstance.d.ts +0 -15
- package/dist/lib/resources/aws/database/databaseInstance.js +0 -30
- package/dist/lib/resources/aws/database/migrationLambda.d.ts +0 -80
- package/dist/lib/resources/aws/database/migrationLambda.js +0 -119
- package/dist/lib/resources/aws/iam/identityCenter/attachManagedPolicy.d.ts +0 -13
- package/dist/lib/resources/aws/iam/identityCenter/attachManagedPolicy.js +0 -51
- package/dist/lib/resources/aws/iam/securityGroup.d.ts +0 -5
- package/dist/lib/resources/aws/iam/securityGroup.js +0 -14
- package/dist/lib/resources/aws/monitoring/monitoringRole.d.ts +0 -29
- package/dist/lib/resources/aws/monitoring/monitoringRole.js +0 -120
- package/dist/lib/utils/capitalizeString.d.ts +0 -12
- package/dist/lib/utils/capitalizeString.js +0 -30
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const constructs_1 = require("constructs");
|
|
6
|
-
class OrganisationPolicy extends constructs_1.Construct {
|
|
1
|
+
import { CfnPolicy } from "aws-cdk-lib/aws-organizations";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
export class OrganisationPolicy extends Construct {
|
|
4
|
+
policyId;
|
|
7
5
|
constructor(scope, id, props) {
|
|
8
6
|
super(scope, id);
|
|
9
7
|
let content;
|
|
@@ -18,7 +16,7 @@ class OrganisationPolicy extends constructs_1.Construct {
|
|
|
18
16
|
else {
|
|
19
17
|
content = props.content;
|
|
20
18
|
}
|
|
21
|
-
const policy = new
|
|
19
|
+
const policy = new CfnPolicy(this, "Policy", {
|
|
22
20
|
name: props.name,
|
|
23
21
|
type: props.policyType,
|
|
24
22
|
content,
|
|
@@ -28,5 +26,3 @@ class OrganisationPolicy extends constructs_1.Construct {
|
|
|
28
26
|
this.policyId = policy.attrId;
|
|
29
27
|
}
|
|
30
28
|
}
|
|
31
|
-
exports.OrganisationPolicy = OrganisationPolicy;
|
|
32
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uUG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvb3JnYW5pc2F0aW9uL29yZ2FuaXNhdGlvblBvbGljeS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxxRUFBMEQ7QUFDMUQsMkNBQXVDO0FBZ0J2QyxNQUFhLGtCQUFtQixTQUFRLHNCQUFTO0lBRy9DLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBOEI7UUFDdEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLE9BQWdDLENBQUM7UUFDckMsSUFBSSxPQUFPLEtBQUssQ0FBQyxPQUFPLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDdEMsSUFBSSxDQUFDO2dCQUNILE9BQU8sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQTRCLENBQUM7WUFDakUsQ0FBQztZQUFDLE1BQU0sQ0FBQztnQkFDUCxNQUFNLElBQUksS0FBSyxDQUNiLHdDQUF3QyxLQUFLLENBQUMsSUFBSSxNQUFNLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxHQUFHLENBQUMsRUFBRSxDQUN0RixDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUM7UUFDMUIsQ0FBQztRQUVELE1BQU0sTUFBTSxHQUFHLElBQUksNkJBQVMsQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO1lBQzNDLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQixJQUFJLEVBQUUsS0FBSyxDQUFDLFVBQVU7WUFDdEIsT0FBTztZQUNQLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO0lBQ2hDLENBQUM7Q0FDRjtBQTdCRCxnREE2QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZm5Qb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLW9yZ2FuaXphdGlvbnNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5cbmV4cG9ydCB0eXBlIE9yZ2FuaXNhdGlvblBvbGljeVR5cGUgPVxuICB8IFwiU0VSVklDRV9DT05UUk9MX1BPTElDWVwiXG4gIHwgXCJUQUdfUE9MSUNZXCJcbiAgfCBcIkJBQ0tVUF9QT0xJQ1lcIlxuICB8IFwiQUlTRVJWSUNFU19PUFRfT1VUX1BPTElDWVwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIE9yZ2FuaXNhdGlvblBvbGljeVByb3BzIHtcbiAgbmFtZTogc3RyaW5nO1xuICBwb2xpY3lUeXBlOiBPcmdhbmlzYXRpb25Qb2xpY3lUeXBlO1xuICBjb250ZW50OiBzdHJpbmcgfCBSZWNvcmQ8c3RyaW5nLCB1bmtub3duPjtcbiAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gIHRhcmdldElkcz86IHN0cmluZ1tdO1xufVxuXG5leHBvcnQgY2xhc3MgT3JnYW5pc2F0aW9uUG9saWN5IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHBvbGljeUlkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IE9yZ2FuaXNhdGlvblBvbGljeVByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGxldCBjb250ZW50OiBSZWNvcmQ8c3RyaW5nLCB1bmtub3duPjtcbiAgICBpZiAodHlwZW9mIHByb3BzLmNvbnRlbnQgPT09IFwic3RyaW5nXCIpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGNvbnRlbnQgPSBKU09OLnBhcnNlKHByb3BzLmNvbnRlbnQpIGFzIFJlY29yZDxzdHJpbmcsIHVua25vd24+O1xuICAgICAgfSBjYXRjaCB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICBgSW52YWxpZCBKU09OIGluIG9yZ2FuaXNhdGlvbiBwb2xpY3kgXCIke3Byb3BzLm5hbWV9XCI6ICR7cHJvcHMuY29udGVudC5zbGljZSgwLCAxMDApfWBcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9IGVsc2Uge1xuICAgICAgY29udGVudCA9IHByb3BzLmNvbnRlbnQ7XG4gICAgfVxuXG4gICAgY29uc3QgcG9saWN5ID0gbmV3IENmblBvbGljeSh0aGlzLCBcIlBvbGljeVwiLCB7XG4gICAgICBuYW1lOiBwcm9wcy5uYW1lLFxuICAgICAgdHlwZTogcHJvcHMucG9saWN5VHlwZSxcbiAgICAgIGNvbnRlbnQsXG4gICAgICBkZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICB0YXJnZXRJZHM6IHByb3BzLnRhcmdldElkc1xuICAgIH0pO1xuXG4gICAgdGhpcy5wb2xpY3lJZCA9IHBvbGljeS5hdHRySWQ7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Organisational Unit management is handled by the CLI pre-deploy step
|
|
4
3
|
* (AwsAccountService.ensureOrganisationalUnitsExist).
|
|
5
4
|
*
|
|
6
5
|
* This module is retained only for type re-exports from the index barrel.
|
|
7
6
|
*/
|
|
8
|
-
|
|
9
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uYWxVbml0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvb3JnYW5pc2F0aW9uL29yZ2FuaXNhdGlvbmFsVW5pdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7O0dBS0ciLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIE9yZ2FuaXNhdGlvbmFsIFVuaXQgbWFuYWdlbWVudCBpcyBoYW5kbGVkIGJ5IHRoZSBDTEkgcHJlLWRlcGxveSBzdGVwXG4gKiAoQXdzQWNjb3VudFNlcnZpY2UuZW5zdXJlT3JnYW5pc2F0aW9uYWxVbml0c0V4aXN0KS5cbiAqXG4gKiBUaGlzIG1vZHVsZSBpcyByZXRhaW5lZCBvbmx5IGZvciB0eXBlIHJlLWV4cG9ydHMgZnJvbSB0aGUgaW5kZXggYmFycmVsLlxuICovXG5cbmV4cG9ydCBpbnRlcmZhY2UgT3JnYW5pc2F0aW9uYWxVbml0UHJvcHMge1xuICBuYW1lOiBzdHJpbmc7XG4gIHBhcmVudElkOiBzdHJpbmc7XG59XG4iXX0=
|
|
7
|
+
export {};
|
|
@@ -1,13 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.Alias = void 0;
|
|
4
|
-
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
-
class Alias extends aws_cdk_lib_1.aws_kms.Alias {
|
|
1
|
+
import { aws_kms as kms } from "aws-cdk-lib";
|
|
2
|
+
export class Alias extends kms.Alias {
|
|
6
3
|
constructor(scope, id, props) {
|
|
7
4
|
super(scope, id, {
|
|
8
5
|
...props
|
|
9
6
|
});
|
|
10
7
|
}
|
|
11
8
|
}
|
|
12
|
-
exports.Alias = Alias;
|
|
13
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWxpYXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9zZWNyZXRzL2FsaWFzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLDZDQUE2QztBQUU3QyxNQUFhLEtBQU0sU0FBUSxxQkFBRyxDQUFDLEtBQUs7SUFDbEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFxQjtRQUM3RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQU5ELHNCQU1DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgdHlwZSBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgYXdzX2ttcyBhcyBrbXMgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcblxuZXhwb3J0IGNsYXNzIEFsaWFzIGV4dGVuZHMga21zLkFsaWFzIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IGttcy5BbGlhc1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICAuLi5wcm9wc1xuICAgIH0pO1xuICB9XG59XG4iXX0=
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export * from "./alias";
|
|
2
|
-
export * from "./kms";
|
|
3
|
-
export * from "./parameter";
|
|
4
|
-
export * from "./secret";
|
|
1
|
+
export * from "./alias.js";
|
|
2
|
+
export * from "./kms.js";
|
|
3
|
+
export * from "./parameter.js";
|
|
4
|
+
export * from "./secret.js";
|
|
@@ -1,21 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./alias"), exports);
|
|
18
|
-
__exportStar(require("./kms"), exports);
|
|
19
|
-
__exportStar(require("./parameter"), exports);
|
|
20
|
-
__exportStar(require("./secret"), exports);
|
|
21
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9zZWNyZXRzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwwQ0FBd0I7QUFDeEIsd0NBQXNCO0FBQ3RCLDhDQUE0QjtBQUM1QiwyQ0FBeUIiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgKiBmcm9tIFwiLi9hbGlhc1wiO1xuZXhwb3J0ICogZnJvbSBcIi4va21zXCI7XG5leHBvcnQgKiBmcm9tIFwiLi9wYXJhbWV0ZXJcIjtcbmV4cG9ydCAqIGZyb20gXCIuL3NlY3JldFwiO1xuIl19
|
|
1
|
+
export * from "./alias.js";
|
|
2
|
+
export * from "./kms.js";
|
|
3
|
+
export * from "./parameter.js";
|
|
4
|
+
export * from "./secret.js";
|
|
@@ -1,37 +1,34 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
class CustomerManagedKey extends constructs_1.Construct {
|
|
1
|
+
import { CfnOutput, Duration, RemovalPolicy } from "aws-cdk-lib";
|
|
2
|
+
import { Alias, Key } from "aws-cdk-lib/aws-kms";
|
|
3
|
+
import { Construct } from "constructs";
|
|
4
|
+
import { toPascalCase } from "../../../utils/capitaliseString.js";
|
|
5
|
+
export class CustomerManagedKey extends Construct {
|
|
6
|
+
key;
|
|
7
|
+
alias;
|
|
9
8
|
constructor(scope, id, props) {
|
|
10
9
|
super(scope, id);
|
|
11
10
|
// Sanitise id for CloudFormation output keys (must be alphanumeric)
|
|
12
|
-
const outputName =
|
|
13
|
-
this.key = new
|
|
11
|
+
const outputName = toPascalCase(id);
|
|
12
|
+
this.key = new Key(this, `${id}Key`, {
|
|
14
13
|
description: props.description || `${id} KMS Key`,
|
|
15
|
-
removalPolicy: props.removalPolicy ??
|
|
16
|
-
pendingWindow: props.removalPolicy ===
|
|
17
|
-
?
|
|
14
|
+
removalPolicy: props.removalPolicy ?? RemovalPolicy.RETAIN,
|
|
15
|
+
pendingWindow: props.removalPolicy === RemovalPolicy.DESTROY
|
|
16
|
+
? Duration.days(14)
|
|
18
17
|
: undefined
|
|
19
18
|
});
|
|
20
|
-
new
|
|
19
|
+
new CfnOutput(this, `${outputName}KeyArn`, {
|
|
21
20
|
key: `${outputName}Arn`,
|
|
22
21
|
value: this.key.keyArn,
|
|
23
22
|
exportName: `${outputName}KeyArn`
|
|
24
23
|
});
|
|
25
|
-
this.alias = new
|
|
24
|
+
this.alias = new Alias(this, `${id}KeyAlias`, {
|
|
26
25
|
aliasName: props.aliasName || `cmk/${id}`,
|
|
27
26
|
targetKey: this.key
|
|
28
27
|
});
|
|
29
|
-
new
|
|
28
|
+
new CfnOutput(this, `${outputName}KeyAliasArn`, {
|
|
30
29
|
key: `${outputName}AliasArn`,
|
|
31
30
|
value: this.alias.aliasArn,
|
|
32
31
|
exportName: `${outputName}KeyAliasArn`
|
|
33
32
|
});
|
|
34
33
|
}
|
|
35
34
|
}
|
|
36
|
-
exports.CustomerManagedKey = CustomerManagedKey;
|
|
37
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia21zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc2VjcmV0cy9rbXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQWlFO0FBQ2pFLGlEQUFpRDtBQUNqRCwyQ0FBdUM7QUFDdkMsc0VBQStEO0FBb0IvRCxNQUFhLGtCQUFtQixTQUFRLHNCQUFTO0lBSS9DLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBOEI7UUFDdEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixvRUFBb0U7UUFDcEUsTUFBTSxVQUFVLEdBQUcsSUFBQSwrQkFBWSxFQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRXBDLElBQUksQ0FBQyxHQUFHLEdBQUcsSUFBSSxhQUFHLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUU7WUFDbkMsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksR0FBRyxFQUFFLFVBQVU7WUFDakQsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhLElBQUksMkJBQWEsQ0FBQyxNQUFNO1lBQzFELGFBQWEsRUFDWCxLQUFLLENBQUMsYUFBYSxLQUFLLDJCQUFhLENBQUMsT0FBTztnQkFDM0MsQ0FBQyxDQUFDLHNCQUFRLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDbkIsQ0FBQyxDQUFDLFNBQVM7U0FDaEIsQ0FBQyxDQUFDO1FBQ0gsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLFVBQVUsUUFBUSxFQUFFO1lBQ3pDLEdBQUcsRUFBRSxHQUFHLFVBQVUsS0FBSztZQUN2QixLQUFLLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNO1lBQ3RCLFVBQVUsRUFBRSxHQUFHLFVBQVUsUUFBUTtTQUNsQyxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsS0FBSyxHQUFHLElBQUksZUFBSyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsVUFBVSxFQUFFO1lBQzVDLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLE9BQU8sRUFBRSxFQUFFO1lBQ3pDLFNBQVMsRUFBRSxJQUFJLENBQUMsR0FBRztTQUNwQixDQUFDLENBQUM7UUFDSCxJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLEdBQUcsVUFBVSxhQUFhLEVBQUU7WUFDOUMsR0FBRyxFQUFFLEdBQUcsVUFBVSxVQUFVO1lBQzVCLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVE7WUFDMUIsVUFBVSxFQUFFLEdBQUcsVUFBVSxhQUFhO1NBQ3ZDLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQWxDRCxnREFrQ0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZm5PdXRwdXQsIER1cmF0aW9uLCBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBBbGlhcywgS2V5IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyB0b1Bhc2NhbENhc2UgfSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvY2FwaXRhbGlzZVN0cmluZ1wiO1xuXG5pbnRlcmZhY2UgQ3VzdG9tZXJNYW5hZ2VkS2V5UHJvcHMge1xuICBkZXNjcmlwdGlvbj86IHN0cmluZztcbiAgYWxpYXNOYW1lPzogc3RyaW5nO1xuICAvKipcbiAgICogUmVtb3ZhbCBwb2xpY3kgZm9yIHRoZSBLTVMga2V5LlxuICAgKlxuICAgKiBJTVBPUlRBTlQ6IEtNUyBrZXlzIGNhbm5vdCBiZSBpbW1lZGlhdGVseSBkZWxldGVkLiBXaGVuIFJlbW92YWxQb2xpY3kuREVTVFJPWVxuICAgKiBpcyB1c2VkLCB0aGUga2V5IHdpbGwgYmUgc2NoZWR1bGVkIGZvciBkZWxldGlvbiB3aXRoIGEgNy1kYXkgd2FpdGluZyBwZXJpb2RcbiAgICogKEFXUyBtaW5pbXVtKS4gRHVyaW5nIHRoaXMgcGVyaW9kLCB0aGUga2V5IGlzIGRpc2FibGVkIGJ1dCBjYW4gYmUgcmVjb3ZlcmVkLlxuICAgKlxuICAgKiBGb3IgcHJvZHVjdGlvbiB3b3JrbG9hZHMsIGFsd2F5cyB1c2UgUkVUQUlOIChkZWZhdWx0KSB0byBwcmV2ZW50IGFjY2lkZW50YWxcbiAgICogZGF0YSBsb3NzIC0gZGVsZXRpbmcgYSBLTVMga2V5IG1ha2VzIGFsbCBlbmNyeXB0ZWQgZGF0YSBwZXJtYW5lbnRseSB1bnJlY292ZXJhYmxlLlxuICAgKlxuICAgKiBAZGVmYXVsdCBSZW1vdmFsUG9saWN5LlJFVEFJTlxuICAgKi9cbiAgcmVtb3ZhbFBvbGljeT86IFJlbW92YWxQb2xpY3k7XG59XG5cbmV4cG9ydCBjbGFzcyBDdXN0b21lck1hbmFnZWRLZXkgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkga2V5OiBLZXk7XG4gIHB1YmxpYyByZWFkb25seSBhbGlhczogQWxpYXM7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEN1c3RvbWVyTWFuYWdlZEtleVByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIC8vIFNhbml0aXNlIGlkIGZvciBDbG91ZEZvcm1hdGlvbiBvdXRwdXQga2V5cyAobXVzdCBiZSBhbHBoYW51bWVyaWMpXG4gICAgY29uc3Qgb3V0cHV0TmFtZSA9IHRvUGFzY2FsQ2FzZShpZCk7XG5cbiAgICB0aGlzLmtleSA9IG5ldyBLZXkodGhpcywgYCR7aWR9S2V5YCwge1xuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGAke2lkfSBLTVMgS2V5YCxcbiAgICAgIHJlbW92YWxQb2xpY3k6IHByb3BzLnJlbW92YWxQb2xpY3kgPz8gUmVtb3ZhbFBvbGljeS5SRVRBSU4sXG4gICAgICBwZW5kaW5nV2luZG93OlxuICAgICAgICBwcm9wcy5yZW1vdmFsUG9saWN5ID09PSBSZW1vdmFsUG9saWN5LkRFU1RST1lcbiAgICAgICAgICA/IER1cmF0aW9uLmRheXMoMTQpXG4gICAgICAgICAgOiB1bmRlZmluZWRcbiAgICB9KTtcbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke291dHB1dE5hbWV9S2V5QXJuYCwge1xuICAgICAga2V5OiBgJHtvdXRwdXROYW1lfUFybmAsXG4gICAgICB2YWx1ZTogdGhpcy5rZXkua2V5QXJuLFxuICAgICAgZXhwb3J0TmFtZTogYCR7b3V0cHV0TmFtZX1LZXlBcm5gXG4gICAgfSk7XG5cbiAgICB0aGlzLmFsaWFzID0gbmV3IEFsaWFzKHRoaXMsIGAke2lkfUtleUFsaWFzYCwge1xuICAgICAgYWxpYXNOYW1lOiBwcm9wcy5hbGlhc05hbWUgfHwgYGNtay8ke2lkfWAsXG4gICAgICB0YXJnZXRLZXk6IHRoaXMua2V5XG4gICAgfSk7XG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtvdXRwdXROYW1lfUtleUFsaWFzQXJuYCwge1xuICAgICAga2V5OiBgJHtvdXRwdXROYW1lfUFsaWFzQXJuYCxcbiAgICAgIHZhbHVlOiB0aGlzLmFsaWFzLmFsaWFzQXJuLFxuICAgICAgZXhwb3J0TmFtZTogYCR7b3V0cHV0TmFtZX1LZXlBbGlhc0FybmBcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { aws_ssm as ssm } from "aws-cdk-lib";
|
|
2
2
|
import { Construct } from "constructs";
|
|
3
|
-
import { type KeyValue } from "../../../types";
|
|
4
|
-
import { CustomerManagedKey } from "
|
|
5
|
-
import { AwsCustomResource } from "../utilities/awsCustomResource";
|
|
3
|
+
import { type KeyValue } from "../../../types.js";
|
|
4
|
+
import { CustomerManagedKey } from ".//index.js";
|
|
5
|
+
import { AwsCustomResource } from "../utilities/awsCustomResource.js";
|
|
6
6
|
export declare class StringParameter extends ssm.StringParameter {
|
|
7
7
|
constructor(scope: Construct, id: string, props: ssm.StringParameterProps);
|
|
8
8
|
}
|
|
@@ -1,23 +1,22 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
const _1 = require("./");
|
|
9
|
-
const awsCustomResource_1 = require("../utilities/awsCustomResource");
|
|
10
|
-
class StringParameter extends aws_cdk_lib_1.aws_ssm.StringParameter {
|
|
1
|
+
import { aws_ssm as ssm } from "aws-cdk-lib";
|
|
2
|
+
import { PolicyStatement } from "aws-cdk-lib/aws-iam";
|
|
3
|
+
import { AwsCustomResourcePolicy, PhysicalResourceId } from "aws-cdk-lib/custom-resources";
|
|
4
|
+
import { Construct } from "constructs";
|
|
5
|
+
import { CustomerManagedKey } from ".//index.js";
|
|
6
|
+
import { AwsCustomResource } from "../utilities/awsCustomResource.js";
|
|
7
|
+
export class StringParameter extends ssm.StringParameter {
|
|
11
8
|
constructor(scope, id, props) {
|
|
12
9
|
super(scope, id, {
|
|
13
10
|
...props,
|
|
14
11
|
description: props.description || `${id} SSM Parameter`,
|
|
15
|
-
tier:
|
|
12
|
+
tier: ssm.ParameterTier.INTELLIGENT_TIERING
|
|
16
13
|
});
|
|
17
14
|
}
|
|
18
15
|
}
|
|
19
|
-
|
|
20
|
-
|
|
16
|
+
export class SecureStringParameter extends Construct {
|
|
17
|
+
cmk;
|
|
18
|
+
name;
|
|
19
|
+
parameter;
|
|
21
20
|
constructor(scope, id, props) {
|
|
22
21
|
super(scope, id);
|
|
23
22
|
this.name = props.name;
|
|
@@ -25,12 +24,12 @@ class SecureStringParameter extends constructs_1.Construct {
|
|
|
25
24
|
this.cmk = props.cmk;
|
|
26
25
|
}
|
|
27
26
|
else {
|
|
28
|
-
this.cmk = new
|
|
27
|
+
this.cmk = new CustomerManagedKey(this, `${id}Key`, {
|
|
29
28
|
description: props.description || `${id} KMS Key`,
|
|
30
29
|
aliasName: props.aliasName
|
|
31
30
|
});
|
|
32
31
|
}
|
|
33
|
-
this.parameter = new
|
|
32
|
+
this.parameter = new AwsCustomResource(this, `${id}SecureStringParameter`, {
|
|
34
33
|
resourceType: "Custom::SecureStringParameter",
|
|
35
34
|
onCreate: {
|
|
36
35
|
service: "@aws-sdk/client-ssm",
|
|
@@ -45,7 +44,7 @@ class SecureStringParameter extends constructs_1.Construct {
|
|
|
45
44
|
KeyId: this.cmk.alias.keyId
|
|
46
45
|
// TODO: Add tags to the parameter
|
|
47
46
|
},
|
|
48
|
-
physicalResourceId:
|
|
47
|
+
physicalResourceId: PhysicalResourceId.of("createSecureStringParameter")
|
|
49
48
|
},
|
|
50
49
|
onUpdate: {
|
|
51
50
|
service: "@aws-sdk/client-ssm",
|
|
@@ -61,7 +60,7 @@ class SecureStringParameter extends constructs_1.Construct {
|
|
|
61
60
|
KeyId: this.cmk.alias.keyId
|
|
62
61
|
// TODO: Add tags to the parameter
|
|
63
62
|
},
|
|
64
|
-
physicalResourceId:
|
|
63
|
+
physicalResourceId: PhysicalResourceId.of("updateSecureStringParameter")
|
|
65
64
|
},
|
|
66
65
|
onDelete: {
|
|
67
66
|
service: "@aws-sdk/client-ssm",
|
|
@@ -70,14 +69,14 @@ class SecureStringParameter extends constructs_1.Construct {
|
|
|
70
69
|
Name: props.name
|
|
71
70
|
}
|
|
72
71
|
},
|
|
73
|
-
policy:
|
|
74
|
-
new
|
|
72
|
+
policy: AwsCustomResourcePolicy.fromStatements([
|
|
73
|
+
new PolicyStatement({
|
|
75
74
|
actions: ["kms:Encrypt"],
|
|
76
75
|
resources: [
|
|
77
76
|
`arn:aws:kms:${props.region}:${props.accountId}:key/${this.cmk.key.keyId}`
|
|
78
77
|
]
|
|
79
78
|
}),
|
|
80
|
-
new
|
|
79
|
+
new PolicyStatement({
|
|
81
80
|
actions: [
|
|
82
81
|
"ssm:DeleteParameter",
|
|
83
82
|
"ssm:PutParameter",
|
|
@@ -96,5 +95,3 @@ class SecureStringParameter extends constructs_1.Construct {
|
|
|
96
95
|
}
|
|
97
96
|
}
|
|
98
97
|
}
|
|
99
|
-
exports.SecureStringParameter = SecureStringParameter;
|
|
100
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFyYW1ldGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc2VjcmV0cy9wYXJhbWV0ZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQTZDO0FBQzdDLGlEQUFzRDtBQUN0RCxtRUFHc0M7QUFDdEMsMkNBQXVDO0FBRXZDLHlCQUF3QztBQUN4QyxzRUFBbUU7QUFFbkUsTUFBYSxlQUFnQixTQUFRLHFCQUFHLENBQUMsZUFBZTtJQUN0RCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQStCO1FBQ3ZFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsR0FBRyxLQUFLO1lBQ1IsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksR0FBRyxFQUFFLGdCQUFnQjtZQUN2RCxJQUFJLEVBQUUscUJBQUcsQ0FBQyxhQUFhLENBQUMsbUJBQW1CO1NBQzVDLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQVJELDBDQVFDO0FBY0QsTUFBYSxxQkFBc0IsU0FBUSxzQkFBUztJQUtsRCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWlDO1FBQ3pFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLElBQUksR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDO1FBRXZCLElBQUksS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ2QsSUFBSSxDQUFDLEdBQUcsR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDO1FBQ3ZCLENBQUM7YUFBTSxDQUFDO1lBQ04sSUFBSSxDQUFDLEdBQUcsR0FBRyxJQUFJLHFCQUFrQixDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsS0FBSyxFQUFFO2dCQUNsRCxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVcsSUFBSSxHQUFHLEVBQUUsVUFBVTtnQkFDakQsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO2FBQzNCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFFRCxJQUFJLENBQUMsU0FBUyxHQUFHLElBQUkscUNBQWlCLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSx1QkFBdUIsRUFBRTtZQUN6RSxZQUFZLEVBQUUsK0JBQStCO1lBQzdDLFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUscUJBQXFCO2dCQUM5QixNQUFNLEVBQUUsY0FBYztnQkFDdEIsVUFBVSxFQUFFO29CQUNWLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtvQkFDaEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksR0FBRyxFQUFFLG1CQUFtQjtvQkFDMUQsS0FBSyxFQUNILEtBQUssQ0FBQyxLQUFLO3dCQUNYLE9BQU8sQ0FBQyxHQUFHLENBQUMscUJBQXFCLEVBQUUsRUFBRSxDQUFDO3dCQUN0QyxrQkFBa0I7b0JBQ3BCLElBQUksRUFBRSxjQUFjO29CQUNwQixLQUFLLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSztvQkFDM0Isa0NBQWtDO2lCQUNuQztnQkFDRCxrQkFBa0IsRUFBRSxxQ0FBa0IsQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUM7YUFDekU7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLHFCQUFxQjtnQkFDOUIsTUFBTSxFQUFFLGNBQWM7Z0JBQ3RCLFVBQVUsRUFBRTtvQkFDVixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7b0JBQ2hCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVyxJQUFJLEdBQUcsRUFBRSxtQkFBbUI7b0JBQzFELEtBQUssRUFDSCxLQUFLLENBQUMsS0FBSzt3QkFDWCxPQUFPLENBQUMsR0FBRyxDQUFDLHFCQUFxQixFQUFFLEVBQUUsQ0FBQzt3QkFDdEMsa0JBQWtCO29CQUNwQixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7b0JBQzFCLElBQUksRUFBRSxjQUFjO29CQUNwQixLQUFLLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSztvQkFDM0Isa0NBQWtDO2lCQUNuQztnQkFDRCxrQkFBa0IsRUFBRSxxQ0FBa0IsQ0FBQyxFQUFFLENBQUMsNkJBQTZCLENBQUM7YUFDekU7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLHFCQUFxQjtnQkFDOUIsTUFBTSxFQUFFLGlCQUFpQjtnQkFDekIsVUFBVSxFQUFFO29CQUNWLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtpQkFDakI7YUFDRjtZQUNELE1BQU0sRUFBRSwwQ0FBdUIsQ0FBQyxjQUFjLENBQUM7Z0JBQzdDLElBQUkseUJBQWUsQ0FBQztvQkFDbEIsT0FBTyxFQUFFLENBQUMsYUFBYSxDQUFDO29CQUN4QixTQUFTLEVBQUU7d0JBQ1QsZUFBZSxLQUFLLENBQUMsTUFBTSxJQUFJLEtBQUssQ0FBQyxTQUFTLFFBQVEsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsS0FBSyxFQUFFO3FCQUMzRTtpQkFDRixDQUFDO2dCQUNGLElBQUkseUJBQWUsQ0FBQztvQkFDbEIsT0FBTyxFQUFFO3dCQUNQLHFCQUFxQjt3QkFDckIsa0JBQWtCO3dCQUNsQix1QkFBdUI7d0JBQ3ZCLDRCQUE0Qjt3QkFDNUIseUJBQXlCO3FCQUMxQjtvQkFDRCxTQUFTLEVBQUU7d0JBQ1QsZUFBZSxLQUFLLENBQUMsTUFBTSxJQUFJLEtBQUssQ0FBQyxTQUFTLGFBQWEsS0FBSyxDQUFDLElBQUksRUFBRTtxQkFDeEU7aUJBQ0YsQ0FBQzthQUNILENBQUM7U0FDSCxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ2YsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM5QyxDQUFDO0lBQ0gsQ0FBQztDQUNGO0FBdkZELHNEQXVGQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IGF3c19zc20gYXMgc3NtIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBQb2xpY3lTdGF0ZW1lbnQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuaW1wb3J0IHtcbiAgQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3ksXG4gIFBoeXNpY2FsUmVzb3VyY2VJZFxufSBmcm9tIFwiYXdzLWNkay1saWIvY3VzdG9tLXJlc291cmNlc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IHR5cGUgS2V5VmFsdWUgfSBmcm9tIFwiLi4vLi4vLi4vdHlwZXNcIjtcbmltcG9ydCB7IEN1c3RvbWVyTWFuYWdlZEtleSB9IGZyb20gXCIuL1wiO1xuaW1wb3J0IHsgQXdzQ3VzdG9tUmVzb3VyY2UgfSBmcm9tIFwiLi4vdXRpbGl0aWVzL2F3c0N1c3RvbVJlc291cmNlXCI7XG5cbmV4cG9ydCBjbGFzcyBTdHJpbmdQYXJhbWV0ZXIgZXh0ZW5kcyBzc20uU3RyaW5nUGFyYW1ldGVyIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IHNzbS5TdHJpbmdQYXJhbWV0ZXJQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgICBkZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24gfHwgYCR7aWR9IFNTTSBQYXJhbWV0ZXJgLFxuICAgICAgdGllcjogc3NtLlBhcmFtZXRlclRpZXIuSU5URUxMSUdFTlRfVElFUklOR1xuICAgIH0pO1xuICB9XG59XG5cbmludGVyZmFjZSBTZWN1cmVTdHJpbmdQYXJhbWV0ZXJQcm9wcyB7XG4gIGFjY291bnRJZDogc3RyaW5nO1xuICBhbGlhc05hbWU/OiBzdHJpbmc7XG4gIGRlc2NyaXB0aW9uPzogc3RyaW5nO1xuICBuYW1lOiBzdHJpbmc7XG4gIG92ZXJ3cml0ZT86IGJvb2xlYW47XG4gIHJlZ2lvbjogc3RyaW5nO1xuICB0YWdzOiBLZXlWYWx1ZTtcbiAgdmFsdWU/OiBzdHJpbmc7XG4gIGNtaz86IEN1c3RvbWVyTWFuYWdlZEtleTtcbn1cblxuZXhwb3J0IGNsYXNzIFNlY3VyZVN0cmluZ1BhcmFtZXRlciBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBjbWs6IEN1c3RvbWVyTWFuYWdlZEtleTtcbiAgcHVibGljIHJlYWRvbmx5IG5hbWU6IHN0cmluZztcbiAgcHVibGljIHJlYWRvbmx5IHBhcmFtZXRlcjogQXdzQ3VzdG9tUmVzb3VyY2U7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFNlY3VyZVN0cmluZ1BhcmFtZXRlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMubmFtZSA9IHByb3BzLm5hbWU7XG5cbiAgICBpZiAocHJvcHMuY21rKSB7XG4gICAgICB0aGlzLmNtayA9IHByb3BzLmNtaztcbiAgICB9IGVsc2Uge1xuICAgICAgdGhpcy5jbWsgPSBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KHRoaXMsIGAke2lkfUtleWAsIHtcbiAgICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGAke2lkfSBLTVMgS2V5YCxcbiAgICAgICAgYWxpYXNOYW1lOiBwcm9wcy5hbGlhc05hbWVcbiAgICAgIH0pO1xuICAgIH1cblxuICAgIHRoaXMucGFyYW1ldGVyID0gbmV3IEF3c0N1c3RvbVJlc291cmNlKHRoaXMsIGAke2lkfVNlY3VyZVN0cmluZ1BhcmFtZXRlcmAsIHtcbiAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OlNlY3VyZVN0cmluZ1BhcmFtZXRlclwiLFxuICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgc2VydmljZTogXCJAYXdzLXNkay9jbGllbnQtc3NtXCIsXG4gICAgICAgIGFjdGlvbjogXCJQdXRQYXJhbWV0ZXJcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIE5hbWU6IHByb3BzLm5hbWUsXG4gICAgICAgICAgRGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGAke2lkfSBzZWN1cmUgcGFyYW1ldGVyYCxcbiAgICAgICAgICBWYWx1ZTpcbiAgICAgICAgICAgIHByb3BzLnZhbHVlIHx8XG4gICAgICAgICAgICBwcm9jZXNzLmVudltgQ0RLX1NFQ1VSRV9TVFJJTkdfJHtpZH1gXSB8fFxuICAgICAgICAgICAgXCJwbGFjZWhvbGRlclZhbHVlXCIsXG4gICAgICAgICAgVHlwZTogXCJTZWN1cmVTdHJpbmdcIixcbiAgICAgICAgICBLZXlJZDogdGhpcy5jbWsuYWxpYXMua2V5SWRcbiAgICAgICAgICAvLyBUT0RPOiBBZGQgdGFncyB0byB0aGUgcGFyYW1ldGVyXG4gICAgICAgIH0sXG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogUGh5c2ljYWxSZXNvdXJjZUlkLm9mKFwiY3JlYXRlU2VjdXJlU3RyaW5nUGFyYW1ldGVyXCIpXG4gICAgICB9LFxuICAgICAgb25VcGRhdGU6IHtcbiAgICAgICAgc2VydmljZTogXCJAYXdzLXNkay9jbGllbnQtc3NtXCIsXG4gICAgICAgIGFjdGlvbjogXCJQdXRQYXJhbWV0ZXJcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIE5hbWU6IHByb3BzLm5hbWUsXG4gICAgICAgICAgRGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGAke2lkfSBzZWN1cmUgcGFyYW1ldGVyYCxcbiAgICAgICAgICBWYWx1ZTpcbiAgICAgICAgICAgIHByb3BzLnZhbHVlIHx8XG4gICAgICAgICAgICBwcm9jZXNzLmVudltgQ0RLX1NFQ1VSRV9TVFJJTkdfJHtpZH1gXSB8fFxuICAgICAgICAgICAgXCJwbGFjZWhvbGRlclZhbHVlXCIsXG4gICAgICAgICAgT3ZlcndyaXRlOiBwcm9wcy5vdmVyd3JpdGUsXG4gICAgICAgICAgVHlwZTogXCJTZWN1cmVTdHJpbmdcIixcbiAgICAgICAgICBLZXlJZDogdGhpcy5jbWsuYWxpYXMua2V5SWRcbiAgICAgICAgICAvLyBUT0RPOiBBZGQgdGFncyB0byB0aGUgcGFyYW1ldGVyXG4gICAgICAgIH0sXG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogUGh5c2ljYWxSZXNvdXJjZUlkLm9mKFwidXBkYXRlU2VjdXJlU3RyaW5nUGFyYW1ldGVyXCIpXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJAYXdzLXNkay9jbGllbnQtc3NtXCIsXG4gICAgICAgIGFjdGlvbjogXCJEZWxldGVQYXJhbWV0ZXJcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIE5hbWU6IHByb3BzLm5hbWVcbiAgICAgICAgfVxuICAgICAgfSxcbiAgICAgIHBvbGljeTogQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVN0YXRlbWVudHMoW1xuICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXCJrbXM6RW5jcnlwdFwiXSxcbiAgICAgICAgICByZXNvdXJjZXM6IFtcbiAgICAgICAgICAgIGBhcm46YXdzOmttczoke3Byb3BzLnJlZ2lvbn06JHtwcm9wcy5hY2NvdW50SWR9OmtleS8ke3RoaXMuY21rLmtleS5rZXlJZH1gXG4gICAgICAgICAgXVxuICAgICAgICB9KSxcbiAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICAgXCJzc206RGVsZXRlUGFyYW1ldGVyXCIsXG4gICAgICAgICAgICBcInNzbTpQdXRQYXJhbWV0ZXJcIixcbiAgICAgICAgICAgIFwic3NtOkFkZFRhZ3NUb1Jlc291cmNlXCIsXG4gICAgICAgICAgICBcImxvZ3M6RGVsZXRlUmV0ZW50aW9uUG9saWN5XCIsXG4gICAgICAgICAgICBcImxvZ3M6UHV0UmV0ZW50aW9uUG9saWN5XCJcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogW1xuICAgICAgICAgICAgYGFybjphd3M6c3NtOiR7cHJvcHMucmVnaW9ufToke3Byb3BzLmFjY291bnRJZH06cGFyYW1ldGVyJHtwcm9wcy5uYW1lfWBcbiAgICAgICAgICBdXG4gICAgICAgIH0pXG4gICAgICBdKVxuICAgIH0pO1xuXG4gICAgaWYgKCFwcm9wcy5jbWspIHtcbiAgICAgIHRoaXMucGFyYW1ldGVyLm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLmNtayk7XG4gICAgfVxuICB9XG59XG4iXX0=
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { SecretValue } from "aws-cdk-lib";
|
|
2
2
|
import { type SecretStringGenerator, type ISecret } from "aws-cdk-lib/aws-secretsmanager";
|
|
3
3
|
import { Construct } from "constructs";
|
|
4
|
-
import { type StackBuilder } from "../base/awsStack";
|
|
5
|
-
import { CustomerManagedKey } from "./kms";
|
|
4
|
+
import { type StackBuilder } from "../base/awsStack.js";
|
|
5
|
+
import { CustomerManagedKey } from "./kms.js";
|
|
6
6
|
interface SecretProps {
|
|
7
7
|
secretName: string;
|
|
8
8
|
secretObjectValue?: {
|
|
@@ -1,23 +1,23 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
1
|
+
import { SecretValue } from "aws-cdk-lib";
|
|
2
|
+
import { Secret as CdkSecret } from "aws-cdk-lib/aws-secretsmanager";
|
|
3
|
+
import { Construct } from "constructs";
|
|
4
|
+
import { CustomerManagedKey } from "./kms.js";
|
|
5
|
+
export class Secret extends Construct {
|
|
6
|
+
id;
|
|
7
|
+
secret;
|
|
8
|
+
secretsCustomerManagedKey;
|
|
9
9
|
constructor(scope, id, props) {
|
|
10
10
|
super(scope, id);
|
|
11
11
|
this.id = id;
|
|
12
12
|
// If importExisting is true, reference an existing secret instead of creating new one
|
|
13
13
|
if (props.importExisting) {
|
|
14
14
|
// Import the existing secret (likely replicated from another region)
|
|
15
|
-
this.secret =
|
|
15
|
+
this.secret = CdkSecret.fromSecretNameV2(this, `${id}Secret`, props.secretName);
|
|
16
16
|
// No KMS key needed for imported secrets
|
|
17
17
|
return;
|
|
18
18
|
}
|
|
19
19
|
// Create KMS key for new secrets only
|
|
20
|
-
this.secretsCustomerManagedKey = new
|
|
20
|
+
this.secretsCustomerManagedKey = new CustomerManagedKey(this, `${id}CustomerManagedKey`, {
|
|
21
21
|
aliasName: `cmk/${id}`
|
|
22
22
|
});
|
|
23
23
|
/**
|
|
@@ -25,7 +25,7 @@ class Secret extends constructs_1.Construct {
|
|
|
25
25
|
*/
|
|
26
26
|
const secretStringValue = props.secretStringValue
|
|
27
27
|
? {
|
|
28
|
-
secretStringValue:
|
|
28
|
+
secretStringValue: SecretValue.unsafePlainText(props.secretStringValue || "")
|
|
29
29
|
}
|
|
30
30
|
: {};
|
|
31
31
|
/**
|
|
@@ -53,7 +53,7 @@ class Secret extends constructs_1.Construct {
|
|
|
53
53
|
...generateSecretString,
|
|
54
54
|
...replicaRegions
|
|
55
55
|
};
|
|
56
|
-
this.secret = new
|
|
56
|
+
this.secret = new CdkSecret(this, `${id}Secret`, secretOptions);
|
|
57
57
|
}
|
|
58
58
|
getImport(secretField) {
|
|
59
59
|
return {
|
|
@@ -71,5 +71,3 @@ class Secret extends constructs_1.Construct {
|
|
|
71
71
|
};
|
|
72
72
|
}
|
|
73
73
|
}
|
|
74
|
-
exports.Secret = Secret;
|
|
75
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjcmV0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc2VjcmV0cy9zZWNyZXQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQTBDO0FBQzFDLHVFQUl3QztBQUN4QywyQ0FBdUM7QUFFdkMsK0JBQTJDO0FBaUMzQyxNQUFhLE1BQU8sU0FBUSxzQkFBUztJQUtuQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWtCO1FBQzFELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUM7UUFFYixzRkFBc0Y7UUFDdEYsSUFBSSxLQUFLLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDekIscUVBQXFFO1lBQ3JFLElBQUksQ0FBQyxNQUFNLEdBQUcsMkJBQVMsQ0FBQyxnQkFBZ0IsQ0FDdEMsSUFBSSxFQUNKLEdBQUcsRUFBRSxRQUFRLEVBQ2IsS0FBSyxDQUFDLFVBQVUsQ0FDakIsQ0FBQztZQUNGLHlDQUF5QztZQUN6QyxPQUFPO1FBQ1QsQ0FBQztRQUVELHNDQUFzQztRQUN0QyxJQUFJLENBQUMseUJBQXlCLEdBQUcsSUFBSSx3QkFBa0IsQ0FDckQsSUFBSSxFQUNKLEdBQUcsRUFBRSxvQkFBb0IsRUFDekI7WUFDRSxTQUFTLEVBQUUsT0FBTyxFQUFFLEVBQUU7U0FDdkIsQ0FDRixDQUFDO1FBRUY7O1dBRUc7UUFDSCxNQUFNLGlCQUFpQixHQUFHLEtBQUssQ0FBQyxpQkFBaUI7WUFDL0MsQ0FBQyxDQUFDO2dCQUNFLGlCQUFpQixFQUFFLHlCQUFXLENBQUMsZUFBZSxDQUM1QyxLQUFLLENBQUMsaUJBQWlCLElBQUksRUFBRSxDQUM5QjthQUNGO1lBQ0gsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUVQOzs7V0FHRztRQUNILE1BQU0sb0JBQW9CLEdBQ3hCLENBQUMsS0FBSyxDQUFDLGlCQUFpQixJQUFJLEtBQUssQ0FBQyxvQkFBb0I7WUFDcEQsQ0FBQyxDQUFDLEVBQUUsb0JBQW9CLEVBQUUsS0FBSyxDQUFDLG9CQUFvQixFQUFFO1lBQ3RELENBQUMsQ0FBQyxFQUFFLENBQUM7UUFFVCx3REFBd0Q7UUFDeEQsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLGNBQWM7WUFDekMsQ0FBQyxDQUFDO2dCQUNFLGNBQWMsRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztvQkFDcEQsTUFBTTtpQkFDUCxDQUFDLENBQUM7YUFDSjtZQUNILENBQUMsQ0FBQyxFQUFFLENBQUM7UUFFUCwyQ0FBMkM7UUFDM0MsTUFBTSxhQUFhLEdBQUc7WUFDcEIsVUFBVSxFQUFFLEtBQUssQ0FBQyxVQUFVO1lBQzVCLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7WUFDMUMsYUFBYSxFQUFFLElBQUksQ0FBQyx5QkFBMEIsQ0FBQyxHQUFHO1lBQ2xELFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixHQUFHLGlCQUFpQjtZQUNwQixHQUFHLG9CQUFvQjtZQUN2QixHQUFHLGNBQWM7U0FDbEIsQ0FBQztRQUVGLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSwyQkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsUUFBUSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQ2xFLENBQUM7SUFFRCxTQUFTLENBQUMsV0FBb0I7UUFDNUIsT0FBTztZQUNMLEVBQUUsRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLFFBQVE7WUFDdEIsSUFBSSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVTtZQUM1QixLQUFLLEVBQUUsV0FBVztTQUNuQixDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQ1YsRUFBVSxFQUNWLEtBQWtCO1FBRWxCLE9BQU8sQ0FBQyxFQUFnQixFQUFFLEVBQUU7WUFDMUIsTUFBTSxRQUFRLEdBQWdCO2dCQUM1QixHQUFHLEtBQUs7YUFDVCxDQUFDO1lBQ0YsT0FBTyxJQUFJLElBQUksQ0FBQyxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQy9DLENBQUMsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQTdGRCx3QkE2RkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBTZWNyZXRWYWx1ZSB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHtcbiAgU2VjcmV0IGFzIENka1NlY3JldCxcbiAgdHlwZSBTZWNyZXRTdHJpbmdHZW5lcmF0b3IsXG4gIHR5cGUgSVNlY3JldFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgdHlwZSBTdGFja0J1aWxkZXIgfSBmcm9tIFwiLi4vYmFzZS9hd3NTdGFja1wiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5IH0gZnJvbSBcIi4va21zXCI7XG5cbmludGVyZmFjZSBTZWNyZXRQcm9wcyB7XG4gIHNlY3JldE5hbWU6IHN0cmluZztcbiAgc2VjcmV0T2JqZWN0VmFsdWU/OiB7XG4gICAgW2tleTogc3RyaW5nXTogU2VjcmV0VmFsdWU7XG4gIH07XG4gIHNlY3JldFN0cmluZ1ZhbHVlPzogc3RyaW5nO1xuICBkZXNjcmlwdGlvbj86IHN0cmluZztcbiAgYWxpYXNOYW1lPzogc3RyaW5nO1xuICBnZW5lcmF0ZVNlY3JldFN0cmluZz86IFNlY3JldFN0cmluZ0dlbmVyYXRvcjtcbiAgLyoqIFJlZ2lvbnMgd2hlcmUgdGhpcyBzZWNyZXQgc2hvdWxkIGJlIHJlcGxpY2F0ZWQgKGZvciBHbG9iYWwgQXVyb3JhKSAqL1xuICByZXBsaWNhUmVnaW9ucz86IHN0cmluZ1tdO1xuICAvKiogU2V0IHRvIHRydWUgdG8gaW1wb3J0IGFuIGV4aXN0aW5nIHNlY3JldCBpbnN0ZWFkIG9mIGNyZWF0aW5nIGEgbmV3IG9uZSAoZm9yIHJlcGxpY2F0ZWQgc2VjcmV0cykgKi9cbiAgaW1wb3J0RXhpc3Rpbmc/OiBib29sZWFuO1xufVxuXG5leHBvcnQgdHlwZSBTZWNyZXRJbXBvcnQgPSB7XG4gIC8qKlxuICAgKiBTZWNyZXQgSURcbiAgICovXG4gIGlkOiBzdHJpbmc7XG4gIC8qKlxuICAgKiBTZWNyZXQgbmFtZVxuICAgKi9cbiAgbmFtZTogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBPcHRpb25hbCAtIG1heSBiZSB1c2VkIHRvIGltcG9ydCBhIHNwZWNpZmljIGZpZWxkIGZyb20gdGhlIHNlY3JldFxuICAgKi9cbiAgZmllbGQ/OiBzdHJpbmc7XG59O1xuXG5leHBvcnQgY2xhc3MgU2VjcmV0IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIGlkOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSBzZWNyZXQ6IElTZWNyZXQ7XG4gIHB1YmxpYyByZWFkb25seSBzZWNyZXRzQ3VzdG9tZXJNYW5hZ2VkS2V5PzogQ3VzdG9tZXJNYW5hZ2VkS2V5O1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBTZWNyZXRQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICB0aGlzLmlkID0gaWQ7XG5cbiAgICAvLyBJZiBpbXBvcnRFeGlzdGluZyBpcyB0cnVlLCByZWZlcmVuY2UgYW4gZXhpc3Rpbmcgc2VjcmV0IGluc3RlYWQgb2YgY3JlYXRpbmcgbmV3IG9uZVxuICAgIGlmIChwcm9wcy5pbXBvcnRFeGlzdGluZykge1xuICAgICAgLy8gSW1wb3J0IHRoZSBleGlzdGluZyBzZWNyZXQgKGxpa2VseSByZXBsaWNhdGVkIGZyb20gYW5vdGhlciByZWdpb24pXG4gICAgICB0aGlzLnNlY3JldCA9IENka1NlY3JldC5mcm9tU2VjcmV0TmFtZVYyKFxuICAgICAgICB0aGlzLFxuICAgICAgICBgJHtpZH1TZWNyZXRgLFxuICAgICAgICBwcm9wcy5zZWNyZXROYW1lXG4gICAgICApO1xuICAgICAgLy8gTm8gS01TIGtleSBuZWVkZWQgZm9yIGltcG9ydGVkIHNlY3JldHNcbiAgICAgIHJldHVybjtcbiAgICB9XG5cbiAgICAvLyBDcmVhdGUgS01TIGtleSBmb3IgbmV3IHNlY3JldHMgb25seVxuICAgIHRoaXMuc2VjcmV0c0N1c3RvbWVyTWFuYWdlZEtleSA9IG5ldyBDdXN0b21lck1hbmFnZWRLZXkoXG4gICAgICB0aGlzLFxuICAgICAgYCR7aWR9Q3VzdG9tZXJNYW5hZ2VkS2V5YCxcbiAgICAgIHtcbiAgICAgICAgYWxpYXNOYW1lOiBgY21rLyR7aWR9YFxuICAgICAgfVxuICAgICk7XG5cbiAgICAvKipcbiAgICAgKiBJZiBhIHNlY3JldFN0cmluZ1ZhbHVlIGlzIHByb3ZpZGVkLCB1c2UgaXQgdG8gY3JlYXRlIHRoZSBzZWNyZXQuXG4gICAgICovXG4gICAgY29uc3Qgc2VjcmV0U3RyaW5nVmFsdWUgPSBwcm9wcy5zZWNyZXRTdHJpbmdWYWx1ZVxuICAgICAgPyB7XG4gICAgICAgICAgc2VjcmV0U3RyaW5nVmFsdWU6IFNlY3JldFZhbHVlLnVuc2FmZVBsYWluVGV4dChcbiAgICAgICAgICAgIHByb3BzLnNlY3JldFN0cmluZ1ZhbHVlIHx8IFwiXCJcbiAgICAgICAgICApXG4gICAgICAgIH1cbiAgICAgIDoge307XG5cbiAgICAvKipcbiAgICAgKiBJZiBhIGdlbmVyYXRlU2VjcmV0U3RyaW5nIGlzIHByb3ZpZGVkLCB1c2UgaXQgdG8gY3JlYXRlIHRoZSBzZWNyZXQuXG4gICAgICogSWYgYSBzZWNyZXRTdHJpbmdWYWx1ZSBpcyBwcm92aWRlZCwgaWdub3JlIHRoZSBnZW5lcmF0ZVNlY3JldFN0cmluZy5cbiAgICAgKi9cbiAgICBjb25zdCBnZW5lcmF0ZVNlY3JldFN0cmluZyA9XG4gICAgICAhcHJvcHMuc2VjcmV0U3RyaW5nVmFsdWUgJiYgcHJvcHMuZ2VuZXJhdGVTZWNyZXRTdHJpbmdcbiAgICAgICAgPyB7IGdlbmVyYXRlU2VjcmV0U3RyaW5nOiBwcm9wcy5nZW5lcmF0ZVNlY3JldFN0cmluZyB9XG4gICAgICAgIDoge307XG5cbiAgICAvLyBDb25maWd1cmUgc2VjcmV0IHJlcGxpY2F0aW9uIGlmIHJlZ2lvbnMgYXJlIHNwZWNpZmllZFxuICAgIGNvbnN0IHJlcGxpY2FSZWdpb25zID0gcHJvcHMucmVwbGljYVJlZ2lvbnNcbiAgICAgID8ge1xuICAgICAgICAgIHJlcGxpY2FSZWdpb25zOiBwcm9wcy5yZXBsaWNhUmVnaW9ucy5tYXAoKHJlZ2lvbikgPT4gKHtcbiAgICAgICAgICAgIHJlZ2lvblxuICAgICAgICAgIH0pKVxuICAgICAgICB9XG4gICAgICA6IHt9O1xuXG4gICAgLy8gQ29uc3RydWN0IHRoZSBiYXNlIG9wdGlvbnMgZm9yIENka1NlY3JldFxuICAgIGNvbnN0IHNlY3JldE9wdGlvbnMgPSB7XG4gICAgICBzZWNyZXROYW1lOiBwcm9wcy5zZWNyZXROYW1lLFxuICAgICAgc2VjcmV0T2JqZWN0VmFsdWU6IHByb3BzLnNlY3JldE9iamVjdFZhbHVlLFxuICAgICAgZW5jcnlwdGlvbktleTogdGhpcy5zZWNyZXRzQ3VzdG9tZXJNYW5hZ2VkS2V5IS5rZXksXG4gICAgICBkZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICAuLi5zZWNyZXRTdHJpbmdWYWx1ZSxcbiAgICAgIC4uLmdlbmVyYXRlU2VjcmV0U3RyaW5nLFxuICAgICAgLi4ucmVwbGljYVJlZ2lvbnNcbiAgICB9O1xuXG4gICAgdGhpcy5zZWNyZXQgPSBuZXcgQ2RrU2VjcmV0KHRoaXMsIGAke2lkfVNlY3JldGAsIHNlY3JldE9wdGlvbnMpO1xuICB9XG5cbiAgZ2V0SW1wb3J0KHNlY3JldEZpZWxkPzogc3RyaW5nKTogU2VjcmV0SW1wb3J0IHtcbiAgICByZXR1cm4ge1xuICAgICAgaWQ6IGAke3RoaXMuaWR9U2VjcmV0YCxcbiAgICAgIG5hbWU6IHRoaXMuc2VjcmV0LnNlY3JldE5hbWUsXG4gICAgICBmaWVsZDogc2VjcmV0RmllbGRcbiAgICB9O1xuICB9XG5cbiAgc3RhdGljIGJ1aWxkKFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM6IFNlY3JldFByb3BzXG4gICk6IChzYjogU3RhY2tCdWlsZGVyKSA9PiBDb25zdHJ1Y3Qge1xuICAgIHJldHVybiAoc2I6IFN0YWNrQnVpbGRlcikgPT4ge1xuICAgICAgY29uc3QgbmV3UHJvcHM6IFNlY3JldFByb3BzID0ge1xuICAgICAgICAuLi5wcm9wc1xuICAgICAgfTtcbiAgICAgIHJldHVybiBuZXcgdGhpcyhzYi5nZXRTdGFjaygpLCBpZCwgbmV3UHJvcHMpO1xuICAgIH07XG4gIH1cbn1cbiJdfQ==
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { type Construct } from "constructs";
|
|
2
2
|
import { Repository, type RepositoryProps } from "aws-cdk-lib/aws-ecr";
|
|
3
|
-
import type App from "../../../app";
|
|
4
|
-
import { type StackBuilder } from "../base/awsStack";
|
|
3
|
+
import type App from "../../../app.js";
|
|
4
|
+
import { type StackBuilder } from "../base/awsStack.js";
|
|
5
5
|
interface EcrProps {
|
|
6
6
|
repositoryName?: string;
|
|
7
7
|
}
|
|
@@ -1,9 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const aws_ecr_1 = require("aws-cdk-lib/aws-ecr");
|
|
5
|
-
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
6
|
-
class EcrFactory {
|
|
1
|
+
import { Repository, TagMutability } from "aws-cdk-lib/aws-ecr";
|
|
2
|
+
import { CfnOutput, RemovalPolicy } from "aws-cdk-lib";
|
|
3
|
+
export class EcrFactory {
|
|
7
4
|
static build(id, props) {
|
|
8
5
|
return (app, scope) => {
|
|
9
6
|
const ecrProps = props ?? {};
|
|
@@ -17,11 +14,10 @@ class EcrFactory {
|
|
|
17
14
|
};
|
|
18
15
|
}
|
|
19
16
|
}
|
|
20
|
-
|
|
21
|
-
class Ecr extends aws_ecr_1.Repository {
|
|
17
|
+
export class Ecr extends Repository {
|
|
22
18
|
constructor(scope, id, props) {
|
|
23
19
|
super(scope, id, Ecr.getRepositoryProps(props));
|
|
24
|
-
new
|
|
20
|
+
new CfnOutput(this, `${id}RepositoryName`, {
|
|
25
21
|
key: `${id}RepositoryName`,
|
|
26
22
|
value: this.repositoryName,
|
|
27
23
|
exportName: `${id}RepositoryName`
|
|
@@ -33,14 +29,12 @@ class Ecr extends aws_ecr_1.Repository {
|
|
|
33
29
|
return {
|
|
34
30
|
...(props?.repositoryName && { repositoryName: props.repositoryName }),
|
|
35
31
|
imageScanOnPush: true,
|
|
36
|
-
imageTagMutability:
|
|
32
|
+
imageTagMutability: TagMutability.MUTABLE,
|
|
37
33
|
emptyOnDelete: true,
|
|
38
|
-
removalPolicy:
|
|
34
|
+
removalPolicy: RemovalPolicy.DESTROY
|
|
39
35
|
};
|
|
40
36
|
}
|
|
41
37
|
static build(id, props) {
|
|
42
38
|
return (scope) => new Ecr(scope.getStack(), id, props);
|
|
43
39
|
}
|
|
44
40
|
}
|
|
45
|
-
exports.Ecr = Ecr;
|
|
46
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZWNyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvc3RvcmFnZS9lY3IudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsaURBSTZCO0FBQzdCLDZDQUF1RDtBQVV2RCxNQUFhLFVBQVU7SUFDckIsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFVLEVBQUUsS0FBZ0I7UUFDdkMsT0FBTyxDQUFDLEdBQVEsRUFBRSxLQUFnQixFQUFFLEVBQUU7WUFDcEMsTUFBTSxRQUFRLEdBQUcsS0FBSyxJQUFJLEVBQUUsQ0FBQztZQUM3QixNQUFNLEdBQUcsR0FBRyxJQUFJLEdBQUcsQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1lBRXpDLG9FQUFvRTtZQUNwRSxNQUFNLFdBQVcsR0FBZ0I7Z0JBQy9CLGNBQWMsRUFBRSxHQUFHLENBQUMsY0FBYzthQUNuQyxDQUFDO1lBQ0YsR0FBRyxDQUFDLG9CQUFvQixFQUFFLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1lBRS9DLE9BQU8sR0FBRyxDQUFDO1FBQ2IsQ0FBQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBZkQsZ0NBZUM7QUFFRCxNQUFhLEdBQUksU0FBUSxvQkFBVTtJQUNqQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWdCO1FBQ3hELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO1FBRWhELElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxFQUFFLGdCQUFnQixFQUFFO1lBQ3pDLEdBQUcsRUFBRSxHQUFHLEVBQUUsZ0JBQWdCO1lBQzFCLEtBQUssRUFBRSxJQUFJLENBQUMsY0FBYztZQUMxQixVQUFVLEVBQUUsR0FBRyxFQUFFLGdCQUFnQjtTQUNsQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsTUFBTSxDQUFDLGtCQUFrQixDQUFDLEtBQWdCO1FBQ3hDLHVCQUF1QjtRQUN2QixvRUFBb0U7UUFDcEUsT0FBTztZQUNMLEdBQUcsQ0FBQyxLQUFLLEVBQUUsY0FBYyxJQUFJLEVBQUUsY0FBYyxFQUFFLEtBQUssQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUN0RSxlQUFlLEVBQUUsSUFBSTtZQUNyQixrQkFBa0IsRUFBRSx1QkFBYSxDQUFDLE9BQU87WUFDekMsYUFBYSxFQUFFLElBQUk7WUFDbkIsYUFBYSxFQUFFLDJCQUFhLENBQUMsT0FBTztTQUNyQyxDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBVSxFQUFFLEtBQWdCO1FBQ3ZDLE9BQU8sQ0FBQyxLQUFtQixFQUFFLEVBQUUsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxLQUFLLENBQUMsUUFBUSxFQUFFLEVBQUUsRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQ3ZFLENBQUM7Q0FDRjtBQTFCRCxrQkEwQkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyB0eXBlIENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQge1xuICBSZXBvc2l0b3J5LFxuICB0eXBlIFJlcG9zaXRvcnlQcm9wcyxcbiAgVGFnTXV0YWJpbGl0eVxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjclwiO1xuaW1wb3J0IHsgQ2ZuT3V0cHV0LCBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5cbmltcG9ydCB0eXBlIEFwcCBmcm9tIFwiLi4vLi4vLi4vYXBwXCI7XG5pbXBvcnQgeyB0eXBlIFN0YWNrQnVpbGRlciB9IGZyb20gXCIuLi9iYXNlL2F3c1N0YWNrXCI7XG5pbXBvcnQgeyB0eXBlIE1hbmlmZXN0RWNyIH0gZnJvbSBcIi4uLy4uLy4uL3V0aWxzL21hbmlmZXN0V3JpdGVyLmpzXCI7XG5cbmludGVyZmFjZSBFY3JQcm9wcyB7XG4gIHJlcG9zaXRvcnlOYW1lPzogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgRWNyRmFjdG9yeSB7XG4gIHN0YXRpYyBidWlsZChpZDogc3RyaW5nLCBwcm9wcz86IEVjclByb3BzKSB7XG4gICAgcmV0dXJuIChhcHA6IEFwcCwgc2NvcGU6IENvbnN0cnVjdCkgPT4ge1xuICAgICAgY29uc3QgZWNyUHJvcHMgPSBwcm9wcyA/PyB7fTtcbiAgICAgIGNvbnN0IGVjciA9IG5ldyBFY3Ioc2NvcGUsIGlkLCBlY3JQcm9wcyk7XG5cbiAgICAgIC8vIFJlZ2lzdGVyIEVDUiByZXBvc2l0b3J5IHdpdGggbWFuaWZlc3QgY29sbGVjdG9yIGZvciBDTEkgZGlzY292ZXJ5XG4gICAgICBjb25zdCBtYW5pZmVzdEVjcjogTWFuaWZlc3RFY3IgPSB7XG4gICAgICAgIHJlcG9zaXRvcnlOYW1lOiBlY3IucmVwb3NpdG9yeU5hbWVcbiAgICAgIH07XG4gICAgICBhcHAuZ2V0TWFuaWZlc3RDb2xsZWN0b3IoKS5zZXRFY3IobWFuaWZlc3RFY3IpO1xuXG4gICAgICByZXR1cm4gZWNyO1xuICAgIH07XG4gIH1cbn1cblxuZXhwb3J0IGNsYXNzIEVjciBleHRlbmRzIFJlcG9zaXRvcnkge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IEVjclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBFY3IuZ2V0UmVwb3NpdG9yeVByb3BzKHByb3BzKSk7XG5cbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke2lkfVJlcG9zaXRvcnlOYW1lYCwge1xuICAgICAga2V5OiBgJHtpZH1SZXBvc2l0b3J5TmFtZWAsXG4gICAgICB2YWx1ZTogdGhpcy5yZXBvc2l0b3J5TmFtZSxcbiAgICAgIGV4cG9ydE5hbWU6IGAke2lkfVJlcG9zaXRvcnlOYW1lYFxuICAgIH0pO1xuICB9XG5cbiAgc3RhdGljIGdldFJlcG9zaXRvcnlQcm9wcyhwcm9wcz86IEVjclByb3BzKTogUmVwb3NpdG9yeVByb3BzIHtcbiAgICAvLyB0b2RvOiBsaWZlQ3ljbGVSdWxlc1xuICAgIC8vIHRvZG86IEVuY3J5cHRpb24gJiBFbmNyeXB0aW9uS2V5IChkZWZhdWx0IGlzIEFXUyBtYW5hZ2VkIEtNUyBrZXkpXG4gICAgcmV0dXJuIHtcbiAgICAgIC4uLihwcm9wcz8ucmVwb3NpdG9yeU5hbWUgJiYgeyByZXBvc2l0b3J5TmFtZTogcHJvcHMucmVwb3NpdG9yeU5hbWUgfSksXG4gICAgICBpbWFnZVNjYW5PblB1c2g6IHRydWUsXG4gICAgICBpbWFnZVRhZ011dGFiaWxpdHk6IFRhZ011dGFiaWxpdHkuTVVUQUJMRSxcbiAgICAgIGVtcHR5T25EZWxldGU6IHRydWUsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1lcbiAgICB9O1xuICB9XG5cbiAgc3RhdGljIGJ1aWxkKGlkOiBzdHJpbmcsIHByb3BzPzogRWNyUHJvcHMpOiAoc2NvcGU6IFN0YWNrQnVpbGRlcikgPT4gRWNyIHtcbiAgICByZXR1cm4gKHNjb3BlOiBTdGFja0J1aWxkZXIpID0+IG5ldyBFY3Ioc2NvcGUuZ2V0U3RhY2soKSwgaWQsIHByb3BzKTtcbiAgfVxufVxuIl19
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from "./s3";
|
|
2
|
-
export * from "./ecr";
|
|
1
|
+
export * from "./s3.js";
|
|
2
|
+
export * from "./ecr.js";
|
|
@@ -1,19 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./s3"), exports);
|
|
18
|
-
__exportStar(require("./ecr"), exports);
|
|
19
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9zdG9yYWdlL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1Q0FBcUI7QUFDckIsd0NBQXNCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSBcIi4vczNcIjtcbmV4cG9ydCAqIGZyb20gXCIuL2VjclwiO1xuIl19
|
|
1
|
+
export * from "./s3.js";
|
|
2
|
+
export * from "./ecr.js";
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { Bucket, type BucketProps } from "aws-cdk-lib/aws-s3";
|
|
2
2
|
import { type Construct } from "constructs";
|
|
3
|
-
import { type BackupTier } from "../../../utils/backupTierMapping";
|
|
3
|
+
import { type BackupTier } from "../../../utils/backupTierMapping.js";
|
|
4
4
|
export interface WebsiteHostingConfig {
|
|
5
5
|
readonly indexDocument: string;
|
|
6
6
|
readonly errorDocument?: string;
|
|
@@ -1,25 +1,24 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
-
const aws_s3_1 = require("aws-cdk-lib/aws-s3");
|
|
1
|
+
import { CfnOutput, Duration, RemovalPolicy } from "aws-cdk-lib";
|
|
2
|
+
import { BlockPublicAccess, Bucket } from "aws-cdk-lib/aws-s3";
|
|
3
|
+
import { toPascalCase } from "../../../utils/capitaliseString.js";
|
|
6
4
|
function shouldAutoVersion(tier) {
|
|
7
5
|
return tier === "resilient" || tier === "enterprise";
|
|
8
6
|
}
|
|
9
|
-
class S3Bucket extends
|
|
7
|
+
export class S3Bucket extends Bucket {
|
|
8
|
+
backupVaultTier;
|
|
10
9
|
constructor(scope, id, props = {}) {
|
|
11
10
|
const { websiteHosting, backupVaultTier, ...cdkProps } = props;
|
|
12
11
|
const isPublic = props.publicReadAccess === true || websiteHosting !== undefined;
|
|
13
|
-
const isRetained = props.removalPolicy ===
|
|
12
|
+
const isRetained = props.removalPolicy === RemovalPolicy.RETAIN;
|
|
14
13
|
const versioned = props.versioned ?? shouldAutoVersion(backupVaultTier);
|
|
15
14
|
super(scope, id, {
|
|
16
15
|
...cdkProps,
|
|
17
16
|
enforceSSL: true,
|
|
18
17
|
autoDeleteObjects: !isRetained,
|
|
19
|
-
removalPolicy: props.removalPolicy ??
|
|
18
|
+
removalPolicy: props.removalPolicy ?? RemovalPolicy.DESTROY,
|
|
20
19
|
publicReadAccess: isPublic,
|
|
21
20
|
...(isPublic && {
|
|
22
|
-
blockPublicAccess: new
|
|
21
|
+
blockPublicAccess: new BlockPublicAccess({
|
|
23
22
|
blockPublicAcls: false,
|
|
24
23
|
blockPublicPolicy: false,
|
|
25
24
|
ignorePublicAcls: false,
|
|
@@ -32,11 +31,24 @@ class S3Bucket extends aws_s3_1.Bucket {
|
|
|
32
31
|
}),
|
|
33
32
|
versioned,
|
|
34
33
|
lifecycleRules: versioned && !props.lifecycleRules
|
|
35
|
-
? [{ noncurrentVersionExpiration:
|
|
34
|
+
? [{ noncurrentVersionExpiration: Duration.days(30), enabled: true }]
|
|
36
35
|
: props.lifecycleRules
|
|
37
36
|
});
|
|
38
37
|
this.backupVaultTier = backupVaultTier;
|
|
38
|
+
if (websiteHosting) {
|
|
39
|
+
const safeBucket = toPascalCase((props.bucketName ?? id).replace(/[^A-Za-z0-9]/g, ""));
|
|
40
|
+
new CfnOutput(this, `${safeBucket}WebsiteEndpoint`, {
|
|
41
|
+
key: `${safeBucket}WebsiteEndpoint`,
|
|
42
|
+
exportName: `${safeBucket}WebsiteEndpoint`,
|
|
43
|
+
value: this.bucketWebsiteDomainName,
|
|
44
|
+
description: `S3 website endpoint for ${id} (consumed by Domain alias targets)`
|
|
45
|
+
});
|
|
46
|
+
new CfnOutput(this, `${safeBucket}WebsiteHostedZoneId`, {
|
|
47
|
+
key: `${safeBucket}WebsiteHostedZoneId`,
|
|
48
|
+
exportName: `${safeBucket}WebsiteHostedZoneId`,
|
|
49
|
+
value: this.stack.region,
|
|
50
|
+
description: `AWS region for ${id}; consumer maps to S3 website Route53 zone ID`
|
|
51
|
+
});
|
|
52
|
+
}
|
|
39
53
|
}
|
|
40
54
|
}
|
|
41
|
-
exports.S3Bucket = S3Bucket;
|
|
42
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9zdG9yYWdlL3MzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUFzRDtBQUN0RCwrQ0FJNEI7QUFlNUIsU0FBUyxpQkFBaUIsQ0FBQyxJQUFpQjtJQUMxQyxPQUFPLElBQUksS0FBSyxXQUFXLElBQUksSUFBSSxLQUFLLFlBQVksQ0FBQztBQUN2RCxDQUFDO0FBRUQsTUFBYSxRQUFTLFNBQVEsZUFBTTtJQUdsQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLFFBQXVCLEVBQUU7UUFDakUsTUFBTSxFQUFFLGNBQWMsRUFBRSxlQUFlLEVBQUUsR0FBRyxRQUFRLEVBQUUsR0FBRyxLQUFLLENBQUM7UUFDL0QsTUFBTSxRQUFRLEdBQ1osS0FBSyxDQUFDLGdCQUFnQixLQUFLLElBQUksSUFBSSxjQUFjLEtBQUssU0FBUyxDQUFDO1FBQ2xFLE1BQU0sVUFBVSxHQUFHLEtBQUssQ0FBQyxhQUFhLEtBQUssMkJBQWEsQ0FBQyxNQUFNLENBQUM7UUFDaEUsTUFBTSxTQUFTLEdBQUcsS0FBSyxDQUFDLFNBQVMsSUFBSSxpQkFBaUIsQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUV4RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsUUFBUTtZQUNYLFVBQVUsRUFBRSxJQUFJO1lBQ2hCLGlCQUFpQixFQUFFLENBQUMsVUFBVTtZQUM5QixhQUFhLEVBQUUsS0FBSyxDQUFDLGFBQWEsSUFBSSwyQkFBYSxDQUFDLE9BQU87WUFFM0QsZ0JBQWdCLEVBQUUsUUFBUTtZQUMxQixHQUFHLENBQUMsUUFBUSxJQUFJO2dCQUNkLGlCQUFpQixFQUFFLElBQUksMEJBQWlCLENBQUM7b0JBQ3ZDLGVBQWUsRUFBRSxLQUFLO29CQUN0QixpQkFBaUIsRUFBRSxLQUFLO29CQUN4QixnQkFBZ0IsRUFBRSxLQUFLO29CQUN2QixxQkFBcUIsRUFBRSxLQUFLO2lCQUM3QixDQUFDO2FBQ0gsQ0FBQztZQUVGLEdBQUcsQ0FBQyxjQUFjLElBQUk7Z0JBQ3BCLG9CQUFvQixFQUFFLGNBQWMsQ0FBQyxhQUFhO2dCQUNsRCxvQkFBb0IsRUFBRSxjQUFjLENBQUMsYUFBYSxJQUFJLFlBQVk7YUFDbkUsQ0FBQztZQUVGLFNBQVM7WUFDVCxjQUFjLEVBQ1osU0FBUyxJQUFJLENBQUMsS0FBSyxDQUFDLGNBQWM7Z0JBQ2hDLENBQUMsQ0FBQyxDQUFDLEVBQUUsMkJBQTJCLEVBQUUsc0JBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO2dCQUNyRSxDQUFDLENBQUMsS0FBSyxDQUFDLGNBQWM7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLGVBQWUsR0FBRyxlQUFlLENBQUM7SUFDekMsQ0FBQztDQUNGO0FBeENELDRCQXdDQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IER1cmF0aW9uLCBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQge1xuICBCbG9ja1B1YmxpY0FjY2VzcyxcbiAgQnVja2V0LFxuICB0eXBlIEJ1Y2tldFByb3BzXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcbmltcG9ydCB7IHR5cGUgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IHR5cGUgQmFja3VwVGllciB9IGZyb20gXCIuLi8uLi8uLi91dGlscy9iYWNrdXBUaWVyTWFwcGluZ1wiO1xuXG5leHBvcnQgaW50ZXJmYWNlIFdlYnNpdGVIb3N0aW5nQ29uZmlnIHtcbiAgcmVhZG9ubHkgaW5kZXhEb2N1bWVudDogc3RyaW5nO1xuICByZWFkb25seSBlcnJvckRvY3VtZW50Pzogc3RyaW5nO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFMzQnVja2V0UHJvcHMgZXh0ZW5kcyBCdWNrZXRQcm9wcyB7XG4gIGJhY2t1cFZhdWx0VGllcj86IEJhY2t1cFRpZXI7XG4gIHB1YmxpY1JlYWRBY2Nlc3M/OiBib29sZWFuO1xuICB3ZWJzaXRlSG9zdGluZz86IFdlYnNpdGVIb3N0aW5nQ29uZmlnO1xufVxuXG5mdW5jdGlvbiBzaG91bGRBdXRvVmVyc2lvbih0aWVyPzogQmFja3VwVGllcik6IGJvb2xlYW4ge1xuICByZXR1cm4gdGllciA9PT0gXCJyZXNpbGllbnRcIiB8fCB0aWVyID09PSBcImVudGVycHJpc2VcIjtcbn1cblxuZXhwb3J0IGNsYXNzIFMzQnVja2V0IGV4dGVuZHMgQnVja2V0IHtcbiAgcHVibGljIHJlYWRvbmx5IGJhY2t1cFZhdWx0VGllcj86IEJhY2t1cFRpZXI7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFMzQnVja2V0UHJvcHMgPSB7fSkge1xuICAgIGNvbnN0IHsgd2Vic2l0ZUhvc3RpbmcsIGJhY2t1cFZhdWx0VGllciwgLi4uY2RrUHJvcHMgfSA9IHByb3BzO1xuICAgIGNvbnN0IGlzUHVibGljID1cbiAgICAgIHByb3BzLnB1YmxpY1JlYWRBY2Nlc3MgPT09IHRydWUgfHwgd2Vic2l0ZUhvc3RpbmcgIT09IHVuZGVmaW5lZDtcbiAgICBjb25zdCBpc1JldGFpbmVkID0gcHJvcHMucmVtb3ZhbFBvbGljeSA9PT0gUmVtb3ZhbFBvbGljeS5SRVRBSU47XG4gICAgY29uc3QgdmVyc2lvbmVkID0gcHJvcHMudmVyc2lvbmVkID8/IHNob3VsZEF1dG9WZXJzaW9uKGJhY2t1cFZhdWx0VGllcik7XG5cbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIC4uLmNka1Byb3BzLFxuICAgICAgZW5mb3JjZVNTTDogdHJ1ZSxcbiAgICAgIGF1dG9EZWxldGVPYmplY3RzOiAhaXNSZXRhaW5lZCxcbiAgICAgIHJlbW92YWxQb2xpY3k6IHByb3BzLnJlbW92YWxQb2xpY3kgPz8gUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuXG4gICAgICBwdWJsaWNSZWFkQWNjZXNzOiBpc1B1YmxpYyxcbiAgICAgIC4uLihpc1B1YmxpYyAmJiB7XG4gICAgICAgIGJsb2NrUHVibGljQWNjZXNzOiBuZXcgQmxvY2tQdWJsaWNBY2Nlc3Moe1xuICAgICAgICAgIGJsb2NrUHVibGljQWNsczogZmFsc2UsXG4gICAgICAgICAgYmxvY2tQdWJsaWNQb2xpY3k6IGZhbHNlLFxuICAgICAgICAgIGlnbm9yZVB1YmxpY0FjbHM6IGZhbHNlLFxuICAgICAgICAgIHJlc3RyaWN0UHVibGljQnVja2V0czogZmFsc2VcbiAgICAgICAgfSlcbiAgICAgIH0pLFxuXG4gICAgICAuLi4od2Vic2l0ZUhvc3RpbmcgJiYge1xuICAgICAgICB3ZWJzaXRlSW5kZXhEb2N1bWVudDogd2Vic2l0ZUhvc3RpbmcuaW5kZXhEb2N1bWVudCxcbiAgICAgICAgd2Vic2l0ZUVycm9yRG9jdW1lbnQ6IHdlYnNpdGVIb3N0aW5nLmVycm9yRG9jdW1lbnQgPz8gXCJlcnJvci5odG1sXCJcbiAgICAgIH0pLFxuXG4gICAgICB2ZXJzaW9uZWQsXG4gICAgICBsaWZlY3ljbGVSdWxlczpcbiAgICAgICAgdmVyc2lvbmVkICYmICFwcm9wcy5saWZlY3ljbGVSdWxlc1xuICAgICAgICAgID8gW3sgbm9uY3VycmVudFZlcnNpb25FeHBpcmF0aW9uOiBEdXJhdGlvbi5kYXlzKDMwKSwgZW5hYmxlZDogdHJ1ZSB9XVxuICAgICAgICAgIDogcHJvcHMubGlmZWN5Y2xlUnVsZXNcbiAgICB9KTtcblxuICAgIHRoaXMuYmFja3VwVmF1bHRUaWVyID0gYmFja3VwVmF1bHRUaWVyO1xuICB9XG59XG4iXX0=
|
|
@@ -1,8 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const customResource = require("aws-cdk-lib/custom-resources");
|
|
5
|
-
class AwsCustomResource extends customResource.AwsCustomResource {
|
|
1
|
+
import * as customResource from "aws-cdk-lib/custom-resources";
|
|
2
|
+
export class AwsCustomResource extends customResource.AwsCustomResource {
|
|
3
|
+
response;
|
|
6
4
|
constructor(scope, id, props) {
|
|
7
5
|
super(scope, id, {
|
|
8
6
|
...props,
|
|
@@ -13,5 +11,3 @@ class AwsCustomResource extends customResource.AwsCustomResource {
|
|
|
13
11
|
});
|
|
14
12
|
}
|
|
15
13
|
}
|
|
16
|
-
exports.AwsCustomResource = AwsCustomResource;
|
|
17
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXdzQ3VzdG9tUmVzb3VyY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy91dGlsaXRpZXMvYXdzQ3VzdG9tUmVzb3VyY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsK0RBQStEO0FBRy9ELE1BQWEsaUJBQWtCLFNBQVEsY0FBYyxDQUFDLGlCQUFpQjtJQUdyRSxZQUNFLEtBQWdCLEVBQ2hCLEVBQVUsRUFDVixLQUE0QztRQUU1QyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsS0FBSztZQUNSLE1BQU0sRUFDSixLQUFLLENBQUMsTUFBTTtnQkFDWixjQUFjLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO29CQUNsRCxTQUFTLEVBQUUsY0FBYyxDQUFDLHVCQUF1QixDQUFDLFlBQVk7aUJBQy9ELENBQUM7U0FDTCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFqQkQsOENBaUJDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY3VzdG9tUmVzb3VyY2UgZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IHR5cGUgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuZXhwb3J0IGNsYXNzIEF3c0N1c3RvbVJlc291cmNlIGV4dGVuZHMgY3VzdG9tUmVzb3VyY2UuQXdzQ3VzdG9tUmVzb3VyY2Uge1xuICBwdWJsaWMgcmVhZG9ubHkgcmVzcG9uc2UhOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiBjdXN0b21SZXNvdXJjZS5Bd3NDdXN0b21SZXNvdXJjZVByb3BzXG4gICkge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgICBwb2xpY3k6XG4gICAgICAgIHByb3BzLnBvbGljeSB8fFxuICAgICAgICBjdXN0b21SZXNvdXJjZS5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICAgIHJlc291cmNlczogY3VzdG9tUmVzb3VyY2UuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuQU5ZX1JFU09VUkNFXG4gICAgICAgIH0pXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -1,20 +1,17 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
const constructs_1 = require("constructs");
|
|
7
|
-
class CodeBuildProject extends constructs_1.Construct {
|
|
1
|
+
import { Stack } from "aws-cdk-lib";
|
|
2
|
+
import { Project } from "aws-cdk-lib/aws-codebuild";
|
|
3
|
+
import { Construct } from "constructs";
|
|
4
|
+
export class CodeBuildProject extends Construct {
|
|
5
|
+
project;
|
|
8
6
|
constructor(scope, id, props) {
|
|
9
7
|
super(scope, id);
|
|
10
|
-
this.project = new
|
|
8
|
+
this.project = new Project(this, id, {
|
|
11
9
|
...props,
|
|
12
10
|
description: props.description || `Code build project for ${id}`
|
|
13
11
|
});
|
|
14
12
|
}
|
|
15
13
|
}
|
|
16
|
-
|
|
17
|
-
class CodeBuildProjectStack extends aws_cdk_lib_1.Stack {
|
|
14
|
+
export class CodeBuildProjectStack extends Stack {
|
|
18
15
|
constructor(scope, id, props) {
|
|
19
16
|
super(scope, id);
|
|
20
17
|
new CodeBuildProject(this, id, {
|
|
@@ -22,5 +19,3 @@ class CodeBuildProjectStack extends aws_cdk_lib_1.Stack {
|
|
|
22
19
|
});
|
|
23
20
|
}
|
|
24
21
|
}
|
|
25
|
-
exports.CodeBuildProjectStack = CodeBuildProjectStack;
|
|
26
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29kZUJ1aWxkLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3MvdXRpbGl0aWVzL2NvZGVCdWlsZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBb0M7QUFDcEMsNkRBQXVFO0FBQ3ZFLDJDQUF1QztBQUl2QyxNQUFhLGdCQUFpQixTQUFRLHNCQUFTO0lBRzdDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBcUI7UUFDN0QsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLENBQUMsT0FBTyxHQUFHLElBQUksdUJBQU8sQ0FBQyxJQUFJLEVBQUUsRUFBRSxFQUFFO1lBQ25DLEdBQUcsS0FBSztZQUNSLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVyxJQUFJLDBCQUEwQixFQUFFLEVBQUU7U0FDakUsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBWEQsNENBV0M7QUFFRCxNQUFhLHFCQUFzQixTQUFRLG1CQUFLO0lBQzlDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBcUI7UUFDN0QsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLGdCQUFnQixDQUFDLElBQUksRUFBRSxFQUFFLEVBQUU7WUFDN0IsR0FBRyxLQUFLO1NBQ1QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBUkQsc0RBUUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBTdGFjayB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgUHJvamVjdCwgdHlwZSBQcm9qZWN0UHJvcHMgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNvZGVidWlsZFwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxudHlwZSBDb2RlQnVpbGRQcm9wcyA9IFByb2plY3RQcm9wcztcblxuZXhwb3J0IGNsYXNzIENvZGVCdWlsZFByb2plY3QgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgcHJvamVjdDogUHJvamVjdDtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ29kZUJ1aWxkUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5wcm9qZWN0ID0gbmV3IFByb2plY3QodGhpcywgaWQsIHtcbiAgICAgIC4uLnByb3BzLFxuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uIHx8IGBDb2RlIGJ1aWxkIHByb2plY3QgZm9yICR7aWR9YFxuICAgIH0pO1xuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBDb2RlQnVpbGRQcm9qZWN0U3RhY2sgZXh0ZW5kcyBTdGFjayB7XG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBDb2RlQnVpbGRQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBuZXcgQ29kZUJ1aWxkUHJvamVjdCh0aGlzLCBpZCwge1xuICAgICAgLi4ucHJvcHNcbiAgICB9KTtcbiAgfVxufVxuIl19
|