@webiny/project-aws 0.0.0-unstable.3c5210ad37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +11 -0
- package/_templates/appTemplates/admin/src/App.scss +2 -0
- package/_templates/appTemplates/admin/src/App.tsx +13 -0
- package/_templates/appTemplates/admin/src/Extensions.tsx +7 -0
- package/_templates/appTemplates/admin/src/index.tsx +11 -0
- package/_templates/appTemplates/admin/tsconfig.json +7 -0
- package/_templates/appTemplates/admin/webiny.application.ts +3 -0
- package/_templates/appTemplates/admin/webiny.config.ts +3 -0
- package/_templates/appTemplates/api/graphql/package.json +43 -0
- package/_templates/appTemplates/api/graphql/src/extensions.ts +9 -0
- package/_templates/appTemplates/api/graphql/src/index.ts +80 -0
- package/_templates/appTemplates/api/graphql/src/security.ts +43 -0
- package/_templates/appTemplates/api/graphql/tsconfig.json +7 -0
- package/_templates/appTemplates/api/graphql/webiny.config.ts +8 -0
- package/_templates/appTemplates/api/migration/src/index.ts +23 -0
- package/_templates/appTemplates/api/migration/tsconfig.json +7 -0
- package/_templates/appTemplates/api/migration/webiny.config.ts +8 -0
- package/_templates/appTemplates/api/webiny.application.ts +3 -0
- package/_templates/appTemplates/blueGreen/webiny.application.ts +3 -0
- package/_templates/appTemplates/core/webiny.application.ts +3 -0
- package/_templates/appTemplates/syncSystem/webiny.application.ts +3 -0
- package/_templates/extensions/ApiLambdaFunction/package.json +9 -0
- package/_templates/extensions/ApiLambdaFunction/tsconfig.json +7 -0
- package/_templates/extensions/ApiLambdaFunction/webiny.config.ts +8 -0
- package/_templates/extensions/OpenSearch/api/graphql/src/index.ts +90 -0
- package/_templates/extensions/OpenSearch/api/migration/src/index.ts +33 -0
- package/_templates/extensions/OpenSearch/coreDdbToEsHandler/dynamoToElastic/src/index.ts +15 -0
- package/_templates/extensions/OpenSearch/coreDdbToEsHandler/dynamoToElastic/tsconfig.json +7 -0
- package/_templates/extensions/OpenSearch/coreDdbToEsHandler/dynamoToElastic/webiny.config.ts +8 -0
- package/abstractions/ApiGqlClient.d.ts +23 -0
- package/abstractions/ApiGqlClient.js +4 -0
- package/abstractions/ApiGqlClient.js.map +1 -0
- package/abstractions/InvokeLambdaFunction.d.ts +18 -0
- package/abstractions/InvokeLambdaFunction.js +4 -0
- package/abstractions/InvokeLambdaFunction.js.map +1 -0
- package/abstractions/index.d.ts +5 -0
- package/abstractions/index.js +7 -0
- package/abstractions/index.js.map +1 -0
- package/abstractions/services/AdminStackOutputService.d.ts +13 -0
- package/abstractions/services/AdminStackOutputService.js +4 -0
- package/abstractions/services/AdminStackOutputService.js.map +1 -0
- package/abstractions/services/ApiStackOutputService.d.ts +30 -0
- package/abstractions/services/ApiStackOutputService.js +4 -0
- package/abstractions/services/ApiStackOutputService.js.map +1 -0
- package/abstractions/services/CoreStackOutputService.d.ts +16 -0
- package/abstractions/services/CoreStackOutputService.js +4 -0
- package/abstractions/services/CoreStackOutputService.js.map +1 -0
- package/admin.d.ts +22 -0
- package/admin.js +7 -0
- package/admin.js.map +1 -0
- package/api.d.ts +22 -0
- package/api.js +7 -0
- package/api.js.map +1 -0
- package/apps/createAdminApp.d.ts +15 -0
- package/apps/createAdminApp.js +15 -0
- package/apps/createAdminApp.js.map +1 -0
- package/apps/createAdminAppConfig.d.ts +2 -0
- package/apps/createAdminAppConfig.js +21 -0
- package/apps/createAdminAppConfig.js.map +1 -0
- package/apps/createApiApp.d.ts +65 -0
- package/apps/createApiApp.js +25 -0
- package/apps/createApiApp.js.map +1 -0
- package/apps/createBlueGreenApp.d.ts +24 -0
- package/apps/createBlueGreenApp.js +20 -0
- package/apps/createBlueGreenApp.js.map +1 -0
- package/apps/createCoreApp.d.ts +36 -0
- package/apps/createCoreApp.js +16 -0
- package/apps/createCoreApp.js.map +1 -0
- package/apps/createReactAppConfig.d.ts +53 -0
- package/apps/createReactAppConfig.js +79 -0
- package/apps/createReactAppConfig.js.map +1 -0
- package/apps/createSyncSystemApp.d.ts +21 -0
- package/apps/createSyncSystemApp.js +11 -0
- package/apps/createSyncSystemApp.js.map +1 -0
- package/apps/index.d.ts +7 -0
- package/apps/index.js +9 -0
- package/apps/index.js.map +1 -0
- package/cli.d.ts +9 -0
- package/cli.js +6 -0
- package/cli.js.map +1 -0
- package/exports/extensions.d.ts +5 -0
- package/exports/extensions.js +7 -0
- package/exports/extensions.js.map +1 -0
- package/exports/infra/admin.d.ts +1 -0
- package/exports/infra/admin.js +3 -0
- package/exports/infra/admin.js.map +1 -0
- package/exports/infra/api.d.ts +1 -0
- package/exports/infra/api.js +3 -0
- package/exports/infra/api.js.map +1 -0
- package/exports/infra/core.d.ts +1 -0
- package/exports/infra/core.js +3 -0
- package/exports/infra/core.js.map +1 -0
- package/exports/infra/index.d.ts +1 -0
- package/exports/infra/index.js +3 -0
- package/exports/infra/index.js.map +1 -0
- package/extensions/ApiLambdaFunction.d.ts +11 -0
- package/extensions/ApiLambdaFunction.js +68 -0
- package/extensions/ApiLambdaFunction.js.map +1 -0
- package/extensions/AwsDefaultRegion.d.ts +8 -0
- package/extensions/AwsDefaultRegion.js +22 -0
- package/extensions/AwsDefaultRegion.js.map +1 -0
- package/extensions/OpenSearch/EnsureOsServiceRoleBeforeCoreDeploy.d.ts +10 -0
- package/extensions/OpenSearch/EnsureOsServiceRoleBeforeCoreDeploy.js +40 -0
- package/extensions/OpenSearch/EnsureOsServiceRoleBeforeCoreDeploy.js.map +1 -0
- package/extensions/OpenSearch/EnsureOsWasDeployed.d.ts +11 -0
- package/extensions/OpenSearch/EnsureOsWasDeployed.js +34 -0
- package/extensions/OpenSearch/EnsureOsWasDeployed.js.map +1 -0
- package/extensions/OpenSearch/InjectDdbEsLambdaFnHandler.d.ts +12 -0
- package/extensions/OpenSearch/InjectDdbEsLambdaFnHandler.js +31 -0
- package/extensions/OpenSearch/InjectDdbEsLambdaFnHandler.js.map +1 -0
- package/extensions/OpenSearch/ReplaceApiLambdaFnHandlers.d.ts +12 -0
- package/extensions/OpenSearch/ReplaceApiLambdaFnHandlers.js +32 -0
- package/extensions/OpenSearch/ReplaceApiLambdaFnHandlers.js.map +1 -0
- package/extensions/OpenSearch.d.ts +17 -0
- package/extensions/OpenSearch.js +35 -0
- package/extensions/OpenSearch.js.map +1 -0
- package/extensions/ProjectAws/AdminStackOutputService.d.ts +1 -0
- package/extensions/ProjectAws/AdminStackOutputService.js +3 -0
- package/extensions/ProjectAws/AdminStackOutputService.js.map +1 -0
- package/extensions/ProjectAws/ApiStackOutputService.d.ts +1 -0
- package/extensions/ProjectAws/ApiStackOutputService.js +3 -0
- package/extensions/ProjectAws/ApiStackOutputService.js.map +1 -0
- package/extensions/ProjectAws/AutoInstall/AutoInstallAfterApiDeploy.d.ts +17 -0
- package/extensions/ProjectAws/AutoInstall/AutoInstallAfterApiDeploy.js +108 -0
- package/extensions/ProjectAws/AutoInstall/AutoInstallAfterApiDeploy.js.map +1 -0
- package/extensions/ProjectAws/AutoInstall.d.ts +33 -0
- package/extensions/ProjectAws/AutoInstall.js +19 -0
- package/extensions/ProjectAws/AutoInstall.js.map +1 -0
- package/extensions/ProjectAws/BlueGreenDeployments/EnsureVariantBeforeDeploy.d.ts +10 -0
- package/extensions/ProjectAws/BlueGreenDeployments/EnsureVariantBeforeDeploy.js +27 -0
- package/extensions/ProjectAws/BlueGreenDeployments/EnsureVariantBeforeDeploy.js.map +1 -0
- package/extensions/ProjectAws/BlueGreenDeployments/PrintDeploymentInfoAfterDeploy.d.ts +20 -0
- package/extensions/ProjectAws/BlueGreenDeployments/PrintDeploymentInfoAfterDeploy.js +54 -0
- package/extensions/ProjectAws/BlueGreenDeployments/PrintDeploymentInfoAfterDeploy.js.map +1 -0
- package/extensions/ProjectAws/BlueGreenDeployments/SetPrimaryVariantCliCommand.d.ts +18 -0
- package/extensions/ProjectAws/BlueGreenDeployments/SetPrimaryVariantCliCommand.js +60 -0
- package/extensions/ProjectAws/BlueGreenDeployments/SetPrimaryVariantCliCommand.js.map +1 -0
- package/extensions/ProjectAws/BuildAppWorkspace.d.ts +12 -0
- package/extensions/ProjectAws/BuildAppWorkspace.js +66 -0
- package/extensions/ProjectAws/BuildAppWorkspace.js.map +1 -0
- package/extensions/ProjectAws/CoreStackOutputService.d.ts +1 -0
- package/extensions/ProjectAws/CoreStackOutputService.js +3 -0
- package/extensions/ProjectAws/CoreStackOutputService.js.map +1 -0
- package/extensions/ProjectAws/ExecuteDataMigrations.d.ts +16 -0
- package/extensions/ProjectAws/ExecuteDataMigrations.js +69 -0
- package/extensions/ProjectAws/ExecuteDataMigrations.js.map +1 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVars.d.ts +13 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVars.js +43 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVars.js.map +1 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeBuild.d.ts +13 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeBuild.js +24 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeBuild.js.map +1 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeWatch.d.ts +13 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeWatch.js +24 -0
- package/extensions/ProjectAws/SetAdminEnvVars/SetAdminEnvVarsBeforeWatch.js.map +1 -0
- package/extensions/ProjectAws/SetDatabaseSetupOutput.d.ts +10 -0
- package/extensions/ProjectAws/SetDatabaseSetupOutput.js +29 -0
- package/extensions/ProjectAws/SetDatabaseSetupOutput.js.map +1 -0
- package/extensions/ProjectAws/UploadAdminAppToS3.d.ts +13 -0
- package/extensions/ProjectAws/UploadAdminAppToS3.js +69 -0
- package/extensions/ProjectAws/UploadAdminAppToS3.js.map +1 -0
- package/extensions/ProjectAws/definitions.d.ts +3 -0
- package/extensions/ProjectAws/definitions.js +9 -0
- package/extensions/ProjectAws/definitions.js.map +1 -0
- package/extensions/ProjectAws.d.ts +2 -0
- package/extensions/ProjectAws.js +52 -0
- package/extensions/ProjectAws.js.map +1 -0
- package/extensions/definitions.d.ts +3 -0
- package/extensions/definitions.js +6 -0
- package/extensions/definitions.js.map +1 -0
- package/extensions/index.d.ts +5 -0
- package/extensions/index.js +7 -0
- package/extensions/index.js.map +1 -0
- package/features/ApiGqlClient.d.ts +21 -0
- package/features/ApiGqlClient.js +59 -0
- package/features/ApiGqlClient.js.map +1 -0
- package/features/InvokeLambdaFunction.d.ts +10 -0
- package/features/InvokeLambdaFunction.js +38 -0
- package/features/InvokeLambdaFunction.js.map +1 -0
- package/features/index.d.ts +2 -0
- package/features/index.js +4 -0
- package/features/index.js.map +1 -0
- package/index.d.ts +6 -0
- package/index.js +8 -0
- package/index.js.map +1 -0
- package/infra.d.ts +425 -0
- package/infra.js +54 -0
- package/infra.js.map +1 -0
- package/package.json +60 -0
- package/project.d.ts +139 -0
- package/project.js +10 -0
- package/project.js.map +1 -0
- package/pulumi/apps/admin/createAdminPulumiApp.d.ts +12 -0
- package/pulumi/apps/admin/createAdminPulumiApp.js +52 -0
- package/pulumi/apps/admin/createAdminPulumiApp.js.map +1 -0
- package/pulumi/apps/admin/index.d.ts +1 -0
- package/pulumi/apps/admin/index.js +3 -0
- package/pulumi/apps/admin/index.js.map +1 -0
- package/pulumi/apps/api/ApiBackgroundTask.d.ts +12 -0
- package/pulumi/apps/api/ApiBackgroundTask.js +148 -0
- package/pulumi/apps/api/ApiBackgroundTask.js.map +1 -0
- package/pulumi/apps/api/ApiCloudfront.d.ts +3 -0
- package/pulumi/apps/api/ApiCloudfront.js +136 -0
- package/pulumi/apps/api/ApiCloudfront.js.map +1 -0
- package/pulumi/apps/api/ApiFileManager.d.ts +11 -0
- package/pulumi/apps/api/ApiFileManager.js +39 -0
- package/pulumi/apps/api/ApiFileManager.js.map +1 -0
- package/pulumi/apps/api/ApiGateway.d.ts +18 -0
- package/pulumi/apps/api/ApiGateway.js +80 -0
- package/pulumi/apps/api/ApiGateway.js.map +1 -0
- package/pulumi/apps/api/ApiGraphql.d.ts +22 -0
- package/pulumi/apps/api/ApiGraphql.js +164 -0
- package/pulumi/apps/api/ApiGraphql.js.map +1 -0
- package/pulumi/apps/api/ApiMigration.d.ts +5 -0
- package/pulumi/apps/api/ApiMigration.js +83 -0
- package/pulumi/apps/api/ApiMigration.js.map +1 -0
- package/pulumi/apps/api/ApiOutput.d.ts +23 -0
- package/pulumi/apps/api/ApiOutput.js +36 -0
- package/pulumi/apps/api/ApiOutput.js.map +1 -0
- package/pulumi/apps/api/ApiScheduler.d.ts +8 -0
- package/pulumi/apps/api/ApiScheduler.js +100 -0
- package/pulumi/apps/api/ApiScheduler.js.map +1 -0
- package/pulumi/apps/api/ApiWebsocket.d.ts +14 -0
- package/pulumi/apps/api/ApiWebsocket.js +138 -0
- package/pulumi/apps/api/ApiWebsocket.js.map +1 -0
- package/pulumi/apps/api/backgroundTask/definition.d.ts +7 -0
- package/pulumi/apps/api/backgroundTask/definition.js +149 -0
- package/pulumi/apps/api/backgroundTask/definition.js.map +1 -0
- package/pulumi/apps/api/backgroundTask/policy.d.ts +8 -0
- package/pulumi/apps/api/backgroundTask/policy.js +26 -0
- package/pulumi/apps/api/backgroundTask/policy.js.map +1 -0
- package/pulumi/apps/api/backgroundTask/role.d.ts +9 -0
- package/pulumi/apps/api/backgroundTask/role.js +32 -0
- package/pulumi/apps/api/backgroundTask/role.js.map +1 -0
- package/pulumi/apps/api/backgroundTask/types.d.ts +91 -0
- package/pulumi/apps/api/backgroundTask/types.js +14 -0
- package/pulumi/apps/api/backgroundTask/types.js.map +1 -0
- package/pulumi/apps/api/createApiPulumiApp.d.ts +57 -0
- package/pulumi/apps/api/createApiPulumiApp.js +281 -0
- package/pulumi/apps/api/createApiPulumiApp.js.map +1 -0
- package/pulumi/apps/api/handleGuardDutyEvents.d.ts +2 -0
- package/pulumi/apps/api/handleGuardDutyEvents.js +55 -0
- package/pulumi/apps/api/handleGuardDutyEvents.js.map +1 -0
- package/pulumi/apps/api/index.d.ts +9 -0
- package/pulumi/apps/api/index.js +11 -0
- package/pulumi/apps/api/index.js.map +1 -0
- package/pulumi/apps/awsUtils.d.ts +5 -0
- package/pulumi/apps/awsUtils.js +34 -0
- package/pulumi/apps/awsUtils.js.map +1 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterApiGateway.d.ts +11 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterApiGateway.js +44 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterApiGateway.js.map +1 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFront.d.ts +17 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFront.js +100 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFront.js.map +1 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFrontStore.d.ts +10 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFrontStore.js +20 -0
- package/pulumi/apps/blueGreen/BlueGreenRouterCloudFrontStore.js.map +1 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontDefaultCacheBehaviorPolicies.d.ts +7 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontDefaultCacheBehaviorPolicies.js +15 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontDefaultCacheBehaviorPolicies.js.map +1 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontFunctionDomainMap.d.ts +14 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontFunctionDomainMap.js +23 -0
- package/pulumi/apps/blueGreen/cloudfront/createCloudFrontFunctionDomainMap.js.map +1 -0
- package/pulumi/apps/blueGreen/cloudfront/createOriginId.d.ts +11 -0
- package/pulumi/apps/blueGreen/cloudfront/createOriginId.js +10 -0
- package/pulumi/apps/blueGreen/cloudfront/createOriginId.js.map +1 -0
- package/pulumi/apps/blueGreen/constants.d.ts +3 -0
- package/pulumi/apps/blueGreen/constants.js +5 -0
- package/pulumi/apps/blueGreen/constants.js.map +1 -0
- package/pulumi/apps/blueGreen/createBlueGreenPulumiApp.d.ts +15 -0
- package/pulumi/apps/blueGreen/createBlueGreenPulumiApp.js +122 -0
- package/pulumi/apps/blueGreen/createBlueGreenPulumiApp.js.map +1 -0
- package/pulumi/apps/blueGreen/domains/attachDomainsToOutput.d.ts +9 -0
- package/pulumi/apps/blueGreen/domains/attachDomainsToOutput.js +30 -0
- package/pulumi/apps/blueGreen/domains/attachDomainsToOutput.js.map +1 -0
- package/pulumi/apps/blueGreen/domains/convertApplicationDomains.d.ts +6 -0
- package/pulumi/apps/blueGreen/domains/convertApplicationDomains.js +23 -0
- package/pulumi/apps/blueGreen/domains/convertApplicationDomains.js.map +1 -0
- package/pulumi/apps/blueGreen/domains/getApplicationDomains.d.ts +18 -0
- package/pulumi/apps/blueGreen/domains/getApplicationDomains.js +73 -0
- package/pulumi/apps/blueGreen/domains/getApplicationDomains.js.map +1 -0
- package/pulumi/apps/blueGreen/domains/resolveDomains.d.ts +6 -0
- package/pulumi/apps/blueGreen/domains/resolveDomains.js +41 -0
- package/pulumi/apps/blueGreen/domains/resolveDomains.js.map +1 -0
- package/pulumi/apps/blueGreen/functions/buildHandlerFunction.d.ts +15 -0
- package/pulumi/apps/blueGreen/functions/buildHandlerFunction.js +18 -0
- package/pulumi/apps/blueGreen/functions/buildHandlerFunction.js.map +1 -0
- package/pulumi/apps/blueGreen/functions/handler.d.ts +1 -0
- package/pulumi/apps/blueGreen/functions/handler.js +60 -0
- package/pulumi/apps/blueGreen/functions/handler.js.map +1 -0
- package/pulumi/apps/blueGreen/types.d.ts +77 -0
- package/pulumi/apps/blueGreen/types.js +3 -0
- package/pulumi/apps/blueGreen/types.js.map +1 -0
- package/pulumi/apps/blueGreen/validation/validateDeployments.d.ts +2 -0
- package/pulumi/apps/blueGreen/validation/validateDeployments.js +33 -0
- package/pulumi/apps/blueGreen/validation/validateDeployments.js.map +1 -0
- package/pulumi/apps/common/CoreOutput.d.ts +38 -0
- package/pulumi/apps/common/CoreOutput.js +46 -0
- package/pulumi/apps/common/CoreOutput.js.map +1 -0
- package/pulumi/apps/common/VpcConfig.d.ts +8 -0
- package/pulumi/apps/common/VpcConfig.js +25 -0
- package/pulumi/apps/common/VpcConfig.js.map +1 -0
- package/pulumi/apps/common/index.d.ts +2 -0
- package/pulumi/apps/common/index.js +4 -0
- package/pulumi/apps/common/index.js.map +1 -0
- package/pulumi/apps/core/CoreAuditLogsDynamo.d.ts +5 -0
- package/pulumi/apps/core/CoreAuditLogsDynamo.js +186 -0
- package/pulumi/apps/core/CoreAuditLogsDynamo.js.map +1 -0
- package/pulumi/apps/core/CoreCognito.d.ts +10 -0
- package/pulumi/apps/core/CoreCognito.js +110 -0
- package/pulumi/apps/core/CoreCognito.js.map +1 -0
- package/pulumi/apps/core/CoreDynamo.d.ts +5 -0
- package/pulumi/apps/core/CoreDynamo.js +74 -0
- package/pulumi/apps/core/CoreDynamo.js.map +1 -0
- package/pulumi/apps/core/CoreEventBus.d.ts +1 -0
- package/pulumi/apps/core/CoreEventBus.js +13 -0
- package/pulumi/apps/core/CoreEventBus.js.map +1 -0
- package/pulumi/apps/core/CoreFileManager.d.ts +11 -0
- package/pulumi/apps/core/CoreFileManager.js +72 -0
- package/pulumi/apps/core/CoreFileManager.js.map +1 -0
- package/pulumi/apps/core/CoreOpenSearch.d.ts +16 -0
- package/pulumi/apps/core/CoreOpenSearch.js +299 -0
- package/pulumi/apps/core/CoreOpenSearch.js.map +1 -0
- package/pulumi/apps/core/CoreVpc.d.ts +13 -0
- package/pulumi/apps/core/CoreVpc.js +160 -0
- package/pulumi/apps/core/CoreVpc.js.map +1 -0
- package/pulumi/apps/core/LogDynamo.d.ts +5 -0
- package/pulumi/apps/core/LogDynamo.js +122 -0
- package/pulumi/apps/core/LogDynamo.js.map +1 -0
- package/pulumi/apps/core/WatchCommand.d.ts +7 -0
- package/pulumi/apps/core/WatchCommand.js +105 -0
- package/pulumi/apps/core/WatchCommand.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/amazon.d.ts +9 -0
- package/pulumi/apps/core/cognitoIdentityProviders/amazon.js +24 -0
- package/pulumi/apps/core/cognitoIdentityProviders/amazon.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/apple.d.ts +4 -0
- package/pulumi/apps/core/cognitoIdentityProviders/apple.js +19 -0
- package/pulumi/apps/core/cognitoIdentityProviders/apple.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/configure.d.ts +28 -0
- package/pulumi/apps/core/cognitoIdentityProviders/configure.js +57 -0
- package/pulumi/apps/core/cognitoIdentityProviders/configure.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/facebook.d.ts +4 -0
- package/pulumi/apps/core/cognitoIdentityProviders/facebook.js +19 -0
- package/pulumi/apps/core/cognitoIdentityProviders/facebook.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/getIdpConfig.d.ts +3 -0
- package/pulumi/apps/core/cognitoIdentityProviders/getIdpConfig.js +17 -0
- package/pulumi/apps/core/cognitoIdentityProviders/getIdpConfig.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/google.d.ts +4 -0
- package/pulumi/apps/core/cognitoIdentityProviders/google.js +19 -0
- package/pulumi/apps/core/cognitoIdentityProviders/google.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/index.d.ts +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/index.js +3 -0
- package/pulumi/apps/core/cognitoIdentityProviders/index.js.map +1 -0
- package/pulumi/apps/core/cognitoIdentityProviders/oidc.d.ts +4 -0
- package/pulumi/apps/core/cognitoIdentityProviders/oidc.js +20 -0
- package/pulumi/apps/core/cognitoIdentityProviders/oidc.js.map +1 -0
- package/pulumi/apps/core/configureS3BucketMalwareProtection.d.ts +2 -0
- package/pulumi/apps/core/configureS3BucketMalwareProtection.js +195 -0
- package/pulumi/apps/core/configureS3BucketMalwareProtection.js.map +1 -0
- package/pulumi/apps/core/createCorePulumiApp.d.ts +32 -0
- package/pulumi/apps/core/createCorePulumiApp.js +295 -0
- package/pulumi/apps/core/createCorePulumiApp.js.map +1 -0
- package/pulumi/apps/core/index.d.ts +8 -0
- package/pulumi/apps/core/index.js +10 -0
- package/pulumi/apps/core/index.js.map +1 -0
- package/pulumi/apps/core/webinyWatchCommand/handler.d.ts +28 -0
- package/pulumi/apps/core/webinyWatchCommand/handler.js +37 -0
- package/pulumi/apps/core/webinyWatchCommand/handler.js.map +1 -0
- package/pulumi/apps/createAppBucket.d.ts +17 -0
- package/pulumi/apps/createAppBucket.js +152 -0
- package/pulumi/apps/createAppBucket.js.map +1 -0
- package/pulumi/apps/customDomain.d.ts +9 -0
- package/pulumi/apps/customDomain.js +9 -0
- package/pulumi/apps/customDomain.js.map +1 -0
- package/pulumi/apps/extensions/getAwsTagsFromExtension.d.ts +2 -0
- package/pulumi/apps/extensions/getAwsTagsFromExtension.js +10 -0
- package/pulumi/apps/extensions/getAwsTagsFromExtension.js.map +1 -0
- package/pulumi/apps/extensions/getBgDeploymentsConfigFromExtension.d.ts +23 -0
- package/pulumi/apps/extensions/getBgDeploymentsConfigFromExtension.js +10 -0
- package/pulumi/apps/extensions/getBgDeploymentsConfigFromExtension.js.map +1 -0
- package/pulumi/apps/extensions/getOsConfigFromExtension.d.ts +7 -0
- package/pulumi/apps/extensions/getOsConfigFromExtension.js +33 -0
- package/pulumi/apps/extensions/getOsConfigFromExtension.js.map +1 -0
- package/pulumi/apps/extensions/getVpcConfigFromExtension.d.ts +15 -0
- package/pulumi/apps/extensions/getVpcConfigFromExtension.js +29 -0
- package/pulumi/apps/extensions/getVpcConfigFromExtension.js.map +1 -0
- package/pulumi/apps/index.d.ts +6 -0
- package/pulumi/apps/index.js +8 -0
- package/pulumi/apps/index.js.map +1 -0
- package/pulumi/apps/lambdaUtils.d.ts +11 -0
- package/pulumi/apps/lambdaUtils.js +70 -0
- package/pulumi/apps/lambdaUtils.js.map +1 -0
- package/pulumi/apps/react/createReactPulumiApp.d.ts +32 -0
- package/pulumi/apps/react/createReactPulumiApp.js +150 -0
- package/pulumi/apps/react/createReactPulumiApp.js.map +1 -0
- package/pulumi/apps/react/index.d.ts +1 -0
- package/pulumi/apps/react/index.js +3 -0
- package/pulumi/apps/react/index.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamo.d.ts +5 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamo.js +56 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamo.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamoDb.d.ts +3 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamoDb.js +52 -0
- package/pulumi/apps/syncSystem/SyncSystemDynamoDb.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemEventBus.d.ts +6 -0
- package/pulumi/apps/syncSystem/SyncSystemEventBus.js +77 -0
- package/pulumi/apps/syncSystem/SyncSystemEventBus.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemLambda.d.ts +11 -0
- package/pulumi/apps/syncSystem/SyncSystemLambda.js +99 -0
- package/pulumi/apps/syncSystem/SyncSystemLambda.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemOutput.d.ts +3 -0
- package/pulumi/apps/syncSystem/SyncSystemOutput.js +18 -0
- package/pulumi/apps/syncSystem/SyncSystemOutput.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemResolverLambda.d.ts +8 -0
- package/pulumi/apps/syncSystem/SyncSystemResolverLambda.js +73 -0
- package/pulumi/apps/syncSystem/SyncSystemResolverLambda.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemSQS.d.ts +3 -0
- package/pulumi/apps/syncSystem/SyncSystemSQS.js +54 -0
- package/pulumi/apps/syncSystem/SyncSystemSQS.js.map +1 -0
- package/pulumi/apps/syncSystem/SyncSystemWorkerLambda.d.ts +7 -0
- package/pulumi/apps/syncSystem/SyncSystemWorkerLambda.js +52 -0
- package/pulumi/apps/syncSystem/SyncSystemWorkerLambda.js.map +1 -0
- package/pulumi/apps/syncSystem/addTableItems.d.ts +8 -0
- package/pulumi/apps/syncSystem/addTableItems.js +51 -0
- package/pulumi/apps/syncSystem/addTableItems.js.map +1 -0
- package/pulumi/apps/syncSystem/api/addServiceManifest.d.ts +8 -0
- package/pulumi/apps/syncSystem/api/addServiceManifest.js +18 -0
- package/pulumi/apps/syncSystem/api/addServiceManifest.js.map +1 -0
- package/pulumi/apps/syncSystem/api/attachCognitoPermissions.d.ts +14 -0
- package/pulumi/apps/syncSystem/api/attachCognitoPermissions.js +59 -0
- package/pulumi/apps/syncSystem/api/attachCognitoPermissions.js.map +1 -0
- package/pulumi/apps/syncSystem/api/attachDynamoDbPermissions.d.ts +13 -0
- package/pulumi/apps/syncSystem/api/attachDynamoDbPermissions.js +44 -0
- package/pulumi/apps/syncSystem/api/attachDynamoDbPermissions.js.map +1 -0
- package/pulumi/apps/syncSystem/api/attachEventBusPermissions.d.ts +17 -0
- package/pulumi/apps/syncSystem/api/attachEventBusPermissions.js +48 -0
- package/pulumi/apps/syncSystem/api/attachEventBusPermissions.js.map +1 -0
- package/pulumi/apps/syncSystem/api/attachS3Permissions.d.ts +14 -0
- package/pulumi/apps/syncSystem/api/attachS3Permissions.js +51 -0
- package/pulumi/apps/syncSystem/api/attachS3Permissions.js.map +1 -0
- package/pulumi/apps/syncSystem/api/index.d.ts +8 -0
- package/pulumi/apps/syncSystem/api/index.js +55 -0
- package/pulumi/apps/syncSystem/api/index.js.map +1 -0
- package/pulumi/apps/syncSystem/constants.d.ts +1 -0
- package/pulumi/apps/syncSystem/constants.js +3 -0
- package/pulumi/apps/syncSystem/constants.js.map +1 -0
- package/pulumi/apps/syncSystem/createSyncResourceName.d.ts +4 -0
- package/pulumi/apps/syncSystem/createSyncResourceName.js +10 -0
- package/pulumi/apps/syncSystem/createSyncResourceName.js.map +1 -0
- package/pulumi/apps/syncSystem/createSyncSystemPulumiApp.d.ts +26 -0
- package/pulumi/apps/syncSystem/createSyncSystemPulumiApp.js +181 -0
- package/pulumi/apps/syncSystem/createSyncSystemPulumiApp.js.map +1 -0
- package/pulumi/apps/syncSystem/customApp.d.ts +6 -0
- package/pulumi/apps/syncSystem/customApp.js +19 -0
- package/pulumi/apps/syncSystem/customApp.js.map +1 -0
- package/pulumi/apps/syncSystem/getSyncSystemOutput.d.ts +3 -0
- package/pulumi/apps/syncSystem/getSyncSystemOutput.js +10 -0
- package/pulumi/apps/syncSystem/getSyncSystemOutput.js.map +1 -0
- package/pulumi/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.d.ts +7 -0
- package/pulumi/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js +48 -0
- package/pulumi/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js.map +1 -0
- package/pulumi/apps/syncSystem/types.d.ts +56 -0
- package/pulumi/apps/syncSystem/types.js +3 -0
- package/pulumi/apps/syncSystem/types.js.map +1 -0
- package/pulumi/constants.d.ts +1 -0
- package/pulumi/constants.js +4 -0
- package/pulumi/constants.js.map +1 -0
- package/pulumi/env/awsRegion.d.ts +1 -0
- package/pulumi/env/awsRegion.js +6 -0
- package/pulumi/env/awsRegion.js.map +1 -0
- package/pulumi/env/base.d.ts +15 -0
- package/pulumi/env/base.js +29 -0
- package/pulumi/env/base.js.map +1 -0
- package/pulumi/env/env.d.ts +1 -0
- package/pulumi/env/env.js +6 -0
- package/pulumi/env/env.js.map +1 -0
- package/pulumi/env/projectName.d.ts +1 -0
- package/pulumi/env/projectName.js +6 -0
- package/pulumi/env/projectName.js.map +1 -0
- package/pulumi/env/variant.d.ts +1 -0
- package/pulumi/env/variant.js +7 -0
- package/pulumi/env/variant.js.map +1 -0
- package/pulumi/extensions/AdminCustomDomains.d.ts +14 -0
- package/pulumi/extensions/AdminCustomDomains.js +16 -0
- package/pulumi/extensions/AdminCustomDomains.js.map +1 -0
- package/pulumi/extensions/AwsTags.d.ts +8 -0
- package/pulumi/extensions/AwsTags.js +15 -0
- package/pulumi/extensions/AwsTags.js.map +1 -0
- package/pulumi/extensions/BlueGreenDeployments.d.ts +134 -0
- package/pulumi/extensions/BlueGreenDeployments.js +34 -0
- package/pulumi/extensions/BlueGreenDeployments.js.map +1 -0
- package/pulumi/extensions/OpenSearch.d.ts +17 -0
- package/pulumi/extensions/OpenSearch.js +17 -0
- package/pulumi/extensions/OpenSearch.js.map +1 -0
- package/pulumi/extensions/Vpc.d.ts +71 -0
- package/pulumi/extensions/Vpc.js +25 -0
- package/pulumi/extensions/Vpc.js.map +1 -0
- package/pulumi/extensions/index.d.ts +220 -0
- package/pulumi/extensions/index.js +13 -0
- package/pulumi/extensions/index.js.map +1 -0
- package/pulumi/index.d.ts +3 -0
- package/pulumi/index.js +5 -0
- package/pulumi/index.js.map +1 -0
- package/pulumi/types.d.ts +44 -0
- package/pulumi/types.js +3 -0
- package/pulumi/types.js.map +1 -0
- package/pulumi/utils/addDomainsUrlsOutputs.d.ts +18 -0
- package/pulumi/utils/addDomainsUrlsOutputs.js +40 -0
- package/pulumi/utils/addDomainsUrlsOutputs.js.map +1 -0
- package/pulumi/utils/addServiceManifestTableItem.d.ts +12 -0
- package/pulumi/utils/addServiceManifestTableItem.js +28 -0
- package/pulumi/utils/addServiceManifestTableItem.js.map +1 -0
- package/pulumi/utils/crawlDirectory.d.ts +1 -0
- package/pulumi/utils/crawlDirectory.js +19 -0
- package/pulumi/utils/crawlDirectory.js.map +1 -0
- package/pulumi/utils/createAssetArchive.d.ts +2 -0
- package/pulumi/utils/createAssetArchive.js +8 -0
- package/pulumi/utils/createAssetArchive.js.map +1 -0
- package/pulumi/utils/dynamodb.d.ts +14 -0
- package/pulumi/utils/dynamodb.js +29 -0
- package/pulumi/utils/dynamodb.js.map +1 -0
- package/pulumi/utils/getPresignedPost.d.ts +11 -0
- package/pulumi/utils/getPresignedPost.js +34 -0
- package/pulumi/utils/getPresignedPost.js.map +1 -0
- package/pulumi/utils/index.d.ts +5 -0
- package/pulumi/utils/index.js +7 -0
- package/pulumi/utils/index.js.map +1 -0
- package/pulumi/utils/lambdaEnvVariables.d.ts +20 -0
- package/pulumi/utils/lambdaEnvVariables.js +62 -0
- package/pulumi/utils/lambdaEnvVariables.js.map +1 -0
- package/pulumi/utils/tagResources.d.ts +5 -0
- package/pulumi/utils/tagResources.js +33 -0
- package/pulumi/utils/tagResources.js.map +1 -0
- package/pulumi/utils/uploadFolderToS3.d.ts +26 -0
- package/pulumi/utils/uploadFolderToS3.js +147 -0
- package/pulumi/utils/uploadFolderToS3.js.map +1 -0
- package/pulumi/utils/withServiceManifest.d.ts +14 -0
- package/pulumi/utils/withServiceManifest.js +45 -0
- package/pulumi/utils/withServiceManifest.js.map +1 -0
- package/services/AdminStackOutputService.d.ts +10 -0
- package/services/AdminStackOutputService.js +16 -0
- package/services/AdminStackOutputService.js.map +1 -0
- package/services/ApiStackOutputService.d.ts +10 -0
- package/services/ApiStackOutputService.js +16 -0
- package/services/ApiStackOutputService.js.map +1 -0
- package/services/CoreStackOutputService.d.ts +10 -0
- package/services/CoreStackOutputService.js +16 -0
- package/services/CoreStackOutputService.js.map +1 -0
- package/utils/getTemplatesFolderPath.d.ts +1 -0
- package/utils/getTemplatesFolderPath.js +16 -0
- package/utils/getTemplatesFolderPath.js.map +1 -0
- package/utils/index.d.ts +1 -0
- package/utils/index.js +3 -0
- package/utils/index.js.map +1 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
export function handler(event: any): Promise<{
|
|
2
|
+
isAuthenticated: boolean;
|
|
3
|
+
principalId?: undefined;
|
|
4
|
+
policyDocuments?: undefined;
|
|
5
|
+
disconnectAfterInSeconds?: undefined;
|
|
6
|
+
refreshAfterInSeconds?: undefined;
|
|
7
|
+
} | {
|
|
8
|
+
isAuthenticated: boolean;
|
|
9
|
+
principalId: string;
|
|
10
|
+
policyDocuments: {
|
|
11
|
+
Version: string;
|
|
12
|
+
Statement: ({
|
|
13
|
+
Effect: string;
|
|
14
|
+
Action: string;
|
|
15
|
+
Resource: string;
|
|
16
|
+
} | {
|
|
17
|
+
Effect: string;
|
|
18
|
+
Action: string;
|
|
19
|
+
Resource: string[];
|
|
20
|
+
} | {
|
|
21
|
+
Effect: string;
|
|
22
|
+
Action: string[];
|
|
23
|
+
Resource: string[];
|
|
24
|
+
})[];
|
|
25
|
+
}[];
|
|
26
|
+
disconnectAfterInSeconds: number;
|
|
27
|
+
refreshAfterInSeconds: number;
|
|
28
|
+
}>;
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
exports.handler = async event => {
|
|
2
|
+
const urlParams = new URLSearchParams(event.protocolData.http.queryString);
|
|
3
|
+
const WEBINY_WATCH_COMMAND_TOPIC = process.env.WEBINY_WATCH_COMMAND_TOPIC;
|
|
4
|
+
if (urlParams.get("x-webiny-watch-command-topic") !== WEBINY_WATCH_COMMAND_TOPIC) {
|
|
5
|
+
return {
|
|
6
|
+
isAuthenticated: false
|
|
7
|
+
};
|
|
8
|
+
}
|
|
9
|
+
return {
|
|
10
|
+
isAuthenticated: true,
|
|
11
|
+
principalId: "Unauthenticated",
|
|
12
|
+
policyDocuments: [{
|
|
13
|
+
Version: "2012-10-17",
|
|
14
|
+
Statement: [{
|
|
15
|
+
Effect: "Allow",
|
|
16
|
+
Action: "iot:Connect",
|
|
17
|
+
Resource: "arn:aws:iot:*:*:client/*"
|
|
18
|
+
}, {
|
|
19
|
+
Effect: "Allow",
|
|
20
|
+
Action: "iot:Subscribe",
|
|
21
|
+
Resource: [`arn:aws:iot:*:*:topicfilter/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
22
|
+
}, {
|
|
23
|
+
Effect: "Allow",
|
|
24
|
+
Action: "iot:Publish",
|
|
25
|
+
Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
26
|
+
}, {
|
|
27
|
+
Effect: "Allow",
|
|
28
|
+
Action: ["iot:Receive"],
|
|
29
|
+
Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
30
|
+
}]
|
|
31
|
+
}],
|
|
32
|
+
disconnectAfterInSeconds: 3600,
|
|
33
|
+
refreshAfterInSeconds: 300
|
|
34
|
+
};
|
|
35
|
+
};
|
|
36
|
+
|
|
37
|
+
//# sourceMappingURL=handler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["exports","handler","event","urlParams","URLSearchParams","protocolData","http","queryString","WEBINY_WATCH_COMMAND_TOPIC","process","env","get","isAuthenticated","principalId","policyDocuments","Version","Statement","Effect","Action","Resource","disconnectAfterInSeconds","refreshAfterInSeconds"],"sources":["handler.js"],"sourcesContent":["exports.handler = async event => {\n const urlParams = new URLSearchParams(event.protocolData.http.queryString);\n\n const WEBINY_WATCH_COMMAND_TOPIC = process.env.WEBINY_WATCH_COMMAND_TOPIC;\n if (urlParams.get(\"x-webiny-watch-command-topic\") !== WEBINY_WATCH_COMMAND_TOPIC) {\n return {\n isAuthenticated: false\n };\n }\n\n return {\n isAuthenticated: true,\n principalId: \"Unauthenticated\",\n policyDocuments: [\n {\n Version: \"2012-10-17\",\n Statement: [\n {\n Effect: \"Allow\",\n Action: \"iot:Connect\",\n Resource: \"arn:aws:iot:*:*:client/*\"\n },\n {\n Effect: \"Allow\",\n Action: \"iot:Subscribe\",\n Resource: [`arn:aws:iot:*:*:topicfilter/${WEBINY_WATCH_COMMAND_TOPIC}`]\n },\n {\n Effect: \"Allow\",\n Action: \"iot:Publish\",\n Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]\n },\n {\n Effect: \"Allow\",\n Action: [\"iot:Receive\"],\n Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]\n }\n ]\n }\n ],\n disconnectAfterInSeconds: 3600,\n refreshAfterInSeconds: 300\n };\n};\n"],"mappings":"AAAAA,OAAO,CAACC,OAAO,GAAG,MAAMC,KAAK,IAAI;EAC7B,MAAMC,SAAS,GAAG,IAAIC,eAAe,CAACF,KAAK,CAACG,YAAY,CAACC,IAAI,CAACC,WAAW,CAAC;EAE1E,MAAMC,0BAA0B,GAAGC,OAAO,CAACC,GAAG,CAACF,0BAA0B;EACzE,IAAIL,SAAS,CAACQ,GAAG,CAAC,8BAA8B,CAAC,KAAKH,0BAA0B,EAAE;IAC9E,OAAO;MACHI,eAAe,EAAE;IACrB,CAAC;EACL;EAEA,OAAO;IACHA,eAAe,EAAE,IAAI;IACrBC,WAAW,EAAE,iBAAiB;IAC9BC,eAAe,EAAE,CACb;MACIC,OAAO,EAAE,YAAY;MACrBC,SAAS,EAAE,CACP;QACIC,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,aAAa;QACrBC,QAAQ,EAAE;MACd,CAAC,EACD;QACIF,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,eAAe;QACvBC,QAAQ,EAAE,CAAC,+BAA+BX,0BAA0B,EAAE;MAC1E,CAAC,EACD;QACIS,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,aAAa;QACrBC,QAAQ,EAAE,CAAC,yBAAyBX,0BAA0B,EAAE;MACpE,CAAC,EACD;QACIS,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,CAAC,aAAa,CAAC;QACvBC,QAAQ,EAAE,CAAC,yBAAyBX,0BAA0B,EAAE;MACpE,CAAC;IAET,CAAC,CACJ;IACDY,wBAAwB,EAAE,IAAI;IAC9BC,qBAAqB,EAAE;EAC3B,CAAC;AACL,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import * as aws from "@pulumi/aws";
|
|
2
|
+
import { type PulumiApp } from "@webiny/pulumi";
|
|
3
|
+
export declare function createPublicAppBucket(app: PulumiApp, name: string): {
|
|
4
|
+
bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucket").Bucket>;
|
|
5
|
+
bucketAcl: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketAcl").BucketAcl>;
|
|
6
|
+
bucketOwnershipControls: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketOwnershipControls").BucketOwnershipControls>;
|
|
7
|
+
origin: aws.types.input.cloudfront.DistributionOrigin;
|
|
8
|
+
};
|
|
9
|
+
export declare function createPrivateAppBucket(app: PulumiApp, name: string): {
|
|
10
|
+
bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucket").Bucket>;
|
|
11
|
+
bucketOwnershipControls: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketOwnershipControls").BucketOwnershipControls>;
|
|
12
|
+
bucketAcl: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketAcl").BucketAcl>;
|
|
13
|
+
originIdentity: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront/originAccessIdentity").OriginAccessIdentity>;
|
|
14
|
+
origin: aws.types.input.cloudfront.DistributionOrigin;
|
|
15
|
+
bucketPublicAccessBlock: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketPublicAccessBlock").BucketPublicAccessBlock>;
|
|
16
|
+
bucketPolicy: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketPolicy").BucketPolicy>;
|
|
17
|
+
};
|
|
@@ -0,0 +1,152 @@
|
|
|
1
|
+
import * as aws from "@pulumi/aws";
|
|
2
|
+
import { ApiOutput } from "./api/index.js";
|
|
3
|
+
import { getEnvVariableAwsRegion } from "../env/awsRegion.js";
|
|
4
|
+
export function createPublicAppBucket(app, name) {
|
|
5
|
+
const bucket = app.addResource(aws.s3.Bucket, {
|
|
6
|
+
name: name,
|
|
7
|
+
config: {
|
|
8
|
+
forceDestroy: true,
|
|
9
|
+
website: {
|
|
10
|
+
indexDocument: "index.html",
|
|
11
|
+
errorDocument: "_NOT_FOUND_PAGE_/index.html"
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
});
|
|
15
|
+
const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {
|
|
16
|
+
name: `${name}-ownership-controls`,
|
|
17
|
+
config: {
|
|
18
|
+
bucket: bucket.output.id,
|
|
19
|
+
rule: {
|
|
20
|
+
objectOwnership: "BucketOwnerPreferred"
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
});
|
|
24
|
+
const bucketAcl = app.addResource(aws.s3.BucketAcl, {
|
|
25
|
+
name: `${name}-acl`,
|
|
26
|
+
config: {
|
|
27
|
+
bucket: bucket.output.id,
|
|
28
|
+
acl: aws.s3.CannedAcl.PublicRead
|
|
29
|
+
},
|
|
30
|
+
opts: {
|
|
31
|
+
dependsOn: [bucketOwnershipControls.output]
|
|
32
|
+
}
|
|
33
|
+
});
|
|
34
|
+
const origin = {
|
|
35
|
+
originId: bucket.output.arn,
|
|
36
|
+
domainName: bucket.output.websiteEndpoint,
|
|
37
|
+
customOriginConfig: {
|
|
38
|
+
originProtocolPolicy: "http-only",
|
|
39
|
+
httpPort: 80,
|
|
40
|
+
httpsPort: 443,
|
|
41
|
+
originSslProtocols: ["TLSv1.2"]
|
|
42
|
+
}
|
|
43
|
+
};
|
|
44
|
+
return {
|
|
45
|
+
bucket,
|
|
46
|
+
bucketAcl,
|
|
47
|
+
bucketOwnershipControls,
|
|
48
|
+
origin
|
|
49
|
+
};
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
// Forces S3 buckets to be available only through a cloudfront distribution.
|
|
53
|
+
// Requires `ApiOutput` module to be loaded.
|
|
54
|
+
export function createPrivateAppBucket(app, name) {
|
|
55
|
+
const api = app.getModule(ApiOutput);
|
|
56
|
+
const bucket = app.addResource(aws.s3.Bucket, {
|
|
57
|
+
name: name,
|
|
58
|
+
config: {
|
|
59
|
+
forceDestroy: true
|
|
60
|
+
}
|
|
61
|
+
});
|
|
62
|
+
const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {
|
|
63
|
+
name: `${name}-ownership-controls`,
|
|
64
|
+
config: {
|
|
65
|
+
bucket: bucket.output.id,
|
|
66
|
+
rule: {
|
|
67
|
+
objectOwnership: "BucketOwnerPreferred"
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
});
|
|
71
|
+
const bucketAcl = app.addResource(aws.s3.BucketAcl, {
|
|
72
|
+
name: `${name}-acl`,
|
|
73
|
+
config: {
|
|
74
|
+
bucket: bucket.output.id,
|
|
75
|
+
acl: aws.s3.CannedAcl.Private
|
|
76
|
+
},
|
|
77
|
+
opts: {
|
|
78
|
+
dependsOn: [bucketOwnershipControls.output]
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
|
|
82
|
+
// Origin Identity is a kind of AWS user that represents Cloudfront distribution
|
|
83
|
+
// We can add IAM policies to it later, to allow accessing private S3 bucket
|
|
84
|
+
const originIdentity = app.addResource(aws.cloudfront.OriginAccessIdentity, {
|
|
85
|
+
name: `${name}-origin-identity`,
|
|
86
|
+
config: {}
|
|
87
|
+
});
|
|
88
|
+
const origin = {
|
|
89
|
+
originId: bucket.output.arn,
|
|
90
|
+
domainName: bucket.output.bucket.apply(
|
|
91
|
+
// We need to create a regional domain name. Otherwise, we'll run into the following issue:
|
|
92
|
+
// https://aws.amazon.com/premiumsupport/knowledge-center/s3-http-307-response/
|
|
93
|
+
name => `${name}.s3.${getEnvVariableAwsRegion()}.amazonaws.com`),
|
|
94
|
+
s3OriginConfig: {
|
|
95
|
+
originAccessIdentity: originIdentity.output.cloudfrontAccessIdentityPath
|
|
96
|
+
}
|
|
97
|
+
};
|
|
98
|
+
|
|
99
|
+
// block any public access
|
|
100
|
+
const bucketPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {
|
|
101
|
+
name: `${name}-bucket-block-access`,
|
|
102
|
+
config: {
|
|
103
|
+
bucket: bucket.output.id,
|
|
104
|
+
blockPublicAcls: true,
|
|
105
|
+
blockPublicPolicy: true,
|
|
106
|
+
ignorePublicAcls: true,
|
|
107
|
+
restrictPublicBuckets: true
|
|
108
|
+
}
|
|
109
|
+
});
|
|
110
|
+
|
|
111
|
+
// Create an IAM policy to allow access to S3 bucket from cloudfront
|
|
112
|
+
const bucketPolicy = app.addResource(aws.s3.BucketPolicy, {
|
|
113
|
+
name: `${name}-bucket-policy`,
|
|
114
|
+
config: {
|
|
115
|
+
bucket: bucket.output.bucket,
|
|
116
|
+
policy: {
|
|
117
|
+
Version: "2012-10-17",
|
|
118
|
+
Statement: bucket.output.arn.apply(arn => {
|
|
119
|
+
const statements = [{
|
|
120
|
+
Effect: "Allow",
|
|
121
|
+
Principal: {
|
|
122
|
+
AWS: originIdentity.output.iamArn
|
|
123
|
+
},
|
|
124
|
+
// we need GetObject to retrieve objects from S3
|
|
125
|
+
// and ListBucket allows to properly handle non-existing files (404)
|
|
126
|
+
Action: ["s3:ListBucket", "s3:GetObject"],
|
|
127
|
+
Resource: [`${arn}`, `${arn}/*`]
|
|
128
|
+
}, {
|
|
129
|
+
Effect: "Allow",
|
|
130
|
+
Principal: {
|
|
131
|
+
AWS: api.graphqlLambdaRole
|
|
132
|
+
},
|
|
133
|
+
Action: ["s3:GetObjectAcl", "s3:DeleteObject", "s3:PutObjectAcl", "s3:PutObject", "s3:GetObject", "s3:ListBucket"],
|
|
134
|
+
Resource: [`${arn}`, `${arn}/*`]
|
|
135
|
+
}];
|
|
136
|
+
return statements;
|
|
137
|
+
})
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
});
|
|
141
|
+
return {
|
|
142
|
+
bucket,
|
|
143
|
+
bucketOwnershipControls,
|
|
144
|
+
bucketAcl,
|
|
145
|
+
originIdentity,
|
|
146
|
+
origin,
|
|
147
|
+
bucketPublicAccessBlock,
|
|
148
|
+
bucketPolicy
|
|
149
|
+
};
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
//# sourceMappingURL=createAppBucket.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["aws","ApiOutput","getEnvVariableAwsRegion","createPublicAppBucket","app","name","bucket","addResource","s3","Bucket","config","forceDestroy","website","indexDocument","errorDocument","bucketOwnershipControls","BucketOwnershipControls","output","id","rule","objectOwnership","bucketAcl","BucketAcl","acl","CannedAcl","PublicRead","opts","dependsOn","origin","originId","arn","domainName","websiteEndpoint","customOriginConfig","originProtocolPolicy","httpPort","httpsPort","originSslProtocols","createPrivateAppBucket","api","getModule","Private","originIdentity","cloudfront","OriginAccessIdentity","apply","s3OriginConfig","originAccessIdentity","cloudfrontAccessIdentityPath","bucketPublicAccessBlock","BucketPublicAccessBlock","blockPublicAcls","blockPublicPolicy","ignorePublicAcls","restrictPublicBuckets","bucketPolicy","BucketPolicy","policy","Version","Statement","statements","Effect","Principal","AWS","iamArn","Action","Resource","graphqlLambdaRole"],"sources":["createAppBucket.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { type PulumiApp } from \"@webiny/pulumi\";\nimport { ApiOutput } from \"~/pulumi/apps/api/index.js\";\nimport { getEnvVariableAwsRegion } from \"~/pulumi/env/awsRegion.js\";\n\nexport function createPublicAppBucket(app: PulumiApp, name: string) {\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n forceDestroy: true,\n website: {\n indexDocument: \"index.html\",\n errorDocument: \"_NOT_FOUND_PAGE_/index.html\"\n }\n }\n });\n\n const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {\n name: `${name}-ownership-controls`,\n config: {\n bucket: bucket.output.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\"\n }\n }\n });\n\n const bucketAcl = app.addResource(aws.s3.BucketAcl, {\n name: `${name}-acl`,\n config: {\n bucket: bucket.output.id,\n acl: aws.s3.CannedAcl.PublicRead\n },\n opts: {\n dependsOn: [bucketOwnershipControls.output]\n }\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.websiteEndpoint,\n customOriginConfig: {\n originProtocolPolicy: \"http-only\",\n httpPort: 80,\n httpsPort: 443,\n originSslProtocols: [\"TLSv1.2\"]\n }\n };\n\n return {\n bucket,\n bucketAcl,\n bucketOwnershipControls,\n origin\n };\n}\n\n// Forces S3 buckets to be available only through a cloudfront distribution.\n// Requires `ApiOutput` module to be loaded.\nexport function createPrivateAppBucket(app: PulumiApp, name: string) {\n const api = app.getModule(ApiOutput);\n\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n forceDestroy: true\n }\n });\n\n const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {\n name: `${name}-ownership-controls`,\n config: {\n bucket: bucket.output.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\"\n }\n }\n });\n\n const bucketAcl = app.addResource(aws.s3.BucketAcl, {\n name: `${name}-acl`,\n config: {\n bucket: bucket.output.id,\n acl: aws.s3.CannedAcl.Private\n },\n opts: {\n dependsOn: [bucketOwnershipControls.output]\n }\n });\n\n // Origin Identity is a kind of AWS user that represents Cloudfront distribution\n // We can add IAM policies to it later, to allow accessing private S3 bucket\n const originIdentity = app.addResource(aws.cloudfront.OriginAccessIdentity, {\n name: `${name}-origin-identity`,\n config: {}\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.bucket.apply(\n // We need to create a regional domain name. Otherwise, we'll run into the following issue:\n // https://aws.amazon.com/premiumsupport/knowledge-center/s3-http-307-response/\n name => `${name}.s3.${getEnvVariableAwsRegion()}.amazonaws.com`\n ),\n s3OriginConfig: {\n originAccessIdentity: originIdentity.output.cloudfrontAccessIdentityPath\n }\n };\n\n // block any public access\n const bucketPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {\n name: `${name}-bucket-block-access`,\n config: {\n bucket: bucket.output.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true\n }\n });\n\n // Create an IAM policy to allow access to S3 bucket from cloudfront\n const bucketPolicy = app.addResource(aws.s3.BucketPolicy, {\n name: `${name}-bucket-policy`,\n config: {\n bucket: bucket.output.bucket,\n policy: {\n Version: \"2012-10-17\",\n Statement: bucket.output.arn.apply(arn => {\n const statements: aws.iam.PolicyStatement[] = [\n {\n Effect: \"Allow\",\n Principal: { AWS: originIdentity.output.iamArn },\n // we need GetObject to retrieve objects from S3\n // and ListBucket allows to properly handle non-existing files (404)\n Action: [\"s3:ListBucket\", \"s3:GetObject\"],\n Resource: [`${arn}`, `${arn}/*`]\n },\n {\n Effect: \"Allow\",\n Principal: {\n AWS: api.graphqlLambdaRole\n },\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [`${arn}`, `${arn}/*`]\n }\n ];\n\n return statements;\n })\n }\n }\n });\n\n return {\n bucket,\n bucketOwnershipControls,\n bucketAcl,\n originIdentity,\n origin,\n bucketPublicAccessBlock,\n bucketPolicy\n };\n}\n"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,aAAa;AAElC,SAASC,SAAS;AAClB,SAASC,uBAAuB;AAEhC,OAAO,SAASC,qBAAqBA,CAACC,GAAc,EAAEC,IAAY,EAAE;EAChE,MAAMC,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,YAAY,EAAE,IAAI;MAClBC,OAAO,EAAE;QACLC,aAAa,EAAE,YAAY;QAC3BC,aAAa,EAAE;MACnB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,uBAAuB,GAAGX,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACQ,uBAAuB,EAAE;IAC5EX,IAAI,EAAE,GAAGA,IAAI,qBAAqB;IAClCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBC,IAAI,EAAE;QACFC,eAAe,EAAE;MACrB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAGjB,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACc,SAAS,EAAE;IAChDjB,IAAI,EAAE,GAAGA,IAAI,MAAM;IACnBK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBK,GAAG,EAAEvB,GAAG,CAACQ,EAAE,CAACgB,SAAS,CAACC;IAC1B,CAAC;IACDC,IAAI,EAAE;MACFC,SAAS,EAAE,CAACZ,uBAAuB,CAACE,MAAM;IAC9C;EACJ,CAAC,CAAC;EAEF,MAAMW,MAAqD,GAAG;IAC1DC,QAAQ,EAAEvB,MAAM,CAACW,MAAM,CAACa,GAAG;IAC3BC,UAAU,EAAEzB,MAAM,CAACW,MAAM,CAACe,eAAe;IACzCC,kBAAkB,EAAE;MAChBC,oBAAoB,EAAE,WAAW;MACjCC,QAAQ,EAAE,EAAE;MACZC,SAAS,EAAE,GAAG;MACdC,kBAAkB,EAAE,CAAC,SAAS;IAClC;EACJ,CAAC;EAED,OAAO;IACH/B,MAAM;IACNe,SAAS;IACTN,uBAAuB;IACvBa;EACJ,CAAC;AACL;;AAEA;AACA;AACA,OAAO,SAASU,sBAAsBA,CAAClC,GAAc,EAAEC,IAAY,EAAE;EACjE,MAAMkC,GAAG,GAAGnC,GAAG,CAACoC,SAAS,CAACvC,SAAS,CAAC;EAEpC,MAAMK,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,YAAY,EAAE;IAClB;EACJ,CAAC,CAAC;EAEF,MAAMI,uBAAuB,GAAGX,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACQ,uBAAuB,EAAE;IAC5EX,IAAI,EAAE,GAAGA,IAAI,qBAAqB;IAClCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBC,IAAI,EAAE;QACFC,eAAe,EAAE;MACrB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAGjB,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACc,SAAS,EAAE;IAChDjB,IAAI,EAAE,GAAGA,IAAI,MAAM;IACnBK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBK,GAAG,EAAEvB,GAAG,CAACQ,EAAE,CAACgB,SAAS,CAACiB;IAC1B,CAAC;IACDf,IAAI,EAAE;MACFC,SAAS,EAAE,CAACZ,uBAAuB,CAACE,MAAM;IAC9C;EACJ,CAAC,CAAC;;EAEF;EACA;EACA,MAAMyB,cAAc,GAAGtC,GAAG,CAACG,WAAW,CAACP,GAAG,CAAC2C,UAAU,CAACC,oBAAoB,EAAE;IACxEvC,IAAI,EAAE,GAAGA,IAAI,kBAAkB;IAC/BK,MAAM,EAAE,CAAC;EACb,CAAC,CAAC;EAEF,MAAMkB,MAAqD,GAAG;IAC1DC,QAAQ,EAAEvB,MAAM,CAACW,MAAM,CAACa,GAAG;IAC3BC,UAAU,EAAEzB,MAAM,CAACW,MAAM,CAACX,MAAM,CAACuC,KAAK;IAClC;IACA;IACAxC,IAAI,IAAI,GAAGA,IAAI,OAAOH,uBAAuB,CAAC,CAAC,gBACnD,CAAC;IACD4C,cAAc,EAAE;MACZC,oBAAoB,EAAEL,cAAc,CAACzB,MAAM,CAAC+B;IAChD;EACJ,CAAC;;EAED;EACA,MAAMC,uBAAuB,GAAG7C,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAAC0C,uBAAuB,EAAE;IAC5E7C,IAAI,EAAE,GAAGA,IAAI,sBAAsB;IACnCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBiC,eAAe,EAAE,IAAI;MACrBC,iBAAiB,EAAE,IAAI;MACvBC,gBAAgB,EAAE,IAAI;MACtBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC,CAAC;;EAEF;EACA,MAAMC,YAAY,GAAGnD,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACgD,YAAY,EAAE;IACtDnD,IAAI,EAAE,GAAGA,IAAI,gBAAgB;IAC7BK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACX,MAAM;MAC5BmD,MAAM,EAAE;QACJC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAErD,MAAM,CAACW,MAAM,CAACa,GAAG,CAACe,KAAK,CAACf,GAAG,IAAI;UACtC,MAAM8B,UAAqC,GAAG,CAC1C;YACIC,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cAAEC,GAAG,EAAErB,cAAc,CAACzB,MAAM,CAAC+C;YAAO,CAAC;YAChD;YACA;YACAC,MAAM,EAAE,CAAC,eAAe,EAAE,cAAc,CAAC;YACzCC,QAAQ,EAAE,CAAC,GAAGpC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,EACD;YACI+B,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cACPC,GAAG,EAAExB,GAAG,CAAC4B;YACb,CAAC;YACDF,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CAAC,GAAGpC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,CACJ;UAED,OAAO8B,UAAU;QACrB,CAAC;MACL;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHtD,MAAM;IACNS,uBAAuB;IACvBM,SAAS;IACTqB,cAAc;IACdd,MAAM;IACNqB,uBAAuB;IACvBM;EACJ,CAAC;AACL","ignoreList":[]}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { type Input } from "@pulumi/pulumi";
|
|
2
|
+
import type * as aws from "@pulumi/aws";
|
|
3
|
+
import { type PulumiAppResource } from "@webiny/pulumi";
|
|
4
|
+
export interface CustomDomainParams {
|
|
5
|
+
domains: Input<string[]>;
|
|
6
|
+
acmCertificateArn: Input<string>;
|
|
7
|
+
sslSupportMethod?: Input<string>;
|
|
8
|
+
}
|
|
9
|
+
export declare function applyCustomDomain(cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>, params: CustomDomainParams): void;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export function applyCustomDomain(cloudfront, params) {
|
|
2
|
+
cloudfront.config.aliases(params.domains);
|
|
3
|
+
cloudfront.config.viewerCertificate({
|
|
4
|
+
acmCertificateArn: params.acmCertificateArn,
|
|
5
|
+
sslSupportMethod: params.sslSupportMethod ?? "sni-only"
|
|
6
|
+
});
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
//# sourceMappingURL=customDomain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["applyCustomDomain","cloudfront","params","config","aliases","domains","viewerCertificate","acmCertificateArn","sslSupportMethod"],"sources":["customDomain.ts"],"sourcesContent":["import { type Input } from \"@pulumi/pulumi\";\nimport type * as aws from \"@pulumi/aws\";\nimport { type PulumiAppResource } from \"@webiny/pulumi\";\n\nexport interface CustomDomainParams {\n domains: Input<string[]>;\n acmCertificateArn: Input<string>;\n sslSupportMethod?: Input<string>;\n}\n\nexport function applyCustomDomain(\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>,\n params: CustomDomainParams\n) {\n cloudfront.config.aliases(params.domains);\n\n cloudfront.config.viewerCertificate({\n acmCertificateArn: params.acmCertificateArn,\n sslSupportMethod: params.sslSupportMethod ?? \"sni-only\"\n });\n}\n"],"mappings":"AAUA,OAAO,SAASA,iBAAiBA,CAC7BC,UAAiE,EACjEC,MAA0B,EAC5B;EACED,UAAU,CAACE,MAAM,CAACC,OAAO,CAACF,MAAM,CAACG,OAAO,CAAC;EAEzCJ,UAAU,CAACE,MAAM,CAACG,iBAAiB,CAAC;IAChCC,iBAAiB,EAAEL,MAAM,CAACK,iBAAiB;IAC3CC,gBAAgB,EAAEN,MAAM,CAACM,gBAAgB,IAAI;EACjD,CAAC,CAAC;AACN","ignoreList":[]}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { AwsTags as awsTagsExt } from "../../extensions/AwsTags.js";
|
|
2
|
+
export const getAwsTagsFromExtension = projectConfig => {
|
|
3
|
+
const awsTags = {};
|
|
4
|
+
projectConfig.extensionsByType(awsTagsExt).forEach(ext => {
|
|
5
|
+
Object.assign(awsTags, ext.params.tags);
|
|
6
|
+
});
|
|
7
|
+
return awsTags;
|
|
8
|
+
};
|
|
9
|
+
|
|
10
|
+
//# sourceMappingURL=getAwsTagsFromExtension.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["AwsTags","awsTagsExt","getAwsTagsFromExtension","projectConfig","awsTags","extensionsByType","forEach","ext","Object","assign","params","tags"],"sources":["getAwsTagsFromExtension.ts"],"sourcesContent":["import { type IProjectConfigModel } from \"@webiny/project/abstractions/models/index.js\";\nimport { AwsTags as awsTagsExt } from \"~/pulumi/extensions/AwsTags.js\";\n\nexport const getAwsTagsFromExtension = (projectConfig: IProjectConfigModel) => {\n const awsTags: Record<string, string> = {};\n projectConfig.extensionsByType(awsTagsExt).forEach(ext => {\n Object.assign(awsTags, ext.params.tags);\n });\n\n return awsTags;\n};\n"],"mappings":"AACA,SAASA,OAAO,IAAIC,UAAU;AAE9B,OAAO,MAAMC,uBAAuB,GAAIC,aAAkC,IAAK;EAC3E,MAAMC,OAA+B,GAAG,CAAC,CAAC;EAC1CD,aAAa,CAACE,gBAAgB,CAACJ,UAAU,CAAC,CAACK,OAAO,CAACC,GAAG,IAAI;IACtDC,MAAM,CAACC,MAAM,CAACL,OAAO,EAAEG,GAAG,CAACG,MAAM,CAACC,IAAI,CAAC;EAC3C,CAAC,CAAC;EAEF,OAAOP,OAAO;AAClB,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { type IProjectConfigModel } from "@webiny/project/abstractions/models/index.js";
|
|
2
|
+
export declare const getBgDeploymentsConfigFromExtension: (projectConfig: IProjectConfigModel) => false | {
|
|
3
|
+
enabled: boolean;
|
|
4
|
+
domains: {
|
|
5
|
+
domains: {
|
|
6
|
+
api: [string, ...string[]];
|
|
7
|
+
admin: [string, ...string[]];
|
|
8
|
+
website: [string, ...string[]];
|
|
9
|
+
preview: [string, ...string[]];
|
|
10
|
+
};
|
|
11
|
+
acmCertificateArn: string;
|
|
12
|
+
sslSupportMethod: "sni-only" | "vip";
|
|
13
|
+
};
|
|
14
|
+
deployments: [{
|
|
15
|
+
name: string;
|
|
16
|
+
env: string;
|
|
17
|
+
variant: string;
|
|
18
|
+
}, {
|
|
19
|
+
name: string;
|
|
20
|
+
env: string;
|
|
21
|
+
variant: string;
|
|
22
|
+
}];
|
|
23
|
+
};
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { BlueGreenDeployments as bgDeploymentsExt } from "../../extensions/BlueGreenDeployments.js";
|
|
2
|
+
export const getBgDeploymentsConfigFromExtension = projectConfig => {
|
|
3
|
+
const [bgDeploymentsExtension] = projectConfig.extensionsByType(bgDeploymentsExt);
|
|
4
|
+
if (!bgDeploymentsExtension) {
|
|
5
|
+
return false;
|
|
6
|
+
}
|
|
7
|
+
return bgDeploymentsExtension.params;
|
|
8
|
+
};
|
|
9
|
+
|
|
10
|
+
//# sourceMappingURL=getBgDeploymentsConfigFromExtension.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["BlueGreenDeployments","bgDeploymentsExt","getBgDeploymentsConfigFromExtension","projectConfig","bgDeploymentsExtension","extensionsByType","params"],"sources":["getBgDeploymentsConfigFromExtension.ts"],"sourcesContent":["import { BlueGreenDeployments as bgDeploymentsExt } from \"~/pulumi/extensions/BlueGreenDeployments.js\";\nimport { type IProjectConfigModel } from \"@webiny/project/abstractions/models/index.js\";\n\nexport const getBgDeploymentsConfigFromExtension = (projectConfig: IProjectConfigModel) => {\n const [bgDeploymentsExtension] = projectConfig.extensionsByType(bgDeploymentsExt);\n if (!bgDeploymentsExtension) {\n return false;\n }\n\n return bgDeploymentsExtension.params;\n};\n"],"mappings":"AAAA,SAASA,oBAAoB,IAAIC,gBAAgB;AAGjD,OAAO,MAAMC,mCAAmC,GAAIC,aAAkC,IAAK;EACvF,MAAM,CAACC,sBAAsB,CAAC,GAAGD,aAAa,CAACE,gBAAgB,CAACJ,gBAAgB,CAAC;EACjF,IAAI,CAACG,sBAAsB,EAAE;IACzB,OAAO,KAAK;EAChB;EAEA,OAAOA,sBAAsB,CAACE,MAAM;AACxC,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { type IProjectConfigModel } from "@webiny/project/abstractions/models/index.js";
|
|
2
|
+
export declare const getOsConfigFromExtension: (projectConfig: IProjectConfigModel) => boolean | Omit<{
|
|
3
|
+
enabled?: boolean | undefined;
|
|
4
|
+
domainName?: string | undefined;
|
|
5
|
+
indexPrefix?: string | undefined;
|
|
6
|
+
sharedIndexes?: boolean | undefined;
|
|
7
|
+
}, "enabled"> | undefined;
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { OpenSearch as openSearchExt } from "../../extensions/OpenSearch.js";
|
|
2
|
+
export const getOsConfigFromExtension = projectConfig => {
|
|
3
|
+
const [openSearchExtension] = projectConfig.extensionsByType(openSearchExt);
|
|
4
|
+
if (!openSearchExtension) {
|
|
5
|
+
// OpenSearch not used.
|
|
6
|
+
return undefined;
|
|
7
|
+
}
|
|
8
|
+
const {
|
|
9
|
+
enabled,
|
|
10
|
+
domainName,
|
|
11
|
+
indexPrefix,
|
|
12
|
+
sharedIndexes
|
|
13
|
+
} = openSearchExtension.params;
|
|
14
|
+
if (enabled === false) {
|
|
15
|
+
return false;
|
|
16
|
+
}
|
|
17
|
+
if (domainName || indexPrefix || sharedIndexes) {
|
|
18
|
+
const openSearch = {};
|
|
19
|
+
if (domainName) {
|
|
20
|
+
openSearch.domainName = domainName;
|
|
21
|
+
}
|
|
22
|
+
if (indexPrefix) {
|
|
23
|
+
openSearch.indexPrefix = indexPrefix;
|
|
24
|
+
}
|
|
25
|
+
if (sharedIndexes) {
|
|
26
|
+
openSearch.sharedIndexes = sharedIndexes;
|
|
27
|
+
}
|
|
28
|
+
return openSearch;
|
|
29
|
+
}
|
|
30
|
+
return true;
|
|
31
|
+
};
|
|
32
|
+
|
|
33
|
+
//# sourceMappingURL=getOsConfigFromExtension.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["OpenSearch","openSearchExt","getOsConfigFromExtension","projectConfig","openSearchExtension","extensionsByType","undefined","enabled","domainName","indexPrefix","sharedIndexes","params","openSearch"],"sources":["getOsConfigFromExtension.ts"],"sourcesContent":["import { OpenSearch as openSearchExt } from \"~/pulumi/extensions/OpenSearch.js\";\nimport { type IProjectConfigModel } from \"@webiny/project/abstractions/models/index.js\";\n\nexport const getOsConfigFromExtension = (projectConfig: IProjectConfigModel) => {\n const [openSearchExtension] = projectConfig.extensionsByType(openSearchExt);\n if (!openSearchExtension) {\n // OpenSearch not used.\n return undefined;\n }\n\n const { enabled, domainName, indexPrefix, sharedIndexes } = openSearchExtension.params;\n if (enabled === false) {\n return false;\n }\n\n if (domainName || indexPrefix || sharedIndexes) {\n const openSearch: Omit<typeof openSearchExtension.params, \"enabled\"> = {};\n if (domainName) {\n openSearch.domainName = domainName;\n }\n\n if (indexPrefix) {\n openSearch.indexPrefix = indexPrefix;\n }\n\n if (sharedIndexes) {\n openSearch.sharedIndexes = sharedIndexes;\n }\n\n return openSearch;\n }\n\n return true;\n};\n"],"mappings":"AAAA,SAASA,UAAU,IAAIC,aAAa;AAGpC,OAAO,MAAMC,wBAAwB,GAAIC,aAAkC,IAAK;EAC5E,MAAM,CAACC,mBAAmB,CAAC,GAAGD,aAAa,CAACE,gBAAgB,CAACJ,aAAa,CAAC;EAC3E,IAAI,CAACG,mBAAmB,EAAE;IACtB;IACA,OAAOE,SAAS;EACpB;EAEA,MAAM;IAAEC,OAAO;IAAEC,UAAU;IAAEC,WAAW;IAAEC;EAAc,CAAC,GAAGN,mBAAmB,CAACO,MAAM;EACtF,IAAIJ,OAAO,KAAK,KAAK,EAAE;IACnB,OAAO,KAAK;EAChB;EAEA,IAAIC,UAAU,IAAIC,WAAW,IAAIC,aAAa,EAAE;IAC5C,MAAME,UAA8D,GAAG,CAAC,CAAC;IACzE,IAAIJ,UAAU,EAAE;MACZI,UAAU,CAACJ,UAAU,GAAGA,UAAU;IACtC;IAEA,IAAIC,WAAW,EAAE;MACbG,UAAU,CAACH,WAAW,GAAGA,WAAW;IACxC;IAEA,IAAIC,aAAa,EAAE;MACfE,UAAU,CAACF,aAAa,GAAGA,aAAa;IAC5C;IAEA,OAAOE,UAAU;EACrB;EAEA,OAAO,IAAI;AACf,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { type IProjectConfigModel } from "@webiny/project/abstractions/models/index.js";
|
|
2
|
+
export declare const getVpcConfigFromExtension: (projectConfig: IProjectConfigModel) => boolean | Omit<{
|
|
3
|
+
enabled: boolean;
|
|
4
|
+
useVpcEndpoints?: boolean | undefined;
|
|
5
|
+
useExistingVpc?: {
|
|
6
|
+
lambdaFunctionsVpcConfig: {
|
|
7
|
+
securityGroupIds: string[];
|
|
8
|
+
subnetIds: string[];
|
|
9
|
+
};
|
|
10
|
+
openSearchDomainVpcConfig?: {
|
|
11
|
+
securityGroupIds: string[];
|
|
12
|
+
subnetIds: string[];
|
|
13
|
+
} | undefined;
|
|
14
|
+
} | undefined;
|
|
15
|
+
}, "enabled"> | undefined;
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { Vpc as vpcExt } from "../../extensions/Vpc.js";
|
|
2
|
+
export const getVpcConfigFromExtension = projectConfig => {
|
|
3
|
+
const [vpcExtension] = projectConfig.extensionsByType(vpcExt);
|
|
4
|
+
if (!vpcExtension) {
|
|
5
|
+
// VPC automatically used with production environments.
|
|
6
|
+
return undefined;
|
|
7
|
+
}
|
|
8
|
+
const {
|
|
9
|
+
enabled,
|
|
10
|
+
useVpcEndpoints,
|
|
11
|
+
useExistingVpc
|
|
12
|
+
} = vpcExtension.params;
|
|
13
|
+
if (enabled === false) {
|
|
14
|
+
return false;
|
|
15
|
+
}
|
|
16
|
+
if (useVpcEndpoints || useExistingVpc) {
|
|
17
|
+
const vpc = {};
|
|
18
|
+
if (useVpcEndpoints) {
|
|
19
|
+
vpc.useVpcEndpoints = useVpcEndpoints;
|
|
20
|
+
}
|
|
21
|
+
if (useExistingVpc) {
|
|
22
|
+
vpc.useExistingVpc = useExistingVpc;
|
|
23
|
+
}
|
|
24
|
+
return vpc;
|
|
25
|
+
}
|
|
26
|
+
return true;
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
//# sourceMappingURL=getVpcConfigFromExtension.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["Vpc","vpcExt","getVpcConfigFromExtension","projectConfig","vpcExtension","extensionsByType","undefined","enabled","useVpcEndpoints","useExistingVpc","params","vpc"],"sources":["getVpcConfigFromExtension.ts"],"sourcesContent":["import { Vpc as vpcExt } from \"~/pulumi/extensions/Vpc.js\";\nimport { type IProjectConfigModel } from \"@webiny/project/abstractions/models/index.js\";\n\nexport const getVpcConfigFromExtension = (projectConfig: IProjectConfigModel) => {\n const [vpcExtension] = projectConfig.extensionsByType(vpcExt);\n if (!vpcExtension) {\n // VPC automatically used with production environments.\n return undefined;\n }\n\n const { enabled, useVpcEndpoints, useExistingVpc } = vpcExtension.params;\n if (enabled === false) {\n return false;\n }\n\n if (useVpcEndpoints || useExistingVpc) {\n const vpc: Omit<typeof vpcExtension.params, \"enabled\"> = {};\n\n if (useVpcEndpoints) {\n vpc.useVpcEndpoints = useVpcEndpoints;\n }\n\n if (useExistingVpc) {\n vpc.useExistingVpc = useExistingVpc;\n }\n\n return vpc;\n }\n\n return true;\n};\n"],"mappings":"AAAA,SAASA,GAAG,IAAIC,MAAM;AAGtB,OAAO,MAAMC,yBAAyB,GAAIC,aAAkC,IAAK;EAC7E,MAAM,CAACC,YAAY,CAAC,GAAGD,aAAa,CAACE,gBAAgB,CAACJ,MAAM,CAAC;EAC7D,IAAI,CAACG,YAAY,EAAE;IACf;IACA,OAAOE,SAAS;EACpB;EAEA,MAAM;IAAEC,OAAO;IAAEC,eAAe;IAAEC;EAAe,CAAC,GAAGL,YAAY,CAACM,MAAM;EACxE,IAAIH,OAAO,KAAK,KAAK,EAAE;IACnB,OAAO,KAAK;EAChB;EAEA,IAAIC,eAAe,IAAIC,cAAc,EAAE;IACnC,MAAME,GAAgD,GAAG,CAAC,CAAC;IAE3D,IAAIH,eAAe,EAAE;MACjBG,GAAG,CAACH,eAAe,GAAGA,eAAe;IACzC;IAEA,IAAIC,cAAc,EAAE;MAChBE,GAAG,CAACF,cAAc,GAAGA,cAAc;IACvC;IAEA,OAAOE,GAAG;EACd;EAEA,OAAO,IAAI;AACf,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sources":["index.ts"],"sourcesContent":["export * from \"./core/index.js\";\nexport * from \"./common/index.js\";\nexport * from \"./api/index.js\";\nexport * from \"./react/index.js\";\nexport * from \"./admin/index.js\";\nexport type { CustomDomainParams } from \"./customDomain.js\";\n"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AAAiC","ignoreList":[]}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import * as aws from "@pulumi/aws";
|
|
3
|
+
import type { PulumiApp } from "@webiny/pulumi";
|
|
4
|
+
export * from "../utils/lambdaEnvVariables.js";
|
|
5
|
+
interface LambdaRoleParams {
|
|
6
|
+
name: string;
|
|
7
|
+
policy?: pulumi.Output<aws.iam.Policy>;
|
|
8
|
+
executionRole?: pulumi.Input<string>;
|
|
9
|
+
}
|
|
10
|
+
export declare function createLambdaRole(app: PulumiApp, params: LambdaRoleParams): import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/role.js").Role>;
|
|
11
|
+
export declare const createLambdaRoleWithoutVpc: (app: PulumiApp, params: LambdaRoleParams) => import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/role.js").Role>;
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
import * as aws from "@pulumi/aws";
|
|
2
|
+
import { VpcConfig } from "./common/index.js";
|
|
3
|
+
export * from "../utils/lambdaEnvVariables.js";
|
|
4
|
+
const createLambdaRoleWithoutExecution = (app, params) => {
|
|
5
|
+
const role = app.addResource(aws.iam.Role, {
|
|
6
|
+
name: params.name,
|
|
7
|
+
config: {
|
|
8
|
+
assumeRolePolicy: {
|
|
9
|
+
Version: "2012-10-17",
|
|
10
|
+
Statement: [{
|
|
11
|
+
Action: "sts:AssumeRole",
|
|
12
|
+
Principal: {
|
|
13
|
+
Service: "lambda.amazonaws.com"
|
|
14
|
+
},
|
|
15
|
+
Effect: "Allow"
|
|
16
|
+
}]
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
meta: {
|
|
20
|
+
isLambdaFunctionRole: true
|
|
21
|
+
}
|
|
22
|
+
});
|
|
23
|
+
if (params.policy) {
|
|
24
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
25
|
+
name: `${params.name}-policy`,
|
|
26
|
+
config: {
|
|
27
|
+
role: role.output,
|
|
28
|
+
policyArn: params.policy.arn
|
|
29
|
+
}
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
if (params.executionRole) {
|
|
33
|
+
// If execution role is set, use it.
|
|
34
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
35
|
+
name: `${params.name}-execution-role`,
|
|
36
|
+
config: {
|
|
37
|
+
role: role.output,
|
|
38
|
+
policyArn: params.executionRole
|
|
39
|
+
}
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
return role;
|
|
43
|
+
};
|
|
44
|
+
export function createLambdaRole(app, params) {
|
|
45
|
+
const role = createLambdaRoleWithoutExecution(app, params);
|
|
46
|
+
|
|
47
|
+
// Add default execution role.
|
|
48
|
+
const vpc = app.getModule(VpcConfig);
|
|
49
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
50
|
+
name: `${params.name}-default-execution-role`,
|
|
51
|
+
config: {
|
|
52
|
+
role: role.output,
|
|
53
|
+
policyArn: vpc.enabled.apply(enabled => enabled ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole)
|
|
54
|
+
}
|
|
55
|
+
});
|
|
56
|
+
return role;
|
|
57
|
+
}
|
|
58
|
+
export const createLambdaRoleWithoutVpc = (app, params) => {
|
|
59
|
+
const role = createLambdaRoleWithoutExecution(app, params);
|
|
60
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
61
|
+
name: `${params.name}-default-execution-role`,
|
|
62
|
+
config: {
|
|
63
|
+
role: role.output,
|
|
64
|
+
policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
|
|
65
|
+
}
|
|
66
|
+
});
|
|
67
|
+
return role;
|
|
68
|
+
};
|
|
69
|
+
|
|
70
|
+
//# sourceMappingURL=lambdaUtils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["aws","VpcConfig","createLambdaRoleWithoutExecution","app","params","role","addResource","iam","Role","name","config","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","policy","RolePolicyAttachment","output","policyArn","arn","executionRole","createLambdaRole","vpc","getModule","enabled","apply","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","createLambdaRoleWithoutVpc"],"sources":["lambdaUtils.ts"],"sourcesContent":["import type * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport type { PulumiApp } from \"@webiny/pulumi\";\nimport { VpcConfig } from \"./common/index.js\";\n\nexport * from \"../utils/lambdaEnvVariables.js\";\n\ninterface LambdaRoleParams {\n name: string;\n policy?: pulumi.Output<aws.iam.Policy>;\n executionRole?: pulumi.Input<string>;\n}\n\nconst createLambdaRoleWithoutExecution = (app: PulumiApp, params: LambdaRoleParams) => {\n const role = app.addResource(aws.iam.Role, {\n name: params.name,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n if (params.policy) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-policy`,\n config: {\n role: role.output,\n policyArn: params.policy.arn\n }\n });\n }\n\n if (params.executionRole) {\n // If execution role is set, use it.\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-execution-role`,\n config: {\n role: role.output,\n policyArn: params.executionRole\n }\n });\n }\n return role;\n};\n\nexport function createLambdaRole(app: PulumiApp, params: LambdaRoleParams) {\n const role = createLambdaRoleWithoutExecution(app, params);\n\n // Add default execution role.\n const vpc = app.getModule(VpcConfig);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-default-execution-role`,\n config: {\n role: role.output,\n policyArn: vpc.enabled.apply(enabled =>\n enabled\n ? aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n : aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n )\n }\n });\n\n return role;\n}\n\nexport const createLambdaRoleWithoutVpc = (app: PulumiApp, params: LambdaRoleParams) => {\n const role = createLambdaRoleWithoutExecution(app, params);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${params.name}-default-execution-role`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n return role;\n};\n"],"mappings":"AACA,OAAO,KAAKA,GAAG,MAAM,aAAa;AAElC,SAASC,SAAS;AAElB;AAQA,MAAMC,gCAAgC,GAAGA,CAACC,GAAc,EAAEC,MAAwB,KAAK;EACnF,MAAMC,IAAI,GAAGF,GAAG,CAACG,WAAW,CAACN,GAAG,CAACO,GAAG,CAACC,IAAI,EAAE;IACvCC,IAAI,EAAEL,MAAM,CAACK,IAAI;IACjBC,MAAM,EAAE;MACJC,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,IAAIf,MAAM,CAACgB,MAAM,EAAE;IACfjB,GAAG,CAACG,WAAW,CAACN,GAAG,CAACO,GAAG,CAACc,oBAAoB,EAAE;MAC1CZ,IAAI,EAAE,GAAGL,MAAM,CAACK,IAAI,SAAS;MAC7BC,MAAM,EAAE;QACJL,IAAI,EAAEA,IAAI,CAACiB,MAAM;QACjBC,SAAS,EAAEnB,MAAM,CAACgB,MAAM,CAACI;MAC7B;IACJ,CAAC,CAAC;EACN;EAEA,IAAIpB,MAAM,CAACqB,aAAa,EAAE;IACtB;IACAtB,GAAG,CAACG,WAAW,CAACN,GAAG,CAACO,GAAG,CAACc,oBAAoB,EAAE;MAC1CZ,IAAI,EAAE,GAAGL,MAAM,CAACK,IAAI,iBAAiB;MACrCC,MAAM,EAAE;QACJL,IAAI,EAAEA,IAAI,CAACiB,MAAM;QACjBC,SAAS,EAAEnB,MAAM,CAACqB;MACtB;IACJ,CAAC,CAAC;EACN;EACA,OAAOpB,IAAI;AACf,CAAC;AAED,OAAO,SAASqB,gBAAgBA,CAACvB,GAAc,EAAEC,MAAwB,EAAE;EACvE,MAAMC,IAAI,GAAGH,gCAAgC,CAACC,GAAG,EAAEC,MAAM,CAAC;;EAE1D;EACA,MAAMuB,GAAG,GAAGxB,GAAG,CAACyB,SAAS,CAAC3B,SAAS,CAAC;EAEpCE,GAAG,CAACG,WAAW,CAACN,GAAG,CAACO,GAAG,CAACc,oBAAoB,EAAE;IAC1CZ,IAAI,EAAE,GAAGL,MAAM,CAACK,IAAI,yBAAyB;IAC7CC,MAAM,EAAE;MACJL,IAAI,EAAEA,IAAI,CAACiB,MAAM;MACjBC,SAAS,EAAEI,GAAG,CAACE,OAAO,CAACC,KAAK,CAACD,OAAO,IAChCA,OAAO,GACD7B,GAAG,CAACO,GAAG,CAACwB,aAAa,CAACC,+BAA+B,GACrDhC,GAAG,CAACO,GAAG,CAACwB,aAAa,CAACE,2BAChC;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO5B,IAAI;AACf;AAEA,OAAO,MAAM6B,0BAA0B,GAAGA,CAAC/B,GAAc,EAAEC,MAAwB,KAAK;EACpF,MAAMC,IAAI,GAAGH,gCAAgC,CAACC,GAAG,EAAEC,MAAM,CAAC;EAE1DD,GAAG,CAACG,WAAW,CAACN,GAAG,CAACO,GAAG,CAACc,oBAAoB,EAAE;IAC1CZ,IAAI,EAAE,GAAGL,MAAM,CAACK,IAAI,yBAAyB;IAC7CC,MAAM,EAAE;MACJL,IAAI,EAAEA,IAAI,CAACiB,MAAM;MACjBC,SAAS,EAAEvB,GAAG,CAACO,GAAG,CAACwB,aAAa,CAACE;IACrC;EACJ,CAAC,CAAC;EAEF,OAAO5B,IAAI;AACf,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import * as aws from "@pulumi/aws";
|
|
2
|
+
import { type PulumiAppParamCallback } from "@webiny/pulumi";
|
|
3
|
+
import { type CustomDomainParams } from "../customDomain.js";
|
|
4
|
+
import { type AppName } from "@webiny/project";
|
|
5
|
+
export type ReactPulumiApp = ReturnType<typeof createReactPulumiApp>;
|
|
6
|
+
export interface CreateReactPulumiAppParams {
|
|
7
|
+
/**
|
|
8
|
+
* A name of the app, e.g., "user-area"
|
|
9
|
+
*/
|
|
10
|
+
name: AppName;
|
|
11
|
+
/**
|
|
12
|
+
* A folder where the app is located, e.g., "apps/user-area"
|
|
13
|
+
*/
|
|
14
|
+
folder: string;
|
|
15
|
+
/** Custom domain configuration */
|
|
16
|
+
domains?: PulumiAppParamCallback<CustomDomainParams>;
|
|
17
|
+
/**
|
|
18
|
+
* Provides a way to adjust existing Pulumi code (cloud infrastructure resources)
|
|
19
|
+
* or add additional ones into the mix.
|
|
20
|
+
*/
|
|
21
|
+
pulumi?: (app: ReactPulumiApp) => void | Promise<void>;
|
|
22
|
+
}
|
|
23
|
+
export declare const createReactPulumiApp: (projectAppParams: CreateReactPulumiAppParams) => import("@webiny/pulumi").PulumiApp<{
|
|
24
|
+
cloudfront: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront/distribution.js").Distribution>;
|
|
25
|
+
bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucket.js").Bucket>;
|
|
26
|
+
bucketOwnershipControls: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketOwnershipControls.js").BucketOwnershipControls>;
|
|
27
|
+
bucketAcl: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketAcl.js").BucketAcl>;
|
|
28
|
+
originIdentity: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront/originAccessIdentity.js").OriginAccessIdentity>;
|
|
29
|
+
origin: aws.types.input.cloudfront.DistributionOrigin;
|
|
30
|
+
bucketPublicAccessBlock: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketPublicAccessBlock.js").BucketPublicAccessBlock>;
|
|
31
|
+
bucketPolicy: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketPolicy.js").BucketPolicy>;
|
|
32
|
+
}> & import("~/pulumi/utils/withServiceManifest.js").WithServiceManifest;
|