npm - @stacksjs/ts-cloud-core - Versions diffs - 0.1.1 - Mend

@stacksjs/ts-cloud-core 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (251) hide show

package/LICENSE.md +21 -0
package/README.md +321 -0
package/package.json +31 -0
package/src/advanced-features.test.ts +465 -0
package/src/aws/cloudformation.ts +421 -0
package/src/aws/cloudfront.ts +158 -0
package/src/aws/credentials.test.ts +132 -0
package/src/aws/credentials.ts +545 -0
package/src/aws/index.ts +87 -0
package/src/aws/s3.test.ts +188 -0
package/src/aws/s3.ts +1088 -0
package/src/aws/signature.test.ts +670 -0
package/src/aws/signature.ts +1155 -0
package/src/backup/disaster-recovery.test.ts +726 -0
package/src/backup/disaster-recovery.ts +500 -0
package/src/backup/index.ts +34 -0
package/src/backup/manager.test.ts +498 -0
package/src/backup/manager.ts +432 -0
package/src/cicd/circleci.ts +430 -0
package/src/cicd/github-actions.ts +424 -0
package/src/cicd/gitlab-ci.ts +255 -0
package/src/cicd/index.ts +8 -0
package/src/cli/history.ts +396 -0
package/src/cli/index.ts +10 -0
package/src/cli/progress.ts +458 -0
package/src/cli/repl.ts +454 -0
package/src/cli/suggestions.ts +327 -0
package/src/cli/table.test.ts +319 -0
package/src/cli/table.ts +332 -0
package/src/cloudformation/builder.test.ts +327 -0
package/src/cloudformation/builder.ts +378 -0
package/src/cloudformation/builders/api-gateway.ts +449 -0
package/src/cloudformation/builders/cache.ts +334 -0
package/src/cloudformation/builders/cdn.ts +278 -0
package/src/cloudformation/builders/compute.ts +485 -0
package/src/cloudformation/builders/database.ts +392 -0
package/src/cloudformation/builders/functions.ts +343 -0
package/src/cloudformation/builders/messaging.ts +140 -0
package/src/cloudformation/builders/monitoring.ts +300 -0
package/src/cloudformation/builders/network.ts +264 -0
package/src/cloudformation/builders/queue.ts +147 -0
package/src/cloudformation/builders/security.ts +399 -0
package/src/cloudformation/builders/storage.ts +285 -0
package/src/cloudformation/index.ts +30 -0
package/src/cloudformation/types.ts +173 -0
package/src/compliance/aws-config.ts +543 -0
package/src/compliance/cloudtrail.ts +376 -0
package/src/compliance/compliance.test.ts +423 -0
package/src/compliance/guardduty.ts +446 -0
package/src/compliance/index.ts +66 -0
package/src/compliance/security-hub.ts +456 -0
package/src/containers/build-optimization.ts +416 -0
package/src/containers/containers.test.ts +508 -0
package/src/containers/image-scanning.ts +360 -0
package/src/containers/index.ts +9 -0
package/src/containers/registry.ts +293 -0
package/src/containers/service-mesh.ts +520 -0
package/src/database/database.test.ts +762 -0
package/src/database/index.ts +9 -0
package/src/database/migrations.ts +444 -0
package/src/database/performance.ts +528 -0
package/src/database/replicas.ts +534 -0
package/src/database/users.ts +494 -0
package/src/dependency-graph.ts +143 -0
package/src/deployment/ab-testing.ts +582 -0
package/src/deployment/blue-green.ts +452 -0
package/src/deployment/canary.ts +500 -0
package/src/deployment/deployment.test.ts +526 -0
package/src/deployment/index.ts +61 -0
package/src/deployment/progressive.ts +62 -0
package/src/dns/dns.test.ts +641 -0
package/src/dns/dnssec.ts +315 -0
package/src/dns/index.ts +8 -0
package/src/dns/resolver.ts +496 -0
package/src/dns/routing.ts +593 -0
package/src/email/advanced/analytics.ts +445 -0
package/src/email/advanced/index.ts +11 -0
package/src/email/advanced/rules.ts +465 -0
package/src/email/advanced/scheduling.ts +352 -0
package/src/email/advanced/search.ts +412 -0
package/src/email/advanced/shared-mailboxes.ts +404 -0
package/src/email/advanced/templates.ts +455 -0
package/src/email/advanced/threading.ts +281 -0
package/src/email/analytics.ts +467 -0
package/src/email/bounce-handling.ts +425 -0
package/src/email/email.test.ts +431 -0
package/src/email/handlers/__tests__/inbound.test.ts +38 -0
package/src/email/handlers/__tests__/outbound.test.ts +37 -0
package/src/email/handlers/converter.ts +227 -0
package/src/email/handlers/feedback.ts +228 -0
package/src/email/handlers/inbound.ts +169 -0
package/src/email/handlers/outbound.ts +178 -0
package/src/email/index.ts +15 -0
package/src/email/reputation.ts +303 -0
package/src/email/templates.ts +352 -0
package/src/errors/index.test.ts +434 -0
package/src/errors/index.ts +416 -0
package/src/health-checks/index.ts +40 -0
package/src/index.ts +360 -0
package/src/intrinsic-functions.ts +118 -0
package/src/lambda/concurrency.ts +330 -0
package/src/lambda/destinations.ts +345 -0
package/src/lambda/dlq.ts +425 -0
package/src/lambda/index.ts +11 -0
package/src/lambda/lambda.test.ts +840 -0
package/src/lambda/layers.ts +263 -0
package/src/lambda/versions.ts +376 -0
package/src/lambda/vpc.ts +399 -0
package/src/local/config.ts +114 -0
package/src/local/index.ts +6 -0
package/src/local/mock-aws.ts +351 -0
package/src/modules/ai.ts +340 -0
package/src/modules/api.ts +478 -0
package/src/modules/auth.ts +805 -0
package/src/modules/cache.ts +417 -0
package/src/modules/cdn.ts +1062 -0
package/src/modules/communication.ts +1094 -0
package/src/modules/compute.ts +3348 -0
package/src/modules/database.ts +554 -0
package/src/modules/deployment.ts +1079 -0
package/src/modules/dns.ts +337 -0
package/src/modules/email.ts +1538 -0
package/src/modules/filesystem.ts +515 -0
package/src/modules/index.ts +32 -0
package/src/modules/messaging.ts +486 -0
package/src/modules/monitoring.ts +2086 -0
package/src/modules/network.ts +664 -0
package/src/modules/parameter-store.ts +325 -0
package/src/modules/permissions.ts +1081 -0
package/src/modules/phone.ts +494 -0
package/src/modules/queue.ts +1260 -0
package/src/modules/redirects.ts +464 -0
package/src/modules/registry.ts +699 -0
package/src/modules/search.ts +401 -0
package/src/modules/secrets.ts +416 -0
package/src/modules/security.ts +731 -0
package/src/modules/sms.ts +389 -0
package/src/modules/storage.ts +1120 -0
package/src/modules/workflow.ts +680 -0
package/src/multi-account/config.ts +521 -0
package/src/multi-account/index.ts +7 -0
package/src/multi-account/manager.ts +427 -0
package/src/multi-region/cross-region.ts +410 -0
package/src/multi-region/index.ts +8 -0
package/src/multi-region/manager.ts +483 -0
package/src/multi-region/regions.ts +435 -0
package/src/network-security/index.ts +48 -0
package/src/observability/index.ts +9 -0
package/src/observability/logs.ts +522 -0
package/src/observability/metrics.ts +460 -0
package/src/observability/observability.test.ts +782 -0
package/src/observability/synthetics.ts +568 -0
package/src/observability/xray.ts +358 -0
package/src/phone/advanced/analytics.ts +349 -0
package/src/phone/advanced/callbacks.ts +428 -0
package/src/phone/advanced/index.ts +8 -0
package/src/phone/advanced/ivr-builder.ts +504 -0
package/src/phone/advanced/recording.ts +310 -0
package/src/phone/handlers/__tests__/incoming-call.test.ts +40 -0
package/src/phone/handlers/incoming-call.ts +117 -0
package/src/phone/handlers/missed-call.ts +116 -0
package/src/phone/handlers/voicemail.ts +179 -0
package/src/phone/index.ts +9 -0
package/src/presets/api-backend.ts +134 -0
package/src/presets/data-pipeline.ts +204 -0
package/src/presets/extend.test.ts +295 -0
package/src/presets/extend.ts +297 -0
package/src/presets/fullstack-app.ts +144 -0
package/src/presets/index.ts +27 -0
package/src/presets/jamstack.ts +135 -0
package/src/presets/microservices.ts +167 -0
package/src/presets/ml-api.ts +208 -0
package/src/presets/nodejs-server.ts +104 -0
package/src/presets/nodejs-serverless.ts +114 -0
package/src/presets/realtime-app.ts +184 -0
package/src/presets/static-site.ts +64 -0
package/src/presets/traditional-web-app.ts +339 -0
package/src/presets/wordpress.ts +138 -0
package/src/preview/github.test.ts +249 -0
package/src/preview/github.ts +297 -0
package/src/preview/index.ts +37 -0
package/src/preview/manager.test.ts +440 -0
package/src/preview/manager.ts +326 -0
package/src/preview/notifications.test.ts +582 -0
package/src/preview/notifications.ts +341 -0
package/src/queue/batch-processing.ts +402 -0
package/src/queue/dlq-monitoring.ts +402 -0
package/src/queue/fifo.ts +342 -0
package/src/queue/index.ts +9 -0
package/src/queue/management.ts +428 -0
package/src/queue/queue.test.ts +429 -0
package/src/resource-mgmt/index.ts +39 -0
package/src/resource-naming.ts +62 -0
package/src/s3/index.ts +523 -0
package/src/schema/cloud-config.schema.json +554 -0
package/src/schema/index.ts +68 -0
package/src/security/certificate-manager.ts +492 -0
package/src/security/index.ts +9 -0
package/src/security/scanning.ts +545 -0
package/src/security/secrets-manager.ts +476 -0
package/src/security/secrets-rotation.ts +456 -0
package/src/security/security.test.ts +738 -0
package/src/sms/advanced/ab-testing.ts +389 -0
package/src/sms/advanced/analytics.ts +336 -0
package/src/sms/advanced/campaigns.ts +523 -0
package/src/sms/advanced/chatbot.ts +224 -0
package/src/sms/advanced/index.ts +10 -0
package/src/sms/advanced/link-tracking.ts +248 -0
package/src/sms/advanced/mms.ts +308 -0
package/src/sms/handlers/__tests__/send.test.ts +40 -0
package/src/sms/handlers/delivery-status.ts +133 -0
package/src/sms/handlers/receive.ts +162 -0
package/src/sms/handlers/send.ts +174 -0
package/src/sms/index.ts +9 -0
package/src/stack-diff.ts +389 -0
package/src/static-site/index.ts +85 -0
package/src/template-builder.ts +110 -0
package/src/template-validator.ts +574 -0
package/src/utils/cache.ts +291 -0
package/src/utils/diff.ts +269 -0
package/src/utils/hash.ts +227 -0
package/src/utils/index.ts +8 -0
package/src/utils/parallel.ts +294 -0
package/src/validators/credentials.test.ts +274 -0
package/src/validators/credentials.ts +233 -0
package/src/validators/quotas.test.ts +434 -0
package/src/validators/quotas.ts +217 -0
package/test/ai.test.ts +327 -0
package/test/api.test.ts +511 -0
package/test/auth.test.ts +632 -0
package/test/cache.test.ts +406 -0
package/test/cdn.test.ts +247 -0
package/test/compute.test.ts +861 -0
package/test/database.test.ts +523 -0
package/test/deployment.test.ts +499 -0
package/test/dns.test.ts +270 -0
package/test/email.test.ts +439 -0
package/test/filesystem.test.ts +382 -0
package/test/integration.test.ts +350 -0
package/test/messaging.test.ts +514 -0
package/test/monitoring.test.ts +634 -0
package/test/network.test.ts +425 -0
package/test/permissions.test.ts +488 -0
package/test/queue.test.ts +484 -0
package/test/registry.test.ts +306 -0
package/test/security.test.ts +462 -0
package/test/storage.test.ts +463 -0
package/test/template-validator.test.ts +559 -0
package/test/workflow.test.ts +592 -0
package/tsconfig.json +16 -0
package/tsconfig.tsbuildinfo +1 -0

package/src/security/secrets-manager.ts ADDED Viewed

@@ -0,0 +1,476 @@
+/**
+ * Secrets Management
+ * Versioning, audit logging, and external secret manager integration
+ */
+export interface SecretVersion {
+  id: string
+  secretId: string
+  versionId: string
+  versionStages: string[] // AWSCURRENT, AWSPENDING, AWSPREVIOUS
+  value?: string
+  createdAt: Date
+  deprecatedAt?: Date
+}
+export interface SecretAudit {
+  id: string
+  secretId: string
+  action: SecretAction
+  actor: string
+  versionId?: string
+  timestamp: Date
+  ipAddress?: string
+  userAgent?: string
+  success: boolean
+  error?: string
+}
+export type SecretAction =
+  | 'CREATE'
+  | 'READ'
+  | 'UPDATE'
+  | 'DELETE'
+  | 'ROTATE'
+  | 'RESTORE'
+  | 'REPLICATE'
+export interface ExternalSecretManager {
+  id: string
+  type: 'vault' | 'onepassword' | 'azure_keyvault' | 'gcp_secretmanager'
+  name: string
+  endpoint?: string
+  authentication: ExternalAuthConfig
+  syncEnabled?: boolean
+  syncInterval?: number // minutes
+}
+export interface ExternalAuthConfig {
+  type: 'token' | 'iam' | 'certificate' | 'apikey'
+  credentials?: Record<string, string>
+  roleArn?: string
+  certificateArn?: string
+}
+export interface SecretReplication {
+  id: string
+  secretId: string
+  sourceRegion: string
+  replicaRegions: string[]
+  kmsKeyIds?: Record<string, string> // region -> KMS key ID
+  status: 'replicating' | 'completed' | 'failed'
+}
+export interface SecretPolicy {
+  id: string
+  secretId: string
+  policy: PolicyDocument
+}
+export interface PolicyDocument {
+  Version: string
+  Statement: PolicyStatement[]
+}
+export interface PolicyStatement {
+  Effect: 'Allow' | 'Deny'
+  Principal: {
+    AWS?: string | string[]
+    Service?: string | string[]
+  }
+  Action: string | string[]
+  Resource?: string | string[]
+  Condition?: Record<string, any>
+}
+/**
+ * Secrets manager
+ */
+export class SecretsManager {
+  private versions: Map<string, SecretVersion> = new Map()
+  private audits: Map<string, SecretAudit> = new Map()
+  private externalManagers: Map<string, ExternalSecretManager> = new Map()
+  private replications: Map<string, SecretReplication> = new Map()
+  private policies: Map<string, SecretPolicy> = new Map()
+  private versionCounter = 0
+  private auditCounter = 0
+  private managerCounter = 0
+  private replicationCounter = 0
+  private policyCounter = 0
+  /**
+   * Create secret version
+   */
+  createVersion(version: Omit<SecretVersion, 'id'>): SecretVersion {
+    const id = `version-${Date.now()}-${this.versionCounter++}`
+    const secretVersion: SecretVersion = {
+      id,
+      ...version,
+    }
+    this.versions.set(id, secretVersion)
+    // Audit the action
+    this.auditAction({
+      secretId: version.secretId,
+      action: 'CREATE',
+      actor: 'system',
+      versionId: version.versionId,
+      success: true,
+    })
+    return secretVersion
+  }
+  /**
+   * Get secret version by stage
+   */
+  getVersionByStage(secretId: string, stage: string): SecretVersion | undefined {
+    return Array.from(this.versions.values()).find(
+      v => v.secretId === secretId && v.versionStages.includes(stage)
+    )
+  }
+  /**
+   * List versions for secret
+   */
+  listVersions(secretId: string): SecretVersion[] {
+    return Array.from(this.versions.values())
+      .filter(v => v.secretId === secretId)
+      .sort((a, b) => b.createdAt.getTime() - a.createdAt.getTime())
+  }
+  /**
+   * Deprecate version
+   */
+  deprecateVersion(versionId: string): void {
+    const version = Array.from(this.versions.values()).find(v => v.versionId === versionId)
+    if (version) {
+      version.deprecatedAt = new Date()
+      version.versionStages = version.versionStages.filter(s => s !== 'AWSCURRENT')
+      this.auditAction({
+        secretId: version.secretId,
+        action: 'UPDATE',
+        actor: 'system',
+        versionId,
+        success: true,
+      })
+    }
+  }
+  /**
+   * Restore version
+   */
+  restoreVersion(versionId: string): void {
+    const version = Array.from(this.versions.values()).find(v => v.versionId === versionId)
+    if (version) {
+      // Remove AWSCURRENT from other versions
+      Array.from(this.versions.values())
+        .filter(v => v.secretId === version.secretId && v.versionId !== versionId)
+        .forEach(v => {
+          v.versionStages = v.versionStages.filter(s => s !== 'AWSCURRENT')
+        })
+      // Set this version as current
+      version.versionStages.push('AWSCURRENT')
+      version.deprecatedAt = undefined
+      this.auditAction({
+        secretId: version.secretId,
+        action: 'RESTORE',
+        actor: 'system',
+        versionId,
+        success: true,
+      })
+    }
+  }
+  /**
+   * Audit secret action
+   */
+  auditAction(audit: Omit<SecretAudit, 'id' | 'timestamp'>): SecretAudit {
+    const id = `audit-${Date.now()}-${this.auditCounter++}`
+    const secretAudit: SecretAudit = {
+      id,
+      timestamp: new Date(),
+      ...audit,
+    }
+    this.audits.set(id, secretAudit)
+    return secretAudit
+  }
+  /**
+   * Get audit trail for secret
+   */
+  getAuditTrail(secretId: string, limit: number = 100): SecretAudit[] {
+    return Array.from(this.audits.values())
+      .filter(audit => audit.secretId === secretId)
+      .sort((a, b) => b.timestamp.getTime() - a.timestamp.getTime())
+      .slice(0, limit)
+  }
+  /**
+   * Get failed access attempts
+   */
+  getFailedAccesses(secretId: string, hours: number = 24): SecretAudit[] {
+    const cutoffTime = Date.now() - hours * 60 * 60 * 1000
+    return Array.from(this.audits.values()).filter(
+      audit =>
+        audit.secretId === secretId &&
+        !audit.success &&
+        audit.timestamp.getTime() > cutoffTime
+    )
+  }
+  /**
+   * Register external secret manager
+   */
+  registerExternalManager(manager: Omit<ExternalSecretManager, 'id'>): ExternalSecretManager {
+    const id = `ext-manager-${Date.now()}-${this.managerCounter++}`
+    const externalManager: ExternalSecretManager = {
+      id,
+      ...manager,
+    }
+    this.externalManagers.set(id, externalManager)
+    return externalManager
+  }
+  /**
+   * Register HashiCorp Vault
+   */
+  registerVault(options: {
+    name: string
+    endpoint: string
+    token?: string
+    roleArn?: string
+    syncEnabled?: boolean
+  }): ExternalSecretManager {
+    return this.registerExternalManager({
+      type: 'vault',
+      name: options.name,
+      endpoint: options.endpoint,
+      authentication: {
+        type: options.token ? 'token' : 'iam',
+        credentials: options.token ? { token: options.token } : undefined,
+        roleArn: options.roleArn,
+      },
+      syncEnabled: options.syncEnabled || false,
+      syncInterval: 60,
+    })
+  }
+  /**
+   * Register 1Password
+   */
+  registerOnePassword(options: {
+    name: string
+    endpoint?: string
+    apiKey: string
+    syncEnabled?: boolean
+  }): ExternalSecretManager {
+    return this.registerExternalManager({
+      type: 'onepassword',
+      name: options.name,
+      endpoint: options.endpoint || 'https://my.1password.com',
+      authentication: {
+        type: 'apikey',
+        credentials: { apiKey: options.apiKey },
+      },
+      syncEnabled: options.syncEnabled || false,
+      syncInterval: 30,
+    })
+  }
+  /**
+   * Enable secret replication
+   */
+  enableReplication(options: {
+    secretId: string
+    sourceRegion: string
+    replicaRegions: string[]
+    kmsKeyIds?: Record<string, string>
+  }): SecretReplication {
+    const id = `replication-${Date.now()}-${this.replicationCounter++}`
+    const replication: SecretReplication = {
+      id,
+      secretId: options.secretId,
+      sourceRegion: options.sourceRegion,
+      replicaRegions: options.replicaRegions,
+      kmsKeyIds: options.kmsKeyIds,
+      status: 'replicating',
+    }
+    this.replications.set(id, replication)
+    this.auditAction({
+      secretId: options.secretId,
+      action: 'REPLICATE',
+      actor: 'system',
+      success: true,
+    })
+    // Simulate replication
+    setTimeout(() => {
+      replication.status = 'completed'
+    }, 100)
+    return replication
+  }
+  /**
+   * Create secret policy
+   */
+  createPolicy(options: {
+    secretId: string
+    allowedPrincipals: string[]
+    allowedActions: string[]
+  }): SecretPolicy {
+    const id = `policy-${Date.now()}-${this.policyCounter++}`
+    const policy: SecretPolicy = {
+      id,
+      secretId: options.secretId,
+      policy: {
+        Version: '2012-10-17',
+        Statement: [
+          {
+            Effect: 'Allow',
+            Principal: {
+              AWS: options.allowedPrincipals,
+            },
+            Action: options.allowedActions,
+            Resource: '*',
+          },
+        ],
+      },
+    }
+    this.policies.set(id, policy)
+    return policy
+  }
+  /**
+   * Create cross-account access policy
+   */
+  createCrossAccountPolicy(options: {
+    secretId: string
+    accountId: string
+    roleNames: string[]
+  }): SecretPolicy {
+    const principals = options.roleNames.map(
+      role => `arn:aws:iam::${options.accountId}:role/${role}`
+    )
+    return this.createPolicy({
+      secretId: options.secretId,
+      allowedPrincipals: principals,
+      allowedActions: ['secretsmanager:GetSecretValue', 'secretsmanager:DescribeSecret'],
+    })
+  }
+  /**
+   * Get version
+   */
+  getVersion(id: string): SecretVersion | undefined {
+    return this.versions.get(id)
+  }
+  /**
+   * Get external manager
+   */
+  getExternalManager(id: string): ExternalSecretManager | undefined {
+    return this.externalManagers.get(id)
+  }
+  /**
+   * List external managers
+   */
+  listExternalManagers(): ExternalSecretManager[] {
+    return Array.from(this.externalManagers.values())
+  }
+  /**
+   * Get replication
+   */
+  getReplication(id: string): SecretReplication | undefined {
+    return this.replications.get(id)
+  }
+  /**
+   * List replications
+   */
+  listReplications(): SecretReplication[] {
+    return Array.from(this.replications.values())
+  }
+  /**
+   * Generate CloudFormation for secret
+   */
+  generateSecretCF(options: {
+    name: string
+    description?: string
+    kmsKeyId?: string
+    replicaRegions?: string[]
+  }): any {
+    return {
+      Type: 'AWS::SecretsManager::Secret',
+      Properties: {
+        Name: options.name,
+        Description: options.description,
+        ...(options.kmsKeyId && { KmsKeyId: options.kmsKeyId }),
+        ...(options.replicaRegions && {
+          ReplicaRegions: options.replicaRegions.map(region => ({
+            Region: region,
+          })),
+        }),
+      },
+    }
+  }
+  /**
+   * Generate CloudFormation for secret policy
+   */
+  generateSecretPolicyCF(policy: SecretPolicy): any {
+    return {
+      Type: 'AWS::SecretsManager::ResourcePolicy',
+      Properties: {
+        SecretId: policy.secretId,
+        ResourcePolicy: policy.policy,
+      },
+    }
+  }
+  /**
+   * Clear all data
+   */
+  clear(): void {
+    this.versions.clear()
+    this.audits.clear()
+    this.externalManagers.clear()
+    this.replications.clear()
+    this.policies.clear()
+    this.versionCounter = 0
+    this.auditCounter = 0
+    this.managerCounter = 0
+    this.replicationCounter = 0
+    this.policyCounter = 0
+  }
+}
+/**
+ * Global secrets manager instance
+ */
+export const secretsManager: SecretsManager = new SecretsManager()