@izara_project/izara-core-generate-service-code 1.0.55 → 1.0.56

package/src/codeGenerators/app/sls_yaml/__tests__/SharedResourceYamlGenerator.test.js

@@ -34,7 +34,10 @@ describe('generateSharedResourceYaml', () => {
         'Resources:',
         '  AwaitingStepTable:',
         '    Properties:',
-        '      TableName: ${self:custom.iz_resourcePrefix}AwaitingStep'
+        '      TableName: ${self:custom.iz_resourcePrefix}AwaitingStep',
+        '  WebSocketTaskTable:',
+        '    Properties:',
+        '      TableName: ${self:custom.iz_resourcePrefix}WebSocketTask'
       ].join('\n'),
       'utf8'
     );
@@ -58,7 +61,13 @@ describe('generateSharedResourceYaml', () => {
         '      QueueName: ${self:custom.iz_resourcePrefix}ReservationsSqsDLQ',
         '  InReservations:',
         '    Properties:',
-        '      TopicName: ${self:custom.iz_serviceTag}_${self:custom.iz_stage}_Reservations_In'
+        '      TopicName: ${self:custom.iz_serviceTag}_${self:custom.iz_stage}_ReservationsComplete_In',
+        '  InReservationsMain:',
+        '    Properties:',
+        '      TopicName: ${self:custom.iz_serviceTag}_${self:custom.iz_stage}_Reservations_In',
+        '  InCreateRolePermissions:',
+        '    Properties:',
+        '      TopicName: ${self:custom.iz_serviceTag}_${self:custom.iz_stage}_CreateRolePermissions_In'
       ].join('\n'),
       'utf8'
     );
@@ -92,85 +101,135 @@ describe('generateSharedResourceYaml', () => {
       ),
       [
         'ReservationsCompleteSqs:',
+        '  role: WebSocketMainRole',
         '  events:',
         '    - sqs:',
         '        arn: arn:aws:sqs:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_resourcePrefix}ReservationsCompleteSqs'
       ].join('\n'),
       'utf8'
     );
+
+    await fs.writeFile(
+      path.join(
+        tmpDir,
+        'app',
+        'sls_yaml',
+        'generatedCode',
+        'source',
+        'role-name-config.yml'
+      ),
+      [
+        '# for createIamRole',
+        '- arn:aws:iam::${self:custom.iz_accountId}:role/${self:custom.iz_resourcePrefix}FlowObjectsRole',
+        '- arn:aws:iam::${self:custom.iz_accountId}:role/${self:custom.iz_resourcePrefix}ProcFindDataRole',
+        '- arn:aws:iam::${self:custom.iz_accountId}:role/${self:custom.iz_resourcePrefix}RegisterRole',
+        '- arn:aws:iam::${self:custom.iz_accountId}:role/${self:custom.iz_resourcePrefix}ReservationsRole',
+        '- arn:aws:iam::${self:custom.iz_accountId}:role/${self:custom.iz_resourcePrefix}WebSocketMainRole'
+      ].join('\n'),
+      'utf8'
+    );
   });
 
-  it('registers baseline IAM statements with explicit resources', async () => {
+  it('registers scoped IAM statements and avoids broad defaults', async () => {
     await generateSharedResourceYaml(
       { objects: [{ objectType: 'Foo' }], flows: [] },
       { outputPath: tmpDir }
     );
 
     const grouped = policyRegistry.toGroupedByRole();
+    const resources = grouped.FlowObjectsRole.statements.flatMap(
+      statement => statement.resource
+    );
+    const actions = grouped.FlowObjectsRole.statements.flatMap(
+      statement => statement.action
+    );
+
     expect(Object.keys(grouped).sort()).toEqual(
       expect.arrayContaining([
-        'PerActionEndpointRole',
+        'FlowObjectsRole',
         'ProcFindDataRole',
-        'RegisterRole'
+        'RegisterRole',
+        'ReservationsRole',
+        'WebSocketMainRole'
       ])
     );
-
-    const resources = grouped.PerActionEndpointRole.statements.flatMap(
-      statement => statement.resource
-    );
-
     expect(resources).toContain(
       'arn:aws:s3:::${self:custom.iz_serviceSchemaBucketName}/perServiceSchemas/*'
     );
     expect(resources).toContain(
       'arn:aws:dynamodb:${self:custom.iz_region}:${self:custom.iz_accountId}:table/${self:custom.iz_resourcePrefix}AwaitingStep'
     );
-    expect(resources).toContain(
-      'arn:aws:sqs:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_resourcePrefix}ReservationsSqs'
+    const reservationResources = grouped.ReservationsRole.statements.flatMap(
+      statement => statement.resource
     );
-    expect(resources).toContain(
-      'arn:aws:sqs:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_resourcePrefix}ReservationsCompleteSqs'
+    const reservationActions = grouped.ReservationsRole.statements.flatMap(
+      statement => statement.action
     );
-    expect(resources).toContain(
+
+    expect(reservationResources).toContain(
       'arn:aws:sns:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_serviceTag}_${self:custom.iz_stage}_Reservations_Out'
     );
+    expect(reservationResources).not.toContain(
+      'arn:aws:sns:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_serviceTag}_${self:custom.iz_stage}_ReservationsComplete_In'
+    );
     expect(resources).not.toContain(
-      'arn:aws:dynamodb:${self:custom.iz_region}:${self:custom.iz_accountId}:table/${self:custom.iz_resourcePrefix}*'
+      'arn:aws:sns:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_serviceTag}_${self:custom.iz_stage}_CreateRolePermissions_In'
     );
+    expect(reservationActions).toContain('sns:Publish');
+    expect(reservationActions).not.toContain('sns:Subscribe');
     expect(resources).not.toContain(
-      'arn:aws:sqs:${self:custom.iz_region}:${self:custom.iz_accountId}:${self:custom.iz_resourcePrefix}*'
+      'arn:aws:dynamodb:${self:custom.iz_region}:${self:custom.iz_accountId}:table/${self:custom.iz_resourcePrefix}*'
     );
   });
 
-  it('adds WebSocket permissions only for WebSocketMainRole when ownTopic flow exists', async () => {
+  it('adds WebSocket permissions only for WebSocketMainRole', async () => {
     await generateSharedResourceYaml(
       { flows: [{ flowTag: 'dummy', event: ['ownTopic'] }] },
       { outputPath: tmpDir }
     );
 
     const grouped = policyRegistry.toGroupedByRole();
-    expect(Object.keys(grouped)).toContain('WebSocketMainRole');
     const wsActions = grouped.WebSocketMainRole.statements.flatMap(
       statement => statement.action
     );
-    expect(wsActions).toEqual(
-      expect.arrayContaining(['execute-api:ManageConnections'])
-    );
+
+    expect(wsActions).toContain('execute-api:ManageConnections');
+    expect(wsActions).not.toContain('execute-api:Invoke');
+
+    for (const [roleName, roleData] of Object.entries(grouped)) {
+      if (roleName === 'WebSocketMainRole') continue;
+      const actions = roleData.statements.flatMap(statement => statement.action);
+      expect(actions).not.toContain('execute-api:ManageConnections');
+      expect(actions).not.toContain('execute-api:Invoke');
+    }
   });
 
-  it('does not add WebSocket permissions for roles other than WebSocketMainRole', async () => {
+  it('only emits roles present in role-name-config', async () => {
+    policyRegistry.add(
+      'UnexpectedRole',
+      'sns:Publish',
+      'arn:aws:sns:${self:custom.iz_region}:${self:custom.iz_accountId}:unexpected'
+    );
+
     await generateSharedResourceYaml(
-      { flows: [{ flowTag: 'dummy', event: ['ownTopic'] }] },
+      { objects: [{ objectType: 'Foo' }], flows: [] },
       { outputPath: tmpDir }
     );
 
-    const grouped = policyRegistry.toGroupedByRole();
-    for (const roleName of Object.keys(grouped)) {
-      if (roleName === 'WebSocketMainRole') continue;
-      const actions = grouped[roleName].statements.flatMap(
-        statement => statement.action
-      );
-      expect(actions).not.toContain('execute-api:ManageConnections');
-    }
+    const content = await fs.readFile(
+      path.join(
+        tmpDir,
+        'app',
+        'sls_yaml',
+        'generatedCode',
+        'source',
+        'generate-shared-resource.yml'
+      ),
+      'utf8'
+    );
+
+    expect(content).toContain('FlowObjectsRole:');
+    expect(content).toContain('WebSocketMainRole:');
+    expect(content).not.toContain('UnexpectedRole:');
   });
 });

package/src/codeGenerators/app/sls_yaml/templates/SharedResource_Yaml.ejs

@@ -33,7 +33,7 @@ Resources:
                   - "<%- r %>"
 <% }) %>
 <% }) %>
-        #<#<%- roleName %>StatementHookCode#>
-        #<#/<%- roleName %>StatementHookCode#>
+              #<#<%- roleName %>StatementHookCode#>
+              #<#/<%- roleName %>StatementHookCode#>
 
 <% }) %>

package/src/codeGenerators/app/src/generatedCode/Flow/{FlowEndpoints → FlowObjects}/EndpointsGenerator.js

@@ -40,7 +40,7 @@ export async function generateEndpointsFlow(allSchemas, options) {
   for (const action of CRUD_ACTIONS) {
     const isAsync = CRUD_ASYNC_ACTIONS.includes(action);
     const upperAction = upperFirst(action);
-    const flowOutputDir = path.join(baseOutputDir, 'FlowEndpoints', upperAction, 'source');
+    const flowOutputDir = path.join(baseOutputDir, 'FlowObjects', upperAction, 'source');
     await fs.mkdir(flowOutputDir, { recursive: true });
 
     const mainFileName = processMainFileName(action);

package/src/codeGenerators/app/src/generatedCode/Flow/FlowRbac/templates/rbac/FlowRbac_Main.ejs

@@ -0,0 +1,252 @@
+/*
+Copyright (C) 2020 Sven Mason <http: //izara.io>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see
+<http: //www.gnu.org/licenses />.
+*/
+
+import dynamodbSharedLib from '@izara_project/izara-core-library-dynamodb';
+import snsSharedLib from '@izara_project/izara-core-library-sns';
+import sqsSharedLib from '@izara_project/izara-core-library-sqs';
+import asyncFlowSharedLib from '@izara_project/izara-core-library-asynchronous-flow';
+import callingFlowSharedLib from '@izara_project/izara-core-library-calling-flow';
+import lambdaSharedLib from '@izara_project/izara-core-library-lambda';
+
+//(<optionalImport>)
+import { coreConsts } from '@izara_project/izara-core-library-core';
+import { getObjectSchema } from '@izara_project/izara-core-library-service-schemas';
+import {
+  lambda,
+  sns,
+  sqs
+} from '@izara_project/izara-core-library-external-request';
+import { NoRetryError } from '@izara_project/izara-core-library-core';
+import { utils } from '@izara_project/izara-core-library-service-schemas';
+
+const { createFlowTypeConcat } = utils;
+//(</optionalImport>)
+
+/**
+ *
+ *
+ * description of function.
+ * @param {Object} _izContext
+ * @param {CorrelationIds} _izContext.correlationIds - property of _izContext
+ * @param {Logger} _izContext.logger - property of _izContext
+ * @param {Object} requestParams - request params
+ * @param {Object} requestParams.identifiers - identifiers for get data
+ * @param {Object} requestParams.additionalRequest - additionalRequest
+ *
+ *
+ * @returns {object} description of return value
+ */
+
+export default async function ProcessUserRbacFlow(
+  _izContext,
+  requestParams,
+  callingFlowConfig = {}
+  //(<additionalParams>)
+  //(</additionalParams>)
+) {
+  try {
+    _izContext.logger.debug('ProcessUserRbacFlow _izContext', _izContext);
+    _izContext.logger.debug('ProcessUserRbacFlow requestParams', requestParams);
+    _izContext.logger.debug(
+      'ProcessUserRbacFlow callingFlowConfig',
+      callingFlowConfig
+    );
+
+    const userId = _izContext.correlationIds.get(coreConsts.BASE_USER_ID);
+    const targetId = _izContext.correlationIds.get(coreConsts.TARGET_ID);
+
+    if (!userId && !targetId) {
+      throw new Error(
+        'Missing required request parameters: userId or targetId'
+      );
+    }
+
+    const { flowTypeConcat, inputParameterGroups } = requestParams;
+    if (!flowTypeConcat) {
+      throw new Error('Missing flowTypeConcat in requestParams');
+    }
+
+    _izContext.logger.debug('userId', userId);
+    _izContext.logger.debug('targetId', targetId);
+    _izContext.logger.debug('flowTypeConcat', flowTypeConcat);
+
+    const tableUserRoles = dynamodbSharedLib.tableName(_izContext, 'UserRoles');
+
+    const resultUserRoles = await dynamodbSharedLib.query(
+      _izContext,
+      tableUserRoles,
+      {
+        userId
+      }
+    );
+
+    if (!resultUserRoles.Items) {
+      resultUserRoles.Items = [];
+    }
+
+    let targetUserRoles = resultUserRoles.Items;
+
+    targetUserRoles = targetUserRoles.filter(
+      r => r.roleIdKey && r.roleIdKey.startsWith(targetId + '_')
+    );
+
+    const tableRolePermission = dynamodbSharedLib.tableName(
+      _izContext,
+      'RolePermissions'
+    );
+
+    const chunkSize = 10;
+    const rbacRolePermissions = [];
+
+    for (let i = 0; i < targetUserRoles.length; i += chunkSize) {
+      const chunk = targetUserRoles.slice(i, i + chunkSize);
+      const promises = chunk.map(userRole =>
+        dynamodbSharedLib
+          .getItem(_izContext, tableRolePermission, {
+            roleIdKey: userRole.roleIdKey,
+            flowTypeConcat: flowTypeConcat
+          })
+          .catch(err => {
+            _izContext.logger.error(
+              `Error fetching permission for role ${userRole.roleIdKey}:`,
+              err
+            );
+            return null;
+          })
+      );
+
+      const results = await Promise.all(promises);
+      rbacRolePermissions.push(...results);
+    }
+
+    let isPermission = false;
+    let roleIdKey = '';
+
+    for (let i = 0; i < rbacRolePermissions.length; i++) {
+      const rbacRolePermission = rbacRolePermissions[i];
+      const userRole = targetUserRoles[i];
+
+      if (rbacRolePermission && rbacRolePermission.permission === true) {
+        const dbParameterGroups = rbacRolePermission.parameterGroups;
+        let isParamValid = true;
+
+        if (
+          dbParameterGroups &&
+          typeof dbParameterGroups === 'object' &&
+          !Array.isArray(dbParameterGroups)
+        ) {
+          const entries = Object.entries(dbParameterGroups);
+          if (entries.length > 0) {
+            let any_parameterGroup_match = false;
+
+            for (const [groupName, parameterGroup] of entries) {
+              if (!Array.isArray(parameterGroup)) {
+                _izContext.logger.debug(
+                  `Skipping non-array parameterGroup: ${groupName}`
+                );
+                continue;
+              }
+
+              _izContext.logger.debug(
+                `Checking parameterGroup [${groupName}]:`,
+                parameterGroup
+              );
+              let parameterGroupMatch = true;
+
+              for (const check_parameter of parameterGroup) {
+                let tempRequestParams = inputParameterGroups || {};
+
+                if (
+                  !check_parameter.parameterNames ||
+                  !Array.isArray(check_parameter.parameterNames)
+                ) {
+                  parameterGroupMatch = false;
+                  break;
+                }
+
+                for (const parameterName of check_parameter.parameterNames) {
+                  if (
+                    !tempRequestParams ||
+                    typeof tempRequestParams !== 'object' ||
+                    !(parameterName in tempRequestParams)
+                  ) {
+                    parameterGroupMatch = false;
+                    break;
+                  }
+                  tempRequestParams = tempRequestParams[parameterName];
+                }
+
+                if (!parameterGroupMatch) break;
+
+                if (
+                  !check_parameter.parameterValues ||
+                  !Array.isArray(check_parameter.parameterValues)
+                ) {
+                  parameterGroupMatch = false;
+                  break;
+                }
+
+                const valueMatched =
+                  check_parameter.parameterValues.includes(tempRequestParams);
+
+                if (!valueMatched) {
+                  parameterGroupMatch = false;
+                  break;
+                }
+              }
+
+              if (parameterGroupMatch) {
+                _izContext.logger.debug(
+                  `✅ parameterGroup [${groupName}] matched`
+                );
+                any_parameterGroup_match = true;
+                break;
+              } else {
+                _izContext.logger.debug(
+                  `❌ parameterGroup [${groupName}] did not match`
+                );
+              }
+            }
+
+            isParamValid = any_parameterGroup_match;
+          }
+        }
+
+        if (isParamValid) {
+          isPermission = true;
+          roleIdKey = rbacRolePermission.roleIdKey;
+          _izContext.logger.debug(
+            '### matched rbacRolePermission ###',
+            rbacRolePermission
+          );
+          break;
+        } else {
+          _izContext.logger.debug(
+            '### rbacRolePermission parameterGroups check failed ###',
+            { roleIdKey: userRole.roleIdKey }
+          );
+        }
+      }
+    }
+
+    return { permission: isPermission, roleIdKey };
+  } catch (err) {
+    _izContext.logger.error('error ProcessUserRbacFlow: ', err);
+    throw err;
+  }
+}

package/src/codeGenerators/app/src/generatedCode/Flow/{FlowRelationshipEndpoints → FlowRelationships}/RelationshipFlowGenerator.js

@@ -37,7 +37,7 @@ export async function generateRelationshipFlows(allSchemas, options) {
         const upperFlowTag = upperFirst(flowTag);
         const processFunction = processFunctionName(flowTag);
 
-        const flowOutputDir = path.join(baseOutputDir, 'FlowRelationshipEndpoints', upperFlowTag, 'source');
+        const flowOutputDir = path.join(baseOutputDir, 'FlowRelationships', upperFlowTag, 'source');
         await fs.mkdir(flowOutputDir, { recursive: true });
 
         // 1. Generate Action Step (In) Main Function

package/src/codeGenerators/app/src/generatedCode/Flow/_shared/shared/flowClassifier.js

@@ -42,8 +42,9 @@ export function isRelationshipFlow(flowTag) {
 }
 
 export function getFlowOutputSubDir(flowTag) {
-    if (isCrudFlow(flowTag)) return 'FlowEndpoints';
+    if (isCrudFlow(flowTag)) return 'FlowObjects';
     if (isRbacFlow(flowTag)) return 'FlowRbac';
-    if (isRelationshipFlow(flowTag)) return 'FlowRelationshipEndpoints';
+    if (isRelationshipFlow(flowTag)) return 'FlowRelationships';
+    if (String(flowTag || '').toLowerCase().endsWith('rbacflow')) return 'FlowRbac';
     return 'FlowSchemas';
 }

package/src/codeGenerators/app/src/generatedCode/Flow/_shared/shared/flowMainFunctionBase.js

@@ -53,16 +53,23 @@ export async function generateFlowMainFunction(allSchemas, options) {
     let templateName = 'FlowEndpoint_Main.ejs';
     if (['Create', 'Update', 'Delete', 'Get'].includes(flowTag)) {
       templateName = `${flowTag}Endpoint_Main.ejs`;
+    } else if (String(flowTag || '').toLowerCase().endsWith('rbacflow')) {
+      templateName = 'FlowRbac_Main.ejs';
     } else if (isOwnTopic) {
       // Non-CRUD flow with ownTopic: WebSocket entry that fetches flowSchema and publishes to SNS In topic
       templateName = 'FlowMain_Wbs.ejs';
     }
 
-    // crud templates live under FlowEndpoints (the only output child that uses them);
+    // crud templates live under FlowObjects (the only output child that uses them);
     // shared endpoint templates (FlowEndpoint_Main, FlowMain_Wbs) live under _internal/_shared/endpoint
-    const templateBaseDir = templateName.startsWith('crud/') || ['CreateEndpoint_Main.ejs', 'UpdateEndpoint_Main.ejs', 'DeleteEndpoint_Main.ejs', 'GetEndpoint_Main.ejs'].includes(templateName)
-        ? path.join(__dirname, '..', '..', 'FlowEndpoints', 'templates', 'crud')
-        : path.join(__dirname, '..', '..', 'FlowSchemas', 'templates', 'endpoint');
+    let templateBaseDir;
+    if (templateName === 'FlowRbac_Main.ejs') {
+      templateBaseDir = path.join(__dirname, '..', '..', 'FlowRbac', 'templates', 'rbac');
+    } else if (templateName.startsWith('crud/') || ['CreateEndpoint_Main.ejs', 'UpdateEndpoint_Main.ejs', 'DeleteEndpoint_Main.ejs', 'GetEndpoint_Main.ejs'].includes(templateName)) {
+      templateBaseDir = path.join(__dirname, '..', '..', 'FlowObjects', 'templates', 'crud');
+    } else {
+      templateBaseDir = path.join(__dirname, '..', '..', 'FlowSchemas', 'templates', 'endpoint');
+    }
     const mainTemplateStr = await fs.readFile(
       path.join(templateBaseDir, templateName),
       'utf-8'
@@ -130,7 +137,7 @@ export async function generateFlowMainFunction(allSchemas, options) {
     const beforeLogicalConfigs = generateCode.filter(c => c.codeHookTag === 'beforeLogical');
     if (isCrud && beforeLogicalConfigs.length > 0) {
       const beforeLogicalTemplateStr = await fs.readFile(
-        path.join(__dirname, '..', '..', 'FlowEndpoints', 'templates', 'FlowEndpointBeforeLogical_Main.ejs'),
+        path.join(__dirname, '..', '..', 'FlowObjects', 'templates', 'FlowEndpointBeforeLogical_Main.ejs'),
         'utf-8'
       );
       

package/src/codeGenerators/app/src/generatedCode/libs/templates/Consts.ejs

@@ -166,12 +166,12 @@ const FUNCTION_NAME = {
   outTranslateIds: 'processTranslateIdsComplete',
   findData: 'findData',
   processLogical: 'processLogical',
-  updateNodeComplete: 'updateNodeComplete',
-  createObjectComplete: 'createObjectComplete',
-  getNodeComplete: 'getNodeComplete',
+  updateNodeComplete: 'updateComplete',
+  createObjectComplete: 'createComplete',
+  getNodeComplete: 'getComplete',
   paginateProcessLogical: 'paginateProcessLogical',
   deleteNode: 'deleteNode',
-  deleteNodeComplete: 'deleteNodeComplete',
+  deleteNodeComplete: 'deleteComplete',
   createObjectS3: 'createObjectS3',
   createObjectS3Complete: 'webSocketTaskComplete',
   processAfterUploadS3: 'processAfterUploadS3',
@@ -203,12 +203,12 @@ const SHORT_FUNCTION_NAME = functionName => {
     [FUNCTION_NAME.deleteRelComplete]: 'deleteRelComp',
     [FUNCTION_NAME.findData]: 'findData',
     [FUNCTION_NAME.processLogical]: 'processLogical',
-    [FUNCTION_NAME.updateNodeComplete]: 'updateNodeComp',
-    [FUNCTION_NAME.createObjectComplete]: 'createObjectComp',
-    [FUNCTION_NAME.getNodeComplete]: 'getNodeComp',
+    [FUNCTION_NAME.updateNodeComplete]: 'updateComp',
+    [FUNCTION_NAME.createObjectComplete]: 'createComp',
+    [FUNCTION_NAME.getNodeComplete]: 'getComp',
     [FUNCTION_NAME.paginateProcessLogical]: 'paginateProLogical',
     [FUNCTION_NAME.deleteNode]: 'deleteNode',
-    [FUNCTION_NAME.deleteNodeComplete]: 'deleteNodeComp',
+    [FUNCTION_NAME.deleteNodeComplete]: 'deleteComp',
     [FUNCTION_NAME.createObjectS3Complete]: 'webSocketTaskComp',
     [FUNCTION_NAME.getRel]: 'getRel',
     [FUNCTION_NAME.getRelComplete]: 'getRelComp',
@@ -238,7 +238,7 @@ const SOURCE_GENERATE_IAM_ROLE = {
   ProcessFindDataRole: 'ProcFindData',
   ObjectCompleteRole: 'ObjectCom',
   NodeCompleteRole: 'NodeCom',
-  RelationshipRole: 'Relationship',
+  FlowRelationshipRole: 'Relationship',
   RelationshipCompleteRole: 'RelationshipCom',
   FlowSchemaUploadS3Role: 'FlowSchemaUploadS3',
   FlowSchemaOwnTopic: 'FlowSchemaOwnTopic',
@@ -320,27 +320,27 @@ const TOPIC_NAME_GENERATE_CODE = {
   createRelComplete: 'CreateRelationshipComplete',
   deleteRelComplete: 'DeleteRelationshipComplete',
   getRelComplete: 'GetRelationshipComplete',
-  outUpdateRelComplete: 'UpdateRelationshipComplete_Out',
-  outCreateRelComplete: 'CreateRelationshipComplete_Out',
-  outDeleteRelComplete: 'DeleteRelationshipComplete_Out',
-  outGetRelComplete: 'GetRelationshipComplete_Out',
-  updateNodeComplete: 'UpdateNodeComplete',
-  outUpdateNodeComplete: 'UpdateNodeComplete_Out',
-  createNodeComplete: 'CreateObjectComplete',
-  outCreateNodeComplete: 'CreateObjectComplete_Out',
-  deleteNodeComplete: 'DeleteNodeComplete',
-  outDeleteNodeComplete: 'DeleteNodeComplete_Out',
-  getNodeComplete: 'GetNodeComplete',
-  outGetNodeComplete: 'GetNodeComplete_Out',
+  outUpdateRelComplete: 'UpdateRelationship_Out',
+  outCreateRelComplete: 'CreateRelationship_Out',
+  outDeleteRelComplete: 'DeleteRelationship_Out',
+  outGetRelComplete: 'GetRelationship_Out',
+  updateNodeComplete: 'UpdateComplete',
+  outUpdateNodeComplete: 'Update_Out',
+  createNodeComplete: 'CreateComplete',
+  outCreateNodeComplete: 'Create_Out',
+  deleteNodeComplete: 'DeleteComplete',
+  outDeleteNodeComplete: 'Delete_Out',
+  getNodeComplete: 'GetComplete',
+  outGetNodeComplete: 'Get_Out',
   reservedLimitComplete: 'ReservedLimitComplete',
   createPreSignUrl: 'CreatePreSignUrl',
   flowSchemaOwnTopicComplete: 'FlowSchemaOwnTopicComplete',
   flowSchemaOwnTopicEndpointComplete: 'FlowSchemaOwnTopicEndpointComplete',
   createRecordComplete: 'CreateRecordComplete',
   changeRelationshipComplete: 'ChangeRelationshipComplete',
-  outChangeRelationshipComplete: 'ChangeRelationshipComplete_Out',
+  outChangeRelationshipComplete: 'ChangeRelationship_Out',
   moveRelationshipComplete: 'MoveRelationshipComplete',
-  outMoveRelationshipComplete: 'MoveRelationshipComplete_Out'
+  outMoveRelationshipComplete: 'MoveRelationship_Out'
 };
 
 const GRAPH_HANDLER_SERVICE_NAME = {

package/src/codeGenerators/resource/sls_yaml/DynamoDBGenerator.js

@@ -80,7 +80,7 @@ export async function generateDynamoDBTables(allSchemas, options) {
   const systemYamlTpl = await fs.readFile(systemYamlTplPath, 'utf-8');
   const systemYamlContent = ejs.render(systemYamlTpl, {});
   await fs.writeFile(yamlOutputPath, `${systemYamlContent}\n`, 'utf-8');
-  generatedCount += 8; // 8 system tables
+  generatedCount += 12; // 12 system tables
 
     for (const [tableName, keys] of tables.entries()) {
         const yamlContent = ejs.render(yamlTpl, {

package/src/codeGenerators/resource/sls_yaml/FlowOutGenerator.js

@@ -28,7 +28,7 @@ export async function generateFlowOut(allSchemas, options) {
 
   let generatedCount = 0;
   const yamlOutputPath = path.join(resourceYamlDir, 'generated-sns-out.yml');
-  await fs.writeFile(yamlOutputPath, '', 'utf-8');
+  await fs.writeFile(yamlOutputPath, 'Resources:\n', 'utf-8'); // ponytail: simplest one-line fix
 
   const generatedTopics = new Set();
 
@@ -48,11 +48,9 @@ export async function generateFlowOut(allSchemas, options) {
   }
 
   const systemTopics = [
-    'CreateObjectComplete',
-    'DeleteNodeComplete',
-    'UpdateNodeComplete',
-    'ProcessLogicalComplete',
-    'FindDataComplete',
+    'ProcessLogical',
+    'PaginateProcessLogical',
+    'FindData',
     'Create',
     'Update',
     'Delete',