@go-to-k/cdkd 0.50.10 → 0.50.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +319 -167
- package/dist/cli.js.map +2 -2
- package/dist/go-to-k-cdkd-0.50.12.tgz +0 -0
- package/package.json +5 -2
- package/dist/go-to-k-cdkd-0.50.10.tgz +0 -0
package/dist/cli.js
CHANGED
|
@@ -13838,7 +13838,7 @@ var SNSSubscriptionProvider = class {
|
|
|
13838
13838
|
try {
|
|
13839
13839
|
const attributes = {};
|
|
13840
13840
|
const filterPolicy = properties["FilterPolicy"];
|
|
13841
|
-
if (filterPolicy) {
|
|
13841
|
+
if (filterPolicy !== void 0) {
|
|
13842
13842
|
attributes["FilterPolicy"] = typeof filterPolicy === "string" ? filterPolicy : JSON.stringify(filterPolicy);
|
|
13843
13843
|
}
|
|
13844
13844
|
const response = await this.snsClient.send(
|
|
@@ -17107,6 +17107,19 @@ var LogsLogGroupProvider = class {
|
|
|
17107
17107
|
}
|
|
17108
17108
|
return this.buildArn(physicalId);
|
|
17109
17109
|
}
|
|
17110
|
+
/**
|
|
17111
|
+
* Drift comparator skip-list: properties readCurrentState deliberately
|
|
17112
|
+
* cannot round-trip from AWS yet. `DataProtectionPolicy` lives behind
|
|
17113
|
+
* its own `GetDataProtectionPolicy` API call (not in
|
|
17114
|
+
* `DescribeLogGroups` output) — declaring it here prevents
|
|
17115
|
+
* guaranteed false-positive drift on every clean run for log groups
|
|
17116
|
+
* deployed with a data-protection policy. Lifting this guard requires
|
|
17117
|
+
* a per-group `GetDataProtectionPolicy` round-trip in
|
|
17118
|
+
* `readCurrentState`.
|
|
17119
|
+
*/
|
|
17120
|
+
getDriftUnknownPaths() {
|
|
17121
|
+
return ["DataProtectionPolicy"];
|
|
17122
|
+
}
|
|
17110
17123
|
/**
|
|
17111
17124
|
* Read the AWS-current log group configuration in CFn-property shape.
|
|
17112
17125
|
*
|
|
@@ -17141,25 +17154,24 @@ var LogsLogGroupProvider = class {
|
|
|
17141
17154
|
if (found.logGroupName !== void 0)
|
|
17142
17155
|
result["LogGroupName"] = found.logGroupName;
|
|
17143
17156
|
result["KmsKeyId"] = found.kmsKeyId ?? "";
|
|
17144
|
-
|
|
17145
|
-
result["RetentionInDays"] = found.retentionInDays;
|
|
17146
|
-
}
|
|
17157
|
+
result["RetentionInDays"] = found.retentionInDays ?? 0;
|
|
17147
17158
|
if (found.logGroupClass !== void 0)
|
|
17148
17159
|
result["LogGroupClass"] = found.logGroupClass;
|
|
17160
|
+
let tags = [];
|
|
17149
17161
|
if (found.arn) {
|
|
17150
17162
|
const arnForTags = found.arn.replace(/:\*$/, "");
|
|
17151
17163
|
try {
|
|
17152
17164
|
const tagsResp = await this.logsClient.send(
|
|
17153
17165
|
new ListTagsForResourceCommand2({ resourceArn: arnForTags })
|
|
17154
17166
|
);
|
|
17155
|
-
|
|
17156
|
-
result["Tags"] = tags;
|
|
17167
|
+
tags = normalizeAwsTagsToCfn(tagsResp.tags);
|
|
17157
17168
|
} catch (err) {
|
|
17158
17169
|
if (err instanceof ResourceNotFoundException7)
|
|
17159
17170
|
return void 0;
|
|
17160
17171
|
throw err;
|
|
17161
17172
|
}
|
|
17162
17173
|
}
|
|
17174
|
+
result["Tags"] = tags;
|
|
17163
17175
|
return result;
|
|
17164
17176
|
} catch (err) {
|
|
17165
17177
|
if (err instanceof ResourceNotFoundException7)
|
|
@@ -17439,6 +17451,7 @@ var CloudWatchAlarmProvider = class {
|
|
|
17439
17451
|
* Build PutMetricAlarm parameters from CDK properties
|
|
17440
17452
|
*/
|
|
17441
17453
|
buildAlarmParams(alarmName, properties) {
|
|
17454
|
+
const emptyToUndefined = (v) => typeof v === "string" && v === "" ? void 0 : v;
|
|
17442
17455
|
const params = {
|
|
17443
17456
|
AlarmName: alarmName,
|
|
17444
17457
|
ComparisonOperator: properties["ComparisonOperator"],
|
|
@@ -17446,15 +17459,16 @@ var CloudWatchAlarmProvider = class {
|
|
|
17446
17459
|
Threshold: properties["Threshold"],
|
|
17447
17460
|
ActionsEnabled: properties["ActionsEnabled"],
|
|
17448
17461
|
AlarmActions: properties["AlarmActions"],
|
|
17449
|
-
AlarmDescription: properties["AlarmDescription"],
|
|
17462
|
+
AlarmDescription: emptyToUndefined(properties["AlarmDescription"]),
|
|
17450
17463
|
DatapointsToAlarm: properties["DatapointsToAlarm"],
|
|
17451
17464
|
InsufficientDataActions: properties["InsufficientDataActions"],
|
|
17452
17465
|
OKActions: properties["OKActions"],
|
|
17453
|
-
TreatMissingData: properties["TreatMissingData"],
|
|
17454
|
-
Unit: properties["Unit"]
|
|
17466
|
+
TreatMissingData: emptyToUndefined(properties["TreatMissingData"]),
|
|
17467
|
+
Unit: emptyToUndefined(properties["Unit"])
|
|
17455
17468
|
};
|
|
17456
|
-
|
|
17457
|
-
|
|
17469
|
+
const metricsValue = properties["Metrics"];
|
|
17470
|
+
if (Array.isArray(metricsValue) && metricsValue.length > 0) {
|
|
17471
|
+
const metrics = metricsValue;
|
|
17458
17472
|
params["Metrics"] = metrics.map((m) => {
|
|
17459
17473
|
const entry = {
|
|
17460
17474
|
Id: m["Id"]
|
|
@@ -17484,10 +17498,10 @@ var CloudWatchAlarmProvider = class {
|
|
|
17484
17498
|
return entry;
|
|
17485
17499
|
});
|
|
17486
17500
|
} else {
|
|
17487
|
-
params["MetricName"] = properties["MetricName"];
|
|
17488
|
-
params["Namespace"] = properties["Namespace"];
|
|
17501
|
+
params["MetricName"] = emptyToUndefined(properties["MetricName"]);
|
|
17502
|
+
params["Namespace"] = emptyToUndefined(properties["Namespace"]);
|
|
17489
17503
|
params["Period"] = properties["Period"];
|
|
17490
|
-
params["Statistic"] = properties["Statistic"];
|
|
17504
|
+
params["Statistic"] = emptyToUndefined(properties["Statistic"]);
|
|
17491
17505
|
params["Dimensions"] = properties["Dimensions"];
|
|
17492
17506
|
}
|
|
17493
17507
|
return params;
|
|
@@ -18123,19 +18137,21 @@ var SSMParameterProvider = class {
|
|
|
18123
18137
|
Name: physicalId,
|
|
18124
18138
|
Type: type,
|
|
18125
18139
|
Value: value,
|
|
18126
|
-
Description: properties["Description"],
|
|
18127
18140
|
Overwrite: true
|
|
18128
18141
|
};
|
|
18129
|
-
if (properties["
|
|
18142
|
+
if (properties["Description"] !== void 0) {
|
|
18143
|
+
putParams.Description = properties["Description"];
|
|
18144
|
+
}
|
|
18145
|
+
if (properties["AllowedPattern"] !== void 0) {
|
|
18130
18146
|
putParams.AllowedPattern = properties["AllowedPattern"];
|
|
18131
18147
|
}
|
|
18132
|
-
if (properties["Tier"]) {
|
|
18148
|
+
if (properties["Tier"] !== void 0) {
|
|
18133
18149
|
putParams.Tier = properties["Tier"];
|
|
18134
18150
|
}
|
|
18135
|
-
if (properties["Policies"]) {
|
|
18151
|
+
if (properties["Policies"] !== void 0) {
|
|
18136
18152
|
putParams.Policies = properties["Policies"];
|
|
18137
18153
|
}
|
|
18138
|
-
if (properties["DataType"]) {
|
|
18154
|
+
if (properties["DataType"] !== void 0) {
|
|
18139
18155
|
putParams.DataType = properties["DataType"];
|
|
18140
18156
|
}
|
|
18141
18157
|
await this.ssmClient.send(new PutParameterCommand(putParams));
|
|
@@ -18829,6 +18845,16 @@ import {
|
|
|
18829
18845
|
ResourceNotFoundException as ResourceNotFoundException10
|
|
18830
18846
|
} from "@aws-sdk/client-eventbridge";
|
|
18831
18847
|
init_aws_clients();
|
|
18848
|
+
function sanitizeDeadLetterConfig(value) {
|
|
18849
|
+
if (value === null || value === void 0)
|
|
18850
|
+
return void 0;
|
|
18851
|
+
if (typeof value !== "object")
|
|
18852
|
+
return void 0;
|
|
18853
|
+
const arn = value["Arn"];
|
|
18854
|
+
if (typeof arn !== "string" || arn.length === 0)
|
|
18855
|
+
return void 0;
|
|
18856
|
+
return { Arn: arn };
|
|
18857
|
+
}
|
|
18832
18858
|
var EventBridgeBusProvider = class {
|
|
18833
18859
|
eventBridgeClient;
|
|
18834
18860
|
logger = getLogger().child("EventBridgeBusProvider");
|
|
@@ -18875,11 +18901,9 @@ var EventBridgeBusProvider = class {
|
|
|
18875
18901
|
if (properties["Tags"]) {
|
|
18876
18902
|
createParams.Tags = properties["Tags"];
|
|
18877
18903
|
}
|
|
18878
|
-
|
|
18879
|
-
|
|
18880
|
-
createParams.DeadLetterConfig =
|
|
18881
|
-
Arn: dlcConfig["Arn"]
|
|
18882
|
-
};
|
|
18904
|
+
const dlcCreate = sanitizeDeadLetterConfig(properties["DeadLetterConfig"]);
|
|
18905
|
+
if (dlcCreate) {
|
|
18906
|
+
createParams.DeadLetterConfig = dlcCreate;
|
|
18883
18907
|
}
|
|
18884
18908
|
const response = await this.eventBridgeClient.send(new CreateEventBusCommand(createParams));
|
|
18885
18909
|
const eventBusArn = response.EventBusArn ?? "";
|
|
@@ -18918,11 +18942,11 @@ var EventBridgeBusProvider = class {
|
|
|
18918
18942
|
if (properties["KmsKeyIdentifier"] !== void 0) {
|
|
18919
18943
|
updateParams.KmsKeyIdentifier = properties["KmsKeyIdentifier"];
|
|
18920
18944
|
}
|
|
18921
|
-
if (properties["DeadLetterConfig"]) {
|
|
18922
|
-
const
|
|
18923
|
-
|
|
18924
|
-
|
|
18925
|
-
}
|
|
18945
|
+
if (properties["DeadLetterConfig"] !== void 0) {
|
|
18946
|
+
const dlcUpdate = sanitizeDeadLetterConfig(properties["DeadLetterConfig"]);
|
|
18947
|
+
if (dlcUpdate) {
|
|
18948
|
+
updateParams.DeadLetterConfig = dlcUpdate;
|
|
18949
|
+
}
|
|
18926
18950
|
}
|
|
18927
18951
|
await this.eventBridgeClient.send(new UpdateEventBusCommand(updateParams));
|
|
18928
18952
|
}
|
|
@@ -21988,7 +22012,7 @@ var ApiGatewayProvider = class _ApiGatewayProvider {
|
|
|
21988
22012
|
* the IAM trust relationship hasn't fully propagated yet.
|
|
21989
22013
|
*/
|
|
21990
22014
|
async updateAccountWithRetry(cloudWatchRoleArn, logicalId, _resourceType) {
|
|
21991
|
-
const patchOperations = cloudWatchRoleArn ? [
|
|
22015
|
+
const patchOperations = cloudWatchRoleArn !== void 0 ? [
|
|
21992
22016
|
{
|
|
21993
22017
|
op: "replace",
|
|
21994
22018
|
path: "/cloudwatchRoleArn",
|
|
@@ -22932,7 +22956,10 @@ var ApiGatewayProvider = class _ApiGatewayProvider {
|
|
|
22932
22956
|
if (resp.authorizationType !== void 0) {
|
|
22933
22957
|
result["AuthorizationType"] = resp.authorizationType;
|
|
22934
22958
|
}
|
|
22935
|
-
|
|
22959
|
+
const authType = resp.authorizationType;
|
|
22960
|
+
if (authType === "CUSTOM" || authType === "COGNITO_USER_POOLS") {
|
|
22961
|
+
result["AuthorizerId"] = resp.authorizerId ?? "";
|
|
22962
|
+
}
|
|
22936
22963
|
result["Integration"] = resp.methodIntegration ?? {};
|
|
22937
22964
|
result["MethodResponses"] = resp.methodResponses ?? {};
|
|
22938
22965
|
return result;
|
|
@@ -23568,7 +23595,12 @@ var ApiGatewayV2Provider = class {
|
|
|
23568
23595
|
if (resp.ProtocolType !== void 0)
|
|
23569
23596
|
result["ProtocolType"] = resp.ProtocolType;
|
|
23570
23597
|
result["Description"] = resp.Description ?? "";
|
|
23571
|
-
|
|
23598
|
+
if (resp.ProtocolType === "HTTP") {
|
|
23599
|
+
result["CorsConfiguration"] = resp.CorsConfiguration ?? {};
|
|
23600
|
+
}
|
|
23601
|
+
if (resp.ProtocolType === "WEBSOCKET" && resp.RouteSelectionExpression !== void 0) {
|
|
23602
|
+
result["RouteSelectionExpression"] = resp.RouteSelectionExpression;
|
|
23603
|
+
}
|
|
23572
23604
|
const tags = normalizeAwsTagsToCfn(resp.Tags);
|
|
23573
23605
|
result["Tags"] = tags;
|
|
23574
23606
|
return result;
|
|
@@ -23609,7 +23641,10 @@ var ApiGatewayV2Provider = class {
|
|
|
23609
23641
|
const result = { ApiId: apiId };
|
|
23610
23642
|
if (resp.IntegrationType !== void 0)
|
|
23611
23643
|
result["IntegrationType"] = resp.IntegrationType;
|
|
23612
|
-
|
|
23644
|
+
const uriRequired = resp.IntegrationType === "AWS" || resp.IntegrationType === "AWS_PROXY" || resp.IntegrationType === "HTTP" || resp.IntegrationType === "HTTP_PROXY";
|
|
23645
|
+
if (uriRequired) {
|
|
23646
|
+
result["IntegrationUri"] = resp.IntegrationUri ?? "";
|
|
23647
|
+
}
|
|
23613
23648
|
result["IntegrationMethod"] = resp.IntegrationMethod ?? "";
|
|
23614
23649
|
result["PayloadFormatVersion"] = resp.PayloadFormatVersion ?? "";
|
|
23615
23650
|
return result;
|
|
@@ -23631,8 +23666,11 @@ var ApiGatewayV2Provider = class {
|
|
|
23631
23666
|
if (resp.RouteKey !== void 0)
|
|
23632
23667
|
result["RouteKey"] = resp.RouteKey;
|
|
23633
23668
|
result["Target"] = resp.Target ?? "";
|
|
23634
|
-
result["AuthorizationType"] = resp.AuthorizationType ?? "";
|
|
23635
|
-
|
|
23669
|
+
result["AuthorizationType"] = resp.AuthorizationType ?? "NONE";
|
|
23670
|
+
if (resp.AuthorizationType && resp.AuthorizationType !== "NONE") {
|
|
23671
|
+
result["AuthorizerId"] = resp.AuthorizerId ?? "";
|
|
23672
|
+
result["AuthorizationScopes"] = resp.AuthorizationScopes ? [...resp.AuthorizationScopes] : [];
|
|
23673
|
+
}
|
|
23636
23674
|
return result;
|
|
23637
23675
|
} catch (err) {
|
|
23638
23676
|
if (err instanceof NotFoundException4)
|
|
@@ -23653,9 +23691,12 @@ var ApiGatewayV2Provider = class {
|
|
|
23653
23691
|
result["AuthorizerType"] = resp.AuthorizerType;
|
|
23654
23692
|
result["Name"] = resp.Name ?? "";
|
|
23655
23693
|
result["IdentitySource"] = resp.IdentitySource ? [...resp.IdentitySource] : [];
|
|
23656
|
-
|
|
23657
|
-
|
|
23658
|
-
|
|
23694
|
+
if (resp.AuthorizerType === "JWT") {
|
|
23695
|
+
result["JwtConfiguration"] = resp.JwtConfiguration ?? {};
|
|
23696
|
+
} else if (resp.AuthorizerType === "REQUEST") {
|
|
23697
|
+
result["AuthorizerUri"] = resp.AuthorizerUri ?? "";
|
|
23698
|
+
result["AuthorizerPayloadFormatVersion"] = resp.AuthorizerPayloadFormatVersion ?? "";
|
|
23699
|
+
}
|
|
23659
23700
|
return result;
|
|
23660
23701
|
} catch (err) {
|
|
23661
23702
|
if (err instanceof NotFoundException4)
|
|
@@ -24872,22 +24913,18 @@ var StepFunctionsProvider = class {
|
|
|
24872
24913
|
const tagList = properties["Tags"];
|
|
24873
24914
|
tags = tagList.map((tag) => ({ key: tag.Key, value: tag.Value }));
|
|
24874
24915
|
}
|
|
24875
|
-
const
|
|
24876
|
-
|
|
24877
|
-
|
|
24878
|
-
|
|
24879
|
-
|
|
24880
|
-
kmsKeyId: cfnEncConfig["KmsKeyId"],
|
|
24881
|
-
kmsDataKeyReusePeriodSeconds: cfnEncConfig["KmsDataKeyReusePeriodSeconds"]
|
|
24882
|
-
};
|
|
24883
|
-
}
|
|
24916
|
+
const encryptionConfiguration = mapEncryptionConfiguration(
|
|
24917
|
+
properties["EncryptionConfiguration"]
|
|
24918
|
+
);
|
|
24919
|
+
const loggingConfiguration = mapLoggingConfiguration(properties["LoggingConfiguration"]);
|
|
24920
|
+
const tracingConfiguration = mapTracingConfiguration(properties["TracingConfiguration"]);
|
|
24884
24921
|
const createParams = {
|
|
24885
24922
|
name: stateMachineName,
|
|
24886
24923
|
definition: definitionString,
|
|
24887
24924
|
roleArn,
|
|
24888
24925
|
type: properties["StateMachineType"],
|
|
24889
|
-
loggingConfiguration
|
|
24890
|
-
tracingConfiguration
|
|
24926
|
+
loggingConfiguration,
|
|
24927
|
+
tracingConfiguration,
|
|
24891
24928
|
tags,
|
|
24892
24929
|
encryptionConfiguration
|
|
24893
24930
|
};
|
|
@@ -24928,22 +24965,18 @@ var StepFunctionsProvider = class {
|
|
|
24928
24965
|
this.logger.debug(`Updating Step Functions state machine ${logicalId}: ${physicalId}`);
|
|
24929
24966
|
try {
|
|
24930
24967
|
const definitionString = this.buildDefinitionString(properties);
|
|
24931
|
-
const
|
|
24932
|
-
|
|
24933
|
-
|
|
24934
|
-
|
|
24935
|
-
|
|
24936
|
-
kmsKeyId: cfnEncConfig["KmsKeyId"],
|
|
24937
|
-
kmsDataKeyReusePeriodSeconds: cfnEncConfig["KmsDataKeyReusePeriodSeconds"]
|
|
24938
|
-
};
|
|
24939
|
-
}
|
|
24968
|
+
const encryptionConfiguration = mapEncryptionConfiguration(
|
|
24969
|
+
properties["EncryptionConfiguration"]
|
|
24970
|
+
);
|
|
24971
|
+
const loggingConfiguration = mapLoggingConfiguration(properties["LoggingConfiguration"]);
|
|
24972
|
+
const tracingConfiguration = mapTracingConfiguration(properties["TracingConfiguration"]);
|
|
24940
24973
|
await this.getClient().send(
|
|
24941
24974
|
new UpdateStateMachineCommand({
|
|
24942
24975
|
stateMachineArn: physicalId,
|
|
24943
24976
|
definition: definitionString,
|
|
24944
24977
|
roleArn: properties["RoleArn"],
|
|
24945
|
-
loggingConfiguration
|
|
24946
|
-
tracingConfiguration
|
|
24978
|
+
loggingConfiguration,
|
|
24979
|
+
tracingConfiguration,
|
|
24947
24980
|
encryptionConfiguration
|
|
24948
24981
|
})
|
|
24949
24982
|
);
|
|
@@ -25231,6 +25264,57 @@ var StepFunctionsProvider = class {
|
|
|
25231
25264
|
return "{}";
|
|
25232
25265
|
}
|
|
25233
25266
|
};
|
|
25267
|
+
function mapEncryptionConfiguration(value) {
|
|
25268
|
+
if (value === null || value === void 0)
|
|
25269
|
+
return void 0;
|
|
25270
|
+
if (typeof value !== "object")
|
|
25271
|
+
return void 0;
|
|
25272
|
+
const cfg = value;
|
|
25273
|
+
if (cfg["Type"] === void 0)
|
|
25274
|
+
return void 0;
|
|
25275
|
+
return {
|
|
25276
|
+
type: cfg["Type"],
|
|
25277
|
+
kmsKeyId: cfg["KmsKeyId"],
|
|
25278
|
+
kmsDataKeyReusePeriodSeconds: cfg["KmsDataKeyReusePeriodSeconds"]
|
|
25279
|
+
};
|
|
25280
|
+
}
|
|
25281
|
+
function mapLoggingConfiguration(value) {
|
|
25282
|
+
if (value === null || value === void 0)
|
|
25283
|
+
return void 0;
|
|
25284
|
+
if (typeof value !== "object")
|
|
25285
|
+
return void 0;
|
|
25286
|
+
const cfg = value;
|
|
25287
|
+
if (cfg["Level"] === void 0)
|
|
25288
|
+
return void 0;
|
|
25289
|
+
const result = {
|
|
25290
|
+
level: cfg["Level"]
|
|
25291
|
+
};
|
|
25292
|
+
if (cfg["IncludeExecutionData"] !== void 0) {
|
|
25293
|
+
result.includeExecutionData = cfg["IncludeExecutionData"];
|
|
25294
|
+
}
|
|
25295
|
+
if (Array.isArray(cfg["Destinations"])) {
|
|
25296
|
+
result.destinations = cfg["Destinations"].map((d) => {
|
|
25297
|
+
const cwLogs = d["CloudWatchLogsLogGroup"];
|
|
25298
|
+
if (cwLogs?.["LogGroupArn"] !== void 0) {
|
|
25299
|
+
return {
|
|
25300
|
+
cloudWatchLogsLogGroup: { logGroupArn: cwLogs["LogGroupArn"] }
|
|
25301
|
+
};
|
|
25302
|
+
}
|
|
25303
|
+
return {};
|
|
25304
|
+
});
|
|
25305
|
+
}
|
|
25306
|
+
return result;
|
|
25307
|
+
}
|
|
25308
|
+
function mapTracingConfiguration(value) {
|
|
25309
|
+
if (value === null || value === void 0)
|
|
25310
|
+
return void 0;
|
|
25311
|
+
if (typeof value !== "object")
|
|
25312
|
+
return void 0;
|
|
25313
|
+
const cfg = value;
|
|
25314
|
+
if (cfg["Enabled"] === void 0)
|
|
25315
|
+
return void 0;
|
|
25316
|
+
return { enabled: cfg["Enabled"] };
|
|
25317
|
+
}
|
|
25234
25318
|
|
|
25235
25319
|
// src/provisioning/providers/ecs-provider.ts
|
|
25236
25320
|
import {
|
|
@@ -25583,23 +25667,14 @@ var ECSProvider = class {
|
|
|
25583
25667
|
);
|
|
25584
25668
|
}
|
|
25585
25669
|
}
|
|
25586
|
-
async updateTaskDefinition(logicalId,
|
|
25587
|
-
|
|
25588
|
-
|
|
25589
|
-
|
|
25590
|
-
|
|
25591
|
-
|
|
25592
|
-
|
|
25593
|
-
|
|
25594
|
-
this.logger.debug(
|
|
25595
|
-
`Failed to deregister old task definition ${physicalId}: ${error instanceof Error ? error.message : String(error)}`
|
|
25596
|
-
);
|
|
25597
|
-
}
|
|
25598
|
-
return {
|
|
25599
|
-
physicalId: result.physicalId,
|
|
25600
|
-
wasReplaced: false,
|
|
25601
|
-
attributes: result.attributes ?? {}
|
|
25602
|
-
};
|
|
25670
|
+
async updateTaskDefinition(logicalId, _physicalId, _resourceType, _properties) {
|
|
25671
|
+
return Promise.reject(
|
|
25672
|
+
new ResourceUpdateNotSupportedError(
|
|
25673
|
+
"AWS::ECS::TaskDefinition",
|
|
25674
|
+
logicalId,
|
|
25675
|
+
"TaskDefinition revisions are immutable; re-deploy with cdkd deploy --replace, or destroy + redeploy the stack"
|
|
25676
|
+
)
|
|
25677
|
+
);
|
|
25603
25678
|
}
|
|
25604
25679
|
async deleteTaskDefinition(logicalId, physicalId, resourceType, context) {
|
|
25605
25680
|
this.logger.debug(`Deleting ECS task definition ${logicalId}: ${physicalId}`);
|
|
@@ -26138,11 +26213,19 @@ var ECSProvider = class {
|
|
|
26138
26213
|
if (s.networkConfiguration)
|
|
26139
26214
|
result["NetworkConfiguration"] = s.networkConfiguration;
|
|
26140
26215
|
result["LoadBalancers"] = s.loadBalancers ?? [];
|
|
26141
|
-
|
|
26216
|
+
if (s.capacityProviderStrategy && s.capacityProviderStrategy.length > 0) {
|
|
26217
|
+
result["CapacityProviderStrategy"] = s.capacityProviderStrategy;
|
|
26218
|
+
} else if (!s.launchType) {
|
|
26219
|
+
result["CapacityProviderStrategy"] = [];
|
|
26220
|
+
}
|
|
26142
26221
|
if (s.deploymentConfiguration)
|
|
26143
26222
|
result["DeploymentConfiguration"] = s.deploymentConfiguration;
|
|
26144
26223
|
result["PlacementConstraints"] = s.placementConstraints ?? [];
|
|
26145
|
-
|
|
26224
|
+
if (s.launchType === "EC2" || s.launchType === "EXTERNAL") {
|
|
26225
|
+
result["PlacementStrategy"] = s.placementStrategy ?? [];
|
|
26226
|
+
} else if (s.placementStrategy && s.placementStrategy.length > 0) {
|
|
26227
|
+
result["PlacementStrategy"] = s.placementStrategy;
|
|
26228
|
+
}
|
|
26146
26229
|
result["ServiceRegistries"] = s.serviceRegistries ?? [];
|
|
26147
26230
|
const tags = normalizeAwsTagsToCfn(s.tags);
|
|
26148
26231
|
result["Tags"] = tags;
|
|
@@ -29027,6 +29110,13 @@ import {
|
|
|
29027
29110
|
UntagResourceCommand as UntagResourceCommand13,
|
|
29028
29111
|
WAFNonexistentItemException
|
|
29029
29112
|
} from "@aws-sdk/client-wafv2";
|
|
29113
|
+
function sanitizeDescription(value) {
|
|
29114
|
+
if (value === void 0 || value === null)
|
|
29115
|
+
return void 0;
|
|
29116
|
+
if (typeof value === "string" && value.length === 0)
|
|
29117
|
+
return void 0;
|
|
29118
|
+
return value;
|
|
29119
|
+
}
|
|
29030
29120
|
function parseWebACLArn(arn) {
|
|
29031
29121
|
const parts = arn.split(":");
|
|
29032
29122
|
const resourcePart = parts.slice(5).join(":");
|
|
@@ -29088,7 +29178,7 @@ var WAFv2WebACLProvider = class {
|
|
|
29088
29178
|
Name: name,
|
|
29089
29179
|
Scope: scope,
|
|
29090
29180
|
DefaultAction: properties["DefaultAction"],
|
|
29091
|
-
Description: properties["Description"],
|
|
29181
|
+
Description: sanitizeDescription(properties["Description"]),
|
|
29092
29182
|
Rules: properties["Rules"] || [],
|
|
29093
29183
|
VisibilityConfig: properties["VisibilityConfig"],
|
|
29094
29184
|
...tags.length > 0 && { Tags: tags },
|
|
@@ -29153,7 +29243,7 @@ var WAFv2WebACLProvider = class {
|
|
|
29153
29243
|
Id: id,
|
|
29154
29244
|
LockToken: lockToken,
|
|
29155
29245
|
DefaultAction: properties["DefaultAction"],
|
|
29156
|
-
Description: properties["Description"],
|
|
29246
|
+
Description: sanitizeDescription(properties["Description"]),
|
|
29157
29247
|
Rules: properties["Rules"] || [],
|
|
29158
29248
|
VisibilityConfig: properties["VisibilityConfig"],
|
|
29159
29249
|
CustomResponseBodies: properties["CustomResponseBodies"],
|
|
@@ -29415,6 +29505,9 @@ import {
|
|
|
29415
29505
|
ListTagsForResourceCommand as ListTagsForResourceCommand13,
|
|
29416
29506
|
ResourceNotFoundException as ResourceNotFoundException12
|
|
29417
29507
|
} from "@aws-sdk/client-cognito-identity-provider";
|
|
29508
|
+
function isEmptyObjectPlaceholder(value) {
|
|
29509
|
+
return value !== null && typeof value === "object" && !Array.isArray(value) && Object.keys(value).length === 0;
|
|
29510
|
+
}
|
|
29418
29511
|
var CognitoUserPoolProvider = class {
|
|
29419
29512
|
cognitoClient;
|
|
29420
29513
|
providerRegion = process.env["AWS_REGION"];
|
|
@@ -29616,7 +29709,7 @@ var CognitoUserPoolProvider = class {
|
|
|
29616
29709
|
if (properties["EmailConfiguration"]) {
|
|
29617
29710
|
updateParams.EmailConfiguration = properties["EmailConfiguration"];
|
|
29618
29711
|
}
|
|
29619
|
-
if (properties["SmsConfiguration"]) {
|
|
29712
|
+
if (properties["SmsConfiguration"] && !isEmptyObjectPlaceholder(properties["SmsConfiguration"])) {
|
|
29620
29713
|
updateParams.SmsConfiguration = properties["SmsConfiguration"];
|
|
29621
29714
|
}
|
|
29622
29715
|
if (properties["VerificationMessageTemplate"]) {
|
|
@@ -29625,19 +29718,19 @@ var CognitoUserPoolProvider = class {
|
|
|
29625
29718
|
if (properties["DeviceConfiguration"]) {
|
|
29626
29719
|
updateParams.DeviceConfiguration = properties["DeviceConfiguration"];
|
|
29627
29720
|
}
|
|
29628
|
-
if (properties["UserPoolAddOns"]) {
|
|
29721
|
+
if (properties["UserPoolAddOns"] && !isEmptyObjectPlaceholder(properties["UserPoolAddOns"])) {
|
|
29629
29722
|
updateParams.UserPoolAddOns = properties["UserPoolAddOns"];
|
|
29630
29723
|
}
|
|
29631
|
-
if (properties["EmailVerificationMessage"]) {
|
|
29724
|
+
if (properties["EmailVerificationMessage"] !== void 0) {
|
|
29632
29725
|
updateParams.EmailVerificationMessage = properties["EmailVerificationMessage"];
|
|
29633
29726
|
}
|
|
29634
|
-
if (properties["EmailVerificationSubject"]) {
|
|
29727
|
+
if (properties["EmailVerificationSubject"] !== void 0) {
|
|
29635
29728
|
updateParams.EmailVerificationSubject = properties["EmailVerificationSubject"];
|
|
29636
29729
|
}
|
|
29637
|
-
if (properties["SmsAuthenticationMessage"]) {
|
|
29730
|
+
if (properties["SmsAuthenticationMessage"] !== void 0) {
|
|
29638
29731
|
updateParams.SmsAuthenticationMessage = properties["SmsAuthenticationMessage"];
|
|
29639
29732
|
}
|
|
29640
|
-
if (properties["SmsVerificationMessage"]) {
|
|
29733
|
+
if (properties["SmsVerificationMessage"] !== void 0) {
|
|
29641
29734
|
updateParams.SmsVerificationMessage = properties["SmsVerificationMessage"];
|
|
29642
29735
|
}
|
|
29643
29736
|
await this.getClient().send(new UpdateUserPoolCommand(updateParams));
|
|
@@ -31000,6 +31093,24 @@ var ServiceDiscoveryProvider = class {
|
|
|
31000
31093
|
return void 0;
|
|
31001
31094
|
}
|
|
31002
31095
|
}
|
|
31096
|
+
/**
|
|
31097
|
+
* Declare drift-unreadable property paths.
|
|
31098
|
+
*
|
|
31099
|
+
* - `AWS::ServiceDiscovery::PrivateDnsNamespace.Vpc`: Cloud Map's
|
|
31100
|
+
* `GetNamespace` does NOT return the VPC ID — it is only consumed at
|
|
31101
|
+
* create time and surfaced in opaque form via
|
|
31102
|
+
* `Properties.DnsProperties.HostedZoneId`. Without this declaration
|
|
31103
|
+
* the comparator would walk into `Vpc` (state has it because cdkd
|
|
31104
|
+
* stored the user-supplied template value) and report a guaranteed
|
|
31105
|
+
* false-positive on every clean drift run, since `readCurrentState`
|
|
31106
|
+
* deliberately omits the key.
|
|
31107
|
+
*/
|
|
31108
|
+
getDriftUnknownPaths(resourceType) {
|
|
31109
|
+
if (resourceType === "AWS::ServiceDiscovery::PrivateDnsNamespace") {
|
|
31110
|
+
return ["Vpc"];
|
|
31111
|
+
}
|
|
31112
|
+
return [];
|
|
31113
|
+
}
|
|
31003
31114
|
async readNamespace(physicalId) {
|
|
31004
31115
|
let ns;
|
|
31005
31116
|
try {
|
|
@@ -31806,7 +31917,9 @@ var AppSyncProvider = class {
|
|
|
31806
31917
|
if (ds.type !== void 0)
|
|
31807
31918
|
result["Type"] = ds.type;
|
|
31808
31919
|
result["Description"] = ds.description ?? "";
|
|
31809
|
-
|
|
31920
|
+
if (ds.serviceRoleArn !== void 0 && ds.serviceRoleArn !== "") {
|
|
31921
|
+
result["ServiceRoleArn"] = ds.serviceRoleArn;
|
|
31922
|
+
}
|
|
31810
31923
|
if (ds.dynamodbConfig) {
|
|
31811
31924
|
const dynamo = {};
|
|
31812
31925
|
if (ds.dynamodbConfig.tableName !== void 0)
|
|
@@ -31852,24 +31965,29 @@ var AppSyncProvider = class {
|
|
|
31852
31965
|
result["TypeName"] = resolver.typeName;
|
|
31853
31966
|
if (resolver.fieldName !== void 0)
|
|
31854
31967
|
result["FieldName"] = resolver.fieldName;
|
|
31855
|
-
result["DataSourceName"] = resolver.dataSourceName ?? "";
|
|
31856
|
-
result["RequestMappingTemplate"] = resolver.requestMappingTemplate ?? "";
|
|
31857
|
-
result["ResponseMappingTemplate"] = resolver.responseMappingTemplate ?? "";
|
|
31858
31968
|
if (resolver.kind !== void 0)
|
|
31859
31969
|
result["Kind"] = resolver.kind;
|
|
31860
|
-
|
|
31861
|
-
|
|
31862
|
-
|
|
31863
|
-
|
|
31864
|
-
|
|
31865
|
-
|
|
31866
|
-
|
|
31867
|
-
|
|
31970
|
+
const kind = resolver.kind ?? "UNIT";
|
|
31971
|
+
if (kind === "PIPELINE") {
|
|
31972
|
+
result["PipelineConfig"] = {
|
|
31973
|
+
Functions: resolver.pipelineConfig?.functions ? [...resolver.pipelineConfig.functions] : []
|
|
31974
|
+
};
|
|
31975
|
+
} else {
|
|
31976
|
+
if (resolver.dataSourceName !== void 0 && resolver.dataSourceName !== "") {
|
|
31977
|
+
result["DataSourceName"] = resolver.dataSourceName;
|
|
31978
|
+
}
|
|
31979
|
+
}
|
|
31980
|
+
if (resolver.runtime?.name) {
|
|
31981
|
+
result["Code"] = resolver.code ?? "";
|
|
31982
|
+
const runtime = { Name: resolver.runtime.name };
|
|
31983
|
+
if (resolver.runtime.runtimeVersion !== void 0) {
|
|
31868
31984
|
runtime["RuntimeVersion"] = resolver.runtime.runtimeVersion;
|
|
31869
31985
|
}
|
|
31870
31986
|
result["Runtime"] = runtime;
|
|
31987
|
+
} else {
|
|
31988
|
+
result["RequestMappingTemplate"] = resolver.requestMappingTemplate ?? "";
|
|
31989
|
+
result["ResponseMappingTemplate"] = resolver.responseMappingTemplate ?? "";
|
|
31871
31990
|
}
|
|
31872
|
-
result["Code"] = resolver.code ?? "";
|
|
31873
31991
|
return result;
|
|
31874
31992
|
}
|
|
31875
31993
|
async readApiKey(physicalId) {
|
|
@@ -33232,6 +33350,11 @@ import {
|
|
|
33232
33350
|
ListTagsForStreamCommand,
|
|
33233
33351
|
ResourceNotFoundException as ResourceNotFoundException13
|
|
33234
33352
|
} from "@aws-sdk/client-kinesis";
|
|
33353
|
+
function isKmsEncryption(value) {
|
|
33354
|
+
if (!value)
|
|
33355
|
+
return false;
|
|
33356
|
+
return value["EncryptionType"] === "KMS";
|
|
33357
|
+
}
|
|
33235
33358
|
var KinesisStreamProvider = class {
|
|
33236
33359
|
client;
|
|
33237
33360
|
providerRegion = process.env["AWS_REGION"];
|
|
@@ -33314,14 +33437,13 @@ var KinesisStreamProvider = class {
|
|
|
33314
33437
|
await this.waitForStreamActive(streamName);
|
|
33315
33438
|
}
|
|
33316
33439
|
const streamEncryption = properties["StreamEncryption"];
|
|
33317
|
-
if (streamEncryption) {
|
|
33318
|
-
const encryptionType = streamEncryption["EncryptionType"] ?? "KMS";
|
|
33440
|
+
if (isKmsEncryption(streamEncryption)) {
|
|
33319
33441
|
const keyId = streamEncryption["KeyId"];
|
|
33320
33442
|
this.logger.debug(`Enabling stream encryption for ${streamName}`);
|
|
33321
33443
|
await this.getClient().send(
|
|
33322
33444
|
new StartStreamEncryptionCommand({
|
|
33323
33445
|
StreamName: streamName,
|
|
33324
|
-
EncryptionType:
|
|
33446
|
+
EncryptionType: "KMS",
|
|
33325
33447
|
KeyId: keyId
|
|
33326
33448
|
})
|
|
33327
33449
|
);
|
|
@@ -33408,23 +33530,27 @@ var KinesisStreamProvider = class {
|
|
|
33408
33530
|
);
|
|
33409
33531
|
const newEncryption = properties["StreamEncryption"];
|
|
33410
33532
|
const oldEncryption = previousProperties["StreamEncryption"];
|
|
33411
|
-
|
|
33412
|
-
|
|
33533
|
+
const oldIsKms = isKmsEncryption(oldEncryption);
|
|
33534
|
+
const newIsKms = isKmsEncryption(newEncryption);
|
|
33535
|
+
const oldKeyId = oldIsKms ? oldEncryption["KeyId"] : void 0;
|
|
33536
|
+
const newKeyId = newIsKms ? newEncryption["KeyId"] : void 0;
|
|
33537
|
+
if (oldIsKms !== newIsKms || oldIsKms && newIsKms && oldKeyId !== newKeyId) {
|
|
33538
|
+
if (oldIsKms) {
|
|
33413
33539
|
await this.getClient().send(
|
|
33414
33540
|
new StopStreamEncryptionCommand({
|
|
33415
33541
|
StreamName: physicalId,
|
|
33416
|
-
EncryptionType:
|
|
33417
|
-
KeyId:
|
|
33542
|
+
EncryptionType: "KMS",
|
|
33543
|
+
KeyId: oldKeyId
|
|
33418
33544
|
})
|
|
33419
33545
|
);
|
|
33420
33546
|
await this.waitForStreamActive(physicalId);
|
|
33421
33547
|
}
|
|
33422
|
-
if (
|
|
33548
|
+
if (newIsKms) {
|
|
33423
33549
|
await this.getClient().send(
|
|
33424
33550
|
new StartStreamEncryptionCommand({
|
|
33425
33551
|
StreamName: physicalId,
|
|
33426
|
-
EncryptionType:
|
|
33427
|
-
KeyId:
|
|
33552
|
+
EncryptionType: "KMS",
|
|
33553
|
+
KeyId: newKeyId
|
|
33428
33554
|
})
|
|
33429
33555
|
);
|
|
33430
33556
|
await this.waitForStreamActive(physicalId);
|
|
@@ -33580,10 +33706,11 @@ var KinesisStreamProvider = class {
|
|
|
33580
33706
|
const result = {};
|
|
33581
33707
|
if (stream.StreamName !== void 0)
|
|
33582
33708
|
result["Name"] = stream.StreamName;
|
|
33583
|
-
|
|
33584
|
-
|
|
33709
|
+
const streamMode = stream.StreamModeDetails?.StreamMode;
|
|
33710
|
+
if (streamMode !== void 0) {
|
|
33711
|
+
result["StreamModeDetails"] = { StreamMode: streamMode };
|
|
33585
33712
|
}
|
|
33586
|
-
if (stream.Shards && stream.Shards.length > 0) {
|
|
33713
|
+
if (streamMode === "PROVISIONED" && stream.Shards && stream.Shards.length > 0) {
|
|
33587
33714
|
result["ShardCount"] = stream.Shards.length;
|
|
33588
33715
|
}
|
|
33589
33716
|
if (stream.RetentionPeriodHours !== void 0) {
|
|
@@ -34798,14 +34925,14 @@ var FirehoseProvider = class {
|
|
|
34798
34925
|
const tagsResp = await this.getClient().send(
|
|
34799
34926
|
new ListTagsForDeliveryStreamCommand({ DeliveryStreamName: physicalId })
|
|
34800
34927
|
);
|
|
34801
|
-
|
|
34802
|
-
result["Tags"] = tags;
|
|
34928
|
+
result["Tags"] = normalizeAwsTagsToCfn(tagsResp.Tags);
|
|
34803
34929
|
} catch (err) {
|
|
34804
34930
|
if (err instanceof ResourceNotFoundException14)
|
|
34805
34931
|
return void 0;
|
|
34806
34932
|
this.logger.debug(
|
|
34807
34933
|
`Firehose ListTagsForDeliveryStream(${physicalId}) failed: ${err instanceof Error ? err.message : String(err)}`
|
|
34808
34934
|
);
|
|
34935
|
+
result["Tags"] = [];
|
|
34809
34936
|
}
|
|
34810
34937
|
return result;
|
|
34811
34938
|
}
|
|
@@ -35010,16 +35137,21 @@ var CloudTrailProvider = class {
|
|
|
35010
35137
|
}
|
|
35011
35138
|
async update(logicalId, physicalId, resourceType, properties, previousProperties) {
|
|
35012
35139
|
this.logger.debug(`Updating CloudTrail Trail ${logicalId}: ${physicalId}`);
|
|
35140
|
+
const sanitizeArn = (v) => {
|
|
35141
|
+
if (v === void 0 || v === null || v === "")
|
|
35142
|
+
return void 0;
|
|
35143
|
+
return v;
|
|
35144
|
+
};
|
|
35013
35145
|
const s3BucketName = properties["S3BucketName"];
|
|
35014
35146
|
const s3KeyPrefix = properties["S3KeyPrefix"];
|
|
35015
35147
|
const isMultiRegionTrail = properties["IsMultiRegionTrail"];
|
|
35016
35148
|
const includeGlobalServiceEvents = properties["IncludeGlobalServiceEvents"];
|
|
35017
35149
|
const enableLogFileValidation = properties["EnableLogFileValidation"];
|
|
35018
35150
|
const isLogging = properties["IsLogging"];
|
|
35019
|
-
const cloudWatchLogsLogGroupArn = properties["CloudWatchLogsLogGroupArn"];
|
|
35020
|
-
const cloudWatchLogsRoleArn = properties["CloudWatchLogsRoleArn"];
|
|
35021
|
-
const kmsKeyId = properties["KMSKeyId"];
|
|
35022
|
-
const snsTopicName = properties["SnsTopicName"];
|
|
35151
|
+
const cloudWatchLogsLogGroupArn = sanitizeArn(properties["CloudWatchLogsLogGroupArn"]);
|
|
35152
|
+
const cloudWatchLogsRoleArn = sanitizeArn(properties["CloudWatchLogsRoleArn"]);
|
|
35153
|
+
const kmsKeyId = sanitizeArn(properties["KMSKeyId"]);
|
|
35154
|
+
const snsTopicName = sanitizeArn(properties["SnsTopicName"]);
|
|
35023
35155
|
const isOrganizationTrail = properties["IsOrganizationTrail"];
|
|
35024
35156
|
try {
|
|
35025
35157
|
await this.getClient().send(
|
|
@@ -35216,58 +35348,48 @@ var CloudTrailProvider = class {
|
|
|
35216
35348
|
result["TrailName"] = trail.Name;
|
|
35217
35349
|
if (trail.S3BucketName !== void 0)
|
|
35218
35350
|
result["S3BucketName"] = trail.S3BucketName;
|
|
35219
|
-
|
|
35220
|
-
|
|
35221
|
-
|
|
35222
|
-
|
|
35223
|
-
|
|
35224
|
-
if (trail.IncludeGlobalServiceEvents !== void 0) {
|
|
35225
|
-
result["IncludeGlobalServiceEvents"] = trail.IncludeGlobalServiceEvents;
|
|
35226
|
-
}
|
|
35227
|
-
if (trail.LogFileValidationEnabled !== void 0) {
|
|
35228
|
-
result["EnableLogFileValidation"] = trail.LogFileValidationEnabled;
|
|
35229
|
-
}
|
|
35230
|
-
if (trail.CloudWatchLogsLogGroupArn !== void 0) {
|
|
35351
|
+
result["S3KeyPrefix"] = trail.S3KeyPrefix ?? "";
|
|
35352
|
+
result["IsMultiRegionTrail"] = trail.IsMultiRegionTrail ?? false;
|
|
35353
|
+
result["IncludeGlobalServiceEvents"] = trail.IncludeGlobalServiceEvents ?? true;
|
|
35354
|
+
result["EnableLogFileValidation"] = trail.LogFileValidationEnabled ?? false;
|
|
35355
|
+
if (trail.CloudWatchLogsLogGroupArn && trail.CloudWatchLogsRoleArn) {
|
|
35231
35356
|
result["CloudWatchLogsLogGroupArn"] = trail.CloudWatchLogsLogGroupArn;
|
|
35232
|
-
}
|
|
35233
|
-
if (trail.CloudWatchLogsRoleArn !== void 0) {
|
|
35234
35357
|
result["CloudWatchLogsRoleArn"] = trail.CloudWatchLogsRoleArn;
|
|
35235
35358
|
}
|
|
35236
|
-
|
|
35237
|
-
|
|
35238
|
-
|
|
35239
|
-
result["SnsTopicName"] = trail.SnsTopicName;
|
|
35240
|
-
if (trail.IsOrganizationTrail !== void 0) {
|
|
35241
|
-
result["IsOrganizationTrail"] = trail.IsOrganizationTrail;
|
|
35242
|
-
}
|
|
35359
|
+
result["KMSKeyId"] = trail.KmsKeyId ?? "";
|
|
35360
|
+
result["SnsTopicName"] = trail.SnsTopicName ?? "";
|
|
35361
|
+
result["IsOrganizationTrail"] = trail.IsOrganizationTrail ?? false;
|
|
35243
35362
|
try {
|
|
35244
35363
|
const status = await this.getClient().send(new GetTrailStatusCommand({ Name: physicalId }));
|
|
35245
|
-
|
|
35246
|
-
result["IsLogging"] = status.IsLogging;
|
|
35364
|
+
result["IsLogging"] = status.IsLogging ?? false;
|
|
35247
35365
|
} catch {
|
|
35248
35366
|
}
|
|
35249
35367
|
try {
|
|
35250
35368
|
const sel = await this.getClient().send(
|
|
35251
35369
|
new GetEventSelectorsCommand({ TrailName: physicalId })
|
|
35252
35370
|
);
|
|
35253
|
-
|
|
35254
|
-
|
|
35255
|
-
|
|
35371
|
+
const hasAdvanced = Array.isArray(sel.AdvancedEventSelectors) && sel.AdvancedEventSelectors.length > 0;
|
|
35372
|
+
if (!hasAdvanced) {
|
|
35373
|
+
result["EventSelectors"] = (sel.EventSelectors ?? []).map(
|
|
35374
|
+
(es) => es
|
|
35375
|
+
);
|
|
35376
|
+
}
|
|
35256
35377
|
} catch {
|
|
35257
35378
|
}
|
|
35379
|
+
let tags = [];
|
|
35258
35380
|
if (trail.TrailARN) {
|
|
35259
35381
|
try {
|
|
35260
35382
|
const tagsResp = await this.getClient().send(
|
|
35261
35383
|
new ListTagsCommand3({ ResourceIdList: [trail.TrailARN] })
|
|
35262
35384
|
);
|
|
35263
|
-
|
|
35264
|
-
result["Tags"] = tags;
|
|
35385
|
+
tags = normalizeAwsTagsToCfn(tagsResp.ResourceTagList?.[0]?.TagsList);
|
|
35265
35386
|
} catch (err) {
|
|
35266
35387
|
this.logger.debug(
|
|
35267
35388
|
`CloudTrail ListTags(${trail.TrailARN}) failed: ${err instanceof Error ? err.message : String(err)}`
|
|
35268
35389
|
);
|
|
35269
35390
|
}
|
|
35270
35391
|
}
|
|
35392
|
+
result["Tags"] = tags;
|
|
35271
35393
|
return result;
|
|
35272
35394
|
}
|
|
35273
35395
|
async import(input) {
|
|
@@ -35398,7 +35520,12 @@ var CodeBuildProvider = class {
|
|
|
35398
35520
|
const name = properties["Name"] ?? logicalId;
|
|
35399
35521
|
const source = properties["Source"];
|
|
35400
35522
|
const environment = properties["Environment"];
|
|
35401
|
-
const
|
|
35523
|
+
const sanitizeOptionalString = (value) => {
|
|
35524
|
+
if (typeof value !== "string")
|
|
35525
|
+
return value;
|
|
35526
|
+
return value === "" ? void 0 : value;
|
|
35527
|
+
};
|
|
35528
|
+
const serviceRole = sanitizeOptionalString(properties["ServiceRole"]);
|
|
35402
35529
|
const artifacts = properties["Artifacts"];
|
|
35403
35530
|
const tags = properties["Tags"];
|
|
35404
35531
|
const envVars = environment?.["EnvironmentVariables"];
|
|
@@ -35489,7 +35616,7 @@ var CodeBuildProvider = class {
|
|
|
35489
35616
|
description: properties["Description"],
|
|
35490
35617
|
timeoutInMinutes: properties["TimeoutInMinutes"],
|
|
35491
35618
|
queuedTimeoutInMinutes: properties["QueuedTimeoutInMinutes"],
|
|
35492
|
-
encryptionKey: properties["EncryptionKey"],
|
|
35619
|
+
encryptionKey: sanitizeOptionalString(properties["EncryptionKey"]),
|
|
35493
35620
|
cache: cache2,
|
|
35494
35621
|
vpcConfig,
|
|
35495
35622
|
logsConfig,
|
|
@@ -35500,7 +35627,7 @@ var CodeBuildProvider = class {
|
|
|
35500
35627
|
fileSystemLocations,
|
|
35501
35628
|
buildBatchConfig,
|
|
35502
35629
|
badgeEnabled: properties["BadgeEnabled"],
|
|
35503
|
-
sourceVersion: properties["SourceVersion"]
|
|
35630
|
+
sourceVersion: sanitizeOptionalString(properties["SourceVersion"])
|
|
35504
35631
|
};
|
|
35505
35632
|
}
|
|
35506
35633
|
async create(logicalId, resourceType, properties) {
|
|
@@ -35954,10 +36081,11 @@ var S3VectorsProvider = class {
|
|
|
35954
36081
|
}
|
|
35955
36082
|
if (bucket?.encryptionConfiguration) {
|
|
35956
36083
|
const enc = {};
|
|
35957
|
-
|
|
35958
|
-
|
|
36084
|
+
const sseType = bucket.encryptionConfiguration.sseType;
|
|
36085
|
+
if (sseType !== void 0) {
|
|
36086
|
+
enc["SSEType"] = sseType;
|
|
35959
36087
|
}
|
|
35960
|
-
if (bucket.encryptionConfiguration.kmsKeyArn !== void 0) {
|
|
36088
|
+
if (sseType === "aws:kms" && bucket.encryptionConfiguration.kmsKeyArn !== void 0) {
|
|
35961
36089
|
enc["KMSKeyArn"] = bucket.encryptionConfiguration.kmsKeyArn;
|
|
35962
36090
|
}
|
|
35963
36091
|
if (Object.keys(enc).length > 0)
|
|
@@ -36982,7 +37110,9 @@ var S3TablesProvider = class {
|
|
|
36982
37110
|
import {
|
|
36983
37111
|
ECRClient as ECRClient2,
|
|
36984
37112
|
CreateRepositoryCommand,
|
|
37113
|
+
DeleteLifecyclePolicyCommand,
|
|
36985
37114
|
DeleteRepositoryCommand,
|
|
37115
|
+
DeleteRepositoryPolicyCommand,
|
|
36986
37116
|
DescribeRepositoriesCommand,
|
|
36987
37117
|
GetLifecyclePolicyCommand,
|
|
36988
37118
|
PutLifecyclePolicyCommand,
|
|
@@ -37132,19 +37262,42 @@ var ECRProvider = class {
|
|
|
37132
37262
|
})
|
|
37133
37263
|
);
|
|
37134
37264
|
this.logger.debug(`Updated lifecycle policy for ${physicalId}`);
|
|
37265
|
+
} else if (oldLifecycle?.LifecyclePolicyText) {
|
|
37266
|
+
try {
|
|
37267
|
+
await this.getClient().send(
|
|
37268
|
+
new DeleteLifecyclePolicyCommand({ repositoryName: physicalId })
|
|
37269
|
+
);
|
|
37270
|
+
this.logger.debug(`Deleted lifecycle policy for ${physicalId}`);
|
|
37271
|
+
} catch (err) {
|
|
37272
|
+
if (!(err instanceof LifecyclePolicyNotFoundException))
|
|
37273
|
+
throw err;
|
|
37274
|
+
}
|
|
37135
37275
|
}
|
|
37136
37276
|
}
|
|
37137
37277
|
const newPolicy = properties["RepositoryPolicyText"];
|
|
37138
37278
|
const oldPolicy = previousProperties["RepositoryPolicyText"];
|
|
37139
|
-
if (JSON.stringify(newPolicy) !== JSON.stringify(oldPolicy)
|
|
37140
|
-
|
|
37141
|
-
|
|
37142
|
-
|
|
37143
|
-
|
|
37144
|
-
|
|
37145
|
-
|
|
37146
|
-
|
|
37147
|
-
|
|
37279
|
+
if (JSON.stringify(newPolicy) !== JSON.stringify(oldPolicy)) {
|
|
37280
|
+
if (newPolicy !== void 0 && newPolicy !== null && newPolicy !== "") {
|
|
37281
|
+
const policyText = typeof newPolicy === "string" ? newPolicy : JSON.stringify(newPolicy);
|
|
37282
|
+
await this.getClient().send(
|
|
37283
|
+
new SetRepositoryPolicyCommand({
|
|
37284
|
+
repositoryName: physicalId,
|
|
37285
|
+
policyText
|
|
37286
|
+
})
|
|
37287
|
+
);
|
|
37288
|
+
this.logger.debug(`Updated repository policy for ${physicalId}`);
|
|
37289
|
+
} else if (oldPolicy !== void 0 && oldPolicy !== null && oldPolicy !== "") {
|
|
37290
|
+
try {
|
|
37291
|
+
await this.getClient().send(
|
|
37292
|
+
new DeleteRepositoryPolicyCommand({ repositoryName: physicalId })
|
|
37293
|
+
);
|
|
37294
|
+
this.logger.debug(`Deleted repository policy for ${physicalId}`);
|
|
37295
|
+
} catch (err) {
|
|
37296
|
+
const code = err?.name ?? err?.__type ?? "";
|
|
37297
|
+
if (!code.includes("RepositoryPolicyNotFound"))
|
|
37298
|
+
throw err;
|
|
37299
|
+
}
|
|
37300
|
+
}
|
|
37148
37301
|
}
|
|
37149
37302
|
const newTags = properties["Tags"];
|
|
37150
37303
|
const oldTags = previousProperties["Tags"];
|
|
@@ -37275,10 +37428,9 @@ var ECRProvider = class {
|
|
|
37275
37428
|
ScanOnPush: r.imageScanningConfiguration?.scanOnPush ?? false
|
|
37276
37429
|
};
|
|
37277
37430
|
{
|
|
37278
|
-
const
|
|
37279
|
-
|
|
37280
|
-
|
|
37281
|
-
if (r.encryptionConfiguration?.kmsKey !== void 0) {
|
|
37431
|
+
const encType = r.encryptionConfiguration?.encryptionType ?? "AES256";
|
|
37432
|
+
const enc = { EncryptionType: encType };
|
|
37433
|
+
if (encType === "KMS" && r.encryptionConfiguration?.kmsKey) {
|
|
37282
37434
|
enc["KmsKey"] = r.encryptionConfiguration.kmsKey;
|
|
37283
37435
|
}
|
|
37284
37436
|
result["EncryptionConfiguration"] = enc;
|
|
@@ -43737,7 +43889,7 @@ function reorderArgs(argv) {
|
|
|
43737
43889
|
}
|
|
43738
43890
|
async function main() {
|
|
43739
43891
|
const program = new Command14();
|
|
43740
|
-
program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.50.
|
|
43892
|
+
program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.50.12");
|
|
43741
43893
|
program.addCommand(createBootstrapCommand());
|
|
43742
43894
|
program.addCommand(createSynthCommand());
|
|
43743
43895
|
program.addCommand(createListCommand());
|