@friggframework/devtools 2.0.0--canary.490.aa04da7.0 → 2.0.0--canary.490.3374b8f.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/infrastructure/domains/networking/vpc-builder.js +12 -1
  2. package/infrastructure/domains/networking/vpc-resolver.js +0 -8
  3. package/package.json +7 -7
package/infrastructure/domains/networking/vpc-builder.js CHANGED
@@ -1193,6 +1193,17 @@ class VpcBuilder extends InfrastructureBuilder {
1193
1193
  );
1194
1194
 
1195
1195
  if (hasInterfaceEndpoints && !result.resources.FriggVPCEndpointSecurityGroup) {
1196
+ // Determine source security group for ingress rule
1197
+ // If Lambda SG is stack-managed, use CloudFormation Ref
1198
+ // If Lambda SG is external, use the physical ID directly
1199
+ let sourceSgId;
1200
+ if (decisions.securityGroup.ownership === ResourceOwnership.STACK) {
1201
+ sourceSgId = { Ref: 'FriggLambdaSecurityGroup' };
1202
+ } else {
1203
+ // External - use the physical ID
1204
+ sourceSgId = decisions.securityGroup.physicalIds[0];
1205
+ }
1206
+
1196
1207
  result.resources.FriggVPCEndpointSecurityGroup = {
1197
1208
  Type: 'AWS::EC2::SecurityGroup',
1198
1209
  Properties: {
@@ -1203,7 +1214,7 @@ class VpcBuilder extends InfrastructureBuilder {
1203
1214
  IpProtocol: 'tcp',
1204
1215
  FromPort: 443,
1205
1216
  ToPort: 443,
1206
- SourceSecurityGroupId: { Ref: 'FriggLambdaSecurityGroup' }
1217
+ SourceSecurityGroupId: sourceSgId
1207
1218
  }
1208
1219
  ],
1209
1220
  Tags: [
package/infrastructure/domains/networking/vpc-resolver.js CHANGED
@@ -118,17 +118,9 @@ class VpcResourceResolver extends BaseResourceResolver {
118
118
  const structured = discovery._structured || discovery;
119
119
 
120
120
  // When ownership='external', use ONLY the default SG, not the stack-managed lambda SG
121
- // Check for lambdaSecurityGroupId first to avoid using it
122
121
  const lambdaSgId = structured.lambdaSecurityGroupId || discovery.lambdaSecurityGroupId;
123
122
  const defaultSgId = structured.defaultSecurityGroupId || discovery.defaultSecurityGroupId;
124
123
 
125
- // Debug logging to understand what's happening
126
- console.log(` DEBUG: resolveSecurityGroup - ownership='external'`);
127
- console.log(` lambdaSgId: ${lambdaSgId}`);
128
- console.log(` defaultSgId: ${defaultSgId}`);
129
- console.log(` discovery keys: ${Object.keys(discovery).join(', ')}`);
130
- console.log(` structured keys: ${Object.keys(structured).join(', ')}`);
131
-
132
124
  // If we have a default SG AND it's different from the lambda SG, use the default
133
125
  if (defaultSgId && defaultSgId !== lambdaSgId) {
134
126
  return this.createExternalDecision(
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@friggframework/devtools",
3
3
  "prettier": "@friggframework/prettier-config",
4
- "version": "2.0.0--canary.490.aa04da7.0",
4
+ "version": "2.0.0--canary.490.3374b8f.0",
5
5
  "bin": {
6
6
  "frigg": "./frigg-cli/index.js"
7
7
  },
@@ -16,9 +16,9 @@
16
16
  "@babel/eslint-parser": "^7.18.9",
17
17
  "@babel/parser": "^7.25.3",
18
18
  "@babel/traverse": "^7.25.3",
19
- "@friggframework/core": "2.0.0--canary.490.aa04da7.0",
20
- "@friggframework/schemas": "2.0.0--canary.490.aa04da7.0",
21
- "@friggframework/test": "2.0.0--canary.490.aa04da7.0",
19
+ "@friggframework/core": "2.0.0--canary.490.3374b8f.0",
20
+ "@friggframework/schemas": "2.0.0--canary.490.3374b8f.0",
21
+ "@friggframework/test": "2.0.0--canary.490.3374b8f.0",
22
22
  "@hapi/boom": "^10.0.1",
23
23
  "@inquirer/prompts": "^5.3.8",
24
24
  "axios": "^1.7.2",
@@ -46,8 +46,8 @@
46
46
  "validate-npm-package-name": "^5.0.0"
47
47
  },
48
48
  "devDependencies": {
49
- "@friggframework/eslint-config": "2.0.0--canary.490.aa04da7.0",
50
- "@friggframework/prettier-config": "2.0.0--canary.490.aa04da7.0",
49
+ "@friggframework/eslint-config": "2.0.0--canary.490.3374b8f.0",
50
+ "@friggframework/prettier-config": "2.0.0--canary.490.3374b8f.0",
51
51
  "aws-sdk-client-mock": "^4.1.0",
52
52
  "aws-sdk-client-mock-jest": "^4.1.0",
53
53
  "jest": "^30.1.3",
@@ -79,5 +79,5 @@
79
79
  "publishConfig": {
80
80
  "access": "public"
81
81
  },
82
- "gitHead": "aa04da7877661300be820bbe4b08f71984db82c7"
82
+ "gitHead": "3374b8f9b30c6c9d5dad4492ca5dc7d804d1e124"
83
83
  }