@justworkflowit/cdk-constructs 0.0.312 → 0.0.314

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/LICENSE +1 -1
  2. package/dist/__tests__/constructs/justWorkflowItConstructs.test.js +1 -1
  3. package/dist/constructs/justWorkflowItConstructs.d.ts +5 -0
  4. package/dist/constructs/justWorkflowItConstructs.js +25 -14
  5. package/dist/lambda/definitionDeployerLambda.js +8791 -10612
  6. package/package.json +9 -4
package/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  MIT License
2
2
 
3
- Copyright (c) 2025 JustWorkflowIt
3
+ Copyright (c) 2026 JustWorkflowIt
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
package/dist/__tests__/constructs/justWorkflowItConstructs.test.js CHANGED
@@ -319,7 +319,7 @@ describe('JustWorkflowItConstructs', () => {
319
319
  $ref: '#/definitions/metadataType',
320
320
  },
321
321
  },
322
- required: ['businessId'],
322
+ required: ['businessId', 'metadata'],
323
323
  additionalProperties: false,
324
324
  },
325
325
  metadataType: {
package/dist/constructs/justWorkflowItConstructs.d.ts CHANGED
@@ -1,11 +1,16 @@
1
1
  import { Construct } from 'constructs';
2
+ import { Role } from 'aws-cdk-lib/aws-iam';
2
3
  export interface JustWorkflowItConstructsProps {
3
4
  disambiguator: string;
4
5
  organizationId: string;
5
6
  workflowDefinitions: string[];
6
7
  ignoreDefinitionDeployerFailures?: boolean;
8
+ lambdaArns?: string[];
9
+ snsTopicArns?: string[];
10
+ sqsQueueArns?: string[];
7
11
  }
8
12
  export declare class JustWorkflowItConstructs extends Construct {
9
13
  private static readonly CONSTRUCT_ID_PREFIX;
14
+ readonly executionRole: Role;
10
15
  constructor(scope: Construct, props: JustWorkflowItConstructsProps);
11
16
  }
package/dist/constructs/justWorkflowItConstructs.js CHANGED
@@ -95,11 +95,14 @@ class JustWorkflowItConstructs extends constructs_1.Construct {
95
95
  const secret = new aws_secretsmanager_1.Secret(this, 'JustWorkflowItAuthTokenSecret', {
96
96
  secretName,
97
97
  secretStringValue: aws_cdk_lib_1.SecretValue.unsafePlainText('REPLACE_ME_WITH_JUST_WORKFLOW_IT_AUTH_TOKEN'),
98
- description: 'Paste your JustWorkflowIt API auth token here to enable secure communication.',
98
+ description: 'Replace this placeholder with your JustWorkflowIt API auth token to enable workflow deployment.',
99
99
  });
100
100
  const bucket = new aws_s3_1.Bucket(this, 'WorkflowDefinitionsBucket', {
101
101
  removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
102
102
  autoDeleteObjects: true,
103
+ blockPublicAccess: aws_s3_1.BlockPublicAccess.BLOCK_ALL,
104
+ enforceSSL: true,
105
+ encryption: aws_s3_1.BucketEncryption.S3_MANAGED,
103
106
  });
104
107
  // Upload each definition and collect its S3 key
105
108
  const definitionKeys = [];
@@ -119,7 +122,7 @@ class JustWorkflowItConstructs extends constructs_1.Construct {
119
122
  exclude: ['*.ts', '*.d.ts'],
120
123
  }),
121
124
  handler: 'definitionDeployerLambda.handler',
122
- runtime: aws_lambda_1.Runtime.NODEJS_20_X,
125
+ runtime: aws_lambda_1.Runtime.NODEJS_24_X,
123
126
  timeout: aws_cdk_lib_1.Duration.minutes(5),
124
127
  environment: {
125
128
  AUTH_SECRET_NAME: secretName,
@@ -149,20 +152,28 @@ class JustWorkflowItConstructs extends constructs_1.Construct {
149
152
  const executionRole = new aws_iam_1.Role(this, 'JustWorkflowItAutomationExecutionRole', {
150
153
  roleName: `JustWorkflowItExecutionRole`,
151
154
  assumedBy: new aws_iam_1.AccountPrincipal(JUSTWORKFLOWIT_PRODUCTION_ACCOUNT),
155
+ externalIds: [props.organizationId],
152
156
  description: 'Role assumed by JustWorkflowIt backend to perform workflow actions in this account.',
153
157
  });
154
- executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
155
- actions: ['lambda:InvokeFunction'],
156
- resources: ['*'],
157
- }));
158
- executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
159
- actions: ['sns:Publish'],
160
- resources: ['*'],
161
- }));
162
- executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
163
- actions: ['sqs:SendMessage'],
164
- resources: ['*'],
165
- }));
158
+ if (props.lambdaArns && props.lambdaArns.length > 0) {
159
+ executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
160
+ actions: ['lambda:InvokeFunction'],
161
+ resources: props.lambdaArns,
162
+ }));
163
+ }
164
+ if (props.snsTopicArns && props.snsTopicArns.length > 0) {
165
+ executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
166
+ actions: ['sns:Publish'],
167
+ resources: props.snsTopicArns,
168
+ }));
169
+ }
170
+ if (props.sqsQueueArns && props.sqsQueueArns.length > 0) {
171
+ executionRole.addToPolicy(new aws_iam_1.PolicyStatement({
172
+ actions: ['sqs:SendMessage'],
173
+ resources: props.sqsQueueArns,
174
+ }));
175
+ }
176
+ this.executionRole = executionRole;
166
177
  }
167
178
  }
168
179
  exports.JustWorkflowItConstructs = JustWorkflowItConstructs;