@jaypie/constructs 1.2.66 → 1.2.68

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/cjs/JaypieDistribution.d.ts +13 -0
  2. package/dist/cjs/helpers/__tests__/extendDatadogRole.spec.d.ts +1 -0
  3. package/dist/cjs/helpers/extendDatadogRole.d.ts +1 -0
  4. package/dist/cjs/index.cjs +16 -1
  5. package/dist/cjs/index.cjs.map +1 -1
  6. package/dist/esm/JaypieDistribution.d.ts +13 -0
  7. package/dist/esm/helpers/__tests__/extendDatadogRole.spec.d.ts +1 -0
  8. package/dist/esm/helpers/extendDatadogRole.d.ts +1 -0
  9. package/dist/esm/index.js +16 -1
  10. package/dist/esm/index.js.map +1 -1
  11. package/package.json +1 -1
package/dist/esm/JaypieDistribution.d.ts CHANGED
@@ -213,6 +213,19 @@ export interface JaypieDistributionProps extends Omit<cloudfront.DistributionPro
213
213
  * @default CDK.ROLE.HOSTING
214
214
  */
215
215
  roleTag?: string;
216
+ /**
217
+ * Service tag for attributing this distribution to a service (parallel to
218
+ * `roleTag`, matching `JaypieLambda`). When set, the distribution is tagged
219
+ * with `CDK.TAG.SERVICE` (so metrics carry `service:<value>` instead of
220
+ * `service:N/A`) and the created access-log and WAF-log buckets are tagged
221
+ * with the same value, so the Datadog forwarder attributes their forwarded
222
+ * logs to the service instead of the generic `cloudfront`/source default.
223
+ *
224
+ * Omit to preserve current behavior (no service tag). Has no effect on
225
+ * external/imported log buckets, which this construct does not own.
226
+ * @default undefined (no service tag)
227
+ */
228
+ serviceTag?: string;
216
229
  /**
217
230
  * WAF WebACL configuration for the CloudFront distribution.
218
231
  * - true/undefined: create and attach a WebACL with sensible defaults
package/dist/esm/helpers/extendDatadogRole.d.ts CHANGED
@@ -23,6 +23,7 @@ export interface ExtendDatadogRoleOptions {
23
23
  * If found, creates a custom policy with:
24
24
  * - budgets:ViewBudget
25
25
  * - logs:DescribeLogGroups
26
+ * - trustedadvisor:ListRecommendations
26
27
  *
27
28
  * @param scope - The construct scope
28
29
  * @param options - Configuration options
package/dist/esm/index.js CHANGED
@@ -429,6 +429,7 @@ function envHostname({ component, domain, env, subdomain, } = {}) {
429
429
  * If found, creates a custom policy with:
430
430
  * - budgets:ViewBudget
431
431
  * - logs:DescribeLogGroups
432
+ * - trustedadvisor:ListRecommendations
432
433
  *
433
434
  * @param scope - The construct scope
434
435
  * @param options - Configuration options
@@ -455,6 +456,11 @@ function extendDatadogRole(scope, options) {
455
456
  actions: ["logs:DescribeLogGroups"],
456
457
  resources: ["*"],
457
458
  }),
459
+ // Allow list trusted advisor recommendations
460
+ new PolicyStatement({
461
+ actions: ["trustedadvisor:ListRecommendations"],
462
+ resources: ["*"],
463
+ }),
458
464
  ];
459
465
  // Create the custom policy
460
466
  const datadogCustomPolicy = new Policy(scope, id, {
@@ -2672,7 +2678,7 @@ const DEFAULT_MANAGED_RULES$1 = [
2672
2678
  class JaypieDistribution extends Construct {
2673
2679
  constructor(scope, id, props) {
2674
2680
  super(scope, id);
2675
- const { certificate: certificateProp = true, defaultBehavior: propsDefaultBehavior, deleteExistingRecord = false, destination: destinationProp = true, handler, host: propsHost, logBucket: logBucketProp, originReadTimeout = Duration.seconds(CDK$2.DURATION.CLOUDFRONT_API), responseHeadersPolicy: responseHeadersPolicyProp, roleTag = CDK$2.ROLE.API, securityHeaders: securityHeadersProp, streaming = false, waf: wafProp = true, zone: propsZone, ...distributionProps } = props;
2681
+ const { certificate: certificateProp = true, defaultBehavior: propsDefaultBehavior, deleteExistingRecord = false, destination: destinationProp = true, handler, host: propsHost, logBucket: logBucketProp, originReadTimeout = Duration.seconds(CDK$2.DURATION.CLOUDFRONT_API), responseHeadersPolicy: responseHeadersPolicyProp, roleTag = CDK$2.ROLE.API, securityHeaders: securityHeadersProp, serviceTag, streaming = false, waf: wafProp = true, zone: propsZone, ...distributionProps } = props;
2676
2682
  // Validate environment variables
2677
2683
  if (process.env.CDK_ENV_API_SUBDOMAIN &&
2678
2684
  !isValidSubdomain(process.env.CDK_ENV_API_SUBDOMAIN)) {
@@ -2881,6 +2887,9 @@ class JaypieDistribution extends Construct {
2881
2887
  removalPolicy: RemovalPolicy.DESTROY,
2882
2888
  });
2883
2889
  Tags.of(createdBucket).add(CDK$2.TAG.ROLE, CDK$2.ROLE.STORAGE);
2890
+ if (serviceTag) {
2891
+ Tags.of(createdBucket).add(CDK$2.TAG.SERVICE, serviceTag);
2892
+ }
2884
2893
  logBucket = createdBucket;
2885
2894
  }
2886
2895
  // Add S3 notifications if we have a bucket and destination is not false
@@ -2911,6 +2920,9 @@ class JaypieDistribution extends Construct {
2911
2920
  ...distributionProps,
2912
2921
  });
2913
2922
  Tags.of(this.distribution).add(CDK$2.TAG.ROLE, roleTag);
2923
+ if (serviceTag) {
2924
+ Tags.of(this.distribution).add(CDK$2.TAG.SERVICE, serviceTag);
2925
+ }
2914
2926
  this.distributionArn = `arn:aws:cloudfront::${Stack.of(this).account}:distribution/${this.distribution.distributionId}`;
2915
2927
  this.distributionDomainName = this.distribution.distributionDomainName;
2916
2928
  this.distributionId = this.distribution.distributionId;
@@ -3115,6 +3127,9 @@ class JaypieDistribution extends Construct {
3115
3127
  removalPolicy: RemovalPolicy.RETAIN,
3116
3128
  });
3117
3129
  Tags.of(createdBucket).add(CDK$2.TAG.ROLE, CDK$2.ROLE.MONITORING);
3130
+ if (serviceTag) {
3131
+ Tags.of(createdBucket).add(CDK$2.TAG.SERVICE, serviceTag);
3132
+ }
3118
3133
  // Add Datadog forwarder notification
3119
3134
  if (destinationProp !== false) {
3120
3135
  const lambdaDestination = destinationProp === true