@jaypie/constructs 1.1.36 → 1.1.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/JaypieEnvSecret.d.ts +2 -0
- package/dist/cjs/JaypieLambda.d.ts +56 -0
- package/dist/cjs/index.cjs +163 -3
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/JaypieEnvSecret.d.ts +2 -0
- package/dist/esm/JaypieLambda.d.ts +56 -0
- package/dist/esm/index.js +162 -3
- package/dist/esm/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
2
|
import { SecretValue, RemovalPolicy, Stack } from "aws-cdk-lib";
|
|
3
|
+
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
|
|
3
4
|
import { ISecret, ISecretAttachmentTarget, RotationSchedule, RotationScheduleOptions } from "aws-cdk-lib/aws-secretsmanager";
|
|
4
5
|
import { IKey } from "aws-cdk-lib/aws-kms";
|
|
5
6
|
import { Grant, IGrantable, PolicyStatement, AddToResourcePolicyResult } from "aws-cdk-lib/aws-iam";
|
|
@@ -7,6 +8,7 @@ export interface JaypieEnvSecretProps {
|
|
|
7
8
|
consumer?: boolean;
|
|
8
9
|
envKey?: string;
|
|
9
10
|
export?: string;
|
|
11
|
+
generateSecretString?: secretsmanager.SecretStringGenerator;
|
|
10
12
|
provider?: boolean;
|
|
11
13
|
roleTag?: string;
|
|
12
14
|
vendorTag?: string;
|
|
@@ -3,6 +3,7 @@ import { Duration, Stack, RemovalPolicy } from "aws-cdk-lib";
|
|
|
3
3
|
import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
4
4
|
import * as iam from "aws-cdk-lib/aws-iam";
|
|
5
5
|
import * as cloudwatch from "aws-cdk-lib/aws-cloudwatch";
|
|
6
|
+
import * as ec2 from "aws-cdk-lib/aws-ec2";
|
|
6
7
|
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
|
|
7
8
|
import { JaypieEnvSecret } from "./JaypieEnvSecret.js";
|
|
8
9
|
export interface JaypieLambdaProps {
|
|
@@ -30,18 +31,32 @@ export interface JaypieLambdaProps {
|
|
|
30
31
|
roleTag?: string;
|
|
31
32
|
runtime?: lambda.Runtime;
|
|
32
33
|
secrets?: JaypieEnvSecret[];
|
|
34
|
+
securityGroups?: ec2.ISecurityGroup[];
|
|
33
35
|
timeout?: Duration | number;
|
|
34
36
|
vendorTag?: string;
|
|
37
|
+
vpc?: ec2.IVpc;
|
|
38
|
+
vpcSubnets?: ec2.SubnetSelection;
|
|
35
39
|
}
|
|
36
40
|
export declare class JaypieLambda extends Construct implements lambda.IFunction {
|
|
37
41
|
private readonly _lambda;
|
|
38
42
|
private readonly _provisioned?;
|
|
39
43
|
private readonly _code;
|
|
40
44
|
private readonly _reference;
|
|
45
|
+
private readonly _handler;
|
|
46
|
+
private readonly _memorySize;
|
|
47
|
+
private readonly _timeout;
|
|
48
|
+
private readonly _runtime;
|
|
49
|
+
private readonly _environment;
|
|
50
|
+
private readonly _vpc?;
|
|
51
|
+
private readonly _vpcSubnets?;
|
|
52
|
+
private readonly _securityGroups?;
|
|
53
|
+
private readonly _reservedConcurrentExecutions?;
|
|
54
|
+
private readonly _layers;
|
|
41
55
|
constructor(scope: Construct, id: string, props: JaypieLambdaProps);
|
|
42
56
|
get lambda(): lambda.Function;
|
|
43
57
|
get provisioned(): lambda.Alias | undefined;
|
|
44
58
|
get code(): lambda.Code;
|
|
59
|
+
get reference(): lambda.IFunction;
|
|
45
60
|
get functionArn(): string;
|
|
46
61
|
get functionName(): string;
|
|
47
62
|
get grantPrincipal(): iam.IPrincipal;
|
|
@@ -75,4 +90,45 @@ export declare class JaypieLambda extends Construct implements lambda.IFunction
|
|
|
75
90
|
};
|
|
76
91
|
get stack(): Stack;
|
|
77
92
|
applyRemovalPolicy(policy: RemovalPolicy): void;
|
|
93
|
+
get currentVersion(): lambda.Version;
|
|
94
|
+
get deadLetterQueue(): import("aws-cdk-lib/aws-sqs").IQueue | undefined;
|
|
95
|
+
get deadLetterTopic(): import("aws-cdk-lib/aws-sns").ITopic | undefined;
|
|
96
|
+
get logGroup(): import("aws-cdk-lib/aws-logs").ILogGroup;
|
|
97
|
+
get runtime(): lambda.Runtime;
|
|
98
|
+
get timeout(): Duration | undefined;
|
|
99
|
+
addAlias(aliasName: string, options?: lambda.AliasOptions): lambda.Alias;
|
|
100
|
+
addLayers(...layers: lambda.ILayerVersion[]): void;
|
|
101
|
+
invalidateVersionBasedOn(x: string): void;
|
|
102
|
+
metricConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
|
|
103
|
+
metricUnreservedConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
|
|
104
|
+
addVersion(name: string, codeSha256?: string, description?: string, provisionedExecutions?: number, asyncInvokeConfig?: lambda.EventInvokeConfigOptions): lambda.Version;
|
|
105
|
+
get memorySize(): number | undefined;
|
|
106
|
+
get handler(): string;
|
|
107
|
+
get environment(): {
|
|
108
|
+
[key: string]: string;
|
|
109
|
+
} | undefined;
|
|
110
|
+
get layers(): lambda.ILayerVersion[] | undefined;
|
|
111
|
+
get maxEventAge(): Duration | undefined;
|
|
112
|
+
get retryAttempts(): number | undefined;
|
|
113
|
+
get reservedConcurrentExecutions(): number | undefined;
|
|
114
|
+
get description(): string | undefined;
|
|
115
|
+
get initialPolicy(): iam.PolicyDocument[] | undefined;
|
|
116
|
+
get logRetentionRole(): iam.IRole | undefined;
|
|
117
|
+
get logRetentionRetryOptions(): lambda.LogRetentionRetryOptions | undefined;
|
|
118
|
+
get tracing(): lambda.Tracing | undefined;
|
|
119
|
+
get profiling(): boolean | undefined;
|
|
120
|
+
get profilingGroup(): import("aws-cdk-lib/aws-codeguruprofiler").IProfilingGroup | undefined;
|
|
121
|
+
get environmentEncryption(): import("aws-cdk-lib/aws-kms").IKey | undefined;
|
|
122
|
+
get codeSigningConfig(): lambda.ICodeSigningConfig | undefined;
|
|
123
|
+
get filesystemConfig(): lambda.FileSystemConfig | undefined;
|
|
124
|
+
get filesystemConfigs(): lambda.FileSystemConfig[] | undefined;
|
|
125
|
+
get ephemeralStorageSize(): number | undefined;
|
|
126
|
+
get runtimeManagementMode(): lambda.RuntimeManagementMode | undefined;
|
|
127
|
+
get architectureLabel(): string;
|
|
128
|
+
get vpc(): ec2.IVpc | undefined;
|
|
129
|
+
get vpcSubnets(): ec2.SubnetSelection | undefined;
|
|
130
|
+
get securityGroups(): ec2.ISecurityGroup[] | undefined;
|
|
131
|
+
get allowAllOutbound(): boolean | undefined;
|
|
132
|
+
get allowPublicSubnet(): boolean | undefined;
|
|
133
|
+
get canCreateLambdaLogGroup(): boolean;
|
|
78
134
|
}
|
package/dist/esm/index.js
CHANGED
|
@@ -12,6 +12,7 @@ import * as s3n from 'aws-cdk-lib/aws-s3-notifications';
|
|
|
12
12
|
import * as lambda from 'aws-cdk-lib/aws-lambda';
|
|
13
13
|
import * as sqs from 'aws-cdk-lib/aws-sqs';
|
|
14
14
|
import * as lambdaEventSources from 'aws-cdk-lib/aws-lambda-event-sources';
|
|
15
|
+
import * as cloudwatch from 'aws-cdk-lib/aws-cloudwatch';
|
|
15
16
|
import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
|
|
16
17
|
import { ServicePrincipal, Role, FederatedPrincipal, PolicyStatement, Effect } from 'aws-cdk-lib/aws-iam';
|
|
17
18
|
import { LogGroup, RetentionDays, FilterPattern } from 'aws-cdk-lib/aws-logs';
|
|
@@ -289,7 +290,7 @@ class JaypieAppStack extends JaypieStack {
|
|
|
289
290
|
class JaypieLambda extends Construct {
|
|
290
291
|
constructor(scope, id, props) {
|
|
291
292
|
super(scope, id);
|
|
292
|
-
const { code, datadogApiKeyArn, environment: initialEnvironment = {}, envSecrets = {}, handler = "index.handler", layers = [], logRetention = CDK$2.LAMBDA.LOG_RETENTION, memorySize = CDK$2.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, provisionedConcurrentExecutions, reservedConcurrentExecutions, roleTag = CDK$2.ROLE.PROCESSING, runtime = lambda.Runtime.NODEJS_22_X, secrets = [], timeout = Duration.seconds(CDK$2.DURATION.LAMBDA_WORKER), vendorTag, } = props;
|
|
293
|
+
const { code, datadogApiKeyArn, environment: initialEnvironment = {}, envSecrets = {}, handler = "index.handler", layers = [], logRetention = CDK$2.LAMBDA.LOG_RETENTION, memorySize = CDK$2.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, provisionedConcurrentExecutions, reservedConcurrentExecutions, roleTag = CDK$2.ROLE.PROCESSING, runtime = lambda.Runtime.NODEJS_22_X, secrets = [], securityGroups, timeout = Duration.seconds(CDK$2.DURATION.LAMBDA_WORKER), vendorTag, vpc, vpcSubnets, } = props;
|
|
293
294
|
// Create a mutable copy of the environment variables
|
|
294
295
|
let environment = { ...initialEnvironment };
|
|
295
296
|
// Default environment values
|
|
@@ -416,7 +417,10 @@ class JaypieLambda extends Construct {
|
|
|
416
417
|
paramsAndSecrets: resolvedParamsAndSecrets,
|
|
417
418
|
reservedConcurrentExecutions,
|
|
418
419
|
runtime,
|
|
420
|
+
securityGroups,
|
|
419
421
|
timeout: typeof timeout === "number" ? Duration.seconds(timeout) : timeout,
|
|
422
|
+
vpc,
|
|
423
|
+
vpcSubnets,
|
|
420
424
|
// Enable auto-publishing of versions when using provisioned concurrency
|
|
421
425
|
currentVersionOptions: provisionedConcurrentExecutions !== undefined
|
|
422
426
|
? {
|
|
@@ -458,6 +462,22 @@ class JaypieLambda extends Construct {
|
|
|
458
462
|
if (vendorTag) {
|
|
459
463
|
Tags.of(this._lambda).add(CDK$2.TAG.VENDOR, vendorTag);
|
|
460
464
|
}
|
|
465
|
+
// Store constructor props for later access
|
|
466
|
+
this._handler = handler;
|
|
467
|
+
this._memorySize = memorySize;
|
|
468
|
+
this._timeout =
|
|
469
|
+
typeof timeout === "number" ? Duration.seconds(timeout) : timeout;
|
|
470
|
+
this._runtime = runtime;
|
|
471
|
+
this._environment = {
|
|
472
|
+
...environment,
|
|
473
|
+
...secretsEnvironment,
|
|
474
|
+
...jaypieSecretsEnvironment,
|
|
475
|
+
};
|
|
476
|
+
this._vpc = vpc;
|
|
477
|
+
this._vpcSubnets = vpcSubnets;
|
|
478
|
+
this._securityGroups = securityGroups;
|
|
479
|
+
this._reservedConcurrentExecutions = reservedConcurrentExecutions;
|
|
480
|
+
this._layers = resolvedLayers;
|
|
461
481
|
// Assign _reference based on provisioned state
|
|
462
482
|
this._reference =
|
|
463
483
|
this._provisioned !== undefined ? this._provisioned : this._lambda;
|
|
@@ -472,6 +492,9 @@ class JaypieLambda extends Construct {
|
|
|
472
492
|
get code() {
|
|
473
493
|
return this._code;
|
|
474
494
|
}
|
|
495
|
+
get reference() {
|
|
496
|
+
return this._reference;
|
|
497
|
+
}
|
|
475
498
|
// IFunction implementation
|
|
476
499
|
get functionArn() {
|
|
477
500
|
return this._reference.functionArn;
|
|
@@ -567,6 +590,141 @@ class JaypieLambda extends Construct {
|
|
|
567
590
|
applyRemovalPolicy(policy) {
|
|
568
591
|
this._reference.applyRemovalPolicy(policy);
|
|
569
592
|
}
|
|
593
|
+
// Additional Lambda Function specific methods
|
|
594
|
+
get currentVersion() {
|
|
595
|
+
return this._lambda.currentVersion;
|
|
596
|
+
}
|
|
597
|
+
get deadLetterQueue() {
|
|
598
|
+
return this._lambda.deadLetterQueue;
|
|
599
|
+
}
|
|
600
|
+
get deadLetterTopic() {
|
|
601
|
+
return this._lambda.deadLetterTopic;
|
|
602
|
+
}
|
|
603
|
+
get logGroup() {
|
|
604
|
+
return this._lambda.logGroup;
|
|
605
|
+
}
|
|
606
|
+
get runtime() {
|
|
607
|
+
return this._runtime;
|
|
608
|
+
}
|
|
609
|
+
get timeout() {
|
|
610
|
+
return this._timeout;
|
|
611
|
+
}
|
|
612
|
+
addAlias(aliasName, options) {
|
|
613
|
+
return this._lambda.addAlias(aliasName, options);
|
|
614
|
+
}
|
|
615
|
+
addLayers(...layers) {
|
|
616
|
+
this._lambda.addLayers(...layers);
|
|
617
|
+
}
|
|
618
|
+
invalidateVersionBasedOn(x) {
|
|
619
|
+
this._lambda.invalidateVersionBasedOn(x);
|
|
620
|
+
}
|
|
621
|
+
metricConcurrentExecutions(props) {
|
|
622
|
+
return new cloudwatch.Metric({
|
|
623
|
+
namespace: "AWS/Lambda",
|
|
624
|
+
metricName: "ConcurrentExecutions",
|
|
625
|
+
dimensionsMap: {
|
|
626
|
+
FunctionName: this.functionName,
|
|
627
|
+
},
|
|
628
|
+
...props,
|
|
629
|
+
});
|
|
630
|
+
}
|
|
631
|
+
metricUnreservedConcurrentExecutions(props) {
|
|
632
|
+
return new cloudwatch.Metric({
|
|
633
|
+
namespace: "AWS/Lambda",
|
|
634
|
+
metricName: "UnreservedConcurrentExecutions",
|
|
635
|
+
...props,
|
|
636
|
+
});
|
|
637
|
+
}
|
|
638
|
+
addVersion(name, codeSha256, description, provisionedExecutions, asyncInvokeConfig) {
|
|
639
|
+
return new lambda.Version(this, name, {
|
|
640
|
+
lambda: this._lambda,
|
|
641
|
+
codeSha256,
|
|
642
|
+
description,
|
|
643
|
+
provisionedConcurrentExecutions: provisionedExecutions,
|
|
644
|
+
...asyncInvokeConfig,
|
|
645
|
+
});
|
|
646
|
+
}
|
|
647
|
+
get memorySize() {
|
|
648
|
+
return this._memorySize;
|
|
649
|
+
}
|
|
650
|
+
get handler() {
|
|
651
|
+
return this._handler;
|
|
652
|
+
}
|
|
653
|
+
get environment() {
|
|
654
|
+
return this._environment;
|
|
655
|
+
}
|
|
656
|
+
get layers() {
|
|
657
|
+
return this._layers;
|
|
658
|
+
}
|
|
659
|
+
get maxEventAge() {
|
|
660
|
+
return undefined;
|
|
661
|
+
}
|
|
662
|
+
get retryAttempts() {
|
|
663
|
+
return undefined;
|
|
664
|
+
}
|
|
665
|
+
get reservedConcurrentExecutions() {
|
|
666
|
+
return this._reservedConcurrentExecutions;
|
|
667
|
+
}
|
|
668
|
+
get description() {
|
|
669
|
+
return undefined;
|
|
670
|
+
}
|
|
671
|
+
get initialPolicy() {
|
|
672
|
+
return undefined;
|
|
673
|
+
}
|
|
674
|
+
get logRetentionRole() {
|
|
675
|
+
return undefined;
|
|
676
|
+
}
|
|
677
|
+
get logRetentionRetryOptions() {
|
|
678
|
+
return undefined;
|
|
679
|
+
}
|
|
680
|
+
get tracing() {
|
|
681
|
+
return undefined;
|
|
682
|
+
}
|
|
683
|
+
get profiling() {
|
|
684
|
+
return undefined;
|
|
685
|
+
}
|
|
686
|
+
get profilingGroup() {
|
|
687
|
+
return undefined;
|
|
688
|
+
}
|
|
689
|
+
get environmentEncryption() {
|
|
690
|
+
return undefined;
|
|
691
|
+
}
|
|
692
|
+
get codeSigningConfig() {
|
|
693
|
+
return undefined;
|
|
694
|
+
}
|
|
695
|
+
get filesystemConfig() {
|
|
696
|
+
return undefined;
|
|
697
|
+
}
|
|
698
|
+
get filesystemConfigs() {
|
|
699
|
+
return undefined;
|
|
700
|
+
}
|
|
701
|
+
get ephemeralStorageSize() {
|
|
702
|
+
return undefined;
|
|
703
|
+
}
|
|
704
|
+
get runtimeManagementMode() {
|
|
705
|
+
return undefined;
|
|
706
|
+
}
|
|
707
|
+
get architectureLabel() {
|
|
708
|
+
return this._lambda.architecture.name;
|
|
709
|
+
}
|
|
710
|
+
get vpc() {
|
|
711
|
+
return this._vpc;
|
|
712
|
+
}
|
|
713
|
+
get vpcSubnets() {
|
|
714
|
+
return this._vpcSubnets;
|
|
715
|
+
}
|
|
716
|
+
get securityGroups() {
|
|
717
|
+
return this._securityGroups;
|
|
718
|
+
}
|
|
719
|
+
get allowAllOutbound() {
|
|
720
|
+
return undefined;
|
|
721
|
+
}
|
|
722
|
+
get allowPublicSubnet() {
|
|
723
|
+
return undefined;
|
|
724
|
+
}
|
|
725
|
+
get canCreateLambdaLogGroup() {
|
|
726
|
+
return true;
|
|
727
|
+
}
|
|
570
728
|
}
|
|
571
729
|
|
|
572
730
|
class JaypieQueuedLambda extends Construct {
|
|
@@ -989,7 +1147,7 @@ function exportEnvName(name, env = process.env) {
|
|
|
989
1147
|
class JaypieEnvSecret extends Construct {
|
|
990
1148
|
constructor(scope, id, props) {
|
|
991
1149
|
super(scope, id);
|
|
992
|
-
const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
|
|
1150
|
+
const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, generateSecretString, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
|
|
993
1151
|
this._envKey = envKey;
|
|
994
1152
|
let exportName;
|
|
995
1153
|
if (!exportParam) {
|
|
@@ -1009,7 +1167,8 @@ class JaypieEnvSecret extends Construct {
|
|
|
1009
1167
|
else {
|
|
1010
1168
|
const secretValue = envKey && process.env[envKey] ? process.env[envKey] : value;
|
|
1011
1169
|
const secretProps = {
|
|
1012
|
-
|
|
1170
|
+
generateSecretString,
|
|
1171
|
+
secretStringValue: !generateSecretString && secretValue
|
|
1013
1172
|
? SecretValue.unsafePlainText(secretValue)
|
|
1014
1173
|
: undefined,
|
|
1015
1174
|
};
|