@jaypie/constructs 1.1.36 → 1.1.38

package/dist/cjs/JaypieEnvSecret.d.ts

@@ -1,5 +1,6 @@
 import { Construct } from "constructs";
 import { SecretValue, RemovalPolicy, Stack } from "aws-cdk-lib";
+import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
 import { ISecret, ISecretAttachmentTarget, RotationSchedule, RotationScheduleOptions } from "aws-cdk-lib/aws-secretsmanager";
 import { IKey } from "aws-cdk-lib/aws-kms";
 import { Grant, IGrantable, PolicyStatement, AddToResourcePolicyResult } from "aws-cdk-lib/aws-iam";
@@ -7,6 +8,7 @@ export interface JaypieEnvSecretProps {
     consumer?: boolean;
     envKey?: string;
     export?: string;
+    generateSecretString?: secretsmanager.SecretStringGenerator;
     provider?: boolean;
     roleTag?: string;
     vendorTag?: string;

package/dist/cjs/JaypieLambda.d.ts

@@ -3,20 +3,36 @@ import { Duration, Stack, RemovalPolicy } from "aws-cdk-lib";
 import * as lambda from "aws-cdk-lib/aws-lambda";
 import * as iam from "aws-cdk-lib/aws-iam";
 import * as cloudwatch from "aws-cdk-lib/aws-cloudwatch";
+import * as ec2 from "aws-cdk-lib/aws-ec2";
 import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
 import { JaypieEnvSecret } from "./JaypieEnvSecret.js";
 export interface JaypieLambdaProps {
+    allowAllOutbound?: boolean;
+    allowPublicSubnet?: boolean;
+    architecture?: lambda.Architecture;
     code: lambda.Code | string;
+    codeSigningConfig?: lambda.ICodeSigningConfig;
     datadogApiKeyArn?: string;
+    deadLetterQueue?: import("aws-cdk-lib/aws-sqs").IQueue;
+    deadLetterQueueEnabled?: boolean;
+    deadLetterTopic?: import("aws-cdk-lib/aws-sns").ITopic;
+    description?: string;
     environment?: {
         [key: string]: string;
     };
+    environmentEncryption?: import("aws-cdk-lib/aws-kms").IKey;
     envSecrets?: {
         [key: string]: secretsmanager.ISecret;
     };
+    ephemeralStorageSize?: import("aws-cdk-lib").Size;
+    filesystem?: lambda.FileSystemConfig;
     handler: string;
+    initialPolicy?: iam.PolicyStatement[];
     layers?: lambda.ILayerVersion[];
     logRetention?: number;
+    logRetentionRole?: iam.IRole;
+    logRetentionRetryOptions?: lambda.LogRetentionRetryOptions;
+    maxEventAge?: Duration;
     memorySize?: number;
     paramsAndSecrets?: lambda.ParamsAndSecretsLayerVersion | boolean;
     paramsAndSecretsOptions?: {
@@ -25,23 +41,60 @@ export interface JaypieLambdaProps {
         parameterStoreTtl?: number;
         secretsManagerTtl?: number;
     };
+    profiling?: boolean;
+    profilingGroup?: import("aws-cdk-lib/aws-codeguruprofiler").IProfilingGroup;
     provisionedConcurrentExecutions?: number;
     reservedConcurrentExecutions?: number;
+    retryAttempts?: number;
     roleTag?: string;
     runtime?: lambda.Runtime;
+    runtimeManagementMode?: lambda.RuntimeManagementMode;
     secrets?: JaypieEnvSecret[];
+    securityGroups?: ec2.ISecurityGroup[];
     timeout?: Duration | number;
+    tracing?: lambda.Tracing;
     vendorTag?: string;
+    vpc?: ec2.IVpc;
+    vpcSubnets?: ec2.SubnetSelection;
 }
 export declare class JaypieLambda extends Construct implements lambda.IFunction {
     private readonly _lambda;
     private readonly _provisioned?;
     private readonly _code;
     private readonly _reference;
+    private readonly _handler;
+    private readonly _memorySize;
+    private readonly _timeout;
+    private readonly _runtime;
+    private readonly _environment;
+    private readonly _vpc?;
+    private readonly _vpcSubnets?;
+    private readonly _securityGroups?;
+    private readonly _reservedConcurrentExecutions?;
+    private readonly _layers;
+    private readonly _architecture;
+    private readonly _ephemeralStorageSize?;
+    private readonly _codeSigningConfig?;
+    private readonly _filesystemConfigs?;
+    private readonly _environmentEncryption?;
+    private readonly _tracing?;
+    private readonly _profiling?;
+    private readonly _profilingGroup?;
+    private readonly _logRetentionRole?;
+    private readonly _logRetentionRetryOptions?;
+    private readonly _initialPolicy?;
+    private readonly _description?;
+    private readonly _maxEventAge?;
+    private readonly _retryAttempts?;
+    private readonly _runtimeManagementMode?;
+    private readonly _allowAllOutbound?;
+    private readonly _allowPublicSubnet?;
+    private readonly _deadLetterQueueEnabled?;
     constructor(scope: Construct, id: string, props: JaypieLambdaProps);
     get lambda(): lambda.Function;
     get provisioned(): lambda.Alias | undefined;
     get code(): lambda.Code;
+    get reference(): lambda.IFunction;
     get functionArn(): string;
     get functionName(): string;
     get grantPrincipal(): iam.IPrincipal;
@@ -75,4 +128,47 @@ export declare class JaypieLambda extends Construct implements lambda.IFunction
     };
     get stack(): Stack;
     applyRemovalPolicy(policy: RemovalPolicy): void;
+    get currentVersion(): lambda.Version;
+    get deadLetterQueue(): import("aws-cdk-lib/aws-sqs").IQueue | undefined;
+    get deadLetterTopic(): import("aws-cdk-lib/aws-sns").ITopic | undefined;
+    get logGroup(): import("aws-cdk-lib/aws-logs").ILogGroup;
+    get runtime(): lambda.Runtime;
+    get timeout(): Duration | undefined;
+    addAlias(aliasName: string, options?: lambda.AliasOptions): lambda.Alias;
+    addLayers(...layers: lambda.ILayerVersion[]): void;
+    invalidateVersionBasedOn(x: string): void;
+    metricConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
+    metricUnreservedConcurrentExecutions(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
+    addVersion(name: string, codeSha256?: string, description?: string, provisionedExecutions?: number, asyncInvokeConfig?: lambda.EventInvokeConfigOptions): lambda.Version;
+    get memorySize(): number | undefined;
+    get handler(): string;
+    get environment(): {
+        [key: string]: string;
+    } | undefined;
+    get layers(): lambda.ILayerVersion[] | undefined;
+    get maxEventAge(): Duration | undefined;
+    get retryAttempts(): number | undefined;
+    get reservedConcurrentExecutions(): number | undefined;
+    get description(): string | undefined;
+    get initialPolicy(): iam.PolicyStatement[] | undefined;
+    get logRetentionRole(): iam.IRole | undefined;
+    get logRetentionRetryOptions(): lambda.LogRetentionRetryOptions | undefined;
+    get tracing(): lambda.Tracing | undefined;
+    get profiling(): boolean | undefined;
+    get profilingGroup(): import("aws-cdk-lib/aws-codeguruprofiler").IProfilingGroup | undefined;
+    get environmentEncryption(): import("aws-cdk-lib/aws-kms").IKey | undefined;
+    get codeSigningConfig(): lambda.ICodeSigningConfig | undefined;
+    get filesystemConfig(): lambda.FileSystemConfig | undefined;
+    get filesystemConfigs(): lambda.FileSystemConfig[] | undefined;
+    get ephemeralStorageSize(): number | undefined;
+    get runtimeManagementMode(): lambda.RuntimeManagementMode | undefined;
+    get architectureLabel(): string;
+    get vpc(): ec2.IVpc | undefined;
+    get vpcSubnets(): ec2.SubnetSelection | undefined;
+    get securityGroups(): ec2.ISecurityGroup[] | undefined;
+    get allowAllOutbound(): boolean | undefined;
+    get allowPublicSubnet(): boolean | undefined;
+    get canCreateLambdaLogGroup(): boolean;
+    get canCreatePermissions(): boolean;
+    get deadLetterQueueEnabled(): boolean | undefined;
 }

package/dist/cjs/index.cjs

@@ -12,6 +12,7 @@ var s3n = require('aws-cdk-lib/aws-s3-notifications');
 var lambda = require('aws-cdk-lib/aws-lambda');
 var sqs = require('aws-cdk-lib/aws-sqs');
 var lambdaEventSources = require('aws-cdk-lib/aws-lambda-event-sources');
+var cloudwatch = require('aws-cdk-lib/aws-cloudwatch');
 var secretsmanager = require('aws-cdk-lib/aws-secretsmanager');
 var awsIam = require('aws-cdk-lib/aws-iam');
 var awsLogs = require('aws-cdk-lib/aws-logs');
@@ -46,6 +47,7 @@ var s3n__namespace = /*#__PURE__*/_interopNamespaceDefault(s3n);
 var lambda__namespace = /*#__PURE__*/_interopNamespaceDefault(lambda);
 var sqs__namespace = /*#__PURE__*/_interopNamespaceDefault(sqs);
 var lambdaEventSources__namespace = /*#__PURE__*/_interopNamespaceDefault(lambdaEventSources);
+var cloudwatch__namespace = /*#__PURE__*/_interopNamespaceDefault(cloudwatch);
 var secretsmanager__namespace = /*#__PURE__*/_interopNamespaceDefault(secretsmanager);
 var sso__namespace = /*#__PURE__*/_interopNamespaceDefault(sso);
 var cloudfront__namespace = /*#__PURE__*/_interopNamespaceDefault(cloudfront);
@@ -321,7 +323,7 @@ class JaypieAppStack extends JaypieStack {
 class JaypieLambda extends constructs.Construct {
     constructor(scope, id, props) {
         super(scope, id);
-        const { code, datadogApiKeyArn, environment: initialEnvironment = {}, envSecrets = {}, handler = "index.handler", layers = [], logRetention = cdk.CDK.LAMBDA.LOG_RETENTION, memorySize = cdk.CDK.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, provisionedConcurrentExecutions, reservedConcurrentExecutions, roleTag = cdk.CDK.ROLE.PROCESSING, runtime = lambda__namespace.Runtime.NODEJS_22_X, secrets = [], timeout = cdk$1.Duration.seconds(cdk.CDK.DURATION.LAMBDA_WORKER), vendorTag, } = props;
+        const { allowAllOutbound, allowPublicSubnet, architecture = lambda__namespace.Architecture.X86_64, code, codeSigningConfig, datadogApiKeyArn, deadLetterQueue, deadLetterQueueEnabled, deadLetterTopic, description, environment: initialEnvironment = {}, environmentEncryption, envSecrets = {}, ephemeralStorageSize, filesystem, handler = "index.handler", initialPolicy, layers = [], logRetention = cdk.CDK.LAMBDA.LOG_RETENTION, logRetentionRole, logRetentionRetryOptions, maxEventAge, memorySize = cdk.CDK.LAMBDA.MEMORY_SIZE, paramsAndSecrets, paramsAndSecretsOptions, profiling, profilingGroup, provisionedConcurrentExecutions, reservedConcurrentExecutions, retryAttempts, roleTag = cdk.CDK.ROLE.PROCESSING, runtime = lambda__namespace.Runtime.NODEJS_22_X, runtimeManagementMode, secrets = [], securityGroups, timeout = cdk$1.Duration.seconds(cdk.CDK.DURATION.LAMBDA_WORKER), tracing, vendorTag, vpc, vpcSubnets, } = props;
         // Create a mutable copy of the environment variables
         let environment = { ...initialEnvironment };
         // Default environment values
@@ -435,20 +437,43 @@ class JaypieLambda extends constructs.Construct {
         }, {});
         // Create Lambda Function
         this._lambda = new lambda__namespace.Function(this, "Function", {
+            allowAllOutbound,
+            allowPublicSubnet,
+            architecture,
             code: this._code,
+            codeSigningConfig,
+            deadLetterQueue,
+            deadLetterQueueEnabled,
+            deadLetterTopic,
+            description,
             environment: {
                 ...environment,
                 ...secretsEnvironment,
                 ...jaypieSecretsEnvironment,
             },
+            environmentEncryption,
+            ephemeralStorageSize,
+            filesystem: filesystem ? { config: filesystem } : undefined,
             handler,
+            initialPolicy,
             layers: resolvedLayers,
             logRetention,
+            logRetentionRole,
+            logRetentionRetryOptions,
+            maxEventAge,
             memorySize,
             paramsAndSecrets: resolvedParamsAndSecrets,
+            profiling,
+            profilingGroup,
             reservedConcurrentExecutions,
+            retryAttempts,
             runtime,
+            runtimeManagementMode,
+            securityGroups,
             timeout: typeof timeout === "number" ? cdk$1.Duration.seconds(timeout) : timeout,
+            tracing,
+            vpc,
+            vpcSubnets,
             // Enable auto-publishing of versions when using provisioned concurrency
             currentVersionOptions: provisionedConcurrentExecutions !== undefined
                 ? {
@@ -490,6 +515,40 @@ class JaypieLambda extends constructs.Construct {
         if (vendorTag) {
             cdk$1.Tags.of(this._lambda).add(cdk.CDK.TAG.VENDOR, vendorTag);
         }
+        // Store constructor props for later access
+        this._handler = handler;
+        this._memorySize = memorySize;
+        this._timeout =
+            typeof timeout === "number" ? cdk$1.Duration.seconds(timeout) : timeout;
+        this._runtime = runtime;
+        this._environment = {
+            ...environment,
+            ...secretsEnvironment,
+            ...jaypieSecretsEnvironment,
+        };
+        this._vpc = vpc;
+        this._vpcSubnets = vpcSubnets;
+        this._securityGroups = securityGroups;
+        this._reservedConcurrentExecutions = reservedConcurrentExecutions;
+        this._layers = resolvedLayers;
+        this._architecture = architecture;
+        this._ephemeralStorageSize = ephemeralStorageSize?.toMebibytes();
+        this._codeSigningConfig = codeSigningConfig;
+        this._filesystemConfigs = filesystem ? [filesystem] : undefined;
+        this._environmentEncryption = environmentEncryption;
+        this._tracing = tracing;
+        this._profiling = profiling;
+        this._profilingGroup = profilingGroup;
+        this._logRetentionRole = logRetentionRole;
+        this._logRetentionRetryOptions = logRetentionRetryOptions;
+        this._initialPolicy = initialPolicy;
+        this._description = description;
+        this._maxEventAge = maxEventAge;
+        this._retryAttempts = retryAttempts;
+        this._runtimeManagementMode = runtimeManagementMode;
+        this._allowAllOutbound = allowAllOutbound;
+        this._allowPublicSubnet = allowPublicSubnet;
+        this._deadLetterQueueEnabled = deadLetterQueueEnabled;
         // Assign _reference based on provisioned state
         this._reference =
             this._provisioned !== undefined ? this._provisioned : this._lambda;
@@ -504,6 +563,9 @@ class JaypieLambda extends constructs.Construct {
     get code() {
         return this._code;
     }
+    get reference() {
+        return this._reference;
+    }
     // IFunction implementation
     get functionArn() {
         return this._reference.functionArn;
@@ -599,6 +661,147 @@ class JaypieLambda extends constructs.Construct {
     applyRemovalPolicy(policy) {
         this._reference.applyRemovalPolicy(policy);
     }
+    // Additional Lambda Function specific methods
+    get currentVersion() {
+        return this._lambda.currentVersion;
+    }
+    get deadLetterQueue() {
+        return this._lambda.deadLetterQueue;
+    }
+    get deadLetterTopic() {
+        return this._lambda.deadLetterTopic;
+    }
+    get logGroup() {
+        return this._lambda.logGroup;
+    }
+    get runtime() {
+        return this._runtime;
+    }
+    get timeout() {
+        return this._timeout;
+    }
+    addAlias(aliasName, options) {
+        return this._lambda.addAlias(aliasName, options);
+    }
+    addLayers(...layers) {
+        this._lambda.addLayers(...layers);
+    }
+    invalidateVersionBasedOn(x) {
+        this._lambda.invalidateVersionBasedOn(x);
+    }
+    metricConcurrentExecutions(props) {
+        return new cloudwatch__namespace.Metric({
+            namespace: "AWS/Lambda",
+            metricName: "ConcurrentExecutions",
+            dimensionsMap: {
+                FunctionName: this.functionName,
+            },
+            ...props,
+        });
+    }
+    metricUnreservedConcurrentExecutions(props) {
+        return new cloudwatch__namespace.Metric({
+            namespace: "AWS/Lambda",
+            metricName: "UnreservedConcurrentExecutions",
+            ...props,
+        });
+    }
+    addVersion(name, codeSha256, description, provisionedExecutions, asyncInvokeConfig) {
+        return new lambda__namespace.Version(this, name, {
+            lambda: this._lambda,
+            codeSha256,
+            description,
+            provisionedConcurrentExecutions: provisionedExecutions,
+            ...asyncInvokeConfig,
+        });
+    }
+    get memorySize() {
+        return this._memorySize;
+    }
+    get handler() {
+        return this._handler;
+    }
+    get environment() {
+        return this._environment;
+    }
+    get layers() {
+        return this._layers;
+    }
+    get maxEventAge() {
+        return this._maxEventAge;
+    }
+    get retryAttempts() {
+        return this._retryAttempts;
+    }
+    get reservedConcurrentExecutions() {
+        return this._reservedConcurrentExecutions;
+    }
+    get description() {
+        return this._description;
+    }
+    get initialPolicy() {
+        return this._initialPolicy;
+    }
+    get logRetentionRole() {
+        return this._logRetentionRole;
+    }
+    get logRetentionRetryOptions() {
+        return this._logRetentionRetryOptions;
+    }
+    get tracing() {
+        return this._tracing;
+    }
+    get profiling() {
+        return this._profiling;
+    }
+    get profilingGroup() {
+        return this._profilingGroup;
+    }
+    get environmentEncryption() {
+        return this._environmentEncryption;
+    }
+    get codeSigningConfig() {
+        return this._codeSigningConfig;
+    }
+    get filesystemConfig() {
+        return this._filesystemConfigs?.[0];
+    }
+    get filesystemConfigs() {
+        return this._filesystemConfigs;
+    }
+    get ephemeralStorageSize() {
+        return this._ephemeralStorageSize;
+    }
+    get runtimeManagementMode() {
+        return this._runtimeManagementMode;
+    }
+    get architectureLabel() {
+        return this._lambda.architecture.name;
+    }
+    get vpc() {
+        return this._vpc;
+    }
+    get vpcSubnets() {
+        return this._vpcSubnets;
+    }
+    get securityGroups() {
+        return this._securityGroups;
+    }
+    get allowAllOutbound() {
+        return this._allowAllOutbound;
+    }
+    get allowPublicSubnet() {
+        return this._allowPublicSubnet;
+    }
+    get canCreateLambdaLogGroup() {
+        return true;
+    }
+    get canCreatePermissions() {
+        return true;
+    }
+    get deadLetterQueueEnabled() {
+        return this._lambda.deadLetterQueue !== undefined || this._lambda.deadLetterTopic !== undefined;
+    }
 }
 
 class JaypieQueuedLambda extends constructs.Construct {
@@ -1021,7 +1224,7 @@ function exportEnvName(name, env = process.env) {
 class JaypieEnvSecret extends constructs.Construct {
     constructor(scope, id, props) {
         super(scope, id);
-        const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
+        const { consumer = checkEnvIsConsumer(), envKey, export: exportParam, generateSecretString, provider = checkEnvIsProvider(), roleTag, vendorTag, value, } = props || {};
         this._envKey = envKey;
         let exportName;
         if (!exportParam) {
@@ -1041,7 +1244,8 @@ class JaypieEnvSecret extends constructs.Construct {
         else {
             const secretValue = envKey && process.env[envKey] ? process.env[envKey] : value;
             const secretProps = {
-                secretStringValue: secretValue
+                generateSecretString,
+                secretStringValue: !generateSecretString && secretValue
                     ? cdk$1.SecretValue.unsafePlainText(secretValue)
                     : undefined,
             };