@resistdesign/voltra 0.0.0-alpha.0

package/src/iac/packs/build.js

@@ -0,0 +1,217 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addBuildPipeline = exports.DEFAULT_BUILD_PIPELINE_REPO_PROVIDER = void 0;
+const utils_1 = require("../utils");
+exports.DEFAULT_BUILD_PIPELINE_REPO_PROVIDER = "GitHub";
+/**
+ * Add a build pipeline with full permissions.
+ */
+exports.addBuildPipeline = (0, utils_1.createResourcePack)(({ id, buildSpec, dependsOn, environmentVariables, timeoutInMinutes = 10, environmentType = "LINUX_CONTAINER", environmentComputeType = "BUILD_GENERAL1_SMALL", environmentImage = "aws/codebuild/nodejs:10.14.1", repoConfig: { provider = exports.DEFAULT_BUILD_PIPELINE_REPO_PROVIDER, owner, repo, branch, oauthToken, }, }) => ({
+    Resources: {
+        [`${id}CodeBuildRole`]: {
+            Type: "AWS::IAM::Role",
+            Properties: {
+                AssumeRolePolicyDocument: {
+                    Statement: [
+                        {
+                            Effect: "Allow",
+                            Principal: {
+                                Service: ["codebuild.amazonaws.com"],
+                            },
+                            Action: ["sts:AssumeRole"],
+                        },
+                    ],
+                },
+                Path: "/",
+                Policies: [
+                    {
+                        PolicyName: "codebuild-service",
+                        PolicyDocument: {
+                            Statement: [
+                                {
+                                    Effect: "Allow",
+                                    Action: "*",
+                                    Resource: "*",
+                                },
+                            ],
+                            Version: "2012-10-17",
+                        },
+                    },
+                ],
+            },
+        },
+        [`${id}CodePipelineRole`]: {
+            Type: "AWS::IAM::Role",
+            Properties: {
+                AssumeRolePolicyDocument: {
+                    Statement: [
+                        {
+                            Effect: "Allow",
+                            Principal: {
+                                Service: ["codepipeline.amazonaws.com"],
+                            },
+                            Action: ["sts:AssumeRole"],
+                        },
+                    ],
+                },
+                Path: "/",
+                Policies: [
+                    {
+                        PolicyName: "codepipeline-service",
+                        PolicyDocument: {
+                            Statement: [
+                                {
+                                    Action: ["codebuild:*"],
+                                    Resource: "*",
+                                    Effect: "Allow",
+                                },
+                                {
+                                    Action: [
+                                        "s3:GetObject",
+                                        "s3:GetObjectVersion",
+                                        "s3:GetBucketVersioning",
+                                    ],
+                                    Resource: "*",
+                                    Effect: "Allow",
+                                },
+                                {
+                                    Action: ["s3:PutObject"],
+                                    Resource: ["arn:aws:s3:::codepipeline*"],
+                                    Effect: "Allow",
+                                },
+                                {
+                                    Action: ["s3:*", "cloudformation:*", "iam:PassRole"],
+                                    Resource: "*",
+                                    Effect: "Allow",
+                                },
+                            ],
+                            Version: "2012-10-17",
+                        },
+                    },
+                ],
+            },
+        },
+        [`${id}PipelineBucket`]: {
+            Type: "AWS::S3::Bucket",
+            DeletionPolicy: "Delete",
+            Properties: {
+                BucketEncryption: {
+                    ServerSideEncryptionConfiguration: [
+                        {
+                            ServerSideEncryptionByDefault: {
+                                SSEAlgorithm: "AES256",
+                            },
+                        },
+                    ],
+                },
+                PublicAccessBlockConfiguration: {
+                    BlockPublicAcls: true,
+                    BlockPublicPolicy: true,
+                    IgnorePublicAcls: true,
+                    RestrictPublicBuckets: true,
+                },
+            },
+        },
+        [`${id}CodeBuildAndDeploy`]: {
+            Type: "AWS::CodeBuild::Project",
+            DependsOn: dependsOn,
+            Properties: {
+                Name: {
+                    "Fn::Sub": `\${AWS::StackName}-${id}CodeBuildAndDeploy`,
+                },
+                Description: "Deploy site to S3",
+                ServiceRole: {
+                    "Fn::GetAtt": [`${id}CodeBuildRole`, "Arn"],
+                },
+                Artifacts: {
+                    Type: "CODEPIPELINE",
+                },
+                Environment: {
+                    Type: environmentType,
+                    ComputeType: environmentComputeType,
+                    Image: environmentImage,
+                    EnvironmentVariables: environmentVariables,
+                },
+                Source: {
+                    Type: "CODEPIPELINE",
+                    BuildSpec: buildSpec,
+                },
+                TimeoutInMinutes: timeoutInMinutes,
+            },
+        },
+        [`${id}Pipeline`]: {
+            Type: "AWS::CodePipeline::Pipeline",
+            DependsOn: `${id}CodeBuildAndDeploy`,
+            Properties: {
+                RoleArn: {
+                    "Fn::GetAtt": [`${id}CodePipelineRole`, "Arn"],
+                },
+                Stages: [
+                    {
+                        Name: "Acquire-Source",
+                        Actions: [
+                            {
+                                InputArtifacts: [],
+                                Name: "Source",
+                                ActionTypeId: {
+                                    Category: "Source",
+                                    Owner: "ThirdParty",
+                                    Version: "1",
+                                    Provider: provider,
+                                },
+                                OutputArtifacts: [
+                                    {
+                                        Name: "SourceOutput",
+                                    },
+                                ],
+                                Configuration: {
+                                    Owner: owner,
+                                    Repo: repo,
+                                    Branch: branch,
+                                    OAuthToken: oauthToken,
+                                },
+                                RunOrder: 1,
+                            },
+                        ],
+                    },
+                    {
+                        Name: "Build-And-Deploy",
+                        Actions: [
+                            {
+                                Name: "Artifact",
+                                ActionTypeId: {
+                                    Category: "Build",
+                                    Owner: "AWS",
+                                    Version: "1",
+                                    Provider: "CodeBuild",
+                                },
+                                InputArtifacts: [
+                                    {
+                                        Name: "SourceOutput",
+                                    },
+                                ],
+                                OutputArtifacts: [
+                                    {
+                                        Name: "DeployOutput",
+                                    },
+                                ],
+                                Configuration: {
+                                    ProjectName: {
+                                        Ref: `${id}CodeBuildAndDeploy`,
+                                    },
+                                },
+                                RunOrder: 1,
+                            },
+                        ],
+                    },
+                ],
+                ArtifactStore: {
+                    Type: "S3",
+                    Location: {
+                        Ref: `${id}PipelineBucket`,
+                    },
+                },
+            },
+        },
+    },
+}));

package/src/iac/packs/cdn.d.ts

@@ -0,0 +1,12 @@
+export type AddCDNConfig = {
+    id: string;
+    hostedZoneId: any;
+    domainName: any;
+    certificateArn: any;
+    fileStorageId: string;
+};
+/**
+ * Add a global cache of static files (a CDN) for things like your front-end, website, etc.
+ * Includes a DNS record for the domain.
+ * */
+export declare const addCDN: import("../utils").ResourcePackApplier<AddCDNConfig>;

package/src/iac/packs/cdn.js

@@ -0,0 +1,113 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addCDN = void 0;
+const utils_1 = require("../utils");
+/**
+ * Add a global cache of static files (a CDN) for things like your front-end, website, etc.
+ * Includes a DNS record for the domain.
+ * */
+exports.addCDN = (0, utils_1.createResourcePack)(({ id, hostedZoneId, domainName, certificateArn, fileStorageId, }) => {
+    return {
+        Resources: {
+            [`${id}CloudFront`]: {
+                Type: "AWS::CloudFront::Distribution",
+                DependsOn: fileStorageId,
+                Properties: {
+                    DistributionConfig: {
+                        Aliases: [domainName],
+                        ViewerCertificate: {
+                            AcmCertificateArn: certificateArn,
+                            SslSupportMethod: "sni-only",
+                            MinimumProtocolVersion: "TLSv1.1_2016",
+                        },
+                        DefaultCacheBehavior: {
+                            ForwardedValues: {
+                                QueryString: false,
+                            },
+                            TargetOriginId: {
+                                "Fn::Sub": [
+                                    "S3-${S3BucketName}",
+                                    {
+                                        S3BucketName: domainName,
+                                    },
+                                ],
+                            },
+                            ViewerProtocolPolicy: "redirect-to-https",
+                        },
+                        DefaultRootObject: "index.html",
+                        Enabled: true,
+                        IPV6Enabled: false,
+                        HttpVersion: "http2",
+                        Origins: [
+                            {
+                                DomainName: {
+                                    "Fn::Sub": [
+                                        "${S3BucketName}.s3.amazonaws.com",
+                                        {
+                                            S3BucketName: domainName,
+                                        },
+                                    ],
+                                },
+                                Id: {
+                                    "Fn::Sub": [
+                                        "S3-${S3BucketName}",
+                                        {
+                                            S3BucketName: domainName,
+                                        },
+                                    ],
+                                },
+                                S3OriginConfig: {
+                                    OriginAccessIdentity: "",
+                                },
+                            },
+                        ],
+                        CustomErrorResponses: [
+                            {
+                                ErrorCachingMinTTL: 300,
+                                ErrorCode: 404,
+                                ResponseCode: 200,
+                                ResponsePagePath: "/index.html",
+                            },
+                            {
+                                ErrorCachingMinTTL: 300,
+                                ErrorCode: 403,
+                                ResponseCode: 200,
+                                ResponsePagePath: "/index.html",
+                            },
+                        ],
+                        PriceClass: "PriceClass_All",
+                    },
+                },
+            },
+            [`${id}Route53Record`]: {
+                Type: "AWS::Route53::RecordSet",
+                DependsOn: [`${id}CloudFront`],
+                Properties: {
+                    HostedZoneId: hostedZoneId,
+                    Type: "A",
+                    Name: {
+                        "Fn::Sub": [
+                            "${DomainName}.",
+                            {
+                                DomainName: domainName,
+                            },
+                        ],
+                    },
+                    AliasTarget: {
+                        HostedZoneId: "Z2FDTNDATAQYW2",
+                        DNSName: {
+                            "Fn::Sub": [
+                                "${DomainName}.",
+                                {
+                                    DomainName: {
+                                        "Fn::GetAtt": [`${id}CloudFront`, "DomainName"],
+                                    },
+                                },
+                            ],
+                        },
+                    },
+                },
+            },
+        },
+    };
+});

package/src/iac/packs/cloud-function.d.ts

@@ -0,0 +1,17 @@
+import { AWS } from "../types/IaCTypes";
+export declare const PLACEHOLDER_FUNCTION_CODE: AWS.Lambda.Function.Code;
+export type CloudFunctionRuntime = "nodejs14.x" | "nodejs16.x" | "nodejs18.x" | "nodejs20.x" | "nodejs22.x" | "nodejs24.x" | "nodejs26.x" | "python3.8" | "python3.9" | "python3.10" | "python3.11" | "python3.12" | "python3.13" | "python3.14" | "python3.15" | "java11" | "java17" | "java21" | "java25" | "dotnet6" | "dotnet8" | "dotnet10" | "go1.x" | "ruby2.7" | "ruby3.2" | "ruby3.3" | "ruby3.4" | "ruby3.5" | "provided" | "provided.al2" | "provided.al2023";
+export type AddCloudFunctionConfig = {
+    id: string;
+    code?: AWS.Lambda.Function.Code;
+    environment?: AWS.Lambda.Function.Environment;
+    handler?: any;
+    runtime?: CloudFunctionRuntime;
+    timeout?: any;
+    policies?: AWS.IAM.Role.Policy[];
+};
+/**
+ * Add a serverless cloud function to run part or all of your API (back-end) without always running servers.
+ *
+ * */
+export declare const addCloudFunction: import("../utils").ResourcePackApplier<AddCloudFunctionConfig>;

package/src/iac/packs/cloud-function.js

@@ -0,0 +1,69 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addCloudFunction = exports.PLACEHOLDER_FUNCTION_CODE = void 0;
+const utils_1 = require("../utils");
+exports.PLACEHOLDER_FUNCTION_CODE = {
+    ZipFile: "module.exports = {handler: async () => ({\n            statusCode: 200,\n            headers: {'Content-Type': 'application/json'},\n            body: '\"You did it!\"'\n          })};\n",
+};
+/**
+ * Add a serverless cloud function to run part or all of your API (back-end) without always running servers.
+ *
+ * */
+exports.addCloudFunction = (0, utils_1.createResourcePack)(({ id, code = exports.PLACEHOLDER_FUNCTION_CODE, environment = {
+    Variables: {
+        NODE_ENV: "production",
+    },
+}, handler = "index.handler", runtime = "nodejs26.x", timeout = 30, policies = [
+    {
+        PolicyName: "lambda-parameter-store",
+        PolicyDocument: {
+            Version: "2012-10-17",
+            Statement: [
+                {
+                    Effect: "Allow",
+                    Action: ["*"],
+                    Resource: "*",
+                },
+            ],
+        },
+    },
+], }) => {
+    return {
+        Resources: {
+            [`${id}Role`]: {
+                Type: "AWS::IAM::Role",
+                Properties: {
+                    ManagedPolicyArns: [
+                        "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+                    ],
+                    AssumeRolePolicyDocument: {
+                        Version: "2012-10-17",
+                        Statement: [
+                            {
+                                Action: ["sts:AssumeRole"],
+                                Effect: "Allow",
+                                Principal: {
+                                    Service: ["lambda.amazonaws.com"],
+                                },
+                            },
+                        ],
+                    },
+                    Policies: policies,
+                },
+            },
+            [id]: {
+                Type: "AWS::Lambda::Function",
+                Properties: {
+                    Timeout: timeout,
+                    Code: code,
+                    Environment: environment,
+                    Handler: handler,
+                    Role: {
+                        "Fn::GetAtt": [`${id}Role`, "Arn"],
+                    },
+                    Runtime: runtime,
+                },
+            },
+        },
+    };
+});

package/src/iac/packs/database.d.ts

@@ -0,0 +1,29 @@
+/**
+ * The configuration for adding a database to a stack.
+ * */
+export type AddDatabaseConfig = {
+    /**
+     * The id of the database table in a stack.
+     * */
+    tableId: string;
+    /**
+     * The name of the database table.
+     * */
+    tableName?: string;
+    /**
+     * The keys for the database table.
+     * */
+    keys: Record<string, "HASH" | "RANGE">;
+    /**
+     * Specific attributes for the database table.
+     * */
+    attributes: Record<string, "S" | "N" | "B" | "BOOL" | "NULL" | "M" | "L" | "SS" | "NS" | "BS">;
+    /**
+     * The billing mode for the database table.
+     * */
+    billingMode?: "PAY_PER_REQUEST" | "PROVISIONED";
+};
+/**
+ * Add a highly available key-value database with global scale performance.
+ * */
+export declare const addDatabase: import("../utils").ResourcePackApplier<AddDatabaseConfig>;

package/src/iac/packs/database.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addDatabase = void 0;
+const utils_1 = require("../utils");
+const SimpleCFT_1 = require("../SimpleCFT");
+/**
+ * Add a highly available key-value database with global scale performance.
+ * */
+exports.addDatabase = (0, utils_1.createResourcePack)(({ tableId, tableName, keys, attributes, billingMode = "PAY_PER_REQUEST", }) => new SimpleCFT_1.SimpleCFT().patch({
+    Resources: {
+        [tableId]: {
+            Type: "AWS::DynamoDB::Table",
+            Properties: {
+                TableName: tableName,
+                AttributeDefinitions: Object.keys(attributes).map((attributeName) => ({
+                    AttributeName: attributeName,
+                    AttributeType: attributes[attributeName],
+                })),
+                KeySchema: Object.keys(keys).map((keyName) => ({
+                    AttributeName: keyName,
+                    KeyType: keys[keyName],
+                })),
+                BillingMode: billingMode,
+            },
+        },
+    },
+}).template);

package/src/iac/packs/dns.d.ts

@@ -0,0 +1,13 @@
+import { CloudFormationPrimitiveValue } from "../types/IaCTypes";
+export type AddDNSConfig = {
+    id: string;
+    hostedZoneId: CloudFormationPrimitiveValue<string>;
+    domainName: CloudFormationPrimitiveValue<string>;
+    resourceRecords: CloudFormationPrimitiveValue<string>[];
+    recordType?: CloudFormationPrimitiveValue<string>;
+};
+/**
+ * Add DNS parameters for reference in other resources.
+ * Optionally includes a front-end live development subdomain.
+ * */
+export declare const addDNS: import("../utils").ResourcePackApplier<AddDNSConfig>;

package/src/iac/packs/dns.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addDNS = void 0;
+const utils_1 = require("../utils");
+const SimpleCFT_1 = require("../SimpleCFT");
+/**
+ * Add DNS parameters for reference in other resources.
+ * Optionally includes a front-end live development subdomain.
+ * */
+exports.addDNS = (0, utils_1.createResourcePack)(({ id, hostedZoneId, domainName, resourceRecords, recordType = "A", }) => {
+    let cft = new SimpleCFT_1.SimpleCFT().patch({
+        Resources: {
+            [id]: {
+                Type: "AWS::Route53::RecordSet",
+                Properties: {
+                    HostedZoneId: hostedZoneId,
+                    Type: recordType,
+                    Name: domainName,
+                    ResourceRecords: resourceRecords,
+                    TTL: "300",
+                },
+            },
+        },
+    });
+    return cft.template;
+});

package/src/iac/packs/file-storage.d.ts

@@ -0,0 +1,14 @@
+import { AWS } from "../types/IaCTypes";
+export type AddSecureFileStorageConfig = {
+    id: string;
+    bucketName?: any;
+    shouldDelete?: boolean;
+    blockPublicAccess?: boolean;
+    cors?: AWS.S3.Bucket["Properties"]["CorsConfiguration"] | boolean;
+    accessControl?: AWS.S3.Bucket["Properties"]["AccessControl"];
+    allowACLs?: boolean;
+};
+/**
+ * Add a secure S3 Bucket with an optional parameter to set the bucket name.
+ * */
+export declare const addSecureFileStorage: import("../utils").ResourcePackApplier<AddSecureFileStorageConfig>;

package/src/iac/packs/file-storage.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addSecureFileStorage = void 0;
+const utils_1 = require("../utils");
+/**
+ * Add a secure S3 Bucket with an optional parameter to set the bucket name.
+ * */
+exports.addSecureFileStorage = (0, utils_1.createResourcePack)(({ id, bucketName, shouldDelete = true, blockPublicAccess = true, cors = false, accessControl = undefined, allowACLs = false, }) => {
+    return {
+        Resources: {
+            [id]: {
+                Type: "AWS::S3::Bucket",
+                DeletionPolicy: shouldDelete ? "Delete" : "Retain",
+                Properties: {
+                    BucketName: bucketName,
+                    AccessControl: accessControl,
+                    OwnershipControls: allowACLs
+                        ? {
+                            Rules: [
+                                {
+                                    ObjectOwnership: "ObjectWriter",
+                                },
+                            ],
+                        }
+                        : undefined,
+                    CorsConfiguration: typeof cors === "object"
+                        ? cors
+                        : cors === true
+                            ? {
+                                CorsRules: [
+                                    {
+                                        AllowedHeaders: ["*"],
+                                        AllowedMethods: [
+                                            "GET",
+                                            "PUT",
+                                            "POST",
+                                            "DELETE",
+                                            "HEAD",
+                                        ],
+                                        AllowedOrigins: ["*"],
+                                    },
+                                ],
+                            }
+                            : undefined,
+                    BucketEncryption: {
+                        ServerSideEncryptionConfiguration: [
+                            {
+                                ServerSideEncryptionByDefault: {
+                                    SSEAlgorithm: "AES256",
+                                },
+                            },
+                        ],
+                    },
+                    PublicAccessBlockConfiguration: blockPublicAccess
+                        ? {
+                            BlockPublicAcls: true,
+                            BlockPublicPolicy: true,
+                            IgnorePublicAcls: true,
+                            RestrictPublicBuckets: true,
+                        }
+                        : {
+                            BlockPublicAcls: false,
+                            BlockPublicPolicy: false,
+                            IgnorePublicAcls: false,
+                            RestrictPublicBuckets: false,
+                        },
+                },
+            },
+        },
+    };
+});

package/src/iac/packs/gateway.d.ts

@@ -0,0 +1,27 @@
+import { CloudFormationPrimitiveValue } from "../types/IaCTypes";
+export declare const DEFAULT_AUTH_TYPE = "COGNITO_USER_POOLS";
+export type AddGatewayAuthorizerConfig = {
+    providerARNs?: string[];
+    scopes?: string[];
+    type?: "TOKEN" | "COGNITO_USER_POOLS" | "REQUEST";
+    identitySource?: string;
+};
+export type AddGatewayConfig = {
+    id: string;
+    hostedZoneId: any;
+    domainName: any;
+    certificateArn: CloudFormationPrimitiveValue<string>;
+    cloudFunction: {
+        id: string;
+        region?: string;
+    };
+    stageName?: any;
+    authorizer?: AddGatewayAuthorizerConfig | boolean;
+    deploymentSuffix?: string;
+};
+/**
+ * Add a load-balanced API gateway for your serverless cloud function.
+ * Includes authorization config that connects your user management system to your cloud function.
+ * Also includes a DNS record for your API/back-end.
+ * */
+export declare const addGateway: import("../utils").ResourcePackApplier<AddGatewayConfig>;