@pwrdrvr/microapps-cdk 0.4.0-alpha.11 → 0.4.0-alpha.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/.jsii +98 -52
  2. package/API.md +28 -10
  3. package/changelog.md +1 -1
  4. package/lib/MicroApps.d.ts +5 -1
  5. package/lib/MicroApps.js +4 -3
  6. package/lib/MicroAppsAPIGwy.js +1 -1
  7. package/lib/MicroAppsCF.js +1 -1
  8. package/lib/MicroAppsChildDeployer.d.ts +3 -1
  9. package/lib/MicroAppsChildDeployer.js +3 -3
  10. package/lib/MicroAppsEdgeToOrigin.js +1 -1
  11. package/lib/MicroAppsS3.js +1 -1
  12. package/lib/MicroAppsSvcs.d.ts +5 -1
  13. package/lib/MicroAppsSvcs.js +5 -4
  14. package/lib/MicroAppsTable.js +1 -1
  15. package/lib/microapps-deployer/index.js +46 -46
  16. package/lib/microapps-deployer/index.js.map +4 -4
  17. package/lib/microapps-edge-to-origin/index.js +1 -1
  18. package/lib/microapps-edge-to-origin/index.js.map +2 -2
  19. package/package.json +1 -1
  20. package/releasetag.txt +1 -1
  21. package/version.txt +1 -1
package/.jsii CHANGED
@@ -3464,7 +3464,7 @@
3464
3464
  "kind": "interface",
3465
3465
  "locationInModule": {
3466
3466
  "filename": "src/MicroApps.ts",
3467
- "line": 318
3467
+ "line": 323
3468
3468
  },
3469
3469
  "name": "IMicroApps",
3470
3470
  "properties": [
@@ -3477,7 +3477,7 @@
3477
3477
  "immutable": true,
3478
3478
  "locationInModule": {
3479
3479
  "filename": "src/MicroApps.ts",
3480
- "line": 320
3480
+ "line": 325
3481
3481
  },
3482
3482
  "name": "cf",
3483
3483
  "type": {
@@ -3493,7 +3493,7 @@
3493
3493
  "immutable": true,
3494
3494
  "locationInModule": {
3495
3495
  "filename": "src/MicroApps.ts",
3496
- "line": 326
3496
+ "line": 331
3497
3497
  },
3498
3498
  "name": "s3",
3499
3499
  "type": {
@@ -3509,7 +3509,7 @@
3509
3509
  "immutable": true,
3510
3510
  "locationInModule": {
3511
3511
  "filename": "src/MicroApps.ts",
3512
- "line": 329
3512
+ "line": 334
3513
3513
  },
3514
3514
  "name": "svcs",
3515
3515
  "type": {
@@ -3525,7 +3525,7 @@
3525
3525
  "immutable": true,
3526
3526
  "locationInModule": {
3527
3527
  "filename": "src/MicroApps.ts",
3528
- "line": 332
3528
+ "line": 337
3529
3529
  },
3530
3530
  "name": "apigwy",
3531
3531
  "optional": true,
@@ -3542,7 +3542,7 @@
3542
3542
  "immutable": true,
3543
3543
  "locationInModule": {
3544
3544
  "filename": "src/MicroApps.ts",
3545
- "line": 323
3545
+ "line": 328
3546
3546
  },
3547
3547
  "name": "edgeToOrigin",
3548
3548
  "optional": true,
@@ -3646,7 +3646,7 @@
3646
3646
  "kind": "interface",
3647
3647
  "locationInModule": {
3648
3648
  "filename": "src/MicroAppsChildDeployer.ts",
3649
- "line": 68
3649
+ "line": 70
3650
3650
  },
3651
3651
  "name": "IMicroAppsChildDeployer",
3652
3652
  "properties": [
@@ -3659,7 +3659,7 @@
3659
3659
  "immutable": true,
3660
3660
  "locationInModule": {
3661
3661
  "filename": "src/MicroAppsChildDeployer.ts",
3662
- "line": 72
3662
+ "line": 74
3663
3663
  },
3664
3664
  "name": "deployerFunc",
3665
3665
  "type": {
@@ -3872,7 +3872,7 @@
3872
3872
  "kind": "interface",
3873
3873
  "locationInModule": {
3874
3874
  "filename": "src/MicroAppsSvcs.ts",
3875
- "line": 186
3875
+ "line": 191
3876
3876
  },
3877
3877
  "name": "IMicroAppsSvcs",
3878
3878
  "properties": [
@@ -3885,7 +3885,7 @@
3885
3885
  "immutable": true,
3886
3886
  "locationInModule": {
3887
3887
  "filename": "src/MicroAppsSvcs.ts",
3888
- "line": 195
3888
+ "line": 200
3889
3889
  },
3890
3890
  "name": "deployerFunc",
3891
3891
  "type": {
@@ -3901,7 +3901,7 @@
3901
3901
  "immutable": true,
3902
3902
  "locationInModule": {
3903
3903
  "filename": "src/MicroAppsSvcs.ts",
3904
- "line": 190
3904
+ "line": 195
3905
3905
  },
3906
3906
  "name": "table",
3907
3907
  "type": {
@@ -3917,7 +3917,7 @@
3917
3917
  "immutable": true,
3918
3918
  "locationInModule": {
3919
3919
  "filename": "src/MicroAppsSvcs.ts",
3920
- "line": 200
3920
+ "line": 205
3921
3921
  },
3922
3922
  "name": "routerFunc",
3923
3923
  "optional": true,
@@ -3980,7 +3980,7 @@
3980
3980
  },
3981
3981
  "locationInModule": {
3982
3982
  "filename": "src/MicroApps.ts",
3983
- "line": 381
3983
+ "line": 386
3984
3984
  },
3985
3985
  "parameters": [
3986
3986
  {
@@ -4010,7 +4010,7 @@
4010
4010
  "kind": "class",
4011
4011
  "locationInModule": {
4012
4012
  "filename": "src/MicroApps.ts",
4013
- "line": 355
4013
+ "line": 360
4014
4014
  },
4015
4015
  "name": "MicroApps",
4016
4016
  "properties": [
@@ -4022,7 +4022,7 @@
4022
4022
  "immutable": true,
4023
4023
  "locationInModule": {
4024
4024
  "filename": "src/MicroApps.ts",
4025
- "line": 357
4025
+ "line": 362
4026
4026
  },
4027
4027
  "name": "cf",
4028
4028
  "overrides": "@pwrdrvr/microapps-cdk.IMicroApps",
@@ -4038,7 +4038,7 @@
4038
4038
  "immutable": true,
4039
4039
  "locationInModule": {
4040
4040
  "filename": "src/MicroApps.ts",
4041
- "line": 367
4041
+ "line": 372
4042
4042
  },
4043
4043
  "name": "s3",
4044
4044
  "overrides": "@pwrdrvr/microapps-cdk.IMicroApps",
@@ -4054,7 +4054,7 @@
4054
4054
  "immutable": true,
4055
4055
  "locationInModule": {
4056
4056
  "filename": "src/MicroApps.ts",
4057
- "line": 377
4057
+ "line": 382
4058
4058
  },
4059
4059
  "name": "svcs",
4060
4060
  "overrides": "@pwrdrvr/microapps-cdk.IMicroApps",
@@ -4070,7 +4070,7 @@
4070
4070
  "immutable": true,
4071
4071
  "locationInModule": {
4072
4072
  "filename": "src/MicroApps.ts",
4073
- "line": 372
4073
+ "line": 377
4074
4074
  },
4075
4075
  "name": "apigwy",
4076
4076
  "optional": true,
@@ -4087,7 +4087,7 @@
4087
4087
  "immutable": true,
4088
4088
  "locationInModule": {
4089
4089
  "filename": "src/MicroApps.ts",
4090
- "line": 362
4090
+ "line": 367
4091
4091
  },
4092
4092
  "name": "edgeToOrigin",
4093
4093
  "optional": true,
@@ -4818,7 +4818,7 @@
4818
4818
  },
4819
4819
  "locationInModule": {
4820
4820
  "filename": "src/MicroAppsChildDeployer.ts",
4821
- "line": 84
4821
+ "line": 86
4822
4822
  },
4823
4823
  "parameters": [
4824
4824
  {
@@ -4848,7 +4848,7 @@
4848
4848
  "kind": "class",
4849
4849
  "locationInModule": {
4850
4850
  "filename": "src/MicroAppsChildDeployer.ts",
4851
- "line": 78
4851
+ "line": 80
4852
4852
  },
4853
4853
  "name": "MicroAppsChildDeployer",
4854
4854
  "properties": [
@@ -4860,7 +4860,7 @@
4860
4860
  "immutable": true,
4861
4861
  "locationInModule": {
4862
4862
  "filename": "src/MicroAppsChildDeployer.ts",
4863
- "line": 80
4863
+ "line": 82
4864
4864
  },
4865
4865
  "name": "deployerFunc",
4866
4866
  "overrides": "@pwrdrvr/microapps-cdk.IMicroAppsChildDeployer",
@@ -4895,29 +4895,13 @@
4895
4895
  "immutable": true,
4896
4896
  "locationInModule": {
4897
4897
  "filename": "src/MicroAppsChildDeployer.ts",
4898
- "line": 37
4898
+ "line": 39
4899
4899
  },
4900
4900
  "name": "appEnv",
4901
4901
  "type": {
4902
4902
  "primitive": "string"
4903
4903
  }
4904
4904
  },
4905
- {
4906
- "abstract": true,
4907
- "docs": {
4908
- "stability": "experimental",
4909
- "summary": "ARN of the IAM Role for the Edge to Origin Lambda Function."
4910
- },
4911
- "immutable": true,
4912
- "locationInModule": {
4913
- "filename": "src/MicroAppsChildDeployer.ts",
4914
- "line": 22
4915
- },
4916
- "name": "edgeToOriginRoleARN",
4917
- "type": {
4918
- "primitive": "string"
4919
- }
4920
- },
4921
4905
  {
4922
4906
  "abstract": true,
4923
4907
  "docs": {
@@ -4945,7 +4929,7 @@
4945
4929
  "immutable": true,
4946
4930
  "locationInModule": {
4947
4931
  "filename": "src/MicroAppsChildDeployer.ts",
4948
- "line": 45
4932
+ "line": 47
4949
4933
  },
4950
4934
  "name": "assetNameRoot",
4951
4935
  "optional": true,
@@ -4964,7 +4948,7 @@
4964
4948
  "immutable": true,
4965
4949
  "locationInModule": {
4966
4950
  "filename": "src/MicroAppsChildDeployer.ts",
4967
- "line": 53
4951
+ "line": 55
4968
4952
  },
4969
4953
  "name": "assetNameSuffix",
4970
4954
  "optional": true,
@@ -4983,7 +4967,7 @@
4983
4967
  "immutable": true,
4984
4968
  "locationInModule": {
4985
4969
  "filename": "src/MicroAppsChildDeployer.ts",
4986
- "line": 62
4970
+ "line": 64
4987
4971
  },
4988
4972
  "name": "deployerTimeout",
4989
4973
  "optional": true,
@@ -4991,6 +4975,24 @@
4991
4975
  "fqn": "aws-cdk-lib.Duration"
4992
4976
  }
4993
4977
  },
4978
+ {
4979
+ "abstract": true,
4980
+ "docs": {
4981
+ "remarks": "For child accounts this can be blank as it is retrieved from the parent Deployer",
4982
+ "stability": "experimental",
4983
+ "summary": "ARN of the IAM Role for the Edge to Origin Lambda Function."
4984
+ },
4985
+ "immutable": true,
4986
+ "locationInModule": {
4987
+ "filename": "src/MicroAppsChildDeployer.ts",
4988
+ "line": 24
4989
+ },
4990
+ "name": "edgeToOriginRoleARN",
4991
+ "optional": true,
4992
+ "type": {
4993
+ "primitive": "string"
4994
+ }
4995
+ },
4994
4996
  {
4995
4997
  "abstract": true,
4996
4998
  "docs": {
@@ -5002,7 +5004,7 @@
5002
5004
  "immutable": true,
5003
5005
  "locationInModule": {
5004
5006
  "filename": "src/MicroAppsChildDeployer.ts",
5005
- "line": 31
5007
+ "line": 33
5006
5008
  },
5007
5009
  "name": "removalPolicy",
5008
5010
  "optional": true,
@@ -5692,6 +5694,28 @@
5692
5694
  }
5693
5695
  }
5694
5696
  },
5697
+ {
5698
+ "abstract": true,
5699
+ "docs": {
5700
+ "stability": "experimental",
5701
+ "summary": "Additional IAM Role ARNs that should be allowed to invoke apps in child accounts."
5702
+ },
5703
+ "immutable": true,
5704
+ "locationInModule": {
5705
+ "filename": "src/MicroApps.ts",
5706
+ "line": 317
5707
+ },
5708
+ "name": "edgeToOriginRoleARNs",
5709
+ "optional": true,
5710
+ "type": {
5711
+ "collection": {
5712
+ "elementtype": {
5713
+ "primitive": "string"
5714
+ },
5715
+ "kind": "array"
5716
+ }
5717
+ }
5718
+ },
5695
5719
  {
5696
5720
  "abstract": true,
5697
5721
  "docs": {
@@ -5806,7 +5830,7 @@
5806
5830
  "abstract": true,
5807
5831
  "docs": {
5808
5832
  "example": "[ 'AROA1234567890123' ]",
5809
- "remarks": "AROAs of the IAM Role to exclude from the DENY rules on the S3 Bucket Policy.\nThis allows sessions that assume the IAM Role to be excluded from the\nDENY rules on the S3 Bucket Policy.\n\nTypically any admin roles / users that need to view or manage the S3 Bucket\nwould be added to this list.\n\nRoles / users that are used directly, not assumed, can be added to `s3PolicyBypassRoleNames` instead.\n\nNote: This AROA must be specified to prevent this policy from locking\nout non-root sessions that have assumed the admin role.\n\nThe notPrincipals will only match the role name exactly and will not match\nany session that has assumed the role since notPrincipals does not allow\nwildcard matches and does not do wildcard matches implicitly either.\n\nThe AROA must be used because there are only 3 Principal variables available:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable\n aws:username, aws:userid, aws:PrincipalTag\n\nFor an assumed role, aws:username is blank, aws:userid is:\n [unique id AKA AROA for Role]:[session name]\n\nTable of unique ID prefixes such as AROA:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-prefixes\n\nThe name of the role is simply not available for an assumed role and, if it was,\na complicated comparison would be requierd to prevent exclusion\nof applying the Deny Rule to roles from other accounts.\n\nTo get the AROA with the AWS CLI:\n aws iam get-role --role-name ROLE-NAME\n aws iam get-user -–user-name USER-NAME",
5833
+ "remarks": "AROAs of the IAM Role to exclude from the DENY rules on the S3 Bucket Policy.\nThis allows sessions that assume the IAM Role to be excluded from the\nDENY rules on the S3 Bucket Policy.\n\nTypically any admin roles / users that need to view or manage the S3 Bucket\nwould be added to this list.\n\nRoles / users that are used directly, not assumed, can be added to `s3PolicyBypassRoleNames` instead.\n\nNote: This AROA must be specified to prevent this policy from locking\nout non-root sessions that have assumed the admin role.\n\nThe notPrincipals will only match the role name exactly and will not match\nany session that has assumed the role since notPrincipals does not allow\nwildcard matches and does not do wildcard matches implicitly either.\n\nThe AROA must be used because there are only 3 Principal variables available:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable\n aws:username, aws:userid, aws:PrincipalTag\n\nFor an assumed role, aws:username is blank, aws:userid is:\n [unique id AKA AROA for Role]:[session name]\n\nTable of unique ID prefixes such as AROA:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-prefixes\n\nThe name of the role is simply not available for an assumed role and, if it was,\na complicated comparison would be requierd to prevent exclusion\nof applying the Deny Rule to roles from other accounts.\n\nTo get the AROA with the AWS CLI:\n aws iam get-role --role-name ROLE-NAME\n aws iam get-user --user-name USER-NAME",
5810
5834
  "see": "s3StrictBucketPolicy",
5811
5835
  "stability": "experimental",
5812
5836
  "summary": "Applies when using s3StrictBucketPolicy = true."
@@ -6242,7 +6266,7 @@
6242
6266
  },
6243
6267
  "locationInModule": {
6244
6268
  "filename": "src/MicroAppsSvcs.ts",
6245
- "line": 224
6269
+ "line": 229
6246
6270
  },
6247
6271
  "parameters": [
6248
6272
  {
@@ -6272,7 +6296,7 @@
6272
6296
  "kind": "class",
6273
6297
  "locationInModule": {
6274
6298
  "filename": "src/MicroAppsSvcs.ts",
6275
- "line": 207
6299
+ "line": 212
6276
6300
  },
6277
6301
  "name": "MicroAppsSvcs",
6278
6302
  "properties": [
@@ -6284,7 +6308,7 @@
6284
6308
  "immutable": true,
6285
6309
  "locationInModule": {
6286
6310
  "filename": "src/MicroAppsSvcs.ts",
6287
- "line": 215
6311
+ "line": 220
6288
6312
  },
6289
6313
  "name": "deployerFunc",
6290
6314
  "overrides": "@pwrdrvr/microapps-cdk.IMicroAppsSvcs",
@@ -6300,7 +6324,7 @@
6300
6324
  "immutable": true,
6301
6325
  "locationInModule": {
6302
6326
  "filename": "src/MicroAppsSvcs.ts",
6303
- "line": 210
6327
+ "line": 215
6304
6328
  },
6305
6329
  "name": "table",
6306
6330
  "overrides": "@pwrdrvr/microapps-cdk.IMicroAppsSvcs",
@@ -6316,7 +6340,7 @@
6316
6340
  "immutable": true,
6317
6341
  "locationInModule": {
6318
6342
  "filename": "src/MicroAppsSvcs.ts",
6319
- "line": 220
6343
+ "line": 225
6320
6344
  },
6321
6345
  "name": "routerFunc",
6322
6346
  "optional": true,
@@ -6464,6 +6488,28 @@
6464
6488
  "fqn": "aws-cdk-lib.Duration"
6465
6489
  }
6466
6490
  },
6491
+ {
6492
+ "abstract": true,
6493
+ "docs": {
6494
+ "stability": "experimental",
6495
+ "summary": "ARN of the IAM Role for the Edge to Origin Lambda Function."
6496
+ },
6497
+ "immutable": true,
6498
+ "locationInModule": {
6499
+ "filename": "src/MicroAppsSvcs.ts",
6500
+ "line": 185
6501
+ },
6502
+ "name": "edgeToOriginRoleARN",
6503
+ "optional": true,
6504
+ "type": {
6505
+ "collection": {
6506
+ "elementtype": {
6507
+ "primitive": "string"
6508
+ },
6509
+ "kind": "array"
6510
+ }
6511
+ }
6512
+ },
6467
6513
  {
6468
6514
  "abstract": true,
6469
6515
  "docs": {
@@ -6541,7 +6587,7 @@
6541
6587
  "abstract": true,
6542
6588
  "docs": {
6543
6589
  "example": "[ 'AROA1234567890123' ]",
6544
- "remarks": "AROAs of the IAM Role to exclude from the DENY rules on the S3 Bucket Policy.\nThis allows sessions that assume the IAM Role to be excluded from the\nDENY rules on the S3 Bucket Policy.\n\nTypically any admin roles / users that need to view or manage the S3 Bucket\nwould be added to this list.\n\nRoles / users that are used directly, not assumed, can be added to `s3PolicyBypassRoleNames` instead.\n\nNote: This AROA must be specified to prevent this policy from locking\nout non-root sessions that have assumed the admin role.\n\nThe notPrincipals will only match the role name exactly and will not match\nany session that has assumed the role since notPrincipals does not allow\nwildcard matches and does not do wildcard matches implicitly either.\n\nThe AROA must be used because there are only 3 Principal variables available:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable\n aws:username, aws:userid, aws:PrincipalTag\n\nFor an assumed role, aws:username is blank, aws:userid is:\n [unique id AKA AROA for Role]:[session name]\n\nTable of unique ID prefixes such as AROA:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-prefixes\n\nThe name of the role is simply not available for an assumed role and, if it was,\na complicated comparison would be requierd to prevent exclusion\nof applying the Deny Rule to roles from other accounts.\n\nTo get the AROA with the AWS CLI:\n aws iam get-role --role-name ROLE-NAME\n aws iam get-user -–user-name USER-NAME",
6590
+ "remarks": "AROAs of the IAM Role to exclude from the DENY rules on the S3 Bucket Policy.\nThis allows sessions that assume the IAM Role to be excluded from the\nDENY rules on the S3 Bucket Policy.\n\nTypically any admin roles / users that need to view or manage the S3 Bucket\nwould be added to this list.\n\nRoles / users that are used directly, not assumed, can be added to `s3PolicyBypassRoleNames` instead.\n\nNote: This AROA must be specified to prevent this policy from locking\nout non-root sessions that have assumed the admin role.\n\nThe notPrincipals will only match the role name exactly and will not match\nany session that has assumed the role since notPrincipals does not allow\nwildcard matches and does not do wildcard matches implicitly either.\n\nThe AROA must be used because there are only 3 Principal variables available:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable\n aws:username, aws:userid, aws:PrincipalTag\n\nFor an assumed role, aws:username is blank, aws:userid is:\n [unique id AKA AROA for Role]:[session name]\n\nTable of unique ID prefixes such as AROA:\n https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-prefixes\n\nThe name of the role is simply not available for an assumed role and, if it was,\na complicated comparison would be requierd to prevent exclusion\nof applying the Deny Rule to roles from other accounts.\n\nTo get the AROA with the AWS CLI:\n aws iam get-role --role-name ROLE-NAME\n aws iam get-user --user-name USER-NAME",
6545
6591
  "see": "s3StrictBucketPolicy",
6546
6592
  "stability": "experimental",
6547
6593
  "summary": "Applies when using s3StrictBucketPolicy = true."
@@ -6776,6 +6822,6 @@
6776
6822
  "symbolId": "src/MicroAppsTable:MicroAppsTableProps"
6777
6823
  }
6778
6824
  },
6779
- "version": "0.4.0-alpha.11",
6780
- "fingerprint": "uOXB8qMkxR37QpDxf5CG3y83vTMivzpmBpK9KX/RFdI="
6825
+ "version": "0.4.0-alpha.12",
6826
+ "fingerprint": "nmDRjf10WDndSwmxRGXznBtFHlZ8v9o2LT42944Dhwg="
6781
6827
  }
package/API.md CHANGED
@@ -979,14 +979,6 @@ Application environment, passed as `NODE_ENV` to the Router and Deployer Lambda
979
979
 
980
980
  ---
981
981
 
982
- ##### `edgeToOriginRoleARN`<sup>Required</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsChildDeployerProps.edgeToOriginRoleARN"></a>
983
-
984
- - *Type:* `string`
985
-
986
- ARN of the IAM Role for the Edge to Origin Lambda Function.
987
-
988
- ---
989
-
990
982
  ##### `parentDeployerLambdaARN`<sup>Required</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsChildDeployerProps.parentDeployerLambdaARN"></a>
991
983
 
992
984
  - *Type:* `string`
@@ -1024,6 +1016,16 @@ For larger applications this needs to be set up to 2-5 minutes for the S3 copy
1024
1016
 
1025
1017
  ---
1026
1018
 
1019
+ ##### `edgeToOriginRoleARN`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsChildDeployerProps.edgeToOriginRoleARN"></a>
1020
+
1021
+ - *Type:* `string`
1022
+
1023
+ ARN of the IAM Role for the Edge to Origin Lambda Function.
1024
+
1025
+ For child accounts this can be blank as it is retrieved from the parent Deployer
1026
+
1027
+ ---
1028
+
1027
1029
  ##### `removalPolicy`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsChildDeployerProps.removalPolicy"></a>
1028
1030
 
1029
1031
  - *Type:* [`aws-cdk-lib.RemovalPolicy`](#aws-cdk-lib.RemovalPolicy)
@@ -1330,6 +1332,14 @@ Additional edge lambda functions.
1330
1332
 
1331
1333
  ---
1332
1334
 
1335
+ ##### `edgeToOriginRoleARNs`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsProps.edgeToOriginRoleARNs"></a>
1336
+
1337
+ - *Type:* `string`[]
1338
+
1339
+ Additional IAM Role ARNs that should be allowed to invoke apps in child accounts.
1340
+
1341
+ ---
1342
+
1333
1343
  ##### `originRegion`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsProps.originRegion"></a>
1334
1344
 
1335
1345
  - *Type:* `string`
@@ -1432,7 +1442,7 @@ of applying the Deny Rule to roles from other accounts.
1432
1442
 
1433
1443
  To get the AROA with the AWS CLI:
1434
1444
  aws iam get-role --role-name ROLE-NAME
1435
- aws iam get-user -–user-name USER-NAME
1445
+ aws iam get-user --user-name USER-NAME
1436
1446
 
1437
1447
  > s3StrictBucketPolicy
1438
1448
 
@@ -1655,6 +1665,14 @@ For larger applications this needs to be set up to 2-5 minutes for the S3 copy
1655
1665
 
1656
1666
  ---
1657
1667
 
1668
+ ##### `edgeToOriginRoleARN`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsSvcsProps.edgeToOriginRoleARN"></a>
1669
+
1670
+ - *Type:* `string`[]
1671
+
1672
+ ARN of the IAM Role for the Edge to Origin Lambda Function.
1673
+
1674
+ ---
1675
+
1658
1676
  ##### `httpApi`<sup>Optional</sup> <a name="@pwrdrvr/microapps-cdk.MicroAppsSvcsProps.httpApi"></a>
1659
1677
 
1660
1678
  - *Type:* [`@aws-cdk/aws-apigatewayv2-alpha.HttpApi`](#@aws-cdk/aws-apigatewayv2-alpha.HttpApi)
@@ -1730,7 +1748,7 @@ of applying the Deny Rule to roles from other accounts.
1730
1748
 
1731
1749
  To get the AROA with the AWS CLI:
1732
1750
  aws iam get-role --role-name ROLE-NAME
1733
- aws iam get-user -–user-name USER-NAME
1751
+ aws iam get-user --user-name USER-NAME
1734
1752
 
1735
1753
  > s3StrictBucketPolicy
1736
1754
 
package/changelog.md CHANGED
@@ -1,2 +1,2 @@
1
1
 
2
- ## [0.4.0-alpha.11](https://github.com/pwrdrvr/microapps-core/compare/v0.4.0-alpha.10...v0.4.0-alpha.11) (2023-05-19)
2
+ ## [0.4.0-alpha.12](https://github.com/pwrdrvr/microapps-core/compare/v0.4.0-alpha.11...v0.4.0-alpha.12) (2023-05-19)
package/lib/MicroApps.d.ts CHANGED
@@ -135,7 +135,7 @@ export interface MicroAppsProps {
135
135
  *
136
136
  * To get the AROA with the AWS CLI:
137
137
  * aws iam get-role --role-name ROLE-NAME
138
- * aws iam get-user -–user-name USER-NAME
138
+ * aws iam get-user --user-name USER-NAME
139
139
  *
140
140
  * @example [ 'AROA1234567890123' ]
141
141
  *
@@ -282,6 +282,10 @@ export interface MicroAppsProps {
282
282
  * @default none
283
283
  */
284
284
  readonly allowedLocalePrefixes?: string[];
285
+ /**
286
+ * Additional IAM Role ARNs that should be allowed to invoke apps in child accounts
287
+ */
288
+ readonly edgeToOriginRoleARNs?: string[];
285
289
  }
286
290
  /**
287
291
  * Represents a MicroApps