@jaypie/constructs 1.1.22 → 1.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/cjs/JaypieBucketQueuedLambda.d.ts +63 -0
  2. package/dist/cjs/__tests__/JaypieBucketQueuedLambda.spec.d.ts +1 -0
  3. package/dist/cjs/index.cjs +424 -241
  4. package/dist/cjs/index.cjs.map +1 -1
  5. package/dist/cjs/index.d.ts +1 -0
  6. package/dist/esm/JaypieBucketQueuedLambda.d.ts +63 -0
  7. package/dist/esm/__tests__/JaypieBucketQueuedLambda.spec.d.ts +1 -0
  8. package/dist/esm/index.d.ts +1 -0
  9. package/dist/esm/index.js +390 -210
  10. package/dist/esm/index.js.map +1 -1
  11. package/package.json +2 -2
package/dist/esm/index.js CHANGED
@@ -1,195 +1,18 @@
1
- import { Construct } from 'constructs';
2
1
  import * as cdk from 'aws-cdk-lib';
3
- import { Fn, CfnOutput, SecretValue, Tags, Stack, Duration } from 'aws-cdk-lib';
4
- import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
2
+ import { Duration, Stack, Tags, RemovalPolicy, Fn, CfnOutput, SecretValue } from 'aws-cdk-lib';
3
+ import * as s3 from 'aws-cdk-lib/aws-s3';
4
+ import * as s3n from 'aws-cdk-lib/aws-s3-notifications';
5
5
  import { CDK } from '@jaypie/cdk';
6
- import { ServicePrincipal } from 'aws-cdk-lib/aws-iam';
7
- import { LogGroup, RetentionDays, FilterPattern } from 'aws-cdk-lib/aws-logs';
8
- import { HostedZone } from 'aws-cdk-lib/aws-route53';
6
+ import { Construct } from 'constructs';
9
7
  import * as lambda from 'aws-cdk-lib/aws-lambda';
10
8
  import * as sqs from 'aws-cdk-lib/aws-sqs';
11
9
  import * as lambdaEventSources from 'aws-cdk-lib/aws-lambda-event-sources';
10
+ import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
11
+ import { ServicePrincipal } from 'aws-cdk-lib/aws-iam';
12
+ import { LogGroup, RetentionDays, FilterPattern } from 'aws-cdk-lib/aws-logs';
13
+ import { HostedZone } from 'aws-cdk-lib/aws-route53';
12
14
  import * as sso from 'aws-cdk-lib/aws-sso';
13
15
 
14
- // It is a consumer if the environment is ephemeral
15
- function checkEnvIsConsumer(env = process.env) {
16
- return (env.PROJECT_ENV === CDK.ENV.PERSONAL ||
17
- !!env.CDK_ENV_PERSONAL ||
18
- /** @deprecated */ env.PROJECT_ENV === "ephemeral" ||
19
- /** @deprecated */ !!env.CDK_ENV_EPHEMERAL);
20
- }
21
- function checkEnvIsProvider(env = process.env) {
22
- return env.PROJECT_ENV === CDK.ENV.SANDBOX;
23
- }
24
- function cleanName(name) {
25
- return name.replace(/[^a-zA-Z0-9:-]/g, "");
26
- }
27
- function exportEnvName(name, env = process.env) {
28
- let rawName;
29
- if (checkEnvIsProvider(env)) {
30
- rawName = `env-${env.PROJECT_ENV}-${env.PROJECT_KEY}-${name}`;
31
- // Clean the entire name to only allow alphanumeric, colons, and hyphens
32
- return cleanName(rawName);
33
- }
34
- else {
35
- if (checkEnvIsConsumer(env)) {
36
- rawName = `env-${CDK.ENV.SANDBOX}-${env.PROJECT_KEY}-${name}`;
37
- }
38
- else {
39
- rawName = `env-${env.PROJECT_ENV}-${env.PROJECT_KEY}-${name}`;
40
- }
41
- }
42
- return cleanName(rawName);
43
- }
44
- class JaypieEnvSecret extends Construct {
45
- constructor(scope, id, props) {
46
- super(scope, id);
47
- const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
48
- this._envKey = envKey;
49
- let exportName;
50
- if (!exportParam) {
51
- exportName = exportEnvName(id);
52
- }
53
- else {
54
- exportName = cleanName(exportParam);
55
- }
56
- if (consumer) {
57
- const secretName = Fn.importValue(exportName);
58
- this._secret = secretsmanager.Secret.fromSecretNameV2(this, id, secretName);
59
- // Add CfnOutput for consumer secrets
60
- new CfnOutput(this, `ConsumedName`, {
61
- value: this._secret.secretName,
62
- });
63
- }
64
- else {
65
- const secretValue = envKey && process.env[envKey] ? process.env[envKey] : value;
66
- const secretProps = {
67
- secretStringValue: secretValue
68
- ? SecretValue.unsafePlainText(secretValue)
69
- : undefined,
70
- };
71
- this._secret = new secretsmanager.Secret(this, id, secretProps);
72
- if (roleTag) {
73
- Tags.of(this._secret).add(CDK.TAG.ROLE, roleTag);
74
- }
75
- if (vendorTag) {
76
- Tags.of(this._secret).add(CDK.TAG.VENDOR, vendorTag);
77
- }
78
- if (provider) {
79
- new CfnOutput(this, `ProvidedName`, {
80
- value: this._secret.secretName,
81
- exportName,
82
- });
83
- }
84
- else {
85
- new CfnOutput(this, `CreatedName`, {
86
- value: this._secret.secretName,
87
- });
88
- }
89
- }
90
- }
91
- // IResource implementation
92
- get stack() {
93
- return Stack.of(this);
94
- }
95
- get env() {
96
- return {
97
- account: Stack.of(this).account,
98
- region: Stack.of(this).region,
99
- };
100
- }
101
- applyRemovalPolicy(policy) {
102
- this._secret.applyRemovalPolicy(policy);
103
- }
104
- // ISecret implementation
105
- get secretArn() {
106
- return this._secret.secretArn;
107
- }
108
- get secretName() {
109
- return this._secret.secretName;
110
- }
111
- get secretFullArn() {
112
- return this._secret.secretFullArn;
113
- }
114
- get encryptionKey() {
115
- return this._secret.encryptionKey;
116
- }
117
- get secretValue() {
118
- return this._secret.secretValue;
119
- }
120
- secretValueFromJson(key) {
121
- return this._secret.secretValueFromJson(key);
122
- }
123
- grantRead(grantee, versionStages) {
124
- return this._secret.grantRead(grantee, versionStages);
125
- }
126
- grantWrite(grantee) {
127
- return this._secret.grantWrite(grantee);
128
- }
129
- addRotationSchedule(id, options) {
130
- return this._secret.addRotationSchedule(id, options);
131
- }
132
- addToResourcePolicy(statement) {
133
- return this._secret.addToResourcePolicy(statement);
134
- }
135
- denyAccountRootDelete() {
136
- this._secret.denyAccountRootDelete();
137
- }
138
- attach(target) {
139
- return this._secret.attach(target);
140
- }
141
- get envKey() {
142
- return this._envKey;
143
- }
144
- }
145
-
146
- const SERVICE = {
147
- ROUTE53: "route53.amazonaws.com",
148
- };
149
- class JaypieHostedZone extends Construct {
150
- /**
151
- * Create a new hosted zone with query logging
152
- */
153
- constructor(scope, id, props) {
154
- super(scope, id);
155
- const { destination, zoneName, project } = props;
156
- const service = props.service || CDK.SERVICE.INFRASTRUCTURE;
157
- // Create the log group
158
- this.logGroup = new LogGroup(this, "LogGroup", {
159
- logGroupName: process.env.PROJECT_NONCE
160
- ? `/aws/route53/${zoneName}-${process.env.PROJECT_NONCE}`
161
- : `/aws/route53/${zoneName}`,
162
- retention: RetentionDays.ONE_WEEK,
163
- });
164
- // Add tags
165
- cdk.Tags.of(this.logGroup).add(CDK.TAG.SERVICE, service);
166
- cdk.Tags.of(this.logGroup).add(CDK.TAG.ROLE, CDK.ROLE.NETWORKING);
167
- if (project) {
168
- cdk.Tags.of(this.logGroup).add(CDK.TAG.PROJECT, project);
169
- }
170
- // Grant Route 53 permissions to write to the log group
171
- this.logGroup.grantWrite(new ServicePrincipal(SERVICE.ROUTE53));
172
- // Add destination if provided
173
- if (destination) {
174
- this.logGroup.addSubscriptionFilter("DatadogLambdaDestination", {
175
- destination,
176
- filterPattern: FilterPattern.allEvents(),
177
- });
178
- }
179
- // Create the hosted zone
180
- this.hostedZone = new HostedZone(this, "HostedZone", {
181
- queryLogsLogGroupArn: this.logGroup.logGroupArn,
182
- zoneName,
183
- });
184
- // Add tags
185
- cdk.Tags.of(this.hostedZone).add(CDK.TAG.SERVICE, service);
186
- cdk.Tags.of(this.hostedZone).add(CDK.TAG.ROLE, CDK.ROLE.NETWORKING);
187
- if (project) {
188
- cdk.Tags.of(this.hostedZone).add(CDK.TAG.PROJECT, project);
189
- }
190
- }
191
- }
192
-
193
16
  class JaypieLambda extends Construct {
194
17
  constructor(scope, id, props) {
195
18
  super(scope, id);
@@ -393,30 +216,6 @@ class JaypieLambda extends Construct {
393
216
  }
394
217
  }
395
218
 
396
- class JaypieMongoDbSecret extends JaypieEnvSecret {
397
- constructor(scope, id = "MongoConnectionString", props) {
398
- const defaultProps = {
399
- envKey: "MONGODB_URI",
400
- roleTag: CDK.ROLE.STORAGE,
401
- vendorTag: CDK.VENDOR.MONGODB,
402
- ...props,
403
- };
404
- super(scope, id, defaultProps);
405
- }
406
- }
407
-
408
- class JaypieOpenAiSecret extends JaypieEnvSecret {
409
- constructor(scope, id = "OpenAiApiKey", props) {
410
- const defaultProps = {
411
- envKey: "OPENAI_API_KEY",
412
- roleTag: CDK.ROLE.PROCESSING,
413
- vendorTag: CDK.VENDOR.OPENAI,
414
- ...props,
415
- };
416
- super(scope, id, defaultProps);
417
- }
418
- }
419
-
420
219
  class JaypieQueuedLambda extends Construct {
421
220
  constructor(scope, id, props) {
422
221
  super(scope, id);
@@ -625,6 +424,387 @@ class JaypieQueuedLambda extends Construct {
625
424
  }
626
425
  }
627
426
 
427
+ class JaypieBucketQueuedLambda extends JaypieQueuedLambda {
428
+ constructor(scope, id, props) {
429
+ super(scope, id, props);
430
+ const { bucketName, roleTag, vendorTag, bucketOptions = {} } = props;
431
+ // Create S3 Bucket
432
+ this._bucket = new s3.Bucket(this, "Bucket", {
433
+ bucketName: bucketOptions.bucketName || bucketName,
434
+ removalPolicy: bucketOptions.removalPolicy || RemovalPolicy.RETAIN,
435
+ ...bucketOptions,
436
+ });
437
+ // Add tags to bucket
438
+ if (roleTag) {
439
+ Tags.of(this._bucket).add(CDK.TAG.ROLE, roleTag);
440
+ }
441
+ if (vendorTag) {
442
+ Tags.of(this._bucket).add(CDK.TAG.VENDOR, vendorTag);
443
+ }
444
+ // Add an event notification from the bucket to the queue
445
+ this._bucket.addEventNotification(s3.EventType.OBJECT_CREATED, new s3n.SqsDestination(this.queue));
446
+ // Grant the lambda access to the bucket
447
+ this._bucket.grantReadWrite(this);
448
+ // Add environment variable for bucket name
449
+ this.lambda.addEnvironment("CDK_ENV_BUCKET_NAME", this._bucket.bucketName);
450
+ }
451
+ // Public accessors
452
+ get bucket() {
453
+ return this._bucket;
454
+ }
455
+ // IBucket implementation
456
+ get bucketArn() {
457
+ return this._bucket.bucketArn;
458
+ }
459
+ get bucketDomainName() {
460
+ return this._bucket.bucketDomainName;
461
+ }
462
+ get bucketDualStackDomainName() {
463
+ return this._bucket.bucketDualStackDomainName;
464
+ }
465
+ get bucketName() {
466
+ return this._bucket.bucketName;
467
+ }
468
+ get bucketRegionalDomainName() {
469
+ return this._bucket.bucketRegionalDomainName;
470
+ }
471
+ get bucketWebsiteDomainName() {
472
+ return this._bucket.bucketWebsiteDomainName;
473
+ }
474
+ get bucketWebsiteUrl() {
475
+ return this._bucket.bucketWebsiteUrl;
476
+ }
477
+ get encryptionKey() {
478
+ return this._bucket.encryptionKey;
479
+ }
480
+ get isWebsite() {
481
+ return this._bucket.isWebsite || false;
482
+ }
483
+ get policy() {
484
+ return this._bucket.policy;
485
+ }
486
+ addEventNotification(event, dest, filters) {
487
+ this._bucket.addEventNotification(event, dest, ...filters);
488
+ }
489
+ addObjectCreatedNotification(dest, ...filters) {
490
+ this._bucket.addObjectCreatedNotification(dest, ...filters);
491
+ }
492
+ addObjectRemovedNotification(dest, ...filters) {
493
+ this._bucket.addObjectRemovedNotification(dest, ...filters);
494
+ }
495
+ addToResourcePolicy(permission) {
496
+ return this._bucket.addToResourcePolicy(permission);
497
+ }
498
+ arnForObjects(objectKeyPattern) {
499
+ return this._bucket.arnForObjects(objectKeyPattern);
500
+ }
501
+ enableEventBridgeNotification() {
502
+ this._bucket.enableEventBridgeNotification();
503
+ }
504
+ grant(grantee, ...actions) {
505
+ return this._bucket.grant(grantee, ...actions);
506
+ }
507
+ grantDelete(grantee, objectsKeyPattern) {
508
+ return this._bucket.grantDelete(grantee, objectsKeyPattern);
509
+ }
510
+ grantPublicAccess(keyPrefix, ...allowedActions) {
511
+ return this._bucket.grantPublicAccess(keyPrefix, ...allowedActions);
512
+ }
513
+ grantPut(grantee, objectsKeyPattern) {
514
+ return this._bucket.grantPut(grantee, objectsKeyPattern);
515
+ }
516
+ grantPutAcl(grantee, objectsKeyPattern) {
517
+ return this._bucket.grantPutAcl(grantee, objectsKeyPattern);
518
+ }
519
+ grantRead(grantee, objectsKeyPattern) {
520
+ return this._bucket.grantRead(grantee, objectsKeyPattern);
521
+ }
522
+ grantReadWrite(grantee, objectsKeyPattern) {
523
+ return this._bucket.grantReadWrite(grantee, objectsKeyPattern);
524
+ }
525
+ grantWrite(grantee, objectsKeyPattern) {
526
+ return this._bucket.grantWrite(grantee, objectsKeyPattern);
527
+ }
528
+ onCloudTrailEvent(id, options) {
529
+ return this._bucket.onCloudTrailEvent(id, options);
530
+ }
531
+ onCloudTrailPutObject(id, options) {
532
+ return this._bucket.onCloudTrailPutObject(id, options);
533
+ }
534
+ onCloudTrailWriteObject(id, options) {
535
+ return this._bucket.onCloudTrailWriteObject(id, options);
536
+ }
537
+ s3UrlForObject(key) {
538
+ return this._bucket.s3UrlForObject(key);
539
+ }
540
+ transferAccelerationUrlForObject(key, options) {
541
+ return this._bucket.transferAccelerationUrlForObject(key, options);
542
+ }
543
+ urlForObject(key) {
544
+ return this._bucket.urlForObject(key);
545
+ }
546
+ virtualHostedUrlForObject(key, options) {
547
+ return this._bucket.virtualHostedUrlForObject(key, options);
548
+ }
549
+ // Bucket metrics
550
+ metricAllRequests(props) {
551
+ return this._bucket.metricAllRequests(props);
552
+ }
553
+ metricBucketSizeBytes(props) {
554
+ return this._bucket.metricBucketSizeBytes(props);
555
+ }
556
+ metricDeleteRequests(props) {
557
+ return this._bucket.metricDeleteRequests(props);
558
+ }
559
+ metricDownloadBytes(props) {
560
+ return this._bucket.metricDownloadBytes(props);
561
+ }
562
+ metricFirstByteLatency(props) {
563
+ return this._bucket.metricFirstByteLatency(props);
564
+ }
565
+ metricGetRequests(props) {
566
+ return this._bucket.metricGetRequests(props);
567
+ }
568
+ metricHeadRequests(props) {
569
+ return this._bucket.metricHeadRequests(props);
570
+ }
571
+ metricHttpRequests(props) {
572
+ return this._bucket.metricHttpRequests(props);
573
+ }
574
+ metricListRequests(props) {
575
+ return this._bucket.metricListRequests(props);
576
+ }
577
+ metricNumberOfObjects(props) {
578
+ return this._bucket.metricNumberOfObjects(props);
579
+ }
580
+ metricPostRequests(props) {
581
+ return this._bucket.metricPostRequests(props);
582
+ }
583
+ metricPutRequests(props) {
584
+ return this._bucket.metricPutRequests(props);
585
+ }
586
+ metricSelectRequests(props) {
587
+ return this._bucket.metricSelectRequests(props);
588
+ }
589
+ metricSelectScannedBytes(props) {
590
+ return this._bucket.metricSelectScannedBytes(props);
591
+ }
592
+ metricUploadBytes(props) {
593
+ return this._bucket.metricUploadBytes(props);
594
+ }
595
+ metricSelectReturnedBytes(props) {
596
+ return this._bucket.metricSelectReturnedBytes(props);
597
+ }
598
+ // Override applyRemovalPolicy to apply to all resources
599
+ applyRemovalPolicy(policy) {
600
+ super.applyRemovalPolicy(policy);
601
+ this._bucket.applyRemovalPolicy(policy);
602
+ }
603
+ }
604
+
605
+ // It is a consumer if the environment is ephemeral
606
+ function checkEnvIsConsumer(env = process.env) {
607
+ return (env.PROJECT_ENV === CDK.ENV.PERSONAL ||
608
+ !!env.CDK_ENV_PERSONAL ||
609
+ /** @deprecated */ env.PROJECT_ENV === "ephemeral" ||
610
+ /** @deprecated */ !!env.CDK_ENV_EPHEMERAL);
611
+ }
612
+ function checkEnvIsProvider(env = process.env) {
613
+ return env.PROJECT_ENV === CDK.ENV.SANDBOX;
614
+ }
615
+ function cleanName(name) {
616
+ return name.replace(/[^a-zA-Z0-9:-]/g, "");
617
+ }
618
+ function exportEnvName(name, env = process.env) {
619
+ let rawName;
620
+ if (checkEnvIsProvider(env)) {
621
+ rawName = `env-${env.PROJECT_ENV}-${env.PROJECT_KEY}-${name}`;
622
+ // Clean the entire name to only allow alphanumeric, colons, and hyphens
623
+ return cleanName(rawName);
624
+ }
625
+ else {
626
+ if (checkEnvIsConsumer(env)) {
627
+ rawName = `env-${CDK.ENV.SANDBOX}-${env.PROJECT_KEY}-${name}`;
628
+ }
629
+ else {
630
+ rawName = `env-${env.PROJECT_ENV}-${env.PROJECT_KEY}-${name}`;
631
+ }
632
+ }
633
+ return cleanName(rawName);
634
+ }
635
+ class JaypieEnvSecret extends Construct {
636
+ constructor(scope, id, props) {
637
+ super(scope, id);
638
+ const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
639
+ this._envKey = envKey;
640
+ let exportName;
641
+ if (!exportParam) {
642
+ exportName = exportEnvName(id);
643
+ }
644
+ else {
645
+ exportName = cleanName(exportParam);
646
+ }
647
+ if (consumer) {
648
+ const secretName = Fn.importValue(exportName);
649
+ this._secret = secretsmanager.Secret.fromSecretNameV2(this, id, secretName);
650
+ // Add CfnOutput for consumer secrets
651
+ new CfnOutput(this, `ConsumedName`, {
652
+ value: this._secret.secretName,
653
+ });
654
+ }
655
+ else {
656
+ const secretValue = envKey && process.env[envKey] ? process.env[envKey] : value;
657
+ const secretProps = {
658
+ secretStringValue: secretValue
659
+ ? SecretValue.unsafePlainText(secretValue)
660
+ : undefined,
661
+ };
662
+ this._secret = new secretsmanager.Secret(this, id, secretProps);
663
+ if (roleTag) {
664
+ Tags.of(this._secret).add(CDK.TAG.ROLE, roleTag);
665
+ }
666
+ if (vendorTag) {
667
+ Tags.of(this._secret).add(CDK.TAG.VENDOR, vendorTag);
668
+ }
669
+ if (provider) {
670
+ new CfnOutput(this, `ProvidedName`, {
671
+ value: this._secret.secretName,
672
+ exportName,
673
+ });
674
+ }
675
+ else {
676
+ new CfnOutput(this, `CreatedName`, {
677
+ value: this._secret.secretName,
678
+ });
679
+ }
680
+ }
681
+ }
682
+ // IResource implementation
683
+ get stack() {
684
+ return Stack.of(this);
685
+ }
686
+ get env() {
687
+ return {
688
+ account: Stack.of(this).account,
689
+ region: Stack.of(this).region,
690
+ };
691
+ }
692
+ applyRemovalPolicy(policy) {
693
+ this._secret.applyRemovalPolicy(policy);
694
+ }
695
+ // ISecret implementation
696
+ get secretArn() {
697
+ return this._secret.secretArn;
698
+ }
699
+ get secretName() {
700
+ return this._secret.secretName;
701
+ }
702
+ get secretFullArn() {
703
+ return this._secret.secretFullArn;
704
+ }
705
+ get encryptionKey() {
706
+ return this._secret.encryptionKey;
707
+ }
708
+ get secretValue() {
709
+ return this._secret.secretValue;
710
+ }
711
+ secretValueFromJson(key) {
712
+ return this._secret.secretValueFromJson(key);
713
+ }
714
+ grantRead(grantee, versionStages) {
715
+ return this._secret.grantRead(grantee, versionStages);
716
+ }
717
+ grantWrite(grantee) {
718
+ return this._secret.grantWrite(grantee);
719
+ }
720
+ addRotationSchedule(id, options) {
721
+ return this._secret.addRotationSchedule(id, options);
722
+ }
723
+ addToResourcePolicy(statement) {
724
+ return this._secret.addToResourcePolicy(statement);
725
+ }
726
+ denyAccountRootDelete() {
727
+ this._secret.denyAccountRootDelete();
728
+ }
729
+ attach(target) {
730
+ return this._secret.attach(target);
731
+ }
732
+ get envKey() {
733
+ return this._envKey;
734
+ }
735
+ }
736
+
737
+ const SERVICE = {
738
+ ROUTE53: "route53.amazonaws.com",
739
+ };
740
+ class JaypieHostedZone extends Construct {
741
+ /**
742
+ * Create a new hosted zone with query logging
743
+ */
744
+ constructor(scope, id, props) {
745
+ super(scope, id);
746
+ const { destination, zoneName, project } = props;
747
+ const service = props.service || CDK.SERVICE.INFRASTRUCTURE;
748
+ // Create the log group
749
+ this.logGroup = new LogGroup(this, "LogGroup", {
750
+ logGroupName: process.env.PROJECT_NONCE
751
+ ? `/aws/route53/${zoneName}-${process.env.PROJECT_NONCE}`
752
+ : `/aws/route53/${zoneName}`,
753
+ retention: RetentionDays.ONE_WEEK,
754
+ });
755
+ // Add tags
756
+ cdk.Tags.of(this.logGroup).add(CDK.TAG.SERVICE, service);
757
+ cdk.Tags.of(this.logGroup).add(CDK.TAG.ROLE, CDK.ROLE.NETWORKING);
758
+ if (project) {
759
+ cdk.Tags.of(this.logGroup).add(CDK.TAG.PROJECT, project);
760
+ }
761
+ // Grant Route 53 permissions to write to the log group
762
+ this.logGroup.grantWrite(new ServicePrincipal(SERVICE.ROUTE53));
763
+ // Add destination if provided
764
+ if (destination) {
765
+ this.logGroup.addSubscriptionFilter("DatadogLambdaDestination", {
766
+ destination,
767
+ filterPattern: FilterPattern.allEvents(),
768
+ });
769
+ }
770
+ // Create the hosted zone
771
+ this.hostedZone = new HostedZone(this, "HostedZone", {
772
+ queryLogsLogGroupArn: this.logGroup.logGroupArn,
773
+ zoneName,
774
+ });
775
+ // Add tags
776
+ cdk.Tags.of(this.hostedZone).add(CDK.TAG.SERVICE, service);
777
+ cdk.Tags.of(this.hostedZone).add(CDK.TAG.ROLE, CDK.ROLE.NETWORKING);
778
+ if (project) {
779
+ cdk.Tags.of(this.hostedZone).add(CDK.TAG.PROJECT, project);
780
+ }
781
+ }
782
+ }
783
+
784
+ class JaypieMongoDbSecret extends JaypieEnvSecret {
785
+ constructor(scope, id = "MongoConnectionString", props) {
786
+ const defaultProps = {
787
+ envKey: "MONGODB_URI",
788
+ roleTag: CDK.ROLE.STORAGE,
789
+ vendorTag: CDK.VENDOR.MONGODB,
790
+ ...props,
791
+ };
792
+ super(scope, id, defaultProps);
793
+ }
794
+ }
795
+
796
+ class JaypieOpenAiSecret extends JaypieEnvSecret {
797
+ constructor(scope, id = "OpenAiApiKey", props) {
798
+ const defaultProps = {
799
+ envKey: "OPENAI_API_KEY",
800
+ roleTag: CDK.ROLE.PROCESSING,
801
+ vendorTag: CDK.VENDOR.OPENAI,
802
+ ...props,
803
+ };
804
+ super(scope, id, defaultProps);
805
+ }
806
+ }
807
+
628
808
  /**
629
809
  * Permission set types with corresponding AWS managed policies
630
810
  */
@@ -911,5 +1091,5 @@ class JaypieTraceSigningKeySecret extends JaypieEnvSecret {
911
1091
  }
912
1092
  }
913
1093
 
914
- export { JaypieEnvSecret, JaypieHostedZone, JaypieLambda, JaypieMongoDbSecret, JaypieOpenAiSecret, JaypieQueuedLambda, JaypieSsoGroups, JaypieTraceSigningKeySecret, PermissionSetType };
1094
+ export { JaypieBucketQueuedLambda, JaypieEnvSecret, JaypieHostedZone, JaypieLambda, JaypieMongoDbSecret, JaypieOpenAiSecret, JaypieQueuedLambda, JaypieSsoGroups, JaypieTraceSigningKeySecret, PermissionSetType };
915
1095
  //# sourceMappingURL=index.js.map