@jaypie/constructs 1.2.10 → 1.2.12

package/dist/esm/JaypieCertificate.d.ts

@@ -5,8 +5,8 @@ import { Construct } from "constructs";
 export interface JaypieCertificateProps {
     /**
      * Import certificate from a provider stack instead of creating one.
-     * Auto-detected from PROJECT_ENV (personal/ephemeral = consumer).
-     * @default auto-detected from environment
+     * When true, imports the certificate ARN via CloudFormation export.
+     * @default false
      */
     consumer?: boolean;
     /**
@@ -16,19 +16,20 @@ export interface JaypieCertificateProps {
     domainName?: string;
     /**
      * Export name override for cross-stack sharing.
+     * Only used when provider is true.
      * @default Generated from environment and domain
      */
     export?: string;
     /**
      * Construct ID override. When not provided, ID is auto-generated from domain.
      * Use this to align with certificates created by other constructs.
-     * @default Auto-generated as "Certificate-{sanitized-domain}"
+     * @default Auto-generated as "JaypieCert-{sanitized-domain}"
      */
     id?: string;
     /**
      * Export certificate ARN for other stacks to import.
-     * Auto-detected from PROJECT_ENV (sandbox = provider).
-     * @default auto-detected from environment
+     * When true, creates a CloudFormation export that consumer stacks can import.
+     * @default false
      */
     provider?: boolean;
     /**
@@ -83,11 +84,11 @@ export interface JaypieCertificateProps {
  * });
  *
  * @example
- * // Provider/consumer pattern for cross-stack sharing
- * // In sandbox stack:
+ * // Optional: Provider/consumer pattern for cross-stack sharing
+ * // In sandbox stack (explicitly export):
  * new JaypieCertificate(this, { provider: true });
  *
- * // In personal build:
+ * // In personal build (explicitly import):
  * new JaypieCertificate(this, { consumer: true });
  */
 export declare class JaypieCertificate extends Construct implements acm.ICertificate {

package/dist/esm/JaypieDistribution.d.ts

@@ -6,7 +6,7 @@ import * as route53 from "aws-cdk-lib/aws-route53";
 import * as s3 from "aws-cdk-lib/aws-s3";
 import { LambdaDestination } from "aws-cdk-lib/aws-s3-notifications";
 import { Construct } from "constructs";
-export interface JaypieDistributionProps extends Omit<cloudfront.DistributionProps, "certificate" | "defaultBehavior"> {
+export interface JaypieDistributionProps extends Omit<cloudfront.DistributionProps, "certificate" | "defaultBehavior" | "logBucket"> {
     /**
      * SSL certificate for the CloudFront distribution
      * @default true (creates a new certificate)
@@ -20,10 +20,21 @@ export interface JaypieDistributionProps extends Omit<cloudfront.DistributionPro
      * Log destination configuration for CloudFront access logs
      * - LambdaDestination: Use a specific Lambda destination for S3 notifications
      * - true: Use Datadog forwarder for S3 notifications (default)
-     * - false: Disable logging entirely
+     * - false: Disable S3 notifications (logging still occurs if logBucket is set)
      * @default true
      */
     destination?: LambdaDestination | boolean;
+    /**
+     * External log bucket for CloudFront access logs.
+     * - IBucket: Use existing bucket directly
+     * - string: Bucket name to import
+     * - { exportName: string }: CloudFormation export name to import
+     * - true: Use account logging bucket (CDK.IMPORT.LOG_BUCKET)
+     * @default undefined (creates new bucket if destination !== false)
+     */
+    logBucket?: s3.IBucket | string | {
+        exportName: string;
+    } | true;
     /**
      * The origin handler - can be an IOrigin, IFunctionUrl, or IFunction
      * If IFunction, a FunctionUrl will be created with auth NONE
@@ -74,6 +85,8 @@ export declare class JaypieDistribution extends Construct implements cloudfront.
     private isIFunctionUrl;
     private isIFunction;
     private hasInvokeMode;
+    private isExportNameObject;
+    private resolveLogBucket;
     get env(): {
         account: string;
         region: string;

package/dist/esm/index.js

@@ -1999,11 +1999,11 @@ function sanitizeDomain(domain) {
  * });
  *
  * @example
- * // Provider/consumer pattern for cross-stack sharing
- * // In sandbox stack:
+ * // Optional: Provider/consumer pattern for cross-stack sharing
+ * // In sandbox stack (explicitly export):
  * new JaypieCertificate(this, { provider: true });
  *
- * // In personal build:
+ * // In personal build (explicitly import):
  * new JaypieCertificate(this, { consumer: true });
  */
 class JaypieCertificate extends Construct {
@@ -2040,7 +2040,7 @@ class JaypieCertificate extends Construct {
             }
         }
         super(scope, id);
-        const { consumer = checkEnvIsConsumer(), domainName: propsDomainName, export: exportParam, provider = checkEnvIsProvider(), roleTag = CDK$2.ROLE.API, zone: propsZone, } = props;
+        const { consumer = false, domainName: propsDomainName, export: exportParam, provider = false, roleTag = CDK$2.ROLE.API, zone: propsZone, } = props;
         // Validate environment variables
         if (process.env.CDK_ENV_API_SUBDOMAIN &&
             !isValidSubdomain(process.env.CDK_ENV_API_SUBDOMAIN)) {
@@ -2325,7 +2325,7 @@ class JaypieDatadogSecret extends JaypieEnvSecret {
 class JaypieDistribution extends Construct {
     constructor(scope, id, props) {
         super(scope, id);
-        const { certificate: certificateProp = true, defaultBehavior: propsDefaultBehavior, destination: destinationProp = true, handler, host: propsHost, invokeMode = lambda.InvokeMode.BUFFERED, originReadTimeout = Duration.seconds(CDK$2.DURATION.CLOUDFRONT_API), roleTag = CDK$2.ROLE.API, zone: propsZone, ...distributionProps } = props;
+        const { certificate: certificateProp = true, defaultBehavior: propsDefaultBehavior, destination: destinationProp = true, handler, host: propsHost, invokeMode = lambda.InvokeMode.BUFFERED, logBucket: logBucketProp, originReadTimeout = Duration.seconds(CDK$2.DURATION.CLOUDFRONT_API), roleTag = CDK$2.ROLE.API, zone: propsZone, ...distributionProps } = props;
         // Validate environment variables
         if (process.env.CDK_ENV_API_SUBDOMAIN &&
             !isValidSubdomain(process.env.CDK_ENV_API_SUBDOMAIN)) {
@@ -2427,12 +2427,16 @@ class JaypieDistribution extends Construct {
             });
             this.certificate = certificateToUse;
         }
-        // Create log bucket if logging is enabled
+        // Resolve or create log bucket
         let logBucket;
-        if (destinationProp !== false) {
-            logBucket = new s3.Bucket(this, constructEnvName("LogBucket"), {
-                objectOwnership: s3.ObjectOwnership.OBJECT_WRITER,
-                removalPolicy: RemovalPolicy.DESTROY,
+        const isExternalBucket = logBucketProp !== undefined;
+        if (logBucketProp !== undefined) {
+            // Use external bucket
+            logBucket = this.resolveLogBucket(logBucketProp);
+        }
+        else if (destinationProp !== false) {
+            // Create new bucket (original behavior)
+            const createdBucket = new s3.Bucket(this, constructEnvName("LogBucket"), {
                 autoDeleteObjects: true,
                 lifecycleRules: [
                     {
@@ -2445,15 +2449,21 @@ class JaypieDistribution extends Construct {
                         ],
                     },
                 ],
+                objectOwnership: s3.ObjectOwnership.OBJECT_WRITER,
+                removalPolicy: RemovalPolicy.DESTROY,
             });
-            Tags.of(logBucket).add(CDK$2.TAG.ROLE, CDK$2.ROLE.STORAGE);
-            // Add S3 notification to Datadog forwarder
+            Tags.of(createdBucket).add(CDK$2.TAG.ROLE, CDK$2.ROLE.STORAGE);
+            logBucket = createdBucket;
+        }
+        // Add S3 notifications if we have a bucket and destination is not false
+        if (logBucket && destinationProp !== false && !isExternalBucket) {
+            // Only add notifications to buckets we created (not external buckets)
             const lambdaDestination = destinationProp === true
                 ? new LambdaDestination(resolveDatadogForwarderFunction(this))
                 : destinationProp;
             logBucket.addEventNotification(s3.EventType.OBJECT_CREATED, lambdaDestination);
-            this.logBucket = logBucket;
         }
+        this.logBucket = logBucket;
         // Create the CloudFront distribution
         this.distribution = new cloudfront.Distribution(this, constructEnvName("Distribution"), {
             defaultBehavior,
@@ -2524,6 +2534,30 @@ class JaypieDistribution extends Construct {
             "invokeMode" in handler &&
             typeof handler.invokeMode === "string");
     }
+    isExportNameObject(value) {
+        return (typeof value === "object" &&
+            value !== null &&
+            "exportName" in value &&
+            typeof value.exportName === "string");
+    }
+    resolveLogBucket(logBucketProp) {
+        // true = use account logging bucket
+        if (logBucketProp === true) {
+            const bucketName = Fn.importValue(CDK$2.IMPORT.LOG_BUCKET);
+            return s3.Bucket.fromBucketName(this, "ImportedLogBucket", bucketName);
+        }
+        // { exportName: string } = import from CloudFormation export
+        if (this.isExportNameObject(logBucketProp)) {
+            const bucketName = Fn.importValue(logBucketProp.exportName);
+            return s3.Bucket.fromBucketName(this, "ImportedLogBucket", bucketName);
+        }
+        // string = bucket name
+        if (typeof logBucketProp === "string") {
+            return s3.Bucket.fromBucketName(this, "ImportedLogBucket", logBucketProp);
+        }
+        // IBucket = use directly
+        return logBucketProp;
+    }
     // Implement IDistribution interface
     get env() {
         return {