npm - @jaypie/constructs - Versions diffs - 1.2.20 → 1.2.22 - Mend

@jaypie/constructs 1.2.20 → 1.2.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cjs/JaypieWebSocket.d.ts +1 -1
package/dist/cjs/index.cjs +45 -54
package/dist/cjs/index.cjs.map +1 -1
package/dist/esm/JaypieWebSocket.d.ts +1 -1
package/dist/esm/index.js +6 -15
package/dist/esm/index.js.map +1 -1
package/package.json +1 -1

package/dist/esm/JaypieWebSocket.d.ts CHANGED Viewed

@@ -109,7 +109,7 @@ export declare class JaypieWebSocket extends Construct {
     get callbackUrl(): string;
     /**
      * Grant a Lambda function permission to manage WebSocket connections
-     * (post to connections, delete connections).
+     * (post messages to connections, get connection info, delete connections).
      */
     grantManageConnections(grantee: lambda.IFunction): iam.Grant;
 }

package/dist/esm/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import * as cdk from 'aws-cdk-lib';
-import { Tags, Stack, Fn, CfnOutput, SecretValue, Duration, RemovalPolicy, CfnStack, ArnFormat } from 'aws-cdk-lib';
+import { Tags, Stack, Fn, CfnOutput, SecretValue, Duration, RemovalPolicy, CfnStack } from 'aws-cdk-lib';
 import * as s3 from 'aws-cdk-lib/aws-s3';
 import { Bucket, StorageClass, BucketAccessControl, EventType } from 'aws-cdk-lib/aws-s3';
 import { Construct } from 'constructs';
@@ -10,7 +10,6 @@ import * as route53Targets from 'aws-cdk-lib/aws-route53-targets';
 import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
 import { DatadogLambda } from 'datadog-cdk-constructs-v2';
 import { ConfigurationError } from '@jaypie/errors';
-import * as iam from 'aws-cdk-lib/aws-iam';
 import { Role, PolicyStatement, Policy, FederatedPrincipal, Effect, ServicePrincipal, ManagedPolicy } from 'aws-cdk-lib/aws-iam';
 import * as acm from 'aws-cdk-lib/aws-certificatemanager';
 import * as lambda from 'aws-cdk-lib/aws-lambda';
@@ -3634,6 +3633,7 @@ class JaypieSsoPermissions extends Construct {
                             "cloudformation:*",
                             "cloudwatch:*",
                             "cost-optimization-hub:*",
+                            "dynamodb:*",
                             "ec2:*",
                             "iam:Get*",
                             "iam:List*",
@@ -4305,21 +4305,12 @@ class JaypieWebSocket extends Construct {
     //
     /**
      * Grant a Lambda function permission to manage WebSocket connections
-     * (post to connections, delete connections).
+     * (post messages to connections, get connection info, delete connections).
      */
     grantManageConnections(grantee) {
-        return iam.Grant.addToPrincipal({
-            actions: ["execute-api:ManageConnections"],
-            grantee: grantee.grantPrincipal,
-            resourceArns: [
-                Stack.of(this).formatArn({
-                    arnFormat: ArnFormat.SLASH_RESOURCE_SLASH_RESOURCE_NAME,
-                    resource: this._api.apiId,
-                    resourceName: `${this._stage.stageName}/POST/@connections/*`,
-                    service: "execute-api",
-                }),
-            ],
-        });
+        // Use the CDK's built-in grantManageConnections which properly grants
+        // permissions for all @connections methods (POST, GET, DELETE) across all stages
+        return this._api.grantManageConnections(grantee);
     }
 }