npm - @stacksjs/ts-cloud-core - Versions diffs - 0.1.1 - Mend

@stacksjs/ts-cloud-core 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (251) hide show

package/LICENSE.md +21 -0
package/README.md +321 -0
package/package.json +31 -0
package/src/advanced-features.test.ts +465 -0
package/src/aws/cloudformation.ts +421 -0
package/src/aws/cloudfront.ts +158 -0
package/src/aws/credentials.test.ts +132 -0
package/src/aws/credentials.ts +545 -0
package/src/aws/index.ts +87 -0
package/src/aws/s3.test.ts +188 -0
package/src/aws/s3.ts +1088 -0
package/src/aws/signature.test.ts +670 -0
package/src/aws/signature.ts +1155 -0
package/src/backup/disaster-recovery.test.ts +726 -0
package/src/backup/disaster-recovery.ts +500 -0
package/src/backup/index.ts +34 -0
package/src/backup/manager.test.ts +498 -0
package/src/backup/manager.ts +432 -0
package/src/cicd/circleci.ts +430 -0
package/src/cicd/github-actions.ts +424 -0
package/src/cicd/gitlab-ci.ts +255 -0
package/src/cicd/index.ts +8 -0
package/src/cli/history.ts +396 -0
package/src/cli/index.ts +10 -0
package/src/cli/progress.ts +458 -0
package/src/cli/repl.ts +454 -0
package/src/cli/suggestions.ts +327 -0
package/src/cli/table.test.ts +319 -0
package/src/cli/table.ts +332 -0
package/src/cloudformation/builder.test.ts +327 -0
package/src/cloudformation/builder.ts +378 -0
package/src/cloudformation/builders/api-gateway.ts +449 -0
package/src/cloudformation/builders/cache.ts +334 -0
package/src/cloudformation/builders/cdn.ts +278 -0
package/src/cloudformation/builders/compute.ts +485 -0
package/src/cloudformation/builders/database.ts +392 -0
package/src/cloudformation/builders/functions.ts +343 -0
package/src/cloudformation/builders/messaging.ts +140 -0
package/src/cloudformation/builders/monitoring.ts +300 -0
package/src/cloudformation/builders/network.ts +264 -0
package/src/cloudformation/builders/queue.ts +147 -0
package/src/cloudformation/builders/security.ts +399 -0
package/src/cloudformation/builders/storage.ts +285 -0
package/src/cloudformation/index.ts +30 -0
package/src/cloudformation/types.ts +173 -0
package/src/compliance/aws-config.ts +543 -0
package/src/compliance/cloudtrail.ts +376 -0
package/src/compliance/compliance.test.ts +423 -0
package/src/compliance/guardduty.ts +446 -0
package/src/compliance/index.ts +66 -0
package/src/compliance/security-hub.ts +456 -0
package/src/containers/build-optimization.ts +416 -0
package/src/containers/containers.test.ts +508 -0
package/src/containers/image-scanning.ts +360 -0
package/src/containers/index.ts +9 -0
package/src/containers/registry.ts +293 -0
package/src/containers/service-mesh.ts +520 -0
package/src/database/database.test.ts +762 -0
package/src/database/index.ts +9 -0
package/src/database/migrations.ts +444 -0
package/src/database/performance.ts +528 -0
package/src/database/replicas.ts +534 -0
package/src/database/users.ts +494 -0
package/src/dependency-graph.ts +143 -0
package/src/deployment/ab-testing.ts +582 -0
package/src/deployment/blue-green.ts +452 -0
package/src/deployment/canary.ts +500 -0
package/src/deployment/deployment.test.ts +526 -0
package/src/deployment/index.ts +61 -0
package/src/deployment/progressive.ts +62 -0
package/src/dns/dns.test.ts +641 -0
package/src/dns/dnssec.ts +315 -0
package/src/dns/index.ts +8 -0
package/src/dns/resolver.ts +496 -0
package/src/dns/routing.ts +593 -0
package/src/email/advanced/analytics.ts +445 -0
package/src/email/advanced/index.ts +11 -0
package/src/email/advanced/rules.ts +465 -0
package/src/email/advanced/scheduling.ts +352 -0
package/src/email/advanced/search.ts +412 -0
package/src/email/advanced/shared-mailboxes.ts +404 -0
package/src/email/advanced/templates.ts +455 -0
package/src/email/advanced/threading.ts +281 -0
package/src/email/analytics.ts +467 -0
package/src/email/bounce-handling.ts +425 -0
package/src/email/email.test.ts +431 -0
package/src/email/handlers/__tests__/inbound.test.ts +38 -0
package/src/email/handlers/__tests__/outbound.test.ts +37 -0
package/src/email/handlers/converter.ts +227 -0
package/src/email/handlers/feedback.ts +228 -0
package/src/email/handlers/inbound.ts +169 -0
package/src/email/handlers/outbound.ts +178 -0
package/src/email/index.ts +15 -0
package/src/email/reputation.ts +303 -0
package/src/email/templates.ts +352 -0
package/src/errors/index.test.ts +434 -0
package/src/errors/index.ts +416 -0
package/src/health-checks/index.ts +40 -0
package/src/index.ts +360 -0
package/src/intrinsic-functions.ts +118 -0
package/src/lambda/concurrency.ts +330 -0
package/src/lambda/destinations.ts +345 -0
package/src/lambda/dlq.ts +425 -0
package/src/lambda/index.ts +11 -0
package/src/lambda/lambda.test.ts +840 -0
package/src/lambda/layers.ts +263 -0
package/src/lambda/versions.ts +376 -0
package/src/lambda/vpc.ts +399 -0
package/src/local/config.ts +114 -0
package/src/local/index.ts +6 -0
package/src/local/mock-aws.ts +351 -0
package/src/modules/ai.ts +340 -0
package/src/modules/api.ts +478 -0
package/src/modules/auth.ts +805 -0
package/src/modules/cache.ts +417 -0
package/src/modules/cdn.ts +1062 -0
package/src/modules/communication.ts +1094 -0
package/src/modules/compute.ts +3348 -0
package/src/modules/database.ts +554 -0
package/src/modules/deployment.ts +1079 -0
package/src/modules/dns.ts +337 -0
package/src/modules/email.ts +1538 -0
package/src/modules/filesystem.ts +515 -0
package/src/modules/index.ts +32 -0
package/src/modules/messaging.ts +486 -0
package/src/modules/monitoring.ts +2086 -0
package/src/modules/network.ts +664 -0
package/src/modules/parameter-store.ts +325 -0
package/src/modules/permissions.ts +1081 -0
package/src/modules/phone.ts +494 -0
package/src/modules/queue.ts +1260 -0
package/src/modules/redirects.ts +464 -0
package/src/modules/registry.ts +699 -0
package/src/modules/search.ts +401 -0
package/src/modules/secrets.ts +416 -0
package/src/modules/security.ts +731 -0
package/src/modules/sms.ts +389 -0
package/src/modules/storage.ts +1120 -0
package/src/modules/workflow.ts +680 -0
package/src/multi-account/config.ts +521 -0
package/src/multi-account/index.ts +7 -0
package/src/multi-account/manager.ts +427 -0
package/src/multi-region/cross-region.ts +410 -0
package/src/multi-region/index.ts +8 -0
package/src/multi-region/manager.ts +483 -0
package/src/multi-region/regions.ts +435 -0
package/src/network-security/index.ts +48 -0
package/src/observability/index.ts +9 -0
package/src/observability/logs.ts +522 -0
package/src/observability/metrics.ts +460 -0
package/src/observability/observability.test.ts +782 -0
package/src/observability/synthetics.ts +568 -0
package/src/observability/xray.ts +358 -0
package/src/phone/advanced/analytics.ts +349 -0
package/src/phone/advanced/callbacks.ts +428 -0
package/src/phone/advanced/index.ts +8 -0
package/src/phone/advanced/ivr-builder.ts +504 -0
package/src/phone/advanced/recording.ts +310 -0
package/src/phone/handlers/__tests__/incoming-call.test.ts +40 -0
package/src/phone/handlers/incoming-call.ts +117 -0
package/src/phone/handlers/missed-call.ts +116 -0
package/src/phone/handlers/voicemail.ts +179 -0
package/src/phone/index.ts +9 -0
package/src/presets/api-backend.ts +134 -0
package/src/presets/data-pipeline.ts +204 -0
package/src/presets/extend.test.ts +295 -0
package/src/presets/extend.ts +297 -0
package/src/presets/fullstack-app.ts +144 -0
package/src/presets/index.ts +27 -0
package/src/presets/jamstack.ts +135 -0
package/src/presets/microservices.ts +167 -0
package/src/presets/ml-api.ts +208 -0
package/src/presets/nodejs-server.ts +104 -0
package/src/presets/nodejs-serverless.ts +114 -0
package/src/presets/realtime-app.ts +184 -0
package/src/presets/static-site.ts +64 -0
package/src/presets/traditional-web-app.ts +339 -0
package/src/presets/wordpress.ts +138 -0
package/src/preview/github.test.ts +249 -0
package/src/preview/github.ts +297 -0
package/src/preview/index.ts +37 -0
package/src/preview/manager.test.ts +440 -0
package/src/preview/manager.ts +326 -0
package/src/preview/notifications.test.ts +582 -0
package/src/preview/notifications.ts +341 -0
package/src/queue/batch-processing.ts +402 -0
package/src/queue/dlq-monitoring.ts +402 -0
package/src/queue/fifo.ts +342 -0
package/src/queue/index.ts +9 -0
package/src/queue/management.ts +428 -0
package/src/queue/queue.test.ts +429 -0
package/src/resource-mgmt/index.ts +39 -0
package/src/resource-naming.ts +62 -0
package/src/s3/index.ts +523 -0
package/src/schema/cloud-config.schema.json +554 -0
package/src/schema/index.ts +68 -0
package/src/security/certificate-manager.ts +492 -0
package/src/security/index.ts +9 -0
package/src/security/scanning.ts +545 -0
package/src/security/secrets-manager.ts +476 -0
package/src/security/secrets-rotation.ts +456 -0
package/src/security/security.test.ts +738 -0
package/src/sms/advanced/ab-testing.ts +389 -0
package/src/sms/advanced/analytics.ts +336 -0
package/src/sms/advanced/campaigns.ts +523 -0
package/src/sms/advanced/chatbot.ts +224 -0
package/src/sms/advanced/index.ts +10 -0
package/src/sms/advanced/link-tracking.ts +248 -0
package/src/sms/advanced/mms.ts +308 -0
package/src/sms/handlers/__tests__/send.test.ts +40 -0
package/src/sms/handlers/delivery-status.ts +133 -0
package/src/sms/handlers/receive.ts +162 -0
package/src/sms/handlers/send.ts +174 -0
package/src/sms/index.ts +9 -0
package/src/stack-diff.ts +389 -0
package/src/static-site/index.ts +85 -0
package/src/template-builder.ts +110 -0
package/src/template-validator.ts +574 -0
package/src/utils/cache.ts +291 -0
package/src/utils/diff.ts +269 -0
package/src/utils/hash.ts +227 -0
package/src/utils/index.ts +8 -0
package/src/utils/parallel.ts +294 -0
package/src/validators/credentials.test.ts +274 -0
package/src/validators/credentials.ts +233 -0
package/src/validators/quotas.test.ts +434 -0
package/src/validators/quotas.ts +217 -0
package/test/ai.test.ts +327 -0
package/test/api.test.ts +511 -0
package/test/auth.test.ts +632 -0
package/test/cache.test.ts +406 -0
package/test/cdn.test.ts +247 -0
package/test/compute.test.ts +861 -0
package/test/database.test.ts +523 -0
package/test/deployment.test.ts +499 -0
package/test/dns.test.ts +270 -0
package/test/email.test.ts +439 -0
package/test/filesystem.test.ts +382 -0
package/test/integration.test.ts +350 -0
package/test/messaging.test.ts +514 -0
package/test/monitoring.test.ts +634 -0
package/test/network.test.ts +425 -0
package/test/permissions.test.ts +488 -0
package/test/queue.test.ts +484 -0
package/test/registry.test.ts +306 -0
package/test/security.test.ts +462 -0
package/test/storage.test.ts +463 -0
package/test/template-validator.test.ts +559 -0
package/test/workflow.test.ts +592 -0
package/tsconfig.json +16 -0
package/tsconfig.tsbuildinfo +1 -0

package/src/modules/database.ts ADDED Viewed

@@ -0,0 +1,554 @@
+import type {
+  DynamoDBTable,
+  RDSDBInstance,
+  RDSDBParameterGroup,
+  RDSDBSubnetGroup,
+} from '@stacksjs/ts-cloud-aws-types'
+import type { EnvironmentType } from '@stacksjs/ts-cloud-types'
+import { Fn } from '../intrinsic-functions'
+import { generateLogicalId, generateResourceName } from '../resource-naming'
+export interface RDSOptions {
+  slug: string
+  environment: EnvironmentType
+  dbInstanceIdentifier?: string
+  dbInstanceClass?: string
+  instanceClass?: string // Alias for dbInstanceClass
+  allocatedStorage?: number
+  storageType?: 'gp2' | 'gp3' | 'io1' | 'io2'
+  masterUsername?: string
+  masterUserPassword?: string
+  masterPassword?: string // Alias for masterUserPassword
+  databaseName?: string
+  subnetIds?: string[]
+  securityGroupIds?: string[]
+  encrypted?: boolean
+  kmsKeyId?: string
+  multiAz?: boolean
+  backupRetentionDays?: number
+  publiclyAccessible?: boolean
+  enableCloudwatchLogs?: boolean
+  deletionProtection?: boolean
+}
+export interface DynamoDBTableOptions {
+  slug: string
+  environment: EnvironmentType
+  tableName?: string
+  partitionKey: {
+    name: string
+    type: 'S' | 'N' | 'B'
+  }
+  sortKey?: {
+    name: string
+    type: 'S' | 'N' | 'B'
+  }
+  billingMode?: 'PROVISIONED' | 'PAY_PER_REQUEST'
+  readCapacity?: number
+  writeCapacity?: number
+  streamEnabled?: boolean
+  streamViewType?: 'NEW_IMAGE' | 'OLD_IMAGE' | 'NEW_AND_OLD_IMAGES' | 'KEYS_ONLY'
+  encrypted?: boolean
+  kmsKeyId?: string
+  pointInTimeRecovery?: boolean
+  ttlAttribute?: string
+}
+export interface GlobalSecondaryIndexOptions {
+  indexName: string
+  partitionKey: {
+    name: string
+    type: 'S' | 'N' | 'B'
+  }
+  sortKey?: {
+    name: string
+    type: 'S' | 'N' | 'B'
+  }
+  projectionType?: 'ALL' | 'KEYS_ONLY' | 'INCLUDE'
+  nonKeyAttributes?: string[]
+  readCapacity?: number
+  writeCapacity?: number
+}
+/**
+ * Database Module - RDS + DynamoDB
+ * Provides clean API for relational (RDS) and NoSQL (DynamoDB) databases
+ */
+export class Database {
+  /**
+   * Create a PostgreSQL RDS instance
+   */
+  static createPostgres(options: RDSOptions): {
+    dbInstance: RDSDBInstance
+    subnetGroup?: RDSDBSubnetGroup
+    logicalId: string
+    subnetGroupId?: string
+  } {
+    return Database.createRDSInstance('postgres', '16.2', options)
+  }
+  /**
+   * Create a MySQL RDS instance
+   */
+  static createMysql(options: RDSOptions): {
+    dbInstance: RDSDBInstance
+    subnetGroup?: RDSDBSubnetGroup
+    logicalId: string
+    subnetGroupId?: string
+  } {
+    return Database.createRDSInstance('mysql', '8.0.35', options)
+  }
+  /**
+   * Create an RDS instance (internal helper)
+   */
+  private static createRDSInstance(
+    engine: 'postgres' | 'mysql',
+    engineVersion: string,
+    options: RDSOptions,
+  ): {
+      dbInstance: RDSDBInstance
+      subnetGroup?: RDSDBSubnetGroup
+      logicalId: string
+      subnetGroupId?: string
+    } {
+    const {
+      slug,
+      environment,
+      instanceClass = 'db.t3.micro',
+      allocatedStorage = 20,
+      storageType = 'gp3',
+      masterUsername = 'admin',
+      masterPassword,
+      databaseName,
+      subnetIds,
+      securityGroupIds,
+      encrypted = true,
+      kmsKeyId,
+      multiAz = false,
+      backupRetentionDays = 7,
+      publiclyAccessible = false,
+      enableCloudwatchLogs = true,
+      deletionProtection = true,
+    } = options
+    const resourceName = generateResourceName({
+      slug,
+      environment,
+      resourceType: `${engine}-db`,
+    })
+    const logicalId = generateLogicalId(resourceName)
+    // Create subnet group if subnets provided
+    let subnetGroup: RDSDBSubnetGroup | undefined
+    let subnetGroupId: string | undefined
+    if (subnetIds && subnetIds.length > 0) {
+      const subnetGroupName = generateResourceName({
+        slug,
+        environment,
+        resourceType: 'db-subnet-group',
+      })
+      subnetGroupId = generateLogicalId(subnetGroupName)
+      subnetGroup = {
+        Type: 'AWS::RDS::DBSubnetGroup',
+        Properties: {
+          DBSubnetGroupName: subnetGroupName,
+          DBSubnetGroupDescription: `Subnet group for ${resourceName}`,
+          SubnetIds: subnetIds,
+          Tags: [
+            { Key: 'Name', Value: subnetGroupName },
+            { Key: 'Environment', Value: environment },
+          ],
+        },
+      }
+    }
+    const dbInstance: RDSDBInstance = {
+      Type: 'AWS::RDS::DBInstance',
+      Properties: {
+        DBInstanceIdentifier: resourceName,
+        DBInstanceClass: instanceClass,
+        Engine: engine,
+        EngineVersion: engineVersion,
+        MasterUsername: masterUsername,
+        MasterUserPassword: masterPassword,
+        AllocatedStorage: allocatedStorage,
+        StorageType: storageType,
+        StorageEncrypted: encrypted,
+        MultiAZ: multiAz,
+        BackupRetentionPeriod: backupRetentionDays,
+        PubliclyAccessible: publiclyAccessible,
+        DeletionProtection: deletionProtection,
+        Tags: [
+          { Key: 'Name', Value: resourceName },
+          { Key: 'Environment', Value: environment },
+        ],
+      },
+    }
+    if (databaseName) {
+      dbInstance.Properties.DBName = databaseName
+    }
+    if (kmsKeyId) {
+      dbInstance.Properties.KmsKeyId = kmsKeyId
+    }
+    if (subnetGroupId) {
+      dbInstance.Properties.DBSubnetGroupName = Fn.Ref(subnetGroupId) as unknown as string
+    }
+    if (securityGroupIds && securityGroupIds.length > 0) {
+      dbInstance.Properties.VPCSecurityGroups = securityGroupIds
+    }
+    if (enableCloudwatchLogs) {
+      dbInstance.Properties.EnableCloudwatchLogsExports = engine === 'postgres'
+        ? ['postgresql']
+        : ['error', 'general', 'slowquery']
+    }
+    return {
+      dbInstance,
+      subnetGroup,
+      logicalId,
+      subnetGroupId,
+    }
+  }
+  /**
+   * Create a read replica
+   */
+  static createReadReplica(
+    sourceDbLogicalId: string,
+    options: Omit<RDSOptions, 'masterUsername' | 'masterPassword' | 'databaseName'>,
+  ): {
+      replica: RDSDBInstance
+      logicalId: string
+    } {
+    const {
+      slug,
+      environment,
+      instanceClass = 'db.t3.micro',
+      securityGroupIds,
+      publiclyAccessible = false,
+    } = options
+    const resourceName = generateResourceName({
+      slug,
+      environment,
+      resourceType: 'db-replica',
+    })
+    const logicalId = generateLogicalId(resourceName)
+    const replica: RDSDBInstance = {
+      Type: 'AWS::RDS::DBInstance',
+      Properties: {
+        DBInstanceIdentifier: resourceName,
+        DBInstanceClass: instanceClass,
+        SourceDBInstanceIdentifier: Fn.Ref(sourceDbLogicalId) as unknown as string,
+        PubliclyAccessible: publiclyAccessible,
+        Tags: [
+          { Key: 'Name', Value: resourceName },
+          { Key: 'Environment', Value: environment },
+          { Key: 'Type', Value: 'ReadReplica' },
+        ],
+      },
+    }
+    if (securityGroupIds && securityGroupIds.length > 0) {
+      replica.Properties.VPCSecurityGroups = securityGroupIds
+    }
+    return { replica, logicalId }
+  }
+  /**
+   * Create a DB parameter group
+   */
+  static createParameterGroup(
+    engine: 'postgres' | 'mysql',
+    version: string,
+    options: {
+      slug: string
+      environment: EnvironmentType
+      parameters?: Record<string, string>
+    },
+  ): {
+      parameterGroup: RDSDBParameterGroup
+      logicalId: string
+    } {
+    const { slug, environment, parameters = {} } = options
+    const resourceName = generateResourceName({
+      slug,
+      environment,
+      resourceType: 'db-params',
+    })
+    const logicalId = generateLogicalId(resourceName)
+    // Determine parameter group family
+    const family = engine === 'postgres'
+      ? `postgres${version.split('.')[0]}`
+      : `mysql${version.split('.')[0]}.${version.split('.')[1]}`
+    const parameterGroup: RDSDBParameterGroup = {
+      Type: 'AWS::RDS::DBParameterGroup',
+      Properties: {
+        DBParameterGroupName: resourceName,
+        Description: `Parameter group for ${resourceName}`,
+        Family: family,
+        Parameters: parameters,
+        Tags: [
+          { Key: 'Name', Value: resourceName },
+          { Key: 'Environment', Value: environment },
+        ],
+      },
+    }
+    return { parameterGroup, logicalId }
+  }
+  /**
+   * Enable backup for RDS instance
+   */
+  static enableBackup(
+    dbInstance: RDSDBInstance,
+    retentionDays: number = 7,
+  ): RDSDBInstance {
+    dbInstance.Properties.BackupRetentionPeriod = retentionDays
+    return dbInstance
+  }
+  /**
+   * Create a DynamoDB table
+   */
+  static createTable(options: DynamoDBTableOptions): {
+    table: DynamoDBTable
+    logicalId: string
+  } {
+    const {
+      slug,
+      environment,
+      tableName,
+      partitionKey,
+      sortKey,
+      billingMode = 'PAY_PER_REQUEST',
+      readCapacity = 5,
+      writeCapacity = 5,
+      streamEnabled = false,
+      streamViewType = 'NEW_AND_OLD_IMAGES',
+      encrypted = true,
+      kmsKeyId,
+      pointInTimeRecovery = true,
+      ttlAttribute,
+    } = options
+    const resourceName = tableName || generateResourceName({
+      slug,
+      environment,
+      resourceType: 'table',
+    })
+    const logicalId = generateLogicalId(resourceName)
+    // Build attribute definitions
+    const attributeDefinitions: DynamoDBTable['Properties']['AttributeDefinitions'] = [
+      {
+        AttributeName: partitionKey.name,
+        AttributeType: partitionKey.type,
+      },
+    ]
+    if (sortKey) {
+      attributeDefinitions.push({
+        AttributeName: sortKey.name,
+        AttributeType: sortKey.type,
+      })
+    }
+    // Build key schema
+    const keySchema: DynamoDBTable['Properties']['KeySchema'] = [
+      {
+        AttributeName: partitionKey.name,
+        KeyType: 'HASH',
+      },
+    ]
+    if (sortKey) {
+      keySchema.push({
+        AttributeName: sortKey.name,
+        KeyType: 'RANGE',
+      })
+    }
+    const table: DynamoDBTable = {
+      Type: 'AWS::DynamoDB::Table',
+      Properties: {
+        TableName: resourceName,
+        BillingMode: billingMode,
+        AttributeDefinitions: attributeDefinitions,
+        KeySchema: keySchema,
+        Tags: [
+          { Key: 'Name', Value: resourceName },
+          { Key: 'Environment', Value: environment },
+        ],
+      },
+    }
+    if (billingMode === 'PROVISIONED') {
+      table.Properties.ProvisionedThroughput = {
+        ReadCapacityUnits: readCapacity,
+        WriteCapacityUnits: writeCapacity,
+      }
+    }
+    if (streamEnabled) {
+      table.Properties.StreamSpecification = {
+        StreamViewType: streamViewType,
+      }
+    }
+    if (encrypted) {
+      table.Properties.SSESpecification = {
+        SSEEnabled: true,
+        SSEType: kmsKeyId ? 'KMS' : 'AES256',
+        KMSMasterKeyId: kmsKeyId,
+      }
+    }
+    if (pointInTimeRecovery) {
+      table.Properties.PointInTimeRecoverySpecification = {
+        PointInTimeRecoveryEnabled: true,
+      }
+    }
+    if (ttlAttribute) {
+      table.Properties.TimeToLiveSpecification = {
+        AttributeName: ttlAttribute,
+        Enabled: true,
+      }
+    }
+    return { table, logicalId }
+  }
+  /**
+   * Add a global secondary index to a DynamoDB table
+   */
+  static addGlobalSecondaryIndex(
+    table: DynamoDBTable,
+    index: GlobalSecondaryIndexOptions,
+  ): DynamoDBTable {
+    const {
+      indexName,
+      partitionKey,
+      sortKey,
+      projectionType = 'ALL',
+      nonKeyAttributes,
+      readCapacity = 5,
+      writeCapacity = 5,
+    } = index
+    // Add attribute definitions if not already present
+    if (!table.Properties.AttributeDefinitions.some(attr => attr.AttributeName === partitionKey.name)) {
+      table.Properties.AttributeDefinitions.push({
+        AttributeName: partitionKey.name,
+        AttributeType: partitionKey.type,
+      })
+    }
+    if (sortKey && !table.Properties.AttributeDefinitions.some(attr => attr.AttributeName === sortKey.name)) {
+      table.Properties.AttributeDefinitions.push({
+        AttributeName: sortKey.name,
+        AttributeType: sortKey.type,
+      })
+    }
+    // Build GSI key schema
+    const gsiKeySchema: { AttributeName: string, KeyType: 'HASH' | 'RANGE' }[] = [
+      {
+        AttributeName: partitionKey.name,
+        KeyType: 'HASH',
+      },
+    ]
+    if (sortKey) {
+      gsiKeySchema.push({
+        AttributeName: sortKey.name,
+        KeyType: 'RANGE',
+      })
+    }
+    // Build GSI
+    const gsi = {
+      IndexName: indexName,
+      KeySchema: gsiKeySchema,
+      Projection: {
+        ProjectionType: projectionType as 'ALL' | 'KEYS_ONLY' | 'INCLUDE',
+        NonKeyAttributes: projectionType === 'INCLUDE' ? nonKeyAttributes : undefined,
+      },
+      ProvisionedThroughput: undefined as { ReadCapacityUnits: number, WriteCapacityUnits: number } | undefined,
+    }
+    if (table.Properties.BillingMode === 'PROVISIONED') {
+      gsi.ProvisionedThroughput = {
+        ReadCapacityUnits: readCapacity,
+        WriteCapacityUnits: writeCapacity,
+      }
+    }
+    if (!table.Properties.GlobalSecondaryIndexes) {
+      table.Properties.GlobalSecondaryIndexes = []
+    }
+    table.Properties.GlobalSecondaryIndexes.push(gsi)
+    return table
+  }
+  /**
+   * Enable streams on a DynamoDB table
+   */
+  static enableStreams(
+    table: DynamoDBTable,
+    viewType: 'NEW_IMAGE' | 'OLD_IMAGE' | 'NEW_AND_OLD_IMAGES' | 'KEYS_ONLY' = 'NEW_AND_OLD_IMAGES',
+  ): DynamoDBTable {
+    table.Properties.StreamSpecification = {
+      StreamViewType: viewType,
+    }
+    return table
+  }
+  /**
+   * Common RDS instance classes
+   */
+  static readonly InstanceClasses = {
+    // T3 - Burstable performance
+    T3_Micro: 'db.t3.micro',
+    T3_Small: 'db.t3.small',
+    T3_Medium: 'db.t3.medium',
+    T3_Large: 'db.t3.large',
+    // T4g - Arm-based burstable
+    T4g_Micro: 'db.t4g.micro',
+    T4g_Small: 'db.t4g.small',
+    T4g_Medium: 'db.t4g.medium',
+    // M5 - General purpose
+    M5_Large: 'db.m5.large',
+    M5_XLarge: 'db.m5.xlarge',
+    M5_2XLarge: 'db.m5.2xlarge',
+    // R5 - Memory optimized
+    R5_Large: 'db.r5.large',
+    R5_XLarge: 'db.r5.xlarge',
+    R5_2XLarge: 'db.r5.2xlarge',
+  } as const
+}