@go-to-k/cdkd 0.218.0 → 0.219.0

package/dist/cli.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import { a as setAwsClients, i as resetAwsClients, r as getAwsClients, t as AwsClients } from "./aws-clients-DWUnLza1.js";
-import { $ as CFN_TEMPLATE_URL_LIMIT, A as DagBuilder, B as getDockerCmd, C as CloudControlProvider, D as IntrinsicFunctionResolver, Dt as withErrorHandling, E as isTerminationProtectionPropagationError, Et as normalizeAwsError, F as AssetPublisher, Ft as generateResourceName, G as getLegacyStateBucketName, H as runDockerStreaming, I as stringifyValue, It as generateResourceNameWithFallback, J as resolveSkipPrefix, K as resolveApp, L as WorkGraph, Lt as withSkipPrefix, M as LockManager, Mt as getLiveRenderer, N as S3StateBackend, Nt as PATTERN_B_NAME_PROPERTIES, O as applyRoleArnIfSet, P as shouldRetainResource, Pt as PATTERN_B_RESOURCE_TYPES, Q as CFN_TEMPLATE_BODY_LIMIT, R as buildDockerImage, Rt as withStackName, S as findActionableSilentDrops, T as disableInstanceApiTermination, U as Synthesizer, V as runDockerForeground, W as getDefaultStateBucketName, X as resolveStateBucketWithDefaultAndSource, Y as resolveStateBucketWithDefault, Z as warnDeprecatedNoPrefixCliFlag, _ as CDK_PATH_TAG, _t as ProvisioningError, a as withRetry, at as resolveBucketRegion, b as resolveExplicitPhysicalId, bt as StackHasActiveImportsError, c as formatResourceLine, d as gray, dt as LocalMigrateError, et as MIGRATE_TMP_PREFIX, f as green, ft as LocalStartServiceError, g as collectInlinePolicyNamesManagedBySiblings, gt as PartialFailureError, h as IAMRoleProvider, ht as NestedStackChildDirectDestroyError, i as withResourceDeadline, j as TemplateParser, jt as runStackBuffered, k as DiffCalculator, kt as getLogger, l as bold, m as yellow, mt as MissingCdkCliError, n as DEFAULT_RESOURCE_WARN_AFTER_MS, nt as uploadCfnTemplate, o as isRetryableTransientError, p as red, q as resolveCaptureObservedState, r as DeployEngine, rt as AssemblyReader, s as IMPLICIT_DELETE_DEPENDENCIES, st as CdkdError, t as DEFAULT_RESOURCE_TIMEOUT_MS, tt as findLargeInlineResources, u as cyan, ut as LocalInvokeBuildError$1, v as matchesCdkPath, vt as ResourceTimeoutError, w as assertRegionMatch, x as ProviderRegistry, xt as StackTerminationProtectionError, y as normalizeAwsTagsToCfn, yt as ResourceUpdateNotSupportedError, z as formatDockerLoginError } from "./deploy-engine-DXr1irt9.js";
+import { $ as CFN_TEMPLATE_URL_LIMIT, A as DagBuilder, B as getDockerCmd, C as CloudControlProvider, D as IntrinsicFunctionResolver, Dt as withErrorHandling, E as isTerminationProtectionPropagationError, Et as normalizeAwsError, F as AssetPublisher, Ft as generateResourceName, G as getLegacyStateBucketName, H as runDockerStreaming, I as stringifyValue, It as generateResourceNameWithFallback, J as resolveSkipPrefix, K as resolveApp, L as WorkGraph, Lt as withSkipPrefix, M as LockManager, Mt as getLiveRenderer, N as S3StateBackend, Nt as PATTERN_B_NAME_PROPERTIES, O as applyRoleArnIfSet, P as shouldRetainResource, Pt as PATTERN_B_RESOURCE_TYPES, Q as CFN_TEMPLATE_BODY_LIMIT, R as buildDockerImage, Rt as withStackName, S as findActionableSilentDrops, T as disableInstanceApiTermination, U as Synthesizer, V as runDockerForeground, W as getDefaultStateBucketName, X as resolveStateBucketWithDefaultAndSource, Y as resolveStateBucketWithDefault, Z as warnDeprecatedNoPrefixCliFlag, _ as CDK_PATH_TAG, _t as ProvisioningError, a as withRetry, at as resolveBucketRegion, b as resolveExplicitPhysicalId, bt as StackHasActiveImportsError, c as formatResourceLine, d as gray, dt as LocalMigrateError, et as MIGRATE_TMP_PREFIX, f as green, ft as LocalStartServiceError, g as collectInlinePolicyNamesManagedBySiblings, gt as PartialFailureError, h as IAMRoleProvider, ht as NestedStackChildDirectDestroyError, i as withResourceDeadline, j as TemplateParser, jt as runStackBuffered, k as DiffCalculator, kt as getLogger, l as bold, m as yellow, mt as MissingCdkCliError, n as DEFAULT_RESOURCE_WARN_AFTER_MS, nt as uploadCfnTemplate, o as isRetryableTransientError, p as red, q as resolveCaptureObservedState, r as DeployEngine, rt as AssemblyReader, s as IMPLICIT_DELETE_DEPENDENCIES, st as CdkdError, t as DEFAULT_RESOURCE_TIMEOUT_MS, tt as findLargeInlineResources, u as cyan, ut as LocalInvokeBuildError$1, v as matchesCdkPath, vt as ResourceTimeoutError, w as assertRegionMatch, x as ProviderRegistry, xt as StackTerminationProtectionError, y as normalizeAwsTagsToCfn, yt as ResourceUpdateNotSupportedError, z as formatDockerLoginError } from "./deploy-engine-39cTZ1WD.js";
 import { AsyncLocalStorage } from "node:async_hooks";
 import { randomBytes, randomUUID } from "node:crypto";
 import { CopyObjectCommand, CreateBucketCommand, DeleteBucketAnalyticsConfigurationCommand, DeleteBucketCommand, DeleteBucketCorsCommand, DeleteBucketIntelligentTieringConfigurationCommand, DeleteBucketInventoryConfigurationCommand, DeleteBucketLifecycleCommand, DeleteBucketMetricsConfigurationCommand, DeleteBucketPolicyCommand, DeleteBucketReplicationCommand, DeleteBucketTaggingCommand, DeleteBucketWebsiteCommand, DeleteObjectsCommand, GetBucketAccelerateConfigurationCommand, GetBucketCorsCommand, GetBucketEncryptionCommand, GetBucketLifecycleConfigurationCommand, GetBucketLocationCommand, GetBucketLoggingCommand, GetBucketNotificationConfigurationCommand, GetBucketPolicyCommand, GetBucketReplicationCommand, GetBucketTaggingCommand, GetBucketVersioningCommand, GetBucketWebsiteCommand, GetObjectCommand, GetObjectLockConfigurationCommand, GetPublicAccessBlockCommand, HeadBucketCommand, ListBucketAnalyticsConfigurationsCommand, ListBucketIntelligentTieringConfigurationsCommand, ListBucketInventoryConfigurationsCommand, ListBucketMetricsConfigurationsCommand, ListBucketsCommand, ListDirectoryBucketsCommand, ListObjectVersionsCommand, ListObjectsV2Command, NoSuchBucket, PutBucketAccelerateConfigurationCommand, PutBucketAnalyticsConfigurationCommand, PutBucketCorsCommand, PutBucketEncryptionCommand, PutBucketIntelligentTieringConfigurationCommand, PutBucketInventoryConfigurationCommand, PutBucketLifecycleConfigurationCommand, PutBucketLoggingCommand, PutBucketMetricsConfigurationCommand, PutBucketNotificationConfigurationCommand, PutBucketOwnershipControlsCommand, PutBucketPolicyCommand, PutBucketReplicationCommand, PutBucketTaggingCommand, PutBucketVersioningCommand, PutBucketWebsiteCommand, PutObjectCommand, PutObjectLockConfigurationCommand, PutPublicAccessBlockCommand, S3Client, S3ServiceException } from "@aws-sdk/client-s3";
@@ -20267,7 +20267,13 @@ var RDSProvider = class {
 			"BackupRetentionPeriod",
 			"DeletionProtection",
 			"ServerlessV2ScalingConfiguration",
-			"Tags"
+			"Tags",
+			"ManageMasterUserPassword",
+			"MasterUserSecret",
+			"MonitoringRoleArn",
+			"MonitoringInterval",
+			"EnableIAMDatabaseAuthentication",
+			"PubliclyAccessible"
 		])],
 		["AWS::RDS::DBInstance", new Set([
 			"DBInstanceIdentifier",
@@ -20284,7 +20290,13 @@ var RDSProvider = class {
 			"MasterUserPassword",
 			"Port",
 			"StorageEncrypted",
-			"VPCSecurityGroups"
+			"VPCSecurityGroups",
+			"KmsKeyId",
+			"MasterUserSecret",
+			"ManageMasterUserPassword",
+			"MonitoringRoleArn",
+			"MonitoringInterval",
+			"EnableIAMDatabaseAuthentication"
 		])]
 	]);
 	unhandledByDesign = new Map([["AWS::RDS::DBCluster", new Map([["DeleteAutomatedBackups", "cdkd hardcodes SkipFinalSnapshot=true on destroy; this CFn lifecycle flag has no equivalent on the runtime path"]])], ["AWS::RDS::DBInstance", new Map([
@@ -20392,6 +20404,7 @@ var RDSProvider = class {
 		try {
 			const tags = this.buildTags(properties);
 			const serverlessV2Config = properties["ServerlessV2ScalingConfiguration"];
+			const masterUserSecret = properties["MasterUserSecret"];
 			if (!(await this.getClient().send(new CreateDBClusterCommand({
 				DBClusterIdentifier: dbClusterIdentifier,
 				Engine: properties["Engine"],
@@ -20406,6 +20419,12 @@ var RDSProvider = class {
 				KmsKeyId: properties["KmsKeyId"],
 				BackupRetentionPeriod: properties["BackupRetentionPeriod"] != null ? Number(properties["BackupRetentionPeriod"]) : void 0,
 				DeletionProtection: properties["DeletionProtection"],
+				...properties["ManageMasterUserPassword"] !== void 0 && { ManageMasterUserPassword: properties["ManageMasterUserPassword"] },
+				...masterUserSecret?.KmsKeyId !== void 0 && { MasterUserSecretKmsKeyId: masterUserSecret.KmsKeyId },
+				...properties["MonitoringRoleArn"] !== void 0 && { MonitoringRoleArn: properties["MonitoringRoleArn"] },
+				...properties["MonitoringInterval"] !== void 0 && { MonitoringInterval: Number(properties["MonitoringInterval"]) },
+				...properties["EnableIAMDatabaseAuthentication"] !== void 0 && { EnableIAMDatabaseAuthentication: properties["EnableIAMDatabaseAuthentication"] },
+				...properties["PubliclyAccessible"] !== void 0 && { PubliclyAccessible: properties["PubliclyAccessible"] },
 				...serverlessV2Config && { ServerlessV2ScalingConfiguration: {
 					MinCapacity: serverlessV2Config.MinCapacity,
 					MaxCapacity: serverlessV2Config.MaxCapacity
@@ -20461,6 +20480,7 @@ var RDSProvider = class {
 			const hasServerlessV2 = serverlessV2Config !== void 0 && (serverlessV2Config.MinCapacity !== void 0 || serverlessV2Config.MaxCapacity !== void 0);
 			const vpcSgIds = properties["VpcSecurityGroupIds"];
 			const sendVpcSgIds = vpcSgIds !== void 0 && vpcSgIds.length > 0;
+			const masterUserSecret = properties["MasterUserSecret"];
 			await this.getClient().send(new ModifyDBClusterCommand({
 				DBClusterIdentifier: physicalId,
 				EngineVersion: properties["EngineVersion"],
@@ -20469,6 +20489,11 @@ var RDSProvider = class {
 				...sendVpcSgIds && { VpcSecurityGroupIds: vpcSgIds },
 				MasterUserPassword: properties["MasterUserPassword"],
 				Port: properties["Port"] != null ? Number(properties["Port"]) : void 0,
+				...properties["ManageMasterUserPassword"] !== void 0 && { ManageMasterUserPassword: properties["ManageMasterUserPassword"] },
+				...masterUserSecret?.KmsKeyId !== void 0 && { MasterUserSecretKmsKeyId: masterUserSecret.KmsKeyId },
+				...properties["MonitoringRoleArn"] !== void 0 && { MonitoringRoleArn: properties["MonitoringRoleArn"] },
+				...properties["MonitoringInterval"] !== void 0 && { MonitoringInterval: Number(properties["MonitoringInterval"]) },
+				...properties["EnableIAMDatabaseAuthentication"] !== void 0 && { EnableIAMDatabaseAuthentication: properties["EnableIAMDatabaseAuthentication"] },
 				...hasServerlessV2 && { ServerlessV2ScalingConfiguration: {
 					MinCapacity: serverlessV2Config.MinCapacity,
 					MaxCapacity: serverlessV2Config.MaxCapacity
@@ -20531,6 +20556,7 @@ var RDSProvider = class {
 		});
 		try {
 			const tags = this.buildTags(properties);
+			const masterUserSecret = properties["MasterUserSecret"];
 			if (!(await this.getClient().send(new CreateDBInstanceCommand({
 				DBInstanceIdentifier: dbInstanceIdentifier,
 				DBInstanceClass: properties["DBInstanceClass"],
@@ -20546,6 +20572,12 @@ var RDSProvider = class {
 				...properties["MasterUserPassword"] !== void 0 && { MasterUserPassword: properties["MasterUserPassword"] },
 				...properties["StorageEncrypted"] !== void 0 && { StorageEncrypted: properties["StorageEncrypted"] },
 				...properties["VPCSecurityGroups"] !== void 0 && { VpcSecurityGroupIds: properties["VPCSecurityGroups"] },
+				...properties["KmsKeyId"] !== void 0 && { KmsKeyId: properties["KmsKeyId"] },
+				...masterUserSecret?.KmsKeyId !== void 0 && { MasterUserSecretKmsKeyId: masterUserSecret.KmsKeyId },
+				...properties["ManageMasterUserPassword"] !== void 0 && { ManageMasterUserPassword: properties["ManageMasterUserPassword"] },
+				...properties["MonitoringRoleArn"] !== void 0 && { MonitoringRoleArn: properties["MonitoringRoleArn"] },
+				...properties["MonitoringInterval"] !== void 0 && { MonitoringInterval: Number(properties["MonitoringInterval"]) },
+				...properties["EnableIAMDatabaseAuthentication"] !== void 0 && { EnableIAMDatabaseAuthentication: properties["EnableIAMDatabaseAuthentication"] },
 				...tags.length > 0 && { Tags: tags }
 			}))).DBInstance) throw new Error("CreateDBInstance did not return DBInstance");
 			this.logger.debug(`Successfully created DBInstance ${logicalId}: ${dbInstanceIdentifier}`);
@@ -20571,6 +20603,7 @@ var RDSProvider = class {
 			const newEngineVersion = properties["EngineVersion"];
 			const prevEngineVersion = previousProperties["EngineVersion"];
 			const allowMajorVersionUpgrade = newEngineVersion !== void 0 && newEngineVersion !== prevEngineVersion && prevEngineVersion !== void 0 && newEngineVersion.split(".")[0] !== prevEngineVersion.split(".")[0];
+			const masterUserSecret = properties["MasterUserSecret"];
 			await this.getClient().send(new ModifyDBInstanceCommand({
 				DBInstanceIdentifier: physicalId,
 				DBInstanceClass: properties["DBInstanceClass"],
@@ -20584,7 +20617,12 @@ var RDSProvider = class {
 				},
 				...properties["Port"] !== void 0 && { DBPortNumber: Number(properties["Port"]) },
 				...properties["MasterUserPassword"] !== void 0 && { MasterUserPassword: properties["MasterUserPassword"] },
-				...properties["VPCSecurityGroups"] !== void 0 && { VpcSecurityGroupIds: properties["VPCSecurityGroups"] }
+				...properties["VPCSecurityGroups"] !== void 0 && { VpcSecurityGroupIds: properties["VPCSecurityGroups"] },
+				...masterUserSecret?.KmsKeyId !== void 0 && { MasterUserSecretKmsKeyId: masterUserSecret.KmsKeyId },
+				...properties["ManageMasterUserPassword"] !== void 0 && { ManageMasterUserPassword: properties["ManageMasterUserPassword"] },
+				...properties["MonitoringRoleArn"] !== void 0 && { MonitoringRoleArn: properties["MonitoringRoleArn"] },
+				...properties["MonitoringInterval"] !== void 0 && { MonitoringInterval: Number(properties["MonitoringInterval"]) },
+				...properties["EnableIAMDatabaseAuthentication"] !== void 0 && { EnableIAMDatabaseAuthentication: properties["EnableIAMDatabaseAuthentication"] }
 			}));
 			this.logger.debug(`Successfully updated DBInstance ${logicalId}`);
 			const described = await this.describeDBInstance(physicalId);
@@ -20825,6 +20863,11 @@ var RDSProvider = class {
 		if (inst.StorageEncrypted !== void 0) result["StorageEncrypted"] = inst.StorageEncrypted;
 		const sgIds = (inst.VpcSecurityGroups ?? []).map((sg) => sg.VpcSecurityGroupId).filter((id) => !!id);
 		if (sgIds.length > 0) result["VPCSecurityGroups"] = sgIds;
+		if (inst.KmsKeyId !== void 0) result["KmsKeyId"] = inst.KmsKeyId;
+		if (inst.MonitoringRoleArn !== void 0) result["MonitoringRoleArn"] = inst.MonitoringRoleArn;
+		if (inst.MonitoringInterval !== void 0) result["MonitoringInterval"] = inst.MonitoringInterval;
+		if (inst.IAMDatabaseAuthenticationEnabled !== void 0) result["EnableIAMDatabaseAuthentication"] = inst.IAMDatabaseAuthenticationEnabled;
+		if (inst.MasterUserSecret?.KmsKeyId !== void 0) result["MasterUserSecret"] = { KmsKeyId: inst.MasterUserSecret.KmsKeyId };
 		if (inst.DBInstanceArn) await this.attachTags(result, inst.DBInstanceArn);
 		return result;
 	}
@@ -20850,6 +20893,11 @@ var RDSProvider = class {
 		if (cluster.KmsKeyId !== void 0) result["KmsKeyId"] = cluster.KmsKeyId;
 		if (cluster.BackupRetentionPeriod !== void 0) result["BackupRetentionPeriod"] = cluster.BackupRetentionPeriod;
 		if (cluster.DeletionProtection !== void 0) result["DeletionProtection"] = cluster.DeletionProtection;
+		if (cluster.MonitoringRoleArn !== void 0) result["MonitoringRoleArn"] = cluster.MonitoringRoleArn;
+		if (cluster.MonitoringInterval !== void 0) result["MonitoringInterval"] = cluster.MonitoringInterval;
+		if (cluster.IAMDatabaseAuthenticationEnabled !== void 0) result["EnableIAMDatabaseAuthentication"] = cluster.IAMDatabaseAuthenticationEnabled;
+		if (cluster.PubliclyAccessible !== void 0) result["PubliclyAccessible"] = cluster.PubliclyAccessible;
+		if (cluster.MasterUserSecret?.KmsKeyId !== void 0) result["MasterUserSecret"] = { KmsKeyId: cluster.MasterUserSecret.KmsKeyId };
 		if (cluster.ServerlessV2ScalingConfiguration?.MinCapacity !== void 0 || cluster.ServerlessV2ScalingConfiguration?.MaxCapacity !== void 0) {
 			const sc = {};
 			if (cluster.ServerlessV2ScalingConfiguration?.MinCapacity !== void 0) sc["MinCapacity"] = cluster.ServerlessV2ScalingConfiguration.MinCapacity;
@@ -53474,7 +53522,7 @@ function reorderArgs(argv) {
 async function main() {
 	installPipeCloseHandler();
 	const program = new Command();
-	program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.218.0");
+	program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.219.0");
 	program.addCommand(createBootstrapCommand());
 	program.addCommand(createSynthCommand());
 	program.addCommand(createListCommand());