@teaminabottle/domain-cdk-packer 0.1.0

package/dist/constructs/subscriber-construct.d.ts

@@ -0,0 +1,30 @@
+import * as events from 'aws-cdk-lib/aws-events';
+import { Construct } from 'constructs';
+import { LambdaFactory } from '../lambda-factory.js';
+import { IamPolicyBuilder } from '../iam/iam-policy-builder.js';
+import type { DomainRegistry } from '../registry.js';
+/**
+ * Configuration properties for SubscriberConstruct.
+ */
+export interface SubscriberConstructProps {
+    /** Domain registry containing all subscriber entries. */
+    registry: DomainRegistry;
+    /** Factory for creating Lambda functions from registry entries. */
+    lambdaFactory: LambdaFactory;
+    /** IAM policy builder for granting permissions to Lambda roles. */
+    iamBuilder: IamPolicyBuilder;
+    /** EventBridge event bus for routing subscriber events. */
+    eventBus: events.IEventBus;
+}
+/**
+ * CDK Construct that synthesises Lambda + SQS + EventBridge rule per registered subscriber.
+ */
+export declare class SubscriberConstruct extends Construct {
+    /**
+     * Create a new SubscriberConstruct instance.
+     * @param scope - Parent CDK scope.
+     * @param id - Construct identifier.
+     * @param props - Construct properties.
+     */
+    constructor(scope: Construct, id: string, props: SubscriberConstructProps);
+}

package/dist/constructs/subscriber-construct.js

@@ -0,0 +1,63 @@
+import * as cdk from 'aws-cdk-lib';
+import * as sqs from 'aws-cdk-lib/aws-sqs';
+import * as events from 'aws-cdk-lib/aws-events';
+import * as eventsTargets from 'aws-cdk-lib/aws-events-targets';
+import * as lambdaEventSources from 'aws-cdk-lib/aws-lambda-event-sources';
+import { Construct } from 'constructs';
+/**
+ * CDK Construct that synthesises Lambda + SQS + EventBridge rule per registered subscriber.
+ */
+export class SubscriberConstruct extends Construct {
+    /**
+     * Create a new SubscriberConstruct instance.
+     * @param scope - Parent CDK scope.
+     * @param id - Construct identifier.
+     * @param props - Construct properties.
+     */
+    constructor(scope, id, props) {
+        super(scope, id);
+        for (const entry of props.registry.subscribers) {
+            const pascalId = toPascalCase(entry.id);
+            // Create dead-letter queue
+            const dlq = new sqs.Queue(this, `${pascalId}Dlq`, {
+                retentionPeriod: cdk.Duration.days(14),
+            });
+            // Create main queue with dead-letter queue configuration
+            const queue = new sqs.Queue(this, `${pascalId}Queue`, {
+                visibilityTimeout: cdk.Duration.seconds(180),
+                deadLetterQueue: {
+                    queue: dlq,
+                    maxReceiveCount: 3,
+                },
+            });
+            // Create Lambda function from registry entry
+            const fn = props.lambdaFactory.createFunction(entry, entry.deployment);
+            // Add IAM policies for SQS access
+            props.iamBuilder.forSubscriber({ queueArn: queue.queueArn, dlqArn: dlq.queueArn }).forEach((statement) => {
+                fn.addToRolePolicy(statement);
+            });
+            // Add SQS as event source for Lambda
+            fn.addEventSource(new lambdaEventSources.SqsEventSource(queue, {
+                batchSize: 10,
+                maxConcurrency: entry.concurrency ?? 5,
+            }));
+            // Create EventBridge rule targeting SQS queue
+            new events.Rule(this, `${pascalId}Rule`, {
+                eventBus: props.eventBus,
+                eventPattern: { detailType: [entry.event] },
+                targets: [new eventsTargets.SqsQueue(queue)],
+            });
+        }
+    }
+}
+/**
+ * Convert kebab-case or snake_case string to PascalCase.
+ * @param s - Input string.
+ * @returns PascalCase string.
+ */
+function toPascalCase(s) {
+    return s
+        .split(/[-_]/)
+        .map((segment) => segment.charAt(0).toUpperCase() + segment.slice(1))
+        .join('');
+}

package/dist/constructs/webhook-construct.d.ts

@@ -0,0 +1,33 @@
+import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
+import * as apigwv2 from 'aws-cdk-lib/aws-apigatewayv2';
+import { Construct } from 'constructs';
+import { LambdaFactory } from '../lambda-factory.js';
+import { IamPolicyBuilder } from '../iam/iam-policy-builder.js';
+import type { DomainRegistry } from '../registry.js';
+/**
+ * Configuration properties for WebhookConstruct.
+ */
+export interface WebhookConstructProps {
+    /** Domain registry containing all webhook entries. */
+    registry: DomainRegistry;
+    /** Shared HttpApi to route requests to Lambdas. */
+    httpApi: apigwv2.HttpApi;
+    /** Factory for creating Lambda functions from registry entries. */
+    lambdaFactory: LambdaFactory;
+    /** IAM policy builder for granting permissions to Lambda roles. */
+    iamBuilder: IamPolicyBuilder;
+}
+/**
+ * CDK Construct that synthesises one Lambda per registered webhook, one shared DynamoDB dedupe table, and adds webhook routes to the HttpApi.
+ */
+export declare class WebhookConstruct extends Construct {
+    /** Shared webhook deduplication table. */
+    readonly dedupeTable: dynamodb.Table;
+    /**
+     * Create a new WebhookConstruct instance.
+     * @param scope - Parent CDK scope.
+     * @param id - Construct identifier.
+     * @param props - Construct properties.
+     */
+    constructor(scope: Construct, id: string, props: WebhookConstructProps);
+}

package/dist/constructs/webhook-construct.js

@@ -0,0 +1,50 @@
+import * as cdk from 'aws-cdk-lib';
+import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
+import * as apigwv2 from 'aws-cdk-lib/aws-apigatewayv2';
+import * as apigwv2integrations from 'aws-cdk-lib/aws-apigatewayv2-integrations';
+import { Construct } from 'constructs';
+/**
+ * CDK Construct that synthesises one Lambda per registered webhook, one shared DynamoDB dedupe table, and adds webhook routes to the HttpApi.
+ */
+export class WebhookConstruct extends Construct {
+    /** Shared webhook deduplication table. */
+    dedupeTable;
+    /**
+     * Create a new WebhookConstruct instance.
+     * @param scope - Parent CDK scope.
+     * @param id - Construct identifier.
+     * @param props - Construct properties.
+     */
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.dedupeTable = new dynamodb.Table(this, 'DedupeTable', {
+            partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
+            billingMode: dynamodb.BillingMode.PAY_PER_REQUEST,
+            timeToLiveAttribute: 'expiresAt',
+            removalPolicy: cdk.RemovalPolicy.DESTROY,
+        });
+        for (const entry of props.registry.webhooks) {
+            const fn = props.lambdaFactory.createFunction(entry, entry.deployment);
+            props.iamBuilder.forWebhook({ dedupeTableArn: this.dedupeTable.tableArn }).forEach((statement) => {
+                fn.addToRolePolicy(statement);
+            });
+            this.dedupeTable.grantReadWriteData(fn);
+            props.httpApi.addRoutes({
+                path: entry.path,
+                methods: [apigwv2.HttpMethod.POST],
+                integration: new apigwv2integrations.HttpLambdaIntegration(`${id}${toPascalCase(entry.id)}Integration`, fn),
+            });
+        }
+    }
+}
+/**
+ * Convert kebab-case or snake_case string to PascalCase.
+ * @param s - Input string.
+ * @returns PascalCase string.
+ */
+function toPascalCase(s) {
+    return s
+        .split(/[-_]/)
+        .map((segment) => segment.charAt(0).toUpperCase() + segment.slice(1))
+        .join('');
+}

package/dist/flow-registry.d.ts

@@ -0,0 +1,78 @@
+/** Plain JSON-serialisable mirror of FlowStep types from domain-runtime. */
+export interface SerialDomainActionStep {
+    type: 'domain-action';
+    name: string;
+    domainId: string;
+    actionId: string;
+    parameters?: Record<string, unknown>;
+    next?: string;
+}
+export interface SerialDomainApiStep {
+    type: 'domain-api';
+    name: string;
+    domainId: string;
+    apiId: string;
+    parameters?: Record<string, unknown>;
+    next?: string;
+}
+export interface SerialDomainEventStep {
+    type: 'domain-event';
+    name: string;
+    eventId: string;
+    payload: Record<string, unknown>;
+    version: number;
+    next?: string;
+}
+export type SerialFlowControlStep = {
+    type: 'flow-control';
+    control: 'choice';
+    name: string;
+    choices: Array<{
+        when: string;
+        next: string;
+    }>;
+    default?: string;
+} | {
+    type: 'flow-control';
+    control: 'parallel';
+    name: string;
+    branches: SerialFlowStep[][];
+    next?: string;
+} | {
+    type: 'flow-control';
+    control: 'wait';
+    name: string;
+    seconds: number;
+    next?: string;
+} | {
+    type: 'flow-control';
+    control: 'succeed';
+    name: string;
+} | {
+    type: 'flow-control';
+    control: 'fail';
+    name: string;
+    cause?: string;
+    error?: string;
+} | {
+    type: 'flow-control';
+    control: 'pass';
+    name: string;
+    result?: unknown;
+    next?: string;
+};
+export type SerialFlowStep = SerialDomainActionStep | SerialDomainApiStep | SerialDomainEventStep | SerialFlowControlStep;
+export interface FlowRegistryEntry {
+    id: string;
+    name: string;
+    steps: SerialFlowStep[];
+    trigger?: {
+        type: 'event';
+        eventId: string;
+        semverRange: string;
+    };
+}
+export interface FlowRegistry {
+    schemaVersion: '1';
+    flows: FlowRegistryEntry[];
+}

package/dist/flow-registry.js

@@ -0,0 +1,2 @@
+/** Plain JSON-serialisable mirror of FlowStep types from domain-runtime. */
+export {};

package/dist/grouped-lambda-factory.d.ts

@@ -0,0 +1,34 @@
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+import { Construct } from 'constructs';
+/** Primitive types that can be grouped into a single Lambda. */
+export type PrimitiveType = 'api' | 'subscriber' | 'schedule' | 'job' | 'webhook' | 'action';
+/** A single handler entry within a grouped Lambda. */
+export interface HandlerEntry {
+    /** Unique handler ID within the domain + primitive type. */
+    id: string;
+    /** Path to the handler file relative to the domain's dist directory. */
+    handlerFile: string;
+}
+/** Props for creating grouped or dedicated Lambdas for a primitive type. */
+export interface GroupedLambdaProps {
+    /** Domain ID this Lambda belongs to. */
+    domainId: string;
+    /** The primitive type being handled (api, subscriber, etc.). */
+    primitiveType: PrimitiveType;
+    /** All handler entries for this primitive type within the domain. */
+    handlerEntries: HandlerEntry[];
+    /** Environment variables injected into the Lambda(s). */
+    environment: Record<string, string>;
+    /** ARN of the project-scoped EventBridge bus. */
+    eventBusArn: string;
+    /** When true, creates one dedicated Lambda per handler instead of a single grouped Lambda. */
+    dedicated?: boolean;
+}
+/**
+ * Creates either a single grouped Lambda (default) or per-handler dedicated Lambdas.
+ *
+ * Grouped Lambdas use an internal dispatch router: TIB_HANDLER_MAP lists all handler IDs,
+ * and the incoming event/request carries a handler ID to route to the correct function.
+ * When dedicated=true (escape hatch for hot/critical handlers), each handler gets its own Lambda.
+ */
+export declare function createGroupedLambdas(scope: Construct, props: GroupedLambdaProps): lambda.Function[];

package/dist/grouped-lambda-factory.js

@@ -0,0 +1,40 @@
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+import * as cdk from 'aws-cdk-lib';
+/**
+ * Creates either a single grouped Lambda (default) or per-handler dedicated Lambdas.
+ *
+ * Grouped Lambdas use an internal dispatch router: TIB_HANDLER_MAP lists all handler IDs,
+ * and the incoming event/request carries a handler ID to route to the correct function.
+ * When dedicated=true (escape hatch for hot/critical handlers), each handler gets its own Lambda.
+ */
+export function createGroupedLambdas(scope, props) {
+    if (props.dedicated) {
+        return props.handlerEntries.map(entry => new lambda.Function(scope, `${props.domainId}-${props.primitiveType}-${entry.id}`, {
+            runtime: lambda.Runtime.NODEJS_20_X,
+            handler: 'index.handler',
+            code: lambda.Code.fromAsset(`dist/domains/${props.domainId}/${props.primitiveType}/${entry.id}`),
+            environment: {
+                ...props.environment,
+                TIB_HANDLER_ID: entry.id,
+                TIB_EVENT_BUS_ARN: props.eventBusArn,
+            },
+            timeout: cdk.Duration.seconds(30),
+            memorySize: 256,
+        }));
+    }
+    // Single grouped Lambda — all handlers for this primitive type bundled together
+    return [
+        new lambda.Function(scope, `${props.domainId}-${props.primitiveType}`, {
+            runtime: lambda.Runtime.NODEJS_20_X,
+            handler: 'index.handler',
+            code: lambda.Code.fromAsset(`dist/domains/${props.domainId}/${props.primitiveType}`),
+            environment: {
+                ...props.environment,
+                TIB_HANDLER_MAP: JSON.stringify(props.handlerEntries.map(e => e.id)),
+                TIB_EVENT_BUS_ARN: props.eventBusArn,
+            },
+            timeout: cdk.Duration.seconds(30),
+            memorySize: 256,
+        }),
+    ];
+}

package/dist/iam/iam-policy-builder.d.ts

@@ -0,0 +1,64 @@
+import * as iam from 'aws-cdk-lib/aws-iam';
+import type { RegistryEntryKind } from '../registry.js';
+/**
+ * Parameters for webhook IAM policy construction.
+ */
+export interface WebhookPolicyParams {
+    /** ARN of the DynamoDB deduplication table. */
+    dedupeTableArn: string;
+}
+/**
+ * Parameters for queue-based IAM policy construction (subscriber and job).
+ */
+export interface QueuePolicyParams {
+    /** ARN of the SQS queue. */
+    queueArn: string;
+    /** ARN of the SQS dead-letter queue. */
+    dlqArn: string;
+}
+/**
+ * Generates least-privilege IAM policy statements per handler kind.
+ * Used by CDK constructs to build policies for Lambda execution roles.
+ */
+export declare class IamPolicyBuilder {
+    /**
+     * Returns IAM policy statements for API handlers.
+     * @returns Array of policy statements for Secrets Manager and EventBridge access.
+     */
+    forApi(): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements for webhook handlers.
+     * @param params - Webhook policy parameters including deduplication table ARN.
+     * @returns Array of policy statements for Secrets Manager, DynamoDB, and EventBridge access.
+     */
+    forWebhook(params: WebhookPolicyParams): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements for event subscriber handlers.
+     * @param params - Queue policy parameters including queue and dead-letter queue ARNs.
+     * @returns Array of policy statements for SQS message receive/delete and DLQ send access.
+     */
+    forSubscriber(params: QueuePolicyParams): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements for schedule (cron) handlers.
+     * @returns Array of policy statements for EventBridge and Secrets Manager access.
+     */
+    forSchedule(): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements for background job handlers.
+     * @param params - Queue policy parameters including queue and dead-letter queue ARNs.
+     * @returns Array of policy statements for SQS message receive/delete and DLQ send access.
+     */
+    forJob(params: QueuePolicyParams): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements for callable action handlers.
+     * @returns Array of policy statements for Secrets Manager access.
+     */
+    forAction(): iam.PolicyStatement[];
+    /**
+     * Returns IAM policy statements based on handler kind.
+     * @param kind - The registry entry kind discriminant.
+     * @param params - Optional parameters required for certain kinds (webhook, subscriber, job).
+     * @returns Array of policy statements appropriate for the handler kind.
+     */
+    forKind(kind: RegistryEntryKind, params?: WebhookPolicyParams | QueuePolicyParams): iam.PolicyStatement[];
+}

package/dist/iam/iam-policy-builder.js

@@ -0,0 +1,132 @@
+import * as iam from 'aws-cdk-lib/aws-iam';
+/**
+ * Generates least-privilege IAM policy statements per handler kind.
+ * Used by CDK constructs to build policies for Lambda execution roles.
+ */
+export class IamPolicyBuilder {
+    /**
+     * Returns IAM policy statements for API handlers.
+     * @returns Array of policy statements for Secrets Manager and EventBridge access.
+     */
+    forApi() {
+        return [
+            new iam.PolicyStatement({
+                actions: ['secretsmanager:GetSecretValue'],
+                resources: ['*'],
+            }),
+            new iam.PolicyStatement({
+                actions: ['events:PutEvents'],
+                resources: ['*'],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements for webhook handlers.
+     * @param params - Webhook policy parameters including deduplication table ARN.
+     * @returns Array of policy statements for Secrets Manager, DynamoDB, and EventBridge access.
+     */
+    forWebhook(params) {
+        return [
+            new iam.PolicyStatement({
+                actions: ['secretsmanager:GetSecretValue'],
+                resources: ['*'],
+            }),
+            new iam.PolicyStatement({
+                actions: ['dynamodb:PutItem', 'dynamodb:GetItem', 'dynamodb:DeleteItem'],
+                resources: [params.dedupeTableArn],
+            }),
+            new iam.PolicyStatement({
+                actions: ['events:PutEvents'],
+                resources: ['*'],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements for event subscriber handlers.
+     * @param params - Queue policy parameters including queue and dead-letter queue ARNs.
+     * @returns Array of policy statements for SQS message receive/delete and DLQ send access.
+     */
+    forSubscriber(params) {
+        return [
+            new iam.PolicyStatement({
+                actions: ['sqs:ReceiveMessage', 'sqs:DeleteMessage', 'sqs:GetQueueAttributes'],
+                resources: [params.queueArn],
+            }),
+            new iam.PolicyStatement({
+                actions: ['sqs:SendMessage'],
+                resources: [params.dlqArn],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements for schedule (cron) handlers.
+     * @returns Array of policy statements for EventBridge and Secrets Manager access.
+     */
+    forSchedule() {
+        return [
+            new iam.PolicyStatement({
+                actions: ['events:PutEvents'],
+                resources: ['*'],
+            }),
+            new iam.PolicyStatement({
+                actions: ['secretsmanager:GetSecretValue'],
+                resources: ['*'],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements for background job handlers.
+     * @param params - Queue policy parameters including queue and dead-letter queue ARNs.
+     * @returns Array of policy statements for SQS message receive/delete and DLQ send access.
+     */
+    forJob(params) {
+        return [
+            new iam.PolicyStatement({
+                actions: ['sqs:ReceiveMessage', 'sqs:DeleteMessage', 'sqs:GetQueueAttributes'],
+                resources: [params.queueArn],
+            }),
+            new iam.PolicyStatement({
+                actions: ['sqs:SendMessage'],
+                resources: [params.dlqArn],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements for callable action handlers.
+     * @returns Array of policy statements for Secrets Manager access.
+     */
+    forAction() {
+        return [
+            new iam.PolicyStatement({
+                actions: ['secretsmanager:GetSecretValue'],
+                resources: ['*'],
+            }),
+        ];
+    }
+    /**
+     * Returns IAM policy statements based on handler kind.
+     * @param kind - The registry entry kind discriminant.
+     * @param params - Optional parameters required for certain kinds (webhook, subscriber, job).
+     * @returns Array of policy statements appropriate for the handler kind.
+     */
+    forKind(kind, params) {
+        switch (kind) {
+            case 'integration':
+            case 'event':
+            case 'domain':
+                return [];
+            case 'webhook':
+                return this.forWebhook(params);
+            case 'subscriber':
+                return this.forSubscriber(params);
+            case 'job':
+                return this.forJob(params);
+            case 'api':
+                return this.forApi();
+            case 'schedule':
+                return this.forSchedule();
+            case 'action':
+                return this.forAction();
+        }
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,28 @@
+export type { DomainRegistry, RegistryEntry, RegistryEntryKind, BaseRegistryEntry, SerialDeploymentConfig, ApiRegistryEntry, WebhookRegistryEntry, SubscriberRegistryEntry, ScheduleRegistryEntry, JobRegistryEntry, ActionRegistryEntry, IntegrationRegistryEntry, EventRegistryEntry, DomainRegistryEntry, SchemaSnapshot, } from './registry.js';
+export { LambdaFactory } from './lambda-factory.js';
+export type { LambdaFactoryProps } from './lambda-factory.js';
+export { createGroupedLambdas } from './grouped-lambda-factory.js';
+export type { PrimitiveType, HandlerEntry, GroupedLambdaProps } from './grouped-lambda-factory.js';
+export { IamPolicyBuilder } from './iam/iam-policy-builder.js';
+export type { WebhookPolicyParams, QueuePolicyParams } from './iam/iam-policy-builder.js';
+export { ApiConstruct } from './constructs/api-construct.js';
+export type { ApiConstructProps } from './constructs/api-construct.js';
+export { WebhookConstruct } from './constructs/webhook-construct.js';
+export type { WebhookConstructProps } from './constructs/webhook-construct.js';
+export { SubscriberConstruct } from './constructs/subscriber-construct.js';
+export type { SubscriberConstructProps } from './constructs/subscriber-construct.js';
+export { ScheduleConstruct } from './constructs/schedule-construct.js';
+export type { ScheduleConstructProps } from './constructs/schedule-construct.js';
+export { JobConstruct } from './constructs/job-construct.js';
+export type { JobConstructProps } from './constructs/job-construct.js';
+export { ActionConstruct } from './constructs/action-construct.js';
+export type { ActionConstructProps } from './constructs/action-construct.js';
+export { DomainStack } from './DomainStack.js';
+export type { DomainStackProps } from './DomainStack.js';
+export { packDomain } from './pack-domain.js';
+export type { PackDomainOptions } from './pack-domain.js';
+export { StepFunctionsCodegen } from './step-functions-codegen.js';
+export type { DomainActionFlowNode, StepFunctionsTaskState } from './step-functions-codegen.js';
+export type { FlowRegistry, FlowRegistryEntry, SerialFlowStep, SerialDomainActionStep, SerialDomainApiStep, SerialDomainEventStep, SerialFlowControlStep } from './flow-registry.js';
+export { FlowsStack, packFlows } from './pack-flows.js';
+export type { PackFlowsOptions } from './pack-flows.js';

package/dist/index.js

@@ -0,0 +1,13 @@
+export { LambdaFactory } from './lambda-factory.js';
+export { createGroupedLambdas } from './grouped-lambda-factory.js';
+export { IamPolicyBuilder } from './iam/iam-policy-builder.js';
+export { ApiConstruct } from './constructs/api-construct.js';
+export { WebhookConstruct } from './constructs/webhook-construct.js';
+export { SubscriberConstruct } from './constructs/subscriber-construct.js';
+export { ScheduleConstruct } from './constructs/schedule-construct.js';
+export { JobConstruct } from './constructs/job-construct.js';
+export { ActionConstruct } from './constructs/action-construct.js';
+export { DomainStack } from './DomainStack.js';
+export { packDomain } from './pack-domain.js';
+export { StepFunctionsCodegen } from './step-functions-codegen.js';
+export { FlowsStack, packFlows } from './pack-flows.js';

package/dist/lambda-factory.d.ts

@@ -0,0 +1,46 @@
+import * as lambdaNode from 'aws-cdk-lib/aws-lambda-nodejs';
+import { Construct } from 'constructs';
+import type { BaseRegistryEntry, SerialDeploymentConfig, DomainRegistry } from './registry.js';
+/**
+ * Configuration properties for LambdaFactory.
+ */
+export interface LambdaFactoryProps {
+    /** Parent CDK scope */
+    scope: Construct;
+    /** Full domain registry */
+    registry: DomainRegistry;
+    /** Absolute path to domain root (= registry.domainRoot) */
+    domainRoot: string;
+    /** Extra env vars injected into all Lambdas */
+    sharedEnv?: Record<string, string>;
+}
+/**
+ * Factory for creating CDK NodejsFunction instances from domain registry entries with consistent defaults.
+ */
+export declare class LambdaFactory {
+    private scope;
+    private registry;
+    private domainRoot;
+    private sharedEnv?;
+    /**
+     * Create a new LambdaFactory instance.
+     * @param props - Factory configuration
+     */
+    constructor(props: LambdaFactoryProps);
+    /**
+     * Convert a kebab-case or snake_case string to PascalCase.
+     * @param s - Input string
+     * @returns PascalCase string
+     */
+    private toPascalCase;
+    /**
+     * Create a NodejsFunction from a registry entry.
+     * @param entry - Registry entry with handlerFile property
+     * @param overrides - Optional deployment configuration overrides
+     * @param extraEnv - Optional extra environment variables
+     * @returns Created NodejsFunction
+     */
+    createFunction(entry: BaseRegistryEntry & {
+        handlerFile: string;
+    }, overrides?: SerialDeploymentConfig, extraEnv?: Record<string, string>): lambdaNode.NodejsFunction;
+}