@gradientedge/cdk-utils-aws 2.18.0 → 2.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/construct/static-site/main.js +7 -1
- package/dist/src/services/lambda/main.d.ts +3 -3
- package/dist/src/services/lambda/main.js +8 -1
- package/dist/src/services/lambda/types.d.ts +14 -1
- package/dist/src/services/simple-storage-service/main.js +8 -3
- package/dist/src/services/simple-storage-service/types.d.ts +13 -1
- package/package.json +5 -5
|
@@ -93,7 +93,13 @@ export class StaticSite extends CommonConstruct {
|
|
|
93
93
|
* @summary Method to create a site bucket
|
|
94
94
|
*/
|
|
95
95
|
createSiteBucket() {
|
|
96
|
-
|
|
96
|
+
/* Pass the just-created siteLogBucket L2 so server-access logging is wired
|
|
97
|
+
via Ref instead of an imported bucket name — lets CDK attach the
|
|
98
|
+
log-delivery policy and clears the accessLogsPolicyNotAdded warning. */
|
|
99
|
+
this.siteBucket = this.s3Manager.createS3Bucket(`${this.id}-site`, this, {
|
|
100
|
+
...this.props.siteBucket,
|
|
101
|
+
logBucket: this.siteLogBucket,
|
|
102
|
+
});
|
|
97
103
|
}
|
|
98
104
|
/**
|
|
99
105
|
* @summary Method to create a site cloudfront function
|
|
@@ -2,9 +2,9 @@ import { experimental } from 'aws-cdk-lib/aws-cloudfront';
|
|
|
2
2
|
import { ISecurityGroup, IVpc, SubnetSelection } from 'aws-cdk-lib/aws-ec2';
|
|
3
3
|
import { IAccessPoint } from 'aws-cdk-lib/aws-efs';
|
|
4
4
|
import { CfnRole, Role } from 'aws-cdk-lib/aws-iam';
|
|
5
|
-
import { Alias, Architecture, AssetCode, DockerImageCode, DockerImageFunction,
|
|
5
|
+
import { Alias, Architecture, AssetCode, DockerImageCode, DockerImageFunction, ILayerVersion, IVersion, LayerVersion } from 'aws-cdk-lib/aws-lambda';
|
|
6
6
|
import { CommonConstruct } from '../../common/index.js';
|
|
7
|
-
import { LambdaAliasProps, LambdaEdgeProps, LambdaProps } from './types.js';
|
|
7
|
+
import { FunctionWithAliases, LambdaAliasProps, LambdaEdgeProps, LambdaProps } from './types.js';
|
|
8
8
|
/**
|
|
9
9
|
* Provides operations on AWS Lambda
|
|
10
10
|
* - A new instance of this class is injected into {@link CommonConstruct} constructor.
|
|
@@ -53,7 +53,7 @@ export declare class LambdaManager {
|
|
|
53
53
|
* @param mountPath optional mount path for the EFS file system, defaults to '/mnt/msg'
|
|
54
54
|
* @param vpcSubnets optional subnet selection when running in a VPC
|
|
55
55
|
*/
|
|
56
|
-
createLambdaFunction(id: string, scope: CommonConstruct, props: LambdaProps, role: Role | CfnRole, layers: ILayerVersion[], code: AssetCode, handler?: string, environment?: any, vpc?: IVpc, securityGroups?: ISecurityGroup[], accessPoint?: IAccessPoint, mountPath?: string, vpcSubnets?: SubnetSelection):
|
|
56
|
+
createLambdaFunction(id: string, scope: CommonConstruct, props: LambdaProps, role: Role | CfnRole, layers: ILayerVersion[], code: AssetCode, handler?: string, environment?: any, vpc?: IVpc, securityGroups?: ISecurityGroup[], accessPoint?: IAccessPoint, mountPath?: string, vpcSubnets?: SubnetSelection): FunctionWithAliases;
|
|
57
57
|
/**
|
|
58
58
|
* @summary Method to provision a Lambda@Edge function
|
|
59
59
|
* @param id scoped id of the resource
|
|
@@ -122,11 +122,17 @@ export class LambdaManager {
|
|
|
122
122
|
}));
|
|
123
123
|
}
|
|
124
124
|
/* Create aliases and optionally attach provisioned concurrency auto-scaling.
|
|
125
|
-
Provisioned concurrency requires an alias — it cannot be set on $LATEST.
|
|
125
|
+
Provisioned concurrency requires an alias — it cannot be set on $LATEST.
|
|
126
|
+
The created Alias instances are also stashed on the returned function under
|
|
127
|
+
`.lambdaAliases` (keyed by aliasName) so downstream constructs can use them
|
|
128
|
+
directly instead of re-importing by ARN — which carries an UnclearLambdaEnvironment
|
|
129
|
+
warning and silently drops permissions when CDK can't statically prove same-env. */
|
|
126
130
|
if (props.lambdaAliases && !_.isEmpty(props.lambdaAliases)) {
|
|
131
|
+
const aliasMap = {};
|
|
127
132
|
props.lambdaAliases.forEach(alias => {
|
|
128
133
|
const aliasId = alias.id ?? `${id}-${alias.aliasName}`;
|
|
129
134
|
const functionAlias = this.createLambdaFunctionAlias(`${aliasId}`, scope, alias, lambdaFunction.currentVersion);
|
|
135
|
+
aliasMap[alias.aliasName] = functionAlias;
|
|
130
136
|
createCfnOutput(`${id}-${alias.aliasName}AliasArn`, scope, functionAlias.functionArn);
|
|
131
137
|
createCfnOutput(`${id}-${alias.aliasName}AliasName`, scope, functionAlias.aliasName);
|
|
132
138
|
if (alias.provisionedConcurrency) {
|
|
@@ -136,6 +142,7 @@ export class LambdaManager {
|
|
|
136
142
|
});
|
|
137
143
|
}
|
|
138
144
|
});
|
|
145
|
+
lambdaFunction.lambdaAliases = aliasMap;
|
|
139
146
|
}
|
|
140
147
|
if (props.tags && !_.isEmpty(props.tags)) {
|
|
141
148
|
_.forEach(props.tags, tag => {
|
|
@@ -1,7 +1,20 @@
|
|
|
1
|
-
import { AliasProps, FunctionProps } from 'aws-cdk-lib/aws-lambda';
|
|
1
|
+
import { Alias, AliasProps, Function, FunctionProps } from 'aws-cdk-lib/aws-lambda';
|
|
2
2
|
import { SqsEventSourceProps } from 'aws-cdk-lib/aws-lambda-event-sources';
|
|
3
3
|
import { TagProps } from '../../types/index.js';
|
|
4
4
|
import { QueueProps } from '../simple-queue-service/index.js';
|
|
5
|
+
/**
|
|
6
|
+
* A Function returned by {@link LambdaManager.createLambdaFunction} when the
|
|
7
|
+
* caller supplied {@link LambdaProps.lambdaAliases}. The aliases that were
|
|
8
|
+
* created are exposed under `lambdaAliases`, keyed by aliasName, so downstream
|
|
9
|
+
* constructs can pass them directly to integrations (e.g. ApiGateway's
|
|
10
|
+
* LambdaIntegration) instead of re-importing by ARN — which carries an
|
|
11
|
+
* UnclearLambdaEnvironment warning and silently drops the invoke permission
|
|
12
|
+
* when CDK can't statically prove same-env.
|
|
13
|
+
*/
|
|
14
|
+
/** @category Interface */
|
|
15
|
+
export type FunctionWithAliases = Function & {
|
|
16
|
+
lambdaAliases?: Record<string, Alias>;
|
|
17
|
+
};
|
|
5
18
|
/**
|
|
6
19
|
* Props for Lambda@Edge function, matching aws-cdk-lib experimental EdgeFunctionProps.
|
|
7
20
|
* Inlined because aws-cdk-lib does not export this subpath via its package exports map.
|
|
@@ -93,9 +93,14 @@ export class S3Manager {
|
|
|
93
93
|
bucket = Bucket.fromBucketName(scope, `${id}`, S3Manager.determineBucketName(scope, props, props.bucketName));
|
|
94
94
|
}
|
|
95
95
|
else {
|
|
96
|
-
/*
|
|
97
|
-
|
|
98
|
-
|
|
96
|
+
/* Resolve the server-access-logging destination bucket. When the caller
|
|
97
|
+
already owns the log bucket (e.g. created earlier in the same stack)
|
|
98
|
+
they should pass the IBucket instance via `logBucket` — CDK then attaches
|
|
99
|
+
the log-delivery policy directly and no `accessLogsPolicyNotAdded`
|
|
100
|
+
warning is raised. The `logBucketName` path remains for true imports
|
|
101
|
+
where only the name is known. */
|
|
102
|
+
let logBucket = props.logBucket;
|
|
103
|
+
if (!logBucket && props.logBucketName) {
|
|
99
104
|
logBucket = Bucket.fromBucketName(scope, `${id}-logs`, S3Manager.determineBucketName(scope, props, props.logBucketName));
|
|
100
105
|
}
|
|
101
106
|
bucket = new Bucket(scope, `${id}-bucket`, {
|
|
@@ -37,7 +37,19 @@ export interface S3BucketProps extends s3.BucketProps {
|
|
|
37
37
|
existingBucket?: boolean;
|
|
38
38
|
/** Lifecycle rules for objects in the bucket */
|
|
39
39
|
lifecycleRules?: LifecycleRule[];
|
|
40
|
-
/**
|
|
40
|
+
/**
|
|
41
|
+
* Bucket instance to use for server access logging. Pass this when the caller
|
|
42
|
+
* already owns the log destination bucket (e.g. created earlier in the same
|
|
43
|
+
* stack) — CDK can then add the log-delivery policy to it directly. Falls back
|
|
44
|
+
* to {@link logBucketName} when not provided.
|
|
45
|
+
*/
|
|
46
|
+
logBucket?: s3.IBucket;
|
|
47
|
+
/**
|
|
48
|
+
* Name of an existing bucket to use for server access logging. When set, the
|
|
49
|
+
* bucket is imported by name — CDK cannot mutate its policy in that case,
|
|
50
|
+
* which surfaces an `accessLogsPolicyNotAdded` warning at synth. Prefer
|
|
51
|
+
* {@link logBucket} when the destination bucket is owned by the caller.
|
|
52
|
+
*/
|
|
41
53
|
logBucketName?: string;
|
|
42
54
|
/** Tags to apply to the bucket */
|
|
43
55
|
tags?: TagProps[];
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gradientedge/cdk-utils-aws",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.20.0",
|
|
4
4
|
"description": "AWS CDK utilities for @gradientedge/cdk-utils",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/src/index.js",
|
|
@@ -14,12 +14,12 @@
|
|
|
14
14
|
"dist/src/"
|
|
15
15
|
],
|
|
16
16
|
"dependencies": {
|
|
17
|
-
"@aws-sdk/client-secrets-manager": "3.
|
|
18
|
-
"@aws-sdk/credential-providers": "3.
|
|
19
|
-
"@aws-sdk/types": "3.973.
|
|
17
|
+
"@aws-sdk/client-secrets-manager": "3.1064.0",
|
|
18
|
+
"@aws-sdk/credential-providers": "3.1064.0",
|
|
19
|
+
"@aws-sdk/types": "3.973.12",
|
|
20
20
|
"@types/lodash": "4.17.24",
|
|
21
21
|
"app-root-path": "3.1.0",
|
|
22
|
-
"aws-cdk-lib": "2.
|
|
22
|
+
"aws-cdk-lib": "2.258.1",
|
|
23
23
|
"constructs": "10.6.0",
|
|
24
24
|
"lodash": "4.18.1",
|
|
25
25
|
"moment": "2.30.1",
|