@kirkelliott/zap 0.1.5 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +44 -0
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -34,6 +34,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
34
34
|
};
|
|
35
35
|
})();
|
|
36
36
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
37
|
+
const client_lambda_1 = require("@aws-sdk/client-lambda");
|
|
37
38
|
const client_s3_1 = require("@aws-sdk/client-s3");
|
|
38
39
|
const commander_1 = require("commander");
|
|
39
40
|
const promises_1 = require("node:fs/promises");
|
|
@@ -151,4 +152,47 @@ program
|
|
|
151
152
|
const files = await walkZap(demoDir, 'demo');
|
|
152
153
|
await Promise.all(files.map(({ filePath, key }) => deployFile(b, filePath, key)));
|
|
153
154
|
});
|
|
155
|
+
program
|
|
156
|
+
.command('debug')
|
|
157
|
+
.description('show Lambda function URL auth config and resource-based policy')
|
|
158
|
+
.action(async () => {
|
|
159
|
+
const cfg = readConfig();
|
|
160
|
+
const region = cfg.region ?? 'us-east-1';
|
|
161
|
+
const fn = cfg.functionArn ?? cfg.function ?? 'zap-runtime';
|
|
162
|
+
const lambda = new client_lambda_1.LambdaClient({ region });
|
|
163
|
+
try {
|
|
164
|
+
const { AuthType, FunctionUrl } = await lambda.send(new client_lambda_1.GetFunctionUrlConfigCommand({ FunctionName: fn }));
|
|
165
|
+
console.log(`url: ${FunctionUrl}`);
|
|
166
|
+
console.log(`auth type: ${AuthType}`);
|
|
167
|
+
}
|
|
168
|
+
catch (err) {
|
|
169
|
+
console.log('function url: not found -', err.message);
|
|
170
|
+
}
|
|
171
|
+
try {
|
|
172
|
+
const { Policy } = await lambda.send(new client_lambda_1.GetPolicyCommand({ FunctionName: fn }));
|
|
173
|
+
console.log('\nresource policy:');
|
|
174
|
+
console.log(JSON.stringify(JSON.parse(Policy), null, 2));
|
|
175
|
+
}
|
|
176
|
+
catch (err) {
|
|
177
|
+
console.log('\nresource policy: none -', err.message);
|
|
178
|
+
}
|
|
179
|
+
});
|
|
180
|
+
program
|
|
181
|
+
.command('repair')
|
|
182
|
+
.description('re-apply Lambda Function URL public access permissions')
|
|
183
|
+
.action(async () => {
|
|
184
|
+
const cfg = readConfig();
|
|
185
|
+
const region = cfg.region ?? 'us-east-1';
|
|
186
|
+
const fn = cfg.functionArn ?? cfg.function ?? 'zap-runtime';
|
|
187
|
+
const lambda = new client_lambda_1.LambdaClient({ region });
|
|
188
|
+
await lambda.send(new client_lambda_1.UpdateFunctionUrlConfigCommand({ FunctionName: fn, AuthType: 'NONE', Cors: { AllowOrigins: ['*'], AllowMethods: ['*'], AllowHeaders: ['*'] } }));
|
|
189
|
+
try {
|
|
190
|
+
await lambda.send(new client_lambda_1.RemovePermissionCommand({ FunctionName: fn, StatementId: 'public-access' }));
|
|
191
|
+
}
|
|
192
|
+
catch { }
|
|
193
|
+
await lambda.send(new client_lambda_1.AddPermissionCommand({ FunctionName: fn, StatementId: 'public-access', Action: 'lambda:InvokeFunctionUrl', Principal: '*', FunctionUrlAuthType: 'NONE' }));
|
|
194
|
+
console.log('✓ permissions repaired');
|
|
195
|
+
if (cfg.url)
|
|
196
|
+
console.log(`\n → ${cfg.url.trim()}\n`);
|
|
197
|
+
});
|
|
154
198
|
program.parse();
|