npm - @ttoss/lambda-postgres-query - Versions diffs - 0.6.2 → 1.1.0 - Mend

@ttoss/lambda-postgres-query 0.6.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md +240 -56
package/dist/cloudformation/index.d.cts +21 -7
package/dist/cloudformation/index.d.ts +21 -7
package/dist/cloudformation/index.js +305 -304
package/dist/esm/cloudformation/index.js +300 -299
package/dist/esm/index.js +2 -2
package/dist/index.d.cts +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.js +2 -2
package/package.json +13 -13

package/dist/cloudformation/index.js CHANGED Viewed

@@ -31,280 +31,339 @@ var __toCommonJS = mod => __copyProps(__defProp({}, "__esModule", {
 // src/cloudformation/index.ts
 var cloudformation_exports = {};
 __export(cloudformation_exports, {
+  DATABASE_PARAMETERS_DEFAULT: () => DATABASE_PARAMETERS_DEFAULT,
   HANDLER_DEFAULT: () => HANDLER_DEFAULT,
-  HANDLER_READ_ONLY_DEFAULT: () => HANDLER_READ_ONLY_DEFAULT,
+  LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME: () => LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME,
   MEMORY_SIZE_DEFAULT: () => MEMORY_SIZE_DEFAULT,
   TIMEOUT_DEFAULT: () => TIMEOUT_DEFAULT,
   createLambdaPostgresQueryTemplate: () => createLambdaPostgresQueryTemplate,
-  handler: () => handler,
-  readOnlyHandler: () => readOnlyHandler
+  handler: () => handler
 });
 module.exports = __toCommonJS(cloudformation_exports);
 // src/cloudformation/createLambdaPostgresQueryTemplate.ts
 var HANDLER_DEFAULT = "handler.handler";
-var HANDLER_READ_ONLY_DEFAULT = "handler.readOnlyHandler";
+var LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME = "LambdaPostgresQueryFunction";
 var MEMORY_SIZE_DEFAULT = 128;
 var TIMEOUT_DEFAULT = 30;
-var createLambdaPostgresQueryTemplate = /* @__PURE__ */__name(({
-  handler: handler2 = HANDLER_DEFAULT,
-  readOnlyHandler: readOnlyHandler2 = HANDLER_READ_ONLY_DEFAULT,
-  memorySize = 128,
-  timeout = 30
-} = {}) => {
+var DATABASE_PARAMETERS_DEFAULT = {
+  host: "DatabaseHost",
+  name: "DatabaseName",
+  username: "DatabaseUsername",
+  password: "DatabasePassword",
+  port: "DatabasePort"
+};
+var createParameter = /* @__PURE__ */__name(({
+  description,
+  noEcho,
+  defaultValue
+}) => {
   return {
-    AWSTemplateFormatVersion: "2010-09-09",
-    Description: "A Lambda function to query PostgreSQL.",
-    Parameters: {
-      DatabaseHost: {
-        Type: "String",
-        Description: "Database host."
-      },
-      DatabaseHostReadOnly: {
-        Type: "String",
-        Description: "Database host read only."
-      },
-      DatabaseName: {
-        Type: "String",
-        Description: "Database name."
-      },
-      DatabaseUsername: {
-        Type: "String",
-        Description: "Database username."
-      },
-      DatabasePassword: {
-        Type: "String",
-        Description: "Database password.",
-        NoEcho: true
-      },
-      DatabasePort: {
-        Type: "String",
-        Default: "5432",
-        Description: "Database port."
-      },
-      DatabaseNameReadOnly: {
-        Type: "String",
-        Description: "Database name for read-only access."
-      },
-      DatabaseUsernameReadOnly: {
-        Type: "String",
-        Description: "Database username for read-only access."
-      },
-      DatabasePasswordReadOnly: {
-        Type: "String",
-        Description: "Database password for read-only access.",
-        NoEcho: true
-      },
-      DatabasePortReadOnly: {
-        Type: "String",
-        Default: "5432",
-        Description: "Database port for read-only access."
-      },
-      LambdaS3Bucket: {
-        Type: "String",
-        Description: "The S3 bucket where the Lambda code is stored."
-      },
-      LambdaS3Key: {
-        Type: "String",
-        Description: "The S3 key where the Lambda code is stored."
-      },
-      LambdaS3ObjectVersion: {
-        Type: "String",
-        Description: "The S3 object version of the Lambda code."
-      },
-      SecurityGroupIds: {
-        Description: "Security Group IDs",
-        Type: "List<AWS::EC2::SecurityGroup::Id>"
-      },
-      SubnetIds: {
-        Description: "Subnet IDs",
-        Type: "List<AWS::EC2::Subnet::Id>"
-      }
-    },
-    Resources: {
-      LambdaQueryExecutionRole: {
-        Type: "AWS::IAM::Role",
-        Properties: {
-          AssumeRolePolicyDocument: {
-            Version: "2012-10-17",
-            Statement: [{
-              Effect: "Allow",
-              Principal: {
-                Service: "lambda.amazonaws.com"
-              },
-              Action: "sts:AssumeRole"
-            }]
-          },
-          ManagedPolicyArns: ["arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]
-        }
-      },
-      LambdaQueryFunction: {
-        Type: "AWS::Lambda::Function",
-        Properties: {
-          Code: {
-            S3Bucket: {
-              Ref: "LambdaS3Bucket"
-            },
-            S3Key: {
-              Ref: "LambdaS3Key"
-            },
-            S3ObjectVersion: {
-              Ref: "LambdaS3ObjectVersion"
-            }
-          },
-          MemorySize: memorySize,
-          Timeout: timeout,
-          Handler: handler2,
-          Role: {
-            "Fn::GetAtt": ["LambdaQueryExecutionRole", "Arn"]
+    Type: "String",
+    Description: description,
+    ...(noEcho ? {
+      NoEcho: true
+    } : {}),
+    ...(defaultValue ? {
+      Default: defaultValue
+    } : {})
+  };
+}, "createParameter");
+var createDefaultFunction = /* @__PURE__ */__name(() => {
+  return {
+    name: LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME,
+    handler: HANDLER_DEFAULT,
+    databaseParameters: DATABASE_PARAMETERS_DEFAULT,
+    outputArnName: "LambdaPostgresQueryFunctionArn"
+  };
+}, "createDefaultFunction");
+var resolveFunctionName = /* @__PURE__ */__name(({
+  name,
+  logicalId
+}) => {
+  const functionName = name || logicalId;
+  return functionName || LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME;
+}, "resolveFunctionName");
+var normalizeFunctions = /* @__PURE__ */__name(({
+  functions
+}) => {
+  if (!functions?.length) {
+    return [createDefaultFunction()];
+  }
+  return functions.map(lambdaFunction => {
+    const functionName = resolveFunctionName({
+      name: lambdaFunction.name,
+      logicalId: lambdaFunction.logicalId
+    });
+    return {
+      name: functionName,
+      handler: lambdaFunction.handler || HANDLER_DEFAULT,
+      outputArnName: lambdaFunction.outputArnName || `${functionName}Arn`,
+      databaseParameters: lambdaFunction.databaseParameters || DATABASE_PARAMETERS_DEFAULT
+    };
+  });
+}, "normalizeFunctions");
+var createDatabaseParametersForFunction = /* @__PURE__ */__name(({
+  databaseParameters,
+  functionName,
+  allParameters
+}) => {
+  return {
+    [databaseParameters.host]: allParameters[databaseParameters.host] || createParameter({
+      description: `Database host for ${functionName}.`
+    }),
+    [databaseParameters.name]: allParameters[databaseParameters.name] || createParameter({
+      description: `Database name for ${functionName}.`
+    }),
+    [databaseParameters.username]: allParameters[databaseParameters.username] || createParameter({
+      description: `Database username for ${functionName}.`
+    }),
+    [databaseParameters.password]: allParameters[databaseParameters.password] || createParameter({
+      description: `Database password for ${functionName}.`,
+      noEcho: true
+    }),
+    [databaseParameters.port]: allParameters[databaseParameters.port] || createParameter({
+      description: `Database port for ${functionName}.`,
+      defaultValue: "5432"
+    })
+  };
+}, "createDatabaseParametersForFunction");
+var createCredentialsParameters = /* @__PURE__ */__name(({
+  functions
+}) => {
+  return functions.reduce((allParameters, lambdaFunction) => {
+    return {
+      ...allParameters,
+      ...createDatabaseParametersForFunction({
+        databaseParameters: lambdaFunction.databaseParameters,
+        functionName: lambdaFunction.name,
+        allParameters
+      })
+    };
+  }, {});
+}, "createCredentialsParameters");
+var createLambdaResource = /* @__PURE__ */__name(({
+  functionName,
+  handler: handler2,
+  databaseParameters,
+  memorySize,
+  timeout,
+  deletionProtection
+}) => {
+  const resourcePolicies = deletionProtection ? {
+    DeletionPolicy: "Retain",
+    UpdateReplacePolicy: "Retain"
+  } : {};
+  return {
+    [functionName]: {
+      Type: "AWS::Lambda::Function",
+      ...resourcePolicies,
+      Properties: {
+        Code: {
+          S3Bucket: {
+            Ref: "LambdaS3Bucket"
           },
-          Runtime: "nodejs24.x",
-          Environment: {
-            Variables: {
-              DATABASE_HOST: {
-                Ref: "DatabaseHost"
-              },
-              DATABASE_NAME: {
-                Ref: "DatabaseName"
-              },
-              DATABASE_USERNAME: {
-                Ref: "DatabaseUsername"
-              },
-              DATABASE_PASSWORD: {
-                Ref: "DatabasePassword"
-              },
-              DATABASE_PORT: {
-                Ref: "DatabasePort"
-              }
-            }
+          S3Key: {
+            Ref: "LambdaS3Key"
           },
-          VpcConfig: {
-            SecurityGroupIds: {
-              Ref: "SecurityGroupIds"
-            },
-            SubnetIds: {
-              Ref: "SubnetIds"
-            }
+          S3ObjectVersion: {
+            Ref: "LambdaS3ObjectVersion"
           }
-        }
-      },
-      LambdaQueryFunctionLogs: {
-        Type: "AWS::Logs::LogGroup",
-        DependsOn: "LambdaQueryFunction",
-        Properties: {
-          LogGroupName: {
-            "Fn::Join": ["", ["/aws/lambda/", {
-              Ref: "LambdaQueryFunction"
-            }]]
-          },
-          RetentionInDays: 3
-        }
-      },
-      LambdaReadOnlyQueryFunction: {
-        Type: "AWS::Lambda::Function",
-        Properties: {
-          Code: {
-            S3Bucket: {
-              Ref: "LambdaS3Bucket"
+        },
+        MemorySize: memorySize,
+        Timeout: timeout,
+        Handler: handler2,
+        Role: {
+          "Fn::GetAtt": ["LambdaQueryExecutionRole", "Arn"]
+        },
+        Runtime: "nodejs24.x",
+        Environment: {
+          Variables: {
+            DATABASE_HOST: {
+              Ref: databaseParameters.host
             },
-            S3Key: {
-              Ref: "LambdaS3Key"
+            DATABASE_NAME: {
+              Ref: databaseParameters.name
             },
-            S3ObjectVersion: {
-              Ref: "LambdaS3ObjectVersion"
-            }
-          },
-          MemorySize: memorySize,
-          Timeout: timeout,
-          Handler: readOnlyHandler2,
-          Role: {
-            "Fn::GetAtt": ["LambdaQueryExecutionRole", "Arn"]
-          },
-          Runtime: "nodejs24.x",
-          Environment: {
-            Variables: {
-              DATABASE_HOST: {
-                Ref: "DatabaseHost"
-              },
-              DATABASE_NAME: {
-                Ref: "DatabaseName"
-              },
-              DATABASE_USERNAME: {
-                Ref: "DatabaseUsername"
-              },
-              DATABASE_PASSWORD: {
-                Ref: "DatabasePassword"
-              },
-              DATABASE_PORT: {
-                Ref: "DatabasePort"
-              },
-              DATABASE_HOST_READ_ONLY: {
-                Ref: "DatabaseHostReadOnly"
-              },
-              DATABASE_NAME_READ_ONLY: {
-                Ref: "DatabaseNameReadOnly"
-              },
-              DATABASE_USERNAME_READ_ONLY: {
-                Ref: "DatabaseUsernameReadOnly"
-              },
-              DATABASE_PASSWORD_READ_ONLY: {
-                Ref: "DatabasePasswordReadOnly"
-              },
-              DATABASE_PORT_READ_ONLY: {
-                Ref: "DatabasePortReadOnly"
-              }
-            }
-          },
-          VpcConfig: {
-            SecurityGroupIds: {
-              Ref: "SecurityGroupIds"
+            DATABASE_USERNAME: {
+              Ref: databaseParameters.username
+            },
+            DATABASE_PASSWORD: {
+              Ref: databaseParameters.password
             },
-            SubnetIds: {
-              Ref: "SubnetIds"
+            DATABASE_PORT: {
+              Ref: databaseParameters.port
             }
           }
-        }
-      },
-      LambdaReadOnlyQueryFunctionLogs: {
-        Type: "AWS::Logs::LogGroup",
-        DependsOn: "LambdaReadOnlyQueryFunction",
-        Properties: {
-          LogGroupName: {
-            "Fn::Join": ["", ["/aws/lambda/", {
-              Ref: "LambdaReadOnlyQueryFunction"
-            }]]
+        },
+        VpcConfig: {
+          SecurityGroupIds: {
+            Ref: "SecurityGroupIds"
           },
-          RetentionInDays: 3
+          SubnetIds: {
+            Ref: "SubnetIds"
+          }
         }
       }
-    },
-    Outputs: {
-      LambdaPostgresQueryFunction: {
-        Description: "Lambda function to query PostgreSQL.",
-        Value: {
-          Ref: "LambdaQueryFunction"
-        }
-      },
-      LambdaPostgresQueryFunctionArn: {
-        Description: "Lambda function to query PostgreSQL ARN.",
-        Value: {
-          "Fn::GetAtt": ["LambdaQueryFunction", "Arn"]
-        }
-      },
-      LambdaPostgresReadOnlyQueryFunction: {
-        Description: "Lambda function to query PostgreSQL (read-only).",
+    }
+  };
+}, "createLambdaResource");
+var createLambdaLogResource = /* @__PURE__ */__name(({
+  logicalId
+}) => {
+  return {
+    [`${logicalId}Logs`]: {
+      Type: "AWS::Logs::LogGroup",
+      DependsOn: logicalId,
+      Properties: {
+        LogGroupName: {
+          "Fn::Join": ["", ["/aws/lambda/", {
+            Ref: logicalId
+          }]]
+        },
+        RetentionInDays: 3
+      }
+    }
+  };
+}, "createLambdaLogResource");
+var createResources = /* @__PURE__ */__name(({
+  functions,
+  memorySize,
+  timeout,
+  deletionProtection
+}) => {
+  return functions.reduce((allResources, lambdaFunction) => {
+    const {
+      name,
+      handler: handler2,
+      databaseParameters
+    } = lambdaFunction;
+    return {
+      ...allResources,
+      ...createLambdaResource({
+        functionName: name,
+        handler: handler2,
+        databaseParameters,
+        memorySize,
+        timeout,
+        deletionProtection
+      }),
+      ...createLambdaLogResource({
+        logicalId: name
+      })
+    };
+  }, {});
+}, "createResources");
+var createOutputs = /* @__PURE__ */__name(({
+  functions
+}) => {
+  return functions.reduce((allOutputs, lambdaFunction) => {
+    const {
+      name,
+      outputArnName
+    } = lambdaFunction;
+    return {
+      ...allOutputs,
+      [name]: {
+        Description: `Lambda function to query PostgreSQL (${name}).`,
         Value: {
-          Ref: "LambdaReadOnlyQueryFunction"
+          Ref: name
         }
       },
-      LambdaPostgresReadOnlyQueryFunctionArn: {
-        Description: "Lambda function to query PostgreSQL (read-only) ARN.",
+      [outputArnName]: {
+        Description: `Lambda function to query PostgreSQL (${name}) ARN.`,
         Value: {
-          "Fn::GetAtt": ["LambdaReadOnlyQueryFunction", "Arn"]
+          "Fn::GetAtt": [name, "Arn"]
+        },
+        Export: {
+          Name: {
+            "Fn::Sub": `\${AWS::StackName}-${outputArnName}`
+          }
         }
       }
+    };
+  }, {});
+}, "createOutputs");
+var createTemplateParameters = /* @__PURE__ */__name(({
+  credentialsParameters
+}) => {
+  return {
+    ...credentialsParameters,
+    LambdaS3Bucket: {
+      Type: "String",
+      Description: "The S3 bucket where the Lambda code is stored."
+    },
+    LambdaS3Key: {
+      Type: "String",
+      Description: "The S3 key where the Lambda code is stored."
+    },
+    LambdaS3ObjectVersion: {
+      Type: "String",
+      Description: "The S3 object version of the Lambda code."
+    },
+    SecurityGroupIds: {
+      Description: "Security Group IDs",
+      Type: "List<AWS::EC2::SecurityGroup::Id>"
+    },
+    SubnetIds: {
+      Description: "Subnet IDs",
+      Type: "List<AWS::EC2::Subnet::Id>"
     }
   };
+}, "createTemplateParameters");
+var createExecutionRoleResource = /* @__PURE__ */__name(() => {
+  return {
+    LambdaQueryExecutionRole: {
+      Type: "AWS::IAM::Role",
+      Properties: {
+        AssumeRolePolicyDocument: {
+          Version: "2012-10-17",
+          Statement: [{
+            Effect: "Allow",
+            Principal: {
+              Service: "lambda.amazonaws.com"
+            },
+            Action: "sts:AssumeRole"
+          }]
+        },
+        ManagedPolicyArns: ["arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"]
+      }
+    }
+  };
+}, "createExecutionRoleResource");
+var createLambdaPostgresQueryTemplate = /* @__PURE__ */__name(({
+  functions,
+  memorySize = MEMORY_SIZE_DEFAULT,
+  timeout = TIMEOUT_DEFAULT,
+  deletionProtection = false
+} = {}) => {
+  const templateFunctions = normalizeFunctions({
+    functions
+  });
+  const credentialsParameters = createCredentialsParameters({
+    functions: templateFunctions
+  });
+  const templateResources = createResources({
+    functions: templateFunctions,
+    memorySize,
+    timeout,
+    deletionProtection
+  });
+  const templateOutputs = createOutputs({
+    functions: templateFunctions
+  });
+  return {
+    AWSTemplateFormatVersion: "2010-09-09",
+    Description: "A Lambda function to query PostgreSQL.",
+    Parameters: createTemplateParameters({
+      credentialsParameters
+    }),
+    Resources: {
+      ...createExecutionRoleResource(),
+      ...templateResources
+    },
+    Outputs: templateOutputs
+  };
 }, "createLambdaPostgresQueryTemplate");
 // src/cloudformation/lambdaQueryHandler.ts
@@ -338,71 +397,13 @@ var handler = /* @__PURE__ */__name(async event => {
     throw error;
   }
 }, "handler");
-// src/cloudformation/lambdaReadOnlyQueryHandler.ts
-var import_pg2 = require("pg");
-var databaseReadOnly = process.env.DATABASE_NAME_READ_ONLY;
-var usernameReadOnly = process.env.DATABASE_USERNAME_READ_ONLY;
-var passwordReadOnly = process.env.DATABASE_PASSWORD_READ_ONLY;
-var hostReadOnly = process.env.DATABASE_HOST_READ_ONLY;
-var portReadOnly = process.env.DATABASE_PORT_READ_ONLY;
-var getConnectionConfig = /* @__PURE__ */__name(() => {
-  return {
-    database: databaseReadOnly || process.env.DATABASE_NAME,
-    username: usernameReadOnly || process.env.DATABASE_USERNAME,
-    password: passwordReadOnly || process.env.DATABASE_PASSWORD,
-    host: hostReadOnly || process.env.DATABASE_HOST,
-    port: portReadOnly || process.env.DATABASE_PORT
-  };
-}, "getConnectionConfig");
-var readOnlyHandler = /* @__PURE__ */__name(async event => {
-  if (!databaseReadOnly && !usernameReadOnly && !passwordReadOnly && !hostReadOnly && !portReadOnly) {
-    throw new Error("At least one read-only override must be defined (DATABASE_NAME_READ_ONLY, DATABASE_USERNAME_READ_ONLY, DATABASE_PASSWORD_READ_ONLY, DATABASE_HOST_READ_ONLY, DATABASE_PORT_READ_ONLY). Unset overrides fall back to the corresponding non-read-only env vars.");
-  }
-  const {
-    database: database2,
-    username: username2,
-    password: password2,
-    host: host2,
-    port: port2
-  } = getConnectionConfig();
-  try {
-    const client = new import_pg2.Client({
-      database: database2,
-      user: username2,
-      password: password2,
-      host: host2,
-      port: Number(port2)
-    });
-    await client.connect();
-    try {
-      await client.query("BEGIN READ ONLY");
-      try {
-        const res = await client.query(event);
-        await client.query("COMMIT");
-        return res;
-      } catch (queryError) {
-        await client.query("ROLLBACK");
-        throw queryError;
-      }
-    } finally {
-      await client.end();
-    }
-  } catch (error) {
-    console.error("Error running read-only query", {
-      error,
-      event
-    });
-    throw error;
-  }
-}, "readOnlyHandler");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  DATABASE_PARAMETERS_DEFAULT,
   HANDLER_DEFAULT,
-  HANDLER_READ_ONLY_DEFAULT,
+  LAMBDA_POSTGRES_QUERY_FUNCTION_DEFAULT_NAME,
   MEMORY_SIZE_DEFAULT,
   TIMEOUT_DEFAULT,
   createLambdaPostgresQueryTemplate,
-  handler,
-  readOnlyHandler
+  handler
 });