@go-to-k/cdkd 0.102.3 → 0.102.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +227 -132
- package/dist/cli.js.map +1 -1
- package/dist/{deploy-engine-D4t--jpp.js → deploy-engine-DGKtcKF6.js} +38 -26
- package/dist/{deploy-engine-D4t--jpp.js.map → deploy-engine-DGKtcKF6.js.map} +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/package.json +1 -1
|
@@ -7551,31 +7551,43 @@ var IAMRoleProvider = class {
|
|
|
7551
7551
|
if (properties["PermissionsBoundary"]) createParams.PermissionsBoundary = properties["PermissionsBoundary"];
|
|
7552
7552
|
const response = await this.iamClient.send(new CreateRoleCommand(createParams));
|
|
7553
7553
|
this.logger.debug(`Created IAM role: ${roleName}`);
|
|
7554
|
-
|
|
7555
|
-
|
|
7556
|
-
|
|
7557
|
-
|
|
7558
|
-
|
|
7559
|
-
|
|
7560
|
-
|
|
7561
|
-
|
|
7562
|
-
|
|
7563
|
-
|
|
7564
|
-
|
|
7565
|
-
|
|
7566
|
-
|
|
7567
|
-
|
|
7568
|
-
|
|
7569
|
-
|
|
7570
|
-
|
|
7571
|
-
|
|
7572
|
-
|
|
7573
|
-
|
|
7574
|
-
|
|
7575
|
-
|
|
7576
|
-
|
|
7577
|
-
|
|
7578
|
-
|
|
7554
|
+
try {
|
|
7555
|
+
const managedPolicyArns = properties["ManagedPolicyArns"];
|
|
7556
|
+
if (managedPolicyArns && Array.isArray(managedPolicyArns)) for (const policyArn of managedPolicyArns) {
|
|
7557
|
+
await this.iamClient.send(new AttachRolePolicyCommand({
|
|
7558
|
+
RoleName: roleName,
|
|
7559
|
+
PolicyArn: policyArn
|
|
7560
|
+
}));
|
|
7561
|
+
this.logger.debug(`Attached managed policy ${policyArn} to role ${roleName}`);
|
|
7562
|
+
}
|
|
7563
|
+
const policies = properties["Policies"];
|
|
7564
|
+
if (policies && Array.isArray(policies)) for (const policy of policies) {
|
|
7565
|
+
const policyDoc = typeof policy.PolicyDocument === "string" ? policy.PolicyDocument : JSON.stringify(policy.PolicyDocument);
|
|
7566
|
+
await this.iamClient.send(new PutRolePolicyCommand({
|
|
7567
|
+
RoleName: roleName,
|
|
7568
|
+
PolicyName: policy.PolicyName,
|
|
7569
|
+
PolicyDocument: policyDoc
|
|
7570
|
+
}));
|
|
7571
|
+
this.logger.debug(`Added inline policy ${policy.PolicyName} to role ${roleName}`);
|
|
7572
|
+
}
|
|
7573
|
+
const tags = properties["Tags"];
|
|
7574
|
+
if (tags && Array.isArray(tags)) {
|
|
7575
|
+
await this.iamClient.send(new TagRoleCommand({
|
|
7576
|
+
RoleName: roleName,
|
|
7577
|
+
Tags: tags
|
|
7578
|
+
}));
|
|
7579
|
+
this.logger.debug(`Tagged role ${roleName}`);
|
|
7580
|
+
}
|
|
7581
|
+
} catch (innerError) {
|
|
7582
|
+
try {
|
|
7583
|
+
await this.detachAllManagedPolicies(roleName);
|
|
7584
|
+
await this.deleteAllInlinePolicies(roleName);
|
|
7585
|
+
await this.iamClient.send(new DeleteRoleCommand({ RoleName: roleName }));
|
|
7586
|
+
this.logger.debug(`Cleaned up partially-created IAM role ${logicalId} (${roleName}) after wiring failure`);
|
|
7587
|
+
} catch (cleanupError) {
|
|
7588
|
+
this.logger.warn(`Failed to clean up partially-created IAM role ${logicalId} (${roleName}): ${cleanupError instanceof Error ? cleanupError.message : String(cleanupError)}. Manual deletion may be required before the next deploy: detach managed policies (aws iam list-attached-role-policies --role-name ${roleName} then aws iam detach-role-policy --role-name ${roleName} --policy-arn <arn>), delete inline policies (aws iam list-role-policies --role-name ${roleName} then aws iam delete-role-policy --role-name ${roleName} --policy-name <name>), then aws iam delete-role --role-name ${roleName}`);
|
|
7589
|
+
}
|
|
7590
|
+
throw innerError;
|
|
7579
7591
|
}
|
|
7580
7592
|
this.logger.debug(`Successfully created IAM role ${logicalId}: ${roleName}`);
|
|
7581
7593
|
return {
|
|
@@ -9534,4 +9546,4 @@ var DeployEngine = class {
|
|
|
9534
9546
|
|
|
9535
9547
|
//#endregion
|
|
9536
9548
|
export { SynthesisError as $, resolveApp as A, CdkdError as B, AssetPublisher as C, Synthesizer as D, buildDockerImage as E, warnDeprecatedNoPrefixCliFlag as F, PartialFailureError as G, DependencyError as H, AssemblyReader as I, ResourceUpdateNotSupportedError as J, ProvisioningError as K, clearBucketRegionCache as L, resolveSkipPrefix as M, resolveStateBucketWithDefault as N, getDefaultStateBucketName as O, resolveStateBucketWithDefaultAndSource as P, StateError as Q, resolveBucketRegion as R, shouldRetainResource as S, WorkGraph as T, LocalInvokeBuildError as U, ConfigError as V, LockError as W, StackHasActiveImportsError as X, RouteDiscoveryError as Y, StackTerminationProtectionError as Z, DiffCalculator as _, withRetry as a, getLogger as at, LockManager as b, collectInlinePolicyNamesManagedBySiblings as c, getLiveRenderer as ct, normalizeAwsTagsToCfn as d, generateResourceName as dt, formatError as et, resolveExplicitPhysicalId as f, generateResourceNameWithFallback as ft, IntrinsicFunctionResolver as g, assertRegionMatch as h, withResourceDeadline as i, ConsoleLogger as it, resolveCaptureObservedState as j, getLegacyStateBucketName as k, CDK_PATH_TAG as l, PATTERN_B_NAME_PROPERTIES as lt, CloudControlProvider as m, withStackName as mt, DEFAULT_RESOURCE_WARN_AFTER_MS as n, normalizeAwsError as nt, IMPLICIT_DELETE_DEPENDENCIES as o, setLogger as ot, ProviderRegistry as p, withSkipPrefix as pt, ResourceTimeoutError as q, DeployEngine as r, withErrorHandling as rt, IAMRoleProvider as s, runStackBuffered as st, DEFAULT_RESOURCE_TIMEOUT_MS as t, isCdkdError as tt, matchesCdkPath as u, PATTERN_B_RESOURCE_TYPES as ut, DagBuilder as v, stringifyValue as w, S3StateBackend as x, TemplateParser as y, AssetError as z };
|
|
9537
|
-
//# sourceMappingURL=deploy-engine-
|
|
9549
|
+
//# sourceMappingURL=deploy-engine-DGKtcKF6.js.map
|