@prism-d1/cli 1.0.26 → 1.0.28

package/dist/assets/infra/lib/api-stack.ts

@@ -0,0 +1,347 @@
+import * as cdk from 'aws-cdk-lib';
+import * as apigateway from 'aws-cdk-lib/aws-apigateway';
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+import * as logs from 'aws-cdk-lib/aws-logs';
+import * as events from 'aws-cdk-lib/aws-events';
+import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
+import * as sqs from 'aws-cdk-lib/aws-sqs';
+import * as path from 'path';
+import { Construct } from 'constructs';
+import { NagSuppressions } from 'cdk-nag';
+
+import * as kms from 'aws-cdk-lib/aws-kms';
+
+export interface ApiStackProps extends cdk.StackProps {
+  eventBus: events.EventBus;
+  eventsTable: dynamodb.Table;
+  metadataTable: dynamodb.Table;
+  kmsKey: kms.IKey;
+}
+
+export class ApiStack extends cdk.Stack {
+  public readonly api: apigateway.RestApi;
+
+  constructor(scope: Construct, id: string, props: ApiStackProps) {
+    super(scope, id, props);
+
+    // -------------------------------------------------------
+    // Dead-letter queue for Lambda failures
+    // -------------------------------------------------------
+    const apiHandlerDlq = new sqs.Queue(this, 'ApiHandlerDLQ', {
+      queueName: 'prism-d1-api-handler-dlq',
+      retentionPeriod: cdk.Duration.days(14),
+      enforceSSL: true,
+    });
+
+    NagSuppressions.addResourceSuppressions(apiHandlerDlq, [
+      {
+        id: 'AwsSolutions-SQS3',
+        reason: 'This is a dead-letter queue itself; a DLQ on a DLQ is not needed.',
+      },
+    ]);
+
+    // -------------------------------------------------------
+    // API handler Lambda
+    // -------------------------------------------------------
+    const apiHandler = new lambda.Function(this, 'ApiHandler', {
+      functionName: 'prism-d1-api-handler',
+      runtime: lambda.Runtime.NODEJS_22_X,
+      handler: 'api-handler.handler',
+      code: lambda.Code.fromAsset(path.join(__dirname, 'lambda'), {
+        bundling: {
+          image: lambda.Runtime.NODEJS_22_X.bundlingImage,
+          command: [
+            'bash', '-c',
+            [
+              'npm init -y > /dev/null 2>&1',
+              'npm install --save @aws-sdk/client-eventbridge @aws-sdk/client-dynamodb esbuild > /dev/null 2>&1',
+              'npx esbuild api-handler.ts --bundle --platform=node --target=node22 --outfile=/asset-output/api-handler.js --external:@aws-sdk/*',
+            ].join(' && '),
+          ],
+          local: {
+            tryBundle(outputDir: string): boolean {
+              try {
+                const { execSync } = require('child_process');
+                execSync(
+                  `npx esbuild ${path.join(__dirname, 'lambda', 'api-handler.ts')} --bundle --platform=node --target=node22 --outfile=${path.join(outputDir, 'api-handler.js')} --external:@aws-sdk/*`,
+                  { stdio: 'pipe' },
+                );
+                return true;
+              } catch {
+                return false;
+              }
+            },
+          },
+        },
+      }),
+      timeout: cdk.Duration.seconds(30),
+      memorySize: 256,
+      reservedConcurrentExecutions: 10,
+      deadLetterQueue: apiHandlerDlq,
+      environment: {
+        EVENT_BUS_NAME: props.eventBus.eventBusName,
+        EVENTS_TABLE: props.eventsTable.tableName,
+        METADATA_TABLE: props.metadataTable.tableName,
+      },
+      logRetention: logs.RetentionDays.ONE_MONTH,
+      description: 'Handles PRISM D1 Velocity API requests',
+    });
+
+    // -------------------------------------------------------
+    // IAM permissions
+    // -------------------------------------------------------
+    props.eventBus.grantPutEventsTo(apiHandler);
+    props.eventsTable.grantReadData(apiHandler);
+    props.metadataTable.grantReadWriteData(apiHandler);
+
+    // -------------------------------------------------------
+    // API Gateway access log group
+    // -------------------------------------------------------
+    const accessLogGroup = new logs.LogGroup(this, 'ApiAccessLogs', {
+      logGroupName: '/aws/apigateway/prism-d1-api-access',
+      retention: logs.RetentionDays.ONE_MONTH,
+      encryptionKey: props.kmsKey,
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+    });
+
+    // -------------------------------------------------------
+    // Request validator
+    // -------------------------------------------------------
+
+    // -------------------------------------------------------
+    // API Gateway REST API
+    // -------------------------------------------------------
+    this.api = new apigateway.RestApi(this, 'PrismD1Api', {
+      restApiName: 'PRISM D1 Velocity API',
+      description: 'Metric ingestion and query API for PRISM D1 Velocity platform',
+      deployOptions: {
+        stageName: 'v1',
+        throttlingBurstLimit: 100,
+        throttlingRateLimit: 50,
+        loggingLevel: apigateway.MethodLoggingLevel.INFO,
+        metricsEnabled: true,
+        accessLogDestination: new apigateway.LogGroupLogDestination(accessLogGroup),
+        accessLogFormat: apigateway.AccessLogFormat.jsonWithStandardFields({
+          caller: true,
+          httpMethod: true,
+          ip: true,
+          protocol: true,
+          requestTime: true,
+          resourcePath: true,
+          responseLength: true,
+          status: true,
+          user: true,
+        }),
+      },
+    });
+
+    const requestValidator = new apigateway.RequestValidator(this, 'RequestValidator', {
+      restApi: this.api,
+      requestValidatorName: 'prism-d1-body-validator',
+      validateRequestBody: true,
+      validateRequestParameters: true,
+    });
+
+    // -------------------------------------------------------
+    // API Key + Usage Plan
+    // -------------------------------------------------------
+    const apiKey = this.api.addApiKey('PrismD1ApiKey', {
+      apiKeyName: 'prism-d1-velocity-key',
+      description: 'API key for PRISM D1 Velocity metric ingestion',
+    });
+
+    const usagePlan = this.api.addUsagePlan('PrismD1UsagePlan', {
+      name: 'prism-d1-standard',
+      description: 'Standard usage plan for PRISM D1 API',
+      throttle: {
+        rateLimit: 50,
+        burstLimit: 100,
+      },
+      quota: {
+        limit: 100_000,
+        period: apigateway.Period.MONTH,
+      },
+    });
+
+    usagePlan.addApiKey(apiKey);
+    usagePlan.addApiStage({ stage: this.api.deploymentStage });
+
+    // -------------------------------------------------------
+    // Request model for POST /metrics
+    // -------------------------------------------------------
+    const metricsModel = new apigateway.Model(this, 'MetricsModel', {
+      restApi: this.api,
+      contentType: 'application/json',
+      modelName: 'MetricsPayload',
+      schema: {
+        type: apigateway.JsonSchemaType.OBJECT,
+        required: ['detail-type', 'detail'],
+        properties: {
+          'detail-type': { type: apigateway.JsonSchemaType.STRING },
+          detail: {
+            type: apigateway.JsonSchemaType.OBJECT,
+            required: ['team_id', 'repo', 'timestamp'],
+            properties: {
+              team_id: { type: apigateway.JsonSchemaType.STRING },
+              repo: { type: apigateway.JsonSchemaType.STRING },
+              timestamp: { type: apigateway.JsonSchemaType.STRING },
+            },
+          },
+        },
+      },
+    });
+
+    // -------------------------------------------------------
+    // Lambda integration
+    // -------------------------------------------------------
+    const lambdaIntegration = new apigateway.LambdaIntegration(apiHandler, {
+      proxy: true,
+    });
+
+    // POST /metrics
+    const metricsResource = this.api.root.addResource('metrics');
+    metricsResource.addMethod('POST', lambdaIntegration, {
+      apiKeyRequired: true,
+      requestValidator,
+      requestModels: { 'application/json': metricsModel },
+    });
+
+    // GET /metrics/{team_id}
+    const teamMetricsResource = metricsResource.addResource('{team_id}');
+    teamMetricsResource.addMethod('GET', lambdaIntegration, {
+      apiKeyRequired: true,
+      requestValidator,
+    });
+
+    // POST /assessment
+    const assessmentResource = this.api.root.addResource('assessment');
+    assessmentResource.addMethod('POST', lambdaIntegration, {
+      apiKeyRequired: true,
+      requestValidator,
+      requestModels: { 'application/json': metricsModel },
+    });
+
+    // POST /security-findings (Security Agent webhook)
+    const securityResource = this.api.root.addResource('security-findings');
+    securityResource.addMethod('POST', lambdaIntegration, {
+      apiKeyRequired: true,
+    });
+
+    // GET /security-findings/{team_id}
+    const teamSecurityResource = securityResource.addResource('{team_id}');
+    teamSecurityResource.addMethod('GET', lambdaIntegration, {
+      apiKeyRequired: true,
+    });
+
+    // -------------------------------------------------------
+    // cdk-nag suppressions
+    // -------------------------------------------------------
+
+    NagSuppressions.addResourceSuppressions(
+      this.api,
+      [
+        {
+          id: 'AwsSolutions-APIG2',
+          reason: 'Request validation is configured on individual methods via requestValidator.',
+        },
+      ],
+      true,
+    );
+
+    // API Gateway uses API key auth; Cognito/IAM auth not required for this internal tool
+    NagSuppressions.addResourceSuppressions(
+      this.api,
+      [
+        {
+          id: 'AwsSolutions-APIG4',
+          reason:
+            'API key authentication is used for this internal metrics ingestion API. ' +
+            'Cognito/IAM authorization is not required for this use case.',
+        },
+        {
+          id: 'AwsSolutions-COG4',
+          reason:
+            'This API uses API key auth, not Cognito. Cognito authorizer is not applicable.',
+        },
+      ],
+      true,
+    );
+
+    // WAF is not attached — acceptable for an internal metrics API behind API keys
+    NagSuppressions.addResourceSuppressions(
+      this.api,
+      [
+        {
+          id: 'AwsSolutions-APIG3',
+          reason:
+            'WAF is not required for this internal metrics API. ' +
+            'Access is controlled via API keys and usage plans.',
+        },
+      ],
+      true,
+    );
+
+    // Lambda IAM wildcard from CDK-generated policies (DynamoDB index ARNs)
+    NagSuppressions.addResourceSuppressions(
+      apiHandler,
+      [
+        {
+          id: 'AwsSolutions-IAM5',
+          reason:
+            'Wildcard in DynamoDB index ARN is auto-generated by CDK grantReadData/grantReadWriteData ' +
+            'to cover GSI access. The table ARN itself is scoped.',
+        },
+        {
+          id: 'AwsSolutions-IAM4',
+          reason:
+            'AWSLambdaBasicExecutionRole is required for Lambda CloudWatch Logs access. ' +
+            'This is the standard CDK-managed execution role.',
+          appliesTo: [
+            'Policy::arn:<AWS::Partition>:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole',
+          ],
+        },
+      ],
+      true,
+    );
+
+    // cdk-nag: LogRetention and API GW CloudWatch role use CDK-managed IAM
+    NagSuppressions.addStackSuppressions(this, [
+      {
+        id: 'AwsSolutions-IAM4',
+        reason:
+          'CDK-internal constructs (LogRetention, API GW CloudWatch role) require AWS managed policies. ' +
+          'These are not user-configurable.',
+        appliesTo: [
+          'Policy::arn:<AWS::Partition>:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole',
+          'Policy::arn:<AWS::Partition>:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs',
+        ],
+      },
+      {
+        id: 'AwsSolutions-IAM5',
+        reason:
+          'LogRetention custom resource requires wildcard permissions to manage log groups. ' +
+          'This is a CDK-internal construct.',
+        appliesTo: ['Resource::*'],
+      },
+      {
+        id: 'AwsSolutions-L1',
+        reason: 'Lambda uses nodejs22.x which is the latest Node.js runtime available in CDK',
+      },
+    ]);
+
+    // -------------------------------------------------------
+    // Outputs
+    // -------------------------------------------------------
+    new cdk.CfnOutput(this, 'ApiUrl', {
+      value: this.api.url,
+      description: 'PRISM D1 Velocity API endpoint',
+      exportName: 'PrismD1ApiUrl',
+    });
+
+    new cdk.CfnOutput(this, 'ApiKeyId', {
+      value: apiKey.keyId,
+      description: 'API Key ID (retrieve value from AWS Console or CLI)',
+      exportName: 'PrismD1ApiKeyId',
+    });
+  }
+}

package/dist/assets/infra/lib/constructs/bedrock-guardrail-construct.ts

@@ -0,0 +1,201 @@
+import * as cdk from 'aws-cdk-lib';
+import * as bedrock from 'aws-cdk-lib/aws-bedrock';
+import { Construct } from 'constructs';
+
+export interface ContentFilterConfig {
+  type: 'HATE' | 'INSULTS' | 'SEXUAL' | 'VIOLENCE' | 'MISCONDUCT' | 'PROMPT_ATTACK';
+  inputStrength: 'NONE' | 'LOW' | 'MEDIUM' | 'HIGH';
+  outputStrength: 'NONE' | 'LOW' | 'MEDIUM' | 'HIGH';
+}
+
+export interface DeniedTopicConfig {
+  name: string;
+  definition: string;
+  examples: string[];
+}
+
+export interface PiiEntityConfig {
+  type: string;
+  action: 'BLOCK' | 'ANONYMIZE';
+}
+
+export interface RegexFilterConfig {
+  name: string;
+  pattern: string;
+  action: 'BLOCK' | 'ANONYMIZE';
+}
+
+export interface BedrockGuardrailProps {
+  guardrailName: string;
+  description?: string;
+  contentFilters?: ContentFilterConfig[];
+  deniedTopics?: DeniedTopicConfig[];
+  piiEntities?: PiiEntityConfig[];
+  regexFilters?: RegexFilterConfig[];
+  managedWordLists?: ('PROFANITY')[];
+  customWords?: string[];
+  blockedInputMessage?: string;
+  blockedOutputMessage?: string;
+}
+
+export class BedrockGuardrailConstruct extends Construct {
+  public readonly guardrailId: string;
+  public readonly guardrailVersion: string;
+  public readonly guardrailArn: string;
+
+  constructor(scope: Construct, id: string, props: BedrockGuardrailProps) {
+    super(scope, id);
+
+    // Build content policy config
+    const filtersConfig = (props.contentFilters ?? []).map((f) => ({
+      type: f.type,
+      inputStrength: f.inputStrength,
+      outputStrength: f.outputStrength,
+    }));
+
+    // Build topic policy config
+    const topicsConfig = (props.deniedTopics ?? []).map((t) => ({
+      name: t.name,
+      definition: t.definition,
+      examples: t.examples,
+      type: 'DENY',
+    }));
+
+    // Build sensitive info policy
+    const piiEntitiesConfig = (props.piiEntities ?? []).map((p) => ({
+      type: p.type,
+      action: p.action,
+    }));
+
+    const regexConfig = (props.regexFilters ?? []).map((r) => ({
+      name: r.name,
+      pattern: r.pattern,
+      action: r.action,
+    }));
+
+    // Build word policy config
+    const wordPolicyConfig: Record<string, unknown> = {};
+    if (props.managedWordLists && props.managedWordLists.length > 0) {
+      wordPolicyConfig.managedWordListsConfig = props.managedWordLists.map((w) => ({
+        type: w,
+      }));
+    }
+    if (props.customWords && props.customWords.length > 0) {
+      wordPolicyConfig.wordsConfig = props.customWords.map((w) => ({
+        text: w,
+      }));
+    }
+
+    const guardrail = new bedrock.CfnGuardrail(this, 'Guardrail', {
+      name: props.guardrailName,
+      description: props.description ?? `PRISM D1 guardrail: ${props.guardrailName}`,
+      blockedInputMessaging: props.blockedInputMessage ?? 'This request has been blocked by safety guardrails.',
+      blockedOutputsMessaging: props.blockedOutputMessage ?? 'This response has been blocked by safety guardrails.',
+      ...(filtersConfig.length > 0 && {
+        contentPolicyConfig: {
+          filtersConfig,
+        },
+      }),
+      ...(topicsConfig.length > 0 && {
+        topicPolicyConfig: {
+          topicsConfig,
+        },
+      }),
+      ...((piiEntitiesConfig.length > 0 || regexConfig.length > 0) && {
+        sensitiveInformationPolicyConfig: {
+          ...(piiEntitiesConfig.length > 0 && { piiEntitiesConfig }),
+          ...(regexConfig.length > 0 && { regexesConfig: regexConfig }),
+        },
+      }),
+      ...(Object.keys(wordPolicyConfig).length > 0 && {
+        wordPolicyConfig,
+      }),
+      tags: [
+        { key: 'prism:component', value: 'guardrail' },
+        { key: 'prism:pillar', value: 'security' },
+      ],
+    });
+
+    // Create a versioned snapshot
+    const guardrailVersion = new bedrock.CfnGuardrailVersion(this, 'GuardrailVersion', {
+      guardrailIdentifier: guardrail.attrGuardrailId,
+      description: `PRISM D1 guardrail version for ${props.guardrailName}`,
+    });
+
+    guardrailVersion.addDependency(guardrail);
+
+    this.guardrailId = guardrail.attrGuardrailId;
+    this.guardrailArn = guardrail.attrGuardrailArn;
+    this.guardrailVersion = guardrailVersion.attrVersion;
+
+    new cdk.CfnOutput(this, 'GuardrailIdOutput', {
+      value: this.guardrailId,
+      description: `Guardrail ID for ${props.guardrailName}`,
+      exportName: `PrismD1GuardrailId-${props.guardrailName}`,
+    });
+
+    new cdk.CfnOutput(this, 'GuardrailVersionOutput', {
+      value: this.guardrailVersion,
+      description: `Guardrail version for ${props.guardrailName}`,
+      exportName: `PrismD1GuardrailVersion-${props.guardrailName}`,
+    });
+  }
+}
+
+/**
+ * Default PRISM guardrail configuration matching the template at
+ * bootstrapper/agent-configs/guardrails-template.json
+ */
+export function createDefaultPrismGuardrailProps(): BedrockGuardrailProps {
+  return {
+    guardrailName: 'prism-d1-agent-guardrail',
+    description: 'PRISM D1 default guardrail for AI agents — content safety, PII protection, and topic governance.',
+    contentFilters: [
+      { type: 'HATE', inputStrength: 'HIGH', outputStrength: 'HIGH' },
+      { type: 'INSULTS', inputStrength: 'HIGH', outputStrength: 'HIGH' },
+      { type: 'SEXUAL', inputStrength: 'HIGH', outputStrength: 'HIGH' },
+      { type: 'VIOLENCE', inputStrength: 'HIGH', outputStrength: 'HIGH' },
+      { type: 'MISCONDUCT', inputStrength: 'HIGH', outputStrength: 'HIGH' },
+      { type: 'PROMPT_ATTACK', inputStrength: 'HIGH', outputStrength: 'NONE' },
+    ],
+    deniedTopics: [
+      {
+        name: 'competitor-recommendations',
+        definition: 'Recommending or endorsing competitor products or services.',
+        examples: [
+          'You should use Competitor X instead.',
+          'Competitor Y has a better solution for this.',
+        ],
+      },
+      {
+        name: 'financial-advice',
+        definition: 'Providing specific financial, investment, or tax advice.',
+        examples: [
+          'You should invest in stocks right now.',
+          'This tax strategy will save you money.',
+        ],
+      },
+    ],
+    piiEntities: [
+      { type: 'EMAIL', action: 'ANONYMIZE' },
+      { type: 'PHONE', action: 'ANONYMIZE' },
+      { type: 'US_SOCIAL_SECURITY_NUMBER', action: 'BLOCK' },
+      { type: 'CREDIT_DEBIT_CARD_NUMBER', action: 'BLOCK' },
+    ],
+    regexFilters: [
+      {
+        name: 'aws-access-key',
+        pattern: 'AKIA[A-Z0-9]{16}',
+        action: 'BLOCK',
+      },
+      {
+        name: 'generic-api-key',
+        pattern: 'sk-[a-zA-Z0-9]{32,}',
+        action: 'BLOCK',
+      },
+    ],
+    managedWordLists: ['PROFANITY'],
+    blockedInputMessage: 'Your request was blocked by PRISM safety guardrails. Please rephrase.',
+    blockedOutputMessage: 'The response was blocked by PRISM safety guardrails.',
+  };
+}

package/dist/assets/infra/lib/constructs/guardrail-enforcer-construct.ts

@@ -0,0 +1,59 @@
+import * as cdk from 'aws-cdk-lib';
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+import * as iam from 'aws-cdk-lib/aws-iam';
+import * as path from 'path';
+import { Construct } from 'constructs';
+
+/**
+ * Creates a Lambda Layer containing a guardrail enforcement client.
+ * Any Lambda or agent can use this layer to check input/output
+ * against the deployed Bedrock Guardrail before returning to the user.
+ */
+export class GuardrailEnforcerConstruct extends Construct {
+  public readonly layer: lambda.LayerVersion;
+  public readonly guardrailId: string;
+  public readonly guardrailVersion: string;
+
+  constructor(
+    scope: Construct,
+    id: string,
+    props: { guardrailId: string; guardrailVersion: string },
+  ) {
+    super(scope, id);
+
+    this.guardrailId = props.guardrailId;
+    this.guardrailVersion = props.guardrailVersion;
+
+    // The layer provides a simple guardrail enforcement utility
+    this.layer = new lambda.LayerVersion(this, 'GuardrailEnforcerLayer', {
+      layerVersionName: 'prism-d1-guardrail-enforcer',
+      description: 'PRISM D1 Bedrock Guardrail enforcement client',
+      compatibleRuntimes: [lambda.Runtime.NODEJS_22_X],
+      code: lambda.Code.fromAsset(path.join(__dirname, '..', 'lambda', 'layers', 'guardrail-enforcer')),
+      removalPolicy: cdk.RemovalPolicy.RETAIN,
+    });
+
+    new cdk.CfnOutput(this, 'LayerArn', {
+      value: this.layer.layerVersionArn,
+      exportName: 'PrismD1GuardrailEnforcerLayerArn',
+    });
+  }
+
+  /**
+   * Grants a Lambda function permission to invoke the Bedrock Guardrail
+   * and adds the layer + environment variables.
+   */
+  attachToFunction(fn: lambda.Function): void {
+    fn.addLayers(this.layer);
+    fn.addEnvironment('GUARDRAIL_ID', this.guardrailId);
+    fn.addEnvironment('GUARDRAIL_VERSION', this.guardrailVersion);
+
+    fn.addToRolePolicy(
+      new iam.PolicyStatement({
+        effect: iam.Effect.ALLOW,
+        actions: ['bedrock:ApplyGuardrail'],
+        resources: ['*'],
+      }),
+    );
+  }
+}

package/dist/assets/infra/lib/constructs/prism-vpc-construct.ts

@@ -0,0 +1,75 @@
+import * as cdk from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import { Construct } from 'constructs';
+import { NagSuppressions } from 'cdk-nag';
+
+/**
+ * Creates a VPC with private subnets for PRISM Lambda functions.
+ * Includes VPC endpoints for all required AWS services so Lambdas
+ * can operate without internet access (data residency / IP protection).
+ */
+export class PrismVpcConstruct extends Construct {
+  public readonly vpc: ec2.Vpc;
+  public readonly lambdaSecurityGroup: ec2.SecurityGroup;
+
+  constructor(scope: Construct, id: string) {
+    super(scope, id);
+
+    this.vpc = new ec2.Vpc(this, 'PrismVpc', {
+      vpcName: 'prism-d1-vpc',
+      maxAzs: 2,
+      natGateways: 0, // No internet access — all traffic through VPC endpoints
+      subnetConfiguration: [
+        {
+          cidrMask: 24,
+          name: 'prism-private',
+          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
+        },
+      ],
+      flowLogs: {
+        default: {
+          destination: ec2.FlowLogDestination.toCloudWatchLogs(),
+          trafficType: ec2.FlowLogTrafficType.ALL,
+        },
+      },
+    });
+
+    this.lambdaSecurityGroup = new ec2.SecurityGroup(this, 'LambdaSG', {
+      vpc: this.vpc,
+      securityGroupName: 'prism-d1-lambda-sg',
+      description: 'Security group for PRISM D1 Lambda functions',
+      allowAllOutbound: true, // Safe: VPC has no NAT/IGW, traffic only reaches AWS via endpoints
+    });
+
+    // --- Gateway endpoint: DynamoDB ---
+    this.vpc.addGatewayEndpoint('DynamoDBEndpoint', {
+      service: ec2.GatewayVpcEndpointAwsService.DYNAMODB,
+    });
+
+    // --- Interface endpoints ---
+    const interfaceEndpoints = [
+      { id: 'EventBridgeEndpoint', service: ec2.InterfaceVpcEndpointAwsService.EVENTBRIDGE },
+      { id: 'CloudWatchEndpoint', service: ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_MONITORING },
+      { id: 'CloudWatchLogsEndpoint', service: ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS },
+      { id: 'KMSEndpoint', service: ec2.InterfaceVpcEndpointAwsService.KMS },
+      { id: 'BedrockRuntimeEndpoint', service: ec2.InterfaceVpcEndpointAwsService.BEDROCK_RUNTIME },
+    ];
+
+    for (const ep of interfaceEndpoints) {
+      this.vpc.addInterfaceEndpoint(ep.id, {
+        service: ep.service,
+        privateDnsEnabled: true,
+        securityGroups: [this.lambdaSecurityGroup],
+      });
+    }
+
+    new cdk.CfnOutput(this, 'VpcId', {
+      value: this.vpc.vpcId,
+      exportName: 'PrismD1VpcId',
+    });
+
+    NagSuppressions.addResourceSuppressions(this.lambdaSecurityGroup, [
+      { id: 'CdkNagValidationFailure', reason: 'SG egress uses Fn::GetAtt for VPC CIDR which cannot be statically validated' },
+    ]);
+  }
+}