@jaypie/constructs 1.1.36-beta.2 → 1.1.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/JaypieEnvSecret.d.ts +2 -0
- package/dist/cjs/JaypieLambda.d.ts +56 -0
- package/dist/cjs/index.cjs +167 -3
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/JaypieEnvSecret.d.ts +2 -0
- package/dist/esm/JaypieLambda.d.ts +56 -0
- package/dist/esm/index.js +166 -3
- package/dist/esm/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
2
|
import { SecretValue, RemovalPolicy, Stack } from "aws-cdk-lib";
|
|
3
|
+
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
|
|
3
4
|
import { ISecret, ISecretAttachmentTarget, RotationSchedule, RotationScheduleOptions } from "aws-cdk-lib/aws-secretsmanager";
|
|
4
5
|
import { IKey } from "aws-cdk-lib/aws-kms";
|
|
5
6
|
import { Grant, IGrantable, PolicyStatement, AddToResourcePolicyResult } from "aws-cdk-lib/aws-iam";
|
|
@@ -7,6 +8,7 @@ export interface JaypieEnvSecretProps {
|
|
|
7
8
|
consumer?: boolean;
|
|
8
9
|
envKey?: string;
|
|
9
10
|
export?: string;
|
|
11
|
+
generateSecretString?: secretsmanager.SecretStringGenerator;
|
|
10
12
|
provider?: boolean;
|
|
11
13
|
roleTag?: string;
|
|
12
14
|
vendorTag?: string;
|
|
@@ -3,6 +3,7 @@ import { Duration, Stack, RemovalPolicy } from "aws-cdk-lib";
|
|
|
3
3
|
import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
4
4
|
import * as iam from "aws-cdk-lib/aws-iam";
|
|
5
5
|
import * as cloudwatch from "aws-cdk-lib/aws-cloudwatch";
|
|
6
|
+
import * as ec2 from "aws-cdk-lib/aws-ec2";
|
|
6
7
|
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
|
|
7
8
|
import { JaypieEnvSecret } from "./JaypieEnvSecret.js";
|
|
8
9
|
export interface JaypieLambdaProps {
|
|
@@ -30,18 +31,32 @@ export interface JaypieLambdaProps {
|
|
|
30
31
|
roleTag?: string;
|
|
31
32
|
runtime?: lambda.Runtime;
|
|
32
33
|
secrets?: JaypieEnvSecret[];
|
|
34
|
+
securityGroups?: ec2.ISecurityGroup[];
|
|
33
35
|
timeout?: Duration | number;
|
|
34
36
|
vendorTag?: string;
|
|
37
|
+
vpc?: ec2.IVpc;
|
|
38
|
+
vpcSubnets?: ec2.SubnetSelection;
|
|
35
39
|
}
|
|
36
40
|
export declare class JaypieLambda extends Construct implements lambda.IFunction {
|
|
37
41
|
private readonly _lambda;
|
|
38
42
|
private readonly _provisioned?;
|
|
39
43
|
private readonly _code;
|
|
40
44
|
private readonly _reference;
|
|
45
|
+
private readonly _handler;
|
|
46
|
+
private readonly _memorySize;
|
|
47
|
+
private readonly _timeout;
|
|
48
|
+
private readonly _runtime;
|
|
49
|
+
private readonly _environment;
|
|
50
|
+
private readonly _vpc?;
|
|
51
|
+
private readonly _vpcSubnets?;
|
|
52
|
+
private readonly _securityGroups?;
|
|
53
|
+
private readonly _reservedConcurrentExecutions?;
|
|
54
|
+
private readonly _layers;
|
|
41
55
|
constructor(scope: Construct, id: string, props: JaypieLambdaProps);
|
|
42
56
|
get lambda(): lambda.Function;
|
|
43
57
|
get provisioned(): lambda.Alias | undefined;
|
|
44
58
|
get code(): lambda.Code;
|
|
59
|
+
get reference(): lambda.IFunction;
|
|
45
60
|
get functionArn(): string;
|
|
46
61
|
get functionName(): string;
|
|
47
62
|
get grantPrincipal(): iam.IPrincipal;
|
|
@@ -75,4 +90,45 @@ export declare class JaypieLambda extends Construct implements lambda.IFunction
|
|
|
75
90
|
};
|
|
76
91
|
get stack(): Stack;
|
|
77
92
|
applyRemovalPolicy(policy: RemovalPolicy): void;
|
|
93
|
+
get currentVersion(): lambda.Version;
|
|
94
|
+
get deadLetterQueue(): import("aws-cdk-lib/aws-sqs").IQueue | undefined;
|
|
95
|
+
get deadLetterTopic(): import("aws-cdk-lib/aws-sns").ITopic | undefined;
|
|
96
|
+
get logGroup(): import("aws-cdk-lib/aws-logs").ILogGroup;
|
|
97
|
+
get runtime(): lambda.Runtime;
|
|
98
|
+
get timeout(): Duration | undefined;
|
|
99
|
+
addAlias(aliasName: string, options?: lambda.AliasOptions): lambda.Alias;
|
|
100
|
+
addLayers(...layers: lambda.ILayerVersion[]): void;
|
|
101
|
+
invalidateVersionBasedOn(x: string): void;
|
|
102
|
+
metricConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
|
|
103
|
+
metricUnreservedConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
|
|
104
|
+
addVersion(name: string, codeSha256?: string, description?: string, provisionedExecutions?: number, asyncInvokeConfig?: lambda.EventInvokeConfigOptions): lambda.Version;
|
|
105
|
+
get memorySize(): number | undefined;
|
|
106
|
+
get handler(): string;
|
|
107
|
+
get environment(): {
|
|
108
|
+
[key: string]: string;
|
|
109
|
+
} | undefined;
|
|
110
|
+
get layers(): lambda.ILayerVersion[] | undefined;
|
|
111
|
+
get maxEventAge(): Duration | undefined;
|
|
112
|
+
get retryAttempts(): number | undefined;
|
|
113
|
+
get reservedConcurrentExecutions(): number | undefined;
|
|
114
|
+
get description(): string | undefined;
|
|
115
|
+
get initialPolicy(): iam.PolicyDocument[] | undefined;
|
|
116
|
+
get logRetentionRole(): iam.IRole | undefined;
|
|
117
|
+
get logRetentionRetryOptions(): lambda.LogRetentionRetryOptions | undefined;
|
|
118
|
+
get tracing(): lambda.Tracing | undefined;
|
|
119
|
+
get profiling(): boolean | undefined;
|
|
120
|
+
get profilingGroup(): import("aws-cdk-lib/aws-codeguruprofiler").IProfilingGroup | undefined;
|
|
121
|
+
get environmentEncryption(): import("aws-cdk-lib/aws-kms").IKey | undefined;
|
|
122
|
+
get codeSigningConfig(): lambda.ICodeSigningConfig | undefined;
|
|
123
|
+
get filesystemConfig(): lambda.FileSystemConfig | undefined;
|
|
124
|
+
get filesystemConfigs(): lambda.FileSystemConfig[] | undefined;
|
|
125
|
+
get ephemeralStorageSize(): number | undefined;
|
|
126
|
+
get runtimeManagementMode(): lambda.RuntimeManagementMode | undefined;
|
|
127
|
+
get architectureLabel(): string;
|
|
128
|
+
get vpc(): ec2.IVpc | undefined;
|
|
129
|
+
get vpcSubnets(): ec2.SubnetSelection | undefined;
|
|
130
|
+
get securityGroups(): ec2.ISecurityGroup[] | undefined;
|
|
131
|
+
get allowAllOutbound(): boolean | undefined;
|
|
132
|
+
get allowPublicSubnet(): boolean | undefined;
|
|
133
|
+
get canCreateLambdaLogGroup(): boolean;
|
|
78
134
|
}
|
package/dist/esm/index.js
CHANGED
|
@@ -12,6 +12,7 @@ import * as s3n from 'aws-cdk-lib/aws-s3-notifications';
|
|
|
12
12
|
import * as lambda from 'aws-cdk-lib/aws-lambda';
|
|
13
13
|
import * as sqs from 'aws-cdk-lib/aws-sqs';
|
|
14
14
|
import * as lambdaEventSources from 'aws-cdk-lib/aws-lambda-event-sources';
|
|
15
|
+
import * as cloudwatch from 'aws-cdk-lib/aws-cloudwatch';
|
|
15
16
|
import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
|
|
16
17
|
import { ServicePrincipal, Role, FederatedPrincipal, PolicyStatement, Effect } from 'aws-cdk-lib/aws-iam';
|
|
17
18
|
import { LogGroup, RetentionDays, FilterPattern } from 'aws-cdk-lib/aws-logs';
|
|
@@ -289,7 +290,7 @@ class JaypieAppStack extends JaypieStack {
|
|
|
289
290
|
class JaypieLambda extends Construct {
|
|
290
291
|
constructor(scope, id, props) {
|
|
291
292
|
super(scope, id);
|
|
292
|
-
const { code, datadogApiKeyArn, environment: initialEnvironment = {}, envSecrets = {}, handler = "index.handler", layers = [], logRetention = CDK$2.LAMBDA.LOG_RETENTION, memorySize = CDK$2.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, provisionedConcurrentExecutions, reservedConcurrentExecutions, roleTag = CDK$2.ROLE.PROCESSING, runtime = lambda.Runtime.NODEJS_22_X, secrets = [], timeout = Duration.seconds(CDK$2.DURATION.LAMBDA_WORKER), vendorTag, } = props;
|
|
293
|
+
const { code, datadogApiKeyArn, environment: initialEnvironment = {}, envSecrets = {}, handler = "index.handler", layers = [], logRetention = CDK$2.LAMBDA.LOG_RETENTION, memorySize = CDK$2.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, provisionedConcurrentExecutions, reservedConcurrentExecutions, roleTag = CDK$2.ROLE.PROCESSING, runtime = lambda.Runtime.NODEJS_22_X, secrets = [], securityGroups, timeout = Duration.seconds(CDK$2.DURATION.LAMBDA_WORKER), vendorTag, vpc, vpcSubnets, } = props;
|
|
293
294
|
// Create a mutable copy of the environment variables
|
|
294
295
|
let environment = { ...initialEnvironment };
|
|
295
296
|
// Default environment values
|
|
@@ -354,10 +355,14 @@ class JaypieLambda extends Construct {
|
|
|
354
355
|
// Set Datadog environment variables
|
|
355
356
|
Object.assign(environment, {
|
|
356
357
|
DD_API_KEY_SECRET_ARN: resolvedDatadogApiKeyArn,
|
|
358
|
+
DD_ENHANCED_METRICS: "true",
|
|
357
359
|
DD_ENV: process.env.PROJECT_ENV || "",
|
|
360
|
+
DD_PROFILING_ENABLED: "false",
|
|
361
|
+
DD_SERVERLESS_APPSEC_ENABLED: "false",
|
|
358
362
|
DD_SERVICE: process.env.PROJECT_SERVICE || "",
|
|
359
363
|
DD_SITE: CDK$2.DATADOG.SITE,
|
|
360
364
|
DD_TAGS: `${CDK$2.TAG.SPONSOR}:${process.env.PROJECT_SPONSOR || ""}`,
|
|
365
|
+
DD_TRACE_OTEL_ENABLED: "false",
|
|
361
366
|
});
|
|
362
367
|
}
|
|
363
368
|
// Configure ParamsAndSecrets layer
|
|
@@ -412,7 +417,10 @@ class JaypieLambda extends Construct {
|
|
|
412
417
|
paramsAndSecrets: resolvedParamsAndSecrets,
|
|
413
418
|
reservedConcurrentExecutions,
|
|
414
419
|
runtime,
|
|
420
|
+
securityGroups,
|
|
415
421
|
timeout: typeof timeout === "number" ? Duration.seconds(timeout) : timeout,
|
|
422
|
+
vpc,
|
|
423
|
+
vpcSubnets,
|
|
416
424
|
// Enable auto-publishing of versions when using provisioned concurrency
|
|
417
425
|
currentVersionOptions: provisionedConcurrentExecutions !== undefined
|
|
418
426
|
? {
|
|
@@ -454,6 +462,22 @@ class JaypieLambda extends Construct {
|
|
|
454
462
|
if (vendorTag) {
|
|
455
463
|
Tags.of(this._lambda).add(CDK$2.TAG.VENDOR, vendorTag);
|
|
456
464
|
}
|
|
465
|
+
// Store constructor props for later access
|
|
466
|
+
this._handler = handler;
|
|
467
|
+
this._memorySize = memorySize;
|
|
468
|
+
this._timeout =
|
|
469
|
+
typeof timeout === "number" ? Duration.seconds(timeout) : timeout;
|
|
470
|
+
this._runtime = runtime;
|
|
471
|
+
this._environment = {
|
|
472
|
+
...environment,
|
|
473
|
+
...secretsEnvironment,
|
|
474
|
+
...jaypieSecretsEnvironment,
|
|
475
|
+
};
|
|
476
|
+
this._vpc = vpc;
|
|
477
|
+
this._vpcSubnets = vpcSubnets;
|
|
478
|
+
this._securityGroups = securityGroups;
|
|
479
|
+
this._reservedConcurrentExecutions = reservedConcurrentExecutions;
|
|
480
|
+
this._layers = resolvedLayers;
|
|
457
481
|
// Assign _reference based on provisioned state
|
|
458
482
|
this._reference =
|
|
459
483
|
this._provisioned !== undefined ? this._provisioned : this._lambda;
|
|
@@ -468,6 +492,9 @@ class JaypieLambda extends Construct {
|
|
|
468
492
|
get code() {
|
|
469
493
|
return this._code;
|
|
470
494
|
}
|
|
495
|
+
get reference() {
|
|
496
|
+
return this._reference;
|
|
497
|
+
}
|
|
471
498
|
// IFunction implementation
|
|
472
499
|
get functionArn() {
|
|
473
500
|
return this._reference.functionArn;
|
|
@@ -563,6 +590,141 @@ class JaypieLambda extends Construct {
|
|
|
563
590
|
applyRemovalPolicy(policy) {
|
|
564
591
|
this._reference.applyRemovalPolicy(policy);
|
|
565
592
|
}
|
|
593
|
+
// Additional Lambda Function specific methods
|
|
594
|
+
get currentVersion() {
|
|
595
|
+
return this._lambda.currentVersion;
|
|
596
|
+
}
|
|
597
|
+
get deadLetterQueue() {
|
|
598
|
+
return this._lambda.deadLetterQueue;
|
|
599
|
+
}
|
|
600
|
+
get deadLetterTopic() {
|
|
601
|
+
return this._lambda.deadLetterTopic;
|
|
602
|
+
}
|
|
603
|
+
get logGroup() {
|
|
604
|
+
return this._lambda.logGroup;
|
|
605
|
+
}
|
|
606
|
+
get runtime() {
|
|
607
|
+
return this._runtime;
|
|
608
|
+
}
|
|
609
|
+
get timeout() {
|
|
610
|
+
return this._timeout;
|
|
611
|
+
}
|
|
612
|
+
addAlias(aliasName, options) {
|
|
613
|
+
return this._lambda.addAlias(aliasName, options);
|
|
614
|
+
}
|
|
615
|
+
addLayers(...layers) {
|
|
616
|
+
this._lambda.addLayers(...layers);
|
|
617
|
+
}
|
|
618
|
+
invalidateVersionBasedOn(x) {
|
|
619
|
+
this._lambda.invalidateVersionBasedOn(x);
|
|
620
|
+
}
|
|
621
|
+
metricConcurrentExecutions(props) {
|
|
622
|
+
return new cloudwatch.Metric({
|
|
623
|
+
namespace: "AWS/Lambda",
|
|
624
|
+
metricName: "ConcurrentExecutions",
|
|
625
|
+
dimensionsMap: {
|
|
626
|
+
FunctionName: this.functionName,
|
|
627
|
+
},
|
|
628
|
+
...props,
|
|
629
|
+
});
|
|
630
|
+
}
|
|
631
|
+
metricUnreservedConcurrentExecutions(props) {
|
|
632
|
+
return new cloudwatch.Metric({
|
|
633
|
+
namespace: "AWS/Lambda",
|
|
634
|
+
metricName: "UnreservedConcurrentExecutions",
|
|
635
|
+
...props,
|
|
636
|
+
});
|
|
637
|
+
}
|
|
638
|
+
addVersion(name, codeSha256, description, provisionedExecutions, asyncInvokeConfig) {
|
|
639
|
+
return new lambda.Version(this, name, {
|
|
640
|
+
lambda: this._lambda,
|
|
641
|
+
codeSha256,
|
|
642
|
+
description,
|
|
643
|
+
provisionedConcurrentExecutions: provisionedExecutions,
|
|
644
|
+
...asyncInvokeConfig,
|
|
645
|
+
});
|
|
646
|
+
}
|
|
647
|
+
get memorySize() {
|
|
648
|
+
return this._memorySize;
|
|
649
|
+
}
|
|
650
|
+
get handler() {
|
|
651
|
+
return this._handler;
|
|
652
|
+
}
|
|
653
|
+
get environment() {
|
|
654
|
+
return this._environment;
|
|
655
|
+
}
|
|
656
|
+
get layers() {
|
|
657
|
+
return this._layers;
|
|
658
|
+
}
|
|
659
|
+
get maxEventAge() {
|
|
660
|
+
return undefined;
|
|
661
|
+
}
|
|
662
|
+
get retryAttempts() {
|
|
663
|
+
return undefined;
|
|
664
|
+
}
|
|
665
|
+
get reservedConcurrentExecutions() {
|
|
666
|
+
return this._reservedConcurrentExecutions;
|
|
667
|
+
}
|
|
668
|
+
get description() {
|
|
669
|
+
return undefined;
|
|
670
|
+
}
|
|
671
|
+
get initialPolicy() {
|
|
672
|
+
return undefined;
|
|
673
|
+
}
|
|
674
|
+
get logRetentionRole() {
|
|
675
|
+
return undefined;
|
|
676
|
+
}
|
|
677
|
+
get logRetentionRetryOptions() {
|
|
678
|
+
return undefined;
|
|
679
|
+
}
|
|
680
|
+
get tracing() {
|
|
681
|
+
return undefined;
|
|
682
|
+
}
|
|
683
|
+
get profiling() {
|
|
684
|
+
return undefined;
|
|
685
|
+
}
|
|
686
|
+
get profilingGroup() {
|
|
687
|
+
return undefined;
|
|
688
|
+
}
|
|
689
|
+
get environmentEncryption() {
|
|
690
|
+
return undefined;
|
|
691
|
+
}
|
|
692
|
+
get codeSigningConfig() {
|
|
693
|
+
return undefined;
|
|
694
|
+
}
|
|
695
|
+
get filesystemConfig() {
|
|
696
|
+
return undefined;
|
|
697
|
+
}
|
|
698
|
+
get filesystemConfigs() {
|
|
699
|
+
return undefined;
|
|
700
|
+
}
|
|
701
|
+
get ephemeralStorageSize() {
|
|
702
|
+
return undefined;
|
|
703
|
+
}
|
|
704
|
+
get runtimeManagementMode() {
|
|
705
|
+
return undefined;
|
|
706
|
+
}
|
|
707
|
+
get architectureLabel() {
|
|
708
|
+
return this._lambda.architecture.name;
|
|
709
|
+
}
|
|
710
|
+
get vpc() {
|
|
711
|
+
return this._vpc;
|
|
712
|
+
}
|
|
713
|
+
get vpcSubnets() {
|
|
714
|
+
return this._vpcSubnets;
|
|
715
|
+
}
|
|
716
|
+
get securityGroups() {
|
|
717
|
+
return this._securityGroups;
|
|
718
|
+
}
|
|
719
|
+
get allowAllOutbound() {
|
|
720
|
+
return undefined;
|
|
721
|
+
}
|
|
722
|
+
get allowPublicSubnet() {
|
|
723
|
+
return undefined;
|
|
724
|
+
}
|
|
725
|
+
get canCreateLambdaLogGroup() {
|
|
726
|
+
return true;
|
|
727
|
+
}
|
|
566
728
|
}
|
|
567
729
|
|
|
568
730
|
class JaypieQueuedLambda extends Construct {
|
|
@@ -985,7 +1147,7 @@ function exportEnvName(name, env = process.env) {
|
|
|
985
1147
|
class JaypieEnvSecret extends Construct {
|
|
986
1148
|
constructor(scope, id, props) {
|
|
987
1149
|
super(scope, id);
|
|
988
|
-
const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
|
|
1150
|
+
const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, generateSecretString, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
|
|
989
1151
|
this._envKey = envKey;
|
|
990
1152
|
let exportName;
|
|
991
1153
|
if (!exportParam) {
|
|
@@ -1005,7 +1167,8 @@ class JaypieEnvSecret extends Construct {
|
|
|
1005
1167
|
else {
|
|
1006
1168
|
const secretValue = envKey && process.env[envKey] ? process.env[envKey] : value;
|
|
1007
1169
|
const secretProps = {
|
|
1008
|
-
|
|
1170
|
+
generateSecretString,
|
|
1171
|
+
secretStringValue: !generateSecretString && secretValue
|
|
1009
1172
|
? SecretValue.unsafePlainText(secretValue)
|
|
1010
1173
|
: undefined,
|
|
1011
1174
|
};
|