@ts-cloud/core 0.2.2 → 0.2.4

package/dist/deployment/progressive.d.ts

@@ -0,0 +1,50 @@
+/**
+ * Progressive Rollouts, Feature Flags, and Deployment Gates
+ */
+export interface ProgressiveRollout {
+    id: string;
+    name: string;
+    stages: Array<{
+        percentage: number;
+        durationMinutes: number;
+    }>;
+    currentStage: number;
+}
+export interface FeatureFlag {
+    id: string;
+    name: string;
+    enabled: boolean;
+    rolloutPercentage: number;
+    targetingRules: Array<{
+        attribute: string;
+        operator: string;
+        value: any;
+    }>;
+}
+export interface DeploymentGate {
+    id: string;
+    name: string;
+    type: 'manual' | 'automated';
+    approvers?: string[];
+    conditions?: Array<{
+        metric: string;
+        threshold: number;
+    }>;
+}
+export declare class ProgressiveDeploymentManager {
+    private rollouts;
+    private flags;
+    private gates;
+    private counter;
+    createProgressiveRollout(name: string, stages: Array<{
+        percentage: number;
+        durationMinutes: number;
+    }>): ProgressiveRollout;
+    createFeatureFlag(name: string, rolloutPercentage?: number): FeatureFlag;
+    createDeploymentGate(name: string, type: 'manual' | 'automated', approvers?: string[], conditions?: Array<{
+        metric: string;
+        threshold: number;
+    }>): DeploymentGate;
+    clear(): void;
+}
+export declare const progressiveDeploymentManager: ProgressiveDeploymentManager;

package/dist/dns/dns.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/dns/dnssec.d.ts

@@ -0,0 +1,120 @@
+/**
+ * DNSSEC Configuration
+ * DNS Security Extensions for Route53
+ */
+export interface DNSSECConfig {
+    id: string;
+    hostedZoneId: string;
+    status: 'SIGNING' | 'SIGNED' | 'NOT_SIGNING' | 'DELETING' | 'ACTION_NEEDED';
+    signingStatus?: string;
+    statusMessage?: string;
+}
+export interface KSK {
+    id: string;
+    name: string;
+    hostedZoneId: string;
+    status: 'ACTIVE' | 'INACTIVE' | 'DELETING' | 'ACTION_NEEDED';
+    keyManagementServiceArn: string;
+    dnskeyRecord?: string;
+    dsRecord?: string;
+    digestAlgorithm: number;
+    digestValue?: string;
+    flag: number;
+    keyTag?: number;
+    publicKey?: string;
+}
+export interface DNSSECValidation {
+    id: string;
+    domain: string;
+    validationStatus: 'VALID' | 'INVALID' | 'INSECURE' | 'BOGUS';
+    dnskeyPresent: boolean;
+    rrsigPresent: boolean;
+    validSignature: boolean;
+    errors: string[];
+}
+/**
+ * DNSSEC manager
+ */
+export declare class DNSSECManager {
+    private configs;
+    private ksks;
+    private validations;
+    private configCounter;
+    private kskCounter;
+    private validationCounter;
+    /**
+     * Enable DNSSEC
+     */
+    enableDNSSEC(options: {
+        hostedZoneId: string;
+        kmsKeyArn?: string;
+    }): DNSSECConfig;
+    /**
+     * Disable DNSSEC
+     */
+    disableDNSSEC(configId: string): DNSSECConfig;
+    /**
+     * Create KSK (Key-Signing Key)
+     */
+    createKSK(options: {
+        name: string;
+        hostedZoneId: string;
+        kmsKeyArn: string;
+    }): KSK;
+    /**
+     * Deactivate KSK
+     */
+    deactivateKSK(kskId: string): KSK;
+    /**
+     * Validate DNSSEC
+     */
+    validateDNSSEC(options: {
+        domain: string;
+        checkDNSKEY?: boolean;
+        checkRRSIG?: boolean;
+    }): DNSSECValidation;
+    /**
+     * Get DNSSEC config
+     */
+    getDNSSECConfig(id: string): DNSSECConfig | undefined;
+    /**
+     * List DNSSEC configs
+     */
+    listDNSSECConfigs(): DNSSECConfig[];
+    /**
+     * Get KSK
+     */
+    getKSK(id: string): KSK | undefined;
+    /**
+     * List KSKs
+     */
+    listKSKs(hostedZoneId?: string): KSK[];
+    /**
+     * Get DS record for parent zone
+     */
+    getDSRecord(kskId: string): string;
+    /**
+     * Generate public key (simulated)
+     */
+    private generatePublicKey;
+    /**
+     * Generate digest (simulated)
+     */
+    private generateDigest;
+    /**
+     * Generate CloudFormation for DNSSEC
+     */
+    generateDNSSECCF(config: DNSSECConfig): any;
+    /**
+     * Generate CloudFormation for KSK
+     */
+    generateKSKCF(ksk: KSK): any;
+    /**
+     * Clear all data
+     */
+    clear(): void;
+}
+/**
+ * Global DNSSEC manager instance
+ */
+export declare const dnssecManager: DNSSECManager;

package/dist/dns/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * DNS Advanced Features
+ * Routing policies, DNSSEC, and Route53 Resolver
+ */
+export * from './routing';
+export * from './dnssec';
+export * from './resolver';

package/dist/dns/resolver.d.ts

@@ -0,0 +1,216 @@
+/**
+ * Route53 Resolver
+ * DNS firewall, resolver rules, and endpoints
+ */
+export interface ResolverEndpoint {
+    id: string;
+    name: string;
+    direction: 'INBOUND' | 'OUTBOUND';
+    ipAddresses: ResolverIP[];
+    securityGroupIds: string[];
+    status: 'CREATING' | 'OPERATIONAL' | 'UPDATING' | 'DELETING' | 'ACTION_NEEDED';
+}
+export interface ResolverIP {
+    subnetId: string;
+    ip?: string;
+    ipv6?: string;
+}
+export interface ResolverRule {
+    id: string;
+    name: string;
+    ruleType: 'FORWARD' | 'SYSTEM' | 'RECURSIVE';
+    domainName: string;
+    targetIps?: TargetIP[];
+    resolverEndpointId?: string;
+    status: 'COMPLETE' | 'CREATING' | 'UPDATING' | 'DELETING' | 'FAILED';
+}
+export interface TargetIP {
+    ip: string;
+    port?: number;
+}
+export interface DNSFirewall {
+    id: string;
+    name: string;
+    firewallRuleGroupAssociations: FirewallRuleGroupAssociation[];
+}
+export interface FirewallRuleGroupAssociation {
+    id: string;
+    vpcId: string;
+    firewallRuleGroupId: string;
+    priority: number;
+    mutationProtection: 'ENABLED' | 'DISABLED';
+    status: 'COMPLETE' | 'CREATING' | 'UPDATING' | 'DELETING';
+}
+export interface FirewallRuleGroup {
+    id: string;
+    name: string;
+    rules: FirewallRule[];
+    shareStatus: 'NOT_SHARED' | 'SHARED_WITH_ME' | 'SHARED_BY_ME';
+}
+export interface FirewallRule {
+    id: string;
+    name: string;
+    priority: number;
+    action: 'ALLOW' | 'BLOCK' | 'ALERT';
+    blockResponse?: 'NODATA' | 'NXDOMAIN' | 'OVERRIDE';
+    blockOverrideDomain?: string;
+    blockOverrideTTL?: number;
+    firewallDomainListId: string;
+}
+export interface FirewallDomainList {
+    id: string;
+    name: string;
+    domains: string[];
+    status: 'COMPLETE' | 'CREATING' | 'UPDATING' | 'DELETING';
+}
+/**
+ * Route53 Resolver manager
+ */
+export declare class Route53ResolverManager {
+    private endpoints;
+    private rules;
+    private firewalls;
+    private ruleGroups;
+    private domainLists;
+    private endpointCounter;
+    private ruleCounter;
+    private firewallCounter;
+    private ruleGroupCounter;
+    private domainListCounter;
+    /**
+     * Create resolver endpoint
+     */
+    createResolverEndpoint(endpoint: Omit<ResolverEndpoint, 'id' | 'status'>): ResolverEndpoint;
+    /**
+     * Create inbound endpoint
+     */
+    createInboundEndpoint(options: {
+        name: string;
+        subnetIds: string[];
+        securityGroupIds: string[];
+    }): ResolverEndpoint;
+    /**
+     * Create outbound endpoint
+     */
+    createOutboundEndpoint(options: {
+        name: string;
+        subnetIds: string[];
+        securityGroupIds: string[];
+    }): ResolverEndpoint;
+    /**
+     * Create resolver rule
+     */
+    createResolverRule(rule: Omit<ResolverRule, 'id' | 'status'>): ResolverRule;
+    /**
+     * Create forward rule
+     */
+    createForwardRule(options: {
+        name: string;
+        domainName: string;
+        targetIps: TargetIP[];
+        resolverEndpointId: string;
+    }): ResolverRule;
+    /**
+     * Create system rule
+     */
+    createSystemRule(options: {
+        name: string;
+        domainName: string;
+    }): ResolverRule;
+    /**
+     * Create firewall domain list
+     */
+    createFirewallDomainList(options: {
+        name: string;
+        domains: string[];
+    }): FirewallDomainList;
+    /**
+     * Create firewall rule group
+     */
+    createFirewallRuleGroup(options: {
+        name: string;
+        rules: Omit<FirewallRule, 'id'>[];
+    }): FirewallRuleGroup;
+    /**
+     * Create block rule
+     */
+    createBlockRule(options: {
+        name: string;
+        priority: number;
+        domainListId: string;
+        blockResponse?: 'NODATA' | 'NXDOMAIN' | 'OVERRIDE';
+        blockOverrideDomain?: string;
+    }): FirewallRuleGroup;
+    /**
+     * Create allow rule
+     */
+    createAllowRule(options: {
+        name: string;
+        priority: number;
+        domainListId: string;
+    }): FirewallRuleGroup;
+    /**
+     * Create DNS firewall
+     */
+    createDNSFirewall(options: {
+        name: string;
+        vpcId: string;
+        ruleGroupAssociations: Array<{
+            firewallRuleGroupId: string;
+            priority: number;
+            mutationProtection?: 'ENABLED' | 'DISABLED';
+        }>;
+    }): DNSFirewall;
+    /**
+     * Create malware protection firewall
+     */
+    createMalwareProtectionFirewall(options: {
+        name: string;
+        vpcId: string;
+        maliciousDomains: string[];
+    }): DNSFirewall;
+    /**
+     * Get resolver endpoint
+     */
+    getEndpoint(id: string): ResolverEndpoint | undefined;
+    /**
+     * List resolver endpoints
+     */
+    listEndpoints(direction?: 'INBOUND' | 'OUTBOUND'): ResolverEndpoint[];
+    /**
+     * Get resolver rule
+     */
+    getRule(id: string): ResolverRule | undefined;
+    /**
+     * List resolver rules
+     */
+    listRules(): ResolverRule[];
+    /**
+     * Get firewall
+     */
+    getFirewall(id: string): DNSFirewall | undefined;
+    /**
+     * List firewalls
+     */
+    listFirewalls(): DNSFirewall[];
+    /**
+     * Generate CloudFormation for resolver endpoint
+     */
+    generateResolverEndpointCF(endpoint: ResolverEndpoint): any;
+    /**
+     * Generate CloudFormation for resolver rule
+     */
+    generateResolverRuleCF(rule: ResolverRule): any;
+    /**
+     * Generate CloudFormation for firewall rule group
+     */
+    generateFirewallRuleGroupCF(ruleGroup: FirewallRuleGroup): any;
+    /**
+     * Clear all data
+     */
+    clear(): void;
+}
+/**
+ * Global Route53 Resolver manager instance
+ */
+export declare const route53ResolverManager: Route53ResolverManager;

package/dist/dns/routing.d.ts

@@ -0,0 +1,277 @@
+/**
+ * Route53 Advanced Routing
+ * Health-based, geolocation, weighted, failover, and latency-based routing
+ */
+export interface RoutingPolicy {
+    id: string;
+    name: string;
+    type: 'simple' | 'weighted' | 'latency' | 'failover' | 'geolocation' | 'geoproximity' | 'multivalue';
+    recordSetId?: string;
+}
+export interface WeightedRoutingPolicy extends RoutingPolicy {
+    type: 'weighted';
+    weight: number;
+    setIdentifier: string;
+    healthCheckId?: string;
+}
+export interface LatencyRoutingPolicy extends RoutingPolicy {
+    type: 'latency';
+    region: string;
+    setIdentifier: string;
+    healthCheckId?: string;
+}
+export interface FailoverRoutingPolicy extends RoutingPolicy {
+    type: 'failover';
+    failoverType: 'PRIMARY' | 'SECONDARY';
+    setIdentifier: string;
+    healthCheckId: string;
+}
+export interface GeolocationRoutingPolicy extends RoutingPolicy {
+    type: 'geolocation';
+    continent?: string;
+    country?: string;
+    subdivision?: string;
+    setIdentifier: string;
+    healthCheckId?: string;
+}
+export interface GeoproximityRoutingPolicy extends RoutingPolicy {
+    type: 'geoproximity';
+    coordinates?: {
+        latitude: number;
+        longitude: number;
+    };
+    awsRegion?: string;
+    bias?: number;
+    setIdentifier: string;
+    healthCheckId?: string;
+}
+export interface HealthCheck {
+    id: string;
+    name: string;
+    type: 'http' | 'https' | 'tcp' | 'calculated' | 'cloudwatch_metric';
+    resourcePath?: string;
+    fullyQualifiedDomainName?: string;
+    ipAddress?: string;
+    port?: number;
+    requestInterval: number;
+    failureThreshold: number;
+    healthCheckStatus: 'Healthy' | 'Unhealthy' | 'Unknown';
+    measureLatency?: boolean;
+    enableSNI?: boolean;
+}
+export interface CalculatedHealthCheck extends HealthCheck {
+    type: 'calculated';
+    childHealthChecks: string[];
+    healthThreshold: number;
+}
+export interface TrafficPolicy {
+    id: string;
+    name: string;
+    version: number;
+    document: TrafficPolicyDocument;
+}
+export interface TrafficPolicyDocument {
+    recordType: 'A' | 'AAAA' | 'CNAME';
+    startRule: string;
+    endpoints: Record<string, TrafficPolicyEndpoint>;
+    rules: Record<string, TrafficPolicyRule>;
+}
+export interface TrafficPolicyEndpoint {
+    type: 'value' | 'cloudfront' | 'elastic_load_balancer' | 's3_website';
+    value?: string;
+    region?: string;
+}
+export interface TrafficPolicyRule {
+    ruleType: 'failover' | 'geoproximity' | 'latency' | 'weighted' | 'multivalue';
+    primary?: string;
+    secondary?: string;
+    locations?: Array<{
+        endpointReference: string;
+        region?: string;
+        latitude?: number;
+        longitude?: number;
+        bias?: number;
+    }>;
+    items?: Array<{
+        endpointReference: string;
+        weight?: number;
+    }>;
+}
+/**
+ * Route53 routing policy manager
+ */
+export declare class Route53RoutingManager {
+    private policies;
+    private healthChecks;
+    private trafficPolicies;
+    private policyCounter;
+    private healthCheckCounter;
+    private trafficPolicyCounter;
+    /**
+     * Create weighted routing policy
+     */
+    createWeightedPolicy(options: {
+        name: string;
+        weight: number;
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): WeightedRoutingPolicy;
+    /**
+     * Create latency routing policy
+     */
+    createLatencyPolicy(options: {
+        name: string;
+        region: string;
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): LatencyRoutingPolicy;
+    /**
+     * Create failover routing policy
+     */
+    createFailoverPolicy(options: {
+        name: string;
+        failoverType: 'PRIMARY' | 'SECONDARY';
+        setIdentifier: string;
+        healthCheckId: string;
+    }): FailoverRoutingPolicy;
+    /**
+     * Create geolocation routing policy
+     */
+    createGeolocationPolicy(options: {
+        name: string;
+        continent?: string;
+        country?: string;
+        subdivision?: string;
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): GeolocationRoutingPolicy;
+    /**
+     * Create geoproximity routing policy
+     */
+    createGeoproximityPolicy(options: {
+        name: string;
+        coordinates?: {
+            latitude: number;
+            longitude: number;
+        };
+        awsRegion?: string;
+        bias?: number;
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): GeoproximityRoutingPolicy;
+    /**
+     * Create HTTP health check
+     */
+    createHTTPHealthCheck(options: {
+        name: string;
+        resourcePath: string;
+        fullyQualifiedDomainName?: string;
+        ipAddress?: string;
+        port?: number;
+        requestInterval?: number;
+        failureThreshold?: number;
+        enableSNI?: boolean;
+    }): HealthCheck;
+    /**
+     * Create TCP health check
+     */
+    createTCPHealthCheck(options: {
+        name: string;
+        ipAddress: string;
+        port: number;
+        requestInterval?: number;
+        failureThreshold?: number;
+    }): HealthCheck;
+    /**
+     * Create calculated health check
+     */
+    createCalculatedHealthCheck(options: {
+        name: string;
+        childHealthChecks: string[];
+        healthThreshold: number;
+    }): CalculatedHealthCheck;
+    /**
+     * Create traffic policy
+     */
+    createTrafficPolicy(policy: Omit<TrafficPolicy, 'id' | 'version'>): TrafficPolicy;
+    /**
+     * Create failover traffic policy
+     */
+    createFailoverTrafficPolicy(options: {
+        name: string;
+        primaryEndpoint: string;
+        secondaryEndpoint: string;
+        recordType?: 'A' | 'AAAA' | 'CNAME';
+    }): TrafficPolicy;
+    /**
+     * Create geoproximity traffic policy
+     */
+    createGeoproximityTrafficPolicy(options: {
+        name: string;
+        locations: Array<{
+            endpoint: string;
+            region?: string;
+            latitude?: number;
+            longitude?: number;
+            bias?: number;
+        }>;
+    }): TrafficPolicy;
+    /**
+     * Get routing policy
+     */
+    getPolicy(id: string): RoutingPolicy | undefined;
+    /**
+     * List routing policies
+     */
+    listPolicies(): RoutingPolicy[];
+    /**
+     * Get health check
+     */
+    getHealthCheck(id: string): HealthCheck | undefined;
+    /**
+     * List health checks
+     */
+    listHealthChecks(): HealthCheck[];
+    /**
+     * Get health check status
+     */
+    getHealthCheckStatus(id: string): 'Healthy' | 'Unhealthy' | 'Unknown';
+    /**
+     * Generate CloudFormation for health check
+     */
+    generateHealthCheckCF(healthCheck: HealthCheck): any;
+    /**
+     * Generate CloudFormation for weighted record set
+     */
+    generateWeightedRecordSetCF(options: {
+        hostedZoneId: string;
+        name: string;
+        type: 'A' | 'AAAA' | 'CNAME';
+        ttl: number;
+        resourceRecords: string[];
+        weight: number;
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): any;
+    /**
+     * Generate CloudFormation for failover record set
+     */
+    generateFailoverRecordSetCF(options: {
+        hostedZoneId: string;
+        name: string;
+        type: 'A' | 'AAAA' | 'CNAME';
+        ttl: number;
+        resourceRecords: string[];
+        failover: 'PRIMARY' | 'SECONDARY';
+        setIdentifier: string;
+        healthCheckId?: string;
+    }): any;
+    /**
+     * Clear all data
+     */
+    clear(): void;
+}
+/**
+ * Global Route53 routing manager instance
+ */
+export declare const route53RoutingManager: Route53RoutingManager;