@gradientedge/cdk-utils 4.12.1 → 4.13.0

package/dist/src/lib/common/construct.d.ts

@@ -40,11 +40,12 @@ export declare class CommonConstruct extends Construct {
     route53Manager: aws.Route53Manager;
     s3Manager: aws.S3Manager;
     secretsManager: aws.SecretsManager;
+    sfnManager: aws.SfnManager;
     snsManager: aws.SnsManager;
-    ssMManager: aws.SsmManager;
+    sqsManager: aws.SqsManager;
+    ssmManager: aws.SsmManager;
     vpcManager: aws.VpcManager;
     wafManager: aws.WafManager;
-    sqsManager: aws.SqsManager;
     fullyQualifiedDomainName: string;
     constructor(parent: Construct, id: string, props: types.CommonStackProps);
     /**

package/dist/src/lib/common/construct.js

@@ -65,11 +65,12 @@ class CommonConstruct extends constructs_1.Construct {
     route53Manager;
     s3Manager;
     secretsManager;
+    sfnManager;
     snsManager;
-    ssMManager;
+    sqsManager;
+    ssmManager;
     vpcManager;
     wafManager;
-    sqsManager;
     fullyQualifiedDomainName;
     constructor(parent, id, props) {
         super(parent, id);
@@ -94,11 +95,12 @@ class CommonConstruct extends constructs_1.Construct {
         this.route53Manager = new aws.Route53Manager();
         this.s3Manager = new aws.S3Manager();
         this.secretsManager = new aws.SecretsManager();
+        this.sfnManager = new aws.SfnManager();
         this.snsManager = new aws.SnsManager();
-        this.ssMManager = new aws.SsmManager();
+        this.sqsManager = new aws.SqsManager();
+        this.ssmManager = new aws.SsmManager();
         this.vpcManager = new aws.VpcManager();
         this.wafManager = new aws.WafManager();
-        this.sqsManager = new aws.SqsManager();
         this.determineFullyQualifiedDomain();
     }
     /**

package/dist/src/lib/construct/api-to-eventbridge-target/main.js

@@ -141,7 +141,7 @@ class ApiToEventBridgeTarget extends common_1.CommonConstruct {
         if (this.props.api.certificate.useExistingCertificate &&
             this.props.api.certificate.certificateSsmName &&
             this.props.api.certificate.certificateRegion) {
-            this.props.api.certificate.certificateArn = this.ssMManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.api.certificate.certificateSsmName, this.props.api.certificate.certificateRegion);
+            this.props.api.certificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.api.certificate.certificateSsmName, this.props.api.certificate.certificateRegion);
         }
         this.apiDestinedRestApi.certificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.api.certificate);
     }

package/dist/src/lib/construct/graphql-api-lambda/main.js

@@ -110,7 +110,7 @@ class GraphQLApiLambda extends common_1.CommonConstruct {
         if (this.props.graphQLApiCertificate.useExistingCertificate &&
             this.props.graphQLApiCertificate.certificateSsmName &&
             this.props.graphQLApiCertificate.certificateRegion) {
-            this.props.graphQLApiCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.graphQLApiCertificate.certificateSsmName, this.props.graphQLApiCertificate.certificateRegion);
+            this.props.graphQLApiCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.graphQLApiCertificate.certificateSsmName, this.props.graphQLApiCertificate.certificateRegion);
         }
         this.graphQLApiCertificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.graphQLApiCertificate);
     }

package/dist/src/lib/construct/site-with-ecs-backend/main.js

@@ -127,7 +127,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
         if (this.props.siteCertificate.useExistingCertificate &&
             this.props.siteCertificate.certificateSsmName &&
             this.props.siteCertificate.certificateRegion) {
-            this.props.siteCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(`${this.id}-certificate-parameter`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
+            this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-parameter`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
         }
         this.siteCertificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.siteCertificate);
     }

package/dist/src/lib/construct/static-site/main.js

@@ -98,7 +98,7 @@ class StaticSite extends common_1.CommonConstruct {
         if (this.props.siteCertificate.useExistingCertificate &&
             this.props.siteCertificate.certificateSsmName &&
             this.props.siteCertificate.certificateRegion) {
-            this.props.siteCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
+            this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-param`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
         }
         this.siteCertificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.siteCertificate);
     }

package/dist/src/lib/manager/aws/iam-manager.d.ts

@@ -36,6 +36,11 @@ export declare class IamManager {
      * @summary Method to create iam statement to put events
      */
     statementForPutEvents(): cdk.aws_iam.PolicyStatement;
+    /**
+     * @summary Method to create iam statement to invoke lambda function
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForInvokeLambda(resourceArns?: string[]): cdk.aws_iam.PolicyStatement;
     /**
      * @summary Method to create iam statement to read app config
      */
@@ -153,6 +158,14 @@ export declare class IamManager {
      * @param {iam.ServicePrincipal} servicePrinicpal
      */
     createRoleForLambda(id: string, scope: common.CommonConstruct, policy: iam.PolicyDocument, servicePrinicpal?: iam.ServicePrincipal): cdk.aws_iam.Role;
+    /**
+     * @summary Method to create iam statement for step function execution
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {iam.PolicyDocument} policy
+     * @param {iam.ServicePrincipal} servicePrinicpal
+     */
+    createRoleForStepFunction(id: string, scope: common.CommonConstruct, policy: iam.PolicyDocument, servicePrinicpal?: iam.ServicePrincipal): cdk.aws_iam.Role;
     /**
      * @summary Method to create iam policy for sqs
      * @param {string} id scoped id of the resource

package/dist/src/lib/manager/aws/iam-manager.js

@@ -69,6 +69,17 @@ class IamManager {
             resources: ['*'],
         });
     }
+    /**
+     * @summary Method to create iam statement to invoke lambda function
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForInvokeLambda(resourceArns) {
+        return new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['lambda:InvokeFunction'],
+            resources: resourceArns ?? ['*'],
+        });
+    }
     /**
      * @summary Method to create iam statement to read app config
      */
@@ -380,6 +391,27 @@ class IamManager {
         utils.createCfnOutput(`${id}Name`, scope, role.roleName);
         return role;
     }
+    /**
+     * @summary Method to create iam statement for step function execution
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {iam.PolicyDocument} policy
+     * @param {iam.ServicePrincipal} servicePrinicpal
+     */
+    createRoleForStepFunction(id, scope, policy, servicePrinicpal) {
+        const role = new iam.Role(scope, `${id}`, {
+            assumedBy: servicePrinicpal ?? new iam.ServicePrincipal('states.amazonaws.com'),
+            description: `Role for ${id} Lambda function`,
+            inlinePolicies: { policy },
+            managedPolicies: [
+                iam.ManagedPolicy.fromManagedPolicyArn(scope, `${id}-AWSLambdaBasicExecutionRole`, 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'),
+            ],
+            roleName: `${id}-${scope.props.stage}`,
+        });
+        utils.createCfnOutput(`${id}Arn`, scope, role.roleArn);
+        utils.createCfnOutput(`${id}Name`, scope, role.roleName);
+        return role;
+    }
     /**
      * @summary Method to create iam policy for sqs
      * @param {string} id scoped id of the resource

package/dist/src/lib/manager/aws/index.d.ts

@@ -18,6 +18,7 @@ export * from './log-manager';
 export * from './route53-manager';
 export * from './s3-manager';
 export * from './secrets-manager';
+export * from './sfn-manager';
 export * from './sns-manager';
 export * from './sqs-manager';
 export * from './ssm-manager';

package/dist/src/lib/manager/aws/index.js

@@ -34,6 +34,7 @@ __exportStar(require("./log-manager"), exports);
 __exportStar(require("./route53-manager"), exports);
 __exportStar(require("./s3-manager"), exports);
 __exportStar(require("./secrets-manager"), exports);
+__exportStar(require("./sfn-manager"), exports);
 __exportStar(require("./sns-manager"), exports);
 __exportStar(require("./sqs-manager"), exports);
 __exportStar(require("./ssm-manager"), exports);

package/dist/src/lib/manager/aws/sfn-manager.d.ts

@@ -0,0 +1,92 @@
+import * as apig from 'aws-cdk-lib/aws-apigateway';
+import * as iam from 'aws-cdk-lib/aws-iam';
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+import * as logs from 'aws-cdk-lib/aws-logs';
+import * as sfn from 'aws-cdk-lib/aws-stepfunctions';
+import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks';
+import * as common from '../../common';
+import * as types from '../../types';
+import { SfnStateMachineProps } from '../../types';
+/**
+ * @stability stable
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Construct
+ * @classdesc Provides operations on AWS Step Functions Service.
+ * - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
+ * - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
+ * @example
+ * import * as common from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends common.common.CommonConstruct {
+ *   constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.sfnManager.createSuccessStep('MyStep', this, myStepProps)
+ *   }
+ * }
+ *
+ * @see [CDK Step Functions Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_stepfunctions-readme.html}
+ */
+export declare class SfnManager {
+    /**
+     * @summary Method to create a success step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnSucceedProps} props
+     */
+    createSuccessStep(id: string, scope: common.CommonConstruct, props: types.SfnSucceedProps): sfn.Succeed;
+    /**
+     * @summary Method to create a failure step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnFailProps} props
+     */
+    createFailStep(id: string, scope: common.CommonConstruct, props: types.SfnFailProps): sfn.Fail;
+    /**
+     * @summary Method to create a pass step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnPassProps} props
+     */
+    createPassStep(id: string, scope: common.CommonConstruct, props: types.SfnPassProps): sfn.Pass;
+    /**
+     * @summary Method to create a parallel step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnParallelProps} props
+     */
+    createParallelStep(id: string, scope: common.CommonConstruct, props: types.SfnParallelProps): sfn.Parallel;
+    /**
+     * @summary Method to create a choice step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnChoiceProps} props
+     */
+    createChoiceStep(id: string, scope: common.CommonConstruct, props: types.SfnChoiceProps): sfn.Choice;
+    /**
+     * @summary Method to create a lambda invoke step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnLambdaInvokeProps} props
+     * @param {lambda.IFunction} lambdaFunction
+     */
+    createLambdaStep(id: string, scope: common.CommonConstruct, props: types.SfnLambdaInvokeProps, lambdaFunction: lambda.IFunction): tasks.LambdaInvoke;
+    /**
+     * @summary Method to create a API Gateway invoke step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnLambdaInvokeProps} props
+     * @param {apig.IRestApi} api
+     */
+    createApiStep(id: string, scope: common.CommonConstruct, props: types.SfnCallApiGatewayRestApiEndpointProps, api: apig.IRestApi): tasks.CallApiGatewayRestApiEndpoint;
+    /**
+     * @summary Method to create a state machine
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnStateMachineProps} props
+     * @param {sfn.IChainable} definition
+     * @param {logs.ILogGroup} logGroup
+     * @param {iam.IRole} role
+     */
+    createStateMachine(id: string, scope: common.CommonConstruct, props: SfnStateMachineProps, definition: sfn.IChainable, logGroup: logs.ILogGroup, role?: iam.IRole): sfn.StateMachine;
+}

package/dist/src/lib/manager/aws/sfn-manager.js

@@ -0,0 +1,198 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SfnManager = void 0;
+const sfn = __importStar(require("aws-cdk-lib/aws-stepfunctions"));
+const tasks = __importStar(require("aws-cdk-lib/aws-stepfunctions-tasks"));
+const utils = __importStar(require("../../utils"));
+/**
+ * @stability stable
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Construct
+ * @classdesc Provides operations on AWS Step Functions Service.
+ * - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
+ * - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
+ * @example
+ * import * as common from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends common.common.CommonConstruct {
+ *   constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.sfnManager.createSuccessStep('MyStep', this, myStepProps)
+ *   }
+ * }
+ *
+ * @see [CDK Step Functions Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_stepfunctions-readme.html}
+ */
+class SfnManager {
+    /**
+     * @summary Method to create a success step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnSucceedProps} props
+     */
+    createSuccessStep(id, scope, props) {
+        if (!props)
+            throw 'Step props undefined';
+        return new sfn.Succeed(scope, `${props.name}`, {
+            ...props,
+            ...{
+                comment: `Succeed step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a failure step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnFailProps} props
+     */
+    createFailStep(id, scope, props) {
+        if (!props)
+            throw 'Step props undefined';
+        return new sfn.Fail(scope, `${props.name}`, {
+            ...props,
+            ...{
+                comment: `Fail step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a pass step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnPassProps} props
+     */
+    createPassStep(id, scope, props) {
+        if (!props)
+            throw 'Step props undefined';
+        return new sfn.Pass(scope, `${props.name}`, {
+            ...props,
+            ...{
+                comment: `Pass step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a parallel step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnParallelProps} props
+     */
+    createParallelStep(id, scope, props) {
+        if (!props)
+            throw 'Step props undefined';
+        return new sfn.Parallel(scope, `${props.name}`, {
+            ...props,
+            ...{
+                comment: `Parallel step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a choice step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnChoiceProps} props
+     */
+    createChoiceStep(id, scope, props) {
+        if (!props)
+            throw 'Step props undefined';
+        return new sfn.Choice(scope, `${props.name}`, {
+            ...props,
+            ...{
+                comment: `Choice step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a lambda invoke step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnLambdaInvokeProps} props
+     * @param {lambda.IFunction} lambdaFunction
+     */
+    createLambdaStep(id, scope, props, lambdaFunction) {
+        if (!props)
+            throw 'Step props undefined';
+        return new tasks.LambdaInvoke(scope, `${props.name}`, {
+            ...props,
+            ...{
+                lambdaFunction,
+                comment: `Lambda step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a API Gateway invoke step
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnLambdaInvokeProps} props
+     * @param {apig.IRestApi} api
+     */
+    createApiStep(id, scope, props, api) {
+        if (!props)
+            throw 'Step props undefined';
+        return new tasks.CallApiGatewayRestApiEndpoint(scope, `${props.name}`, {
+            ...props,
+            ...{
+                api,
+                stageName: scope.props.stage,
+                comment: `API step for ${props.name} - ${scope.props.stage} stage`,
+            },
+        });
+    }
+    /**
+     * @summary Method to create a state machine
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.SfnStateMachineProps} props
+     * @param {sfn.IChainable} definition
+     * @param {logs.ILogGroup} logGroup
+     * @param {iam.IRole} role
+     */
+    createStateMachine(id, scope, props, definition, logGroup, role) {
+        if (!props)
+            throw 'State Machine props undefined';
+        const stateMachine = new sfn.StateMachine(scope, `${id}`, {
+            stateMachineName: `${props.stateMachineName}-${scope.props.stage}`,
+            definition,
+            role,
+            stateMachineType: props.stateMachineType,
+            logs: {
+                destination: logGroup,
+                includeExecutionData: props.logs?.includeExecutionData ?? true,
+                level: props.logs?.level ?? sfn.LogLevel.ALL,
+            },
+            tracingEnabled: props.tracingEnabled,
+            timeout: props.timeout,
+        });
+        utils.createCfnOutput(`${id}-stateMachineName`, scope, stateMachine.stateMachineName);
+        utils.createCfnOutput(`${id}-stateMachineArn`, scope, stateMachine.stateMachineArn);
+        return stateMachine;
+    }
+}
+exports.SfnManager = SfnManager;

package/dist/src/lib/types/aws/index.d.ts

@@ -23,6 +23,8 @@ import * as s3 from 'aws-cdk-lib/aws-s3';
 import * as s3deploy from 'aws-cdk-lib/aws-s3-deployment';
 import * as sns from 'aws-cdk-lib/aws-sns';
 import * as sqs from 'aws-cdk-lib/aws-sqs';
+import * as sfn from 'aws-cdk-lib/aws-stepfunctions';
+import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks';
 import * as wafv2 from 'aws-cdk-lib/aws-wafv2';
 import * as types from '../index';
 /**
@@ -111,6 +113,61 @@ export interface HealthCheck extends elb.HealthCheck {
  */
 export interface KmsKeyProps extends kms.KeyProps {
 }
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnSucceedProps extends sfn.SucceedProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnFailProps extends sfn.FailProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnPassProps extends sfn.PassProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnParallelProps extends sfn.ParallelProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnChoiceProps extends sfn.ChoiceProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnLambdaInvokeProps extends tasks.LambdaInvokeProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnCallApiGatewayRestApiEndpointProps extends tasks.CallApiGatewayRestApiEndpointProps {
+    name: string;
+}
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnStateMachineProps extends sfn.StateMachineProps {
+}
 /**
  * @category cdk-utils.lambda-manager
  * @subcategory Types

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gradientedge/cdk-utils",
-  "version": "4.12.1",
+  "version": "4.13.0",
   "description": "Utilities for AWS CDK provisioning",
   "main": "dist/index.js",
   "engines": {

package/src/lib/common/construct.ts

@@ -42,11 +42,12 @@ export class CommonConstruct extends Construct {
   route53Manager: aws.Route53Manager
   s3Manager: aws.S3Manager
   secretsManager: aws.SecretsManager
+  sfnManager: aws.SfnManager
   snsManager: aws.SnsManager
-  ssMManager: aws.SsmManager
+  sqsManager: aws.SqsManager
+  ssmManager: aws.SsmManager
   vpcManager: aws.VpcManager
   wafManager: aws.WafManager
-  sqsManager: aws.SqsManager
 
   fullyQualifiedDomainName: string
 
@@ -73,11 +74,12 @@ export class CommonConstruct extends Construct {
     this.route53Manager = new aws.Route53Manager()
     this.s3Manager = new aws.S3Manager()
     this.secretsManager = new aws.SecretsManager()
+    this.sfnManager = new aws.SfnManager()
     this.snsManager = new aws.SnsManager()
-    this.ssMManager = new aws.SsmManager()
+    this.sqsManager = new aws.SqsManager()
+    this.ssmManager = new aws.SsmManager()
     this.vpcManager = new aws.VpcManager()
     this.wafManager = new aws.WafManager()
-    this.sqsManager = new aws.SqsManager()
 
     this.determineFullyQualifiedDomain()
   }

package/src/lib/construct/api-to-eventbridge-target/main.ts

@@ -141,7 +141,7 @@ export class ApiToEventBridgeTarget extends CommonConstruct {
       this.props.api.certificate.certificateSsmName &&
       this.props.api.certificate.certificateRegion
     ) {
-      this.props.api.certificate.certificateArn = this.ssMManager.readStringParameterFromRegion(
+      this.props.api.certificate.certificateArn = this.ssmManager.readStringParameterFromRegion(
         `${this.id}-certificate-param`,
         this,
         this.props.api.certificate.certificateSsmName,

package/src/lib/construct/graphql-api-lambda/main.ts

@@ -104,7 +104,7 @@ export class GraphQLApiLambda extends CommonConstruct {
       this.props.graphQLApiCertificate.certificateSsmName &&
       this.props.graphQLApiCertificate.certificateRegion
     ) {
-      this.props.graphQLApiCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(
+      this.props.graphQLApiCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(
         `${this.id}-certificate-param`,
         this,
         this.props.graphQLApiCertificate.certificateSsmName,

package/src/lib/construct/site-with-ecs-backend/main.ts

@@ -123,7 +123,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
       this.props.siteCertificate.certificateSsmName &&
       this.props.siteCertificate.certificateRegion
     ) {
-      this.props.siteCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(
+      this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(
         `${this.id}-certificate-parameter`,
         this,
         this.props.siteCertificate.certificateSsmName,

package/src/lib/construct/static-site/main.ts

@@ -90,7 +90,7 @@ export class StaticSite extends CommonConstruct {
       this.props.siteCertificate.certificateSsmName &&
       this.props.siteCertificate.certificateRegion
     ) {
-      this.props.siteCertificate.certificateArn = this.ssMManager.readStringParameterFromRegion(
+      this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(
         `${this.id}-certificate-param`,
         this,
         this.props.siteCertificate.certificateSsmName,

package/src/lib/manager/aws/iam-manager.ts

@@ -52,6 +52,18 @@ export class IamManager {
     })
   }
 
+  /**
+   * @summary Method to create iam statement to invoke lambda function
+   * @param {string[]} resourceArns list of ARNs to allow access to
+   */
+  public statementForInvokeLambda(resourceArns?: string[]) {
+    return new iam.PolicyStatement({
+      effect: iam.Effect.ALLOW,
+      actions: ['lambda:InvokeFunction'],
+      resources: resourceArns ?? ['*'],
+    })
+  }
+
   /**
    * @summary Method to create iam statement to read app config
    */
@@ -415,6 +427,39 @@ export class IamManager {
     return role
   }
 
+  /**
+   * @summary Method to create iam statement for step function execution
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {iam.PolicyDocument} policy
+   * @param {iam.ServicePrincipal} servicePrinicpal
+   */
+  public createRoleForStepFunction(
+    id: string,
+    scope: common.CommonConstruct,
+    policy: iam.PolicyDocument,
+    servicePrinicpal?: iam.ServicePrincipal
+  ) {
+    const role = new iam.Role(scope, `${id}`, {
+      assumedBy: servicePrinicpal ?? new iam.ServicePrincipal('states.amazonaws.com'),
+      description: `Role for ${id} Lambda function`,
+      inlinePolicies: { policy },
+      managedPolicies: [
+        iam.ManagedPolicy.fromManagedPolicyArn(
+          scope,
+          `${id}-AWSLambdaBasicExecutionRole`,
+          'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+        ),
+      ],
+      roleName: `${id}-${scope.props.stage}`,
+    })
+
+    utils.createCfnOutput(`${id}Arn`, scope, role.roleArn)
+    utils.createCfnOutput(`${id}Name`, scope, role.roleName)
+
+    return role
+  }
+
   /**
    * @summary Method to create iam policy for sqs
    * @param {string} id scoped id of the resource

package/src/lib/manager/aws/index.ts

@@ -18,6 +18,7 @@ export * from './log-manager'
 export * from './route53-manager'
 export * from './s3-manager'
 export * from './secrets-manager'
+export * from './sfn-manager'
 export * from './sns-manager'
 export * from './sqs-manager'
 export * from './ssm-manager'

package/src/lib/manager/aws/sfn-manager.ts

@@ -0,0 +1,197 @@
+import * as apig from 'aws-cdk-lib/aws-apigateway'
+import * as iam from 'aws-cdk-lib/aws-iam'
+import * as lambda from 'aws-cdk-lib/aws-lambda'
+import * as logs from 'aws-cdk-lib/aws-logs'
+import * as sfn from 'aws-cdk-lib/aws-stepfunctions'
+import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks'
+import * as common from '../../common'
+import * as types from '../../types'
+import { SfnStateMachineProps } from '../../types'
+import * as utils from '../../utils'
+
+/**
+ * @stability stable
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Construct
+ * @classdesc Provides operations on AWS Step Functions Service.
+ * - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
+ * - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
+ * @example
+ * import * as common from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends common.common.CommonConstruct {
+ *   constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.sfnManager.createSuccessStep('MyStep', this, myStepProps)
+ *   }
+ * }
+ *
+ * @see [CDK Step Functions Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_stepfunctions-readme.html}
+ */
+export class SfnManager {
+  /**
+   * @summary Method to create a success step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnSucceedProps} props
+   */
+  public createSuccessStep(id: string, scope: common.CommonConstruct, props: types.SfnSucceedProps) {
+    if (!props) throw 'Step props undefined'
+    return new sfn.Succeed(scope, `${props.name}`, {
+      ...props,
+      ...{
+        comment: `Succeed step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a failure step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnFailProps} props
+   */
+  public createFailStep(id: string, scope: common.CommonConstruct, props: types.SfnFailProps) {
+    if (!props) throw 'Step props undefined'
+    return new sfn.Fail(scope, `${props.name}`, {
+      ...props,
+      ...{
+        comment: `Fail step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a pass step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnPassProps} props
+   */
+  public createPassStep(id: string, scope: common.CommonConstruct, props: types.SfnPassProps) {
+    if (!props) throw 'Step props undefined'
+    return new sfn.Pass(scope, `${props.name}`, {
+      ...props,
+      ...{
+        comment: `Pass step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a parallel step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnParallelProps} props
+   */
+  public createParallelStep(id: string, scope: common.CommonConstruct, props: types.SfnParallelProps) {
+    if (!props) throw 'Step props undefined'
+    return new sfn.Parallel(scope, `${props.name}`, {
+      ...props,
+      ...{
+        comment: `Parallel step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a choice step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnChoiceProps} props
+   */
+  public createChoiceStep(id: string, scope: common.CommonConstruct, props: types.SfnChoiceProps) {
+    if (!props) throw 'Step props undefined'
+    return new sfn.Choice(scope, `${props.name}`, {
+      ...props,
+      ...{
+        comment: `Choice step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a lambda invoke step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnLambdaInvokeProps} props
+   * @param {lambda.IFunction} lambdaFunction
+   */
+  public createLambdaStep(
+    id: string,
+    scope: common.CommonConstruct,
+    props: types.SfnLambdaInvokeProps,
+    lambdaFunction: lambda.IFunction
+  ) {
+    if (!props) throw 'Step props undefined'
+    return new tasks.LambdaInvoke(scope, `${props.name}`, {
+      ...props,
+      ...{
+        lambdaFunction,
+        comment: `Lambda step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a API Gateway invoke step
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnLambdaInvokeProps} props
+   * @param {apig.IRestApi} api
+   */
+  public createApiStep(
+    id: string,
+    scope: common.CommonConstruct,
+    props: types.SfnCallApiGatewayRestApiEndpointProps,
+    api: apig.IRestApi
+  ) {
+    if (!props) throw 'Step props undefined'
+    return new tasks.CallApiGatewayRestApiEndpoint(scope, `${props.name}`, {
+      ...props,
+      ...{
+        api,
+        stageName: scope.props.stage,
+        comment: `API step for ${props.name} - ${scope.props.stage} stage`,
+      },
+    })
+  }
+
+  /**
+   * @summary Method to create a state machine
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.SfnStateMachineProps} props
+   * @param {sfn.IChainable} definition
+   * @param {logs.ILogGroup} logGroup
+   * @param {iam.IRole} role
+   */
+  public createStateMachine(
+    id: string,
+    scope: common.CommonConstruct,
+    props: SfnStateMachineProps,
+    definition: sfn.IChainable,
+    logGroup: logs.ILogGroup,
+    role?: iam.IRole
+  ) {
+    if (!props) throw 'State Machine props undefined'
+    const stateMachine = new sfn.StateMachine(scope, `${id}`, {
+      stateMachineName: `${props.stateMachineName}-${scope.props.stage}`,
+      definition,
+      role,
+      stateMachineType: props.stateMachineType,
+      logs: {
+        destination: logGroup,
+        includeExecutionData: props.logs?.includeExecutionData ?? true,
+        level: props.logs?.level ?? sfn.LogLevel.ALL,
+      },
+      tracingEnabled: props.tracingEnabled,
+      timeout: props.timeout,
+    })
+
+    utils.createCfnOutput(`${id}-stateMachineName`, scope, stateMachine.stateMachineName)
+    utils.createCfnOutput(`${id}-stateMachineArn`, scope, stateMachine.stateMachineArn)
+
+    return stateMachine
+  }
+}

package/src/lib/types/aws/index.ts

@@ -23,6 +23,8 @@ import * as s3 from 'aws-cdk-lib/aws-s3'
 import * as s3deploy from 'aws-cdk-lib/aws-s3-deployment'
 import * as sns from 'aws-cdk-lib/aws-sns'
 import * as sqs from 'aws-cdk-lib/aws-sqs'
+import * as sfn from 'aws-cdk-lib/aws-stepfunctions'
+import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks'
 import * as wafv2 from 'aws-cdk-lib/aws-wafv2'
 import * as types from '../index'
 
@@ -117,6 +119,68 @@ export interface HealthCheck extends elb.HealthCheck {
  */
 export interface KmsKeyProps extends kms.KeyProps {}
 
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnSucceedProps extends sfn.SucceedProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnFailProps extends sfn.FailProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnPassProps extends sfn.PassProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnParallelProps extends sfn.ParallelProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnChoiceProps extends sfn.ChoiceProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnLambdaInvokeProps extends tasks.LambdaInvokeProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnCallApiGatewayRestApiEndpointProps extends tasks.CallApiGatewayRestApiEndpointProps {
+  name: string
+}
+
+/**
+ * @category cdk-utils.step-functions-manager
+ * @subcategory Properties
+ */
+export interface SfnStateMachineProps extends sfn.StateMachineProps {}
+
 /**
  * @category cdk-utils.lambda-manager
  * @subcategory Types