@gammarers/aws-secure-bucket 2.1.7 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +23 -5
- package/API.md +11 -0
- package/lib/index.d.ts +1 -0
- package/lib/index.js +28 -4
- package/package.json +1 -1
package/.jsii
CHANGED
|
@@ -3508,7 +3508,7 @@
|
|
|
3508
3508
|
},
|
|
3509
3509
|
"locationInModule": {
|
|
3510
3510
|
"filename": "src/index.ts",
|
|
3511
|
-
"line":
|
|
3511
|
+
"line": 18
|
|
3512
3512
|
},
|
|
3513
3513
|
"parameters": [
|
|
3514
3514
|
{
|
|
@@ -3535,7 +3535,7 @@
|
|
|
3535
3535
|
"kind": "class",
|
|
3536
3536
|
"locationInModule": {
|
|
3537
3537
|
"filename": "src/index.ts",
|
|
3538
|
-
"line":
|
|
3538
|
+
"line": 17
|
|
3539
3539
|
},
|
|
3540
3540
|
"name": "SecureBucket",
|
|
3541
3541
|
"symbolId": "src/index:SecureBucket"
|
|
@@ -3556,12 +3556,30 @@
|
|
|
3556
3556
|
"kind": "interface",
|
|
3557
3557
|
"locationInModule": {
|
|
3558
3558
|
"filename": "src/index.ts",
|
|
3559
|
-
"line":
|
|
3559
|
+
"line": 13
|
|
3560
3560
|
},
|
|
3561
3561
|
"name": "SecureBucketProps",
|
|
3562
|
+
"properties": [
|
|
3563
|
+
{
|
|
3564
|
+
"abstract": true,
|
|
3565
|
+
"docs": {
|
|
3566
|
+
"stability": "stable"
|
|
3567
|
+
},
|
|
3568
|
+
"immutable": true,
|
|
3569
|
+
"locationInModule": {
|
|
3570
|
+
"filename": "src/index.ts",
|
|
3571
|
+
"line": 14
|
|
3572
|
+
},
|
|
3573
|
+
"name": "isPipelineArtifactBucket",
|
|
3574
|
+
"optional": true,
|
|
3575
|
+
"type": {
|
|
3576
|
+
"primitive": "boolean"
|
|
3577
|
+
}
|
|
3578
|
+
}
|
|
3579
|
+
],
|
|
3562
3580
|
"symbolId": "src/index:SecureBucketProps"
|
|
3563
3581
|
}
|
|
3564
3582
|
},
|
|
3565
|
-
"version": "2.
|
|
3566
|
-
"fingerprint": "
|
|
3583
|
+
"version": "2.2.0",
|
|
3584
|
+
"fingerprint": "zm1SyHlhMNc5EgJoMVaWflS2/ztT7ENwr2nMobR8No8="
|
|
3567
3585
|
}
|
package/API.md
CHANGED
|
@@ -1163,6 +1163,7 @@ const secureBucketProps: SecureBucketProps = { ... }
|
|
|
1163
1163
|
| <code><a href="#@gammarers/aws-secure-bucket.SecureBucketProps.property.websiteIndexDocument">websiteIndexDocument</a></code> | <code>string</code> | The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket. |
|
|
1164
1164
|
| <code><a href="#@gammarers/aws-secure-bucket.SecureBucketProps.property.websiteRedirect">websiteRedirect</a></code> | <code>aws-cdk-lib.aws_s3.RedirectTarget</code> | Specifies the redirect behavior of all requests to a website endpoint of a bucket. |
|
|
1165
1165
|
| <code><a href="#@gammarers/aws-secure-bucket.SecureBucketProps.property.websiteRoutingRules">websiteRoutingRules</a></code> | <code>aws-cdk-lib.aws_s3.RoutingRule[]</code> | Rules that define when a redirect is applied and the redirect behavior. |
|
|
1166
|
+
| <code><a href="#@gammarers/aws-secure-bucket.SecureBucketProps.property.isPipelineArtifactBucket">isPipelineArtifactBucket</a></code> | <code>boolean</code> | *No description.* |
|
|
1166
1167
|
|
|
1167
1168
|
---
|
|
1168
1169
|
|
|
@@ -1584,5 +1585,15 @@ Rules that define when a redirect is applied and the redirect behavior.
|
|
|
1584
1585
|
|
|
1585
1586
|
---
|
|
1586
1587
|
|
|
1588
|
+
##### `isPipelineArtifactBucket`<sup>Optional</sup> <a name="isPipelineArtifactBucket" id="@gammarers/aws-secure-bucket.SecureBucketProps.property.isPipelineArtifactBucket"></a>
|
|
1589
|
+
|
|
1590
|
+
```typescript
|
|
1591
|
+
public readonly isPipelineArtifactBucket: boolean;
|
|
1592
|
+
```
|
|
1593
|
+
|
|
1594
|
+
- *Type:* boolean
|
|
1595
|
+
|
|
1596
|
+
---
|
|
1597
|
+
|
|
1587
1598
|
|
|
1588
1599
|
|
package/lib/index.d.ts
CHANGED
|
@@ -7,6 +7,7 @@ import { Construct } from 'constructs';
|
|
|
7
7
|
* export interface CodePipelineStateChangeDetectionEventRuleProps extends Omit<s3.BucketProps, 'publicReadAccess'> {}
|
|
8
8
|
*/
|
|
9
9
|
export interface SecureBucketProps extends s3.BucketProps {
|
|
10
|
+
readonly isPipelineArtifactBucket?: boolean;
|
|
10
11
|
}
|
|
11
12
|
export declare class SecureBucket extends s3.Bucket {
|
|
12
13
|
constructor(scope: Construct, id: string, props?: SecureBucketProps);
|
package/lib/index.js
CHANGED
|
@@ -3,13 +3,14 @@ var _a;
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
4
|
exports.SecureBucket = void 0;
|
|
5
5
|
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
|
|
6
|
-
const
|
|
6
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
7
|
+
const iam = require("aws-cdk-lib/aws-iam");
|
|
7
8
|
const s3 = require("aws-cdk-lib/aws-s3");
|
|
8
9
|
class SecureBucket extends s3.Bucket {
|
|
9
10
|
constructor(scope, id, props) {
|
|
10
11
|
super(scope, id, {
|
|
11
12
|
...props,
|
|
12
|
-
removalPolicy:
|
|
13
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN,
|
|
13
14
|
encryption: props?.encryption || s3.BucketEncryption.KMS_MANAGED,
|
|
14
15
|
accessControl: (() => {
|
|
15
16
|
if (!props?.accessControl) {
|
|
@@ -34,9 +35,32 @@ class SecureBucket extends s3.Bucket {
|
|
|
34
35
|
if (props?.eventBridgeEnabled === true) {
|
|
35
36
|
cfnBucket.addPropertyOverride('NotificationConfiguration.EventBridgeConfiguration.EventBridgeEnabled', true);
|
|
36
37
|
}
|
|
38
|
+
// 👇 Get account & region
|
|
39
|
+
const account = aws_cdk_lib_1.Stack.of(this).account;
|
|
40
|
+
const region = aws_cdk_lib_1.Stack.of(this).region;
|
|
41
|
+
if (props?.isPipelineArtifactBucket) {
|
|
42
|
+
// 👇 Get qualifier
|
|
43
|
+
// const qualifier = Stack.of(this).synthesizer.bootstrapQualifier || defaultQualifier;
|
|
44
|
+
const qualifier = aws_cdk_lib_1.Stack.of(this).synthesizer.bootstrapQualifier;
|
|
45
|
+
// add resource policy when custom qualifier
|
|
46
|
+
if (qualifier && (qualifier != aws_cdk_lib_1.DefaultStackSynthesizer.DEFAULT_QUALIFIER)) {
|
|
47
|
+
this.addToResourcePolicy(new iam.PolicyStatement({
|
|
48
|
+
actions: [
|
|
49
|
+
's3:*',
|
|
50
|
+
],
|
|
51
|
+
resources: [
|
|
52
|
+
`${this.bucketArn}`,
|
|
53
|
+
`${this.bucketArn}/*`,
|
|
54
|
+
],
|
|
55
|
+
principals: [
|
|
56
|
+
new iam.ArnPrincipal(`arn:aws:iam::${account}:role/cdk-${qualifier}-deploy-role-${account}-${region}`),
|
|
57
|
+
],
|
|
58
|
+
}));
|
|
59
|
+
}
|
|
60
|
+
}
|
|
37
61
|
}
|
|
38
62
|
}
|
|
39
63
|
exports.SecureBucket = SecureBucket;
|
|
40
64
|
_a = JSII_RTTI_SYMBOL_1;
|
|
41
|
-
SecureBucket[_a] = { fqn: "@gammarers/aws-secure-bucket.SecureBucket", version: "2.
|
|
42
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
65
|
+
SecureBucket[_a] = { fqn: "@gammarers/aws-secure-bucket.SecureBucket", version: "2.2.0" };
|
|
66
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw2Q0FBNEU7QUFDNUUsMkNBQTJDO0FBQzNDLHlDQUF5QztBQWN6QyxNQUFhLFlBQWEsU0FBUSxFQUFFLENBQUMsTUFBTTtJQUN6QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQXlCO1FBQ2pFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsR0FBRyxLQUFLO1lBQ1IsYUFBYSxFQUFFLDJCQUFhLENBQUMsTUFBTTtZQUNuQyxVQUFVLEVBQUUsS0FBSyxFQUFFLFVBQVUsSUFBSSxFQUFFLENBQUMsZ0JBQWdCLENBQUMsV0FBVztZQUNoRSxhQUFhLEVBQUUsQ0FBQyxHQUFHLEVBQUU7Z0JBQ25CLElBQUksQ0FBQyxLQUFLLEVBQUUsYUFBYSxFQUFFLENBQUM7b0JBQzFCLE9BQU8sRUFBRSxDQUFDLG1CQUFtQixDQUFDLE9BQU8sQ0FBQztnQkFDeEMsQ0FBQztnQkFDRCxPQUFPLEtBQUssQ0FBQyxhQUFhLENBQUM7WUFDN0IsQ0FBQyxDQUFDLEVBQUU7WUFDSixrQkFBa0IsRUFBRSxTQUFTO1lBQzdCLGdCQUFnQixFQUFFLEtBQUs7WUFDdkIsaUJBQWlCLEVBQUUsRUFBRSxDQUFDLGlCQUFpQixDQUFDLFNBQVM7WUFDakQsVUFBVSxFQUFFLElBQUk7WUFDaEIsU0FBUyxFQUFFLEtBQUssRUFBRSxTQUFTLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxJQUFJO1lBQ2xFLGVBQWUsRUFBRSxDQUFDLEdBQUcsRUFBRTtnQkFDckIsSUFBSSxLQUFLLEVBQUUsZUFBZSxFQUFFLENBQUM7b0JBQzNCLE9BQU8sS0FBSyxDQUFDLGVBQWUsQ0FBQztnQkFDL0IsQ0FBQztnQkFDRCxPQUFPLEVBQUUsQ0FBQyxlQUFlLENBQUMscUJBQXFCLENBQUM7WUFDbEQsQ0FBQyxDQUFDLEVBQUU7U0FDTCxDQUFDLENBQUM7UUFFSCxnQkFBZ0I7UUFDaEIsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUE0QixDQUFDO1FBQ3pELElBQUksS0FBSyxFQUFFLGtCQUFrQixLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3ZDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyx1RUFBdUUsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUMvRyxDQUFDO1FBRUQsMEJBQTBCO1FBQzFCLE1BQU0sT0FBTyxHQUFHLG1CQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN2QyxNQUFNLE1BQU0sR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLENBQUM7UUFFckMsSUFBSSxLQUFLLEVBQUUsd0JBQXdCLEVBQUUsQ0FBQztZQUVwQyxtQkFBbUI7WUFDbkIsdUZBQXVGO1lBQ3ZGLE1BQU0sU0FBUyxHQUFHLG1CQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLFdBQVcsQ0FBQyxrQkFBa0IsQ0FBQztZQUVoRSw0Q0FBNEM7WUFDNUMsSUFBSSxTQUFTLElBQUksQ0FBQyxTQUFTLElBQUkscUNBQXVCLENBQUMsaUJBQWlCLENBQUMsRUFBRSxDQUFDO2dCQUUxRSxJQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO29CQUMvQyxPQUFPLEVBQUU7d0JBQ1AsTUFBTTtxQkFDUDtvQkFDRCxTQUFTLEVBQUU7d0JBQ1QsR0FBRyxJQUFJLENBQUMsU0FBUyxFQUFFO3dCQUNuQixHQUFHLElBQUksQ0FBQyxTQUFTLElBQUk7cUJBQ3RCO29CQUNELFVBQVUsRUFBRTt3QkFDVixJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsZ0JBQWdCLE9BQU8sYUFBYSxTQUFTLGdCQUFnQixPQUFPLElBQUksTUFBTSxFQUFFLENBQUM7cUJBQ3ZHO2lCQUNGLENBQUMsQ0FBQyxDQUFDO1lBQ04sQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDOztBQTFESCxvQ0EyREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBEZWZhdWx0U3RhY2tTeW50aGVzaXplciwgUmVtb3ZhbFBvbGljeSwgU3RhY2sgfSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgKiBhcyBpYW0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWlhbSc7XG5pbXBvcnQgKiBhcyBzMyBmcm9tICdhd3MtY2RrLWxpYi9hd3MtczMnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5cbi8qKlxuICogQFRPRE86IE5vdCB5ZXQgc3VwcG9ydGVkXG4gKiBodHRwczovL2dpdGh1Yi5jb20vYXdzL2pzaWkvaXNzdWVzLzQ0NjhcbiAqIHR5cGUgb21pdEtleXMgPSAncHVibGljUmVhZEFjY2Vzc3xlbmZvcmNlU1NMfGJsb2NrUHVibGljQWNjZXNzJztcbiAqIGV4cG9ydCBpbnRlcmZhY2UgQ29kZVBpcGVsaW5lU3RhdGVDaGFuZ2VEZXRlY3Rpb25FdmVudFJ1bGVQcm9wcyBleHRlbmRzIE9taXQ8czMuQnVja2V0UHJvcHMsICdwdWJsaWNSZWFkQWNjZXNzJz4ge31cbiAqL1xuXG5leHBvcnQgaW50ZXJmYWNlIFNlY3VyZUJ1Y2tldFByb3BzIGV4dGVuZHMgczMuQnVja2V0UHJvcHMge1xuICByZWFkb25seSBpc1BpcGVsaW5lQXJ0aWZhY3RCdWNrZXQ/OiBib29sZWFuO1xufVxuXG5leHBvcnQgY2xhc3MgU2VjdXJlQnVja2V0IGV4dGVuZHMgczMuQnVja2V0IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBTZWN1cmVCdWNrZXRQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LlJFVEFJTixcbiAgICAgIGVuY3J5cHRpb246IHByb3BzPy5lbmNyeXB0aW9uIHx8IHMzLkJ1Y2tldEVuY3J5cHRpb24uS01TX01BTkFHRUQsXG4gICAgICBhY2Nlc3NDb250cm9sOiAoKCkgPT4ge1xuICAgICAgICBpZiAoIXByb3BzPy5hY2Nlc3NDb250cm9sKSB7XG4gICAgICAgICAgcmV0dXJuIHMzLkJ1Y2tldEFjY2Vzc0NvbnRyb2wuUFJJVkFURTtcbiAgICAgICAgfVxuICAgICAgICByZXR1cm4gcHJvcHMuYWNjZXNzQ29udHJvbDtcbiAgICAgIH0pKCksXG4gICAgICBldmVudEJyaWRnZUVuYWJsZWQ6IHVuZGVmaW5lZCxcbiAgICAgIHB1YmxpY1JlYWRBY2Nlc3M6IGZhbHNlLFxuICAgICAgYmxvY2tQdWJsaWNBY2Nlc3M6IHMzLkJsb2NrUHVibGljQWNjZXNzLkJMT0NLX0FMTCxcbiAgICAgIGVuZm9yY2VTU0w6IHRydWUsXG4gICAgICB2ZXJzaW9uZWQ6IHByb3BzPy52ZXJzaW9uZWQgIT09IHVuZGVmaW5lZCA/IHByb3BzLnZlcnNpb25lZCA6IHRydWUsXG4gICAgICBvYmplY3RPd25lcnNoaXA6ICgoKSA9PiB7XG4gICAgICAgIGlmIChwcm9wcz8ub2JqZWN0T3duZXJzaGlwKSB7XG4gICAgICAgICAgcmV0dXJuIHByb3BzLm9iamVjdE93bmVyc2hpcDtcbiAgICAgICAgfVxuICAgICAgICByZXR1cm4gczMuT2JqZWN0T3duZXJzaGlwLkJVQ0tFVF9PV05FUl9FTkZPUkNFRDtcbiAgICAgIH0pKCksXG4gICAgfSk7XG5cbiAgICAvLyBHZXQgQ2ZuQnVja2V0XG4gICAgY29uc3QgY2ZuQnVja2V0ID0gdGhpcy5ub2RlLmRlZmF1bHRDaGlsZCBhcyBzMy5DZm5CdWNrZXQ7XG4gICAgaWYgKHByb3BzPy5ldmVudEJyaWRnZUVuYWJsZWQgPT09IHRydWUpIHtcbiAgICAgIGNmbkJ1Y2tldC5hZGRQcm9wZXJ0eU92ZXJyaWRlKCdOb3RpZmljYXRpb25Db25maWd1cmF0aW9uLkV2ZW50QnJpZGdlQ29uZmlndXJhdGlvbi5FdmVudEJyaWRnZUVuYWJsZWQnLCB0cnVlKTtcbiAgICB9XG5cbiAgICAvLyDwn5GHIEdldCBhY2NvdW50ICYgcmVnaW9uXG4gICAgY29uc3QgYWNjb3VudCA9IFN0YWNrLm9mKHRoaXMpLmFjY291bnQ7XG4gICAgY29uc3QgcmVnaW9uID0gU3RhY2sub2YodGhpcykucmVnaW9uO1xuXG4gICAgaWYgKHByb3BzPy5pc1BpcGVsaW5lQXJ0aWZhY3RCdWNrZXQpIHtcblxuICAgICAgLy8g8J+RhyBHZXQgcXVhbGlmaWVyXG4gICAgICAvLyBjb25zdCBxdWFsaWZpZXIgPSBTdGFjay5vZih0aGlzKS5zeW50aGVzaXplci5ib290c3RyYXBRdWFsaWZpZXIgfHwgZGVmYXVsdFF1YWxpZmllcjtcbiAgICAgIGNvbnN0IHF1YWxpZmllciA9IFN0YWNrLm9mKHRoaXMpLnN5bnRoZXNpemVyLmJvb3RzdHJhcFF1YWxpZmllcjtcblxuICAgICAgLy8gYWRkIHJlc291cmNlIHBvbGljeSB3aGVuIGN1c3RvbSBxdWFsaWZpZXJcbiAgICAgIGlmIChxdWFsaWZpZXIgJiYgKHF1YWxpZmllciAhPSBEZWZhdWx0U3RhY2tTeW50aGVzaXplci5ERUZBVUxUX1FVQUxJRklFUikpIHtcblxuICAgICAgICB0aGlzLmFkZFRvUmVzb3VyY2VQb2xpY3kobmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAgIGFjdGlvbnM6IFtcbiAgICAgICAgICAgICdzMzoqJyxcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogW1xuICAgICAgICAgICAgYCR7dGhpcy5idWNrZXRBcm59YCxcbiAgICAgICAgICAgIGAke3RoaXMuYnVja2V0QXJufS8qYCxcbiAgICAgICAgICBdLFxuICAgICAgICAgIHByaW5jaXBhbHM6IFtcbiAgICAgICAgICAgIG5ldyBpYW0uQXJuUHJpbmNpcGFsKGBhcm46YXdzOmlhbTo6JHthY2NvdW50fTpyb2xlL2Nkay0ke3F1YWxpZmllcn0tZGVwbG95LXJvbGUtJHthY2NvdW50fS0ke3JlZ2lvbn1gKSxcbiAgICAgICAgICBdLFxuICAgICAgICB9KSk7XG4gICAgICB9XG4gICAgfVxuICB9XG59Il19
|