@friggframework/devtools 2.0.0--canary.461.8cf93ae.0 → 2.0.0--canary.474.aa465e4.0

package/infrastructure/domains/shared/cloudformation-discovery-v2.js

@@ -0,0 +1,334 @@
+/**
+ * CloudFormation-based Resource Discovery v2
+ *
+ * Refactored to return structured DiscoveryResult instead of flat object.
+ * Part of the clean resource ownership architecture.
+ *
+ * Domain Service - Hexagonal Architecture
+ */
+
+const { createEmptyDiscoveryResult } = require('./types');
+
+class CloudFormationDiscoveryV2 {
+    constructor(provider, config = {}) {
+        this.provider = provider;
+        this.serviceName = config.serviceName;
+        this.stage = config.stage;
+    }
+
+    /**
+     * Discover resources from an existing CloudFormation stack
+     *
+     * @param {string} stackName - Name of the CloudFormation stack
+     * @returns {Promise<Object>} DiscoveryResult or empty result if stack doesn't exist
+     */
+    async discoverFromStack(stackName) {
+        try {
+            // Try to get the stack
+            const stack = await this.provider.describeStack(stackName);
+
+            // Get stack resources
+            const resources = await this.provider.listStackResources(stackName);
+
+            // Create structured discovery result
+            const discovery = createEmptyDiscoveryResult();
+            discovery.fromCloudFormation = true;
+            discovery.stackName = stackName;
+            discovery.region = this.provider.region;
+
+            // Extract stack-managed resources
+            await this._extractStackManagedResources(resources || [], discovery);
+
+            // Also keep flat structure for backwards compatibility (temporarily)
+            const flatDiscovered = {
+                fromCloudFormationStack: true,
+                stackName: stackName,
+                existingLogicalIds: discovery.stackManaged.map(r => r.logicalId)
+            };
+
+            // Extract from outputs (legacy)
+            if (stack.Outputs && stack.Outputs.length > 0) {
+                this._extractFromOutputs(stack.Outputs, flatDiscovered);
+            }
+
+            // Extract flat properties from stackManaged resources
+            this._createFlatPropertiesFromStackManaged(discovery, flatDiscovered);
+
+            // Return both structures (flat for backwards compat, structured for new code)
+            return {
+                ...flatDiscovered,
+                _structured: discovery  // New structured format
+            };
+        } catch (error) {
+            // Stack doesn't exist - return empty discovery
+            if (error.message && error.message.includes('does not exist')) {
+                const empty = createEmptyDiscoveryResult();
+                return {
+                    fromCloudFormationStack: false,
+                    _structured: empty
+                };
+            }
+
+            // Other errors - log and return empty
+            console.warn(`⚠️  CloudFormation discovery failed: ${error.message}`);
+            const empty = createEmptyDiscoveryResult();
+            return {
+                fromCloudFormationStack: false,
+                _structured: empty
+            };
+        }
+    }
+
+    /**
+     * Extract stack-managed resources into structured format
+     * @private
+     */
+    async _extractStackManagedResources(resources, discovery) {
+        console.log(`  DEBUG: Processing ${resources.length} CloudFormation resources...`);
+
+        for (const resource of resources) {
+            const { LogicalResourceId, PhysicalResourceId, ResourceType } = resource;
+
+            // Only track Frigg-managed resources
+            if (!LogicalResourceId.startsWith('Frigg') && !LogicalResourceId.includes('Migration')) {
+                continue;
+            }
+
+            // Add to stack-managed list
+            const stackResource = {
+                logicalId: LogicalResourceId,
+                physicalId: PhysicalResourceId,
+                resourceType: ResourceType,
+                properties: {}  // Will be populated as needed
+            };
+
+            discovery.stackManaged.push(stackResource);
+
+            // Query AWS for detailed properties for certain resources
+            await this._enrichResourceProperties(stackResource, discovery);
+        }
+
+        console.log(`  ✓ Discovered ${discovery.stackManaged.length} stack-managed resources`);
+    }
+
+    /**
+     * Enrich resource properties by querying AWS APIs
+     * @private
+     */
+    async _enrichResourceProperties(stackResource, discovery) {
+        const { logicalId, physicalId, resourceType } = stackResource;
+
+        // Security Group - query to get VPC ID
+        if (logicalId === 'FriggLambdaSecurityGroup' && resourceType === 'AWS::EC2::SecurityGroup') {
+            console.log(`  ✓ Found security group in stack: ${physicalId}`);
+
+            if (this.provider && this.provider.getEC2Client) {
+                try {
+                    console.log(`  Querying EC2 to get VPC ID from security group...`);
+                    const { DescribeSecurityGroupsCommand } = require('@aws-sdk/client-ec2');
+                    const ec2Client = this.provider.getEC2Client();
+                    const sgDetails = await ec2Client.send(
+                        new DescribeSecurityGroupsCommand({
+                            GroupIds: [physicalId]
+                        })
+                    );
+
+                    if (sgDetails.SecurityGroups && sgDetails.SecurityGroups.length > 0) {
+                        const sg = sgDetails.SecurityGroups[0];
+                        stackResource.properties.VpcId = sg.VpcId;
+                        console.log(`  ✓ Extracted VPC ID from security group: ${sg.VpcId}`);
+
+                        // Also add VPC to stack-managed if not already there
+                        const vpcExists = discovery.stackManaged.some(r => r.logicalId === 'FriggVPC');
+                        if (!vpcExists && sg.VpcId) {
+                            // Note: VPC was created by stack, just not listed in resources yet
+                            // We'll add it when we encounter it, or infer it here
+                        }
+                    }
+                } catch (error) {
+                    console.warn(`  ⚠️  Could not get VPC from security group: ${error.message}`);
+                }
+            }
+        }
+
+        // Aurora Cluster - query to get endpoint
+        if (logicalId === 'FriggAuroraCluster' && resourceType === 'AWS::RDS::DBCluster') {
+            console.log(`  ✓ Found Aurora cluster in stack: ${physicalId}`);
+
+            if (this.provider) {
+                try {
+                    console.log(`  Querying RDS to get Aurora endpoint...`);
+                    const { DescribeDBClustersCommand, RDSClient } = require('@aws-sdk/client-rds');
+
+                    const rdsClient = new RDSClient({ region: this.provider.region });
+                    const clusterDetails = await rdsClient.send(
+                        new DescribeDBClustersCommand({
+                            DBClusterIdentifier: physicalId
+                        })
+                    );
+
+                    if (clusterDetails.DBClusters && clusterDetails.DBClusters.length > 0) {
+                        const cluster = clusterDetails.DBClusters[0];
+                        stackResource.properties.Endpoint = cluster.Endpoint;
+                        stackResource.properties.Port = cluster.Port;
+                        stackResource.properties.DBClusterIdentifier = cluster.DBClusterIdentifier;
+                        console.log(`  ✓ Extracted Aurora endpoint: ${cluster.Endpoint}:${cluster.Port}`);
+                    }
+                } catch (error) {
+                    console.warn(`  ⚠️  Could not get endpoint from Aurora cluster: ${error.message}`);
+                }
+            }
+        }
+
+        // KMS Key Alias - query to get ARN
+        if (logicalId === 'FriggKMSKeyAlias' && resourceType === 'AWS::KMS::Alias') {
+            console.log(`  ✓ Found KMS key alias in stack: ${physicalId}`);
+
+            if (this.provider && this.provider.describeKmsKey) {
+                try {
+                    console.log(`  Querying KMS for alias: ${physicalId}...`);
+                    const keyMetadata = await this.provider.describeKmsKey(physicalId);
+
+                    if (keyMetadata) {
+                        stackResource.properties.KeyArn = keyMetadata.Arn;
+                        console.log(`  ✓ Found KMS key via alias query: ${keyMetadata.Arn}`);
+                    }
+                } catch (error) {
+                    console.warn(`  ⚠️  Could not get key ARN from alias: ${error.message}`);
+                }
+            }
+        }
+
+        // VPC - just log
+        if (logicalId === 'FriggVPC' && resourceType === 'AWS::EC2::VPC') {
+            console.log(`  ✓ Found VPC in stack: ${physicalId}`);
+        }
+    }
+
+    /**
+     * Create flat properties from stack-managed resources (backwards compatibility)
+     * @private
+     */
+    _createFlatPropertiesFromStackManaged(discovery, flatDiscovered) {
+        for (const resource of discovery.stackManaged) {
+            const { logicalId, physicalId, properties } = resource;
+
+            // Map to flat property names
+            switch (logicalId) {
+                case 'FriggVPC':
+                    flatDiscovered.defaultVpcId = physicalId;
+                    break;
+                case 'FriggLambdaSecurityGroup':
+                    flatDiscovered.securityGroupId = physicalId;
+                    if (properties.VpcId) {
+                        flatDiscovered.defaultVpcId = properties.VpcId;
+                    }
+                    break;
+                case 'FriggPrivateSubnet1':
+                    flatDiscovered.privateSubnetId1 = physicalId;
+                    break;
+                case 'FriggPrivateSubnet2':
+                    flatDiscovered.privateSubnetId2 = physicalId;
+                    break;
+                case 'FriggPublicSubnet':
+                    flatDiscovered.publicSubnetId1 = physicalId;
+                    break;
+                case 'FriggPublicSubnet2':
+                    flatDiscovered.publicSubnetId2 = physicalId;
+                    break;
+                case 'FriggNatGateway':
+                    flatDiscovered.natGatewayId = physicalId;
+                    break;
+                case 'FriggLambdaRouteTable':
+                    flatDiscovered.routeTableId = physicalId;
+                    break;
+                case 'FriggVPCEndpointSecurityGroup':
+                    flatDiscovered.vpcEndpointSecurityGroupId = physicalId;
+                    break;
+                case 'FriggS3VPCEndpoint':
+                    flatDiscovered.s3VpcEndpointId = physicalId;
+                    break;
+                case 'FriggDynamoDBVPCEndpoint':
+                    flatDiscovered.dynamoDbVpcEndpointId = physicalId;
+                    break;
+                case 'FriggKMSVPCEndpoint':
+                    flatDiscovered.kmsVpcEndpointId = physicalId;
+                    break;
+                case 'FriggSecretsManagerVPCEndpoint':
+                    flatDiscovered.secretsManagerVpcEndpointId = physicalId;
+                    break;
+                case 'FriggSQSVPCEndpoint':
+                    flatDiscovered.sqsVpcEndpointId = physicalId;
+                    break;
+                case 'FriggAuroraCluster':
+                    flatDiscovered.auroraClusterId = physicalId;
+                    if (properties.Endpoint) {
+                        flatDiscovered.auroraClusterEndpoint = properties.Endpoint;
+                    }
+                    if (properties.Port) {
+                        flatDiscovered.auroraClusterPort = properties.Port;
+                        flatDiscovered.auroraPort = properties.Port;
+                    }
+                    if (properties.DBClusterIdentifier) {
+                        flatDiscovered.auroraClusterIdentifier = properties.DBClusterIdentifier;
+                    }
+                    break;
+                case 'FriggKMSKey':
+                    flatDiscovered.defaultKmsKeyId = physicalId;
+                    break;
+                case 'FriggKMSKeyAlias':
+                    flatDiscovered.kmsKeyAlias = physicalId;
+                    if (properties.KeyArn) {
+                        flatDiscovered.defaultKmsKeyId = properties.KeyArn;
+                    }
+                    break;
+                case 'FriggMigrationStatusBucket':
+                    flatDiscovered.migrationStatusBucket = physicalId;
+                    break;
+                case 'DbMigrationQueue':
+                    flatDiscovered.migrationQueueUrl = physicalId;
+                    break;
+            }
+        }
+    }
+
+    /**
+     * Extract discovered resources from CloudFormation stack outputs (legacy)
+     * @private
+     */
+    _extractFromOutputs(outputs, discovered) {
+        const outputMap = outputs.reduce((acc, output) => {
+            acc[output.OutputKey] = output.OutputValue;
+            return acc;
+        }, {});
+
+        // VPC outputs
+        if (outputMap.VpcId) {
+            discovered.defaultVpcId = outputMap.VpcId;
+        }
+
+        if (outputMap.PrivateSubnetIds) {
+            discovered.privateSubnetIds = outputMap.PrivateSubnetIds.split(',').map(id => id.trim());
+        }
+
+        if (outputMap.PublicSubnetId) {
+            discovered.publicSubnetId = outputMap.PublicSubnetId;
+        }
+
+        if (outputMap.SecurityGroupId) {
+            discovered.securityGroupId = outputMap.SecurityGroupId;
+        }
+
+        // KMS outputs
+        if (outputMap.KMS_KEY_ARN) {
+            discovered.defaultKmsKeyId = outputMap.KMS_KEY_ARN;
+        }
+
+        // Database outputs
+        if (outputMap.DatabaseEndpoint) {
+            discovered.databaseEndpoint = outputMap.DatabaseEndpoint;
+        }
+    }
+}
+
+module.exports = CloudFormationDiscoveryV2;

package/infrastructure/domains/shared/cloudformation-discovery.test.js

@@ -48,6 +48,8 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 defaultVpcId: 'vpc-123', // VpcBuilder expects 'defaultVpcId', not 'vpcId'
                 privateSubnetIds: ['subnet-1', 'subnet-2'],
                 publicSubnetId: 'subnet-3',
@@ -69,6 +71,8 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 defaultKmsKeyId: 'arn:aws:kms:us-east-1:123456789:key/abc',
             });
         });
@@ -137,7 +141,10 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 auroraClusterId: 'test-cluster',
+                existingLogicalIds: ['FriggAuroraCluster'],
             });
         });
 
@@ -201,7 +208,10 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 migrationStatusBucket: 'test-migration-bucket',
+                existingLogicalIds: ['FriggMigrationStatusBucket'],
             });
         });
 
@@ -225,7 +235,10 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 migrationQueueUrl: 'https://sqs.us-east-1.amazonaws.com/123456789/test-queue',
+                existingLogicalIds: ['DbMigrationQueue'],
             });
         });
 
@@ -249,7 +262,10 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 natGatewayId: 'nat-0123456789',
+                existingLogicalIds: ['FriggNatGateway'],
             });
         });
 
@@ -273,7 +289,10 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 defaultVpcId: 'vpc-037ec55fe87aec1e7',
+                existingLogicalIds: ['FriggVPC'],
             });
         });
 
@@ -305,10 +324,13 @@ describe('CloudFormationDiscovery', () => {
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
             expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
                 defaultVpcId: 'vpc-123', // VpcBuilder expects 'defaultVpcId'
                 defaultKmsKeyId: 'arn:aws:kms:us-east-1:123456789:key/abc',
                 auroraClusterId: 'test-cluster',
                 natGatewayId: 'nat-123',
+                existingLogicalIds: ['FriggAuroraCluster', 'FriggNatGateway'],
             });
         });
 
@@ -329,7 +351,10 @@ describe('CloudFormationDiscovery', () => {
 
             const result = await cfDiscovery.discoverFromStack('test-stack');
 
-            expect(result).toEqual({});
+            expect(result).toEqual({
+                fromCloudFormationStack: true,
+                stackName: 'test-stack',
+            });
         });
 
         it('should query EC2 for subnets when VPC found but no subnet resources in stack', async () => {

package/infrastructure/domains/shared/types/app-definition.js

@@ -0,0 +1,205 @@
+/**
+ * @fileoverview App definition types
+ *
+ * Defines the structure of the application definition with new ownership-based schema.
+ * This replaces the old 'management' mode system.
+ */
+
+/**
+ * VPC configuration
+ * @typedef {Object} VpcDefinition
+ * @property {boolean} enable - Whether VPC is enabled
+ *
+ * @property {Object} [ownership] - Resource ownership configuration
+ * @property {'stack'|'external'|'auto'} [ownership.vpc] - VPC ownership
+ * @property {'stack'|'external'|'auto'} [ownership.securityGroup] - Security group ownership
+ * @property {'stack'|'external'|'auto'} [ownership.subnets] - Subnets ownership
+ * @property {'stack'|'external'|'auto'} [ownership.natGateway] - NAT gateway ownership
+ * @property {'stack'|'external'|'auto'} [ownership.vpcEndpoints] - VPC endpoints ownership
+ *
+ * @property {Object} [external] - External resource references (required if ownership='external')
+ * @property {string} [external.vpcId] - External VPC ID
+ * @property {string[]} [external.securityGroupIds] - External security group IDs
+ * @property {string[]} [external.subnetIds] - External subnet IDs
+ * @property {string} [external.natGatewayId] - External NAT gateway ID
+ * @property {Object} [external.vpcEndpointIds] - External VPC endpoint IDs
+ * @property {string} [external.vpcEndpointIds.s3] - S3 endpoint ID
+ * @property {string} [external.vpcEndpointIds.dynamodb] - DynamoDB endpoint ID
+ * @property {string} [external.vpcEndpointIds.kms] - KMS endpoint ID
+ * @property {string} [external.vpcEndpointIds.secretsManager] - Secrets Manager endpoint ID
+ * @property {string} [external.vpcEndpointIds.sqs] - SQS endpoint ID
+ *
+ * @property {Object} [config] - Configuration preferences
+ * @property {boolean} [config.selfHeal] - Auto-configure NAT/routes/etc (default: false)
+ * @property {string} [config.cidrBlock] - CIDR block for stack-owned VPC (default: '10.0.0.0/16')
+ * @property {boolean} [config.enableVpcEndpoints] - Enable VPC endpoints (default: true)
+ * @property {Object} [config.natGateway] - NAT Gateway configuration
+ * @property {boolean} [config.natGateway.enable] - Enable NAT Gateway (default: true)
+ */
+
+/**
+ * Aurora PostgreSQL configuration
+ * @typedef {Object} AuroraDefinition
+ * @property {boolean} enable - Whether Aurora is enabled
+ *
+ * @property {Object} [ownership] - Resource ownership configuration
+ * @property {'stack'|'external'|'auto'} [ownership.cluster] - Aurora cluster ownership
+ * @property {'stack'|'external'|'auto'} [ownership.subnetGroup] - DB subnet group ownership
+ * @property {'stack'|'external'|'auto'} [ownership.secret] - Secrets Manager secret ownership
+ *
+ * @property {Object} [external] - External resource references
+ * @property {string} [external.clusterId] - External cluster identifier
+ * @property {string} [external.clusterEndpoint] - External cluster endpoint
+ * @property {number} [external.port] - External cluster port
+ * @property {string} [external.secretArn] - External Secrets Manager ARN
+ *
+ * @property {Object} [config] - Configuration preferences
+ * @property {'aurora-postgresql'|'aurora-mysql'} [config.engine] - Database engine
+ * @property {number} [config.minCapacity] - Min serverless capacity (default: 0.5)
+ * @property {number} [config.maxCapacity] - Max serverless capacity (default: 1)
+ * @property {string} [config.database] - Database name (default: 'frigg')
+ * @property {boolean} [config.publiclyAccessible] - Public access (default: false)
+ * @property {boolean} [config.autoCreateCredentials] - Auto-create credentials in Secrets Manager
+ */
+
+/**
+ * KMS encryption configuration
+ * @typedef {Object} KmsDefinition
+ * @property {boolean} enable - Whether KMS is enabled
+ *
+ * @property {Object} [ownership] - Resource ownership configuration
+ * @property {'stack'|'external'|'auto'} [ownership.key] - KMS key ownership
+ *
+ * @property {Object} [external] - External resource references
+ * @property {string} [external.keyId] - External KMS key ID or ARN
+ * @property {string} [external.keyAlias] - External KMS key alias
+ *
+ * @property {Object} [config] - Configuration preferences
+ * @property {boolean} [config.enableKeyRotation] - Enable automatic key rotation
+ * @property {string} [config.description] - Key description
+ */
+
+/**
+ * SSM Parameter Store configuration
+ * @typedef {Object} SsmDefinition
+ * @property {boolean} enable - Whether SSM is enabled
+ * @property {string[]} [parameterPaths] - Parameter paths to grant access to
+ */
+
+/**
+ * Database migration configuration
+ * @typedef {Object} MigrationDefinition
+ * @property {boolean} enable - Whether migrations are enabled
+ * @property {string} [migrationPath] - Path to migration files
+ */
+
+/**
+ * WebSocket configuration
+ * @typedef {Object} WebsocketDefinition
+ * @property {boolean} enable - Whether WebSocket API is enabled
+ */
+
+/**
+ * Integration configuration
+ * @typedef {Object} IntegrationDefinition
+ * @property {Object} Definition - Integration definition object
+ * @property {string} Definition.name - Integration name
+ */
+
+/**
+ * Complete application definition
+ * @typedef {Object} AppDefinition
+ * @property {string} name - Application name
+ * @property {string} stage - Deployment stage (e.g., 'dev', 'production')
+ * @property {string} provider - Cloud provider (e.g., 'aws')
+ * @property {string} region - AWS region
+ *
+ * @property {VpcDefinition} [vpc] - VPC configuration
+ * @property {Object} [database] - Database configuration
+ * @property {AuroraDefinition} [database.postgres] - PostgreSQL configuration
+ * @property {KmsDefinition} [encryption] - KMS encryption configuration
+ * @property {SsmDefinition} [ssm] - SSM Parameter Store configuration
+ * @property {MigrationDefinition} [migrations] - Database migration configuration
+ * @property {WebsocketDefinition} [websockets] - WebSocket API configuration
+ * @property {IntegrationDefinition[]} [integrations] - Integration definitions
+ *
+ * @property {Object} [environment] - Environment variables
+ */
+
+/**
+ * Validate app definition has required fields
+ * @param {AppDefinition} appDefinition - App definition to validate
+ * @throws {Error} If required fields are missing
+ */
+function validateAppDefinition(appDefinition) {
+    if (!appDefinition) {
+        throw new Error('App definition is required');
+    }
+
+    if (!appDefinition.name) {
+        throw new Error('App definition must have a name');
+    }
+
+    if (!appDefinition.provider) {
+        throw new Error('App definition must have a provider');
+    }
+
+    if (!appDefinition.region) {
+        throw new Error('App definition must have a region');
+    }
+}
+
+/**
+ * Get stack name from app definition
+ * @param {AppDefinition} appDefinition - App definition
+ * @returns {string} Stack name
+ */
+function getStackName(appDefinition) {
+    const stage = appDefinition.stage || 'dev';
+    return `${appDefinition.name}-${stage}`;
+}
+
+/**
+ * Check if VPC is enabled
+ * @param {AppDefinition} appDefinition - App definition
+ * @returns {boolean}
+ */
+function isVpcEnabled(appDefinition) {
+    return appDefinition.vpc?.enable === true;
+}
+
+/**
+ * Check if Aurora is enabled
+ * @param {AppDefinition} appDefinition - App definition
+ * @returns {boolean}
+ */
+function isAuroraEnabled(appDefinition) {
+    return appDefinition.database?.postgres?.enable === true;
+}
+
+/**
+ * Check if KMS is enabled
+ * @param {AppDefinition} appDefinition - App definition
+ * @returns {boolean}
+ */
+function isKmsEnabled(appDefinition) {
+    return appDefinition.encryption?.enable === true;
+}
+
+/**
+ * Check if SSM is enabled
+ * @param {AppDefinition} appDefinition - App definition
+ * @returns {boolean}
+ */
+function isSsmEnabled(appDefinition) {
+    return appDefinition.ssm?.enable === true;
+}
+
+module.exports = {
+    validateAppDefinition,
+    getStackName,
+    isVpcEnabled,
+    isAuroraEnabled,
+    isKmsEnabled,
+    isSsmEnabled
+};