@gradientedge/cdk-utils 8.73.0 → 8.75.0

package/dist/src/lib/construct/graphql-api-lambda/main.d.ts

@@ -8,7 +8,8 @@ import { Construct } from 'constructs';
 import { CommonConstruct } from '../../common';
 import { GraphQlApiLambdaEnvironment, GraphQlApiLambdaProps } from '../../types';
 /**
- * @stability stable
+ * @deprecated Use RestApiLambda instead. This will be removed in a future release.
+ *
  * @category cdk-utils.graphql-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a Graphql API as Lambda

package/dist/src/lib/construct/graphql-api-lambda/main.js

@@ -28,7 +28,8 @@ const apig = __importStar(require("aws-cdk-lib/aws-apigateway"));
 const iam = __importStar(require("aws-cdk-lib/aws-iam"));
 const common_1 = require("../../common");
 /**
- * @stability stable
+ * @deprecated Use RestApiLambda instead. This will be removed in a future release.
+ *
  * @category cdk-utils.graphql-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a Graphql API as Lambda

package/dist/src/lib/construct/rest-api-lambda/main.d.ts

@@ -8,8 +8,6 @@ import { Construct } from 'constructs';
 import { CommonConstruct } from '../../common';
 import { RestApiLambdaEnvironment, RestApiLambdaProps } from '../../types';
 /**
- * @deprecated Use RestApiLambda instead. This will be removed in a future release.
- *
  * @category cdk-utils.rest-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a RestApi as Lambda
@@ -30,7 +28,7 @@ import { RestApiLambdaEnvironment, RestApiLambdaProps } from '../../types';
  * }
  * @mixin
  */
-export declare class RestApiLambda extends CommonConstruct {
+export declare abstract class RestApiLambda extends CommonConstruct {
     props: RestApiLambdaProps;
     id: string;
     applicationSecrets: secretsmanager.ISecret[];
@@ -44,7 +42,7 @@ export declare class RestApiLambda extends CommonConstruct {
     restApiCertificate: acm.ICertificate;
     restApiDomain: apig.DomainName;
     restApiBasePathMappings: apig.BasePathMapping[];
-    constructor(parent: Construct, id: string, props: RestApiLambdaProps);
+    protected constructor(parent: Construct, id: string, props: RestApiLambdaProps);
     /**
      * @summary Initialise and provision resources
      * @protected
@@ -96,19 +94,25 @@ export declare class RestApiLambda extends CommonConstruct {
      * @protected
      */
     protected createRestApi(): void;
+    protected abstract createRestApiResources(): void;
     /**
-     * @summary Method to create custom restApiLambda domain for RestApi API
+     * @summary Method to create custom restApiLambda domain for RestApi
      * @protected
      */
     protected createApiDomain(): void;
     /**
-     * @summary Method to create base path mappings for RestApi API
+     * @summary Method to create base path mappings for RestApi
      * @protected
      */
     protected createApiBasePathMapping(): void;
     /**
-     * @summary Method to create route53 records for RestApi API
+     * @summary Method to create route53 records for RestApi
      * @protected
      */
     protected createApiRouteAssets(): void;
+    /**
+     * @summary Method to deploy the changes to the RestApi
+     * @protected
+     */
+    protected createRestApiDeployment(): void;
 }

package/dist/src/lib/construct/rest-api-lambda/main.js

@@ -28,8 +28,6 @@ const apig = __importStar(require("aws-cdk-lib/aws-apigateway"));
 const iam = __importStar(require("aws-cdk-lib/aws-iam"));
 const common_1 = require("../../common");
 /**
- * @deprecated Use RestApiLambda instead. This will be removed in a future release.
- *
  * @category cdk-utils.rest-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a RestApi as Lambda
@@ -85,9 +83,11 @@ class RestApiLambda extends common_1.CommonConstruct {
         this.createLambdaLayers();
         this.createLambdaFunction();
         this.createRestApi();
+        this.createRestApiResources();
         this.createApiDomain();
         this.createApiBasePathMapping();
         this.createApiRouteAssets();
+        this.createRestApiDeployment();
     }
     /**
      * @summary Method to resolve secrets from SecretsManager
@@ -171,7 +171,7 @@ class RestApiLambda extends common_1.CommonConstruct {
         this.restApi = this.apiManager.createLambdaRestApi(`${this.id}-lambda-rest-api`, this, this.props.restApi, this.restApiLambdaFunction);
     }
     /**
-     * @summary Method to create custom restApiLambda domain for RestApi API
+     * @summary Method to create custom restApiLambda domain for RestApi
      * @protected
      */
     createApiDomain() {
@@ -180,7 +180,7 @@ class RestApiLambda extends common_1.CommonConstruct {
             : `${this.props.apiSubDomain}-${this.props.stage}.${this.fullyQualifiedDomainName}`, this.restApiCertificate);
     }
     /**
-     * @summary Method to create base path mappings for RestApi API
+     * @summary Method to create base path mappings for RestApi
      * @protected
      */
     createApiBasePathMapping() {
@@ -204,11 +204,18 @@ class RestApiLambda extends common_1.CommonConstruct {
         });
     }
     /**
-     * @summary Method to create route53 records for RestApi API
+     * @summary Method to create route53 records for RestApi
      * @protected
      */
     createApiRouteAssets() {
         this.route53Manager.createApiGatewayARecord(`${this.id}-custom-domain-a-record`, this, this.props.apiSubDomain, this.restApiDomain, this.restApiHostedZone, this.props.skipStageForARecords);
     }
+    /**
+     * @summary Method to deploy the changes to the RestApi
+     * @protected
+     */
+    createRestApiDeployment() {
+        this.apiManager.createApiDeployment(`${this.id}-deployment`, this, this.restApi);
+    }
 }
 exports.RestApiLambda = RestApiLambda;

package/dist/src/lib/construct/rest-api-lambda-with-cache/main.d.ts

@@ -25,14 +25,14 @@ import { RestApiLambdaWithCacheProps } from '../../types';
  * }
  * @mixin
  */
-export declare class RestApiLambdaWithCache extends RestApiLambda {
+export declare abstract class RestApiLambdaWithCache extends RestApiLambda {
     props: RestApiLambdaWithCacheProps;
     id: string;
     restApivpc: ec2.IVpc;
     restApiCache: elasticache.CfnReplicationGroup;
     restApiSecurityGroup: ec2.ISecurityGroup;
     restApiSecurityGroupExportName: string;
-    constructor(parent: Construct, id: string, props: RestApiLambdaWithCacheProps);
+    protected constructor(parent: Construct, id: string, props: RestApiLambdaWithCacheProps);
     protected initResources(): void;
     /**
      * Create VPC

package/dist/src/lib/construct/rest-api-lambda-with-cache/main.js

@@ -105,7 +105,17 @@ class RestApiLambdaWithCache extends __1.RestApiLambda {
      * @protected
      */
     createElastiCache() {
-        this.restApiCache = this.elasticacheManager.createReplicatedElastiCache(`${this.id}-elasticache`, this, this.props.restApiElastiCache, this.restApivpc.privateSubnets.map(subnet => subnet.subnetId), [this.restApiSecurityGroup.securityGroupId]);
+        this.restApiCache = this.elasticacheManager.createReplicatedElastiCache(`${this.id}-elasticache`, this, this.props.restApiCache, this.restApivpc.privateSubnets.map(subnet => subnet.subnetId), [this.restApiSecurityGroup.securityGroupId]);
+        this.ssmManager.writeStringToParameters(`${this.id}-elasticache-endpoint-address`, this, {
+            parameterName: `${this.id}-elasticache-endpoint-address`,
+            description: `Elasticache address to use by applications`,
+            stringValue: this.restApiCache.attrConfigurationEndPointAddress,
+        });
+        this.ssmManager.writeStringToParameters(`${this.id}-elasticache-endpoint-port`, this, {
+            parameterName: `${this.id}-elasticache-endpoint-port`,
+            description: `Elasticache port to use by applications`,
+            stringValue: this.restApiCache.attrConfigurationEndPointPort,
+        });
     }
     /**
      * Create Lambda Role

package/dist/src/lib/manager/aws/api-manager.js

@@ -79,6 +79,7 @@ class ApiManager {
                 loggingLevel: props.deployOptions?.loggingLevel,
                 dataTraceEnabled: props.deployOptions?.dataTraceEnabled,
                 cachingEnabled: props.deployOptions?.cachingEnabled,
+                metricsEnabled: props.deployOptions?.metricsEnabled,
             },
             retainDeployments: props.retainDeployments,
             parameters: props.parameters,

package/dist/src/lib/manager/aws/iam-manager.d.ts

@@ -58,6 +58,21 @@ export declare class IamManager {
      * @param {string[]} resourceArns list of ARNs to allow access to
      */
     statementForReadAnyAppConfig(resourceArns?: string[]): cdk.aws_iam.PolicyStatement;
+    /**
+     * @summary Method to create iam statement to access app config
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForAppConfigExecution(resourceArns?: string[]): cdk.aws_iam.PolicyStatement;
+    /**
+     * @summary Method to create iam statement to put xray telemetry
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForPutXrayTelemetry(resourceArns?: string[]): cdk.aws_iam.PolicyStatement;
+    /**
+     * @summary Method to create iam statement to decrypt kms
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForDecryptKms(resourceArns?: string[]): cdk.aws_iam.PolicyStatement;
     /**
      * @summary Method to create iam statement to list s3 buckets
      * @param {common.CommonConstruct} scope scope in which this resource is defined

package/dist/src/lib/manager/aws/iam-manager.js

@@ -130,6 +130,39 @@ class IamManager {
             resources: resourceArns ?? ['*'],
         });
     }
+    /**
+     * @summary Method to create iam statement to access app config
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForAppConfigExecution(resourceArns) {
+        return new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['appconfig:GetLatestConfiguration', 'appconfig:StartConfigurationSession'],
+            resources: resourceArns ?? ['*'],
+        });
+    }
+    /**
+     * @summary Method to create iam statement to put xray telemetry
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForPutXrayTelemetry(resourceArns) {
+        return new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['xray:PutTraceSegments', 'xray:PutTelemetryRecords'],
+            resources: resourceArns ?? ['*'],
+        });
+    }
+    /**
+     * @summary Method to create iam statement to decrypt kms
+     * @param {string[]} resourceArns list of ARNs to allow access to
+     */
+    statementForDecryptKms(resourceArns) {
+        return new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['kms:Decrypt'],
+            resources: resourceArns ?? ['*'],
+        });
+    }
     /**
      * @summary Method to create iam statement to list s3 buckets
      * @param {common.CommonConstruct} scope scope in which this resource is defined

package/dist/src/lib/manager/aws/lambda-manager.js

@@ -215,6 +215,7 @@ class LambdaManager {
                 filesystem: accessPoint
                     ? lambda.FileSystem.fromEfsAccessPoint(accessPoint, mountPath || '/mnt/msg')
                     : undefined,
+                logRetention: scope.props.logRetention ?? props.logRetention,
                 reservedConcurrentExecutions: props.reservedConcurrentExecutions,
                 role: role instanceof iam.Role ? role : undefined,
                 securityGroups: securityGroups,

package/dist/src/lib/types/aws/index.d.ts

@@ -316,7 +316,7 @@ export interface GraphQlApiLambdaWithCacheProps extends GraphQlApiLambdaProps {
  */
 export interface RestApiLambdaWithCacheProps extends RestApiLambdaProps {
     restApiVpc: ec2.VpcProps;
-    restApiElastiCache: ReplicatedElastiCacheProps;
+    restApiCache: ReplicatedElastiCacheProps;
     securityGroupExportName: string;
     useExistingVpc: boolean;
     vpcName?: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gradientedge/cdk-utils",
-  "version": "8.73.0",
+  "version": "8.75.0",
   "description": "Utilities for AWS CDK provisioning",
   "main": "dist/index.js",
   "engines": {

package/src/lib/construct/graphql-api-lambda/main.ts

@@ -9,7 +9,8 @@ import { CommonConstruct } from '../../common'
 import { GraphQlApiLambdaEnvironment, GraphQlApiLambdaProps } from '../../types'
 
 /**
- * @stability stable
+ * @deprecated Use RestApiLambda instead. This will be removed in a future release.
+ *
  * @category cdk-utils.graphql-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a Graphql API as Lambda

package/src/lib/construct/rest-api-lambda/main.ts

@@ -9,8 +9,6 @@ import { CommonConstruct } from '../../common'
 import { RestApiLambdaEnvironment, RestApiLambdaProps } from '../../types'
 
 /**
- * @deprecated Use RestApiLambda instead. This will be removed in a future release.
- *
  * @category cdk-utils.rest-api-lambda
  * @subcategory construct
  * @classdesc Provides a construct to create and deploy a RestApi as Lambda
@@ -31,7 +29,7 @@ import { RestApiLambdaEnvironment, RestApiLambdaProps } from '../../types'
  * }
  * @mixin
  */
-export class RestApiLambda extends CommonConstruct {
+export abstract class RestApiLambda extends CommonConstruct {
   /* restApiLambda props */
   props: RestApiLambdaProps
   id: string
@@ -49,7 +47,7 @@ export class RestApiLambda extends CommonConstruct {
   restApiDomain: apig.DomainName
   restApiBasePathMappings: apig.BasePathMapping[] = []
 
-  constructor(parent: Construct, id: string, props: RestApiLambdaProps) {
+  protected constructor(parent: Construct, id: string, props: RestApiLambdaProps) {
     super(parent, id, props)
 
     this.props = props
@@ -70,9 +68,11 @@ export class RestApiLambda extends CommonConstruct {
     this.createLambdaLayers()
     this.createLambdaFunction()
     this.createRestApi()
+    this.createRestApiResources()
     this.createApiDomain()
     this.createApiBasePathMapping()
     this.createApiRouteAssets()
+    this.createRestApiDeployment()
   }
 
   /**
@@ -201,8 +201,10 @@ export class RestApiLambda extends CommonConstruct {
     )
   }
 
+  protected abstract createRestApiResources(): void
+
   /**
-   * @summary Method to create custom restApiLambda domain for RestApi API
+   * @summary Method to create custom restApiLambda domain for RestApi
    * @protected
    */
   protected createApiDomain() {
@@ -217,7 +219,7 @@ export class RestApiLambda extends CommonConstruct {
   }
 
   /**
-   * @summary Method to create base path mappings for RestApi API
+   * @summary Method to create base path mappings for RestApi
    * @protected
    */
   protected createApiBasePathMapping() {
@@ -245,7 +247,7 @@ export class RestApiLambda extends CommonConstruct {
   }
 
   /**
-   * @summary Method to create route53 records for RestApi API
+   * @summary Method to create route53 records for RestApi
    * @protected
    */
   protected createApiRouteAssets() {
@@ -258,4 +260,12 @@ export class RestApiLambda extends CommonConstruct {
       this.props.skipStageForARecords
     )
   }
+
+  /**
+   * @summary Method to deploy the changes to the RestApi
+   * @protected
+   */
+  protected createRestApiDeployment() {
+    this.apiManager.createApiDeployment(`${this.id}-deployment`, this, this.restApi)
+  }
 }

package/src/lib/construct/rest-api-lambda-with-cache/main.ts

@@ -29,7 +29,7 @@ import * as utils from '../../utils'
  * }
  * @mixin
  */
-export class RestApiLambdaWithCache extends RestApiLambda {
+export abstract class RestApiLambdaWithCache extends RestApiLambda {
   /* restApiLambdaWithCache props */
   props: RestApiLambdaWithCacheProps
   id: string
@@ -40,7 +40,7 @@ export class RestApiLambdaWithCache extends RestApiLambda {
   restApiSecurityGroup: ec2.ISecurityGroup
   restApiSecurityGroupExportName: string
 
-  constructor(parent: Construct, id: string, props: RestApiLambdaWithCacheProps) {
+  protected constructor(parent: Construct, id: string, props: RestApiLambdaWithCacheProps) {
     super(parent, id, props)
 
     this.props = props
@@ -97,10 +97,22 @@ export class RestApiLambdaWithCache extends RestApiLambda {
     this.restApiCache = this.elasticacheManager.createReplicatedElastiCache(
       `${this.id}-elasticache`,
       this,
-      this.props.restApiElastiCache,
+      this.props.restApiCache,
       this.restApivpc.privateSubnets.map(subnet => subnet.subnetId),
       [this.restApiSecurityGroup.securityGroupId]
     )
+
+    this.ssmManager.writeStringToParameters(`${this.id}-elasticache-endpoint-address`, this, {
+      parameterName: `${this.id}-elasticache-endpoint-address`,
+      description: `Elasticache address to use by applications`,
+      stringValue: this.restApiCache.attrConfigurationEndPointAddress,
+    })
+
+    this.ssmManager.writeStringToParameters(`${this.id}-elasticache-endpoint-port`, this, {
+      parameterName: `${this.id}-elasticache-endpoint-port`,
+      description: `Elasticache port to use by applications`,
+      stringValue: this.restApiCache.attrConfigurationEndPointPort,
+    })
   }
 
   /**

package/src/lib/manager/aws/api-manager.ts

@@ -62,6 +62,7 @@ export class ApiManager {
         loggingLevel: props.deployOptions?.loggingLevel,
         dataTraceEnabled: props.deployOptions?.dataTraceEnabled,
         cachingEnabled: props.deployOptions?.cachingEnabled,
+        metricsEnabled: props.deployOptions?.metricsEnabled,
       },
       retainDeployments: props.retainDeployments,
       parameters: props.parameters,

package/src/lib/manager/aws/iam-manager.ts

@@ -117,6 +117,42 @@ export class IamManager {
     })
   }
 
+  /**
+   * @summary Method to create iam statement to access app config
+   * @param {string[]} resourceArns list of ARNs to allow access to
+   */
+  public statementForAppConfigExecution(resourceArns?: string[]) {
+    return new iam.PolicyStatement({
+      effect: iam.Effect.ALLOW,
+      actions: ['appconfig:GetLatestConfiguration', 'appconfig:StartConfigurationSession'],
+      resources: resourceArns ?? ['*'],
+    })
+  }
+
+  /**
+   * @summary Method to create iam statement to put xray telemetry
+   * @param {string[]} resourceArns list of ARNs to allow access to
+   */
+  public statementForPutXrayTelemetry(resourceArns?: string[]) {
+    return new iam.PolicyStatement({
+      effect: iam.Effect.ALLOW,
+      actions: ['xray:PutTraceSegments', 'xray:PutTelemetryRecords'],
+      resources: resourceArns ?? ['*'],
+    })
+  }
+
+  /**
+   * @summary Method to create iam statement to decrypt kms
+   * @param {string[]} resourceArns list of ARNs to allow access to
+   */
+  public statementForDecryptKms(resourceArns?: string[]) {
+    return new iam.PolicyStatement({
+      effect: iam.Effect.ALLOW,
+      actions: ['kms:Decrypt'],
+      resources: resourceArns ?? ['*'],
+    })
+  }
+
   /**
    * @summary Method to create iam statement to list s3 buckets
    * @param {common.CommonConstruct} scope scope in which this resource is defined

package/src/lib/manager/aws/lambda-manager.ts

@@ -270,6 +270,7 @@ export class LambdaManager {
         filesystem: accessPoint
           ? lambda.FileSystem.fromEfsAccessPoint(accessPoint, mountPath || '/mnt/msg')
           : undefined,
+        logRetention: scope.props.logRetention ?? props.logRetention,
         reservedConcurrentExecutions: props.reservedConcurrentExecutions,
         role: role instanceof iam.Role ? role : undefined,
         securityGroups: securityGroups,

package/src/lib/types/aws/index.ts

@@ -340,7 +340,7 @@ export interface GraphQlApiLambdaWithCacheProps extends GraphQlApiLambdaProps {
  */
 export interface RestApiLambdaWithCacheProps extends RestApiLambdaProps {
   restApiVpc: ec2.VpcProps
-  restApiElastiCache: ReplicatedElastiCacheProps
+  restApiCache: ReplicatedElastiCacheProps
   securityGroupExportName: string
   useExistingVpc: boolean
   vpcName?: string