npm - @fjall/components-infrastructure - Versions diffs - 0.95.0 → 0.99.1 - Mend

@fjall/components-infrastructure 0.95.0 → 0.99.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (234) hide show

package/dist/lib/app.js CHANGED Viewed

@@ -1,10 +1,13 @@
 import { App as CdkApp, Aspects, Tags } from "aws-cdk-lib";
+import { maskSensitiveOutput } from "@fjall/util";
 import { Vpc } from "./resources/aws/networking/vpc.js";
-import { CfnOutput } from "aws-cdk-lib";
-import { Ec2Instance } from "./resources/aws/compute/ec2.js";
+import { createBastion } from "./patterns/aws/bastionFactory.js";
 import { AwsStack } from "./resources/index.js";
 import { EcrFactory } from "./resources/aws/storage/ecr.js";
 import { NetworkFactory } from "./patterns/aws/network.js";
+import { MessagingFactory } from "./patterns/aws/messaging.js";
+import { Schedule } from "./resources/aws/messaging/schedule.js";
+import { ServiceDiscoveryNamespace } from "./resources/aws/networking/serviceDiscovery.js";
 import { StandardTagsAspect } from "./utils/standardTagsAspect.js";
 import { BACKUP_TIER_TAG_KEY, BACKUP_TIER_TAG_MAP } from "./utils/backupTierMapping.js";
 import { randomBytes } from "crypto";
@@ -14,8 +17,7 @@ import { FJALL_AUDIT_CONFIG } from "./config/audit.js";
 import { FjallLogger } from "./utils/validationLogger.js";
 import { getManifestCollector, writeManifest } from "./utils/manifestWriter.js";
 import { toPascalCase, toKebab } from "./utils/capitaliseString.js";
-const COST_ALLOCATION_ENVIRONMENT_TAG = "fjall:costAllocation:environment";
-const COST_ALLOCATION_SERVICE_TAG = "fjall:costAllocation:service";
+import { COST_ALLOCATION_TAGS } from "./utils/costAllocationTags.js";
 /**
  * The basic corner-stone of all Fjall-hosted applications.
  *  This class is a singleton and should be used to create and manage
@@ -30,6 +32,9 @@ export class App extends CdkApp {
     vpc;
     additionalVpcs = new Map();
     defaultEcr;
+    defaultEventBus;
+    eventBusOverride;
+    defaultNamespace;
     defaultAuditRole;
     auditRoleExternalId;
     bastion;
@@ -61,49 +66,20 @@ export class App extends CdkApp {
         if (options?.tunnel) {
             this.initialiseTunnel(options.tunnel);
         }
+        if (options?.eventBus !== undefined) {
+            this.eventBusOverride = options.eventBus;
+        }
     }
-    /**
-     * Apply backup tier tag to all resources in the app.
-     * Maps tier names to AWS Backup plan tag values.
-     */
     applyBackupTag(tier) {
         this.globalTags[BACKUP_TIER_TAG_KEY] = BACKUP_TIER_TAG_MAP[tier];
     }
-    /**
-     * Initialise the tunnel bastion in the network stack.
-     * Creates a minimal EC2 instance for SSM port forwarding to databases.
-     */
     initialiseTunnel(config) {
         if (this.networkDisabled || !this.vpc) {
             throw new Error("Tunnel requires a network. Configure network before enabling tunnel.");
         }
-        const instanceType = typeof config === "object" && config.instanceType
-            ? config.instanceType
-            : "t4g.micro";
-        const networkStack = this.getDefaultNetworkStack();
-        const bastionId = `${this.stackPrefix}Bastion`;
-        this.bastion = new Ec2Instance(networkStack.getStack(), bastionId, {
-            serviceName: `${this.stackPrefix}Bastion`,
-            instanceType,
-            vpc: this.vpc,
-            enableSSH: false,
-            minCapacity: 1,
-            maxCapacity: 1
-        });
-        networkStack.addConstruct(this.bastion);
-        const outputPrefix = toPascalCase(this.name);
-        new CfnOutput(networkStack.getStack(), `${outputPrefix}BastionInstanceId`, {
-            value: this.bastion.getAutoScalingGroup().autoScalingGroupName,
-            description: "Bastion ASG name for SSM tunnel discovery"
-        });
-        new CfnOutput(networkStack.getStack(), `${outputPrefix}BastionSecurityGroupId`, {
-            value: this.bastion.asgSecurityGroup.securityGroupId,
-            description: "Bastion security group ID"
-        });
+        const { bastion } = createBastion(this.getDefaultNetworkStack(), this.name, this.stackPrefix, this.vpc, config);
+        this.bastion = bastion;
     }
-    /**
-     * Initialise the network (VPC) for this application.
-     */
     initialiseNetwork(config) {
         const networkStack = this.getDefaultNetworkStack();
         if ("useExisting" in config) {
@@ -117,45 +93,12 @@ export class App extends CdkApp {
             this.vpc = network.getVpc();
         }
     }
-    /**
-     * Get the application name.
-     * @returns {string} The application name
-     */
     getName() {
         return this.name;
     }
-    /**
-     * Get/Create a basic Fjall Application with standard tags applied.
-     *
-     * @param name Application name
-     * @param options Configuration options including network settings
-     * @returns {App}
-     *
-     * @example
-     * // Create app with new VPC
-     * const app = App.getApp(appName, {
-     *   network: { maxAzs: 2, natGateways: false }
-     * });
-     *
-     * @example
-     * // Create app using existing VPC
-     * const app = App.getApp(appName, {
-     *   network: { useExisting: "vpc-12345678" }
-     * });
-     *
-     * @example
-     * // Create app without network (S3-only apps)
-     * const app = App.getApp(appName, { network: false });
-     */
     static getApp(name, options) {
         return App.getInstance(name, options);
     }
-    /**
-     * Get/Create the singleton instance of the App
-     * @param name Application name
-     * @param options Configuration options including network settings
-     * @returns {App}
-     */
     static getInstance(name, options) {
         // Despite supporting multiple stacks you can still only ever
         // have a single Application per CDK deployment
@@ -195,16 +138,31 @@ export class App extends CdkApp {
             if (options?.tunnel && !App.instance.bastion) {
                 App.instance.initialiseTunnel(options.tunnel);
             }
+            if (options?.eventBus !== undefined) {
+                if (App.instance.eventBusOverride === undefined &&
+                    App.instance.defaultEventBus === undefined) {
+                    App.instance.eventBusOverride = options.eventBus;
+                }
+                else {
+                    const reason = App.instance.defaultEventBus !== undefined
+                        ? "bus was already materialised via getEventBus()"
+                        : "override was already set on a prior App.getApp() call";
+                    FjallLogger.warn(`App.getApp() eventBus override ignored: ${reason}. ` +
+                        `Pass eventBus options to the first App.getApp() call.`);
+                }
+            }
         }
         return App.instance;
     }
+    static resetForTesting() {
+        App.instance = null;
+    }
     /**
      * Retrieve a stack by key. If the stack does not exist, it will be created.
      *  Dependencies are only applied the first time a stack is created.
      *
      * @param key - The key of the stack
      * @param dependencies - The stack(s) that this stack depends on
-     * @returns {AwsStack}
      */
     getStack(key, dependencies) {
         // Apply the aspect once before creating the first stack
@@ -223,29 +181,24 @@ export class App extends CdkApp {
      *
      * Only depends on Network. Database dependency is added automatically
      * by CDK when compute resources reference database resources.
-     *
-     * @returns {AwsStack}
      */
     getDefaultComputeStack() {
         return this.getStack(`${this.stackPrefix}Compute`, this.getDefaultNetworkStack());
     }
     /**
      * Retrieve default network stack - named as `${this.name}Network`
-     * @returns {AwsStack}
      */
     getDefaultNetworkStack() {
         return this.getStack(`${this.stackPrefix}Network`);
     }
     /**
      * Retrieve default database stack - named as `${this.name}Database`
-     * @returns {AwsStack}
      */
     getDefaultDatabaseStack() {
         return this.getStack(`${this.stackPrefix}Database`, this.getDefaultNetworkStack());
     }
     /**
      * Retrieve default storage stack - named as `${this.name}Storage`
-     * @returns {AwsStack}
      */
     getDefaultStorageStack() {
         return this.getStack(`${this.stackPrefix}Storage`, this.getDefaultNetworkStack());
@@ -255,8 +208,6 @@ export class App extends CdkApp {
      *
      * Depends on Network. Compute/Storage dependencies are added automatically
      * by CDK when CDN resources reference ALB or S3 bucket resources.
-     *
-     * @returns {AwsStack}
      */
     getDefaultCdnStack() {
         return this.getStack(`${this.stackPrefix}Cdn`, this.getDefaultNetworkStack());
@@ -267,8 +218,6 @@ export class App extends CdkApp {
      * Used for SQS queues, SNS topics, and EventBridge event buses.
      * Depends on Network only. These are regional services that don't
      * require VPC, but we maintain consistent stack dependency patterns.
-     *
-     * @returns {AwsStack}
      */
     getDefaultMessagingStack() {
         return this.getStack(`${this.stackPrefix}Messaging`, this.getDefaultNetworkStack());
@@ -280,7 +229,6 @@ export class App extends CdkApp {
      * Network must be configured via App.getApp() options or app.addNetwork().
      *
      * @param name - Optional name of the VPC to retrieve. If not provided, returns the default VPC.
-     * @returns {IVpc} The configured VPC
      * @throws {Error} If network is disabled, not configured, or named VPC not found
      */
     getVpc(name) {
@@ -304,11 +252,6 @@ export class App extends CdkApp {
         }
         return this.vpc;
     }
-    /**
-     * Get the names of all available VPCs.
-     *
-     * @returns {string[]} Array of VPC names. Includes "default" if the default VPC is configured.
-     */
     getVpcNames() {
         const names = [];
         if (this.vpc) {
@@ -317,10 +260,6 @@ export class App extends CdkApp {
         names.push(...this.additionalVpcs.keys());
         return names;
     }
-    /**
-     * Retrieve the default application container registry. If the registry does not exist
-     *  it will be created.
-     */
     getDefaultContainerRegistry() {
         if (!this.defaultEcr) {
             const networkStack = this.getDefaultNetworkStack();
@@ -332,6 +271,67 @@ export class App extends CdkApp {
         }
         return this.defaultEcr;
     }
+    /**
+     * Lazy getter for the per-app default custom EventBridge bus (D2).
+     *
+     * Buses are recreatable in non-prod; the env-resolved default keeps prod
+     * history. The override (`App.getApp({ eventBus: { name?, removalPolicy? } })`)
+     * is consulted first; absent override falls back to the app name and the
+     * `env({ default: "DESTROY", production: "RETAIN" })` resolution per D17.
+     * NODE_ENV is not consulted — it is not set during CDK synth in Fjall's
+     * deployment paths.
+     */
+    getEventBus() {
+        if (this.defaultEventBus) {
+            return this.defaultEventBus;
+        }
+        const eventBusName = this.eventBusOverride?.name ?? this.getName();
+        const removalPolicy = this.eventBusOverride?.removalPolicy;
+        const bus = this.addMessaging(MessagingFactory.build(`${this.stackPrefix}EventBus`, {
+            type: "eventBus",
+            eventBusName,
+            appName: this.name,
+            removalPolicy
+        }));
+        this.defaultEventBus = bus;
+        return bus;
+    }
+    /**
+     * Lazy getter for the per-app Cloud Map private DNS namespace (D7 + D29 of
+     * the ClickHouse Database Factory promotion design).
+     *
+     * The namespace is constructed in the network stack on first call and
+     * reused thereafter — `app.getNamespace() === app.getNamespace()`. Default
+     * name is `${toKebab(appName)}.local` per the implementation-defined
+     * derivation rule; v1 has no override config option (D29). Returns the
+     * `IPrivateDnsNamespace` interface per D18(a), never the concrete class.
+     */
+    getNamespace() {
+        return this.ensureNamespace().getNamespace();
+    }
+    /**
+     * Register a Cloud Map service against the per-app namespace. Lazily creates
+     * the namespace on first call (same construct as `getNamespace()`) and
+     * delegates to the `ServiceDiscoveryNamespace` wrapper's `registerService`
+     * — keeping both halves of Cloud Map (namespace + services) routed through
+     * the wrapper layer per § Wrapper Routing Discipline.
+     */
+    registerService(props) {
+        return this.ensureNamespace().registerService(props);
+    }
+    ensureNamespace() {
+        if (this.defaultNamespace) {
+            return this.defaultNamespace;
+        }
+        const networkStack = this.getDefaultNetworkStack();
+        const namespace = new ServiceDiscoveryNamespace(networkStack.getStack(), `${this.stackPrefix}Namespace`, {
+            vpc: this.getVpc(),
+            name: `${toKebab(this.name)}.local`
+        });
+        networkStack.addConstruct(namespace);
+        this.defaultNamespace = namespace;
+        return namespace;
+    }
     /**
      * Create a cross-account audit role in the Network stack that allows
      * the Fjall platform to use CloudQuery for comprehensive AWS resource auditing.
@@ -341,7 +341,6 @@ export class App extends CdkApp {
      *
      * @param webappAccountId - Optional AWS account ID of the Fjall webapp. Defaults to configured platform account.
      * @param externalId - Optional external ID for additional security. If not provided, a unique ID will be generated.
-     * @returns {Role} The created audit role
      */
     createAuditRole(webappAccountId, externalId) {
         if (!this.defaultAuditRole) {
@@ -361,17 +360,9 @@ export class App extends CdkApp {
         }
         return this.defaultAuditRole;
     }
-    /**
-     * Get the external ID used for the audit role
-     * @returns {string | undefined} The external ID if audit role has been created
-     */
     getAuditRoleExternalId() {
         return this.auditRoleExternalId;
     }
-    /**
-     * Generate a unique external ID for audit role
-     * Format: fjall-audit-{appName}-{timestamp}
-     */
     generateAuditExternalId() {
         const uniqueId = randomBytes(8).toString("hex");
         return `fjall-audit-${toKebab(this.name)}-${uniqueId}`;
@@ -406,9 +397,6 @@ export class App extends CdkApp {
         computeStack.addConstruct(construct);
         return construct;
     }
-    /**
-     * Manually add a resource to the default compute stack.
-     */
     addComputeResource(resource) {
         const computeStack = this.getDefaultComputeStack();
         computeStack.addConstruct(resource);
@@ -443,9 +431,6 @@ export class App extends CdkApp {
         }
         return databaseConstruct;
     }
-    /**
-     * Type guard for IConnectable — checks if a construct has a connections property.
-     */
     isConnectable(construct) {
         return (typeof construct === "object" &&
             construct !== null &&
@@ -509,6 +494,32 @@ export class App extends CdkApp {
         cdnStack.addConstruct(cdn);
         return cdn;
     }
+    /**
+     * Peer this app's VPC with a remote app's VPC.
+     *
+     * Creates the peering connection plus routes on both sides. The remote app
+     * must have deployed a `VpcPeerAccepter` first. Note: `app.getVpc(peerAppName)`
+     * does NOT return the peer's VPC — callers wanting the remote handle must use
+     * the returned `VpcPeer` instance.
+     */
+    addVpcPeer(fn) {
+        const networkStack = this.getDefaultNetworkStack();
+        const peer = fn(this, networkStack.getStack());
+        networkStack.addConstruct(peer);
+        return peer;
+    }
+    /**
+     * Accept VPC peering requests from remote apps.
+     *
+     * Creates an IAM role for cross-account peering acceptance and return-route
+     * management, and publishes VPC metadata to SSM for discovery.
+     */
+    addVpcPeerAccepter(fn) {
+        const networkStack = this.getDefaultNetworkStack();
+        const accepter = fn(this, networkStack.getStack());
+        networkStack.addConstruct(accepter);
+        return accepter;
+    }
     /**
      * Add a messaging resource to the default queue stack using the factory pattern.
      *
@@ -540,6 +551,32 @@ export class App extends CdkApp {
         messagingStack.addConstruct(messaging);
         return messaging;
     }
+    /**
+     * Register an EventBridge schedule against a Fjall wrapper target.
+     *
+     * Defaults to the messaging stack; set `props.stackPlacement = "compute"`
+     * when the schedule's target lives in the compute stack and cross-stack
+     * output churn is undesired. `applicationId` is threaded automatically
+     * from `app.getName()` for alarm webhook routing per D13.
+     *
+     * @example
+     * app.addSchedule("MetricsCollection", {
+     *   schedule: "rate(5 minutes)",
+     *   target: notificationsQueue
+     * });
+     */
+    addSchedule(id, props) {
+        const stack = props.stackPlacement === "compute"
+            ? this.getDefaultComputeStack()
+            : this.getDefaultMessagingStack();
+        const schedule = new Schedule(stack.getStack(), id, {
+            ...props,
+            applicationId: this.getName(),
+            appName: props.appName ?? this.getName()
+        });
+        stack.addConstruct(schedule);
+        return schedule;
+    }
     /**
      * Add a high-level infrastructure pattern to the application.
      *
@@ -580,7 +617,6 @@ export class App extends CdkApp {
      * Additional VPCs can be retrieved by name using app.getVpc(name).
      *
      * @param fn - Factory function that creates the Network construct
-     * @returns {Network} The created Network construct
      *
      * @example
      * const isolatedVpc = app.addNetwork(
@@ -596,33 +632,19 @@ export class App extends CdkApp {
         networkStack.addConstruct(network);
         return network;
     }
-    /**
-     * Manually add a resource to the default database stack.
-     */
     addDatabaseResource(resource) {
         const databaseStack = this.getDefaultDatabaseStack();
         databaseStack.addConstruct(resource);
     }
-    /**
-     * Manually add a resource to the default storage stack.
-     */
     addStorageResource(resource) {
         const storageStack = this.getDefaultStorageStack();
         storageStack.addConstruct(resource);
     }
-    /**
-     * Initialise standard tags
-     */
     initialiseStandardTags() {
         const config = getConfig();
-        this.globalTags = {
-            [COST_ALLOCATION_ENVIRONMENT_TAG]: config.environment,
-            [COST_ALLOCATION_SERVICE_TAG]: this.name
-        };
+        this.globalTags[COST_ALLOCATION_TAGS.ENVIRONMENT] = config.environment;
+        this.globalTags[COST_ALLOCATION_TAGS.SERVICE] = this.name;
     }
-    /**
-     * Apply all tags using CDK's native Tags.of().add() API
-     */
     applyTagsAspect() {
         if (!this.aspectApplied && Object.keys(this.globalTags).length > 0) {
             // Apply standard tags using Tags.of(this).add()
@@ -641,7 +663,7 @@ export class App extends CdkApp {
      * @example
      * app.addTags({
      *   "fjall:costAllocation:owner": "platform-team",
-     *   "fjall:costAllocation:cost-center": "CC-123",
+     *   "fjall:costAllocation:cost-centre": "CC-123",
      *   "team:slack-channel": "#platform-alerts"
      * });
      */
@@ -656,11 +678,7 @@ export class App extends CdkApp {
         }
         return this;
     }
-    /**
-     * Export resource inventory collected during synthesis
-     * Call this after app.synth() to get complete resource inventory
-     * @returns {ResourceInventory} Complete inventory of all resources in the app
-     */
+    /** Call after app.synth() — inventory is not available before synthesis. */
     exportResourceInventory() {
         if (!this.resourceInventory) {
             throw new Error("Resource inventory not available. Ensure a ResourceInventoryAspect has been added before calling exportResourceInventory().");
@@ -671,16 +689,9 @@ export class App extends CdkApp {
             appName: this.name
         };
     }
-    /**
-     * Get the manifest collector for registering services and patterns.
-     * Used by ComputeFactory and PatternFactory to register their configurations.
-     */
     getManifestCollector() {
         return this.manifestCollector;
     }
-    /**
-     * Override synth to automatically export resource inventory and manifest
-     */
     synth(options) {
         // Call parent synth first
         const assembly = super.synth(options);
@@ -689,9 +700,8 @@ export class App extends CdkApp {
             writeManifest(assembly, this.manifestCollector);
         }
         catch (error) {
-            // Don't fail synth if manifest export fails
-            const errorMessage = error instanceof Error ? error.message : String(error);
-            FjallLogger.warn(`Failed to export Fjall manifest: ${errorMessage}`);
+            const maskedMessage = maskSensitiveOutput(error instanceof Error ? error.message : String(error));
+            FjallLogger.warn(`Failed to export Fjall manifest: ${maskedMessage}`);
         }
         return assembly;
     }

package/dist/lib/config/aws/__t17fixture.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/lib/config/aws/__t17fixture.js ADDED Viewed

@@ -0,0 +1,3 @@
+import { Rule } from "aws-cdk-lib/aws-events";
+import { LambdaFunction } from "aws-cdk-lib/aws-events-targets";
+console.log(Rule, LambdaFunction);

package/dist/lib/config/aws/__t17fixtureType.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type IRule } from "aws-cdk-lib/aws-events";
2	+ export type T = IRule;

package/dist/lib/config/aws/__t17fixtureType.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/lib/config/aws/alarmTopic.js CHANGED Viewed

@@ -1,18 +1,22 @@
 import { CfnOutput } from "aws-cdk-lib";
-import * as sns from "aws-cdk-lib/aws-sns";
 import { Construct } from "constructs";
+import { SNSTopic } from "../../resources/aws/messaging/sns.js";
 export class SharedAlarmTopic extends Construct {
     topic;
     topicArn;
     constructor(scope, id) {
         super(scope, id);
-        const topic = new sns.Topic(this, "AlarmNotifications", {
+        const wrapped = new SNSTopic(this, "AlarmNotifications", {
             displayName: "Fjall CloudWatch Alarm Notifications"
         });
-        this.topic = topic;
+        this.topic = wrapped.getTopic();
+        // SharedAlarmTopicArn is a well-known cross-stack export consumed via
+        // Fn.importValue (see resolveAlertsTopic + its tests). Do not delete
+        // thinking it duplicates the wrapper's AlarmNotificationsTopicArn —
+        // the wrapper's auto-output has no exportName and cannot be imported.
         this.topicArn = new CfnOutput(this, "SharedAlarmTopicArn", {
             key: "SharedAlarmTopicArn",
-            value: topic.topicArn,
+            value: wrapped.getTopicArn(),
             exportName: "SharedAlarmTopicArn"
         });
     }

package/dist/lib/config/aws/cloudTrail.js CHANGED Viewed

@@ -3,7 +3,7 @@ import { Trail } from "../../resources/aws/logging/cloudTrail.js";
 export class ManagementEventsTrail extends Construct {
     constructor(scope, id, props) {
         super(scope, id);
-        new Trail(this, "managementEventsTrail", {
+        new Trail(this, "ManagementEventsTrail", {
             bucketName: `cloudtrail-management-events-${props.accountId}-${props.region}`,
             trailName: "managementEvents",
             isMultiRegionTrail: true

package/dist/lib/config/aws/disasterRecovery.js CHANGED Viewed

@@ -2,10 +2,10 @@ import { CfnOutput, Duration, RemovalPolicy } from "aws-cdk-lib";
 import { Construct } from "constructs";
 import { BackupVault, BackupPlan } from "../../resources/aws/backup/index.js";
 import { BackupPlanRule, BackupVault as Vault } from "aws-cdk-lib/aws-backup";
-import * as events from "aws-cdk-lib/aws-events";
+import { cronSchedule } from "../../resources/aws/messaging/index.js";
 import { AccountPrincipal, Effect, PolicyStatement } from "aws-cdk-lib/aws-iam";
-import App from "../../app.js";
-import { parseOrgConfig } from "../../utils/orgConfigParser.js";
+import { getConfig } from "../../utils/getConfig.js";
+import { toPascalCase } from "../../utils/capitaliseString.js";
 // Backup retention constants (in days)
 const RETENTION_PERIODS = {
     STANDARD: 90,
@@ -34,16 +34,11 @@ export class DisasterRecovery extends Construct {
     customBackupPlans;
     constructor(scope, id, props) {
         super(scope, id);
-        // Read org config from CDK context
-        const app = App.getInstance();
-        const orgConfigRaw = app.node.tryGetContext("orgConfig");
-        const orgConfig = parseOrgConfig(typeof orgConfigRaw === "string" ? orgConfigRaw : undefined);
-        const providerAccounts = orgConfig.providerAccounts;
-        // Determine if this is a compliance account
+        const config = getConfig();
+        const providerAccounts = config.providerAccounts;
         const account = providerAccounts.find((pa) => pa.id === props.accountId);
         const isComplianceAccount = account?.environment === "compliance";
-        // Get DR configuration
-        const disasterRecoveryRegion = orgConfig.disasterRecoveryRegion;
+        const disasterRecoveryRegion = config.disasterRecoveryRegion;
         // Look up compliance account for cross-account replication
         // Skip if the compliance account (prevent self-replication)
         const disasterRecoveryAccount = isComplianceAccount
@@ -110,7 +105,7 @@ export class DisasterRecovery extends Construct {
         // Create custom backup plans if provided
         if (props.customBackupPlans && props.customBackupPlans.length > 0) {
             this.customBackupPlans = props.customBackupPlans.map((config) => {
-                return new BackupPlan(this, `CustomBackupPlan-${config.planName}`, {
+                return new BackupPlan(this, `CustomBackupPlan${toPascalCase(config.planName)}`, {
                     planName: config.planName,
                     rules: config.rules,
                     tagValue: config.tagValue,
@@ -143,7 +138,7 @@ export class DisasterRecovery extends Construct {
         return [
             new BackupPlanRule({
                 ruleName: `${planName}Daily`,
-                scheduleExpression: events.Schedule.cron({ hour: "2", minute: "0" }), // 2 AM daily
+                scheduleExpression: cronSchedule({ hour: "2", minute: "0" }), // 2 AM daily
                 deleteAfter: Duration.days(RETENTION_PERIODS.STANDARD),
                 startWindow: BACKUP_WINDOWS.START,
                 completionWindow: BACKUP_WINDOWS.COMPLETION
@@ -155,7 +150,7 @@ export class DisasterRecovery extends Construct {
         return [
             new BackupPlanRule({
                 ruleName: `${planName}Daily`,
-                scheduleExpression: events.Schedule.cron({ hour: "2", minute: "0" }), // 2 AM daily
+                scheduleExpression: cronSchedule({ hour: "2", minute: "0" }), // 2 AM daily
                 deleteAfter: Duration.days(RETENTION_PERIODS.ENTERPRISE_CONTINUOUS),
                 enableContinuousBackup: true,
                 startWindow: BACKUP_WINDOWS.START,
@@ -171,7 +166,7 @@ export class DisasterRecovery extends Construct {
             // Continuous backup (35-day max PITR window)
             new BackupPlanRule({
                 ruleName: `${planName}Continuous`,
-                scheduleExpression: events.Schedule.cron({ hour: "2", minute: "0" }), // Daily for continuous backup
+                scheduleExpression: cronSchedule({ hour: "2", minute: "0" }), // Daily for continuous backup
                 deleteAfter: Duration.days(RETENTION_PERIODS.ENTERPRISE_CONTINUOUS),
                 enableContinuousBackup: true,
                 startWindow: BACKUP_WINDOWS.START,
@@ -181,7 +176,7 @@ export class DisasterRecovery extends Construct {
             // Hourly snapshots for long-term compliance (7 years)
             new BackupPlanRule({
                 ruleName: `${planName}HourlyCompliance`,
-                scheduleExpression: events.Schedule.cron({ minute: "0" }), // Every hour
+                scheduleExpression: cronSchedule({ minute: "0" }), // Every hour
                 deleteAfter: Duration.days(RETENTION_PERIODS.ENTERPRISE_COMPLIANCE),
                 moveToColdStorageAfter: Duration.days(RETENTION_PERIODS.COLD_STORAGE_ONE_YEAR),
                 startWindow: BACKUP_WINDOWS.START,

package/dist/lib/config/aws/ecrDefaultImage.d.ts CHANGED Viewed

@@ -3,7 +3,6 @@ import { type StackProps } from "aws-cdk-lib";
 interface EcrDefaultImageProps extends StackProps {
     region: string;
     accountId: string;
-    eventBusArn: string;
 }
 export declare class EcrDefaultImage extends Construct {
     constructor(scope: Construct, id: string, props: EcrDefaultImageProps);