@ts-cloud/core 0.2.2 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (226) hide show
  1. package/dist/advanced-features.test.d.ts +1 -0
  2. package/dist/aws/cloudformation.d.ts +136 -0
  3. package/dist/aws/cloudfront.d.ts +45 -0
  4. package/dist/aws/credentials.d.ts +77 -0
  5. package/dist/aws/credentials.test.d.ts +4 -0
  6. package/dist/aws/index.d.ts +10 -0
  7. package/dist/aws/s3.d.ts +256 -0
  8. package/dist/aws/s3.test.d.ts +4 -0
  9. package/dist/aws/signature.d.ts +142 -0
  10. package/dist/aws/signature.test.d.ts +4 -0
  11. package/dist/backup/disaster-recovery.d.ts +140 -0
  12. package/dist/backup/disaster-recovery.test.d.ts +1 -0
  13. package/dist/backup/index.d.ts +8 -0
  14. package/dist/backup/manager.d.ts +172 -0
  15. package/dist/backup/manager.test.d.ts +1 -0
  16. package/dist/cicd/circleci.d.ts +50 -0
  17. package/dist/cicd/github-actions.d.ts +62 -0
  18. package/dist/cicd/gitlab-ci.d.ts +50 -0
  19. package/dist/cicd/index.d.ts +7 -0
  20. package/dist/cli/history.d.ts +137 -0
  21. package/dist/cli/index.d.ts +9 -0
  22. package/dist/cli/progress.d.ts +193 -0
  23. package/dist/cli/repl.d.ts +148 -0
  24. package/dist/cli/suggestions.d.ts +74 -0
  25. package/dist/cli/table.d.ts +73 -0
  26. package/dist/cli/table.test.d.ts +1 -0
  27. package/dist/cloudformation/builder.d.ts +93 -0
  28. package/dist/cloudformation/builder.test.d.ts +4 -0
  29. package/dist/cloudformation/builders/api-gateway.d.ts +30 -0
  30. package/dist/cloudformation/builders/cache.d.ts +35 -0
  31. package/dist/cloudformation/builders/cdn.d.ts +34 -0
  32. package/dist/cloudformation/builders/compute.d.ts +68 -0
  33. package/dist/cloudformation/builders/database.d.ts +61 -0
  34. package/dist/cloudformation/builders/functions.d.ts +32 -0
  35. package/dist/cloudformation/builders/messaging.d.ts +17 -0
  36. package/dist/cloudformation/builders/monitoring.d.ts +39 -0
  37. package/dist/cloudformation/builders/network.d.ts +14 -0
  38. package/dist/cloudformation/builders/queue.d.ts +16 -0
  39. package/dist/cloudformation/builders/security.d.ts +31 -0
  40. package/dist/cloudformation/builders/storage.d.ts +36 -0
  41. package/dist/cloudformation/index.d.ts +10 -0
  42. package/dist/cloudformation/types.d.ts +200 -0
  43. package/dist/compliance/aws-config.d.ts +175 -0
  44. package/dist/compliance/cloudtrail.d.ts +132 -0
  45. package/dist/compliance/compliance.test.d.ts +1 -0
  46. package/dist/compliance/guardduty.d.ts +176 -0
  47. package/dist/compliance/index.d.ts +12 -0
  48. package/dist/compliance/security-hub.d.ts +178 -0
  49. package/dist/containers/build-optimization.d.ts +155 -0
  50. package/dist/containers/containers.test.d.ts +1 -0
  51. package/dist/containers/image-scanning.d.ts +144 -0
  52. package/dist/containers/index.d.ts +8 -0
  53. package/dist/containers/registry.d.ts +129 -0
  54. package/dist/containers/service-mesh.d.ts +254 -0
  55. package/dist/database/database.test.d.ts +1 -0
  56. package/dist/database/index.d.ts +8 -0
  57. package/dist/database/migrations.d.ts +153 -0
  58. package/dist/database/performance.d.ts +219 -0
  59. package/dist/database/replicas.d.ts +218 -0
  60. package/dist/database/users.d.ts +165 -0
  61. package/dist/dependency-graph.d.ts +37 -0
  62. package/dist/deployment/ab-testing.d.ts +165 -0
  63. package/dist/deployment/blue-green.d.ts +140 -0
  64. package/dist/deployment/canary.d.ts +165 -0
  65. package/dist/deployment/deployment.test.d.ts +1 -0
  66. package/dist/deployment/index.d.ts +12 -0
  67. package/dist/deployment/progressive.d.ts +50 -0
  68. package/dist/dns/dns.test.d.ts +1 -0
  69. package/dist/dns/dnssec.d.ts +120 -0
  70. package/dist/dns/index.d.ts +7 -0
  71. package/dist/dns/resolver.d.ts +216 -0
  72. package/dist/dns/routing.d.ts +277 -0
  73. package/dist/email/advanced/analytics.d.ts +107 -0
  74. package/dist/email/advanced/index.d.ts +10 -0
  75. package/dist/email/advanced/rules.d.ts +131 -0
  76. package/dist/email/advanced/scheduling.d.ts +81 -0
  77. package/dist/email/advanced/search.d.ts +91 -0
  78. package/dist/email/advanced/shared-mailboxes.d.ts +109 -0
  79. package/dist/email/advanced/templates.d.ts +95 -0
  80. package/dist/email/advanced/threading.d.ts +65 -0
  81. package/dist/email/analytics.d.ts +189 -0
  82. package/dist/email/bounce-handling.d.ts +171 -0
  83. package/dist/email/email.test.d.ts +1 -0
  84. package/dist/email/handlers/__tests__/inbound.test.d.ts +1 -0
  85. package/dist/email/handlers/__tests__/outbound.test.d.ts +1 -0
  86. package/dist/email/handlers/converter.d.ts +11 -0
  87. package/dist/email/handlers/feedback.d.ts +11 -0
  88. package/dist/email/handlers/inbound.d.ts +13 -0
  89. package/dist/email/handlers/outbound.d.ts +13 -0
  90. package/dist/email/index.d.ts +10 -0
  91. package/dist/email/reputation.d.ts +133 -0
  92. package/dist/email/templates.d.ts +124 -0
  93. package/dist/errors/index.d.ts +177 -0
  94. package/dist/errors/index.test.d.ts +4 -0
  95. package/dist/health-checks/index.d.ts +35 -0
  96. package/dist/index.d.ts +15 -256
  97. package/dist/index.js +228 -80
  98. package/dist/intrinsic-functions.d.ts +77 -0
  99. package/dist/lambda/concurrency.d.ts +146 -0
  100. package/dist/lambda/destinations.d.ts +141 -0
  101. package/dist/lambda/dlq.d.ts +160 -0
  102. package/dist/lambda/index.d.ts +10 -0
  103. package/dist/lambda/lambda.test.d.ts +1 -0
  104. package/dist/lambda/layers.d.ts +117 -0
  105. package/dist/lambda/versions.d.ts +145 -0
  106. package/dist/lambda/vpc.d.ts +164 -0
  107. package/dist/local/config.d.ts +44 -0
  108. package/dist/local/index.d.ts +5 -0
  109. package/dist/local/mock-aws.d.ts +69 -0
  110. package/dist/modules/ai.d.ts +108 -0
  111. package/dist/modules/api.d.ts +157 -0
  112. package/dist/modules/auth.d.ts +262 -0
  113. package/dist/modules/cache.d.ts +108 -0
  114. package/dist/modules/cdn.d.ts +305 -0
  115. package/dist/modules/communication.d.ts +117 -0
  116. package/dist/modules/compute.d.ts +1376 -0
  117. package/dist/modules/database.d.ts +144 -0
  118. package/dist/modules/deployment.d.ts +372 -0
  119. package/dist/modules/dns.d.ts +143 -0
  120. package/dist/modules/email.d.ts +314 -0
  121. package/dist/modules/filesystem.d.ts +132 -0
  122. package/dist/modules/index.d.ts +31 -0
  123. package/dist/modules/messaging.d.ts +210 -0
  124. package/dist/modules/monitoring.d.ts +574 -0
  125. package/dist/modules/network.d.ts +148 -0
  126. package/dist/modules/parameter-store.d.ts +143 -0
  127. package/dist/modules/permissions.d.ts +245 -0
  128. package/dist/modules/phone.d.ts +125 -0
  129. package/dist/modules/queue.d.ts +411 -0
  130. package/dist/modules/redirects.d.ts +140 -0
  131. package/dist/modules/registry.d.ts +189 -0
  132. package/dist/modules/search.d.ts +135 -0
  133. package/dist/modules/secrets.d.ts +149 -0
  134. package/dist/modules/security.d.ts +219 -0
  135. package/dist/modules/sms.d.ts +130 -0
  136. package/dist/modules/storage.d.ts +344 -0
  137. package/dist/modules/workflow.d.ts +288 -0
  138. package/dist/multi-account/config.d.ts +166 -0
  139. package/dist/multi-account/index.d.ts +6 -0
  140. package/dist/multi-account/manager.d.ts +181 -0
  141. package/dist/multi-region/cross-region.d.ts +204 -0
  142. package/dist/multi-region/index.d.ts +7 -0
  143. package/dist/multi-region/manager.d.ts +136 -0
  144. package/dist/multi-region/regions.d.ts +98 -0
  145. package/dist/network-security/index.d.ts +55 -0
  146. package/dist/observability/index.d.ts +8 -0
  147. package/dist/observability/logs.d.ts +213 -0
  148. package/dist/observability/metrics.d.ts +187 -0
  149. package/dist/observability/observability.test.d.ts +1 -0
  150. package/dist/observability/synthetics.d.ts +189 -0
  151. package/dist/observability/xray.d.ts +193 -0
  152. package/dist/phone/advanced/analytics.d.ts +83 -0
  153. package/dist/phone/advanced/callbacks.d.ts +67 -0
  154. package/dist/phone/advanced/index.d.ts +7 -0
  155. package/dist/phone/advanced/ivr-builder.d.ts +130 -0
  156. package/dist/phone/advanced/recording.d.ts +62 -0
  157. package/dist/phone/handlers/__tests__/incoming-call.test.d.ts +1 -0
  158. package/dist/phone/handlers/incoming-call.d.ts +10 -0
  159. package/dist/phone/handlers/missed-call.d.ts +9 -0
  160. package/dist/phone/handlers/voicemail.d.ts +10 -0
  161. package/dist/phone/index.d.ts +5 -0
  162. package/dist/presets/api-backend.d.ts +11 -0
  163. package/dist/presets/data-pipeline.d.ts +11 -0
  164. package/dist/presets/extend.d.ts +194 -0
  165. package/dist/presets/extend.test.d.ts +4 -0
  166. package/dist/presets/fullstack-app.d.ts +12 -0
  167. package/dist/presets/index.d.ts +13 -0
  168. package/dist/presets/jamstack.d.ts +12 -0
  169. package/dist/presets/microservices.d.ts +18 -0
  170. package/dist/presets/ml-api.d.ts +13 -0
  171. package/dist/presets/nodejs-server.d.ts +14 -0
  172. package/dist/presets/nodejs-serverless.d.ts +14 -0
  173. package/dist/presets/realtime-app.d.ts +11 -0
  174. package/dist/presets/static-site.d.ts +12 -0
  175. package/dist/presets/traditional-web-app.d.ts +16 -0
  176. package/dist/presets/wordpress.d.ts +12 -0
  177. package/dist/preview/github.d.ts +32 -0
  178. package/dist/preview/github.test.d.ts +1 -0
  179. package/dist/preview/index.d.ts +10 -0
  180. package/dist/preview/manager.d.ts +101 -0
  181. package/dist/preview/manager.test.d.ts +1 -0
  182. package/dist/preview/notifications.d.ts +89 -0
  183. package/dist/preview/notifications.test.d.ts +1 -0
  184. package/dist/queue/batch-processing.d.ts +138 -0
  185. package/dist/queue/dlq-monitoring.d.ts +143 -0
  186. package/dist/queue/fifo.d.ts +131 -0
  187. package/dist/queue/index.d.ts +8 -0
  188. package/dist/queue/management.d.ts +162 -0
  189. package/dist/queue/queue.test.d.ts +1 -0
  190. package/dist/resource-mgmt/index.d.ts +44 -0
  191. package/dist/resource-naming.d.ts +26 -0
  192. package/dist/s3/index.d.ts +227 -0
  193. package/dist/schema/index.d.ts +12 -0
  194. package/dist/security/certificate-manager.d.ts +184 -0
  195. package/dist/security/index.d.ts +8 -0
  196. package/dist/security/scanning.d.ts +196 -0
  197. package/dist/security/secrets-manager.d.ts +204 -0
  198. package/dist/security/secrets-rotation.d.ts +167 -0
  199. package/dist/security/security.test.d.ts +1 -0
  200. package/dist/sms/advanced/ab-testing.d.ts +74 -0
  201. package/dist/sms/advanced/analytics.d.ts +75 -0
  202. package/dist/sms/advanced/campaigns.d.ts +96 -0
  203. package/dist/sms/advanced/chatbot.d.ts +67 -0
  204. package/dist/sms/advanced/index.d.ts +9 -0
  205. package/dist/sms/advanced/link-tracking.d.ts +60 -0
  206. package/dist/sms/advanced/mms.d.ts +60 -0
  207. package/dist/sms/handlers/__tests__/send.test.d.ts +1 -0
  208. package/dist/sms/handlers/delivery-status.d.ts +10 -0
  209. package/dist/sms/handlers/receive.d.ts +10 -0
  210. package/dist/sms/handlers/send.d.ts +10 -0
  211. package/dist/sms/index.d.ts +5 -0
  212. package/dist/stack-diff.d.ts +38 -0
  213. package/dist/static-site/index.d.ts +49 -0
  214. package/dist/template-builder.d.ts +42 -0
  215. package/dist/template-validator.d.ts +28 -0
  216. package/dist/types.d.ts +2514 -0
  217. package/dist/utils/cache.d.ts +117 -0
  218. package/dist/utils/diff.d.ts +52 -0
  219. package/dist/utils/hash.d.ts +73 -0
  220. package/dist/utils/index.d.ts +7 -0
  221. package/dist/utils/parallel.d.ts +78 -0
  222. package/dist/validators/credentials.d.ts +30 -0
  223. package/dist/validators/credentials.test.d.ts +4 -0
  224. package/dist/validators/quotas.d.ts +64 -0
  225. package/dist/validators/quotas.test.d.ts +4 -0
  226. package/package.json +2 -2
package/dist/modules/compute.d.ts ADDED
@@ -0,0 +1,1376 @@
1
+ import type { ApplicationLoadBalancer, AutoScalingGroup, AutoScalingLaunchConfiguration, AutoScalingScalingPolicy, EC2Instance, EC2SecurityGroup, ECSCluster, ECSService, ECSTaskDefinition, IAMRole, LambdaFunction, Listener, TargetGroup } from '@ts-cloud/aws-types';
2
+ import type { EnvironmentType } from '../types';
3
+ export interface ServerOptions {
4
+ slug: string;
5
+ environment: EnvironmentType;
6
+ instanceType?: string;
7
+ imageId?: string;
8
+ keyName?: string;
9
+ securityGroupIds?: string[];
10
+ subnetId?: string;
11
+ userData?: string;
12
+ volumeSize?: number;
13
+ volumeType?: 'gp2' | 'gp3' | 'io1' | 'io2';
14
+ encrypted?: boolean;
15
+ }
16
+ export interface SecurityGroupOptions {
17
+ slug: string;
18
+ environment: EnvironmentType;
19
+ vpcId?: string;
20
+ description?: string;
21
+ ingress?: SecurityGroupRule[];
22
+ egress?: SecurityGroupRule[];
23
+ }
24
+ export interface SecurityGroupRule {
25
+ protocol: string;
26
+ fromPort?: number;
27
+ toPort?: number;
28
+ cidr?: string;
29
+ sourceSecurityGroupId?: string;
30
+ }
31
+ export interface LoadBalancerOptions {
32
+ slug: string;
33
+ environment: EnvironmentType;
34
+ scheme?: 'internet-facing' | 'internal';
35
+ subnets: string[];
36
+ securityGroups?: string[];
37
+ type?: 'application' | 'network';
38
+ }
39
+ export interface TargetGroupOptions {
40
+ slug: string;
41
+ environment: EnvironmentType;
42
+ port: number;
43
+ protocol?: 'HTTP' | 'HTTPS' | 'TCP';
44
+ vpcId: string;
45
+ targetType?: 'instance' | 'ip' | 'lambda';
46
+ healthCheckPath?: string;
47
+ healthCheckInterval?: number;
48
+ healthCheckTimeout?: number;
49
+ healthyThreshold?: number;
50
+ unhealthyThreshold?: number;
51
+ }
52
+ export interface ListenerOptions {
53
+ port: number;
54
+ protocol?: 'HTTP' | 'HTTPS';
55
+ certificateArn?: string;
56
+ defaultTargetGroupArn: string;
57
+ }
58
+ export interface FargateServiceOptions {
59
+ slug: string;
60
+ environment: EnvironmentType;
61
+ image: string;
62
+ cpu?: string;
63
+ memory?: string;
64
+ desiredCount?: number;
65
+ containerPort?: number;
66
+ environmentVariables?: Record<string, string>;
67
+ secrets?: Array<{
68
+ name: string;
69
+ valueFrom: string;
70
+ }>;
71
+ healthCheck?: {
72
+ command: string[];
73
+ interval?: number;
74
+ timeout?: number;
75
+ retries?: number;
76
+ };
77
+ logGroup?: string;
78
+ subnets: string[];
79
+ securityGroups: string[];
80
+ targetGroupArn?: string;
81
+ }
82
+ export interface LambdaFunctionOptions {
83
+ slug: string;
84
+ environment: EnvironmentType;
85
+ functionName?: string;
86
+ runtime: string;
87
+ handler: string;
88
+ code: {
89
+ s3Bucket?: string;
90
+ s3Key?: string;
91
+ zipFile?: string;
92
+ };
93
+ role?: string;
94
+ timeout?: number;
95
+ memorySize?: number;
96
+ environmentVariables?: Record<string, string>;
97
+ vpcConfig?: {
98
+ securityGroupIds: string[];
99
+ subnetIds: string[];
100
+ };
101
+ }
102
+ export interface LaunchConfigurationOptions {
103
+ slug: string;
104
+ environment: EnvironmentType;
105
+ imageId: string;
106
+ instanceType: string;
107
+ keyName?: string;
108
+ securityGroups?: Array<string | {
109
+ Ref: string;
110
+ }>;
111
+ userData?: string;
112
+ volumeSize?: number;
113
+ volumeType?: 'gp2' | 'gp3' | 'io1' | 'io2';
114
+ encrypted?: boolean;
115
+ iamInstanceProfile?: string | {
116
+ Ref: string;
117
+ };
118
+ }
119
+ export interface AutoScalingGroupOptions {
120
+ slug: string;
121
+ environment: EnvironmentType;
122
+ launchConfigurationName: string | {
123
+ Ref: string;
124
+ };
125
+ minSize: number;
126
+ maxSize: number;
127
+ desiredCapacity?: number;
128
+ vpcZoneIdentifier?: string[] | {
129
+ Ref: string;
130
+ };
131
+ targetGroupArns?: Array<string | {
132
+ Ref: string;
133
+ }>;
134
+ healthCheckType?: 'EC2' | 'ELB';
135
+ healthCheckGracePeriod?: number;
136
+ cooldown?: number;
137
+ tags?: Record<string, string>;
138
+ }
139
+ export interface ScalingPolicyOptions {
140
+ slug: string;
141
+ environment: EnvironmentType;
142
+ autoScalingGroupName: string | {
143
+ Ref: string;
144
+ };
145
+ policyType?: 'TargetTrackingScaling' | 'StepScaling' | 'SimpleScaling';
146
+ targetValue?: number;
147
+ predefinedMetricType?: 'ASGAverageCPUUtilization' | 'ASGAverageNetworkIn' | 'ASGAverageNetworkOut' | 'ALBRequestCountPerTarget';
148
+ scaleInCooldown?: number;
149
+ scaleOutCooldown?: number;
150
+ }
151
+ /**
152
+ * Compute Module - EC2, ECS, Lambda Management
153
+ * Provides clean API for both server (Forge-style) and serverless (Vapor-style) deployments
154
+ */
155
+ export declare class Compute {
156
+ /**
157
+ * Create an EC2 server instance (Server Mode - Forge-style)
158
+ */
159
+ static createServer(options: ServerOptions): {
160
+ instance: EC2Instance;
161
+ logicalId: string;
162
+ };
163
+ /**
164
+ * Create a security group
165
+ */
166
+ static createSecurityGroup(options: SecurityGroupOptions): {
167
+ securityGroup: EC2SecurityGroup;
168
+ logicalId: string;
169
+ };
170
+ /**
171
+ * Create common security group rules for web servers
172
+ */
173
+ static createWebServerSecurityGroup(slug: string, environment: EnvironmentType, vpcId?: string): {
174
+ securityGroup: EC2SecurityGroup;
175
+ logicalId: string;
176
+ };
177
+ /**
178
+ * Create an Application Load Balancer
179
+ */
180
+ static createLoadBalancer(options: LoadBalancerOptions): {
181
+ loadBalancer: ApplicationLoadBalancer;
182
+ logicalId: string;
183
+ };
184
+ /**
185
+ * Create a target group
186
+ */
187
+ static createTargetGroup(options: TargetGroupOptions): {
188
+ targetGroup: TargetGroup;
189
+ logicalId: string;
190
+ };
191
+ /**
192
+ * Create an ALB listener
193
+ */
194
+ static createListener(loadBalancerLogicalId: string, options: ListenerOptions): {
195
+ listener: Listener;
196
+ logicalId: string;
197
+ };
198
+ /**
199
+ * Create ECS cluster for Fargate (Serverless Mode - Vapor-style)
200
+ */
201
+ static createEcsCluster(slug: string, environment: EnvironmentType): {
202
+ cluster: ECSCluster;
203
+ logicalId: string;
204
+ };
205
+ /**
206
+ * Create ECS Fargate task definition and service
207
+ */
208
+ static createFargateService(options: FargateServiceOptions): {
209
+ cluster: ECSCluster;
210
+ taskDefinition: ECSTaskDefinition;
211
+ service: ECSService;
212
+ taskRole: IAMRole;
213
+ executionRole: IAMRole;
214
+ clusterLogicalId: string;
215
+ taskDefinitionLogicalId: string;
216
+ serviceLogicalId: string;
217
+ taskRoleLogicalId: string;
218
+ executionRoleLogicalId: string;
219
+ };
220
+ /**
221
+ * Create a Lambda function
222
+ */
223
+ static createLambdaFunction(options: LambdaFunctionOptions): {
224
+ lambdaFunction: LambdaFunction;
225
+ role: IAMRole;
226
+ logicalId: string;
227
+ roleLogicalId: string;
228
+ };
229
+ /**
230
+ * Generate Node.js server user data script
231
+ */
232
+ static generateNodeServerUserData(options?: {
233
+ nodeVersion?: string;
234
+ appRepo?: string;
235
+ environment?: Record<string, string>;
236
+ }): string;
237
+ /**
238
+ * Generate Bun server user data script
239
+ */
240
+ static generateBunServerUserData(options?: {
241
+ appRepo?: string;
242
+ environment?: Record<string, string>;
243
+ }): string;
244
+ /**
245
+ * Create a Launch Configuration for Auto Scaling
246
+ */
247
+ static createLaunchConfiguration(options: LaunchConfigurationOptions): {
248
+ launchConfiguration: AutoScalingLaunchConfiguration;
249
+ logicalId: string;
250
+ };
251
+ /**
252
+ * Create an Auto Scaling Group
253
+ */
254
+ static createAutoScalingGroup(options: AutoScalingGroupOptions): {
255
+ autoScalingGroup: AutoScalingGroup;
256
+ logicalId: string;
257
+ };
258
+ /**
259
+ * Create a Target Tracking Scaling Policy (CPU-based by default)
260
+ */
261
+ static createScalingPolicy(options: ScalingPolicyOptions): {
262
+ scalingPolicy: AutoScalingScalingPolicy;
263
+ logicalId: string;
264
+ };
265
+ /**
266
+ * Common Auto Scaling configurations
267
+ */
268
+ static readonly AutoScaling: {
269
+ /**
270
+ * Small web server auto scaling (2-4 instances)
271
+ */
272
+ smallWebServer: (slug: string, environment: EnvironmentType, launchConfigRef: string | {
273
+ Ref: string;
274
+ }, subnetIds: string[], targetGroupArns?: Array<string | {
275
+ Ref: string;
276
+ }>) => {
277
+ autoScalingGroup: AutoScalingGroup;
278
+ logicalId: string;
279
+ };
280
+ /**
281
+ * Medium web server auto scaling (3-10 instances)
282
+ */
283
+ mediumWebServer: (slug: string, environment: EnvironmentType, launchConfigRef: string | {
284
+ Ref: string;
285
+ }, subnetIds: string[], targetGroupArns?: Array<string | {
286
+ Ref: string;
287
+ }>) => {
288
+ autoScalingGroup: AutoScalingGroup;
289
+ logicalId: string;
290
+ };
291
+ /**
292
+ * Large web server auto scaling (5-20 instances)
293
+ */
294
+ largeWebServer: (slug: string, environment: EnvironmentType, launchConfigRef: string | {
295
+ Ref: string;
296
+ }, subnetIds: string[], targetGroupArns?: Array<string | {
297
+ Ref: string;
298
+ }>) => {
299
+ autoScalingGroup: AutoScalingGroup;
300
+ logicalId: string;
301
+ };
302
+ /**
303
+ * CPU-based scaling policy (default 70%)
304
+ */
305
+ cpuScaling: (slug: string, environment: EnvironmentType, asgName: string | {
306
+ Ref: string;
307
+ }, targetCpu?: number) => {
308
+ scalingPolicy: AutoScalingScalingPolicy;
309
+ logicalId: string;
310
+ };
311
+ /**
312
+ * Request count scaling policy (ALB)
313
+ */
314
+ requestCountScaling: (slug: string, environment: EnvironmentType, asgName: string | {
315
+ Ref: string;
316
+ }, targetRequestCount?: number) => {
317
+ scalingPolicy: AutoScalingScalingPolicy;
318
+ logicalId: string;
319
+ };
320
+ };
321
+ /**
322
+ * Secrets Manager integration utilities
323
+ */
324
+ static readonly Secrets: {
325
+ /**
326
+ * Convert environment variables to ECS secrets configuration
327
+ * This takes environment variable names and their corresponding Secrets Manager ARNs
328
+ */
329
+ fromSecretsManager: (secrets: Record<string, string>) => Array<{
330
+ name: string;
331
+ valueFrom: string;
332
+ }>;
333
+ /**
334
+ * Reference a specific key from a JSON secret
335
+ * Format: arn:aws:secretsmanager:region:account:secret:name:json-key::
336
+ */
337
+ fromJsonSecret: (secretArn: string, jsonKey: string) => string;
338
+ /**
339
+ * Reference a specific version of a secret
340
+ * Format: arn:aws:secretsmanager:region:account:secret:name::version-id:
341
+ */
342
+ fromSecretVersion: (secretArn: string, versionId: string) => string;
343
+ /**
344
+ * Reference a specific version stage of a secret
345
+ * Format: arn:aws:secretsmanager:region:account:secret:name:::version-stage
346
+ */
347
+ fromSecretVersionStage: (secretArn: string, versionStage: string) => string;
348
+ /**
349
+ * Create IAM policy for Secrets Manager access
350
+ */
351
+ createAccessPolicy: (secretArns: string[]) => {
352
+ PolicyName: string;
353
+ PolicyDocument: {
354
+ Version: "2012-10-17";
355
+ Statement: Array<{
356
+ Effect: "Allow" | "Deny";
357
+ Action: string[];
358
+ Resource: string[];
359
+ }>;
360
+ };
361
+ };
362
+ /**
363
+ * Create IAM policy for KMS decryption (when secrets are encrypted with KMS)
364
+ */
365
+ createKmsPolicy: (kmsKeyArns: string[]) => {
366
+ PolicyName: string;
367
+ PolicyDocument: {
368
+ Version: "2012-10-17";
369
+ Statement: Array<{
370
+ Effect: "Allow" | "Deny";
371
+ Action: string[];
372
+ Resource: string[];
373
+ }>;
374
+ };
375
+ };
376
+ /**
377
+ * Build secret ARN from components
378
+ */
379
+ buildSecretArn: (params: {
380
+ region: string;
381
+ accountId: string;
382
+ secretName: string;
383
+ }) => string;
384
+ /**
385
+ * Build secret ARN pattern for wildcard matching
386
+ * Useful for IAM policies
387
+ */
388
+ buildSecretArnPattern: (params: {
389
+ region?: string;
390
+ accountId?: string;
391
+ secretNamePrefix: string;
392
+ }) => string;
393
+ /**
394
+ * Common environment secrets mapping
395
+ * Maps common application environment variable names to secrets
396
+ */
397
+ commonAppSecrets: (secretPrefix: string) => Record<string, string>;
398
+ };
399
+ /**
400
+ * Create ECS Fargate service with full Secrets Manager integration
401
+ */
402
+ static createFargateServiceWithSecrets(options: FargateServiceOptions & {
403
+ secretArns?: string[];
404
+ kmsKeyArns?: string[];
405
+ }): {
406
+ cluster: ECSCluster;
407
+ taskDefinition: ECSTaskDefinition;
408
+ service: ECSService;
409
+ taskRole: IAMRole;
410
+ executionRole: IAMRole;
411
+ clusterLogicalId: string;
412
+ taskDefinitionLogicalId: string;
413
+ serviceLogicalId: string;
414
+ taskRoleLogicalId: string;
415
+ executionRoleLogicalId: string;
416
+ };
417
+ /**
418
+ * Generate secret references for container environment
419
+ * This is a helper to convert secret names to full ARN references
420
+ */
421
+ static generateSecretReferences(params: {
422
+ region: string;
423
+ accountId: string;
424
+ secretPrefix: string;
425
+ secrets: string[];
426
+ }): Array<{
427
+ name: string;
428
+ valueFrom: string;
429
+ }>;
430
+ /**
431
+ * Create environment secrets configuration for common patterns
432
+ */
433
+ static readonly EnvSecrets: {
434
+ /**
435
+ * Database credentials as secrets
436
+ */
437
+ database: (secretArn: string) => Array<{
438
+ name: string;
439
+ valueFrom: string;
440
+ }>;
441
+ /**
442
+ * Redis credentials as secrets
443
+ */
444
+ redis: (secretArn: string) => Array<{
445
+ name: string;
446
+ valueFrom: string;
447
+ }>;
448
+ /**
449
+ * API credentials as secrets
450
+ */
451
+ apiCredentials: (secretArn: string) => Array<{
452
+ name: string;
453
+ valueFrom: string;
454
+ }>;
455
+ /**
456
+ * Mail credentials as secrets
457
+ */
458
+ mail: (secretArn: string) => Array<{
459
+ name: string;
460
+ valueFrom: string;
461
+ }>;
462
+ /**
463
+ * AWS credentials as secrets (for cross-account access)
464
+ */
465
+ awsCredentials: (secretArn: string) => Array<{
466
+ name: string;
467
+ valueFrom: string;
468
+ }>;
469
+ };
470
+ /**
471
+ * Create a JumpBox (Bastion Host) for SSH access to private resources
472
+ */
473
+ static createJumpBox(options: {
474
+ slug: string;
475
+ environment: EnvironmentType;
476
+ vpcId: string;
477
+ subnetId: string;
478
+ keyName: string;
479
+ instanceType?: string;
480
+ imageId?: string;
481
+ allowedCidrs?: string[];
482
+ mountEfs?: {
483
+ fileSystemId: string;
484
+ mountPath?: string;
485
+ };
486
+ }): {
487
+ instance: EC2Instance;
488
+ securityGroup: EC2SecurityGroup;
489
+ instanceProfile: any;
490
+ instanceRole: IAMRole;
491
+ instanceLogicalId: string;
492
+ securityGroupLogicalId: string;
493
+ instanceProfileLogicalId: string;
494
+ instanceRoleLogicalId: string;
495
+ resources: Record<string, any>;
496
+ };
497
+ /**
498
+ * JumpBox helper configurations
499
+ */
500
+ static readonly JumpBox: {
501
+ /**
502
+ * Create JumpBox with EFS mount for file access
503
+ */
504
+ withEfsMount: (params: {
505
+ slug: string;
506
+ environment: EnvironmentType;
507
+ vpcId: string;
508
+ subnetId: string;
509
+ keyName: string;
510
+ fileSystemId: string;
511
+ mountPath?: string;
512
+ allowedCidrs?: string[];
513
+ }) => {
514
+ instance: EC2Instance;
515
+ securityGroup: EC2SecurityGroup;
516
+ instanceProfile: any;
517
+ instanceRole: IAMRole;
518
+ instanceLogicalId: string;
519
+ securityGroupLogicalId: string;
520
+ instanceProfileLogicalId: string;
521
+ instanceRoleLogicalId: string;
522
+ resources: Record<string, any>;
523
+ };
524
+ /**
525
+ * Create minimal JumpBox (SSH only)
526
+ */
527
+ minimal: (params: {
528
+ slug: string;
529
+ environment: EnvironmentType;
530
+ vpcId: string;
531
+ subnetId: string;
532
+ keyName: string;
533
+ allowedCidrs?: string[];
534
+ }) => {
535
+ instance: EC2Instance;
536
+ securityGroup: EC2SecurityGroup;
537
+ instanceProfile: any;
538
+ instanceRole: IAMRole;
539
+ instanceLogicalId: string;
540
+ securityGroupLogicalId: string;
541
+ instanceProfileLogicalId: string;
542
+ instanceRoleLogicalId: string;
543
+ resources: Record<string, any>;
544
+ };
545
+ /**
546
+ * Create JumpBox with database tools
547
+ */
548
+ withDatabaseTools: (params: {
549
+ slug: string;
550
+ environment: EnvironmentType;
551
+ vpcId: string;
552
+ subnetId: string;
553
+ keyName: string;
554
+ allowedCidrs?: string[];
555
+ }) => {
556
+ instance: EC2Instance;
557
+ securityGroup: EC2SecurityGroup;
558
+ instanceProfile: any;
559
+ instanceRole: IAMRole;
560
+ instanceLogicalId: string;
561
+ securityGroupLogicalId: string;
562
+ instanceProfileLogicalId: string;
563
+ instanceRoleLogicalId: string;
564
+ resources: Record<string, any>;
565
+ };
566
+ /**
567
+ * Allowed CIDRs for corporate VPNs (common patterns)
568
+ */
569
+ commonCidrs: {
570
+ any: readonly ["0.0.0.0/0"];
571
+ privateOnly: readonly ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"];
572
+ };
573
+ };
574
+ /**
575
+ * Instance size mapping - human-readable sizes to AWS instance types
576
+ * Provides Stacks configuration parity for "size" configuration option
577
+ */
578
+ static readonly InstanceSize: {
579
+ /**
580
+ * Map human-readable size to EC2 instance type
581
+ */
582
+ toInstanceType: (size: "nano" | "micro" | "small" | "medium" | "large" | "xlarge" | "2xlarge" | "4xlarge" | "8xlarge", family?: "t3" | "t3a" | "m6i" | "c6i" | "r6i") => string;
583
+ /**
584
+ * Size configurations with CPU and memory specs
585
+ */
586
+ specs: {
587
+ readonly nano: {
588
+ readonly vcpu: 2;
589
+ readonly memory: 0.5;
590
+ readonly instanceType: "t3.nano";
591
+ };
592
+ readonly micro: {
593
+ readonly vcpu: 2;
594
+ readonly memory: 1;
595
+ readonly instanceType: "t3.micro";
596
+ };
597
+ readonly small: {
598
+ readonly vcpu: 2;
599
+ readonly memory: 2;
600
+ readonly instanceType: "t3.small";
601
+ };
602
+ readonly medium: {
603
+ readonly vcpu: 2;
604
+ readonly memory: 4;
605
+ readonly instanceType: "t3.medium";
606
+ };
607
+ readonly large: {
608
+ readonly vcpu: 2;
609
+ readonly memory: 8;
610
+ readonly instanceType: "t3.large";
611
+ };
612
+ readonly xlarge: {
613
+ readonly vcpu: 4;
614
+ readonly memory: 16;
615
+ readonly instanceType: "t3.xlarge";
616
+ };
617
+ readonly '2xlarge': {
618
+ readonly vcpu: 8;
619
+ readonly memory: 32;
620
+ readonly instanceType: "t3.2xlarge";
621
+ };
622
+ };
623
+ /**
624
+ * Get Fargate CPU/memory from size
625
+ */
626
+ toFargateSpecs: (size: "nano" | "micro" | "small" | "medium" | "large" | "xlarge" | "2xlarge") => {
627
+ cpu: string;
628
+ memory: string;
629
+ };
630
+ /**
631
+ * Get Lambda memory from size
632
+ */
633
+ toLambdaMemory: (size: "nano" | "micro" | "small" | "medium" | "large" | "xlarge" | "2xlarge") => number;
634
+ /**
635
+ * Presets for common workloads
636
+ */
637
+ presets: {
638
+ readonly webServer: "t3.small";
639
+ readonly apiServer: "t3.medium";
640
+ readonly worker: "t3.medium";
641
+ readonly database: "r6i.large";
642
+ readonly cache: "r6i.medium";
643
+ readonly compute: "c6i.large";
644
+ readonly general: "m6i.medium";
645
+ };
646
+ };
647
+ /**
648
+ * Disk configuration helpers
649
+ * Provides Stacks configuration parity for disk options
650
+ */
651
+ static readonly DiskConfig: {
652
+ /**
653
+ * Create EBS volume configuration
654
+ */
655
+ create: (options: {
656
+ size: number;
657
+ type?: "standard" | "ssd" | "premium" | "gp2" | "gp3" | "io1" | "io2";
658
+ encrypted?: boolean;
659
+ iops?: number;
660
+ throughput?: number;
661
+ deleteOnTermination?: boolean;
662
+ }) => {
663
+ VolumeSize: number;
664
+ VolumeType: string;
665
+ Encrypted: boolean;
666
+ Iops?: number;
667
+ Throughput?: number;
668
+ DeleteOnTermination: boolean;
669
+ };
670
+ /**
671
+ * Common disk configurations
672
+ */
673
+ presets: {
674
+ /**
675
+ * Standard SSD (20GB gp3)
676
+ */
677
+ standard: {
678
+ VolumeSize: number;
679
+ VolumeType: string;
680
+ Encrypted: boolean;
681
+ DeleteOnTermination: boolean;
682
+ };
683
+ /**
684
+ * Large storage (100GB gp3)
685
+ */
686
+ large: {
687
+ VolumeSize: number;
688
+ VolumeType: string;
689
+ Encrypted: boolean;
690
+ DeleteOnTermination: boolean;
691
+ };
692
+ /**
693
+ * High performance (50GB io2)
694
+ */
695
+ highPerformance: {
696
+ VolumeSize: number;
697
+ VolumeType: string;
698
+ Iops: number;
699
+ Encrypted: boolean;
700
+ DeleteOnTermination: boolean;
701
+ };
702
+ /**
703
+ * Database optimized (100GB io2 with high IOPS)
704
+ */
705
+ database: {
706
+ VolumeSize: number;
707
+ VolumeType: string;
708
+ Iops: number;
709
+ Encrypted: boolean;
710
+ DeleteOnTermination: boolean;
711
+ };
712
+ };
713
+ };
714
+ /**
715
+ * Spot instance configuration
716
+ * Provides Stacks configuration parity for spot instances
717
+ */
718
+ static readonly SpotConfig: {
719
+ /**
720
+ * Create spot instance specification for Launch Template
721
+ */
722
+ create: (options: {
723
+ maxPrice?: string;
724
+ spotInstanceType?: "one-time" | "persistent";
725
+ interruptionBehavior?: "hibernate" | "stop" | "terminate";
726
+ blockDurationMinutes?: number;
727
+ }) => {
728
+ SpotOptions: {
729
+ MaxPrice?: string;
730
+ SpotInstanceType?: string;
731
+ InstanceInterruptionBehavior?: string;
732
+ BlockDurationMinutes?: number;
733
+ };
734
+ };
735
+ /**
736
+ * Common spot instance configurations
737
+ */
738
+ presets: {
739
+ /**
740
+ * Standard spot (80% on-demand price)
741
+ */
742
+ standard: {
743
+ spotInstanceType: string;
744
+ interruptionBehavior: string;
745
+ };
746
+ /**
747
+ * Persistent spot (for long-running workloads)
748
+ */
749
+ persistent: {
750
+ spotInstanceType: string;
751
+ interruptionBehavior: string;
752
+ };
753
+ /**
754
+ * Cost-optimized (lower max price)
755
+ */
756
+ costOptimized: {
757
+ maxPrice: string;
758
+ spotInstanceType: string;
759
+ interruptionBehavior: string;
760
+ };
761
+ };
762
+ };
763
+ /**
764
+ * Mixed instances configuration for Auto Scaling Groups
765
+ * Provides Stacks configuration parity for mixed instance fleets
766
+ */
767
+ static readonly MixedInstances: {
768
+ /**
769
+ * Create mixed instances policy for ASG
770
+ */
771
+ create: (options: {
772
+ instanceTypes: Array<{
773
+ size: string;
774
+ weight?: number;
775
+ }>;
776
+ baseCapacity?: number;
777
+ onDemandPercentage?: number;
778
+ spotAllocationStrategy?: "lowest-price" | "capacity-optimized" | "capacity-optimized-prioritized";
779
+ spotMaxPrice?: string;
780
+ }) => {
781
+ MixedInstancesPolicy: {
782
+ InstancesDistribution: {
783
+ OnDemandBaseCapacity: number;
784
+ OnDemandPercentageAboveBaseCapacity: number;
785
+ SpotAllocationStrategy: string;
786
+ SpotMaxPrice?: string;
787
+ };
788
+ LaunchTemplate: {
789
+ Overrides: Array<{
790
+ InstanceType: string;
791
+ WeightedCapacity?: string;
792
+ }>;
793
+ };
794
+ };
795
+ };
796
+ /**
797
+ * Common mixed instance configurations
798
+ */
799
+ presets: {
800
+ /**
801
+ * Cost-optimized (80% spot)
802
+ */
803
+ costOptimized: {
804
+ baseCapacity: number;
805
+ onDemandPercentage: number;
806
+ spotAllocationStrategy: string;
807
+ instanceTypes: readonly [{
808
+ readonly size: "small";
809
+ readonly weight: 1;
810
+ }, {
811
+ readonly size: "medium";
812
+ readonly weight: 2;
813
+ }];
814
+ };
815
+ /**
816
+ * Balanced (50% spot)
817
+ */
818
+ balanced: {
819
+ baseCapacity: number;
820
+ onDemandPercentage: number;
821
+ spotAllocationStrategy: string;
822
+ instanceTypes: readonly [{
823
+ readonly size: "medium";
824
+ readonly weight: 1;
825
+ }, {
826
+ readonly size: "large";
827
+ readonly weight: 2;
828
+ }];
829
+ };
830
+ /**
831
+ * High availability (20% spot)
832
+ */
833
+ highAvailability: {
834
+ baseCapacity: number;
835
+ onDemandPercentage: number;
836
+ spotAllocationStrategy: string;
837
+ instanceTypes: readonly [{
838
+ readonly size: "medium";
839
+ readonly weight: 1;
840
+ }];
841
+ };
842
+ };
843
+ };
844
+ /**
845
+ * Auto-scaling configuration helpers
846
+ * Provides Stacks configuration parity for auto-scaling options
847
+ */
848
+ static readonly AutoScalingConfig: {
849
+ /**
850
+ * Create auto-scaling configuration
851
+ */
852
+ create: (options: {
853
+ min: number;
854
+ max: number;
855
+ desired?: number;
856
+ scaleUpThreshold?: number;
857
+ scaleDownThreshold?: number;
858
+ cooldownSeconds?: number;
859
+ targetMetric?: "cpu" | "memory" | "requests";
860
+ }) => {
861
+ minSize: number;
862
+ maxSize: number;
863
+ desiredCapacity: number;
864
+ scalingPolicies: Array<{
865
+ policyType: string;
866
+ targetValue: number;
867
+ predefinedMetricType: string;
868
+ scaleInCooldown: number;
869
+ scaleOutCooldown: number;
870
+ }>;
871
+ };
872
+ /**
873
+ * ECS auto-scaling configuration
874
+ */
875
+ forEcs: (options: {
876
+ min: number;
877
+ max: number;
878
+ cpuTarget?: number;
879
+ memoryTarget?: number;
880
+ }) => {
881
+ minCapacity: number;
882
+ maxCapacity: number;
883
+ targetTrackingPolicies: Array<{
884
+ predefinedMetricType: string;
885
+ targetValue: number;
886
+ }>;
887
+ };
888
+ /**
889
+ * Common auto-scaling configurations
890
+ */
891
+ presets: {
892
+ /**
893
+ * Small service (1-3 instances)
894
+ */
895
+ small: {
896
+ min: number;
897
+ max: number;
898
+ scaleUpThreshold: number;
899
+ scaleDownThreshold: number;
900
+ };
901
+ /**
902
+ * Medium service (2-10 instances)
903
+ */
904
+ medium: {
905
+ min: number;
906
+ max: number;
907
+ scaleUpThreshold: number;
908
+ scaleDownThreshold: number;
909
+ };
910
+ /**
911
+ * Large service (3-50 instances)
912
+ */
913
+ large: {
914
+ min: number;
915
+ max: number;
916
+ scaleUpThreshold: number;
917
+ scaleDownThreshold: number;
918
+ };
919
+ /**
920
+ * High availability (always 2+ instances)
921
+ */
922
+ highAvailability: {
923
+ min: number;
924
+ max: number;
925
+ scaleUpThreshold: number;
926
+ scaleDownThreshold: number;
927
+ };
928
+ };
929
+ };
930
+ /**
931
+ * Load balancer configuration helpers
932
+ * Provides Stacks configuration parity for load balancer options
933
+ */
934
+ static readonly LoadBalancerConfig: {
935
+ /**
936
+ * Create load balancer health check configuration
937
+ */
938
+ healthCheck: (options: {
939
+ path?: string;
940
+ interval?: number;
941
+ timeout?: number;
942
+ healthyThreshold?: number;
943
+ unhealthyThreshold?: number;
944
+ protocol?: "HTTP" | "HTTPS" | "TCP";
945
+ }) => {
946
+ HealthCheckPath?: string;
947
+ HealthCheckIntervalSeconds: number;
948
+ HealthCheckTimeoutSeconds: number;
949
+ HealthyThresholdCount: number;
950
+ UnhealthyThresholdCount: number;
951
+ HealthCheckProtocol?: string;
952
+ };
953
+ /**
954
+ * Common health check configurations
955
+ */
956
+ presets: {
957
+ /**
958
+ * Standard HTTP health check
959
+ */
960
+ standard: {
961
+ path: string;
962
+ interval: number;
963
+ timeout: number;
964
+ healthyThreshold: number;
965
+ unhealthyThreshold: number;
966
+ };
967
+ /**
968
+ * Fast health check (for quick failover)
969
+ */
970
+ fast: {
971
+ path: string;
972
+ interval: number;
973
+ timeout: number;
974
+ healthyThreshold: number;
975
+ unhealthyThreshold: number;
976
+ };
977
+ /**
978
+ * Relaxed health check (for slow-starting apps)
979
+ */
980
+ relaxed: {
981
+ path: string;
982
+ interval: number;
983
+ timeout: number;
984
+ healthyThreshold: number;
985
+ unhealthyThreshold: number;
986
+ };
987
+ };
988
+ };
989
+ /**
990
+ * SSL configuration helpers
991
+ * Provides Stacks configuration parity for SSL options
992
+ */
993
+ static readonly SslConfig: {
994
+ /**
995
+ * Create SSL listener configuration
996
+ */
997
+ httpsListener: (options: {
998
+ certificateArn: string;
999
+ targetGroupArn: string;
1000
+ port?: number;
1001
+ sslPolicy?: string;
1002
+ }) => {
1003
+ Port: number;
1004
+ Protocol: string;
1005
+ Certificates: Array<{
1006
+ CertificateArn: string;
1007
+ }>;
1008
+ SslPolicy: string;
1009
+ DefaultActions: Array<{
1010
+ Type: string;
1011
+ TargetGroupArn: string;
1012
+ }>;
1013
+ };
1014
+ /**
1015
+ * Create HTTP to HTTPS redirect listener
1016
+ */
1017
+ httpRedirectListener: (port?: number) => {
1018
+ Port: number;
1019
+ Protocol: string;
1020
+ DefaultActions: Array<{
1021
+ Type: string;
1022
+ RedirectConfig: {
1023
+ Protocol: string;
1024
+ Port: string;
1025
+ StatusCode: string;
1026
+ };
1027
+ }>;
1028
+ };
1029
+ /**
1030
+ * SSL policies (TLS versions)
1031
+ */
1032
+ policies: {
1033
+ readonly tls13: "ELBSecurityPolicy-TLS13-1-2-2021-06";
1034
+ readonly tls12: "ELBSecurityPolicy-TLS-1-2-Ext-2018-06";
1035
+ readonly tls11: "ELBSecurityPolicy-TLS-1-1-2017-01";
1036
+ readonly fips: "ELBSecurityPolicy-TLS-1-2-Ext-FIPS-2022-05";
1037
+ };
1038
+ };
1039
+ /**
1040
+ * Functions configuration helpers (Lambda)
1041
+ * Provides Stacks configuration parity for functions configuration
1042
+ */
1043
+ static readonly FunctionConfig: {
1044
+ /**
1045
+ * Create Lambda function configuration
1046
+ */
1047
+ create: (options: {
1048
+ handler: string;
1049
+ runtime?: string;
1050
+ timeout?: number;
1051
+ memorySize?: number;
1052
+ environmentVariables?: Record<string, string>;
1053
+ reservedConcurrency?: number;
1054
+ }) => {
1055
+ Handler: string;
1056
+ Runtime: string;
1057
+ Timeout: number;
1058
+ MemorySize: number;
1059
+ Environment?: {
1060
+ Variables: Record<string, string>;
1061
+ };
1062
+ ReservedConcurrentExecutions?: number;
1063
+ };
1064
+ /**
1065
+ * Runtime options
1066
+ */
1067
+ runtimes: {
1068
+ readonly nodejs20: "nodejs20.x";
1069
+ readonly nodejs18: "nodejs18.x";
1070
+ readonly python312: "python3.12";
1071
+ readonly python311: "python3.11";
1072
+ readonly java21: "java21";
1073
+ readonly java17: "java17";
1074
+ readonly go: "provided.al2023";
1075
+ readonly rust: "provided.al2023";
1076
+ };
1077
+ /**
1078
+ * Common function configurations
1079
+ */
1080
+ presets: {
1081
+ /**
1082
+ * API handler (fast response)
1083
+ */
1084
+ api: {
1085
+ runtime: string;
1086
+ timeout: number;
1087
+ memorySize: number;
1088
+ };
1089
+ /**
1090
+ * Worker (background processing)
1091
+ */
1092
+ worker: {
1093
+ runtime: string;
1094
+ timeout: number;
1095
+ memorySize: number;
1096
+ };
1097
+ /**
1098
+ * Cron job (scheduled task)
1099
+ */
1100
+ cron: {
1101
+ runtime: string;
1102
+ timeout: number;
1103
+ memorySize: number;
1104
+ };
1105
+ /**
1106
+ * Data processing (high memory)
1107
+ */
1108
+ dataProcessing: {
1109
+ runtime: string;
1110
+ timeout: number;
1111
+ memorySize: number;
1112
+ };
1113
+ };
1114
+ };
1115
+ /**
1116
+ * User data scripts for EC2 Server Mode (Forge-style)
1117
+ * Provides installation scripts for Bun, Node.js, Nginx, Caddy, PM2, etc.
1118
+ */
1119
+ static readonly UserData: {
1120
+ /**
1121
+ * Generate complete user data script for app server
1122
+ */
1123
+ generateAppServerScript: (options: {
1124
+ runtime?: "bun" | "node";
1125
+ runtimeVersion?: string;
1126
+ webServer?: "nginx" | "caddy" | "none";
1127
+ processManager?: "pm2" | "systemd";
1128
+ enableSsl?: boolean;
1129
+ sslEmail?: string;
1130
+ domain?: string;
1131
+ appPort?: number;
1132
+ installDatabaseClients?: boolean;
1133
+ installRedis?: boolean;
1134
+ extraPackages?: string[];
1135
+ }) => string;
1136
+ /**
1137
+ * Generate a minimal app-agnostic bootstrap script for Amazon Linux 2023.
1138
+ *
1139
+ * The instance is left in a "ready for deploys" state — runtime + tools +
1140
+ * `/var/www` exist, but no app-specific systemd services are created here.
1141
+ * Per-site systemd services (`<slug>-<site>.service`) are written by the
1142
+ * deploy command at `cloud deploy` time, since:
1143
+ * - Sites can be added/removed without re-bootstrapping
1144
+ * - Each site has its own dir, port, env, and ExecStart
1145
+ * - Multiple sites can share one EC2 instance
1146
+ */
1147
+ generateBunAppScript: (options: {
1148
+ runtime?: "bun" | "node" | "deno";
1149
+ runtimeVersion?: string;
1150
+ systemPackages?: string[];
1151
+ database?: "sqlite" | "mysql" | "postgres";
1152
+ }) => string;
1153
+ /**
1154
+ * Individual installation scripts
1155
+ */
1156
+ Scripts: {
1157
+ /**
1158
+ * Install Bun
1159
+ */
1160
+ bun: (version?: string) => string;
1161
+ /**
1162
+ * Install Node.js via nvm
1163
+ */
1164
+ nodeJs: (version?: string) => string;
1165
+ /**
1166
+ * Install Nginx
1167
+ */
1168
+ nginx: () => string;
1169
+ /**
1170
+ * Configure Nginx as reverse proxy
1171
+ */
1172
+ nginxProxy: (domain: string, port?: number) => string;
1173
+ /**
1174
+ * Install Caddy
1175
+ */
1176
+ caddy: () => string;
1177
+ /**
1178
+ * Configure Caddy as reverse proxy
1179
+ */
1180
+ caddyProxy: (domain: string, port?: number) => string;
1181
+ /**
1182
+ * Install PM2
1183
+ */
1184
+ pm2: () => string;
1185
+ /**
1186
+ * Install Let's Encrypt (certbot)
1187
+ */
1188
+ letsEncrypt: (domain: string, email: string, staging?: boolean) => string;
1189
+ /**
1190
+ * Install database clients
1191
+ */
1192
+ databaseClients: () => string;
1193
+ /**
1194
+ * Install Redis (server and cli)
1195
+ */
1196
+ redis: () => string;
1197
+ /**
1198
+ * Create systemd service for app
1199
+ */
1200
+ systemdService: (options: {
1201
+ serviceName: string;
1202
+ description: string;
1203
+ workingDirectory: string;
1204
+ execStart: string;
1205
+ user?: string;
1206
+ environmentVars?: Record<string, string>;
1207
+ }) => string;
1208
+ /**
1209
+ * Setup swap file
1210
+ */
1211
+ swapFile: (sizeGb?: number) => string;
1212
+ /**
1213
+ * Setup firewall (ufw)
1214
+ */
1215
+ firewall: (allowPorts?: number[]) => string;
1216
+ };
1217
+ /**
1218
+ * Preset user data configurations
1219
+ */
1220
+ Presets: {
1221
+ /**
1222
+ * Bun app server with Nginx
1223
+ */
1224
+ bunWithNginx: (domain: string, appPort?: number) => string;
1225
+ /**
1226
+ * Bun app server with Caddy (auto SSL)
1227
+ */
1228
+ bunWithCaddy: (domain: string, appPort?: number) => string;
1229
+ /**
1230
+ * Node.js app server with PM2 and Nginx
1231
+ */
1232
+ nodeWithPm2: (domain: string, appPort?: number) => string;
1233
+ /**
1234
+ * Minimal worker server (no web server)
1235
+ */
1236
+ worker: (runtime?: "bun" | "node") => string;
1237
+ };
1238
+ };
1239
+ /**
1240
+ * Create Elastic IP allocation
1241
+ */
1242
+ static createElasticIp(options: {
1243
+ slug: string;
1244
+ environment: EnvironmentType;
1245
+ domain?: string;
1246
+ instanceLogicalId?: string;
1247
+ }): {
1248
+ eip: any;
1249
+ eipAssociation?: any;
1250
+ eipLogicalId: string;
1251
+ associationLogicalId?: string;
1252
+ resources: Record<string, any>;
1253
+ };
1254
+ /**
1255
+ * Create complete Server Mode stack (Forge-style)
1256
+ * Creates EC2 instance with Elastic IP, security group, and IAM role
1257
+ */
1258
+ static createServerModeStack(options: {
1259
+ slug: string;
1260
+ environment: EnvironmentType;
1261
+ vpcId: string;
1262
+ subnetId: string;
1263
+ instanceType?: string;
1264
+ imageId?: string;
1265
+ keyName: string;
1266
+ domain?: string;
1267
+ userData?: string;
1268
+ allowedPorts?: number[];
1269
+ volumeSize?: number;
1270
+ volumeType?: 'gp2' | 'gp3' | 'io1' | 'io2';
1271
+ }): {
1272
+ instance: EC2Instance;
1273
+ securityGroup: EC2SecurityGroup;
1274
+ eip: any;
1275
+ eipAssociation: any;
1276
+ instanceRole: IAMRole;
1277
+ instanceProfile: any;
1278
+ resources: Record<string, any>;
1279
+ outputs: {
1280
+ instanceLogicalId: string;
1281
+ securityGroupLogicalId: string;
1282
+ eipLogicalId: string;
1283
+ associationLogicalId: string;
1284
+ roleLogicalId: string;
1285
+ profileLogicalId: string;
1286
+ };
1287
+ };
1288
+ /**
1289
+ * Server Mode presets for common server types
1290
+ */
1291
+ static readonly ServerMode: {
1292
+ /**
1293
+ * Create web/app server
1294
+ */
1295
+ webServer: (options: {
1296
+ slug: string;
1297
+ environment: EnvironmentType;
1298
+ vpcId: string;
1299
+ subnetId: string;
1300
+ keyName: string;
1301
+ domain: string;
1302
+ runtime?: "bun" | "node";
1303
+ webServer?: "nginx" | "caddy";
1304
+ }) => {
1305
+ instance: EC2Instance;
1306
+ securityGroup: EC2SecurityGroup;
1307
+ eip: any;
1308
+ eipAssociation: any;
1309
+ instanceRole: IAMRole;
1310
+ instanceProfile: any;
1311
+ resources: Record<string, any>;
1312
+ outputs: {
1313
+ instanceLogicalId: string;
1314
+ securityGroupLogicalId: string;
1315
+ eipLogicalId: string;
1316
+ associationLogicalId: string;
1317
+ roleLogicalId: string;
1318
+ profileLogicalId: string;
1319
+ };
1320
+ };
1321
+ /**
1322
+ * Create worker server (no web server)
1323
+ */
1324
+ workerServer: (options: {
1325
+ slug: string;
1326
+ environment: EnvironmentType;
1327
+ vpcId: string;
1328
+ subnetId: string;
1329
+ keyName: string;
1330
+ runtime?: "bun" | "node";
1331
+ installRedis?: boolean;
1332
+ }) => {
1333
+ instance: EC2Instance;
1334
+ securityGroup: EC2SecurityGroup;
1335
+ eip: any;
1336
+ eipAssociation: any;
1337
+ instanceRole: IAMRole;
1338
+ instanceProfile: any;
1339
+ resources: Record<string, any>;
1340
+ outputs: {
1341
+ instanceLogicalId: string;
1342
+ securityGroupLogicalId: string;
1343
+ eipLogicalId: string;
1344
+ associationLogicalId: string;
1345
+ roleLogicalId: string;
1346
+ profileLogicalId: string;
1347
+ };
1348
+ };
1349
+ /**
1350
+ * Create cache server (Redis)
1351
+ */
1352
+ cacheServer: (options: {
1353
+ slug: string;
1354
+ environment: EnvironmentType;
1355
+ vpcId: string;
1356
+ subnetId: string;
1357
+ keyName: string;
1358
+ }) => {
1359
+ instance: EC2Instance;
1360
+ securityGroup: EC2SecurityGroup;
1361
+ eip: any;
1362
+ eipAssociation: any;
1363
+ instanceRole: IAMRole;
1364
+ instanceProfile: any;
1365
+ resources: Record<string, any>;
1366
+ outputs: {
1367
+ instanceLogicalId: string;
1368
+ securityGroupLogicalId: string;
1369
+ eipLogicalId: string;
1370
+ associationLogicalId: string;
1371
+ roleLogicalId: string;
1372
+ profileLogicalId: string;
1373
+ };
1374
+ };
1375
+ };
1376
+ }