@stacksjs/ts-cloud-aws-types 0.1.1

package/src/ses.ts

@@ -0,0 +1,66 @@
+import type { CloudFormationResource } from './index'
+
+export interface SESEmailIdentity extends CloudFormationResource {
+  Type: 'AWS::SES::EmailIdentity'
+  Properties: {
+    EmailIdentity: string
+    DkimSigningAttributes?: {
+      NextSigningKeyLength?: 'RSA_1024_BIT' | 'RSA_2048_BIT'
+    }
+    FeedbackAttributes?: {
+      EmailForwardingEnabled?: boolean
+    }
+  }
+}
+
+export interface SESConfigurationSet extends CloudFormationResource {
+  Type: 'AWS::SES::ConfigurationSet'
+  Properties: {
+    Name?: string
+    ReputationOptions?: {
+      ReputationMetricsEnabled?: boolean
+    }
+    SendingOptions?: {
+      SendingEnabled?: boolean
+    }
+    SuppressionOptions?: {
+      SuppressedReasons?: ('BOUNCE' | 'COMPLAINT')[]
+    }
+  }
+}
+
+export interface SESReceiptRuleSet extends CloudFormationResource {
+  Type: 'AWS::SES::ReceiptRuleSet'
+  Properties?: {
+    RuleSetName?: string
+  }
+}
+
+export interface SESReceiptRule extends CloudFormationResource {
+  Type: 'AWS::SES::ReceiptRule'
+  Properties: {
+    RuleSetName: string | { Ref: string }
+    Rule: {
+      Name?: string
+      Enabled?: boolean
+      Recipients?: string[]
+      ScanEnabled?: boolean
+      TlsPolicy?: 'Optional' | 'Require'
+      Actions?: Array<{
+        S3Action?: {
+          BucketName: string
+          ObjectKeyPrefix?: string
+          KmsKeyArn?: string
+        }
+        LambdaAction?: {
+          FunctionArn: string
+          InvocationType?: 'Event' | 'RequestResponse'
+        }
+        SNSAction?: {
+          TopicArn: string
+          Encoding?: 'UTF-8' | 'Base64'
+        }
+      }>
+    }
+  }
+}

package/src/sns.ts

@@ -0,0 +1,45 @@
+import type { CloudFormationResource } from './index'
+
+export interface SNSTopic extends CloudFormationResource {
+  Type: 'AWS::SNS::Topic'
+  Properties?: {
+    TopicName?: string
+    DisplayName?: string
+    Subscription?: Array<{
+      Endpoint: string
+      Protocol: 'http' | 'https' | 'email' | 'email-json' | 'sms' | 'sqs' | 'application' | 'lambda' | 'firehose'
+    }>
+    KmsMasterKeyId?: string
+    Tags?: Array<{
+      Key: string
+      Value: string
+    }>
+  }
+}
+
+export interface SNSSubscription extends CloudFormationResource {
+  Type: 'AWS::SNS::Subscription'
+  Properties: {
+    TopicArn: string | { Ref: string }
+    Protocol: 'http' | 'https' | 'email' | 'email-json' | 'sms' | 'sqs' | 'application' | 'lambda' | 'firehose'
+    Endpoint: string
+    FilterPolicy?: unknown
+    RawMessageDelivery?: boolean
+  }
+}
+
+export interface SNSTopicPolicy extends CloudFormationResource {
+  Type: 'AWS::SNS::TopicPolicy'
+  Properties: {
+    Topics: (string | { Ref: string })[]
+    PolicyDocument: {
+      Version: '2012-10-17'
+      Statement: Array<{
+        Effect: 'Allow' | 'Deny'
+        Principal: unknown
+        Action: string | string[]
+        Resource: string | string[]
+      }>
+    }
+  }
+}

package/src/sqs.ts

@@ -0,0 +1,54 @@
+import type { CloudFormationResource } from './index'
+
+/**
+ * AWS SQS (Simple Queue Service) Types
+ */
+
+export interface SQSQueue extends CloudFormationResource {
+  Type: 'AWS::SQS::Queue'
+  Properties?: {
+    QueueName?: string
+    DelaySeconds?: number
+    MaximumMessageSize?: number
+    MessageRetentionPeriod?: number
+    ReceiveMessageWaitTimeSeconds?: number
+    VisibilityTimeout?: number
+    KmsMasterKeyId?: string
+    KmsDataKeyReusePeriodSeconds?: number
+    SqsManagedSseEnabled?: boolean
+    FifoQueue?: boolean
+    ContentBasedDeduplication?: boolean
+    DeduplicationScope?: 'messageGroup' | 'queue'
+    FifoThroughputLimit?: 'perQueue' | 'perMessageGroupId'
+    RedrivePolicy?: {
+      deadLetterTargetArn: string
+      maxReceiveCount: number
+    }
+    RedriveAllowPolicy?: {
+      redrivePermission: 'allowAll' | 'denyAll' | 'byQueue'
+      sourceQueueArns?: string[]
+    }
+    Tags?: Array<{
+      Key: string
+      Value: string
+    }>
+  }
+}
+
+export interface SQSQueuePolicy extends CloudFormationResource {
+  Type: 'AWS::SQS::QueuePolicy'
+  Properties: {
+    Queues: Array<string | { Ref: string }>
+    PolicyDocument: {
+      Version: '2012-10-17'
+      Statement: Array<{
+        Sid?: string
+        Effect: 'Allow' | 'Deny'
+        Principal: unknown
+        Action: string | string[]
+        Resource: string | string[]
+        Condition?: unknown
+      }>
+    }
+  }
+}

package/src/ssm.ts

@@ -0,0 +1,268 @@
+/**
+ * AWS Systems Manager (SSM) Types
+ * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_SSM.html
+ */
+
+import type { Tag } from './common'
+
+/**
+ * AWS::SSM::Parameter
+ */
+export interface SSMParameter {
+  Type: 'AWS::SSM::Parameter'
+  Properties: {
+    Name?: string
+    Type: 'String' | 'StringList' | 'SecureString'
+    Value: string
+    Description?: string
+    AllowedPattern?: string
+    DataType?: 'text' | 'aws:ec2:image'
+    Tier?: 'Standard' | 'Advanced' | 'Intelligent-Tiering'
+    Policies?: string
+    Tags?: Record<string, string>
+  }
+}
+
+/**
+ * AWS::SSM::Association
+ */
+export interface SSMAssociation {
+  Type: 'AWS::SSM::Association'
+  Properties: {
+    Name: string
+    AssociationName?: string
+    DocumentVersion?: string
+    InstanceId?: string
+    Parameters?: Record<string, string[]>
+    ScheduleExpression?: string
+    Targets?: Array<{
+      Key: string
+      Values: string[]
+    }>
+    OutputLocation?: {
+      S3Location?: {
+        OutputS3BucketName?: string
+        OutputS3KeyPrefix?: string
+        OutputS3Region?: string
+      }
+    }
+    AutomationTargetParameterName?: string
+    MaxErrors?: string
+    MaxConcurrency?: string
+    ComplianceSeverity?: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'UNSPECIFIED'
+    SyncCompliance?: 'AUTO' | 'MANUAL'
+    WaitForSuccessTimeoutSeconds?: number
+    ApplyOnlyAtCronInterval?: boolean
+    CalendarNames?: string[]
+    ScheduleOffset?: number
+  }
+}
+
+/**
+ * AWS::SSM::Document
+ */
+export interface SSMDocument {
+  Type: 'AWS::SSM::Document'
+  Properties: {
+    Name?: string
+    Content: any
+    DocumentType?: 'Command' | 'Policy' | 'Automation' | 'Session' | 'Package' | 'ApplicationConfiguration' | 'ApplicationConfigurationSchema' | 'DeploymentStrategy' | 'ChangeCalendar' | 'Automation.ChangeTemplate' | 'ProblemAnalysis' | 'ProblemAnalysisTemplate' | 'CloudFormation' | 'ConformancePackTemplate' | 'QuickSetup'
+    DocumentFormat?: 'YAML' | 'JSON' | 'TEXT'
+    TargetType?: string
+    VersionName?: string
+    Requires?: Array<{
+      Name: string
+      Version?: string
+    }>
+    Attachments?: Array<{
+      Key?: 'SourceUrl' | 'S3FileUrl' | 'AttachmentReference'
+      Name?: string
+      Values?: string[]
+    }>
+    Tags?: Tag[]
+    UpdateMethod?: 'Replace' | 'NewVersion'
+  }
+}
+
+/**
+ * AWS::SSM::MaintenanceWindow
+ */
+export interface SSMMaintenanceWindow {
+  Type: 'AWS::SSM::MaintenanceWindow'
+  Properties: {
+    Name: string
+    Description?: string
+    AllowUnassociatedTargets: boolean
+    Cutoff: number
+    Duration: number
+    Schedule: string
+    ScheduleTimezone?: string
+    ScheduleOffset?: number
+    StartDate?: string
+    EndDate?: string
+    Tags?: Tag[]
+  }
+}
+
+/**
+ * AWS::SSM::MaintenanceWindowTarget
+ */
+export interface SSMMaintenanceWindowTarget {
+  Type: 'AWS::SSM::MaintenanceWindowTarget'
+  Properties: {
+    WindowId: string | { Ref: string }
+    ResourceType: 'INSTANCE' | 'RESOURCE_GROUP'
+    Targets: Array<{
+      Key: string
+      Values: string[]
+    }>
+    OwnerInformation?: string
+    Name?: string
+    Description?: string
+  }
+}
+
+/**
+ * AWS::SSM::MaintenanceWindowTask
+ */
+export interface SSMMaintenanceWindowTask {
+  Type: 'AWS::SSM::MaintenanceWindowTask'
+  Properties: {
+    WindowId: string | { Ref: string }
+    TaskType: 'RUN_COMMAND' | 'AUTOMATION' | 'LAMBDA' | 'STEP_FUNCTIONS'
+    TaskArn: string
+    ServiceRoleArn?: string
+    Targets?: Array<{
+      Key: string
+      Values: string[]
+    }>
+    MaxConcurrency?: string
+    MaxErrors?: string
+    Priority?: number
+    LoggingInfo?: {
+      S3Bucket: string
+      S3Prefix?: string
+      S3Region: string
+    }
+    Name?: string
+    Description?: string
+    TaskInvocationParameters?: {
+      RunCommand?: {
+        Comment?: string
+        DocumentHash?: string
+        DocumentHashType?: 'Sha256' | 'Sha1'
+        NotificationConfig?: {
+          NotificationArn?: string
+          NotificationEvents?: string[]
+          NotificationType?: 'Command' | 'Invocation'
+        }
+        OutputS3BucketName?: string
+        OutputS3KeyPrefix?: string
+        Parameters?: Record<string, string[]>
+        ServiceRoleArn?: string
+        TimeoutSeconds?: number
+      }
+      Automation?: {
+        DocumentVersion?: string
+        Parameters?: Record<string, string[]>
+      }
+      Lambda?: {
+        ClientContext?: string
+        Payload?: string
+        Qualifier?: string
+      }
+      StepFunctions?: {
+        Input?: string
+        Name?: string
+      }
+    }
+  }
+}
+
+/**
+ * AWS::SSM::PatchBaseline
+ */
+export interface SSMPatchBaseline {
+  Type: 'AWS::SSM::PatchBaseline'
+  Properties: {
+    Name: string
+    Description?: string
+    OperatingSystem?: 'WINDOWS' | 'AMAZON_LINUX' | 'AMAZON_LINUX_2' | 'UBUNTU' | 'REDHAT_ENTERPRISE_LINUX' | 'SUSE' | 'CENTOS' | 'ORACLE_LINUX' | 'DEBIAN' | 'MACOS'
+    ApprovedPatches?: string[]
+    ApprovedPatchesComplianceLevel?: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'INFORMATIONAL' | 'UNSPECIFIED'
+    ApprovedPatchesEnableNonSecurity?: boolean
+    RejectedPatches?: string[]
+    RejectedPatchesAction?: 'ALLOW_AS_DEPENDENCY' | 'BLOCK'
+    ApprovalRules?: {
+      PatchRules: Array<{
+        PatchFilterGroup: {
+          PatchFilters: Array<{
+            Key: string
+            Values: string[]
+          }>
+        }
+        ComplianceLevel?: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'INFORMATIONAL' | 'UNSPECIFIED'
+        ApproveAfterDays?: number
+        ApproveUntilDate?: string
+        EnableNonSecurity?: boolean
+      }>
+    }
+    GlobalFilters?: {
+      PatchFilters: Array<{
+        Key: string
+        Values: string[]
+      }>
+    }
+    Sources?: Array<{
+      Name: string
+      Products: string[]
+      Configuration: string
+    }>
+    Tags?: Tag[]
+  }
+}
+
+/**
+ * AWS::SSM::ResourceDataSync
+ */
+export interface SSMResourceDataSync {
+  Type: 'AWS::SSM::ResourceDataSync'
+  Properties: {
+    SyncName: string
+    SyncType?: string
+    BucketName?: string
+    BucketPrefix?: string
+    BucketRegion?: string
+    KMSKeyArn?: string
+    SyncFormat?: string
+    S3Destination?: {
+      BucketName: string
+      BucketPrefix?: string
+      BucketRegion: string
+      KMSKeyArn?: string
+      SyncFormat: string
+      DestinationDataSharing?: {
+        DestinationDataSharingType: string
+      }
+    }
+    SyncSource?: {
+      SourceType: string
+      SourceRegions: string[]
+      IncludeFutureRegions?: boolean
+      AwsOrganizationsSource?: {
+        OrganizationSourceType: string
+        OrganizationalUnits?: string[]
+      }
+    }
+  }
+}
+
+export type SSMResource =
+  | SSMParameter
+  | SSMAssociation
+  | SSMDocument
+  | SSMMaintenanceWindow
+  | SSMMaintenanceWindowTarget
+  | SSMMaintenanceWindowTask
+  | SSMPatchBaseline
+  | SSMResourceDataSync

package/src/waf.ts

@@ -0,0 +1,81 @@
+import type { CloudFormationResource } from './index'
+
+export interface WAFv2WebACL extends CloudFormationResource {
+  Type: 'AWS::WAFv2::WebACL'
+  Properties: {
+    Name: string
+    Scope: 'CLOUDFRONT' | 'REGIONAL'
+    DefaultAction: {
+      Allow?: Record<string, unknown>
+      Block?: Record<string, unknown>
+    }
+    Description?: string
+    Rules?: Array<{
+      Name: string
+      Priority: number
+      Statement: {
+        ByteMatchStatement?: {
+          SearchString: string
+          FieldToMatch: unknown
+          TextTransformations: Array<{
+            Priority: number
+            Type: string
+          }>
+          PositionalConstraint: 'EXACTLY' | 'STARTS_WITH' | 'ENDS_WITH' | 'CONTAINS' | 'CONTAINS_WORD'
+        }
+        GeoMatchStatement?: {
+          CountryCodes: string[]
+        }
+        IPSetReferenceStatement?: {
+          Arn: string
+        }
+        RateBasedStatement?: {
+          Limit: number
+          AggregateKeyType: 'IP' | 'FORWARDED_IP'
+          ScopeDownStatement?: unknown
+        }
+        ManagedRuleGroupStatement?: {
+          VendorName: string
+          Name: string
+          ExcludedRules?: Array<{
+            Name: string
+          }>
+        }
+      }
+      Action?: {
+        Allow?: Record<string, unknown>
+        Block?: Record<string, unknown>
+        Count?: Record<string, unknown>
+      }
+      VisibilityConfig: {
+        SampledRequestsEnabled: boolean
+        CloudWatchMetricsEnabled: boolean
+        MetricName: string
+      }
+    }>
+    VisibilityConfig: {
+      SampledRequestsEnabled: boolean
+      CloudWatchMetricsEnabled: boolean
+      MetricName: string
+    }
+    Tags?: Array<{
+      Key: string
+      Value: string
+    }>
+  }
+}
+
+export interface WAFv2IPSet extends CloudFormationResource {
+  Type: 'AWS::WAFv2::IPSet'
+  Properties: {
+    Name: string
+    Scope: 'CLOUDFRONT' | 'REGIONAL'
+    IPAddressVersion: 'IPV4' | 'IPV6'
+    Addresses: string[]
+    Description?: string
+    Tags?: Array<{
+      Key: string
+      Value: string
+    }>
+  }
+}

package/tsconfig.json

@@ -0,0 +1,12 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "composite": true,
+    "declaration": true,
+    "declarationMap": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
+}