@openhi/constructs 0.0.114 → 0.0.116
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/chunk-AHYQFT4N.mjs +212 -0
- package/lib/chunk-AHYQFT4N.mjs.map +1 -0
- package/lib/{chunk-CUUKXDB2.mjs → chunk-AJQUWHFK.mjs} +460 -54
- package/lib/chunk-AJQUWHFK.mjs.map +1 -0
- package/lib/{chunk-GBDIGTNV.mjs → chunk-QWWLM452.mjs} +2 -2
- package/lib/{chunk-QMBJ4VHC.mjs → chunk-U7L7T4XU.mjs} +25 -25
- package/lib/{chunk-QMBJ4VHC.mjs.map → chunk-U7L7T4XU.mjs.map} +1 -1
- package/lib/{chunk-NZRW7ROK.mjs → chunk-YYRWDEG4.mjs} +2 -2
- package/lib/{chunk-KSFC72TT.mjs → chunk-ZHMHLK3S.mjs} +2 -2
- package/lib/{events-DPodvl07.d.mts → events-CMG8xanm.d.mts} +7 -53
- package/lib/{events-DPodvl07.d.ts → events-CMG8xanm.d.ts} +7 -53
- package/lib/index.d.mts +330 -84
- package/lib/index.d.ts +350 -136
- package/lib/index.js +844 -301
- package/lib/index.js.map +1 -1
- package/lib/index.mjs +472 -304
- package/lib/index.mjs.map +1 -1
- package/lib/pre-token-generation.handler.mjs +3 -3
- package/lib/provision-default-workspace.handler.mjs +3 -3
- package/lib/rest-api-lambda.handler.mjs +282 -452
- package/lib/rest-api-lambda.handler.mjs.map +1 -1
- package/lib/seed-demo-data.handler.d.mts +6 -3
- package/lib/seed-demo-data.handler.d.ts +6 -3
- package/lib/seed-demo-data.handler.js +656 -0
- package/lib/seed-demo-data.handler.js.map +1 -1
- package/lib/seed-demo-data.handler.mjs +4 -4
- package/lib/static-hosting.viewer-request-handler.d.mts +54 -0
- package/lib/static-hosting.viewer-request-handler.d.ts +54 -0
- package/lib/static-hosting.viewer-request-handler.js +79 -0
- package/lib/static-hosting.viewer-request-handler.js.map +1 -0
- package/lib/static-hosting.viewer-request-handler.mjs +53 -0
- package/lib/static-hosting.viewer-request-handler.mjs.map +1 -0
- package/package.json +2 -2
- package/lib/chunk-53OHXLIL.mjs +0 -27
- package/lib/chunk-53OHXLIL.mjs.map +0 -1
- package/lib/chunk-CUUKXDB2.mjs.map +0 -1
- /package/lib/{chunk-GBDIGTNV.mjs.map → chunk-QWWLM452.mjs.map} +0 -0
- /package/lib/{chunk-NZRW7ROK.mjs.map → chunk-YYRWDEG4.mjs.map} +0 -0
- /package/lib/{chunk-KSFC72TT.mjs.map → chunk-ZHMHLK3S.mjs.map} +0 -0
package/lib/index.js
CHANGED
|
@@ -771,7 +771,6 @@ __export(src_exports, {
|
|
|
771
771
|
CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE: () => CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE,
|
|
772
772
|
CONTROL_EVENT_BUS_NAME_ENV_VAR: () => CONTROL_EVENT_BUS_NAME_ENV_VAR,
|
|
773
773
|
ChildHostedZone: () => ChildHostedZone,
|
|
774
|
-
CognitoFixtureSeederClient: () => CognitoFixtureSeederClient,
|
|
775
774
|
CognitoUserPool: () => CognitoUserPool,
|
|
776
775
|
CognitoUserPoolClient: () => CognitoUserPoolClient,
|
|
777
776
|
CognitoUserPoolDomain: () => CognitoUserPoolDomain,
|
|
@@ -786,6 +785,7 @@ __export(src_exports, {
|
|
|
786
785
|
DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES: () => DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES,
|
|
787
786
|
DATA_STORE_CHANGE_DETAIL_TYPE: () => DATA_STORE_CHANGE_DETAIL_TYPE,
|
|
788
787
|
DATA_STORE_CHANGE_EVENT_SOURCE: () => DATA_STORE_CHANGE_EVENT_SOURCE,
|
|
788
|
+
DEMO_DATA_PLANE_FIXTURES: () => DEMO_DATA_PLANE_FIXTURES,
|
|
789
789
|
DEMO_PERIOD: () => DEMO_PERIOD,
|
|
790
790
|
DEMO_TENANT_SPECS: () => DEMO_TENANT_SPECS,
|
|
791
791
|
DEMO_URN_SYSTEM: () => DEMO_URN_SYSTEM,
|
|
@@ -816,6 +816,7 @@ __export(src_exports, {
|
|
|
816
816
|
OpenHiRestApiService: () => OpenHiRestApiService,
|
|
817
817
|
OpenHiService: () => OpenHiService,
|
|
818
818
|
OpenHiStage: () => OpenHiStage,
|
|
819
|
+
OpenHiWebsiteService: () => OpenHiWebsiteService,
|
|
819
820
|
OpsEventBus: () => OpsEventBus,
|
|
820
821
|
OwningDeleteCascadeLambdas: () => OwningDeleteCascadeLambdas,
|
|
821
822
|
OwningDeleteCascadeWorkflow: () => OwningDeleteCascadeWorkflow,
|
|
@@ -851,11 +852,13 @@ __export(src_exports, {
|
|
|
851
852
|
SEED_SYSTEM_DATA_ACTOR_SYSTEM: () => SEED_SYSTEM_DATA_ACTOR_SYSTEM,
|
|
852
853
|
SEED_SYSTEM_DATA_CONSUMER_NAME: () => SEED_SYSTEM_DATA_CONSUMER_NAME,
|
|
853
854
|
SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR: () => SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR,
|
|
855
|
+
SSM_PARAM_NAME_FULL_DOMAIN: () => SSM_PARAM_NAME_FULL_DOMAIN,
|
|
854
856
|
STATIC_HOSTING_SERVICE_TYPE: () => STATIC_HOSTING_SERVICE_TYPE,
|
|
855
857
|
SeedDemoDataLambda: () => SeedDemoDataLambda,
|
|
856
858
|
SeedDemoDataWorkflow: () => SeedDemoDataWorkflow,
|
|
857
859
|
SeedSystemDataLambda: () => SeedSystemDataLambda,
|
|
858
860
|
SeedSystemDataWorkflow: () => SeedSystemDataWorkflow,
|
|
861
|
+
StaticContent: () => StaticContent,
|
|
859
862
|
StaticHosting: () => StaticHosting,
|
|
860
863
|
USER_ONBOARDING_EVENT_SOURCE: () => USER_ONBOARDING_EVENT_SOURCE,
|
|
861
864
|
UserOnboardingWorkflow: () => UserOnboardingWorkflow,
|
|
@@ -864,23 +867,15 @@ __export(src_exports, {
|
|
|
864
867
|
WorkflowDedupTableDuplicateError: () => WorkflowDedupTableDuplicateError,
|
|
865
868
|
buildFhirCurrentResourceChangeDetail: () => buildFhirCurrentResourceChangeDetail,
|
|
866
869
|
buildProvisionDefaultWorkspaceRequestedDetail: () => buildProvisionDefaultWorkspaceRequestedDetail,
|
|
867
|
-
demoBasePartitionKeys: () => demoBasePartitionKeys,
|
|
868
|
-
demoDevUserPartitionKeys: () => demoDevUserPartitionKeys,
|
|
869
870
|
demoMembershipId: () => demoMembershipId,
|
|
870
|
-
demoMembershipPartitionKey: () => demoMembershipPartitionKey,
|
|
871
871
|
demoRoleAssignmentId: () => demoRoleAssignmentId,
|
|
872
|
-
demoRoleAssignmentPartitionKey: () => demoRoleAssignmentPartitionKey,
|
|
873
872
|
demoRolesForUserInTenant: () => demoRolesForUserInTenant,
|
|
874
873
|
demoScenarioIdentifier: () => demoScenarioIdentifier,
|
|
875
|
-
demoTenantPartitionKey: () => demoTenantPartitionKey,
|
|
876
|
-
demoUserPartitionKey: () => demoUserPartitionKey,
|
|
877
|
-
demoWorkspacePartitionKey: () => demoWorkspacePartitionKey,
|
|
878
874
|
getDynamoDbDataStoreTableName: () => getDynamoDbDataStoreTableName,
|
|
879
875
|
getPostgresReplicaSchemaName: () => getPostgresReplicaSchemaName,
|
|
880
876
|
getWorkflowDedupTableName: () => getWorkflowDedupTableName,
|
|
881
877
|
openHiTagKey: () => openHiTagKey,
|
|
882
|
-
openhiResourceIdentifier: () => openhiResourceIdentifier
|
|
883
|
-
rolePartitionKey: () => rolePartitionKey
|
|
878
|
+
openhiResourceIdentifier: () => openhiResourceIdentifier
|
|
884
879
|
});
|
|
885
880
|
module.exports = __toCommonJS(src_exports);
|
|
886
881
|
|
|
@@ -1352,47 +1347,9 @@ var _RootGraphqlApi = class _RootGraphqlApi extends import_aws_appsync.GraphqlAp
|
|
|
1352
1347
|
_RootGraphqlApi.SSM_PARAM_NAME = "ROOT_GRAPHQL_API";
|
|
1353
1348
|
var RootGraphqlApi = _RootGraphqlApi;
|
|
1354
1349
|
|
|
1355
|
-
// src/components/cognito/cognito-fixture-seeder-client.ts
|
|
1356
|
-
var import_aws_cdk_lib6 = require("aws-cdk-lib");
|
|
1357
|
-
var import_aws_cognito = require("aws-cdk-lib/aws-cognito");
|
|
1358
|
-
var CognitoFixtureSeederClient = class extends import_aws_cognito.UserPoolClient {
|
|
1359
|
-
constructor(scope, props) {
|
|
1360
|
-
const { userPool, ...rest } = props;
|
|
1361
|
-
super(scope, "fixture-seeder-client", {
|
|
1362
|
-
userPool,
|
|
1363
|
-
generateSecret: false,
|
|
1364
|
-
authFlows: {
|
|
1365
|
-
userPassword: true
|
|
1366
|
-
},
|
|
1367
|
-
// No OAuth flows — the seeder calls Cognito's `InitiateAuth`
|
|
1368
|
-
// directly with USER_PASSWORD_AUTH, not through the hosted-UI
|
|
1369
|
-
// OAuth grant flows the SPA client uses. `disableOAuth: true`
|
|
1370
|
-
// causes CDK to omit `AllowedOAuthFlowsUserPoolClient` entirely;
|
|
1371
|
-
// passing an empty `oAuth` block instead still flips that flag on
|
|
1372
|
-
// and Cognito rejects the create call for missing flows/scopes.
|
|
1373
|
-
disableOAuth: true,
|
|
1374
|
-
// Short-lived tokens: a seeder run takes seconds, not hours.
|
|
1375
|
-
// 1h access-token validity is the minimum Cognito permits and is
|
|
1376
|
-
// plenty for a fixture run.
|
|
1377
|
-
accessTokenValidity: import_aws_cdk_lib6.Duration.hours(1),
|
|
1378
|
-
idTokenValidity: import_aws_cdk_lib6.Duration.hours(1),
|
|
1379
|
-
refreshTokenValidity: import_aws_cdk_lib6.Duration.days(1),
|
|
1380
|
-
preventUserExistenceErrors: true,
|
|
1381
|
-
...rest
|
|
1382
|
-
});
|
|
1383
|
-
}
|
|
1384
|
-
};
|
|
1385
|
-
/**
|
|
1386
|
-
* SSM parameter name suffix used to publish this client's ID for
|
|
1387
|
-
* cross-stack lookups. Built into a full parameter name via
|
|
1388
|
-
* `buildParameterName` with `serviceType` AUTH (since the auth stack
|
|
1389
|
-
* owns this resource).
|
|
1390
|
-
*/
|
|
1391
|
-
CognitoFixtureSeederClient.SSM_PARAM_NAME = "COGNITO_FIXTURE_SEEDER_CLIENT";
|
|
1392
|
-
|
|
1393
1350
|
// src/components/cognito/cognito-user-pool.ts
|
|
1394
|
-
var
|
|
1395
|
-
var CognitoUserPool = class extends
|
|
1351
|
+
var import_aws_cognito = require("aws-cdk-lib/aws-cognito");
|
|
1352
|
+
var CognitoUserPool = class extends import_aws_cognito.UserPool {
|
|
1396
1353
|
constructor(scope, props = {}) {
|
|
1397
1354
|
const service = OpenHiService.of(scope);
|
|
1398
1355
|
super(scope, "user-pool", {
|
|
@@ -1406,13 +1363,13 @@ var CognitoUserPool = class extends import_aws_cognito2.UserPool {
|
|
|
1406
1363
|
userVerification: {
|
|
1407
1364
|
emailSubject: "Verify your email!",
|
|
1408
1365
|
emailBody: "Your verification code is {####}.",
|
|
1409
|
-
emailStyle:
|
|
1366
|
+
emailStyle: import_aws_cognito.VerificationEmailStyle.CODE
|
|
1410
1367
|
},
|
|
1411
1368
|
removalPolicy: props.removalPolicy ?? service.removalPolicy,
|
|
1412
1369
|
// Plus is required for access-token V2 claim customization in the
|
|
1413
1370
|
// pre-token-generation Lambda. Essentials silently drops
|
|
1414
1371
|
// claimsAndScopeOverrideDetails.accessTokenGeneration.claimsToAddOrOverride.
|
|
1415
|
-
featurePlan:
|
|
1372
|
+
featurePlan: import_aws_cognito.FeaturePlan.PLUS,
|
|
1416
1373
|
/**
|
|
1417
1374
|
* Over-rideable props
|
|
1418
1375
|
*/
|
|
@@ -1430,8 +1387,8 @@ var CognitoUserPool = class extends import_aws_cognito2.UserPool {
|
|
|
1430
1387
|
CognitoUserPool.SSM_PARAM_NAME = "COGNITO_USER_POOL";
|
|
1431
1388
|
|
|
1432
1389
|
// src/components/cognito/cognito-user-pool-client.ts
|
|
1433
|
-
var
|
|
1434
|
-
var CognitoUserPoolClient = class extends
|
|
1390
|
+
var import_aws_cognito2 = require("aws-cdk-lib/aws-cognito");
|
|
1391
|
+
var CognitoUserPoolClient = class extends import_aws_cognito2.UserPoolClient {
|
|
1435
1392
|
constructor(scope, props) {
|
|
1436
1393
|
super(scope, "user-pool-client", {
|
|
1437
1394
|
/**
|
|
@@ -1458,8 +1415,8 @@ var CognitoUserPoolClient = class extends import_aws_cognito3.UserPoolClient {
|
|
|
1458
1415
|
CognitoUserPoolClient.SSM_PARAM_NAME = "COGNITO_USER_POOL_CLIENT";
|
|
1459
1416
|
|
|
1460
1417
|
// src/components/cognito/cognito-user-pool-domain.ts
|
|
1461
|
-
var
|
|
1462
|
-
var CognitoUserPoolDomain = class extends
|
|
1418
|
+
var import_aws_cognito3 = require("aws-cdk-lib/aws-cognito");
|
|
1419
|
+
var CognitoUserPoolDomain = class extends import_aws_cognito3.UserPoolDomain {
|
|
1463
1420
|
constructor(scope, props) {
|
|
1464
1421
|
const id = props.cognitoDomain?.domainPrefix ? "cognito-domain" : "custom-domain";
|
|
1465
1422
|
super(scope, id, {
|
|
@@ -1697,7 +1654,7 @@ function buildFhirCurrentResourceChangeDetail(record, keys) {
|
|
|
1697
1654
|
// src/components/dynamodb/data-store-historical-archive.ts
|
|
1698
1655
|
var import_node_fs4 = __toESM(require("fs"));
|
|
1699
1656
|
var import_node_path4 = __toESM(require("path"));
|
|
1700
|
-
var
|
|
1657
|
+
var import_aws_cdk_lib6 = require("aws-cdk-lib");
|
|
1701
1658
|
var kinesisfirehose = __toESM(require("aws-cdk-lib/aws-kinesisfirehose"));
|
|
1702
1659
|
var import_aws_lambda4 = require("aws-cdk-lib/aws-lambda");
|
|
1703
1660
|
var import_aws_lambda_nodejs4 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
@@ -1719,7 +1676,7 @@ var DataStoreHistoricalArchive = class extends import_constructs4.Construct {
|
|
|
1719
1676
|
encryption: s3.BucketEncryption.S3_MANAGED,
|
|
1720
1677
|
enforceSSL: true,
|
|
1721
1678
|
removalPolicy: props.removalPolicy,
|
|
1722
|
-
autoDeleteObjects: props.removalPolicy ===
|
|
1679
|
+
autoDeleteObjects: props.removalPolicy === import_aws_cdk_lib6.RemovalPolicy.DESTROY,
|
|
1723
1680
|
versioned: true
|
|
1724
1681
|
});
|
|
1725
1682
|
const putEventsFailureDlqBucket = props.dataEventBus ? new s3.Bucket(this, "PutEventsFailureDlq", {
|
|
@@ -1727,7 +1684,7 @@ var DataStoreHistoricalArchive = class extends import_constructs4.Construct {
|
|
|
1727
1684
|
encryption: s3.BucketEncryption.S3_MANAGED,
|
|
1728
1685
|
enforceSSL: true,
|
|
1729
1686
|
removalPolicy: props.removalPolicy,
|
|
1730
|
-
autoDeleteObjects: props.removalPolicy ===
|
|
1687
|
+
autoDeleteObjects: props.removalPolicy === import_aws_cdk_lib6.RemovalPolicy.DESTROY,
|
|
1731
1688
|
versioned: false
|
|
1732
1689
|
}) : void 0;
|
|
1733
1690
|
this.putEventsFailureDlqBucket = putEventsFailureDlqBucket;
|
|
@@ -1735,7 +1692,7 @@ var DataStoreHistoricalArchive = class extends import_constructs4.Construct {
|
|
|
1735
1692
|
entry: resolveHandlerEntry4(__dirname),
|
|
1736
1693
|
runtime: import_aws_lambda4.Runtime.NODEJS_LATEST,
|
|
1737
1694
|
memorySize: 512,
|
|
1738
|
-
timeout:
|
|
1695
|
+
timeout: import_aws_cdk_lib6.Duration.minutes(1),
|
|
1739
1696
|
description: "Firehose transform: filter CURRENT resource rows, S3 keys, EventBridge PutEvents",
|
|
1740
1697
|
environment: props.dataEventBus && putEventsFailureDlqBucket ? {
|
|
1741
1698
|
DATA_EVENT_BUS_NAME: props.dataEventBus.eventBusName,
|
|
@@ -1751,16 +1708,16 @@ var DataStoreHistoricalArchive = class extends import_constructs4.Construct {
|
|
|
1751
1708
|
const processor = new kinesisfirehose.LambdaFunctionProcessor(
|
|
1752
1709
|
this.transformFunction,
|
|
1753
1710
|
{
|
|
1754
|
-
bufferInterval:
|
|
1755
|
-
bufferSize:
|
|
1711
|
+
bufferInterval: import_aws_cdk_lib6.Duration.seconds(60),
|
|
1712
|
+
bufferSize: import_aws_cdk_lib6.Size.mebibytes(3),
|
|
1756
1713
|
retries: 3
|
|
1757
1714
|
}
|
|
1758
1715
|
);
|
|
1759
1716
|
const destination = new kinesisfirehose.S3Bucket(this.archiveBucket, {
|
|
1760
1717
|
compression: kinesisfirehose.Compression.GZIP,
|
|
1761
|
-
bufferingInterval:
|
|
1718
|
+
bufferingInterval: import_aws_cdk_lib6.Duration.seconds(300),
|
|
1762
1719
|
// Firehose requires SizeInMBs ≥ 64 when dynamic partitioning is enabled.
|
|
1763
|
-
bufferingSize:
|
|
1720
|
+
bufferingSize: import_aws_cdk_lib6.Size.mebibytes(64),
|
|
1764
1721
|
processors: [processor],
|
|
1765
1722
|
errorOutputPrefix: "errors/!{firehose:error-output-type}/!{timestamp:yyyy/MM/dd/HH}/",
|
|
1766
1723
|
loggingConfig: new kinesisfirehose.EnableLogging()
|
|
@@ -1868,7 +1825,7 @@ var DynamoDbDataStore = class extends import_aws_dynamodb.Table {
|
|
|
1868
1825
|
|
|
1869
1826
|
// src/components/dynamodb/workflow-dedup-table.ts
|
|
1870
1827
|
var import_workflows = __toESM(require_lib2());
|
|
1871
|
-
var
|
|
1828
|
+
var import_aws_cdk_lib7 = require("aws-cdk-lib");
|
|
1872
1829
|
var import_aws_dynamodb2 = require("aws-cdk-lib/aws-dynamodb");
|
|
1873
1830
|
var import_aws_iam = require("aws-cdk-lib/aws-iam");
|
|
1874
1831
|
var import_constructs5 = require("constructs");
|
|
@@ -1999,7 +1956,7 @@ var _WorkflowDedupTable = class _WorkflowDedupTable extends import_constructs5.C
|
|
|
1999
1956
|
grantConsumer(fn, consumerName, options = {}) {
|
|
2000
1957
|
this.assertConsumerName(consumerName);
|
|
2001
1958
|
if (this.registeredConsumers.has(consumerName)) {
|
|
2002
|
-
|
|
1959
|
+
import_aws_cdk_lib7.Annotations.of(this).addWarning(
|
|
2003
1960
|
`WorkflowDedupTable: consumerName "${consumerName}" registered more than once; subsequent grantConsumer calls add policy statements but do not re-inject the env var.`
|
|
2004
1961
|
);
|
|
2005
1962
|
}
|
|
@@ -2133,7 +2090,7 @@ var ControlEventBus = class _ControlEventBus extends import_aws_events3.EventBus
|
|
|
2133
2090
|
// src/components/postgres/data-store-postgres-replica.ts
|
|
2134
2091
|
var import_node_fs5 = __toESM(require("fs"));
|
|
2135
2092
|
var import_node_path5 = __toESM(require("path"));
|
|
2136
|
-
var
|
|
2093
|
+
var import_aws_cdk_lib8 = require("aws-cdk-lib");
|
|
2137
2094
|
var ec2 = __toESM(require("aws-cdk-lib/aws-ec2"));
|
|
2138
2095
|
var import_aws_lambda5 = require("aws-cdk-lib/aws-lambda");
|
|
2139
2096
|
var import_aws_lambda_event_sources = require("aws-cdk-lib/aws-lambda-event-sources");
|
|
@@ -2199,7 +2156,7 @@ var DataStorePostgresReplica = class extends import_constructs6.Construct {
|
|
|
2199
2156
|
super(scope, id);
|
|
2200
2157
|
this.databaseName = props.databaseName ?? DEFAULT_DATABASE_NAME;
|
|
2201
2158
|
this.schemaName = getPostgresReplicaSchemaName(props.branchHash);
|
|
2202
|
-
const region =
|
|
2159
|
+
const region = import_aws_cdk_lib8.Stack.of(this).region;
|
|
2203
2160
|
this.vpc = props.vpc ?? new ec2.Vpc(this, "Vpc", {
|
|
2204
2161
|
availabilityZones: [`${region}a`, `${region}b`],
|
|
2205
2162
|
natGateways: 0,
|
|
@@ -2235,7 +2192,7 @@ var DataStorePostgresReplica = class extends import_constructs6.Construct {
|
|
|
2235
2192
|
entry: resolveHandlerEntry5(__dirname),
|
|
2236
2193
|
runtime: import_aws_lambda5.Runtime.NODEJS_LATEST,
|
|
2237
2194
|
memorySize: 512,
|
|
2238
|
-
timeout:
|
|
2195
|
+
timeout: import_aws_cdk_lib8.Duration.minutes(1),
|
|
2239
2196
|
vpc: this.vpc,
|
|
2240
2197
|
vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_ISOLATED },
|
|
2241
2198
|
description: "Replicates DynamoDB current-resource changes into the Postgres `resources` JSONB table (ADR 2026-04-17-01).",
|
|
@@ -2262,7 +2219,7 @@ var DataStorePostgresReplica = class extends import_constructs6.Construct {
|
|
|
2262
2219
|
new import_aws_lambda_event_sources.KinesisEventSource(props.kinesisStream, {
|
|
2263
2220
|
startingPosition: import_aws_lambda5.StartingPosition.LATEST,
|
|
2264
2221
|
batchSize: 100,
|
|
2265
|
-
maxBatchingWindow:
|
|
2222
|
+
maxBatchingWindow: import_aws_cdk_lib8.Duration.seconds(5),
|
|
2266
2223
|
retryAttempts: 10,
|
|
2267
2224
|
bisectBatchOnError: true,
|
|
2268
2225
|
parallelizationFactor: 2,
|
|
@@ -2295,7 +2252,7 @@ var DataStorePostgresReplica = class extends import_constructs6.Construct {
|
|
|
2295
2252
|
};
|
|
2296
2253
|
|
|
2297
2254
|
// src/components/route-53/child-hosted-zone.ts
|
|
2298
|
-
var
|
|
2255
|
+
var import_aws_cdk_lib9 = require("aws-cdk-lib");
|
|
2299
2256
|
var import_aws_route53 = require("aws-cdk-lib/aws-route53");
|
|
2300
2257
|
var ChildHostedZone = class extends import_aws_route53.HostedZone {
|
|
2301
2258
|
constructor(scope, id, props) {
|
|
@@ -2304,7 +2261,7 @@ var ChildHostedZone = class extends import_aws_route53.HostedZone {
|
|
|
2304
2261
|
zone: props.parentHostedZone,
|
|
2305
2262
|
recordName: this.zoneName,
|
|
2306
2263
|
values: this.hostedZoneNameServers || [],
|
|
2307
|
-
ttl:
|
|
2264
|
+
ttl: import_aws_cdk_lib9.Duration.minutes(5)
|
|
2308
2265
|
});
|
|
2309
2266
|
}
|
|
2310
2267
|
};
|
|
@@ -2318,11 +2275,24 @@ var import_constructs7 = require("constructs");
|
|
|
2318
2275
|
var RootHostedZone = class extends import_constructs7.Construct {
|
|
2319
2276
|
};
|
|
2320
2277
|
|
|
2278
|
+
// src/components/static-hosting/static-content.ts
|
|
2279
|
+
var import_aws_s32 = require("aws-cdk-lib/aws-s3");
|
|
2280
|
+
var import_aws_s3_deployment = require("aws-cdk-lib/aws-s3-deployment");
|
|
2281
|
+
var import_change_case2 = require("change-case");
|
|
2282
|
+
var import_constructs9 = require("constructs");
|
|
2283
|
+
|
|
2321
2284
|
// src/components/static-hosting/static-hosting.ts
|
|
2285
|
+
var fs6 = __toESM(require("fs"));
|
|
2286
|
+
var path6 = __toESM(require("path"));
|
|
2287
|
+
var import_aws_cdk_lib10 = require("aws-cdk-lib");
|
|
2322
2288
|
var import_aws_cloudfront = require("aws-cdk-lib/aws-cloudfront");
|
|
2323
2289
|
var import_aws_cloudfront_origins = require("aws-cdk-lib/aws-cloudfront-origins");
|
|
2290
|
+
var import_aws_lambda6 = require("aws-cdk-lib/aws-lambda");
|
|
2291
|
+
var import_aws_lambda_nodejs6 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
2292
|
+
var import_aws_logs = require("aws-cdk-lib/aws-logs");
|
|
2293
|
+
var import_aws_route532 = require("aws-cdk-lib/aws-route53");
|
|
2294
|
+
var import_aws_route53_targets = require("aws-cdk-lib/aws-route53-targets");
|
|
2324
2295
|
var import_aws_s3 = require("aws-cdk-lib/aws-s3");
|
|
2325
|
-
var import_core = require("aws-cdk-lib/core");
|
|
2326
2296
|
var import_constructs8 = require("constructs");
|
|
2327
2297
|
var STATIC_HOSTING_SERVICE_TYPE = "website";
|
|
2328
2298
|
var _StaticHosting = class _StaticHosting extends import_constructs8.Construct {
|
|
@@ -2330,6 +2300,7 @@ var _StaticHosting = class _StaticHosting extends import_constructs8.Construct {
|
|
|
2330
2300
|
super(scope, id);
|
|
2331
2301
|
const stack = OpenHiService.of(scope);
|
|
2332
2302
|
const serviceType = props.serviceType ?? STATIC_HOSTING_SERVICE_TYPE;
|
|
2303
|
+
const hostingMode = props.hostingMode ?? "spa";
|
|
2333
2304
|
this.bucket = new import_aws_s3.Bucket(this, "bucket", {
|
|
2334
2305
|
blockPublicAccess: {
|
|
2335
2306
|
blockPublicAcls: true,
|
|
@@ -2339,30 +2310,105 @@ var _StaticHosting = class _StaticHosting extends import_constructs8.Construct {
|
|
|
2339
2310
|
},
|
|
2340
2311
|
...props.bucketProps
|
|
2341
2312
|
});
|
|
2342
|
-
const
|
|
2313
|
+
const handlerJs = path6.join(
|
|
2314
|
+
__dirname,
|
|
2315
|
+
"static-hosting.viewer-request-handler.js"
|
|
2316
|
+
);
|
|
2317
|
+
const handlerTs = path6.join(
|
|
2318
|
+
__dirname,
|
|
2319
|
+
"static-hosting.viewer-request-handler.ts"
|
|
2320
|
+
);
|
|
2321
|
+
const handlerEntry = fs6.existsSync(handlerJs) ? handlerJs : handlerTs;
|
|
2322
|
+
this.viewerRequestHandler = new import_aws_lambda_nodejs6.NodejsFunction(
|
|
2323
|
+
this,
|
|
2324
|
+
"viewer-request-handler",
|
|
2325
|
+
{
|
|
2326
|
+
entry: handlerEntry,
|
|
2327
|
+
handler: hostingMode === "static" ? "staticHandler" : "spaHandler",
|
|
2328
|
+
memorySize: 128,
|
|
2329
|
+
runtime: import_aws_lambda6.Runtime.NODEJS_LATEST,
|
|
2330
|
+
logGroup: new import_aws_logs.LogGroup(this, "viewer-request-handler-log-group", {
|
|
2331
|
+
retention: import_aws_logs.RetentionDays.ONE_MONTH
|
|
2332
|
+
})
|
|
2333
|
+
}
|
|
2334
|
+
);
|
|
2343
2335
|
const cachePolicy = new import_aws_cloudfront.CachePolicy(this, "cache-policy", {
|
|
2344
|
-
cachePolicyName: `static-hosting
|
|
2345
|
-
comment: "
|
|
2346
|
-
defaultTtl:
|
|
2347
|
-
minTtl:
|
|
2348
|
-
maxTtl:
|
|
2349
|
-
|
|
2336
|
+
cachePolicyName: `static-hosting-${stack.branchHash}`,
|
|
2337
|
+
comment: "Static hosting default: 60s default / 300s max, gzip+brotli.",
|
|
2338
|
+
defaultTtl: import_aws_cdk_lib10.Duration.seconds(60),
|
|
2339
|
+
minTtl: import_aws_cdk_lib10.Duration.seconds(0),
|
|
2340
|
+
maxTtl: import_aws_cdk_lib10.Duration.seconds(300),
|
|
2341
|
+
headerBehavior: import_aws_cloudfront.CacheHeaderBehavior.none(),
|
|
2342
|
+
queryStringBehavior: import_aws_cloudfront.CacheQueryStringBehavior.none(),
|
|
2343
|
+
cookieBehavior: import_aws_cloudfront.CacheCookieBehavior.none(),
|
|
2344
|
+
enableAcceptEncodingGzip: true,
|
|
2345
|
+
enableAcceptEncodingBrotli: true,
|
|
2346
|
+
...props.cachePolicyProps
|
|
2347
|
+
});
|
|
2348
|
+
const oac = new import_aws_cloudfront.S3OriginAccessControl(this, "origin-access-control", {
|
|
2349
|
+
signing: import_aws_cloudfront.Signing.SIGV4_NO_OVERRIDE
|
|
2350
|
+
});
|
|
2351
|
+
const origin = import_aws_cloudfront_origins.S3BucketOrigin.withOriginAccessControl(this.bucket, {
|
|
2352
|
+
originAccessControl: oac,
|
|
2353
|
+
originAccessLevels: [import_aws_cloudfront.AccessLevel.READ]
|
|
2354
|
+
});
|
|
2355
|
+
const hasCustomDomain = props.certificate !== void 0 && props.hostedZone !== void 0 && props.domainNames !== void 0 && props.domainNames.length > 0;
|
|
2350
2356
|
this.distribution = new import_aws_cloudfront.Distribution(this, "distribution", {
|
|
2357
|
+
comment: `Static hosting distribution for ${props.description ?? id}`,
|
|
2358
|
+
...hasCustomDomain ? {
|
|
2359
|
+
certificate: props.certificate,
|
|
2360
|
+
domainNames: [...props.domainNames]
|
|
2361
|
+
} : {},
|
|
2362
|
+
defaultRootObject: "index.html",
|
|
2351
2363
|
defaultBehavior: {
|
|
2352
2364
|
origin,
|
|
2353
|
-
|
|
2365
|
+
viewerProtocolPolicy: import_aws_cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
2366
|
+
cachePolicy,
|
|
2367
|
+
allowedMethods: import_aws_cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
|
|
2368
|
+
edgeLambdas: [
|
|
2369
|
+
{
|
|
2370
|
+
functionVersion: this.viewerRequestHandler.currentVersion,
|
|
2371
|
+
eventType: import_aws_cloudfront.LambdaEdgeEventType.VIEWER_REQUEST,
|
|
2372
|
+
includeBody: false
|
|
2373
|
+
}
|
|
2374
|
+
]
|
|
2354
2375
|
},
|
|
2355
2376
|
...props.distributionProps
|
|
2356
2377
|
});
|
|
2378
|
+
if (hasCustomDomain) {
|
|
2379
|
+
props.domainNames.forEach((domainName, index) => {
|
|
2380
|
+
new import_aws_route532.ARecord(this, `dns-record-${index}`, {
|
|
2381
|
+
zone: props.hostedZone,
|
|
2382
|
+
recordName: domainName,
|
|
2383
|
+
target: import_aws_route532.RecordTarget.fromAlias(
|
|
2384
|
+
new import_aws_route53_targets.CloudFrontTarget(this.distribution)
|
|
2385
|
+
)
|
|
2386
|
+
});
|
|
2387
|
+
});
|
|
2388
|
+
}
|
|
2357
2389
|
new DiscoverableStringParameter(this, "bucket-arn-param", {
|
|
2358
2390
|
ssmParamName: _StaticHosting.SSM_PARAM_NAME_BUCKET_ARN,
|
|
2359
2391
|
serviceType,
|
|
2360
|
-
stringValue: this.bucket.bucketArn
|
|
2392
|
+
stringValue: this.bucket.bucketArn,
|
|
2393
|
+
description: `Static hosting bucket ARN (${props.description ?? id})`
|
|
2361
2394
|
});
|
|
2362
2395
|
new DiscoverableStringParameter(this, "distribution-arn-param", {
|
|
2363
2396
|
ssmParamName: _StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ARN,
|
|
2364
2397
|
serviceType,
|
|
2365
|
-
stringValue: this.distribution.distributionArn
|
|
2398
|
+
stringValue: this.distribution.distributionArn,
|
|
2399
|
+
description: `Static hosting distribution ARN (${props.description ?? id})`
|
|
2400
|
+
});
|
|
2401
|
+
new DiscoverableStringParameter(this, "distribution-domain-param", {
|
|
2402
|
+
ssmParamName: _StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_DOMAIN,
|
|
2403
|
+
serviceType,
|
|
2404
|
+
stringValue: this.distribution.domainName,
|
|
2405
|
+
description: `Static hosting distribution domain (${props.description ?? id})`
|
|
2406
|
+
});
|
|
2407
|
+
new DiscoverableStringParameter(this, "distribution-id-param", {
|
|
2408
|
+
ssmParamName: _StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ID,
|
|
2409
|
+
serviceType,
|
|
2410
|
+
stringValue: this.distribution.distributionId,
|
|
2411
|
+
description: `Static hosting distribution ID (${props.description ?? id})`
|
|
2366
2412
|
});
|
|
2367
2413
|
}
|
|
2368
2414
|
};
|
|
@@ -2374,14 +2420,51 @@ _StaticHosting.SSM_PARAM_NAME_BUCKET_ARN = "STATIC_HOSTING_BUCKET_ARN";
|
|
|
2374
2420
|
* SSM parameter name for the CloudFront distribution ARN.
|
|
2375
2421
|
*/
|
|
2376
2422
|
_StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ARN = "STATIC_HOSTING_DISTRIBUTION_ARN";
|
|
2423
|
+
/**
|
|
2424
|
+
* SSM parameter name for the CloudFront distribution domain
|
|
2425
|
+
* (e.g. dXXXXX.cloudfront.net).
|
|
2426
|
+
*/
|
|
2427
|
+
_StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_DOMAIN = "STATIC_HOSTING_DISTRIBUTION_DOMAIN";
|
|
2428
|
+
/**
|
|
2429
|
+
* SSM parameter name for the CloudFront distribution ID.
|
|
2430
|
+
*/
|
|
2431
|
+
_StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ID = "STATIC_HOSTING_DISTRIBUTION_ID";
|
|
2377
2432
|
var StaticHosting = _StaticHosting;
|
|
2378
2433
|
|
|
2434
|
+
// src/components/static-hosting/static-content.ts
|
|
2435
|
+
var StaticContent = class extends import_constructs9.Construct {
|
|
2436
|
+
constructor(scope, id, props) {
|
|
2437
|
+
super(scope, id);
|
|
2438
|
+
const stack = OpenHiService.of(scope);
|
|
2439
|
+
const {
|
|
2440
|
+
contentSourceDirectory,
|
|
2441
|
+
contentDestinationDirectory = "/",
|
|
2442
|
+
subDomain = stack.branchName,
|
|
2443
|
+
fullDomain,
|
|
2444
|
+
serviceType = STATIC_HOSTING_SERVICE_TYPE
|
|
2445
|
+
} = props;
|
|
2446
|
+
const keyPrefix = [(0, import_change_case2.paramCase)(subDomain), fullDomain].join(".");
|
|
2447
|
+
const bucketArn = DiscoverableStringParameter.valueForLookupName(this, {
|
|
2448
|
+
ssmParamName: StaticHosting.SSM_PARAM_NAME_BUCKET_ARN,
|
|
2449
|
+
serviceType
|
|
2450
|
+
});
|
|
2451
|
+
const bucket = import_aws_s32.Bucket.fromBucketArn(this, "bucket", bucketArn);
|
|
2452
|
+
const isTestEnv = process.env.JEST_WORKER_ID !== void 0;
|
|
2453
|
+
const sources = isTestEnv ? [] : [import_aws_s3_deployment.Source.asset(contentSourceDirectory)];
|
|
2454
|
+
new import_aws_s3_deployment.BucketDeployment(this, "deploy", {
|
|
2455
|
+
sources,
|
|
2456
|
+
destinationBucket: bucket,
|
|
2457
|
+
retainOnDelete: false,
|
|
2458
|
+
destinationKeyPrefix: `${keyPrefix}${contentDestinationDirectory}`
|
|
2459
|
+
});
|
|
2460
|
+
}
|
|
2461
|
+
};
|
|
2462
|
+
|
|
2379
2463
|
// src/services/open-hi-auth-service.ts
|
|
2380
|
-
var
|
|
2381
|
-
var import_aws_cognito5 = require("aws-cdk-lib/aws-cognito");
|
|
2464
|
+
var import_aws_cognito4 = require("aws-cdk-lib/aws-cognito");
|
|
2382
2465
|
var import_aws_iam6 = require("aws-cdk-lib/aws-iam");
|
|
2383
2466
|
var import_aws_kms2 = require("aws-cdk-lib/aws-kms");
|
|
2384
|
-
var
|
|
2467
|
+
var import_core = require("aws-cdk-lib/core");
|
|
2385
2468
|
|
|
2386
2469
|
// src/services/open-hi-data-service.ts
|
|
2387
2470
|
var import_config4 = __toESM(require_lib());
|
|
@@ -2391,7 +2474,7 @@ var kinesis = __toESM(require("aws-cdk-lib/aws-kinesis"));
|
|
|
2391
2474
|
// src/services/open-hi-global-service.ts
|
|
2392
2475
|
var import_aws_certificatemanager2 = require("aws-cdk-lib/aws-certificatemanager");
|
|
2393
2476
|
var import_aws_events5 = require("aws-cdk-lib/aws-events");
|
|
2394
|
-
var
|
|
2477
|
+
var import_aws_route533 = require("aws-cdk-lib/aws-route53");
|
|
2395
2478
|
var import_aws_ssm3 = require("aws-cdk-lib/aws-ssm");
|
|
2396
2479
|
|
|
2397
2480
|
// src/workflows/control-plane/platform-deploy-bridge/events.ts
|
|
@@ -2404,7 +2487,7 @@ var OPENHI_TAG_KEY_PREFIX_ENV_VAR = "OPENHI_TAG_KEY_PREFIX";
|
|
|
2404
2487
|
var PLATFORM_DEPLOY_BRIDGE_ACTOR_SYSTEM = "platform-deploy-bridge";
|
|
2405
2488
|
|
|
2406
2489
|
// src/workflows/control-plane/platform-deploy-bridge/platform-deploy-bridge.ts
|
|
2407
|
-
var
|
|
2490
|
+
var import_constructs11 = require("constructs");
|
|
2408
2491
|
|
|
2409
2492
|
// src/workflows/control-plane/platform-deploy-bridge/platform-deploy-bridge-lambda.ts
|
|
2410
2493
|
var import_node_fs6 = __toESM(require("fs"));
|
|
@@ -2413,9 +2496,9 @@ var import_aws_cdk_lib11 = require("aws-cdk-lib");
|
|
|
2413
2496
|
var import_aws_events4 = require("aws-cdk-lib/aws-events");
|
|
2414
2497
|
var import_aws_events_targets = require("aws-cdk-lib/aws-events-targets");
|
|
2415
2498
|
var import_aws_iam2 = require("aws-cdk-lib/aws-iam");
|
|
2416
|
-
var
|
|
2417
|
-
var
|
|
2418
|
-
var
|
|
2499
|
+
var import_aws_lambda7 = require("aws-cdk-lib/aws-lambda");
|
|
2500
|
+
var import_aws_lambda_nodejs7 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
2501
|
+
var import_constructs10 = require("constructs");
|
|
2419
2502
|
var HANDLER_NAME6 = "platform-deploy-bridge.handler.js";
|
|
2420
2503
|
function resolveHandlerEntry6(dirname) {
|
|
2421
2504
|
const sameDir = import_node_path6.default.join(dirname, HANDLER_NAME6);
|
|
@@ -2424,7 +2507,7 @@ function resolveHandlerEntry6(dirname) {
|
|
|
2424
2507
|
}
|
|
2425
2508
|
return import_node_path6.default.join(dirname, "..", "..", "..", "..", "lib", HANDLER_NAME6);
|
|
2426
2509
|
}
|
|
2427
|
-
var PlatformDeployBridgeLambda = class extends
|
|
2510
|
+
var PlatformDeployBridgeLambda = class extends import_constructs10.Construct {
|
|
2428
2511
|
constructor(scope, props) {
|
|
2429
2512
|
super(scope, "platform-deploy-bridge-lambda");
|
|
2430
2513
|
const service = OpenHiService.of(this);
|
|
@@ -2437,9 +2520,9 @@ var PlatformDeployBridgeLambda = class extends import_constructs9.Construct {
|
|
|
2437
2520
|
const ownSuffix = `-${service.serviceId}-${import_aws_cdk_lib11.Stack.of(this).account}-${import_aws_cdk_lib11.Stack.of(this).region}`;
|
|
2438
2521
|
const sharedPrefix = ownStackName.endsWith(ownSuffix) ? ownStackName.slice(0, -ownSuffix.length) : service.branchHash;
|
|
2439
2522
|
const stackIdPrefix = `arn:aws:cloudformation:${import_aws_cdk_lib11.Stack.of(this).region}:${import_aws_cdk_lib11.Stack.of(this).account}:stack/${sharedPrefix}-`;
|
|
2440
|
-
this.lambda = new
|
|
2523
|
+
this.lambda = new import_aws_lambda_nodejs7.NodejsFunction(this, "handler", {
|
|
2441
2524
|
entry: resolveHandlerEntry6(__dirname),
|
|
2442
|
-
runtime:
|
|
2525
|
+
runtime: import_aws_lambda7.Runtime.NODEJS_LATEST,
|
|
2443
2526
|
memorySize: 256,
|
|
2444
2527
|
timeout: import_aws_cdk_lib11.Duration.seconds(30),
|
|
2445
2528
|
environment: {
|
|
@@ -2480,7 +2563,7 @@ var PlatformDeployBridgeLambda = class extends import_constructs9.Construct {
|
|
|
2480
2563
|
};
|
|
2481
2564
|
|
|
2482
2565
|
// src/workflows/control-plane/platform-deploy-bridge/platform-deploy-bridge.ts
|
|
2483
|
-
var PlatformDeployBridge = class extends
|
|
2566
|
+
var PlatformDeployBridge = class extends import_constructs11.Construct {
|
|
2484
2567
|
constructor(scope, props) {
|
|
2485
2568
|
super(scope, "platform-deploy-bridge");
|
|
2486
2569
|
this.bridgeLambda = new PlatformDeployBridgeLambda(this, {
|
|
@@ -2495,7 +2578,7 @@ var _OpenHiGlobalService = class _OpenHiGlobalService extends OpenHiService {
|
|
|
2495
2578
|
* Returns an IHostedZone from the given attributes (no SSM). Use when the zone is imported from config.
|
|
2496
2579
|
*/
|
|
2497
2580
|
static rootHostedZoneFromConstruct(scope, props) {
|
|
2498
|
-
return
|
|
2581
|
+
return import_aws_route533.HostedZone.fromHostedZoneAttributes(scope, "root-zone", props);
|
|
2499
2582
|
}
|
|
2500
2583
|
/**
|
|
2501
2584
|
* Returns an ICertificate by looking up the Global stack's wildcard cert ARN from SSM.
|
|
@@ -2519,7 +2602,7 @@ var _OpenHiGlobalService = class _OpenHiGlobalService extends OpenHiService {
|
|
|
2519
2602
|
ssmParamName: ChildHostedZone.SSM_PARAM_NAME,
|
|
2520
2603
|
serviceType: props.serviceType ?? _OpenHiGlobalService.SERVICE_TYPE
|
|
2521
2604
|
});
|
|
2522
|
-
return
|
|
2605
|
+
return import_aws_route533.HostedZone.fromHostedZoneAttributes(scope, "child-zone", {
|
|
2523
2606
|
hostedZoneId,
|
|
2524
2607
|
zoneName: props.zoneName
|
|
2525
2608
|
});
|
|
@@ -2764,67 +2847,434 @@ var demoRolesForUserInTenant = (_user, _tenantId) => {
|
|
|
2764
2847
|
void _tenantId;
|
|
2765
2848
|
return [import_types.PLATFORM_ROLE_CODE.TENANT_ADMIN];
|
|
2766
2849
|
};
|
|
2767
|
-
|
|
2768
|
-
|
|
2769
|
-
var
|
|
2770
|
-
|
|
2771
|
-
|
|
2772
|
-
|
|
2773
|
-
|
|
2774
|
-
|
|
2775
|
-
|
|
2776
|
-
|
|
2777
|
-
|
|
2778
|
-
|
|
2850
|
+
|
|
2851
|
+
// src/workflows/control-plane/seed-demo-data/data-plane-fixtures.ts
|
|
2852
|
+
var fixtureIdentifiers = (scenario, tenantId, workspaceId, resourceType, id, roleSuffix) => [
|
|
2853
|
+
demoScenarioIdentifier(scenario, roleSuffix),
|
|
2854
|
+
openhiResourceIdentifier({
|
|
2855
|
+
tenantId,
|
|
2856
|
+
workspaceId,
|
|
2857
|
+
resourceType,
|
|
2858
|
+
id
|
|
2859
|
+
})
|
|
2860
|
+
];
|
|
2861
|
+
var buildWoundCareFixtures = (scenario, tenantId, workspaceId, idPrefix) => ({
|
|
2862
|
+
tenantId,
|
|
2863
|
+
workspaceId,
|
|
2864
|
+
scenario,
|
|
2865
|
+
patients: [
|
|
2866
|
+
{
|
|
2867
|
+
resourceType: "Patient",
|
|
2868
|
+
id: `${idPrefix}-patient-1`,
|
|
2869
|
+
identifier: fixtureIdentifiers(
|
|
2870
|
+
scenario,
|
|
2871
|
+
tenantId,
|
|
2872
|
+
workspaceId,
|
|
2873
|
+
"Patient",
|
|
2874
|
+
`${idPrefix}-patient-1`,
|
|
2875
|
+
`patient-1`
|
|
2876
|
+
),
|
|
2877
|
+
active: true,
|
|
2878
|
+
name: [{ family: "Carter", given: ["Eleanor"], use: "official" }],
|
|
2879
|
+
gender: "female",
|
|
2880
|
+
birthDate: "1952-04-18"
|
|
2881
|
+
},
|
|
2882
|
+
{
|
|
2883
|
+
resourceType: "Patient",
|
|
2884
|
+
id: `${idPrefix}-patient-2`,
|
|
2885
|
+
identifier: fixtureIdentifiers(
|
|
2886
|
+
scenario,
|
|
2887
|
+
tenantId,
|
|
2888
|
+
workspaceId,
|
|
2889
|
+
"Patient",
|
|
2890
|
+
`${idPrefix}-patient-2`,
|
|
2891
|
+
`patient-2`
|
|
2892
|
+
),
|
|
2893
|
+
active: true,
|
|
2894
|
+
name: [{ family: "Nguyen", given: ["Hao"], use: "official" }],
|
|
2895
|
+
gender: "male",
|
|
2896
|
+
birthDate: "1968-11-02"
|
|
2779
2897
|
}
|
|
2780
|
-
|
|
2781
|
-
|
|
2782
|
-
|
|
2783
|
-
|
|
2784
|
-
|
|
2785
|
-
|
|
2786
|
-
|
|
2787
|
-
|
|
2788
|
-
|
|
2789
|
-
|
|
2790
|
-
|
|
2791
|
-
|
|
2792
|
-
|
|
2898
|
+
],
|
|
2899
|
+
practitioners: [
|
|
2900
|
+
{
|
|
2901
|
+
resourceType: "Practitioner",
|
|
2902
|
+
id: `${idPrefix}-practitioner-1`,
|
|
2903
|
+
identifier: fixtureIdentifiers(
|
|
2904
|
+
scenario,
|
|
2905
|
+
tenantId,
|
|
2906
|
+
workspaceId,
|
|
2907
|
+
"Practitioner",
|
|
2908
|
+
`${idPrefix}-practitioner-1`,
|
|
2909
|
+
`practitioner-1`
|
|
2910
|
+
),
|
|
2911
|
+
active: true,
|
|
2912
|
+
name: [{ family: "Reyes", given: ["Maria"], prefix: ["Dr."] }],
|
|
2913
|
+
gender: "female"
|
|
2914
|
+
},
|
|
2915
|
+
{
|
|
2916
|
+
resourceType: "Practitioner",
|
|
2917
|
+
id: `${idPrefix}-practitioner-2`,
|
|
2918
|
+
identifier: fixtureIdentifiers(
|
|
2919
|
+
scenario,
|
|
2920
|
+
tenantId,
|
|
2921
|
+
workspaceId,
|
|
2922
|
+
"Practitioner",
|
|
2923
|
+
`${idPrefix}-practitioner-2`,
|
|
2924
|
+
`practitioner-2`
|
|
2925
|
+
),
|
|
2926
|
+
active: true,
|
|
2927
|
+
name: [{ family: "Okafor", given: ["Chinedu"], prefix: ["Dr."] }],
|
|
2928
|
+
gender: "male"
|
|
2929
|
+
}
|
|
2930
|
+
],
|
|
2931
|
+
observations: [
|
|
2932
|
+
{
|
|
2933
|
+
resourceType: "Observation",
|
|
2934
|
+
id: `${idPrefix}-observation-1`,
|
|
2935
|
+
identifier: fixtureIdentifiers(
|
|
2936
|
+
scenario,
|
|
2937
|
+
tenantId,
|
|
2938
|
+
workspaceId,
|
|
2939
|
+
"Observation",
|
|
2940
|
+
`${idPrefix}-observation-1`,
|
|
2941
|
+
`observation-1`
|
|
2942
|
+
),
|
|
2943
|
+
status: "final",
|
|
2944
|
+
code: {
|
|
2945
|
+
coding: [
|
|
2946
|
+
{
|
|
2947
|
+
system: "http://loinc.org",
|
|
2948
|
+
code: "39135-9",
|
|
2949
|
+
display: "Wound size"
|
|
2950
|
+
}
|
|
2951
|
+
]
|
|
2952
|
+
},
|
|
2953
|
+
subject: { reference: `Patient/${idPrefix}-patient-1` },
|
|
2954
|
+
valueString: "3.2cm x 2.1cm"
|
|
2955
|
+
},
|
|
2956
|
+
{
|
|
2957
|
+
resourceType: "Observation",
|
|
2958
|
+
id: `${idPrefix}-observation-2`,
|
|
2959
|
+
identifier: fixtureIdentifiers(
|
|
2960
|
+
scenario,
|
|
2961
|
+
tenantId,
|
|
2962
|
+
workspaceId,
|
|
2963
|
+
"Observation",
|
|
2964
|
+
`${idPrefix}-observation-2`,
|
|
2965
|
+
`observation-2`
|
|
2966
|
+
),
|
|
2967
|
+
status: "final",
|
|
2968
|
+
code: {
|
|
2969
|
+
coding: [
|
|
2970
|
+
{
|
|
2971
|
+
system: "http://loinc.org",
|
|
2972
|
+
code: "72287-2",
|
|
2973
|
+
display: "Wound exudate amount"
|
|
2974
|
+
}
|
|
2975
|
+
]
|
|
2976
|
+
},
|
|
2977
|
+
subject: { reference: `Patient/${idPrefix}-patient-2` },
|
|
2978
|
+
valueString: "moderate"
|
|
2979
|
+
}
|
|
2980
|
+
],
|
|
2981
|
+
encounters: [
|
|
2982
|
+
{
|
|
2983
|
+
resourceType: "Encounter",
|
|
2984
|
+
id: `${idPrefix}-encounter-1`,
|
|
2985
|
+
identifier: fixtureIdentifiers(
|
|
2986
|
+
scenario,
|
|
2987
|
+
tenantId,
|
|
2988
|
+
workspaceId,
|
|
2989
|
+
"Encounter",
|
|
2990
|
+
`${idPrefix}-encounter-1`,
|
|
2991
|
+
`encounter-1`
|
|
2992
|
+
),
|
|
2993
|
+
status: "finished",
|
|
2994
|
+
class: {
|
|
2995
|
+
system: "http://terminology.hl7.org/CodeSystem/v3-ActCode",
|
|
2996
|
+
code: "AMB",
|
|
2997
|
+
display: "ambulatory"
|
|
2998
|
+
},
|
|
2999
|
+
subject: { reference: `Patient/${idPrefix}-patient-1` }
|
|
3000
|
+
},
|
|
3001
|
+
{
|
|
3002
|
+
resourceType: "Encounter",
|
|
3003
|
+
id: `${idPrefix}-encounter-2`,
|
|
3004
|
+
identifier: fixtureIdentifiers(
|
|
3005
|
+
scenario,
|
|
3006
|
+
tenantId,
|
|
3007
|
+
workspaceId,
|
|
3008
|
+
"Encounter",
|
|
3009
|
+
`${idPrefix}-encounter-2`,
|
|
3010
|
+
`encounter-2`
|
|
3011
|
+
),
|
|
3012
|
+
status: "finished",
|
|
3013
|
+
class: {
|
|
3014
|
+
system: "http://terminology.hl7.org/CodeSystem/v3-ActCode",
|
|
3015
|
+
code: "AMB",
|
|
3016
|
+
display: "ambulatory"
|
|
3017
|
+
},
|
|
3018
|
+
subject: { reference: `Patient/${idPrefix}-patient-2` }
|
|
3019
|
+
}
|
|
3020
|
+
],
|
|
3021
|
+
accounts: [
|
|
3022
|
+
{
|
|
3023
|
+
resourceType: "Account",
|
|
3024
|
+
id: `${idPrefix}-account-1`,
|
|
3025
|
+
identifier: fixtureIdentifiers(
|
|
3026
|
+
scenario,
|
|
3027
|
+
tenantId,
|
|
3028
|
+
workspaceId,
|
|
3029
|
+
"Account",
|
|
3030
|
+
`${idPrefix}-account-1`,
|
|
3031
|
+
`account-1`
|
|
3032
|
+
),
|
|
3033
|
+
status: "active",
|
|
3034
|
+
name: "Wound-care self-pay account",
|
|
3035
|
+
subject: [{ reference: `Patient/${idPrefix}-patient-1` }]
|
|
3036
|
+
}
|
|
3037
|
+
]
|
|
3038
|
+
});
|
|
3039
|
+
var buildPrimaryCareFixtures = (scenario, tenantId, workspaceId, idPrefix) => ({
|
|
3040
|
+
tenantId,
|
|
3041
|
+
workspaceId,
|
|
3042
|
+
scenario,
|
|
3043
|
+
patients: [
|
|
3044
|
+
{
|
|
3045
|
+
resourceType: "Patient",
|
|
3046
|
+
id: `${idPrefix}-patient-1`,
|
|
3047
|
+
identifier: fixtureIdentifiers(
|
|
3048
|
+
scenario,
|
|
3049
|
+
tenantId,
|
|
3050
|
+
workspaceId,
|
|
3051
|
+
"Patient",
|
|
3052
|
+
`${idPrefix}-patient-1`,
|
|
3053
|
+
`patient-1`
|
|
3054
|
+
),
|
|
3055
|
+
active: true,
|
|
3056
|
+
name: [{ family: "Bennett", given: ["Sophia"], use: "official" }],
|
|
3057
|
+
gender: "female",
|
|
3058
|
+
birthDate: "1985-06-09"
|
|
3059
|
+
},
|
|
3060
|
+
{
|
|
3061
|
+
resourceType: "Patient",
|
|
3062
|
+
id: `${idPrefix}-patient-2`,
|
|
3063
|
+
identifier: fixtureIdentifiers(
|
|
3064
|
+
scenario,
|
|
3065
|
+
tenantId,
|
|
3066
|
+
workspaceId,
|
|
3067
|
+
"Patient",
|
|
3068
|
+
`${idPrefix}-patient-2`,
|
|
3069
|
+
`patient-2`
|
|
3070
|
+
),
|
|
3071
|
+
active: true,
|
|
3072
|
+
name: [{ family: "Patel", given: ["Arjun"], use: "official" }],
|
|
3073
|
+
gender: "male",
|
|
3074
|
+
birthDate: "1979-02-21"
|
|
3075
|
+
}
|
|
3076
|
+
],
|
|
3077
|
+
practitioners: [
|
|
3078
|
+
{
|
|
3079
|
+
resourceType: "Practitioner",
|
|
3080
|
+
id: `${idPrefix}-practitioner-1`,
|
|
3081
|
+
identifier: fixtureIdentifiers(
|
|
3082
|
+
scenario,
|
|
3083
|
+
tenantId,
|
|
3084
|
+
workspaceId,
|
|
3085
|
+
"Practitioner",
|
|
3086
|
+
`${idPrefix}-practitioner-1`,
|
|
3087
|
+
`practitioner-1`
|
|
3088
|
+
),
|
|
3089
|
+
active: true,
|
|
3090
|
+
name: [{ family: "Lin", given: ["Wei"], prefix: ["Dr."] }],
|
|
3091
|
+
gender: "female"
|
|
3092
|
+
},
|
|
3093
|
+
{
|
|
3094
|
+
resourceType: "Practitioner",
|
|
3095
|
+
id: `${idPrefix}-practitioner-2`,
|
|
3096
|
+
identifier: fixtureIdentifiers(
|
|
3097
|
+
scenario,
|
|
3098
|
+
tenantId,
|
|
3099
|
+
workspaceId,
|
|
3100
|
+
"Practitioner",
|
|
3101
|
+
`${idPrefix}-practitioner-2`,
|
|
3102
|
+
`practitioner-2`
|
|
3103
|
+
),
|
|
3104
|
+
active: true,
|
|
3105
|
+
name: [{ family: "Kowalski", given: ["Piotr"], prefix: ["Dr."] }],
|
|
3106
|
+
gender: "male"
|
|
3107
|
+
}
|
|
3108
|
+
],
|
|
3109
|
+
observations: [
|
|
3110
|
+
{
|
|
3111
|
+
resourceType: "Observation",
|
|
3112
|
+
id: `${idPrefix}-observation-1`,
|
|
3113
|
+
identifier: fixtureIdentifiers(
|
|
3114
|
+
scenario,
|
|
3115
|
+
tenantId,
|
|
3116
|
+
workspaceId,
|
|
3117
|
+
"Observation",
|
|
3118
|
+
`${idPrefix}-observation-1`,
|
|
3119
|
+
`observation-1`
|
|
3120
|
+
),
|
|
3121
|
+
status: "final",
|
|
3122
|
+
code: {
|
|
3123
|
+
coding: [
|
|
3124
|
+
{
|
|
3125
|
+
system: "http://loinc.org",
|
|
3126
|
+
code: "8480-6",
|
|
3127
|
+
display: "Systolic blood pressure"
|
|
3128
|
+
}
|
|
3129
|
+
]
|
|
3130
|
+
},
|
|
3131
|
+
subject: { reference: `Patient/${idPrefix}-patient-1` },
|
|
3132
|
+
valueQuantity: { value: 122, unit: "mm[Hg]" }
|
|
3133
|
+
},
|
|
3134
|
+
{
|
|
3135
|
+
resourceType: "Observation",
|
|
3136
|
+
id: `${idPrefix}-observation-2`,
|
|
3137
|
+
identifier: fixtureIdentifiers(
|
|
3138
|
+
scenario,
|
|
3139
|
+
tenantId,
|
|
3140
|
+
workspaceId,
|
|
3141
|
+
"Observation",
|
|
3142
|
+
`${idPrefix}-observation-2`,
|
|
3143
|
+
`observation-2`
|
|
3144
|
+
),
|
|
3145
|
+
status: "final",
|
|
3146
|
+
code: {
|
|
3147
|
+
coding: [
|
|
3148
|
+
{
|
|
3149
|
+
system: "http://loinc.org",
|
|
3150
|
+
code: "8462-4",
|
|
3151
|
+
display: "Diastolic blood pressure"
|
|
3152
|
+
}
|
|
3153
|
+
]
|
|
3154
|
+
},
|
|
3155
|
+
subject: { reference: `Patient/${idPrefix}-patient-2` },
|
|
3156
|
+
valueQuantity: { value: 78, unit: "mm[Hg]" }
|
|
3157
|
+
}
|
|
3158
|
+
],
|
|
3159
|
+
encounters: [
|
|
3160
|
+
{
|
|
3161
|
+
resourceType: "Encounter",
|
|
3162
|
+
id: `${idPrefix}-encounter-1`,
|
|
3163
|
+
identifier: fixtureIdentifiers(
|
|
3164
|
+
scenario,
|
|
3165
|
+
tenantId,
|
|
3166
|
+
workspaceId,
|
|
3167
|
+
"Encounter",
|
|
3168
|
+
`${idPrefix}-encounter-1`,
|
|
3169
|
+
`encounter-1`
|
|
3170
|
+
),
|
|
3171
|
+
status: "finished",
|
|
3172
|
+
class: {
|
|
3173
|
+
system: "http://terminology.hl7.org/CodeSystem/v3-ActCode",
|
|
3174
|
+
code: "AMB",
|
|
3175
|
+
display: "ambulatory"
|
|
3176
|
+
},
|
|
3177
|
+
subject: { reference: `Patient/${idPrefix}-patient-1` }
|
|
3178
|
+
},
|
|
3179
|
+
{
|
|
3180
|
+
resourceType: "Encounter",
|
|
3181
|
+
id: `${idPrefix}-encounter-2`,
|
|
3182
|
+
identifier: fixtureIdentifiers(
|
|
3183
|
+
scenario,
|
|
3184
|
+
tenantId,
|
|
3185
|
+
workspaceId,
|
|
3186
|
+
"Encounter",
|
|
3187
|
+
`${idPrefix}-encounter-2`,
|
|
3188
|
+
`encounter-2`
|
|
3189
|
+
),
|
|
3190
|
+
status: "in-progress",
|
|
3191
|
+
class: {
|
|
3192
|
+
system: "http://terminology.hl7.org/CodeSystem/v3-ActCode",
|
|
3193
|
+
code: "AMB",
|
|
3194
|
+
display: "ambulatory"
|
|
3195
|
+
},
|
|
3196
|
+
subject: { reference: `Patient/${idPrefix}-patient-2` }
|
|
3197
|
+
}
|
|
3198
|
+
],
|
|
3199
|
+
accounts: [
|
|
3200
|
+
{
|
|
3201
|
+
resourceType: "Account",
|
|
3202
|
+
id: `${idPrefix}-account-1`,
|
|
3203
|
+
identifier: fixtureIdentifiers(
|
|
3204
|
+
scenario,
|
|
3205
|
+
tenantId,
|
|
3206
|
+
workspaceId,
|
|
3207
|
+
"Account",
|
|
3208
|
+
`${idPrefix}-account-1`,
|
|
3209
|
+
`account-1`
|
|
3210
|
+
),
|
|
3211
|
+
status: "active",
|
|
3212
|
+
name: "Primary-care insurance account",
|
|
3213
|
+
subject: [{ reference: `Patient/${idPrefix}-patient-1` }]
|
|
3214
|
+
}
|
|
3215
|
+
]
|
|
3216
|
+
});
|
|
3217
|
+
var DEMO_DATA_PLANE_FIXTURES = [
|
|
3218
|
+
buildWoundCareFixtures(
|
|
3219
|
+
"demo-wound-care",
|
|
3220
|
+
"demo-wound-care-tenant",
|
|
3221
|
+
"demo-wound-care-workspace",
|
|
3222
|
+
"demo-wound-care"
|
|
3223
|
+
),
|
|
3224
|
+
buildPrimaryCareFixtures(
|
|
3225
|
+
"demo-primary-care",
|
|
3226
|
+
"demo-primary-care-tenant",
|
|
3227
|
+
"demo-primary-care-workspace",
|
|
3228
|
+
"demo-primary-care"
|
|
3229
|
+
),
|
|
3230
|
+
buildWoundCareFixtures(
|
|
3231
|
+
"demo-mixed",
|
|
3232
|
+
"demo-mixed-tenant",
|
|
3233
|
+
"demo-mixed-workspace-wound-care",
|
|
3234
|
+
"demo-mixed-wound-care"
|
|
3235
|
+
),
|
|
3236
|
+
buildPrimaryCareFixtures(
|
|
3237
|
+
"demo-mixed",
|
|
3238
|
+
"demo-mixed-tenant",
|
|
3239
|
+
"demo-mixed-workspace-primary-care",
|
|
3240
|
+
"demo-mixed-primary-care"
|
|
3241
|
+
)
|
|
3242
|
+
];
|
|
3243
|
+
var _validateFixturesAgainstTenantSpecs = () => {
|
|
3244
|
+
for (const group of DEMO_DATA_PLANE_FIXTURES) {
|
|
3245
|
+
if (group.tenantId === PLACEHOLDER_TENANT_ID) {
|
|
3246
|
+
throw new Error(
|
|
3247
|
+
"The placeholder tenant must not carry data-plane fixtures."
|
|
2793
3248
|
);
|
|
2794
|
-
for (const roleCode of demoRolesForUserInTenant(user, spec.tenantId)) {
|
|
2795
|
-
keys.push(
|
|
2796
|
-
demoRoleAssignmentPartitionKey(
|
|
2797
|
-
spec.tenantId,
|
|
2798
|
-
demoRoleAssignmentId(user.id, spec.tenantId, roleCode)
|
|
2799
|
-
)
|
|
2800
|
-
);
|
|
2801
|
-
}
|
|
2802
3249
|
}
|
|
2803
|
-
|
|
2804
|
-
|
|
2805
|
-
|
|
2806
|
-
|
|
2807
|
-
|
|
2808
|
-
|
|
2809
|
-
|
|
2810
|
-
|
|
2811
|
-
)
|
|
3250
|
+
const tenant = DEMO_TENANT_SPECS.find((s) => s.tenantId === group.tenantId);
|
|
3251
|
+
if (!tenant) {
|
|
3252
|
+
throw new Error(
|
|
3253
|
+
`Fixture references unknown tenantId "${group.tenantId}". Add a matching entry to DEMO_TENANT_SPECS first.`
|
|
3254
|
+
);
|
|
3255
|
+
}
|
|
3256
|
+
const workspace = tenant.workspaces.find(
|
|
3257
|
+
(ws) => ws.id === group.workspaceId
|
|
2812
3258
|
);
|
|
3259
|
+
if (!workspace) {
|
|
3260
|
+
throw new Error(
|
|
3261
|
+
`Fixture references unknown workspaceId "${group.workspaceId}" for tenant "${group.tenantId}".`
|
|
3262
|
+
);
|
|
3263
|
+
}
|
|
2813
3264
|
}
|
|
2814
|
-
return keys;
|
|
2815
3265
|
};
|
|
3266
|
+
_validateFixturesAgainstTenantSpecs();
|
|
2816
3267
|
|
|
2817
3268
|
// src/workflows/control-plane/seed-demo-data/seed-demo-data-lambda.ts
|
|
2818
3269
|
var import_node_fs7 = __toESM(require("fs"));
|
|
2819
3270
|
var import_node_path7 = __toESM(require("path"));
|
|
2820
|
-
var import_types13 = require("@openhi/types");
|
|
2821
3271
|
var import_aws_cdk_lib12 = require("aws-cdk-lib");
|
|
2822
3272
|
var import_aws_events6 = require("aws-cdk-lib/aws-events");
|
|
2823
3273
|
var import_aws_events_targets2 = require("aws-cdk-lib/aws-events-targets");
|
|
2824
3274
|
var import_aws_iam3 = require("aws-cdk-lib/aws-iam");
|
|
2825
|
-
var
|
|
2826
|
-
var
|
|
2827
|
-
var
|
|
3275
|
+
var import_aws_lambda8 = require("aws-cdk-lib/aws-lambda");
|
|
3276
|
+
var import_aws_lambda_nodejs8 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
3277
|
+
var import_constructs12 = require("constructs");
|
|
2828
3278
|
|
|
2829
3279
|
// src/workflows/control-plane/seed-demo-data/seed-demo-data.handler.ts
|
|
2830
3280
|
var import_node_crypto = require("crypto");
|
|
@@ -5678,6 +6128,21 @@ var import_types10 = require("@openhi/types");
|
|
|
5678
6128
|
// src/lib/compression.ts
|
|
5679
6129
|
var import_node_zlib = require("zlib");
|
|
5680
6130
|
|
|
6131
|
+
// src/data/operations/data/account/account-create-operation.ts
|
|
6132
|
+
var import_ulid = require("ulid");
|
|
6133
|
+
|
|
6134
|
+
// src/data/operations/data/encounter/encounter-create-operation.ts
|
|
6135
|
+
var import_ulid2 = require("ulid");
|
|
6136
|
+
|
|
6137
|
+
// src/data/operations/data/observation/observation-create-operation.ts
|
|
6138
|
+
var import_ulid3 = require("ulid");
|
|
6139
|
+
|
|
6140
|
+
// src/data/operations/data/patient/patient-create-operation.ts
|
|
6141
|
+
var import_ulid4 = require("ulid");
|
|
6142
|
+
|
|
6143
|
+
// src/data/operations/data/practitioner/practitioner-create-operation.ts
|
|
6144
|
+
var import_ulid5 = require("ulid");
|
|
6145
|
+
|
|
5681
6146
|
// src/workflows/control-plane/seed-demo-data/seed-demo-data.handler.ts
|
|
5682
6147
|
var SEED_DEMO_DATA_USER_POOL_ID_ENV_VAR = "SEED_DEMO_DATA_USER_POOL_ID";
|
|
5683
6148
|
|
|
@@ -5690,12 +6155,12 @@ function resolveHandlerEntry7(dirname) {
|
|
|
5690
6155
|
}
|
|
5691
6156
|
return import_node_path7.default.join(dirname, "..", "..", "..", "..", "lib", HANDLER_NAME7);
|
|
5692
6157
|
}
|
|
5693
|
-
var SeedDemoDataLambda = class extends
|
|
6158
|
+
var SeedDemoDataLambda = class extends import_constructs12.Construct {
|
|
5694
6159
|
constructor(scope, props) {
|
|
5695
6160
|
super(scope, "seed-demo-data-lambda");
|
|
5696
|
-
this.lambda = new
|
|
6161
|
+
this.lambda = new import_aws_lambda_nodejs8.NodejsFunction(this, "handler", {
|
|
5697
6162
|
entry: resolveHandlerEntry7(__dirname),
|
|
5698
|
-
runtime:
|
|
6163
|
+
runtime: import_aws_lambda8.Runtime.NODEJS_LATEST,
|
|
5699
6164
|
memorySize: 512,
|
|
5700
6165
|
timeout: import_aws_cdk_lib12.Duration.minutes(2),
|
|
5701
6166
|
environment: {
|
|
@@ -5703,33 +6168,18 @@ var SeedDemoDataLambda = class extends import_constructs11.Construct {
|
|
|
5703
6168
|
[SEED_DEMO_DATA_USER_POOL_ID_ENV_VAR]: props.userPool.userPoolId
|
|
5704
6169
|
}
|
|
5705
6170
|
});
|
|
5706
|
-
const roleReadKeys = Object.values(import_types13.PLATFORM_ROLE_IDS).map(rolePartitionKey);
|
|
5707
6171
|
this.lambda.addToRolePolicy(
|
|
5708
6172
|
new import_aws_iam3.PolicyStatement({
|
|
5709
6173
|
effect: import_aws_iam3.Effect.ALLOW,
|
|
5710
6174
|
actions: ["dynamodb:GetItem"],
|
|
5711
|
-
resources: [props.dataStoreTable.tableArn]
|
|
5712
|
-
conditions: {
|
|
5713
|
-
"ForAllValues:StringEquals": {
|
|
5714
|
-
"dynamodb:LeadingKeys": roleReadKeys
|
|
5715
|
-
}
|
|
5716
|
-
}
|
|
6175
|
+
resources: [props.dataStoreTable.tableArn]
|
|
5717
6176
|
})
|
|
5718
6177
|
);
|
|
5719
|
-
const writeKeys = [
|
|
5720
|
-
...demoBasePartitionKeys(),
|
|
5721
|
-
...demoDevUserPartitionKeys(DEV_USERS)
|
|
5722
|
-
];
|
|
5723
6178
|
this.lambda.addToRolePolicy(
|
|
5724
6179
|
new import_aws_iam3.PolicyStatement({
|
|
5725
6180
|
effect: import_aws_iam3.Effect.ALLOW,
|
|
5726
6181
|
actions: ["dynamodb:PutItem", "dynamodb:UpdateItem"],
|
|
5727
|
-
resources: [props.dataStoreTable.tableArn]
|
|
5728
|
-
conditions: {
|
|
5729
|
-
"ForAllValues:StringEquals": {
|
|
5730
|
-
"dynamodb:LeadingKeys": writeKeys
|
|
5731
|
-
}
|
|
5732
|
-
}
|
|
6182
|
+
resources: [props.dataStoreTable.tableArn]
|
|
5733
6183
|
})
|
|
5734
6184
|
);
|
|
5735
6185
|
this.lambda.addToRolePolicy(
|
|
@@ -5766,8 +6216,8 @@ var SeedDemoDataLambda = class extends import_constructs11.Construct {
|
|
|
5766
6216
|
};
|
|
5767
6217
|
|
|
5768
6218
|
// src/workflows/control-plane/seed-demo-data/seed-demo-data-workflow.ts
|
|
5769
|
-
var
|
|
5770
|
-
var SeedDemoDataWorkflow = class extends
|
|
6219
|
+
var import_constructs13 = require("constructs");
|
|
6220
|
+
var SeedDemoDataWorkflow = class extends import_constructs13.Construct {
|
|
5771
6221
|
constructor(scope, props) {
|
|
5772
6222
|
super(scope, "seed-demo-data-workflow");
|
|
5773
6223
|
this.seedDemoData = new SeedDemoDataLambda(this, {
|
|
@@ -5792,14 +6242,14 @@ var SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR = "CONTROL_EVENT_BUS_NAME";
|
|
|
5792
6242
|
// src/workflows/control-plane/seed-system-data/seed-system-data-lambda.ts
|
|
5793
6243
|
var import_node_fs8 = __toESM(require("fs"));
|
|
5794
6244
|
var import_node_path8 = __toESM(require("path"));
|
|
5795
|
-
var
|
|
6245
|
+
var import_types13 = require("@openhi/types");
|
|
5796
6246
|
var import_aws_cdk_lib13 = require("aws-cdk-lib");
|
|
5797
6247
|
var import_aws_events7 = require("aws-cdk-lib/aws-events");
|
|
5798
6248
|
var import_aws_events_targets3 = require("aws-cdk-lib/aws-events-targets");
|
|
5799
6249
|
var import_aws_iam4 = require("aws-cdk-lib/aws-iam");
|
|
5800
|
-
var
|
|
5801
|
-
var
|
|
5802
|
-
var
|
|
6250
|
+
var import_aws_lambda9 = require("aws-cdk-lib/aws-lambda");
|
|
6251
|
+
var import_aws_lambda_nodejs9 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
6252
|
+
var import_constructs14 = require("constructs");
|
|
5803
6253
|
var HANDLER_NAME8 = "seed-system-data.handler.js";
|
|
5804
6254
|
function resolveHandlerEntry8(dirname) {
|
|
5805
6255
|
const sameDir = import_node_path8.default.join(dirname, HANDLER_NAME8);
|
|
@@ -5808,12 +6258,12 @@ function resolveHandlerEntry8(dirname) {
|
|
|
5808
6258
|
}
|
|
5809
6259
|
return import_node_path8.default.join(dirname, "..", "..", "..", "..", "lib", HANDLER_NAME8);
|
|
5810
6260
|
}
|
|
5811
|
-
var SeedSystemDataLambda = class extends
|
|
6261
|
+
var SeedSystemDataLambda = class extends import_constructs14.Construct {
|
|
5812
6262
|
constructor(scope, props) {
|
|
5813
6263
|
super(scope, "seed-system-data-lambda");
|
|
5814
|
-
this.lambda = new
|
|
6264
|
+
this.lambda = new import_aws_lambda_nodejs9.NodejsFunction(this, "handler", {
|
|
5815
6265
|
entry: resolveHandlerEntry8(__dirname),
|
|
5816
|
-
runtime:
|
|
6266
|
+
runtime: import_aws_lambda9.Runtime.NODEJS_LATEST,
|
|
5817
6267
|
memorySize: 512,
|
|
5818
6268
|
timeout: import_aws_cdk_lib13.Duration.minutes(1),
|
|
5819
6269
|
environment: {
|
|
@@ -5821,7 +6271,7 @@ var SeedSystemDataLambda = class extends import_constructs13.Construct {
|
|
|
5821
6271
|
[SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR]: props.controlEventBus.eventBusName
|
|
5822
6272
|
}
|
|
5823
6273
|
});
|
|
5824
|
-
const roleArns = Object.values(
|
|
6274
|
+
const roleArns = Object.values(import_types13.PLATFORM_ROLE_IDS).map(
|
|
5825
6275
|
(id) => `role#id#${id}`
|
|
5826
6276
|
);
|
|
5827
6277
|
this.lambda.addToRolePolicy(
|
|
@@ -5860,8 +6310,8 @@ var SeedSystemDataLambda = class extends import_constructs13.Construct {
|
|
|
5860
6310
|
};
|
|
5861
6311
|
|
|
5862
6312
|
// src/workflows/control-plane/seed-system-data/seed-system-data-workflow.ts
|
|
5863
|
-
var
|
|
5864
|
-
var SeedSystemDataWorkflow = class extends
|
|
6313
|
+
var import_constructs15 = require("constructs");
|
|
6314
|
+
var SeedSystemDataWorkflow = class extends import_constructs15.Construct {
|
|
5865
6315
|
constructor(scope, props) {
|
|
5866
6316
|
super(scope, "seed-system-data-workflow");
|
|
5867
6317
|
this.seedSystemData = new SeedSystemDataLambda(this, {
|
|
@@ -6018,9 +6468,9 @@ var import_aws_cdk_lib14 = require("aws-cdk-lib");
|
|
|
6018
6468
|
var import_aws_events8 = require("aws-cdk-lib/aws-events");
|
|
6019
6469
|
var import_aws_events_targets4 = require("aws-cdk-lib/aws-events-targets");
|
|
6020
6470
|
var import_aws_iam5 = require("aws-cdk-lib/aws-iam");
|
|
6021
|
-
var
|
|
6022
|
-
var
|
|
6023
|
-
var
|
|
6471
|
+
var import_aws_lambda10 = require("aws-cdk-lib/aws-lambda");
|
|
6472
|
+
var import_aws_lambda_nodejs10 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
6473
|
+
var import_constructs16 = require("constructs");
|
|
6024
6474
|
var HANDLER_NAME9 = "provision-default-workspace.handler.js";
|
|
6025
6475
|
function resolveHandlerEntry9(dirname) {
|
|
6026
6476
|
const sameDir = import_node_path9.default.join(dirname, HANDLER_NAME9);
|
|
@@ -6029,12 +6479,12 @@ function resolveHandlerEntry9(dirname) {
|
|
|
6029
6479
|
}
|
|
6030
6480
|
return import_node_path9.default.join(dirname, "..", "..", "..", "..", "lib", HANDLER_NAME9);
|
|
6031
6481
|
}
|
|
6032
|
-
var ProvisionDefaultWorkspaceLambda = class extends
|
|
6482
|
+
var ProvisionDefaultWorkspaceLambda = class extends import_constructs16.Construct {
|
|
6033
6483
|
constructor(scope, props) {
|
|
6034
6484
|
super(scope, "provision-default-workspace-lambda");
|
|
6035
|
-
this.lambda = new
|
|
6485
|
+
this.lambda = new import_aws_lambda_nodejs10.NodejsFunction(this, "handler", {
|
|
6036
6486
|
entry: resolveHandlerEntry9(__dirname),
|
|
6037
|
-
runtime:
|
|
6487
|
+
runtime: import_aws_lambda10.Runtime.NODEJS_LATEST,
|
|
6038
6488
|
memorySize: 1024,
|
|
6039
6489
|
environment: {
|
|
6040
6490
|
DYNAMO_TABLE_NAME: props.dataStoreTable.tableName
|
|
@@ -6069,8 +6519,8 @@ var ProvisionDefaultWorkspaceLambda = class extends import_constructs15.Construc
|
|
|
6069
6519
|
};
|
|
6070
6520
|
|
|
6071
6521
|
// src/workflows/control-plane/user-onboarding/user-onboarding-workflow.ts
|
|
6072
|
-
var
|
|
6073
|
-
var UserOnboardingWorkflow = class extends
|
|
6522
|
+
var import_constructs17 = require("constructs");
|
|
6523
|
+
var UserOnboardingWorkflow = class extends import_constructs17.Construct {
|
|
6074
6524
|
constructor(scope, props) {
|
|
6075
6525
|
super(scope, "user-onboarding-workflow");
|
|
6076
6526
|
this.provisionDefaultWorkspace = new ProvisionDefaultWorkspaceLambda(this, {
|
|
@@ -6104,7 +6554,6 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6104
6554
|
this.grantPostConfirmationPermissions();
|
|
6105
6555
|
this.userPoolClient = this.createUserPoolClient();
|
|
6106
6556
|
this.userPoolDomain = this.createUserPoolDomain();
|
|
6107
|
-
this.fixtureSeederClient = this.createFixtureSeederClient();
|
|
6108
6557
|
}
|
|
6109
6558
|
/**
|
|
6110
6559
|
* Returns an IUserPool by looking up the Auth stack's User Pool ID from SSM.
|
|
@@ -6114,7 +6563,7 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6114
6563
|
ssmParamName: CognitoUserPool.SSM_PARAM_NAME,
|
|
6115
6564
|
serviceType: _OpenHiAuthService.SERVICE_TYPE
|
|
6116
6565
|
});
|
|
6117
|
-
return
|
|
6566
|
+
return import_aws_cognito4.UserPool.fromUserPoolId(scope, "user-pool", userPoolId);
|
|
6118
6567
|
}
|
|
6119
6568
|
/**
|
|
6120
6569
|
* Returns an IUserPoolClient by looking up the Auth stack's User Pool Client ID from SSM.
|
|
@@ -6127,33 +6576,12 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6127
6576
|
serviceType: _OpenHiAuthService.SERVICE_TYPE
|
|
6128
6577
|
}
|
|
6129
6578
|
);
|
|
6130
|
-
return
|
|
6579
|
+
return import_aws_cognito4.UserPoolClient.fromUserPoolClientId(
|
|
6131
6580
|
scope,
|
|
6132
6581
|
"user-pool-client",
|
|
6133
6582
|
userPoolClientId
|
|
6134
6583
|
);
|
|
6135
6584
|
}
|
|
6136
|
-
/**
|
|
6137
|
-
* Returns the dedicated fixture-seeder IUserPoolClient by looking up
|
|
6138
|
-
* its ID from SSM. Only non-prod auth stacks publish this parameter
|
|
6139
|
-
* (per the conditional in {@link createFixtureSeederClient}); calling
|
|
6140
|
-
* this against a prod-deployed stack will fail at lookup time.
|
|
6141
|
-
*
|
|
6142
|
-
* Consumed by `OpenHiRestApiService` (in non-prod) so the authorizer
|
|
6143
|
-
* accepts tokens issued by this client, and by the seed-fixtures CLI
|
|
6144
|
-
* to drive USER_PASSWORD_AUTH against this client's ID.
|
|
6145
|
-
*/
|
|
6146
|
-
static fixtureSeederClientFromConstruct(scope) {
|
|
6147
|
-
const clientId = DiscoverableStringParameter.valueForLookupName(scope, {
|
|
6148
|
-
ssmParamName: CognitoFixtureSeederClient.SSM_PARAM_NAME,
|
|
6149
|
-
serviceType: _OpenHiAuthService.SERVICE_TYPE
|
|
6150
|
-
});
|
|
6151
|
-
return import_aws_cognito5.UserPoolClient.fromUserPoolClientId(
|
|
6152
|
-
scope,
|
|
6153
|
-
"fixture-seeder-client",
|
|
6154
|
-
clientId
|
|
6155
|
-
);
|
|
6156
|
-
}
|
|
6157
6585
|
/**
|
|
6158
6586
|
* Returns an IUserPoolDomain by looking up the Auth stack's User Pool Domain from SSM.
|
|
6159
6587
|
*/
|
|
@@ -6162,7 +6590,7 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6162
6590
|
ssmParamName: CognitoUserPoolDomain.SSM_PARAM_NAME,
|
|
6163
6591
|
serviceType: _OpenHiAuthService.SERVICE_TYPE
|
|
6164
6592
|
});
|
|
6165
|
-
return
|
|
6593
|
+
return import_aws_cognito4.UserPoolDomain.fromDomainName(scope, "user-pool-domain", domainName);
|
|
6166
6594
|
}
|
|
6167
6595
|
/**
|
|
6168
6596
|
* Returns an IKey (KMS) by looking up the Auth stack's User Pool KMS Key ARN from SSM.
|
|
@@ -6252,16 +6680,16 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6252
6680
|
customSenderKmsKey: this.userPoolKmsKey
|
|
6253
6681
|
});
|
|
6254
6682
|
userPool.addTrigger(
|
|
6255
|
-
|
|
6683
|
+
import_aws_cognito4.UserPoolOperation.PRE_TOKEN_GENERATION_CONFIG,
|
|
6256
6684
|
this.preTokenGenerationLambda,
|
|
6257
|
-
|
|
6685
|
+
import_aws_cognito4.LambdaVersion.V2_0
|
|
6258
6686
|
);
|
|
6259
6687
|
userPool.addTrigger(
|
|
6260
|
-
|
|
6688
|
+
import_aws_cognito4.UserPoolOperation.POST_AUTHENTICATION,
|
|
6261
6689
|
this.postAuthenticationLambda
|
|
6262
6690
|
);
|
|
6263
6691
|
userPool.addTrigger(
|
|
6264
|
-
|
|
6692
|
+
import_aws_cognito4.UserPoolOperation.POST_CONFIRMATION,
|
|
6265
6693
|
this.postConfirmationLambda
|
|
6266
6694
|
);
|
|
6267
6695
|
new DiscoverableStringParameter(this, "user-pool-param", {
|
|
@@ -6310,7 +6738,7 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6310
6738
|
new import_aws_iam6.PolicyStatement({
|
|
6311
6739
|
actions: ["cognito-idp:AdminUserGlobalSignOut"],
|
|
6312
6740
|
resources: [
|
|
6313
|
-
|
|
6741
|
+
import_core.Stack.of(this).formatArn({
|
|
6314
6742
|
service: "cognito-idp",
|
|
6315
6743
|
resource: "userpool",
|
|
6316
6744
|
resourceName: "*"
|
|
@@ -6342,31 +6770,6 @@ var _OpenHiAuthService = class _OpenHiAuthService extends OpenHiService {
|
|
|
6342
6770
|
});
|
|
6343
6771
|
return client;
|
|
6344
6772
|
}
|
|
6345
|
-
/**
|
|
6346
|
-
* Creates the dedicated USER_PASSWORD_AUTH app client for the
|
|
6347
|
-
* `@openhi/seed-fixtures` CLI, **only** in non-prod environments.
|
|
6348
|
-
* Returns `undefined` when this stack is being deployed to a prod
|
|
6349
|
-
* stage so the prod auth stack carries no fixture-seeder code path.
|
|
6350
|
-
*
|
|
6351
|
-
* Operator post-deploy: create a `fixture-seeder` Cognito user with
|
|
6352
|
-
* a service password (manually via console or scripted with
|
|
6353
|
-
* `aws cognito-idp admin-create-user`); the CLI consumes those creds
|
|
6354
|
-
* via env vars to drive `InitiateAuth`.
|
|
6355
|
-
*/
|
|
6356
|
-
createFixtureSeederClient() {
|
|
6357
|
-
if (this.ohEnv.ohStage.stageType === import_config5.OPEN_HI_STAGE.PROD) {
|
|
6358
|
-
return void 0;
|
|
6359
|
-
}
|
|
6360
|
-
const client = new CognitoFixtureSeederClient(this, {
|
|
6361
|
-
userPool: this.userPool
|
|
6362
|
-
});
|
|
6363
|
-
new DiscoverableStringParameter(this, "fixture-seeder-client-param", {
|
|
6364
|
-
ssmParamName: CognitoFixtureSeederClient.SSM_PARAM_NAME,
|
|
6365
|
-
stringValue: client.userPoolClientId,
|
|
6366
|
-
description: "Cognito User Pool Client ID for the OpenHI fixture-seeder CLI (USER_PASSWORD_AUTH; non-prod only); cross-stack reference"
|
|
6367
|
-
});
|
|
6368
|
-
return client;
|
|
6369
|
-
}
|
|
6370
6773
|
/**
|
|
6371
6774
|
* Creates the User Pool Domain (Cognito hosted UI) and exports domain name to SSM.
|
|
6372
6775
|
* Look up via {@link OpenHiAuthService.userPoolDomainFromConstruct}.
|
|
@@ -6391,21 +6794,20 @@ _OpenHiAuthService.SERVICE_TYPE = "auth";
|
|
|
6391
6794
|
var OpenHiAuthService = _OpenHiAuthService;
|
|
6392
6795
|
|
|
6393
6796
|
// src/services/open-hi-rest-api-service.ts
|
|
6394
|
-
var import_config6 = __toESM(require_lib());
|
|
6395
6797
|
var import_aws_apigatewayv22 = require("aws-cdk-lib/aws-apigatewayv2");
|
|
6396
6798
|
var import_aws_apigatewayv2_authorizers = require("aws-cdk-lib/aws-apigatewayv2-authorizers");
|
|
6397
6799
|
var import_aws_apigatewayv2_integrations = require("aws-cdk-lib/aws-apigatewayv2-integrations");
|
|
6398
6800
|
var import_aws_iam7 = require("aws-cdk-lib/aws-iam");
|
|
6399
|
-
var
|
|
6400
|
-
var
|
|
6401
|
-
var
|
|
6801
|
+
var import_aws_route534 = require("aws-cdk-lib/aws-route53");
|
|
6802
|
+
var import_aws_route53_targets2 = require("aws-cdk-lib/aws-route53-targets");
|
|
6803
|
+
var import_core2 = require("aws-cdk-lib/core");
|
|
6402
6804
|
|
|
6403
6805
|
// src/data/lambda/cors-options-lambda.ts
|
|
6404
6806
|
var import_node_fs10 = __toESM(require("fs"));
|
|
6405
6807
|
var import_node_path10 = __toESM(require("path"));
|
|
6406
|
-
var
|
|
6407
|
-
var
|
|
6408
|
-
var
|
|
6808
|
+
var import_aws_lambda11 = require("aws-cdk-lib/aws-lambda");
|
|
6809
|
+
var import_aws_lambda_nodejs11 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
6810
|
+
var import_constructs18 = require("constructs");
|
|
6409
6811
|
var HANDLER_NAME10 = "cors-options-lambda.handler.js";
|
|
6410
6812
|
function resolveHandlerEntry10(dirname) {
|
|
6411
6813
|
const sameDir = import_node_path10.default.join(dirname, HANDLER_NAME10);
|
|
@@ -6415,12 +6817,12 @@ function resolveHandlerEntry10(dirname) {
|
|
|
6415
6817
|
const fromLib = import_node_path10.default.join(dirname, "..", "..", "..", "lib", HANDLER_NAME10);
|
|
6416
6818
|
return fromLib;
|
|
6417
6819
|
}
|
|
6418
|
-
var CorsOptionsLambda = class extends
|
|
6820
|
+
var CorsOptionsLambda = class extends import_constructs18.Construct {
|
|
6419
6821
|
constructor(scope, id = "cors-options-lambda") {
|
|
6420
6822
|
super(scope, id);
|
|
6421
|
-
this.lambda = new
|
|
6823
|
+
this.lambda = new import_aws_lambda_nodejs11.NodejsFunction(this, "handler", {
|
|
6422
6824
|
entry: resolveHandlerEntry10(__dirname),
|
|
6423
|
-
runtime:
|
|
6825
|
+
runtime: import_aws_lambda11.Runtime.NODEJS_LATEST,
|
|
6424
6826
|
memorySize: 128
|
|
6425
6827
|
});
|
|
6426
6828
|
}
|
|
@@ -6429,9 +6831,9 @@ var CorsOptionsLambda = class extends import_constructs17.Construct {
|
|
|
6429
6831
|
// src/data/lambda/rest-api-lambda.ts
|
|
6430
6832
|
var import_node_fs11 = __toESM(require("fs"));
|
|
6431
6833
|
var import_node_path11 = __toESM(require("path"));
|
|
6432
|
-
var
|
|
6433
|
-
var
|
|
6434
|
-
var
|
|
6834
|
+
var import_aws_lambda12 = require("aws-cdk-lib/aws-lambda");
|
|
6835
|
+
var import_aws_lambda_nodejs12 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
6836
|
+
var import_constructs19 = require("constructs");
|
|
6435
6837
|
var HANDLER_NAME11 = "rest-api-lambda.handler.js";
|
|
6436
6838
|
function resolveHandlerEntry11(dirname) {
|
|
6437
6839
|
const sameDir = import_node_path11.default.join(dirname, HANDLER_NAME11);
|
|
@@ -6441,12 +6843,12 @@ function resolveHandlerEntry11(dirname) {
|
|
|
6441
6843
|
const fromLib = import_node_path11.default.join(dirname, "..", "..", "..", "lib", HANDLER_NAME11);
|
|
6442
6844
|
return fromLib;
|
|
6443
6845
|
}
|
|
6444
|
-
var RestApiLambda = class extends
|
|
6846
|
+
var RestApiLambda = class extends import_constructs19.Construct {
|
|
6445
6847
|
constructor(scope, props) {
|
|
6446
6848
|
super(scope, "rest-api-lambda");
|
|
6447
|
-
this.lambda = new
|
|
6849
|
+
this.lambda = new import_aws_lambda_nodejs12.NodejsFunction(this, "handler", {
|
|
6448
6850
|
entry: resolveHandlerEntry11(__dirname),
|
|
6449
|
-
runtime:
|
|
6851
|
+
runtime: import_aws_lambda12.Runtime.NODEJS_LATEST,
|
|
6450
6852
|
memorySize: 1024,
|
|
6451
6853
|
environment: {
|
|
6452
6854
|
DYNAMO_TABLE_NAME: props.dynamoTableName,
|
|
@@ -6524,7 +6926,7 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
|
|
|
6524
6926
|
*/
|
|
6525
6927
|
createHostedZone() {
|
|
6526
6928
|
const { config } = this.props;
|
|
6527
|
-
return
|
|
6929
|
+
return import_aws_route534.HostedZone.fromHostedZoneAttributes(this, "root-zone", {
|
|
6528
6930
|
hostedZoneId: config.hostedZoneId,
|
|
6529
6931
|
zoneName: config.zoneName
|
|
6530
6932
|
});
|
|
@@ -6664,11 +7066,11 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
|
|
|
6664
7066
|
integration
|
|
6665
7067
|
});
|
|
6666
7068
|
const apiPrefix = this.branchName === "main" ? `api` : `api-${this.childZonePrefix}`;
|
|
6667
|
-
new
|
|
7069
|
+
new import_aws_route534.ARecord(this, "api-a-record", {
|
|
6668
7070
|
zone: hostedZone,
|
|
6669
7071
|
recordName: apiPrefix,
|
|
6670
|
-
target:
|
|
6671
|
-
new
|
|
7072
|
+
target: import_aws_route534.RecordTarget.fromAlias(
|
|
7073
|
+
new import_aws_route53_targets2.ApiGatewayv2DomainProperties(
|
|
6672
7074
|
domainName.regionalDomainName,
|
|
6673
7075
|
domainName.regionalHostedZoneId
|
|
6674
7076
|
)
|
|
@@ -6683,16 +7085,10 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
|
|
|
6683
7085
|
createRootHttpApi(domainName) {
|
|
6684
7086
|
const userPool = OpenHiAuthService.userPoolFromConstruct(this);
|
|
6685
7087
|
const userPoolClient = OpenHiAuthService.userPoolClientFromConstruct(this);
|
|
6686
|
-
const userPoolClients = [userPoolClient];
|
|
6687
|
-
if (this.ohEnv.ohStage.stageType !== import_config6.OPEN_HI_STAGE.PROD) {
|
|
6688
|
-
userPoolClients.push(
|
|
6689
|
-
OpenHiAuthService.fixtureSeederClientFromConstruct(this)
|
|
6690
|
-
);
|
|
6691
|
-
}
|
|
6692
7088
|
const cognitoAuthorizer = new import_aws_apigatewayv2_authorizers.HttpUserPoolAuthorizer(
|
|
6693
7089
|
"cognito-authorizer",
|
|
6694
7090
|
userPool,
|
|
6695
|
-
{ userPoolClients }
|
|
7091
|
+
{ userPoolClients: [userPoolClient] }
|
|
6696
7092
|
);
|
|
6697
7093
|
const { corsPreflight: cors, ...restRootHttpApiProps } = this.props.rootHttpApiProps ?? {};
|
|
6698
7094
|
const corsPreflight = cors !== void 0 ? {
|
|
@@ -6711,7 +7107,7 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
|
|
|
6711
7107
|
"Authorization"
|
|
6712
7108
|
],
|
|
6713
7109
|
allowCredentials: cors.allowCredentials ?? true,
|
|
6714
|
-
maxAge: cors.maxAge ??
|
|
7110
|
+
maxAge: cors.maxAge ?? import_core2.Duration.days(1),
|
|
6715
7111
|
...cors.exposeHeaders !== void 0 && {
|
|
6716
7112
|
exposeHeaders: cors.exposeHeaders
|
|
6717
7113
|
}
|
|
@@ -6773,6 +7169,158 @@ var _OpenHiGraphqlService = class _OpenHiGraphqlService extends OpenHiService {
|
|
|
6773
7169
|
_OpenHiGraphqlService.SERVICE_TYPE = "graphql-api";
|
|
6774
7170
|
var OpenHiGraphqlService = _OpenHiGraphqlService;
|
|
6775
7171
|
|
|
7172
|
+
// src/services/open-hi-website-service.ts
|
|
7173
|
+
var SSM_PARAM_NAME_FULL_DOMAIN = "WEBSITE_FULL_DOMAIN";
|
|
7174
|
+
var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
|
|
7175
|
+
/**
|
|
7176
|
+
* Looks up the static-hosting bucket ARN published by the release-branch
|
|
7177
|
+
* deploy of this service.
|
|
7178
|
+
*/
|
|
7179
|
+
static bucketArnFromConstruct(scope) {
|
|
7180
|
+
return DiscoverableStringParameter.valueForLookupName(scope, {
|
|
7181
|
+
ssmParamName: StaticHosting.SSM_PARAM_NAME_BUCKET_ARN,
|
|
7182
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7183
|
+
});
|
|
7184
|
+
}
|
|
7185
|
+
/**
|
|
7186
|
+
* Looks up the CloudFront distribution ARN published by the release-branch
|
|
7187
|
+
* deploy of this service.
|
|
7188
|
+
*/
|
|
7189
|
+
static distributionArnFromConstruct(scope) {
|
|
7190
|
+
return DiscoverableStringParameter.valueForLookupName(scope, {
|
|
7191
|
+
ssmParamName: StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ARN,
|
|
7192
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7193
|
+
});
|
|
7194
|
+
}
|
|
7195
|
+
/**
|
|
7196
|
+
* Looks up the CloudFront distribution domain
|
|
7197
|
+
* (e.g. dXXXXX.cloudfront.net) published by the release-branch deploy.
|
|
7198
|
+
*/
|
|
7199
|
+
static distributionDomainFromConstruct(scope) {
|
|
7200
|
+
return DiscoverableStringParameter.valueForLookupName(scope, {
|
|
7201
|
+
ssmParamName: StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_DOMAIN,
|
|
7202
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7203
|
+
});
|
|
7204
|
+
}
|
|
7205
|
+
/**
|
|
7206
|
+
* Looks up the CloudFront distribution ID published by the release-branch
|
|
7207
|
+
* deploy of this service.
|
|
7208
|
+
*/
|
|
7209
|
+
static distributionIdFromConstruct(scope) {
|
|
7210
|
+
return DiscoverableStringParameter.valueForLookupName(scope, {
|
|
7211
|
+
ssmParamName: StaticHosting.SSM_PARAM_NAME_DISTRIBUTION_ID,
|
|
7212
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7213
|
+
});
|
|
7214
|
+
}
|
|
7215
|
+
/**
|
|
7216
|
+
* Looks up the website's full domain (e.g. www.example.com) published by
|
|
7217
|
+
* the release-branch deploy of this service.
|
|
7218
|
+
*/
|
|
7219
|
+
static fullDomainFromConstruct(scope) {
|
|
7220
|
+
return DiscoverableStringParameter.valueForLookupName(scope, {
|
|
7221
|
+
ssmParamName: SSM_PARAM_NAME_FULL_DOMAIN,
|
|
7222
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7223
|
+
});
|
|
7224
|
+
}
|
|
7225
|
+
get serviceType() {
|
|
7226
|
+
return _OpenHiWebsiteService.SERVICE_TYPE;
|
|
7227
|
+
}
|
|
7228
|
+
constructor(ohEnv, props) {
|
|
7229
|
+
super(ohEnv, _OpenHiWebsiteService.SERVICE_TYPE, props);
|
|
7230
|
+
this.props = props;
|
|
7231
|
+
this.validateConfig(props);
|
|
7232
|
+
const hostedZone = this.createHostedZone();
|
|
7233
|
+
this.fullDomain = this.computeFullDomain(hostedZone);
|
|
7234
|
+
const shouldCreateHostingInfra = props.createHostingInfrastructure ?? this.branchName === this.defaultReleaseBranch;
|
|
7235
|
+
if (shouldCreateHostingInfra) {
|
|
7236
|
+
const certificate = this.createCertificate();
|
|
7237
|
+
this.staticHosting = this.createStaticHosting({
|
|
7238
|
+
certificate,
|
|
7239
|
+
hostedZone
|
|
7240
|
+
});
|
|
7241
|
+
this.createFullDomainParameter();
|
|
7242
|
+
}
|
|
7243
|
+
this.staticContent = this.createStaticContent();
|
|
7244
|
+
}
|
|
7245
|
+
/**
|
|
7246
|
+
* Validates that config required for the website stack is present.
|
|
7247
|
+
*/
|
|
7248
|
+
validateConfig(props) {
|
|
7249
|
+
const { config } = props;
|
|
7250
|
+
if (!config) {
|
|
7251
|
+
throw new Error("Config is required");
|
|
7252
|
+
}
|
|
7253
|
+
if (!config.zoneName) {
|
|
7254
|
+
throw new Error("Zone name is required");
|
|
7255
|
+
}
|
|
7256
|
+
}
|
|
7257
|
+
/**
|
|
7258
|
+
* Looks up the child hosted zone published by the Global service.
|
|
7259
|
+
* Override to customize.
|
|
7260
|
+
*/
|
|
7261
|
+
createHostedZone() {
|
|
7262
|
+
return OpenHiGlobalService.childHostedZoneFromConstruct(this, {
|
|
7263
|
+
zoneName: this.config.zoneName
|
|
7264
|
+
});
|
|
7265
|
+
}
|
|
7266
|
+
/**
|
|
7267
|
+
* Returns the wildcard certificate looked up from the Global service.
|
|
7268
|
+
* Override to customize.
|
|
7269
|
+
*/
|
|
7270
|
+
createCertificate() {
|
|
7271
|
+
return OpenHiGlobalService.rootWildcardCertificateFromConstruct(this);
|
|
7272
|
+
}
|
|
7273
|
+
/**
|
|
7274
|
+
* Computes the full website domain from `domainPrefix` and the child
|
|
7275
|
+
* zone name.
|
|
7276
|
+
*/
|
|
7277
|
+
computeFullDomain(hostedZone) {
|
|
7278
|
+
const prefix = this.props.domainPrefix ?? "www";
|
|
7279
|
+
return [prefix, hostedZone.zoneName].join(".");
|
|
7280
|
+
}
|
|
7281
|
+
/**
|
|
7282
|
+
* Creates the StaticHosting infrastructure (bucket + distribution +
|
|
7283
|
+
* Lambda@Edge + 4 SSM params + DNS).
|
|
7284
|
+
*/
|
|
7285
|
+
createStaticHosting(deps) {
|
|
7286
|
+
return new StaticHosting(this, "static-hosting", {
|
|
7287
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE,
|
|
7288
|
+
certificate: deps.certificate,
|
|
7289
|
+
hostedZone: deps.hostedZone,
|
|
7290
|
+
domainNames: [this.fullDomain],
|
|
7291
|
+
description: `OpenHI website (${this.fullDomain})`
|
|
7292
|
+
});
|
|
7293
|
+
}
|
|
7294
|
+
/**
|
|
7295
|
+
* Creates the SSM parameter that publishes the website's full domain.
|
|
7296
|
+
* Look up via {@link OpenHiWebsiteService.fullDomainFromConstruct}.
|
|
7297
|
+
*/
|
|
7298
|
+
createFullDomainParameter() {
|
|
7299
|
+
new DiscoverableStringParameter(this, "full-domain-param", {
|
|
7300
|
+
ssmParamName: SSM_PARAM_NAME_FULL_DOMAIN,
|
|
7301
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE,
|
|
7302
|
+
stringValue: this.fullDomain,
|
|
7303
|
+
description: "Full website domain (e.g. www.example.com)"
|
|
7304
|
+
});
|
|
7305
|
+
}
|
|
7306
|
+
/**
|
|
7307
|
+
* Creates the StaticContent uploader. Always created so feature-branch
|
|
7308
|
+
* deploys can publish content to their own sub-domain folder against the
|
|
7309
|
+
* release-branch bucket.
|
|
7310
|
+
*/
|
|
7311
|
+
createStaticContent() {
|
|
7312
|
+
const { contentSourceDirectory, contentDestinationDirectory } = this.props;
|
|
7313
|
+
return new StaticContent(this, "static-content", {
|
|
7314
|
+
contentSourceDirectory,
|
|
7315
|
+
contentDestinationDirectory,
|
|
7316
|
+
fullDomain: this.fullDomain,
|
|
7317
|
+
serviceType: _OpenHiWebsiteService.SERVICE_TYPE
|
|
7318
|
+
});
|
|
7319
|
+
}
|
|
7320
|
+
};
|
|
7321
|
+
_OpenHiWebsiteService.SERVICE_TYPE = "website";
|
|
7322
|
+
var OpenHiWebsiteService = _OpenHiWebsiteService;
|
|
7323
|
+
|
|
6776
7324
|
// src/workflows/control-plane/owning-delete-cascade/events.ts
|
|
6777
7325
|
var import_workflows5 = __toESM(require_lib2());
|
|
6778
7326
|
var OWNING_DELETE_CASCADE_CONSUMER_NAME = "owning-delete-cascade";
|
|
@@ -6785,9 +7333,9 @@ var import_node_fs12 = __toESM(require("fs"));
|
|
|
6785
7333
|
var import_node_path12 = __toESM(require("path"));
|
|
6786
7334
|
var import_aws_cdk_lib15 = require("aws-cdk-lib");
|
|
6787
7335
|
var import_aws_iam8 = require("aws-cdk-lib/aws-iam");
|
|
6788
|
-
var
|
|
6789
|
-
var
|
|
6790
|
-
var
|
|
7336
|
+
var import_aws_lambda13 = require("aws-cdk-lib/aws-lambda");
|
|
7337
|
+
var import_aws_lambda_nodejs13 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
7338
|
+
var import_constructs20 = require("constructs");
|
|
6791
7339
|
function resolveHandlerEntry12(dirname, handlerName) {
|
|
6792
7340
|
const sameDir = import_node_path12.default.join(dirname, handlerName);
|
|
6793
7341
|
if (import_node_fs12.default.existsSync(sameDir)) {
|
|
@@ -6796,16 +7344,16 @@ function resolveHandlerEntry12(dirname, handlerName) {
|
|
|
6796
7344
|
const libDir = import_node_path12.default.join(dirname, "..", "..", "..", "..", "lib", handlerName);
|
|
6797
7345
|
return { entry: libDir, handler: "handler" };
|
|
6798
7346
|
}
|
|
6799
|
-
var OwningDeleteCascadeLambdas = class extends
|
|
7347
|
+
var OwningDeleteCascadeLambdas = class extends import_constructs20.Construct {
|
|
6800
7348
|
constructor(scope, props) {
|
|
6801
7349
|
super(scope, "owning-delete-cascade-lambdas");
|
|
6802
7350
|
const listResolved = resolveHandlerEntry12(
|
|
6803
7351
|
__dirname,
|
|
6804
7352
|
"list-chunks.handler.js"
|
|
6805
7353
|
);
|
|
6806
|
-
this.listChunks = new
|
|
7354
|
+
this.listChunks = new import_aws_lambda_nodejs13.NodejsFunction(this, "list-chunks-handler", {
|
|
6807
7355
|
entry: listResolved.entry,
|
|
6808
|
-
runtime:
|
|
7356
|
+
runtime: import_aws_lambda13.Runtime.NODEJS_LATEST,
|
|
6809
7357
|
memorySize: 512,
|
|
6810
7358
|
timeout: import_aws_cdk_lib15.Duration.minutes(1),
|
|
6811
7359
|
environment: {
|
|
@@ -6817,9 +7365,9 @@ var OwningDeleteCascadeLambdas = class extends import_constructs19.Construct {
|
|
|
6817
7365
|
__dirname,
|
|
6818
7366
|
"delete-chunk.handler.js"
|
|
6819
7367
|
);
|
|
6820
|
-
this.deleteChunk = new
|
|
7368
|
+
this.deleteChunk = new import_aws_lambda_nodejs13.NodejsFunction(this, "delete-chunk-handler", {
|
|
6821
7369
|
entry: deleteResolved.entry,
|
|
6822
|
-
runtime:
|
|
7370
|
+
runtime: import_aws_lambda13.Runtime.NODEJS_LATEST,
|
|
6823
7371
|
memorySize: 512,
|
|
6824
7372
|
timeout: import_aws_cdk_lib15.Duration.minutes(1),
|
|
6825
7373
|
environment: {
|
|
@@ -6836,9 +7384,9 @@ var OwningDeleteCascadeLambdas = class extends import_constructs19.Construct {
|
|
|
6836
7384
|
__dirname,
|
|
6837
7385
|
"finalize.handler.js"
|
|
6838
7386
|
);
|
|
6839
|
-
this.finalize = new
|
|
7387
|
+
this.finalize = new import_aws_lambda_nodejs13.NodejsFunction(this, "finalize-handler", {
|
|
6840
7388
|
entry: finalizeResolved.entry,
|
|
6841
|
-
runtime:
|
|
7389
|
+
runtime: import_aws_lambda13.Runtime.NODEJS_LATEST,
|
|
6842
7390
|
memorySize: 512,
|
|
6843
7391
|
timeout: import_aws_cdk_lib15.Duration.minutes(1),
|
|
6844
7392
|
environment: {
|
|
@@ -6863,8 +7411,8 @@ var import_aws_events9 = require("aws-cdk-lib/aws-events");
|
|
|
6863
7411
|
var import_aws_events_targets5 = require("aws-cdk-lib/aws-events-targets");
|
|
6864
7412
|
var import_aws_stepfunctions = require("aws-cdk-lib/aws-stepfunctions");
|
|
6865
7413
|
var import_aws_stepfunctions_tasks = require("aws-cdk-lib/aws-stepfunctions-tasks");
|
|
6866
|
-
var
|
|
6867
|
-
var OwningDeleteCascadeWorkflow = class extends
|
|
7414
|
+
var import_constructs21 = require("constructs");
|
|
7415
|
+
var OwningDeleteCascadeWorkflow = class extends import_constructs21.Construct {
|
|
6868
7416
|
constructor(scope, props) {
|
|
6869
7417
|
super(scope, "owning-delete-cascade-workflow");
|
|
6870
7418
|
this.lambdas = new OwningDeleteCascadeLambdas(this, {
|
|
@@ -7035,9 +7583,9 @@ var import_node_fs13 = __toESM(require("fs"));
|
|
|
7035
7583
|
var import_node_path13 = __toESM(require("path"));
|
|
7036
7584
|
var import_aws_cdk_lib17 = require("aws-cdk-lib");
|
|
7037
7585
|
var import_aws_iam9 = require("aws-cdk-lib/aws-iam");
|
|
7038
|
-
var
|
|
7039
|
-
var
|
|
7040
|
-
var
|
|
7586
|
+
var import_aws_lambda14 = require("aws-cdk-lib/aws-lambda");
|
|
7587
|
+
var import_aws_lambda_nodejs14 = require("aws-cdk-lib/aws-lambda-nodejs");
|
|
7588
|
+
var import_constructs22 = require("constructs");
|
|
7041
7589
|
function resolveHandlerEntry13(dirname, handlerName) {
|
|
7042
7590
|
const sameDir = import_node_path13.default.join(dirname, handlerName);
|
|
7043
7591
|
if (import_node_fs13.default.existsSync(sameDir)) {
|
|
@@ -7046,16 +7594,16 @@ function resolveHandlerEntry13(dirname, handlerName) {
|
|
|
7046
7594
|
const libDir = import_node_path13.default.join(dirname, "..", "..", "..", "..", "lib", handlerName);
|
|
7047
7595
|
return { entry: libDir, handler: "handler" };
|
|
7048
7596
|
}
|
|
7049
|
-
var RenameCascadeLambdas = class extends
|
|
7597
|
+
var RenameCascadeLambdas = class extends import_constructs22.Construct {
|
|
7050
7598
|
constructor(scope, props) {
|
|
7051
7599
|
super(scope, "rename-cascade-lambdas");
|
|
7052
7600
|
const listResolved = resolveHandlerEntry13(
|
|
7053
7601
|
__dirname,
|
|
7054
7602
|
"rename-list-targets.handler.js"
|
|
7055
7603
|
);
|
|
7056
|
-
this.listTargets = new
|
|
7604
|
+
this.listTargets = new import_aws_lambda_nodejs14.NodejsFunction(this, "list-targets-handler", {
|
|
7057
7605
|
entry: listResolved.entry,
|
|
7058
|
-
runtime:
|
|
7606
|
+
runtime: import_aws_lambda14.Runtime.NODEJS_LATEST,
|
|
7059
7607
|
memorySize: 512,
|
|
7060
7608
|
timeout: import_aws_cdk_lib17.Duration.minutes(1),
|
|
7061
7609
|
environment: {
|
|
@@ -7067,9 +7615,9 @@ var RenameCascadeLambdas = class extends import_constructs21.Construct {
|
|
|
7067
7615
|
__dirname,
|
|
7068
7616
|
"rename-rewrite-chunk.handler.js"
|
|
7069
7617
|
);
|
|
7070
|
-
this.rewriteChunk = new
|
|
7618
|
+
this.rewriteChunk = new import_aws_lambda_nodejs14.NodejsFunction(this, "rewrite-chunk-handler", {
|
|
7071
7619
|
entry: rewriteResolved.entry,
|
|
7072
|
-
runtime:
|
|
7620
|
+
runtime: import_aws_lambda14.Runtime.NODEJS_LATEST,
|
|
7073
7621
|
memorySize: 512,
|
|
7074
7622
|
timeout: import_aws_cdk_lib17.Duration.minutes(1),
|
|
7075
7623
|
environment: {
|
|
@@ -7086,9 +7634,9 @@ var RenameCascadeLambdas = class extends import_constructs21.Construct {
|
|
|
7086
7634
|
__dirname,
|
|
7087
7635
|
"rename-finalize.handler.js"
|
|
7088
7636
|
);
|
|
7089
|
-
this.finalize = new
|
|
7637
|
+
this.finalize = new import_aws_lambda_nodejs14.NodejsFunction(this, "finalize-handler", {
|
|
7090
7638
|
entry: finalizeResolved.entry,
|
|
7091
|
-
runtime:
|
|
7639
|
+
runtime: import_aws_lambda14.Runtime.NODEJS_LATEST,
|
|
7092
7640
|
memorySize: 512,
|
|
7093
7641
|
timeout: import_aws_cdk_lib17.Duration.minutes(1),
|
|
7094
7642
|
environment: {
|
|
@@ -7111,8 +7659,8 @@ var import_aws_events10 = require("aws-cdk-lib/aws-events");
|
|
|
7111
7659
|
var import_aws_events_targets6 = require("aws-cdk-lib/aws-events-targets");
|
|
7112
7660
|
var import_aws_stepfunctions2 = require("aws-cdk-lib/aws-stepfunctions");
|
|
7113
7661
|
var import_aws_stepfunctions_tasks2 = require("aws-cdk-lib/aws-stepfunctions-tasks");
|
|
7114
|
-
var
|
|
7115
|
-
var RenameCascadeWorkflow = class extends
|
|
7662
|
+
var import_constructs23 = require("constructs");
|
|
7663
|
+
var RenameCascadeWorkflow = class extends import_constructs23.Construct {
|
|
7116
7664
|
constructor(scope, props) {
|
|
7117
7665
|
super(scope, "rename-cascade-workflow");
|
|
7118
7666
|
this.lambdas = new RenameCascadeLambdas(this, {
|
|
@@ -7280,7 +7828,6 @@ var RenameCascadeWorkflow = class extends import_constructs22.Construct {
|
|
|
7280
7828
|
CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE,
|
|
7281
7829
|
CONTROL_EVENT_BUS_NAME_ENV_VAR,
|
|
7282
7830
|
ChildHostedZone,
|
|
7283
|
-
CognitoFixtureSeederClient,
|
|
7284
7831
|
CognitoUserPool,
|
|
7285
7832
|
CognitoUserPoolClient,
|
|
7286
7833
|
CognitoUserPoolDomain,
|
|
@@ -7295,6 +7842,7 @@ var RenameCascadeWorkflow = class extends import_constructs22.Construct {
|
|
|
7295
7842
|
DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES,
|
|
7296
7843
|
DATA_STORE_CHANGE_DETAIL_TYPE,
|
|
7297
7844
|
DATA_STORE_CHANGE_EVENT_SOURCE,
|
|
7845
|
+
DEMO_DATA_PLANE_FIXTURES,
|
|
7298
7846
|
DEMO_PERIOD,
|
|
7299
7847
|
DEMO_TENANT_SPECS,
|
|
7300
7848
|
DEMO_URN_SYSTEM,
|
|
@@ -7325,6 +7873,7 @@ var RenameCascadeWorkflow = class extends import_constructs22.Construct {
|
|
|
7325
7873
|
OpenHiRestApiService,
|
|
7326
7874
|
OpenHiService,
|
|
7327
7875
|
OpenHiStage,
|
|
7876
|
+
OpenHiWebsiteService,
|
|
7328
7877
|
OpsEventBus,
|
|
7329
7878
|
OwningDeleteCascadeLambdas,
|
|
7330
7879
|
OwningDeleteCascadeWorkflow,
|
|
@@ -7360,11 +7909,13 @@ var RenameCascadeWorkflow = class extends import_constructs22.Construct {
|
|
|
7360
7909
|
SEED_SYSTEM_DATA_ACTOR_SYSTEM,
|
|
7361
7910
|
SEED_SYSTEM_DATA_CONSUMER_NAME,
|
|
7362
7911
|
SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR,
|
|
7912
|
+
SSM_PARAM_NAME_FULL_DOMAIN,
|
|
7363
7913
|
STATIC_HOSTING_SERVICE_TYPE,
|
|
7364
7914
|
SeedDemoDataLambda,
|
|
7365
7915
|
SeedDemoDataWorkflow,
|
|
7366
7916
|
SeedSystemDataLambda,
|
|
7367
7917
|
SeedSystemDataWorkflow,
|
|
7918
|
+
StaticContent,
|
|
7368
7919
|
StaticHosting,
|
|
7369
7920
|
USER_ONBOARDING_EVENT_SOURCE,
|
|
7370
7921
|
UserOnboardingWorkflow,
|
|
@@ -7373,22 +7924,14 @@ var RenameCascadeWorkflow = class extends import_constructs22.Construct {
|
|
|
7373
7924
|
WorkflowDedupTableDuplicateError,
|
|
7374
7925
|
buildFhirCurrentResourceChangeDetail,
|
|
7375
7926
|
buildProvisionDefaultWorkspaceRequestedDetail,
|
|
7376
|
-
demoBasePartitionKeys,
|
|
7377
|
-
demoDevUserPartitionKeys,
|
|
7378
7927
|
demoMembershipId,
|
|
7379
|
-
demoMembershipPartitionKey,
|
|
7380
7928
|
demoRoleAssignmentId,
|
|
7381
|
-
demoRoleAssignmentPartitionKey,
|
|
7382
7929
|
demoRolesForUserInTenant,
|
|
7383
7930
|
demoScenarioIdentifier,
|
|
7384
|
-
demoTenantPartitionKey,
|
|
7385
|
-
demoUserPartitionKey,
|
|
7386
|
-
demoWorkspacePartitionKey,
|
|
7387
7931
|
getDynamoDbDataStoreTableName,
|
|
7388
7932
|
getPostgresReplicaSchemaName,
|
|
7389
7933
|
getWorkflowDedupTableName,
|
|
7390
7934
|
openHiTagKey,
|
|
7391
|
-
openhiResourceIdentifier
|
|
7392
|
-
rolePartitionKey
|
|
7935
|
+
openhiResourceIdentifier
|
|
7393
7936
|
});
|
|
7394
7937
|
//# sourceMappingURL=index.js.map
|