@quiltdata/benchling-webhook 0.9.0-20251129T071202Z → 0.9.0-20251204T020520Z

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/README.md +63 -47
  2. package/cdk.json +1 -0
  3. package/dist/bin/benchling-webhook.js +13 -0
  4. package/dist/bin/benchling-webhook.js.map +1 -1
  5. package/dist/bin/commands/deploy.d.ts.map +1 -1
  6. package/dist/bin/commands/deploy.js +61 -98
  7. package/dist/bin/commands/deploy.js.map +1 -1
  8. package/dist/bin/commands/destroy.d.ts +0 -1
  9. package/dist/bin/commands/destroy.d.ts.map +1 -1
  10. package/dist/bin/commands/destroy.js +0 -1
  11. package/dist/bin/commands/destroy.js.map +1 -1
  12. package/dist/bin/commands/infer-quilt-config.d.ts.map +1 -1
  13. package/dist/bin/commands/infer-quilt-config.js +13 -10
  14. package/dist/bin/commands/infer-quilt-config.js.map +1 -1
  15. package/dist/bin/commands/setup-profile.js +1 -1
  16. package/dist/bin/commands/setup-profile.js.map +1 -1
  17. package/dist/bin/commands/setup-wizard.d.ts.map +1 -1
  18. package/dist/bin/commands/setup-wizard.js +1 -0
  19. package/dist/bin/commands/setup-wizard.js.map +1 -1
  20. package/dist/lib/benchling-webhook-stack.d.ts +1 -0
  21. package/dist/lib/benchling-webhook-stack.d.ts.map +1 -1
  22. package/dist/lib/benchling-webhook-stack.js +77 -33
  23. package/dist/lib/benchling-webhook-stack.js.map +1 -1
  24. package/dist/lib/fargate-service.d.ts +5 -4
  25. package/dist/lib/fargate-service.d.ts.map +1 -1
  26. package/dist/lib/fargate-service.js +9 -19
  27. package/dist/lib/fargate-service.js.map +1 -1
  28. package/dist/lib/index.d.ts +1 -1
  29. package/dist/lib/index.js +3 -3
  30. package/dist/lib/network-load-balancer.d.ts +27 -0
  31. package/dist/lib/network-load-balancer.d.ts.map +1 -0
  32. package/dist/lib/network-load-balancer.js +109 -0
  33. package/dist/lib/network-load-balancer.js.map +1 -0
  34. package/dist/lib/rest-api-gateway.d.ts +22 -0
  35. package/dist/lib/rest-api-gateway.d.ts.map +1 -0
  36. package/dist/lib/rest-api-gateway.js +212 -0
  37. package/dist/lib/rest-api-gateway.js.map +1 -0
  38. package/dist/lib/types/config.d.ts +38 -5
  39. package/dist/lib/types/config.d.ts.map +1 -1
  40. package/dist/lib/types/config.js.map +1 -1
  41. package/dist/lib/utils/service-resolver.d.ts +1 -1
  42. package/dist/lib/utils/service-resolver.js +1 -1
  43. package/dist/lib/wizard/phase2-stack-query.d.ts.map +1 -1
  44. package/dist/lib/wizard/phase2-stack-query.js +46 -21
  45. package/dist/lib/wizard/phase2-stack-query.js.map +1 -1
  46. package/dist/lib/wizard/phase3-parameter-collection.d.ts.map +1 -1
  47. package/dist/lib/wizard/phase3-parameter-collection.js +101 -67
  48. package/dist/lib/wizard/phase3-parameter-collection.js.map +1 -1
  49. package/dist/lib/wizard/types.d.ts +11 -0
  50. package/dist/lib/wizard/types.d.ts.map +1 -1
  51. package/dist/package.json +4 -9
  52. package/dist/scripts/discover-vpc.js +12 -11
  53. package/dist/scripts/discover-vpc.js.map +1 -1
  54. package/package.json +4 -9
  55. package/dist/lib/http-api-gateway.d.ts +0 -21
  56. package/dist/lib/http-api-gateway.d.ts.map +0 -1
  57. package/dist/lib/http-api-gateway.js +0 -153
  58. package/dist/lib/http-api-gateway.js.map +0 -1
  59. package/dist/lib/waf-web-acl.d.ts +0 -51
  60. package/dist/lib/waf-web-acl.d.ts.map +0 -1
  61. package/dist/lib/waf-web-acl.js +0 -192
  62. package/dist/lib/waf-web-acl.js.map +0 -1
package/dist/scripts/discover-vpc.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"discover-vpc.js","sourceRoot":"","sources":["../../scripts/discover-vpc.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAwFH,oDAwKC;AA9PD,0EAGwC;AACxC,oDAM6B;AAsD7B;;GAEG;AACH,SAAS,uBAAuB,CAAC,GAAW;IACxC,0EAA0E;IAC1E,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACpB,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,EAAE,CAAC,CAAC;AACxD,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,oBAAoB,CACtC,OAA4B;IAE5B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAErC,yBAAyB;IACzB,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,4CAAoB,CAAC,SAAS,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC,SAAS,CAAC,CAAC;IAE3C,IAAI,CAAC;QACD,uDAAuD;QACvD,MAAM,SAAS,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,iBAAiB,GAAG,IAAI,6CAAqB,CAAC;YAChD,SAAS,EAAE,SAAS;SACvB,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,oCAAoC;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,uBAAuB,CACjD,CAAC;QACF,IAAI,CAAC,gBAAgB,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,CAAC;YACrD,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,eAAe,GAAG,gBAAgB,CAAC,WAAW,CAAC;QAErD,yCAAyC;QACzC,MAAM,YAAY,GAAG,IAAI,0CAA6B,CAAC;YACnD,QAAQ,EAAE,CAAC,eAAe,CAAC;SAC9B,CAAC,CAAC;QACH,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,iBAAiB,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC;QAE5D,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC;QAElC,0CAA0C;QAC1C,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC;YAC1C,MAAM,EAAE,CAAC,KAAK,CAAC;SAClB,CAAC,CAAC;QACH,MAAM,kBAAkB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEhD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC;QACtE,MAAM,SAAS,GAAG,UAAU,CAAC,SAAS,IAAI,EAAE,CAAC;QAE7C,6BAA6B;QAC7B,MAAM,UAAU,GAAG,IAAI,mCAAsB,CAAC;YAC1C,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,UAAU,GAAG,eAAe,CAAC,OAAO,IAAI,EAAE,CAAC;QAEjD,qDAAqD;QACrD,MAAM,cAAc,GAAG,IAAI,uCAA0B,CAAC;YAClD,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,mBAAmB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,mBAAmB,CAAC,WAAW,IAAI,EAAE,CAAC;QAE1D,uDAAuD;QACvD,MAAM,cAAc,GAAG,IAAI,GAAG,EAG3B,CAAC;QAEJ,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;YACnC,8CAA8C;YAC9C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC,CACzC,CAAC;YACF,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,UAAU,CAAC,MAAM,CAAC,CAC5C,CAAC;YAEF,kCAAkC;YAClC,MAAM,SAAS,GACX,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAClD,CAAC,EAAE,EAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAC7B,IAAI,EAAE,CAAC;YAEZ,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;gBAC/B,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,QAAQ,EAAE,CAAC,CAAC,MAAM;oBAClB,aAAa,EAAE,CAAC,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAuB,UAAU,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YAC1D,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;YACvC,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI;gBAC9C,QAAQ,EAAE,KAAK;gBACf,aAAa,EAAE,KAAK;aACvB,CAAC;YACF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC;YAE/D,OAAO;gBACH,QAAQ;gBACR,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,EAAE;gBAC/C,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;gBACjC,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,aAAa,EAAE,SAAS,CAAC,aAAa;gBACtC,IAAI;aACP,CAAC;QACN,CAAC,CAAC,CAAC;QAEH,8BAA8B;QAC9B,MAAM,iBAAiB,GAAG,IAAI,0CAA6B,CAAC;YACxD,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,sBAAsB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACvE,MAAM,cAAc,GAAG,CAAC,sBAAsB,CAAC,cAAc,IAAI,EAAE,CAAC;aAC/D,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC;aACvB,MAAM,CAAC,CAAC,EAAE,EAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAExC,+BAA+B;QAC/B,MAAM,aAAa,GAAkB;YACjC,KAAK;YACL,IAAI,EAAE,OAAO;YACb,SAAS;YACT,MAAM;YACN,OAAO;YACP,cAAc;YACd,OAAO,EAAE,KAAK;YACd,gBAAgB,EAAE,EAAE;SACvB,CAAC;QAEF,uBAAuB;QACvB,WAAW,CAAC,aAAa,CAAC,CAAC;QAE3B,OAAO,aAAa,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,KAAc,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5D,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,GAAkB;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,wBAAwB;IACxB,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC9D,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CACP,uCAAuC,cAAc,CAAC,MAAM,YAAY,CAC3E,CAAC;IACN,CAAC;IAED,wBAAwB;IACxB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACnE,IAAI,GAAG,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACP,6BAA6B,GAAG,CAAC,IAAI,wCAAwC,CAChF,CAAC;IACN,CAAC;IAED,oBAAoB;IACpB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IACxD,IAAI,CAAC,MAAM,EAAE,CAAC;QACV,MAAM,CAAC,IAAI,CACP,8DAA8D,CACjE,CAAC;IACN,CAAC;IAED,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC;IAClC,GAAG,CAAC,gBAAgB,GAAG,MAAM,CAAC;AAClC,CAAC"}
1
+ {"version":3,"file":"discover-vpc.js","sourceRoot":"","sources":["../../scripts/discover-vpc.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAwFH,oDAwKC;AA9PD,0EAGwC;AACxC,oDAM6B;AAsD7B;;GAEG;AACH,SAAS,uBAAuB,CAAC,GAAW;IACxC,0EAA0E;IAC1E,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACpB,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,EAAE,CAAC,CAAC;AACxD,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,oBAAoB,CACtC,OAA4B;IAE5B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAErC,yBAAyB;IACzB,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,4CAAoB,CAAC,SAAS,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC,SAAS,CAAC,CAAC;IAE3C,IAAI,CAAC;QACD,uDAAuD;QACvD,MAAM,SAAS,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,iBAAiB,GAAG,IAAI,6CAAqB,CAAC;YAChD,SAAS,EAAE,SAAS;SACvB,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,oCAAoC;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,uBAAuB,CACjD,CAAC;QACF,IAAI,CAAC,gBAAgB,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,CAAC;YACrD,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,eAAe,GAAG,gBAAgB,CAAC,WAAW,CAAC;QAErD,yCAAyC;QACzC,MAAM,YAAY,GAAG,IAAI,0CAA6B,CAAC;YACnD,QAAQ,EAAE,CAAC,eAAe,CAAC;SAC9B,CAAC,CAAC;QACH,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,iBAAiB,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC;QAE5D,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC;QAElC,0CAA0C;QAC1C,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC;YAC1C,MAAM,EAAE,CAAC,KAAK,CAAC;SAClB,CAAC,CAAC;QACH,MAAM,kBAAkB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEhD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC;QACtE,MAAM,SAAS,GAAG,UAAU,CAAC,SAAS,IAAI,EAAE,CAAC;QAE7C,6BAA6B;QAC7B,MAAM,UAAU,GAAG,IAAI,mCAAsB,CAAC;YAC1C,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,UAAU,GAAG,eAAe,CAAC,OAAO,IAAI,EAAE,CAAC;QAEjD,qDAAqD;QACrD,MAAM,cAAc,GAAG,IAAI,uCAA0B,CAAC;YAClD,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,mBAAmB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,mBAAmB,CAAC,WAAW,IAAI,EAAE,CAAC;QAE1D,uDAAuD;QACvD,MAAM,cAAc,GAAG,IAAI,GAAG,EAG3B,CAAC;QAEJ,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;YACnC,8CAA8C;YAC9C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC,CACzC,CAAC;YACF,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,UAAU,CAAC,MAAM,CAAC,CAC5C,CAAC;YAEF,kCAAkC;YAClC,MAAM,SAAS,GACX,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAClD,CAAC,EAAE,EAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAC7B,IAAI,EAAE,CAAC;YAEZ,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;gBAC/B,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,QAAQ,EAAE,CAAC,CAAC,MAAM;oBAClB,aAAa,EAAE,CAAC,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAuB,UAAU,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YAC1D,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;YACvC,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI;gBAC9C,QAAQ,EAAE,KAAK;gBACf,aAAa,EAAE,KAAK;aACvB,CAAC;YACF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC;YAE/D,OAAO;gBACH,QAAQ;gBACR,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,EAAE;gBAC/C,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;gBACjC,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,aAAa,EAAE,SAAS,CAAC,aAAa;gBACtC,IAAI;aACP,CAAC;QACN,CAAC,CAAC,CAAC;QAEH,8BAA8B;QAC9B,MAAM,iBAAiB,GAAG,IAAI,0CAA6B,CAAC;YACxD,OAAO,EAAE;gBACL;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,KAAK,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QACH,MAAM,sBAAsB,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACvE,MAAM,cAAc,GAAG,CAAC,sBAAsB,CAAC,cAAc,IAAI,EAAE,CAAC;aAC/D,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC;aACvB,MAAM,CAAC,CAAC,EAAE,EAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAExC,+BAA+B;QAC/B,MAAM,aAAa,GAAkB;YACjC,KAAK;YACL,IAAI,EAAE,OAAO;YACb,SAAS;YACT,MAAM;YACN,OAAO;YACP,cAAc;YACd,OAAO,EAAE,KAAK;YACd,gBAAgB,EAAE,EAAE;SACvB,CAAC;QAEF,uBAAuB;QACvB,WAAW,CAAC,aAAa,CAAC,CAAC;QAE3B,OAAO,aAAa,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,KAAc,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5D,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,GAAkB;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,oEAAoE;IACpE,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,aAAa,CAAC,CAAC;IACjF,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IAEhF,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CACP,wDAAwD,cAAc,CAAC,MAAM,YAAY,CAC5F,CAAC;QACF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CACP,eAAe,YAAY,CAAC,MAAM,sFAAsF,CAC3H,CAAC;QACN,CAAC;IACL,CAAC;IAED,wBAAwB;IACxB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACnE,IAAI,GAAG,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACP,sCAAsC,GAAG,CAAC,IAAI,wCAAwC,CACzF,CAAC;IACN,CAAC;IAED,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC;IAClC,GAAG,CAAC,gBAAgB,GAAG,MAAM,CAAC;AAClC,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@quiltdata/benchling-webhook",
3
- "version": "0.9.0-20251129T071202Z",
3
+ "version": "0.9.0-20251204T020520Z",
4
4
  "description": "AWS CDK deployment for Benchling webhook processing using Fargate - Deploy directly with npx",
5
5
  "main": "dist/lib/index.js",
6
6
  "types": "dist/lib/index.d.ts",
@@ -18,11 +18,8 @@
18
18
  "build:clean": "rm -rf cdk.out dist */{*.js,*.d.ts}",
19
19
  "build:synth": "npx cdk synth",
20
20
  "build:typecheck": "tsc --noEmit",
21
- "build:lambda": "make lambda-bundle",
22
- "build:lambda:check": "make check-bundle",
23
- "build:lambda:clean": "make clean",
24
- "deploy:dev": "make lambda-bundle && ts-node bin/cli.ts deploy --stage dev --profile dev",
25
- "deploy:prod": "make lambda-bundle && ts-node bin/cli.ts deploy --stage prod",
21
+ "deploy:dev": "ts-node bin/cli.ts deploy --stage dev --profile dev",
22
+ "deploy:prod": "ts-node bin/cli.ts deploy --stage prod",
26
23
  "deploy:notes": "bash scripts/release-notes.sh",
27
24
  "destroy": "ts-node bin/cli.ts destroy",
28
25
  "destroy:dev": "ts-node bin/cli.ts destroy --stage dev --profile dev",
@@ -51,7 +48,6 @@
51
48
  "test:native": "npm run launch -- --mode native --profile dev --test",
52
49
  "test:dev": "npm run deploy:dev && make -C docker test-deployed-dev PROFILE=dev",
53
50
  "test:prod": "make -C docker test-deployed-prod PROFILE=default",
54
- "test:lambda-bundle": "bash scripts/test-lambda-bundle.sh",
55
51
  "test:python": "make -C docker test-unit",
56
52
  "test:ts": "cross-env NODE_ENV=test NODE_OPTIONS='--experimental-vm-modules' jest --maxWorkers=50%",
57
53
  "version": "ts-node scripts/version.ts",
@@ -81,7 +77,6 @@
81
77
  "devDependencies": {
82
78
  "@eslint/js": "^9.22.0",
83
79
  "@types/adm-zip": "^0.5.7",
84
- "@types/aws-lambda": "^8.10.156",
85
80
  "@types/jest": "^30.0.0",
86
81
  "@types/node": "^24.0.0",
87
82
  "@typescript-eslint/eslint-plugin": "^8.26.1",
@@ -113,7 +108,7 @@
113
108
  "adm-zip": "^0.5.10",
114
109
  "ajv": "^8.17.1",
115
110
  "ajv-formats": "^3.0.1",
116
- "aws-cdk-lib": "2.229.1",
111
+ "aws-cdk-lib": "2.231.0",
117
112
  "boxen": "^8.0.0",
118
113
  "chalk": "^5.0.0",
119
114
  "commander": "^14.0.2",
package/dist/lib/http-api-gateway.d.ts DELETED
@@ -1,21 +0,0 @@
1
- import * as apigatewayv2 from "aws-cdk-lib/aws-apigatewayv2";
2
- import * as ec2 from "aws-cdk-lib/aws-ec2";
3
- import * as servicediscovery from "aws-cdk-lib/aws-servicediscovery";
4
- import * as logs from "aws-cdk-lib/aws-logs";
5
- import { Construct } from "constructs";
6
- import { ProfileConfig } from "./types/config";
7
- import { WafWebAcl } from "./waf-web-acl";
8
- export interface HttpApiGatewayProps {
9
- readonly vpc: ec2.IVpc;
10
- readonly cloudMapService: servicediscovery.IService;
11
- readonly serviceSecurityGroup: ec2.ISecurityGroup;
12
- readonly config: ProfileConfig;
13
- }
14
- export declare class HttpApiGateway {
15
- readonly api: apigatewayv2.HttpApi;
16
- readonly vpcLink: apigatewayv2.VpcLink;
17
- readonly logGroup: logs.ILogGroup;
18
- readonly wafWebAcl: WafWebAcl;
19
- constructor(scope: Construct, id: string, props: HttpApiGatewayProps);
20
- }
21
- //# sourceMappingURL=http-api-gateway.d.ts.map
package/dist/lib/http-api-gateway.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"http-api-gateway.d.ts","sourceRoot":"","sources":["../../lib/http-api-gateway.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAC;AAG7D,OAAO,KAAK,GAAG,MAAM,qBAAqB,CAAC;AAC3C,OAAO,KAAK,gBAAgB,MAAM,kCAAkC,CAAC;AACrE,OAAO,KAAK,IAAI,MAAM,sBAAsB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,WAAW,mBAAmB;IAChC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;IACvB,QAAQ,CAAC,eAAe,EAAE,gBAAgB,CAAC,QAAQ,CAAC;IACpD,QAAQ,CAAC,oBAAoB,EAAE,GAAG,CAAC,cAAc,CAAC;IAClD,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC;CAClC;AAED,qBAAa,cAAc;IACvB,SAAgB,GAAG,EAAE,YAAY,CAAC,OAAO,CAAC;IAC1C,SAAgB,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;IAC9C,SAAgB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;IACzC,SAAgB,SAAS,EAAE,SAAS,CAAC;gBAEzB,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,mBAAmB;CA+HvE"}
package/dist/lib/http-api-gateway.js DELETED
@@ -1,153 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || (function () {
19
- var ownKeys = function(o) {
20
- ownKeys = Object.getOwnPropertyNames || function (o) {
21
- var ar = [];
22
- for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
- return ar;
24
- };
25
- return ownKeys(o);
26
- };
27
- return function (mod) {
28
- if (mod && mod.__esModule) return mod;
29
- var result = {};
30
- if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
- __setModuleDefault(result, mod);
32
- return result;
33
- };
34
- })();
35
- Object.defineProperty(exports, "__esModule", { value: true });
36
- exports.HttpApiGateway = void 0;
37
- const cdk = __importStar(require("aws-cdk-lib"));
38
- const apigatewayv2 = __importStar(require("aws-cdk-lib/aws-apigatewayv2"));
39
- const apigatewayv2Integrations = __importStar(require("aws-cdk-lib/aws-apigatewayv2-integrations"));
40
- const wafv2 = __importStar(require("aws-cdk-lib/aws-wafv2"));
41
- const logs = __importStar(require("aws-cdk-lib/aws-logs"));
42
- const waf_web_acl_1 = require("./waf-web-acl");
43
- class HttpApiGateway {
44
- constructor(scope, id, props) {
45
- // Access logs for HTTP API
46
- this.logGroup = new logs.LogGroup(scope, "ApiGatewayAccessLogs", {
47
- logGroupName: "/aws/apigateway/benchling-webhook-http",
48
- retention: logs.RetentionDays.ONE_WEEK,
49
- removalPolicy: cdk.RemovalPolicy.DESTROY,
50
- });
51
- // VPC Link for private integration with Cloud Map service
52
- this.vpcLink = new apigatewayv2.VpcLink(scope, "VpcLink", {
53
- vpc: props.vpc,
54
- securityGroups: [props.serviceSecurityGroup],
55
- vpcLinkName: "benchling-webhook-vpclink",
56
- });
57
- // Create HTTP API v2
58
- this.api = new apigatewayv2.HttpApi(scope, "BenchlingWebhookHttpAPI", {
59
- apiName: "BenchlingWebhookHttpAPI",
60
- description: "HTTP API for Benchling webhook integration (v1.0.0+ with WAF)",
61
- });
62
- // Service Discovery integration via VPC Link
63
- const integration = new apigatewayv2Integrations.HttpServiceDiscoveryIntegration("CloudMapIntegration", props.cloudMapService, { vpcLink: this.vpcLink });
64
- // Webhook routes - HMAC verification handled by FastAPI application
65
- // Event webhooks
66
- this.api.addRoutes({
67
- path: "/event",
68
- methods: [apigatewayv2.HttpMethod.POST],
69
- integration,
70
- });
71
- // Lifecycle webhooks
72
- this.api.addRoutes({
73
- path: "/lifecycle",
74
- methods: [apigatewayv2.HttpMethod.POST],
75
- integration,
76
- });
77
- // Canvas webhooks
78
- this.api.addRoutes({
79
- path: "/canvas",
80
- methods: [apigatewayv2.HttpMethod.POST],
81
- integration,
82
- });
83
- // Health check routes - always unauthenticated
84
- this.api.addRoutes({
85
- path: "/health",
86
- methods: [apigatewayv2.HttpMethod.GET],
87
- integration,
88
- });
89
- this.api.addRoutes({
90
- path: "/health/ready",
91
- methods: [apigatewayv2.HttpMethod.GET],
92
- integration,
93
- });
94
- this.api.addRoutes({
95
- path: "/health/live",
96
- methods: [apigatewayv2.HttpMethod.GET],
97
- integration,
98
- });
99
- // Root path - unauthenticated (informational endpoint)
100
- this.api.addRoutes({
101
- path: "/",
102
- methods: [apigatewayv2.HttpMethod.GET],
103
- integration,
104
- });
105
- // Create WAF Web ACL for IP filtering
106
- this.wafWebAcl = new waf_web_acl_1.WafWebAcl(scope, "WafWebAcl", {
107
- ipAllowList: props.config.security?.webhookAllowList || "",
108
- });
109
- // Construct HTTP API ARN for WAF association
110
- // Format: arn:aws:apigateway:{region}::/apis/{api-id}/stages/{stage-name}
111
- const apiArn = cdk.Stack.of(scope).formatArn({
112
- service: "apigateway",
113
- resource: `/apis/${this.api.apiId}/stages/${this.api.defaultStage?.stageName || "$default"}`,
114
- arnFormat: cdk.ArnFormat.SLASH_RESOURCE_NAME,
115
- });
116
- // Associate WAF with HTTP API
117
- new wafv2.CfnWebACLAssociation(scope, "WafAssociation", {
118
- resourceArn: apiArn,
119
- webAclArn: this.wafWebAcl.webAcl.attrArn,
120
- });
121
- // Configure access logging on the default stage
122
- const stage = this.api.defaultStage?.node.defaultChild;
123
- if (stage) {
124
- stage.accessLogSettings = {
125
- destinationArn: this.logGroup.logGroupArn,
126
- format: JSON.stringify({
127
- requestId: "$context.requestId",
128
- ip: "$context.identity.sourceIp",
129
- requestTime: "$context.requestTime",
130
- httpMethod: "$context.httpMethod",
131
- routeKey: "$context.routeKey",
132
- status: "$context.status",
133
- protocol: "$context.protocol",
134
- responseLength: "$context.responseLength",
135
- errorMessage: "$context.error.message",
136
- errorType: "$context.error.messageString",
137
- }),
138
- };
139
- }
140
- // Webhook verification status
141
- const verificationEnabled = props.config.security?.enableVerification !== false;
142
- if (verificationEnabled) {
143
- console.log("Webhook signature verification: ENABLED (FastAPI application)");
144
- }
145
- else {
146
- console.warn("WARNING: Webhook signature verification is DISABLED. " +
147
- "This should only be used for testing. Enable it in production by setting " +
148
- "config.security.enableVerification = true");
149
- }
150
- }
151
- }
152
- exports.HttpApiGateway = HttpApiGateway;
153
- //# sourceMappingURL=http-api-gateway.js.map
package/dist/lib/http-api-gateway.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"http-api-gateway.js","sourceRoot":"","sources":["../../lib/http-api-gateway.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,2EAA6D;AAC7D,oGAAsF;AACtF,6DAA+C;AAG/C,2DAA6C;AAG7C,+CAA0C;AAS1C,MAAa,cAAc;IAMvB,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA0B;QAChE,2BAA2B;QAC3B,IAAI,CAAC,QAAQ,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,sBAAsB,EAAE;YAC7D,YAAY,EAAE,wCAAwC;YACtD,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,QAAQ;YACtC,aAAa,EAAE,GAAG,CAAC,aAAa,CAAC,OAAO;SAC3C,CAAC,CAAC;QAEH,0DAA0D;QAC1D,IAAI,CAAC,OAAO,GAAG,IAAI,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE;YACtD,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,cAAc,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC;YAC5C,WAAW,EAAE,2BAA2B;SAC3C,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,GAAG,GAAG,IAAI,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,yBAAyB,EAAE;YAClE,OAAO,EAAE,yBAAyB;YAClC,WAAW,EAAE,+DAA+D;SAC/E,CAAC,CAAC;QAEH,6CAA6C;QAC7C,MAAM,WAAW,GAAG,IAAI,wBAAwB,CAAC,+BAA+B,CAC5E,qBAAqB,EACrB,KAAK,CAAC,eAAe,EACrB,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAC5B,CAAC;QAEF,oEAAoE;QACpE,iBAAiB;QACjB,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC;YACvC,WAAW;SACd,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC;YACvC,WAAW;SACd,CAAC,CAAC;QAEH,kBAAkB;QAClB,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC;YACvC,WAAW;SACd,CAAC,CAAC;QAEH,+CAA+C;QAC/C,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACtC,WAAW;SACd,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,eAAe;YACrB,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACtC,WAAW;SACd,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,cAAc;YACpB,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACtC,WAAW;SACd,CAAC,CAAC;QAEH,uDAAuD;QACvD,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC;YACf,IAAI,EAAE,GAAG;YACT,OAAO,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACtC,WAAW;SACd,CAAC,CAAC;QAEH,sCAAsC;QACtC,IAAI,CAAC,SAAS,GAAG,IAAI,uBAAS,CAAC,KAAK,EAAE,WAAW,EAAE;YAC/C,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,IAAI,EAAE;SAC7D,CAAC,CAAC;QAEH,6CAA6C;QAC7C,0EAA0E;QAC1E,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC;YACzC,OAAO,EAAE,YAAY;YACrB,QAAQ,EAAE,SAAS,IAAI,CAAC,GAAG,CAAC,KAAK,WAAW,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,IAAI,UAAU,EAAE;YAC5F,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,mBAAmB;SAC/C,CAAC,CAAC;QAEH,8BAA8B;QAC9B,IAAI,KAAK,CAAC,oBAAoB,CAAC,KAAK,EAAE,gBAAgB,EAAE;YACpD,WAAW,EAAE,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO;SAC3C,CAAC,CAAC;QAEH,gDAAgD;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,YAAiD,CAAC;QAC5F,IAAI,KAAK,EAAE,CAAC;YACR,KAAK,CAAC,iBAAiB,GAAG;gBACtB,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW;gBACzC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,oBAAoB;oBAC/B,EAAE,EAAE,4BAA4B;oBAChC,WAAW,EAAE,sBAAsB;oBACnC,UAAU,EAAE,qBAAqB;oBACjC,QAAQ,EAAE,mBAAmB;oBAC7B,MAAM,EAAE,iBAAiB;oBACzB,QAAQ,EAAE,mBAAmB;oBAC7B,cAAc,EAAE,yBAAyB;oBACzC,YAAY,EAAE,wBAAwB;oBACtC,SAAS,EAAE,8BAA8B;iBAC5C,CAAC;aACL,CAAC;QACN,CAAC;QAED,8BAA8B;QAC9B,MAAM,mBAAmB,GAAG,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,kBAAkB,KAAK,KAAK,CAAC;QAChF,IAAI,mBAAmB,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;QACjF,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,IAAI,CACR,uDAAuD;gBACvD,2EAA2E;gBAC3E,2CAA2C,CAC9C,CAAC;QACN,CAAC;IACL,CAAC;CACJ;AArID,wCAqIC"}
package/dist/lib/waf-web-acl.d.ts DELETED
@@ -1,51 +0,0 @@
1
- import * as wafv2 from "aws-cdk-lib/aws-wafv2";
2
- import * as logs from "aws-cdk-lib/aws-logs";
3
- import { Construct } from "constructs";
4
- export interface WafWebAclProps {
5
- /**
6
- * Comma-separated list of allowed IP addresses/CIDR blocks
7
- *
8
- * Empty string means no IP filtering (discovery mode - COUNT all requests).
9
- * Non-empty string enables IP filtering (security mode - BLOCK unknown IPs).
10
- *
11
- * @example "192.168.1.0/24,10.0.0.0/8"
12
- * @default ""
13
- */
14
- readonly ipAllowList?: string;
15
- }
16
- /**
17
- * WAF Web ACL for Benchling webhook IP filtering
18
- *
19
- * Provides defense-in-depth security at AWS edge with two rules:
20
- * 1. Health check exception - Always allow /health, /health/ready, /health/live
21
- * 2. IP allowlist - Allow requests from configured IP ranges
22
- *
23
- * **Automatic Mode Selection:**
24
- * - Empty IP allowlist → COUNT mode (discovery phase - logs requests but doesn't block)
25
- * - Non-empty IP allowlist → BLOCK mode (security phase - blocks unknown IPs)
26
- *
27
- * This allows customers to deploy initially without knowing Benchling IPs,
28
- * discover them from CloudWatch logs, then add them to enable blocking mode.
29
- */
30
- export declare class WafWebAcl extends Construct {
31
- readonly webAcl: wafv2.CfnWebACL;
32
- readonly ipSet: wafv2.CfnIPSet;
33
- readonly logGroup: logs.ILogGroup;
34
- constructor(scope: Construct, id: string, props?: WafWebAclProps);
35
- /**
36
- * Parse IP allowlist string into array of CIDR blocks
37
- *
38
- * - Splits by comma
39
- * - Trims whitespace
40
- * - Adds /32 suffix if not present
41
- * - Filters out empty entries
42
- *
43
- * @param allowList Comma-separated list of IPs/CIDR blocks
44
- * @returns Array of CIDR blocks
45
- *
46
- * @example
47
- * parseIpAllowList("192.168.1.0/24, 10.0.0.1") → ["192.168.1.0/24", "10.0.0.1/32"]
48
- */
49
- private parseIpAllowList;
50
- }
51
- //# sourceMappingURL=waf-web-acl.d.ts.map
package/dist/lib/waf-web-acl.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"waf-web-acl.d.ts","sourceRoot":"","sources":["../../lib/waf-web-acl.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,KAAK,MAAM,uBAAuB,CAAC;AAC/C,OAAO,KAAK,IAAI,MAAM,sBAAsB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,MAAM,WAAW,cAAc;IAC3B;;;;;;;;OAQG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CACjC;AAED;;;;;;;;;;;;;GAaG;AACH,qBAAa,SAAU,SAAQ,SAAS;IACpC,SAAgB,MAAM,EAAE,KAAK,CAAC,SAAS,CAAC;IACxC,SAAgB,KAAK,EAAE,KAAK,CAAC,QAAQ,CAAC;IACtC,SAAgB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;gBAE7B,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,GAAE,cAAmB;IA2HpE;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,gBAAgB;CAU3B"}
package/dist/lib/waf-web-acl.js DELETED
@@ -1,192 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || (function () {
19
- var ownKeys = function(o) {
20
- ownKeys = Object.getOwnPropertyNames || function (o) {
21
- var ar = [];
22
- for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
- return ar;
24
- };
25
- return ownKeys(o);
26
- };
27
- return function (mod) {
28
- if (mod && mod.__esModule) return mod;
29
- var result = {};
30
- if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
- __setModuleDefault(result, mod);
32
- return result;
33
- };
34
- })();
35
- Object.defineProperty(exports, "__esModule", { value: true });
36
- exports.WafWebAcl = void 0;
37
- const cdk = __importStar(require("aws-cdk-lib"));
38
- const wafv2 = __importStar(require("aws-cdk-lib/aws-wafv2"));
39
- const logs = __importStar(require("aws-cdk-lib/aws-logs"));
40
- const constructs_1 = require("constructs");
41
- /**
42
- * WAF Web ACL for Benchling webhook IP filtering
43
- *
44
- * Provides defense-in-depth security at AWS edge with two rules:
45
- * 1. Health check exception - Always allow /health, /health/ready, /health/live
46
- * 2. IP allowlist - Allow requests from configured IP ranges
47
- *
48
- * **Automatic Mode Selection:**
49
- * - Empty IP allowlist → COUNT mode (discovery phase - logs requests but doesn't block)
50
- * - Non-empty IP allowlist → BLOCK mode (security phase - blocks unknown IPs)
51
- *
52
- * This allows customers to deploy initially without knowing Benchling IPs,
53
- * discover them from CloudWatch logs, then add them to enable blocking mode.
54
- */
55
- class WafWebAcl extends constructs_1.Construct {
56
- constructor(scope, id, props = {}) {
57
- super(scope, id);
58
- // Parse IP allowlist with CIDR notation normalization
59
- const ipAllowList = this.parseIpAllowList(props.ipAllowList || "");
60
- // Automatic mode selection based on IP allowlist
61
- // - Empty allowlist: Allow mode (discovery - logs all requests, no blocking)
62
- // - Has IPs: Block mode (security - blocks unknown IPs)
63
- const isDiscoveryMode = ipAllowList.length === 0;
64
- const mode = isDiscoveryMode ? "Allow" : "Block";
65
- console.log(`WAF mode: ${mode} (${isDiscoveryMode ? "discovery - no IPs configured, all traffic allowed" : `security - ${ipAllowList.length} IP ranges configured`})`);
66
- // Create IP Set for allowlist
67
- this.ipSet = new wafv2.CfnIPSet(this, "IPSet", {
68
- name: "BenchlingWebhookIPSet",
69
- scope: "REGIONAL",
70
- ipAddressVersion: "IPV4",
71
- addresses: ipAllowList,
72
- description: "Allowed IP addresses for Benchling webhooks",
73
- });
74
- // CloudWatch log group for WAF logs
75
- this.logGroup = new logs.LogGroup(this, "WafLogGroup", {
76
- logGroupName: "/aws/waf/benchling-webhook",
77
- retention: logs.RetentionDays.ONE_WEEK,
78
- removalPolicy: cdk.RemovalPolicy.DESTROY,
79
- });
80
- // Create Web ACL with two rules
81
- // Default action: Allow (discovery mode) or Block (security mode)
82
- const defaultActionConfig = isDiscoveryMode
83
- ? { allow: {} }
84
- : { block: {} };
85
- this.webAcl = new wafv2.CfnWebACL(this, "WebACL", {
86
- name: "BenchlingWebhookWebACL",
87
- scope: "REGIONAL",
88
- defaultAction: defaultActionConfig,
89
- description: "WAF for Benchling webhook IP filtering with automatic discovery mode. " +
90
- `Mode: ${mode} (${isDiscoveryMode ? "empty allowlist - all traffic allowed" : `${ipAllowList.length} IPs configured`})`,
91
- rules: [
92
- // Rule 1: Health check exception (Priority 10)
93
- // Always allow health check endpoints regardless of IP
94
- {
95
- name: "HealthCheckException",
96
- priority: 10,
97
- statement: {
98
- orStatement: {
99
- statements: [
100
- {
101
- byteMatchStatement: {
102
- fieldToMatch: { uriPath: {} },
103
- positionalConstraint: "EXACTLY",
104
- searchString: "/health",
105
- textTransformations: [{ priority: 0, type: "NONE" }],
106
- },
107
- },
108
- {
109
- byteMatchStatement: {
110
- fieldToMatch: { uriPath: {} },
111
- positionalConstraint: "EXACTLY",
112
- searchString: "/health/ready",
113
- textTransformations: [{ priority: 0, type: "NONE" }],
114
- },
115
- },
116
- {
117
- byteMatchStatement: {
118
- fieldToMatch: { uriPath: {} },
119
- positionalConstraint: "EXACTLY",
120
- searchString: "/health/live",
121
- textTransformations: [{ priority: 0, type: "NONE" }],
122
- },
123
- },
124
- ],
125
- },
126
- },
127
- action: { allow: {} },
128
- visibilityConfig: {
129
- sampledRequestsEnabled: true,
130
- cloudWatchMetricsEnabled: true,
131
- metricName: "HealthCheckException",
132
- },
133
- },
134
- // Rule 2: IP allowlist (Priority 20)
135
- // Allow requests from configured IP ranges
136
- // Note: When IP allowlist is empty, this rule matches no IPs,
137
- // so all non-health requests fall through to default action (COUNT or BLOCK)
138
- {
139
- name: "IPAllowlist",
140
- priority: 20,
141
- statement: {
142
- ipSetReferenceStatement: {
143
- arn: this.ipSet.attrArn,
144
- },
145
- },
146
- action: { allow: {} },
147
- visibilityConfig: {
148
- sampledRequestsEnabled: true,
149
- cloudWatchMetricsEnabled: true,
150
- metricName: "IPAllowlist",
151
- },
152
- },
153
- ],
154
- visibilityConfig: {
155
- sampledRequestsEnabled: true,
156
- cloudWatchMetricsEnabled: true,
157
- metricName: "BenchlingWebhookWebACL",
158
- },
159
- });
160
- // Configure WAF logging to CloudWatch
161
- new wafv2.CfnLoggingConfiguration(this, "WafLogging", {
162
- resourceArn: this.webAcl.attrArn,
163
- logDestinationConfigs: [this.logGroup.logGroupArn],
164
- });
165
- }
166
- /**
167
- * Parse IP allowlist string into array of CIDR blocks
168
- *
169
- * - Splits by comma
170
- * - Trims whitespace
171
- * - Adds /32 suffix if not present
172
- * - Filters out empty entries
173
- *
174
- * @param allowList Comma-separated list of IPs/CIDR blocks
175
- * @returns Array of CIDR blocks
176
- *
177
- * @example
178
- * parseIpAllowList("192.168.1.0/24, 10.0.0.1") → ["192.168.1.0/24", "10.0.0.1/32"]
179
- */
180
- parseIpAllowList(allowList) {
181
- return allowList
182
- .split(",")
183
- .map((ip) => ip.trim())
184
- .filter((ip) => ip.length > 0)
185
- .map((ip) => {
186
- // Ensure CIDR notation (add /32 if not specified)
187
- return ip.includes("/") ? ip : `${ip}/32`;
188
- });
189
- }
190
- }
191
- exports.WafWebAcl = WafWebAcl;
192
- //# sourceMappingURL=waf-web-acl.js.map
package/dist/lib/waf-web-acl.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"waf-web-acl.js","sourceRoot":"","sources":["../../lib/waf-web-acl.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,6DAA+C;AAC/C,2DAA6C;AAC7C,2CAAuC;AAevC;;;;;;;;;;;;;GAaG;AACH,MAAa,SAAU,SAAQ,sBAAS;IAKpC,YAAY,KAAgB,EAAE,EAAU,EAAE,QAAwB,EAAE;QAChE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjB,sDAAsD;QACtD,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;QAEnE,iDAAiD;QACjD,6EAA6E;QAC7E,wDAAwD;QACxD,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;QAEjD,OAAO,CAAC,GAAG,CACP,aAAa,IAAI,KAAK,eAAe,CAAC,CAAC,CAAC,oDAAoD,CAAC,CAAC,CAAC,cAAc,WAAW,CAAC,MAAM,uBAAuB,GAAG,CAC5J,CAAC;QAEF,8BAA8B;QAC9B,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE;YAC3C,IAAI,EAAE,uBAAuB;YAC7B,KAAK,EAAE,UAAU;YACjB,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,WAAW;YACtB,WAAW,EAAE,6CAA6C;SAC7D,CAAC,CAAC;QAEH,oCAAoC;QACpC,IAAI,CAAC,QAAQ,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,aAAa,EAAE;YACnD,YAAY,EAAE,4BAA4B;YAC1C,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,QAAQ;YACtC,aAAa,EAAE,GAAG,CAAC,aAAa,CAAC,OAAO;SAC3C,CAAC,CAAC;QAEH,gCAAgC;QAChC,kEAAkE;QAClE,MAAM,mBAAmB,GAA0C,eAAe;YAC9E,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;YACf,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAEpB,IAAI,CAAC,MAAM,GAAG,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE;YAC9C,IAAI,EAAE,wBAAwB;YAC9B,KAAK,EAAE,UAAU;YACjB,aAAa,EAAE,mBAAmB;YAClC,WAAW,EACP,wEAAwE;gBACxE,SAAS,IAAI,KAAK,eAAe,CAAC,CAAC,CAAC,uCAAuC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,iBAAiB,GAAG;YAC3H,KAAK,EAAE;gBACH,+CAA+C;gBAC/C,uDAAuD;gBACvD;oBACI,IAAI,EAAE,sBAAsB;oBAC5B,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE;wBACP,WAAW,EAAE;4BACT,UAAU,EAAE;gCACR;oCACI,kBAAkB,EAAE;wCAChB,YAAY,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE;wCAC7B,oBAAoB,EAAE,SAAS;wCAC/B,YAAY,EAAE,SAAS;wCACvB,mBAAmB,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;qCACvD;iCACJ;gCACD;oCACI,kBAAkB,EAAE;wCAChB,YAAY,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE;wCAC7B,oBAAoB,EAAE,SAAS;wCAC/B,YAAY,EAAE,eAAe;wCAC7B,mBAAmB,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;qCACvD;iCACJ;gCACD;oCACI,kBAAkB,EAAE;wCAChB,YAAY,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE;wCAC7B,oBAAoB,EAAE,SAAS;wCAC/B,YAAY,EAAE,cAAc;wCAC5B,mBAAmB,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;qCACvD;iCACJ;6BACJ;yBACJ;qBACJ;oBACD,MAAM,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;oBACrB,gBAAgB,EAAE;wBACd,sBAAsB,EAAE,IAAI;wBAC5B,wBAAwB,EAAE,IAAI;wBAC9B,UAAU,EAAE,sBAAsB;qBACrC;iBACJ;gBAED,qCAAqC;gBACrC,2CAA2C;gBAC3C,8DAA8D;gBAC9D,6EAA6E;gBAC7E;oBACI,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE;wBACP,uBAAuB,EAAE;4BACrB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;yBAC1B;qBACJ;oBACD,MAAM,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;oBACrB,gBAAgB,EAAE;wBACd,sBAAsB,EAAE,IAAI;wBAC5B,wBAAwB,EAAE,IAAI;wBAC9B,UAAU,EAAE,aAAa;qBAC5B;iBACJ;aACJ;YACD,gBAAgB,EAAE;gBACd,sBAAsB,EAAE,IAAI;gBAC5B,wBAAwB,EAAE,IAAI;gBAC9B,UAAU,EAAE,wBAAwB;aACvC;SACJ,CAAC,CAAC;QAEH,sCAAsC;QACtC,IAAI,KAAK,CAAC,uBAAuB,CAAC,IAAI,EAAE,YAAY,EAAE;YAClD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAChC,qBAAqB,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;SACrD,CAAC,CAAC;IACP,CAAC;IAED;;;;;;;;;;;;;OAaG;IACK,gBAAgB,CAAC,SAAiB;QACtC,OAAO,SAAS;aACX,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;aACtB,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;aAC7B,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;YACR,kDAAkD;YAClD,OAAO,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9C,CAAC,CAAC,CAAC;IACX,CAAC;CACJ;AAxJD,8BAwJC"}