@studion/infra-code-blocks 0.8.0-next.2 → 2.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/components/acm-certificate/index.d.ts +20 -0
- package/dist/components/acm-certificate/index.d.ts.map +1 -0
- package/dist/components/acm-certificate/index.js +40 -0
- package/dist/components/cloudfront/index.d.ts +92 -0
- package/dist/components/cloudfront/index.d.ts.map +1 -0
- package/dist/components/cloudfront/index.js +208 -0
- package/dist/components/cloudfront/lb-cache-strategy.d.ts +21 -0
- package/dist/components/cloudfront/lb-cache-strategy.d.ts.map +1 -0
- package/dist/components/cloudfront/lb-cache-strategy.js +93 -0
- package/dist/components/cloudfront/s3-cache-strategy.d.ts +21 -0
- package/dist/components/cloudfront/s3-cache-strategy.d.ts.map +1 -0
- package/dist/components/cloudfront/s3-cache-strategy.js +78 -0
- package/dist/components/cloudfront/types.d.ts +10 -0
- package/dist/components/cloudfront/types.d.ts.map +1 -0
- package/dist/components/database/builder.d.ts +32 -0
- package/dist/components/database/builder.d.ts.map +1 -0
- package/dist/components/database/builder.js +82 -0
- package/dist/components/database/database-replica.d.ts +35 -0
- package/dist/components/database/database-replica.d.ts.map +1 -0
- package/dist/components/database/database-replica.js +40 -0
- package/dist/components/database/ec2-ssm-connect.d.ts +26 -0
- package/dist/components/database/ec2-ssm-connect.d.ts.map +1 -0
- package/dist/components/{ec2-ssm-connect.js → database/ec2-ssm-connect.js} +42 -34
- package/dist/components/database/index.d.ts +67 -0
- package/dist/components/database/index.d.ts.map +1 -0
- package/dist/components/database/index.js +144 -0
- package/dist/{v2/components → components}/ecs-service/index.d.ts +6 -5
- package/dist/components/ecs-service/index.d.ts.map +1 -0
- package/dist/{v2/components → components}/ecs-service/index.js +19 -30
- package/dist/components/ecs-service/policies.d.ts +3 -0
- package/dist/components/ecs-service/policies.d.ts.map +1 -0
- package/dist/components/ecs-service/task-size.d.ts +37 -0
- package/dist/components/ecs-service/task-size.d.ts.map +1 -0
- package/dist/{constants.js → components/ecs-service/task-size.js} +17 -7
- package/dist/components/grafana/dashboards/index.d.ts.map +1 -0
- package/dist/components/grafana/dashboards/panels.d.ts.map +1 -0
- package/dist/components/grafana/dashboards/types.d.ts.map +1 -0
- package/dist/components/grafana/dashboards/web-server-slo.d.ts.map +1 -0
- package/dist/components/grafana/index.d.ts.map +1 -0
- package/dist/components/password/index.d.ts +15 -0
- package/dist/components/password/index.d.ts.map +1 -0
- package/dist/components/{password.js → password/index.js} +6 -9
- package/dist/components/prometheus/index.d.ts.map +1 -0
- package/dist/components/prometheus/queries.d.ts.map +1 -0
- package/dist/components/prometheus/queries.test.d.ts.map +1 -0
- package/dist/components/redis/elasticache-redis.d.ts +38 -0
- package/dist/components/redis/elasticache-redis.d.ts.map +1 -0
- package/dist/components/redis/elasticache-redis.js +58 -0
- package/dist/components/redis/upstash-redis.d.ts +20 -0
- package/dist/components/redis/upstash-redis.d.ts.map +1 -0
- package/dist/components/redis/upstash-redis.js +29 -0
- package/dist/components/static-site/index.d.ts +23 -0
- package/dist/components/static-site/index.d.ts.map +1 -0
- package/dist/components/static-site/index.js +32 -0
- package/dist/components/static-site/s3-assets.d.ts +20 -0
- package/dist/components/static-site/s3-assets.d.ts.map +1 -0
- package/dist/components/static-site/s3-assets.js +63 -0
- package/dist/components/vpc/index.d.ts +20 -0
- package/dist/components/vpc/index.d.ts.map +1 -0
- package/dist/components/vpc/index.js +31 -0
- package/dist/{v2/components → components}/web-server/builder.d.ts +6 -2
- package/dist/components/web-server/builder.d.ts.map +1 -0
- package/dist/{v2/components → components}/web-server/builder.js +11 -1
- package/dist/{v2/components → components}/web-server/index.d.ts +30 -8
- package/dist/components/web-server/index.d.ts.map +1 -0
- package/dist/{v2/components → components}/web-server/index.js +49 -40
- package/dist/{v2/components → components}/web-server/load-balancer.d.ts +4 -3
- package/dist/components/web-server/load-balancer.d.ts.map +1 -0
- package/dist/{v2/components → components}/web-server/load-balancer.js +17 -14
- package/dist/index.d.ts +24 -11
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +38 -26
- package/dist/otel/batch-processor.d.ts.map +1 -0
- package/dist/{v2/otel → otel}/builder.d.ts +15 -2
- package/dist/otel/builder.d.ts.map +1 -0
- package/dist/{v2/otel → otel}/builder.js +47 -2
- package/dist/{v2/otel → otel}/config.d.ts +13 -1
- package/dist/otel/config.d.ts.map +1 -0
- package/dist/{v2/otel → otel}/config.js +20 -3
- package/dist/{v2/otel → otel}/index.d.ts +8 -0
- package/dist/otel/index.d.ts.map +1 -0
- package/dist/otel/memory-limiter-processor.d.ts.map +1 -0
- package/dist/otel/otlp-receiver.d.ts.map +1 -0
- package/dist/otel/prometheus-remote-write-exporter.d.ts.map +1 -0
- package/dist/shared/common-tags.d.ts +5 -0
- package/dist/shared/common-tags.d.ts.map +1 -0
- package/dist/shared/common-tags.js +8 -0
- package/dist/shared/merge-with-defaults.d.ts +2 -0
- package/dist/shared/merge-with-defaults.d.ts.map +1 -0
- package/dist/shared/merge-with-defaults.js +7 -0
- package/package.json +32 -14
- package/dist/components/acm-certificate.d.ts +0 -11
- package/dist/components/acm-certificate.d.ts.map +0 -1
- package/dist/components/acm-certificate.js +0 -30
- package/dist/components/database-replica.d.ts +0 -69
- package/dist/components/database-replica.d.ts.map +0 -1
- package/dist/components/database-replica.js +0 -40
- package/dist/components/database.d.ts +0 -99
- package/dist/components/database.d.ts.map +0 -1
- package/dist/components/database.js +0 -118
- package/dist/components/ec2-ssm-connect.d.ts +0 -22
- package/dist/components/ec2-ssm-connect.d.ts.map +0 -1
- package/dist/components/ecs-service.d.ts +0 -143
- package/dist/components/ecs-service.d.ts.map +0 -1
- package/dist/components/ecs-service.js +0 -357
- package/dist/components/mongo.d.ts +0 -39
- package/dist/components/mongo.d.ts.map +0 -1
- package/dist/components/mongo.js +0 -54
- package/dist/components/nuxt-ssr.d.ts +0 -44
- package/dist/components/nuxt-ssr.d.ts.map +0 -1
- package/dist/components/nuxt-ssr.js +0 -277
- package/dist/components/password.d.ts +0 -13
- package/dist/components/password.d.ts.map +0 -1
- package/dist/components/project.d.ts +0 -77
- package/dist/components/project.d.ts.map +0 -1
- package/dist/components/project.js +0 -171
- package/dist/components/redis.d.ts +0 -23
- package/dist/components/redis.d.ts.map +0 -1
- package/dist/components/redis.js +0 -35
- package/dist/components/static-site.d.ts +0 -36
- package/dist/components/static-site.d.ts.map +0 -1
- package/dist/components/static-site.js +0 -138
- package/dist/components/web-server.d.ts +0 -38
- package/dist/components/web-server.d.ts.map +0 -1
- package/dist/components/web-server.js +0 -185
- package/dist/constants.d.ts +0 -23
- package/dist/constants.d.ts.map +0 -1
- package/dist/types/pulumi.d.ts +0 -5
- package/dist/types/pulumi.d.ts.map +0 -1
- package/dist/types/size.d.ts +0 -8
- package/dist/types/size.d.ts.map +0 -1
- package/dist/types/size.js +0 -2
- package/dist/v2/components/ecs-service/index.d.ts.map +0 -1
- package/dist/v2/components/ecs-service/policies.d.ts +0 -3
- package/dist/v2/components/ecs-service/policies.d.ts.map +0 -1
- package/dist/v2/components/grafana/dashboards/index.d.ts.map +0 -1
- package/dist/v2/components/grafana/dashboards/panels.d.ts.map +0 -1
- package/dist/v2/components/grafana/dashboards/types.d.ts.map +0 -1
- package/dist/v2/components/grafana/dashboards/web-server-slo.d.ts.map +0 -1
- package/dist/v2/components/grafana/index.d.ts.map +0 -1
- package/dist/v2/components/prometheus/index.d.ts.map +0 -1
- package/dist/v2/components/prometheus/queries.d.ts.map +0 -1
- package/dist/v2/components/prometheus/queries.test.d.ts.map +0 -1
- package/dist/v2/components/web-server/builder.d.ts.map +0 -1
- package/dist/v2/components/web-server/index.d.ts.map +0 -1
- package/dist/v2/components/web-server/load-balancer.d.ts.map +0 -1
- package/dist/v2/index.d.ts +0 -13
- package/dist/v2/index.d.ts.map +0 -1
- package/dist/v2/index.js +0 -16
- package/dist/v2/otel/batch-processor.d.ts.map +0 -1
- package/dist/v2/otel/builder.d.ts.map +0 -1
- package/dist/v2/otel/config.d.ts.map +0 -1
- package/dist/v2/otel/index.d.ts.map +0 -1
- package/dist/v2/otel/memory-limiter-processor.d.ts.map +0 -1
- package/dist/v2/otel/otlp-receiver.d.ts.map +0 -1
- package/dist/v2/otel/prometheus-remote-write-exporter.d.ts.map +0 -1
- /package/dist/{v2/components/grafana/dashboards → components/cloudfront}/types.js +0 -0
- /package/dist/{v2/components → components}/ecs-service/policies.js +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/index.d.ts +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/index.js +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/panels.d.ts +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/panels.js +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/types.d.ts +0 -0
- /package/dist/{types/pulumi.js → components/grafana/dashboards/types.js} +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/web-server-slo.d.ts +0 -0
- /package/dist/{v2/components → components}/grafana/dashboards/web-server-slo.js +0 -0
- /package/dist/{v2/components → components}/grafana/index.d.ts +0 -0
- /package/dist/{v2/components → components}/grafana/index.js +0 -0
- /package/dist/{v2/components → components}/prometheus/index.d.ts +0 -0
- /package/dist/{v2/components → components}/prometheus/index.js +0 -0
- /package/dist/{v2/components → components}/prometheus/queries.d.ts +0 -0
- /package/dist/{v2/components → components}/prometheus/queries.js +0 -0
- /package/dist/{v2/components → components}/prometheus/queries.test.d.ts +0 -0
- /package/dist/{v2/components → components}/prometheus/queries.test.js +0 -0
- /package/dist/{v2/otel → otel}/batch-processor.d.ts +0 -0
- /package/dist/{v2/otel → otel}/batch-processor.js +0 -0
- /package/dist/{v2/otel → otel}/index.js +0 -0
- /package/dist/{v2/otel → otel}/memory-limiter-processor.d.ts +0 -0
- /package/dist/{v2/otel → otel}/memory-limiter-processor.js +0 -0
- /package/dist/{v2/otel → otel}/otlp-receiver.d.ts +0 -0
- /package/dist/{v2/otel → otel}/otlp-receiver.js +0 -0
- /package/dist/{v2/otel → otel}/prometheus-remote-write-exporter.d.ts +0 -0
- /package/dist/{v2/otel → otel}/prometheus-remote-write-exporter.js +0 -0
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
2
|
+
import * as aws from '@pulumi/aws-v7';
|
|
3
|
+
export declare namespace AcmCertificate {
|
|
4
|
+
type Args = {
|
|
5
|
+
domain: pulumi.Input<string>;
|
|
6
|
+
/**
|
|
7
|
+
* Additional domains/subdomains to be included in this certificate.
|
|
8
|
+
*/
|
|
9
|
+
subjectAlternativeNames?: pulumi.Input<string>[];
|
|
10
|
+
hostedZoneId: pulumi.Input<string>;
|
|
11
|
+
region?: pulumi.Input<string>;
|
|
12
|
+
};
|
|
13
|
+
}
|
|
14
|
+
export declare class AcmCertificate extends pulumi.ComponentResource {
|
|
15
|
+
certificate: aws.acm.Certificate;
|
|
16
|
+
certificateValidation: pulumi.Output<aws.acm.CertificateValidation>;
|
|
17
|
+
constructor(name: string, args: AcmCertificate.Args, opts?: pulumi.ComponentResourceOptions);
|
|
18
|
+
private createCertValidationRecords;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/acm-certificate/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AAGtC,yBAAiB,cAAc,CAAC;IAC9B,KAAY,IAAI,GAAG;QACjB,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7B;;WAEG;QACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KAC/B,CAAC;CACH;AAED,qBAAa,cAAe,SAAQ,MAAM,CAAC,iBAAiB;IAC1D,WAAW,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC;IACjC,qBAAqB,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;gBAGlE,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,cAAc,CAAC,IAAI,EACzB,IAAI,GAAE,MAAM,CAAC,wBAA6B;IAgC5C,OAAO,CAAC,2BAA2B;CAmCpC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AcmCertificate = void 0;
|
|
4
|
+
const pulumi = require("@pulumi/pulumi");
|
|
5
|
+
const aws = require("@pulumi/aws-v7");
|
|
6
|
+
const common_tags_1 = require("../../shared/common-tags");
|
|
7
|
+
class AcmCertificate extends pulumi.ComponentResource {
|
|
8
|
+
constructor(name, args, opts = {}) {
|
|
9
|
+
super('studion:acm-certificate:AcmCertificate', name, {}, Object.assign(Object.assign({}, opts), { aliases: [...(opts.aliases || []), { type: 'studion:acm:Certificate' }] }));
|
|
10
|
+
this.certificate = new aws.acm.Certificate(`${args.domain}-certificate`, {
|
|
11
|
+
domainName: args.domain,
|
|
12
|
+
subjectAlternativeNames: args.subjectAlternativeNames,
|
|
13
|
+
validationMethod: 'DNS',
|
|
14
|
+
region: args.region,
|
|
15
|
+
tags: common_tags_1.commonTags,
|
|
16
|
+
}, { parent: this });
|
|
17
|
+
this.certificateValidation = this.createCertValidationRecords(args.domain, args.hostedZoneId, args.region);
|
|
18
|
+
this.registerOutputs();
|
|
19
|
+
}
|
|
20
|
+
createCertValidationRecords(domainName, hostedZoneId, region) {
|
|
21
|
+
return this.certificate.domainValidationOptions.apply(domains => {
|
|
22
|
+
const validationRecords = domains.map(domain => new aws.route53.Record(`${domain.domainName}-cert-validation-domain`, {
|
|
23
|
+
name: domain.resourceRecordName,
|
|
24
|
+
type: domain.resourceRecordType,
|
|
25
|
+
zoneId: hostedZoneId,
|
|
26
|
+
records: [domain.resourceRecordValue],
|
|
27
|
+
ttl: 600,
|
|
28
|
+
}, {
|
|
29
|
+
parent: this,
|
|
30
|
+
deleteBeforeReplace: true,
|
|
31
|
+
}));
|
|
32
|
+
return new aws.acm.CertificateValidation(`${domainName}-cert-validation`, {
|
|
33
|
+
certificateArn: this.certificate.arn,
|
|
34
|
+
validationRecordFqdns: validationRecords.map(record => record.fqdn),
|
|
35
|
+
region,
|
|
36
|
+
}, { parent: this });
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
exports.AcmCertificate = AcmCertificate;
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
import * as aws from '@pulumi/aws-v7';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
import { AcmCertificate } from '../acm-certificate';
|
|
4
|
+
export declare class CloudFront extends pulumi.ComponentResource {
|
|
5
|
+
name: string;
|
|
6
|
+
distribution: aws.cloudfront.Distribution;
|
|
7
|
+
acmCertificate?: AcmCertificate;
|
|
8
|
+
constructor(name: string, args: CloudFront.Args, opts?: pulumi.ComponentResourceOptions);
|
|
9
|
+
private createDistributionOrigins;
|
|
10
|
+
private getCacheBehavior;
|
|
11
|
+
private createCertificate;
|
|
12
|
+
private createDistribution;
|
|
13
|
+
private createAliasRecord;
|
|
14
|
+
}
|
|
15
|
+
export declare namespace CloudFront {
|
|
16
|
+
export enum BehaviorType {
|
|
17
|
+
S3 = "s3",
|
|
18
|
+
LB = "lb",
|
|
19
|
+
CUSTOM = "custom"
|
|
20
|
+
}
|
|
21
|
+
export type S3Behavior = BehaviorBase & {
|
|
22
|
+
type: BehaviorType.S3;
|
|
23
|
+
bucket: pulumi.Input<aws.s3.Bucket>;
|
|
24
|
+
websiteConfig: pulumi.Input<aws.s3.BucketWebsiteConfiguration>;
|
|
25
|
+
};
|
|
26
|
+
export type LbBehavior = BehaviorBase & {
|
|
27
|
+
type: BehaviorType.LB;
|
|
28
|
+
loadBalancer: pulumi.Input<aws.lb.LoadBalancer>;
|
|
29
|
+
dnsName?: pulumi.Input<string>;
|
|
30
|
+
};
|
|
31
|
+
export type CustomBehavior = BehaviorBase & {
|
|
32
|
+
type: BehaviorType.CUSTOM;
|
|
33
|
+
originId: pulumi.Input<string>;
|
|
34
|
+
domainName: pulumi.Input<string>;
|
|
35
|
+
originProtocolPolicy?: pulumi.Input<string>;
|
|
36
|
+
allowedMethods?: pulumi.Input<pulumi.Input<string>[]>;
|
|
37
|
+
cachedMethods?: pulumi.Input<pulumi.Input<string>[]>;
|
|
38
|
+
compress?: pulumi.Input<boolean>;
|
|
39
|
+
defaultRootObject?: pulumi.Input<string>;
|
|
40
|
+
cachePolicyId?: pulumi.Input<string>;
|
|
41
|
+
originRequestPolicyId?: pulumi.Input<string>;
|
|
42
|
+
responseHeadersPolicyId?: pulumi.Input<string>;
|
|
43
|
+
};
|
|
44
|
+
export type Behavior = S3Behavior | LbBehavior | CustomBehavior;
|
|
45
|
+
export type Args = {
|
|
46
|
+
/**
|
|
47
|
+
* Behavior is a combination of distribution's origin and cache behavior.
|
|
48
|
+
* Ordering is important since first encountered behavior is applied,
|
|
49
|
+
* matched by path.
|
|
50
|
+
* The default behavior, i.e. path pattern `*` or `/*`, must always be last.
|
|
51
|
+
* Mapping between behavior and cache is one to one, while origin is mapped
|
|
52
|
+
* by ID to filter out duplicates while keeping the last occurrence.
|
|
53
|
+
*/
|
|
54
|
+
behaviors: Behavior[];
|
|
55
|
+
/**
|
|
56
|
+
* Domain name for CloudFront distribution. Implies creation of certificate
|
|
57
|
+
* and alias record. Must belong to the provided hosted zone.
|
|
58
|
+
* Providing the `certificate` argument has following effects:
|
|
59
|
+
* - Certificate creation is skipped
|
|
60
|
+
* - Provided certificate must cover the domain name
|
|
61
|
+
* Responsibility to ensure mentioned requirements in on the consumer, and
|
|
62
|
+
* falling to do so will result in unexpected behavior.
|
|
63
|
+
*/
|
|
64
|
+
domain?: pulumi.Input<string>;
|
|
65
|
+
/**
|
|
66
|
+
* Certificate for CloudFront distribution. Domain and alternative domains
|
|
67
|
+
* are automatically pulled from the certificate and translated into alias
|
|
68
|
+
* records. Domains covered by the certificate, must belong to the provided
|
|
69
|
+
* hosted zone. The certificate must be in `us-east-1` region. In a case
|
|
70
|
+
* of wildcard certificate the `domain` argument is required.
|
|
71
|
+
* Providing the `domain` argument has following effects:
|
|
72
|
+
* - Alias records creation, from automatically pulled domains, is skipped
|
|
73
|
+
* - Certificate must cover the provided domain name
|
|
74
|
+
* Responsibility to ensure mentioned requirements in on the consumer, and
|
|
75
|
+
* falling to do so will result in unexpected behavior.
|
|
76
|
+
*/
|
|
77
|
+
certificate?: pulumi.Input<aws.acm.Certificate>;
|
|
78
|
+
/**
|
|
79
|
+
* ID of hosted zone is needed when the `domain` or the `certificate`
|
|
80
|
+
* arguments are provided.
|
|
81
|
+
*/
|
|
82
|
+
hostedZoneId?: pulumi.Input<string>;
|
|
83
|
+
tags?: pulumi.Input<{
|
|
84
|
+
[key: string]: pulumi.Input<string>;
|
|
85
|
+
}>;
|
|
86
|
+
};
|
|
87
|
+
type BehaviorBase = {
|
|
88
|
+
pathPattern: string;
|
|
89
|
+
};
|
|
90
|
+
export {};
|
|
91
|
+
}
|
|
92
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/cloudfront/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAEzC,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAIpD,qBAAa,UAAW,SAAQ,MAAM,CAAC,iBAAiB;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC;IAC1C,cAAc,CAAC,EAAE,cAAc,CAAC;gBAG9B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,UAAU,CAAC,IAAI,EACrB,IAAI,GAAE,MAAM,CAAC,wBAA6B;IA4D5C,OAAO,CAAC,yBAAyB;IAwCjC,OAAO,CAAC,gBAAgB;IAoExB,OAAO,CAAC,iBAAiB;IAiBzB,OAAO,CAAC,kBAAkB;IA0D1B,OAAO,CAAC,iBAAiB;CA4B1B;AAED,yBAAiB,UAAU,CAAC;IAC1B,MAAM,MAAM,YAAY;QACtB,EAAE,OAAO;QACT,EAAE,OAAO;QACT,MAAM,WAAW;KAClB;IAED,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG;QACtC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;QACtB,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;QACpC,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,0BAA0B,CAAC,CAAC;KAChE,CAAC;IAEF,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG;QACtC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;QACtB,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC;QAKhD,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KAChC,CAAC;IAEF,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG;QAC1C,IAAI,EAAE,YAAY,CAAC,MAAM,CAAC;QAC1B,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,UAAU,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,oBAAoB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5C,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACtD,aAAa,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACrD,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACjC,iBAAiB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACzC,aAAa,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrC,qBAAqB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7C,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KAChD,CAAC;IAEF,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,UAAU,GAAG,cAAc,CAAC;IAEhE,MAAM,MAAM,IAAI,GAAG;QACjB;;;;;;;WAOG;QACH,SAAS,EAAE,QAAQ,EAAE,CAAC;QACtB;;;;;;;;WAQG;QACH,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC9B;;;;;;;;;;;WAWG;QACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAChD;;;WAGG;QACH,YAAY,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC;YAClB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACrC,CAAC,CAAC;KACJ,CAAC;IAEF,KAAK,YAAY,GAAG;QAClB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;;CACH"}
|
|
@@ -0,0 +1,208 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CloudFront = void 0;
|
|
4
|
+
const aws = require("@pulumi/aws-v7");
|
|
5
|
+
const pulumi = require("@pulumi/pulumi");
|
|
6
|
+
const common_tags_1 = require("../../shared/common-tags");
|
|
7
|
+
const acm_certificate_1 = require("../acm-certificate");
|
|
8
|
+
const s3_cache_strategy_1 = require("./s3-cache-strategy");
|
|
9
|
+
const lb_cache_strategy_1 = require("./lb-cache-strategy");
|
|
10
|
+
class CloudFront extends pulumi.ComponentResource {
|
|
11
|
+
constructor(name, args, opts = {}) {
|
|
12
|
+
super('studion:cloudfront:CloudFront', name, args, opts);
|
|
13
|
+
this.name = name;
|
|
14
|
+
const { behaviors, domain, certificate, hostedZoneId, tags } = args;
|
|
15
|
+
const hasCustomDomain = !!domain || !!certificate;
|
|
16
|
+
if (hasCustomDomain && !hostedZoneId) {
|
|
17
|
+
throw new Error('Provide `hostedZoneId` alongside `domain` and/or `certificate`.');
|
|
18
|
+
}
|
|
19
|
+
const defaultBehavior = behaviors.at(-1);
|
|
20
|
+
const orderedBehaviors = behaviors.slice(0, -1);
|
|
21
|
+
if (!defaultBehavior || !isDefaultBehavior(defaultBehavior)) {
|
|
22
|
+
throw new Error('Default behavior must be placed last.');
|
|
23
|
+
}
|
|
24
|
+
if (domain && hostedZoneId && !certificate) {
|
|
25
|
+
this.acmCertificate = this.createCertificate({ domain, hostedZoneId });
|
|
26
|
+
}
|
|
27
|
+
const defaultRootObject = isS3BehaviorType(defaultBehavior)
|
|
28
|
+
? 'index.html'
|
|
29
|
+
: isCustomBehaviorType(defaultBehavior)
|
|
30
|
+
? defaultBehavior.defaultRootObject
|
|
31
|
+
: undefined;
|
|
32
|
+
this.distribution = this.createDistribution({
|
|
33
|
+
origins: this.createDistributionOrigins(behaviors),
|
|
34
|
+
defaultCache: this.getCacheBehavior(defaultBehavior),
|
|
35
|
+
orderedCaches: orderedBehaviors.length
|
|
36
|
+
? orderedBehaviors.map(it => (Object.assign({ pathPattern: it.pathPattern }, this.getCacheBehavior(it))))
|
|
37
|
+
: undefined,
|
|
38
|
+
domain,
|
|
39
|
+
certificate: certificate || this.acmCertificate
|
|
40
|
+
? pulumi.output(certificate !== null && certificate !== void 0 ? certificate : this.acmCertificate.certificate)
|
|
41
|
+
: undefined,
|
|
42
|
+
certificateValidation: this.acmCertificate
|
|
43
|
+
? this.acmCertificate.certificateValidation
|
|
44
|
+
: undefined,
|
|
45
|
+
defaultRootObject,
|
|
46
|
+
tags,
|
|
47
|
+
});
|
|
48
|
+
if (hasCustomDomain && hostedZoneId) {
|
|
49
|
+
this.createAliasRecord({ hostedZoneId });
|
|
50
|
+
}
|
|
51
|
+
this.registerOutputs();
|
|
52
|
+
}
|
|
53
|
+
createDistributionOrigins(behaviors) {
|
|
54
|
+
return pulumi.output(behaviors).apply(entries => {
|
|
55
|
+
const origins = entries.map(it => {
|
|
56
|
+
var _a;
|
|
57
|
+
if (isS3BehaviorType(it)) {
|
|
58
|
+
return getOriginWithDefaults({
|
|
59
|
+
originId: it.bucket.arn,
|
|
60
|
+
domainName: it.websiteConfig.websiteEndpoint,
|
|
61
|
+
customOriginConfig: {
|
|
62
|
+
originProtocolPolicy: 'http-only',
|
|
63
|
+
},
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
else if (isLbBehaviorType(it)) {
|
|
67
|
+
return getOriginWithDefaults({
|
|
68
|
+
originId: it.loadBalancer.arn,
|
|
69
|
+
domainName: (_a = it.dnsName) !== null && _a !== void 0 ? _a : it.loadBalancer.dnsName,
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
else if (isCustomBehaviorType(it)) {
|
|
73
|
+
return getOriginWithDefaults({
|
|
74
|
+
originId: it.originId,
|
|
75
|
+
domainName: it.domainName,
|
|
76
|
+
customOriginConfig: Object.assign({}, (it.originProtocolPolicy
|
|
77
|
+
? { originProtocolPolicy: it.originProtocolPolicy }
|
|
78
|
+
: undefined)),
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
else {
|
|
82
|
+
throw new Error('Unknown CloudFront behavior encountered during mapping to distribution origins.');
|
|
83
|
+
}
|
|
84
|
+
});
|
|
85
|
+
// Remove duplicates, keeps the last occurrence of the origin
|
|
86
|
+
return [...new Map(origins.map(it => [it.originId, it])).values()];
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
getCacheBehavior(behavior) {
|
|
90
|
+
var _a, _b, _c, _d, _e;
|
|
91
|
+
const isDefault = isDefaultBehavior(behavior);
|
|
92
|
+
const getStrategyName = (backend) => `${this.name}-${backend}-${isDefault ? 'default' : 'ordered'}-cache-strategy`;
|
|
93
|
+
if (isS3BehaviorType(behavior)) {
|
|
94
|
+
const strategy = new s3_cache_strategy_1.S3CacheStrategy(getStrategyName('s3'), { pathPattern: behavior.pathPattern, bucket: behavior.bucket }, { parent: this });
|
|
95
|
+
return strategy.config;
|
|
96
|
+
}
|
|
97
|
+
else if (isLbBehaviorType(behavior)) {
|
|
98
|
+
const strategy = new lb_cache_strategy_1.LbCacheStrategy(getStrategyName('lb'), {
|
|
99
|
+
pathPattern: behavior.pathPattern,
|
|
100
|
+
loadBalancer: behavior.loadBalancer,
|
|
101
|
+
}, { parent: this });
|
|
102
|
+
return strategy.config;
|
|
103
|
+
}
|
|
104
|
+
else if (isCustomBehaviorType(behavior)) {
|
|
105
|
+
return Object.assign(Object.assign({ targetOriginId: behavior.originId, allowedMethods: (_a = behavior.allowedMethods) !== null && _a !== void 0 ? _a : [
|
|
106
|
+
'GET',
|
|
107
|
+
'HEAD',
|
|
108
|
+
'OPTIONS',
|
|
109
|
+
'PUT',
|
|
110
|
+
'POST',
|
|
111
|
+
'PATCH',
|
|
112
|
+
'DELETE',
|
|
113
|
+
], cachedMethods: (_b = behavior.cachedMethods) !== null && _b !== void 0 ? _b : ['GET', 'HEAD'] }, (behavior.compress != null && { compress: behavior.compress })), { viewerProtocolPolicy: 'redirect-to-https', cachePolicyId: (_c = behavior.cachePolicyId) !== null && _c !== void 0 ? _c : aws.cloudfront
|
|
114
|
+
.getCachePolicyOutput({ name: 'Managed-CachingDisabled' })
|
|
115
|
+
.apply(p => p.id), originRequestPolicyId: (_d = behavior.originRequestPolicyId) !== null && _d !== void 0 ? _d : aws.cloudfront
|
|
116
|
+
.getOriginRequestPolicyOutput({
|
|
117
|
+
name: 'Managed-AllViewerExceptHostHeader',
|
|
118
|
+
})
|
|
119
|
+
.apply(p => p.id), responseHeadersPolicyId: (_e = behavior.responseHeadersPolicyId) !== null && _e !== void 0 ? _e : aws.cloudfront
|
|
120
|
+
.getResponseHeadersPolicyOutput({
|
|
121
|
+
name: 'Managed-SecurityHeadersPolicy',
|
|
122
|
+
})
|
|
123
|
+
.apply(p => p.id) });
|
|
124
|
+
}
|
|
125
|
+
else {
|
|
126
|
+
throw new Error('Unknown CloudFront behavior encountered during mapping to distribution cache behaviors.');
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
createCertificate({ domain, hostedZoneId, }) {
|
|
130
|
+
return new acm_certificate_1.AcmCertificate(`${domain}-acm-certificate`, {
|
|
131
|
+
domain,
|
|
132
|
+
hostedZoneId,
|
|
133
|
+
region: 'us-east-1', // CF requires certificates to be in this region
|
|
134
|
+
}, { parent: this });
|
|
135
|
+
}
|
|
136
|
+
createDistribution({ origins, defaultCache, orderedCaches, domain, certificate, certificateValidation, defaultRootObject, tags, }) {
|
|
137
|
+
return new aws.cloudfront.Distribution(`${this.name}-distribution`, Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({ enabled: true, isIpv6Enabled: true, waitForDeployment: true, httpVersion: 'http2and3' }, (defaultRootObject && { defaultRootObject })), (certificate
|
|
138
|
+
? {
|
|
139
|
+
aliases: domain
|
|
140
|
+
? [domain]
|
|
141
|
+
: pulumi
|
|
142
|
+
.all([
|
|
143
|
+
certificate.domainName,
|
|
144
|
+
certificate.subjectAlternativeNames,
|
|
145
|
+
])
|
|
146
|
+
.apply(([dn, sans = []]) => [...new Set([dn, ...sans])]),
|
|
147
|
+
viewerCertificate: {
|
|
148
|
+
acmCertificateArn: certificate.arn,
|
|
149
|
+
sslSupportMethod: 'sni-only',
|
|
150
|
+
minimumProtocolVersion: 'TLSv1.2_2021',
|
|
151
|
+
},
|
|
152
|
+
}
|
|
153
|
+
: {
|
|
154
|
+
viewerCertificate: {
|
|
155
|
+
cloudfrontDefaultCertificate: true,
|
|
156
|
+
},
|
|
157
|
+
})), { origins, defaultCacheBehavior: defaultCache }), (orderedCaches && { orderedCacheBehaviors: orderedCaches })), { priceClass: 'PriceClass_100', restrictions: {
|
|
158
|
+
geoRestriction: { restrictionType: 'none' },
|
|
159
|
+
}, tags: Object.assign(Object.assign({}, common_tags_1.commonTags), tags) }), Object.assign({ parent: this, aliases: [{ name: `${this.name}-cloudfront` }] }, (certificateValidation
|
|
160
|
+
? { dependsOn: [certificateValidation] }
|
|
161
|
+
: undefined)));
|
|
162
|
+
}
|
|
163
|
+
createAliasRecord({ hostedZoneId, }) {
|
|
164
|
+
return this.distribution.aliases.apply(aliases => aliases === null || aliases === void 0 ? void 0 : aliases.map((alias, index) => new aws.route53.Record(`${this.name}-cloudfront-alias-record-${index}`, {
|
|
165
|
+
type: 'A',
|
|
166
|
+
name: alias,
|
|
167
|
+
zoneId: hostedZoneId,
|
|
168
|
+
aliases: [
|
|
169
|
+
{
|
|
170
|
+
name: this.distribution.domainName,
|
|
171
|
+
zoneId: this.distribution.hostedZoneId,
|
|
172
|
+
evaluateTargetHealth: true,
|
|
173
|
+
},
|
|
174
|
+
],
|
|
175
|
+
}, {
|
|
176
|
+
parent: this,
|
|
177
|
+
aliases: [{ name: `${this.name}-cdn-route53-record` }],
|
|
178
|
+
})));
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
exports.CloudFront = CloudFront;
|
|
182
|
+
(function (CloudFront) {
|
|
183
|
+
let BehaviorType;
|
|
184
|
+
(function (BehaviorType) {
|
|
185
|
+
BehaviorType["S3"] = "s3";
|
|
186
|
+
BehaviorType["LB"] = "lb";
|
|
187
|
+
BehaviorType["CUSTOM"] = "custom";
|
|
188
|
+
})(BehaviorType = CloudFront.BehaviorType || (CloudFront.BehaviorType = {}));
|
|
189
|
+
})(CloudFront || (exports.CloudFront = CloudFront = {}));
|
|
190
|
+
function isDefaultBehavior(value) {
|
|
191
|
+
return value.pathPattern === '*' || value.pathPattern === '/*';
|
|
192
|
+
}
|
|
193
|
+
function isS3BehaviorType(value) {
|
|
194
|
+
return value.type === CloudFront.BehaviorType.S3;
|
|
195
|
+
}
|
|
196
|
+
function isLbBehaviorType(value) {
|
|
197
|
+
return value.type === CloudFront.BehaviorType.LB;
|
|
198
|
+
}
|
|
199
|
+
function isCustomBehaviorType(value) {
|
|
200
|
+
return value.type === CloudFront.BehaviorType.CUSTOM;
|
|
201
|
+
}
|
|
202
|
+
function getOriginWithDefaults({ originId, domainName, customOriginConfig, }) {
|
|
203
|
+
return {
|
|
204
|
+
originId,
|
|
205
|
+
domainName,
|
|
206
|
+
customOriginConfig: Object.assign({ originProtocolPolicy: 'https-only', httpPort: 80, httpsPort: 443, originSslProtocols: ['TLSv1.2'] }, customOriginConfig),
|
|
207
|
+
};
|
|
208
|
+
}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import * as aws from '@pulumi/aws-v7';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
import { CacheStrategy } from './types';
|
|
4
|
+
export declare namespace LbCacheStrategy {
|
|
5
|
+
type Args = {
|
|
6
|
+
pathPattern: string;
|
|
7
|
+
loadBalancer: pulumi.Input<aws.lb.LoadBalancer>;
|
|
8
|
+
};
|
|
9
|
+
}
|
|
10
|
+
export declare class LbCacheStrategy extends pulumi.ComponentResource implements CacheStrategy {
|
|
11
|
+
name: string;
|
|
12
|
+
pathPattern: string;
|
|
13
|
+
config: aws.types.input.cloudfront.DistributionDefaultCacheBehavior;
|
|
14
|
+
cachePolicy: aws.cloudfront.CachePolicy;
|
|
15
|
+
responseHeadersPolicy: aws.cloudfront.ResponseHeadersPolicy;
|
|
16
|
+
constructor(name: string, args: LbCacheStrategy.Args, opts?: pulumi.ComponentResourceOptions);
|
|
17
|
+
private createCachePolicy;
|
|
18
|
+
private createResponseHeadersPolicy;
|
|
19
|
+
getPathConfig(): aws.types.input.cloudfront.DistributionOrderedCacheBehavior;
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=lb-cache-strategy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"lb-cache-strategy.d.ts","sourceRoot":"","sources":["../../../src/components/cloudfront/lb-cache-strategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,yBAAiB,eAAe,CAAC;IAC/B,KAAY,IAAI,GAAG;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC;KACjD,CAAC;CACH;AAED,qBAAa,eACX,SAAQ,MAAM,CAAC,iBACf,YAAW,aAAa;IAExB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC,CAAC;IACpE,WAAW,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC;IACxC,qBAAqB,EAAE,GAAG,CAAC,UAAU,CAAC,qBAAqB,CAAC;gBAG1D,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,eAAe,CAAC,IAAI,EAC1B,IAAI,GAAE,MAAM,CAAC,wBAA6B;IAoC5C,OAAO,CAAC,iBAAiB;IAyBzB,OAAO,CAAC,2BAA2B;IAsC5B,aAAa,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC;CAMpF"}
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LbCacheStrategy = void 0;
|
|
4
|
+
const aws = require("@pulumi/aws-v7");
|
|
5
|
+
const pulumi = require("@pulumi/pulumi");
|
|
6
|
+
class LbCacheStrategy extends pulumi.ComponentResource {
|
|
7
|
+
constructor(name, args, opts = {}) {
|
|
8
|
+
super('studion:cloudfront:LbCacheStrategy', name, args, opts);
|
|
9
|
+
this.name = name;
|
|
10
|
+
const { pathPattern, loadBalancer } = args;
|
|
11
|
+
this.pathPattern = pathPattern;
|
|
12
|
+
this.cachePolicy = this.createCachePolicy();
|
|
13
|
+
this.responseHeadersPolicy = this.createResponseHeadersPolicy();
|
|
14
|
+
this.config = {
|
|
15
|
+
targetOriginId: pulumi.output(loadBalancer).apply(lb => lb.arn),
|
|
16
|
+
viewerProtocolPolicy: 'redirect-to-https',
|
|
17
|
+
allowedMethods: [
|
|
18
|
+
'GET',
|
|
19
|
+
'HEAD',
|
|
20
|
+
'OPTIONS',
|
|
21
|
+
'PUT',
|
|
22
|
+
'POST',
|
|
23
|
+
'PATCH',
|
|
24
|
+
'DELETE',
|
|
25
|
+
],
|
|
26
|
+
cachedMethods: ['GET', 'HEAD', 'OPTIONS'],
|
|
27
|
+
compress: true,
|
|
28
|
+
cachePolicyId: this.cachePolicy.id,
|
|
29
|
+
originRequestPolicyId: aws.cloudfront
|
|
30
|
+
.getOriginRequestPolicyOutput({ name: 'Managed-AllViewer' })
|
|
31
|
+
.apply(policy => policy.id),
|
|
32
|
+
responseHeadersPolicyId: this.responseHeadersPolicy.id,
|
|
33
|
+
};
|
|
34
|
+
this.registerOutputs();
|
|
35
|
+
}
|
|
36
|
+
createCachePolicy() {
|
|
37
|
+
return new aws.cloudfront.CachePolicy(`${this.name}-cache-policy`, {
|
|
38
|
+
defaultTtl: 0,
|
|
39
|
+
minTtl: 0,
|
|
40
|
+
maxTtl: 3600, // 1 hour
|
|
41
|
+
parametersInCacheKeyAndForwardedToOrigin: {
|
|
42
|
+
cookiesConfig: {
|
|
43
|
+
cookieBehavior: 'none',
|
|
44
|
+
},
|
|
45
|
+
headersConfig: {
|
|
46
|
+
headerBehavior: 'none',
|
|
47
|
+
},
|
|
48
|
+
queryStringsConfig: {
|
|
49
|
+
queryStringBehavior: 'all',
|
|
50
|
+
},
|
|
51
|
+
enableAcceptEncodingGzip: true,
|
|
52
|
+
enableAcceptEncodingBrotli: true,
|
|
53
|
+
},
|
|
54
|
+
}, { parent: this });
|
|
55
|
+
}
|
|
56
|
+
createResponseHeadersPolicy() {
|
|
57
|
+
return new aws.cloudfront.ResponseHeadersPolicy(`${this.name}-res-headers-policy`, {
|
|
58
|
+
customHeadersConfig: {
|
|
59
|
+
items: [
|
|
60
|
+
{
|
|
61
|
+
header: 'Cache-Control',
|
|
62
|
+
value: 'no-store',
|
|
63
|
+
override: false,
|
|
64
|
+
},
|
|
65
|
+
],
|
|
66
|
+
},
|
|
67
|
+
securityHeadersConfig: {
|
|
68
|
+
contentTypeOptions: {
|
|
69
|
+
override: true,
|
|
70
|
+
},
|
|
71
|
+
frameOptions: {
|
|
72
|
+
frameOption: 'SAMEORIGIN',
|
|
73
|
+
override: false,
|
|
74
|
+
},
|
|
75
|
+
referrerPolicy: {
|
|
76
|
+
referrerPolicy: 'strict-origin-when-cross-origin',
|
|
77
|
+
override: false,
|
|
78
|
+
},
|
|
79
|
+
// instruct browsers to only use HTTPS
|
|
80
|
+
strictTransportSecurity: {
|
|
81
|
+
accessControlMaxAgeSec: 31536000, // 1 year
|
|
82
|
+
includeSubdomains: true,
|
|
83
|
+
preload: true,
|
|
84
|
+
override: true,
|
|
85
|
+
},
|
|
86
|
+
},
|
|
87
|
+
}, { parent: this });
|
|
88
|
+
}
|
|
89
|
+
getPathConfig() {
|
|
90
|
+
return Object.assign({ pathPattern: this.pathPattern }, this.config);
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
exports.LbCacheStrategy = LbCacheStrategy;
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import * as aws from '@pulumi/aws-v7';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
import { CacheStrategy } from './types';
|
|
4
|
+
export declare namespace S3CacheStrategy {
|
|
5
|
+
type Args = {
|
|
6
|
+
pathPattern: string;
|
|
7
|
+
bucket: pulumi.Input<aws.s3.Bucket>;
|
|
8
|
+
};
|
|
9
|
+
}
|
|
10
|
+
export declare class S3CacheStrategy extends pulumi.ComponentResource implements CacheStrategy {
|
|
11
|
+
name: string;
|
|
12
|
+
pathPattern: string;
|
|
13
|
+
config: aws.types.input.cloudfront.DistributionDefaultCacheBehavior;
|
|
14
|
+
cachePolicy: aws.cloudfront.CachePolicy;
|
|
15
|
+
responseHeadersPolicy: aws.cloudfront.ResponseHeadersPolicy;
|
|
16
|
+
constructor(name: string, args: S3CacheStrategy.Args, opts?: pulumi.ComponentResourceOptions);
|
|
17
|
+
private createCachePolicy;
|
|
18
|
+
private createResponseHeadersPolicy;
|
|
19
|
+
getPathConfig(): aws.types.input.cloudfront.DistributionOrderedCacheBehavior;
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=s3-cache-strategy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"s3-cache-strategy.d.ts","sourceRoot":"","sources":["../../../src/components/cloudfront/s3-cache-strategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,yBAAiB,eAAe,CAAC;IAC/B,KAAY,IAAI,GAAG;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;KACrC,CAAC;CACH;AAED,qBAAa,eACX,SAAQ,MAAM,CAAC,iBACf,YAAW,aAAa;IAExB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC,CAAC;IACpE,WAAW,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC;IACxC,qBAAqB,EAAE,GAAG,CAAC,UAAU,CAAC,qBAAqB,CAAC;gBAG1D,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,eAAe,CAAC,IAAI,EAC1B,IAAI,GAAE,MAAM,CAAC,wBAA6B;IAyB5C,OAAO,CAAC,iBAAiB;IAyBzB,OAAO,CAAC,2BAA2B;IAkCnC,aAAa,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC;CAM7E"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.S3CacheStrategy = void 0;
|
|
4
|
+
const aws = require("@pulumi/aws-v7");
|
|
5
|
+
const pulumi = require("@pulumi/pulumi");
|
|
6
|
+
class S3CacheStrategy extends pulumi.ComponentResource {
|
|
7
|
+
constructor(name, args, opts = {}) {
|
|
8
|
+
super('studion:cloudfront:S3CacheStrategy', name, args, opts);
|
|
9
|
+
this.name = name;
|
|
10
|
+
const { pathPattern, bucket } = args;
|
|
11
|
+
this.pathPattern = pathPattern;
|
|
12
|
+
this.cachePolicy = this.createCachePolicy();
|
|
13
|
+
this.responseHeadersPolicy = this.createResponseHeadersPolicy();
|
|
14
|
+
this.config = {
|
|
15
|
+
targetOriginId: pulumi.output(bucket).apply(b => b.arn),
|
|
16
|
+
viewerProtocolPolicy: 'redirect-to-https',
|
|
17
|
+
allowedMethods: ['GET', 'HEAD'],
|
|
18
|
+
cachedMethods: ['GET', 'HEAD'],
|
|
19
|
+
compress: true,
|
|
20
|
+
cachePolicyId: this.cachePolicy.id,
|
|
21
|
+
responseHeadersPolicyId: this.responseHeadersPolicy.id,
|
|
22
|
+
};
|
|
23
|
+
this.registerOutputs();
|
|
24
|
+
}
|
|
25
|
+
createCachePolicy() {
|
|
26
|
+
return new aws.cloudfront.CachePolicy(`${this.name}-cache-policy`, {
|
|
27
|
+
defaultTtl: 86400, // 1 day
|
|
28
|
+
minTtl: 60, // 1 minute
|
|
29
|
+
maxTtl: 31536000, // 1 year
|
|
30
|
+
parametersInCacheKeyAndForwardedToOrigin: {
|
|
31
|
+
cookiesConfig: {
|
|
32
|
+
cookieBehavior: 'none',
|
|
33
|
+
},
|
|
34
|
+
headersConfig: {
|
|
35
|
+
headerBehavior: 'none',
|
|
36
|
+
},
|
|
37
|
+
queryStringsConfig: {
|
|
38
|
+
queryStringBehavior: 'none',
|
|
39
|
+
},
|
|
40
|
+
enableAcceptEncodingGzip: true,
|
|
41
|
+
enableAcceptEncodingBrotli: true,
|
|
42
|
+
},
|
|
43
|
+
}, { parent: this });
|
|
44
|
+
}
|
|
45
|
+
createResponseHeadersPolicy() {
|
|
46
|
+
return new aws.cloudfront.ResponseHeadersPolicy(`${this.name}-res-headers-policy`, {
|
|
47
|
+
customHeadersConfig: {
|
|
48
|
+
items: [
|
|
49
|
+
{
|
|
50
|
+
header: 'Cache-Control',
|
|
51
|
+
value: 'no-cache',
|
|
52
|
+
override: false,
|
|
53
|
+
},
|
|
54
|
+
],
|
|
55
|
+
},
|
|
56
|
+
securityHeadersConfig: {
|
|
57
|
+
contentTypeOptions: {
|
|
58
|
+
override: true,
|
|
59
|
+
},
|
|
60
|
+
frameOptions: {
|
|
61
|
+
frameOption: 'DENY',
|
|
62
|
+
override: true,
|
|
63
|
+
},
|
|
64
|
+
// instruct browsers to only use HTTPS
|
|
65
|
+
strictTransportSecurity: {
|
|
66
|
+
accessControlMaxAgeSec: 31536000, // 1 year
|
|
67
|
+
includeSubdomains: true,
|
|
68
|
+
preload: true,
|
|
69
|
+
override: true,
|
|
70
|
+
},
|
|
71
|
+
},
|
|
72
|
+
}, { parent: this });
|
|
73
|
+
}
|
|
74
|
+
getPathConfig() {
|
|
75
|
+
return Object.assign({ pathPattern: this.pathPattern }, this.config);
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
exports.S3CacheStrategy = S3CacheStrategy;
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import * as aws from '@pulumi/aws-v7';
|
|
2
|
+
export interface CacheStrategy {
|
|
3
|
+
pathPattern: string;
|
|
4
|
+
config: aws.types.input.cloudfront.DistributionDefaultCacheBehavior;
|
|
5
|
+
cachePolicy: aws.cloudfront.CachePolicy;
|
|
6
|
+
originRequestPolicy?: aws.cloudfront.OriginRequestPolicy;
|
|
7
|
+
responseHeadersPolicy?: aws.cloudfront.ResponseHeadersPolicy;
|
|
8
|
+
getPathConfig: () => aws.types.input.cloudfront.DistributionOrderedCacheBehavior;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/components/cloudfront/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AAEtC,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC,CAAC;IACpE,WAAW,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC;IACxC,mBAAmB,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;IACzD,qBAAqB,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,qBAAqB,CAAC;IAC7D,aAAa,EAAE,MAAM,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,gCAAgC,CAAC;CAClF"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { Database } from '.';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
export declare class DatabaseBuilder {
|
|
4
|
+
private name;
|
|
5
|
+
private instanceConfig?;
|
|
6
|
+
private credentialsConfig?;
|
|
7
|
+
private storageConfig?;
|
|
8
|
+
private vpc?;
|
|
9
|
+
private enableMonitoring?;
|
|
10
|
+
private snapshotIdentifier?;
|
|
11
|
+
private kmsKeyId?;
|
|
12
|
+
private parameterGroupName?;
|
|
13
|
+
private tags?;
|
|
14
|
+
private createReplica?;
|
|
15
|
+
private replicaConfig?;
|
|
16
|
+
private enableSSMConnect?;
|
|
17
|
+
private ssmConnectConfig?;
|
|
18
|
+
constructor(name: string);
|
|
19
|
+
withInstance(instanceConfig?: Database.Instance): this;
|
|
20
|
+
withCredentials(credentialsConfig?: Database.Credentials): this;
|
|
21
|
+
withStorage(storageConfig?: Database.Storage): this;
|
|
22
|
+
withVpc(vpc: Database.Args['vpc']): this;
|
|
23
|
+
withMonitoring(): this;
|
|
24
|
+
withSnapshot(snapshotIdentifier: Database.Args['snapshotIdentifier']): this;
|
|
25
|
+
withKms(kmsKeyId: Database.Args['kmsKeyId']): this;
|
|
26
|
+
withParameterGroup(parameterGroupName: Database.Args['parameterGroupName']): this;
|
|
27
|
+
withTags(tags: Database.Args['tags']): this;
|
|
28
|
+
withReplica(replicaConfig?: Database.Args['replicaConfig']): this;
|
|
29
|
+
withSSMConnect(ssmConnectConfig?: Database.Args['ssmConnectConfig']): this;
|
|
30
|
+
build(opts?: pulumi.ComponentResourceOptions): Database;
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=builder.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"builder.d.ts","sourceRoot":"","sources":["../../../src/components/database/builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,CAAC;AAC7B,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAEzC,qBAAa,eAAe;IAC1B,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,cAAc,CAAC,CAAoB;IAC3C,OAAO,CAAC,iBAAiB,CAAC,CAAuB;IACjD,OAAO,CAAC,aAAa,CAAC,CAAmB;IACzC,OAAO,CAAC,GAAG,CAAC,CAAuB;IACnC,OAAO,CAAC,gBAAgB,CAAC,CAAoC;IAC7D,OAAO,CAAC,kBAAkB,CAAC,CAAsC;IACjE,OAAO,CAAC,QAAQ,CAAC,CAA4B;IAC7C,OAAO,CAAC,kBAAkB,CAAC,CAAsC;IACjE,OAAO,CAAC,IAAI,CAAC,CAAwB;IACrC,OAAO,CAAC,aAAa,CAAC,CAAiC;IACvD,OAAO,CAAC,aAAa,CAAC,CAAiC;IACvD,OAAO,CAAC,gBAAgB,CAAC,CAAoC;IAC7D,OAAO,CAAC,gBAAgB,CAAC,CAAoC;gBAEjD,IAAI,EAAE,MAAM;IAIjB,YAAY,CAAC,cAAc,GAAE,QAAQ,CAAC,QAAa,GAAG,IAAI;IAM1D,eAAe,CAAC,iBAAiB,GAAE,QAAQ,CAAC,WAAgB,GAAG,IAAI;IAMnE,WAAW,CAAC,aAAa,GAAE,QAAQ,CAAC,OAAY,GAAG,IAAI;IAMvD,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI;IAMxC,cAAc,IAAI,IAAI;IAMtB,YAAY,CACjB,kBAAkB,EAAE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,GACtD,IAAI;IAMA,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI;IAMlD,kBAAkB,CACvB,kBAAkB,EAAE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,GACtD,IAAI;IAMA,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI;IAM3C,WAAW,CAAC,aAAa,GAAE,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAM,GAAG,IAAI;IAOrE,cAAc,CACnB,gBAAgB,GAAE,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAM;IAQnD,KAAK,CAAC,IAAI,GAAE,MAAM,CAAC,wBAA6B,GAAG,QAAQ;CAwDnE"}
|