@webiny/project-aws 6.0.0-rc.2 → 6.0.0-rc.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/_templates/appTemplates/admin/tsconfig.json +1 -5
  2. package/_templates/appTemplates/api/graphql/tsconfig.json +1 -5
  3. package/_templates/appTemplates/api/migration/tsconfig.json +1 -5
  4. package/_templates/extensions/ApiLambdaFunction/tsconfig.json +1 -5
  5. package/_templates/extensions/OpenSearch/coreDdbToEsHandler/dynamoToElastic/tsconfig.json +1 -5
  6. package/apps/createAdminApp.d.ts +2 -0
  7. package/exports/extensions.d.ts +0 -1
  8. package/exports/extensions.js +0 -1
  9. package/exports/extensions.js.map +1 -1
  10. package/exports/infra/index.d.ts +1 -0
  11. package/exports/infra/index.js +3 -0
  12. package/exports/infra/index.js.map +1 -0
  13. package/extensions/AwsDefaultRegion.d.ts +7 -4
  14. package/extensions/AwsDefaultRegion.js +18 -6
  15. package/extensions/AwsDefaultRegion.js.map +1 -1
  16. package/infra.d.ts +17 -1
  17. package/infra.js +2 -0
  18. package/infra.js.map +1 -1
  19. package/package.json +11 -12
  20. package/project.d.ts +13 -6
  21. package/pulumi/apps/admin/createAdminPulumiApp.d.ts +2 -0
  22. package/pulumi/apps/api/ApiCloudfront.js +1 -1
  23. package/pulumi/apps/api/ApiCloudfront.js.map +1 -1
  24. package/pulumi/apps/api/createApiPulumiApp.js +2 -3
  25. package/pulumi/apps/api/createApiPulumiApp.js.map +1 -1
  26. package/pulumi/apps/core/CoreAuditLogsDynamo.js +67 -19
  27. package/pulumi/apps/core/CoreAuditLogsDynamo.js.map +1 -1
  28. package/pulumi/apps/core/CoreDynamo.js +18 -5
  29. package/pulumi/apps/core/CoreDynamo.js.map +1 -1
  30. package/pulumi/apps/core/CoreFileManager.d.ts +3 -0
  31. package/pulumi/apps/core/CoreFileManager.js +35 -7
  32. package/pulumi/apps/core/CoreFileManager.js.map +1 -1
  33. package/pulumi/apps/core/LogDynamo.js +39 -11
  34. package/pulumi/apps/core/LogDynamo.js.map +1 -1
  35. package/pulumi/apps/core/createCorePulumiApp.js +2 -3
  36. package/pulumi/apps/core/createCorePulumiApp.js.map +1 -1
  37. package/pulumi/apps/createAppBucket.d.ts +4 -0
  38. package/pulumi/apps/createAppBucket.js +42 -2
  39. package/pulumi/apps/createAppBucket.js.map +1 -1
  40. package/pulumi/apps/react/createReactPulumiApp.d.ts +2 -0
package/pulumi/apps/createAppBucket.js CHANGED
@@ -5,7 +5,6 @@ export function createPublicAppBucket(app, name) {
5
5
  const bucket = app.addResource(aws.s3.Bucket, {
6
6
  name: name,
7
7
  config: {
8
- acl: aws.s3.CannedAcl.PublicRead,
9
8
  forceDestroy: true,
10
9
  website: {
11
10
  indexDocument: "index.html",
@@ -13,6 +12,25 @@ export function createPublicAppBucket(app, name) {
13
12
  }
14
13
  }
15
14
  });
15
+ const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {
16
+ name: `${name}-ownership-controls`,
17
+ config: {
18
+ bucket: bucket.output.id,
19
+ rule: {
20
+ objectOwnership: "BucketOwnerPreferred"
21
+ }
22
+ }
23
+ });
24
+ const bucketAcl = app.addResource(aws.s3.BucketAcl, {
25
+ name: `${name}-acl`,
26
+ config: {
27
+ bucket: bucket.output.id,
28
+ acl: aws.s3.CannedAcl.PublicRead
29
+ },
30
+ opts: {
31
+ dependsOn: [bucketOwnershipControls.output]
32
+ }
33
+ });
16
34
  const origin = {
17
35
  originId: bucket.output.arn,
18
36
  domainName: bucket.output.websiteEndpoint,
@@ -25,6 +43,8 @@ export function createPublicAppBucket(app, name) {
25
43
  };
26
44
  return {
27
45
  bucket,
46
+ bucketAcl,
47
+ bucketOwnershipControls,
28
48
  origin
29
49
  };
30
50
  }
@@ -36,10 +56,28 @@ export function createPrivateAppBucket(app, name) {
36
56
  const bucket = app.addResource(aws.s3.Bucket, {
37
57
  name: name,
38
58
  config: {
39
- acl: aws.s3.CannedAcl.Private,
40
59
  forceDestroy: true
41
60
  }
42
61
  });
62
+ const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {
63
+ name: `${name}-ownership-controls`,
64
+ config: {
65
+ bucket: bucket.output.id,
66
+ rule: {
67
+ objectOwnership: "BucketOwnerPreferred"
68
+ }
69
+ }
70
+ });
71
+ const bucketAcl = app.addResource(aws.s3.BucketAcl, {
72
+ name: `${name}-acl`,
73
+ config: {
74
+ bucket: bucket.output.id,
75
+ acl: aws.s3.CannedAcl.Private
76
+ },
77
+ opts: {
78
+ dependsOn: [bucketOwnershipControls.output]
79
+ }
80
+ });
43
81
 
44
82
  // Origin Identity is a kind of AWS user that represents Cloudfront distribution
45
83
  // We can add IAM policies to it later, to allow accessing private S3 bucket
@@ -102,6 +140,8 @@ export function createPrivateAppBucket(app, name) {
102
140
  });
103
141
  return {
104
142
  bucket,
143
+ bucketOwnershipControls,
144
+ bucketAcl,
105
145
  originIdentity,
106
146
  origin,
107
147
  bucketPublicAccessBlock,
package/pulumi/apps/createAppBucket.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","ApiOutput","getEnvVariableAwsRegion","createPublicAppBucket","app","name","bucket","addResource","s3","Bucket","config","acl","CannedAcl","PublicRead","forceDestroy","website","indexDocument","errorDocument","origin","originId","output","arn","domainName","websiteEndpoint","customOriginConfig","originProtocolPolicy","httpPort","httpsPort","originSslProtocols","createPrivateAppBucket","api","getModule","Private","originIdentity","cloudfront","OriginAccessIdentity","apply","s3OriginConfig","originAccessIdentity","cloudfrontAccessIdentityPath","bucketPublicAccessBlock","BucketPublicAccessBlock","id","blockPublicAcls","blockPublicPolicy","ignorePublicAcls","restrictPublicBuckets","bucketPolicy","BucketPolicy","policy","Version","Statement","statements","Effect","Principal","AWS","iamArn","Action","Resource","graphqlLambdaRole"],"sources":["createAppBucket.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { type PulumiApp } from \"@webiny/pulumi\";\nimport { ApiOutput } from \"~/pulumi/apps/api/index.js\";\nimport { getEnvVariableAwsRegion } from \"~/pulumi/env/awsRegion.js\";\n\nexport function createPublicAppBucket(app: PulumiApp, name: string) {\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n acl: aws.s3.CannedAcl.PublicRead,\n forceDestroy: true,\n website: {\n indexDocument: \"index.html\",\n errorDocument: \"_NOT_FOUND_PAGE_/index.html\"\n }\n }\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.websiteEndpoint,\n customOriginConfig: {\n originProtocolPolicy: \"http-only\",\n httpPort: 80,\n httpsPort: 443,\n originSslProtocols: [\"TLSv1.2\"]\n }\n };\n\n return {\n bucket,\n origin\n };\n}\n\n// Forces S3 buckets to be available only through a cloudfront distribution.\n// Requires `ApiOutput` module to be loaded.\nexport function createPrivateAppBucket(app: PulumiApp, name: string) {\n const api = app.getModule(ApiOutput);\n\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n acl: aws.s3.CannedAcl.Private,\n forceDestroy: true\n }\n });\n\n // Origin Identity is a kind of AWS user that represents Cloudfront distribution\n // We can add IAM policies to it later, to allow accessing private S3 bucket\n const originIdentity = app.addResource(aws.cloudfront.OriginAccessIdentity, {\n name: `${name}-origin-identity`,\n config: {}\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.bucket.apply(\n // We need to create a regional domain name. Otherwise, we'll run into the following issue:\n // https://aws.amazon.com/premiumsupport/knowledge-center/s3-http-307-response/\n name => `${name}.s3.${getEnvVariableAwsRegion()}.amazonaws.com`\n ),\n s3OriginConfig: {\n originAccessIdentity: originIdentity.output.cloudfrontAccessIdentityPath\n }\n };\n\n // block any public access\n const bucketPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {\n name: `${name}-bucket-block-access`,\n config: {\n bucket: bucket.output.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true\n }\n });\n\n // Create an IAM policy to allow access to S3 bucket from cloudfront\n const bucketPolicy = app.addResource(aws.s3.BucketPolicy, {\n name: `${name}-bucket-policy`,\n config: {\n bucket: bucket.output.bucket,\n policy: {\n Version: \"2012-10-17\",\n Statement: bucket.output.arn.apply(arn => {\n const statements: aws.iam.PolicyStatement[] = [\n {\n Effect: \"Allow\",\n Principal: { AWS: originIdentity.output.iamArn },\n // we need GetObject to retrieve objects from S3\n // and ListBucket allows to properly handle non-existing files (404)\n Action: [\"s3:ListBucket\", \"s3:GetObject\"],\n Resource: [`${arn}`, `${arn}/*`]\n },\n {\n Effect: \"Allow\",\n Principal: {\n AWS: api.graphqlLambdaRole\n },\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [`${arn}`, `${arn}/*`]\n }\n ];\n\n return statements;\n })\n }\n }\n });\n\n return {\n bucket,\n originIdentity,\n origin,\n bucketPublicAccessBlock,\n bucketPolicy\n };\n}\n"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,aAAa;AAElC,SAASC,SAAS;AAClB,SAASC,uBAAuB;AAEhC,OAAO,SAASC,qBAAqBA,CAACC,GAAc,EAAEC,IAAY,EAAE;EAChE,MAAMC,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,GAAG,EAAEX,GAAG,CAACQ,EAAE,CAACI,SAAS,CAACC,UAAU;MAChCC,YAAY,EAAE,IAAI;MAClBC,OAAO,EAAE;QACLC,aAAa,EAAE,YAAY;QAC3BC,aAAa,EAAE;MACnB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,MAAqD,GAAG;IAC1DC,QAAQ,EAAEb,MAAM,CAACc,MAAM,CAACC,GAAG;IAC3BC,UAAU,EAAEhB,MAAM,CAACc,MAAM,CAACG,eAAe;IACzCC,kBAAkB,EAAE;MAChBC,oBAAoB,EAAE,WAAW;MACjCC,QAAQ,EAAE,EAAE;MACZC,SAAS,EAAE,GAAG;MACdC,kBAAkB,EAAE,CAAC,SAAS;IAClC;EACJ,CAAC;EAED,OAAO;IACHtB,MAAM;IACNY;EACJ,CAAC;AACL;;AAEA;AACA;AACA,OAAO,SAASW,sBAAsBA,CAACzB,GAAc,EAAEC,IAAY,EAAE;EACjE,MAAMyB,GAAG,GAAG1B,GAAG,CAAC2B,SAAS,CAAC9B,SAAS,CAAC;EAEpC,MAAMK,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,GAAG,EAAEX,GAAG,CAACQ,EAAE,CAACI,SAAS,CAACoB,OAAO;MAC7BlB,YAAY,EAAE;IAClB;EACJ,CAAC,CAAC;;EAEF;EACA;EACA,MAAMmB,cAAc,GAAG7B,GAAG,CAACG,WAAW,CAACP,GAAG,CAACkC,UAAU,CAACC,oBAAoB,EAAE;IACxE9B,IAAI,EAAE,GAAGA,IAAI,kBAAkB;IAC/BK,MAAM,EAAE,CAAC;EACb,CAAC,CAAC;EAEF,MAAMQ,MAAqD,GAAG;IAC1DC,QAAQ,EAAEb,MAAM,CAACc,MAAM,CAACC,GAAG;IAC3BC,UAAU,EAAEhB,MAAM,CAACc,MAAM,CAACd,MAAM,CAAC8B,KAAK;IAClC;IACA;IACA/B,IAAI,IAAI,GAAGA,IAAI,OAAOH,uBAAuB,CAAC,CAAC,gBACnD,CAAC;IACDmC,cAAc,EAAE;MACZC,oBAAoB,EAAEL,cAAc,CAACb,MAAM,CAACmB;IAChD;EACJ,CAAC;;EAED;EACA,MAAMC,uBAAuB,GAAGpC,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACiC,uBAAuB,EAAE;IAC5EpC,IAAI,EAAE,GAAGA,IAAI,sBAAsB;IACnCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACc,MAAM,CAACsB,EAAE;MACxBC,eAAe,EAAE,IAAI;MACrBC,iBAAiB,EAAE,IAAI;MACvBC,gBAAgB,EAAE,IAAI;MACtBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC,CAAC;;EAEF;EACA,MAAMC,YAAY,GAAG3C,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACwC,YAAY,EAAE;IACtD3C,IAAI,EAAE,GAAGA,IAAI,gBAAgB;IAC7BK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACc,MAAM,CAACd,MAAM;MAC5B2C,MAAM,EAAE;QACJC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE7C,MAAM,CAACc,MAAM,CAACC,GAAG,CAACe,KAAK,CAACf,GAAG,IAAI;UACtC,MAAM+B,UAAqC,GAAG,CAC1C;YACIC,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cAAEC,GAAG,EAAEtB,cAAc,CAACb,MAAM,CAACoC;YAAO,CAAC;YAChD;YACA;YACAC,MAAM,EAAE,CAAC,eAAe,EAAE,cAAc,CAAC;YACzCC,QAAQ,EAAE,CAAC,GAAGrC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,EACD;YACIgC,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cACPC,GAAG,EAAEzB,GAAG,CAAC6B;YACb,CAAC;YACDF,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CAAC,GAAGrC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,CACJ;UAED,OAAO+B,UAAU;QACrB,CAAC;MACL;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACH9C,MAAM;IACN2B,cAAc;IACdf,MAAM;IACNsB,uBAAuB;IACvBO;EACJ,CAAC;AACL","ignoreList":[]}
1
+ {"version":3,"names":["aws","ApiOutput","getEnvVariableAwsRegion","createPublicAppBucket","app","name","bucket","addResource","s3","Bucket","config","forceDestroy","website","indexDocument","errorDocument","bucketOwnershipControls","BucketOwnershipControls","output","id","rule","objectOwnership","bucketAcl","BucketAcl","acl","CannedAcl","PublicRead","opts","dependsOn","origin","originId","arn","domainName","websiteEndpoint","customOriginConfig","originProtocolPolicy","httpPort","httpsPort","originSslProtocols","createPrivateAppBucket","api","getModule","Private","originIdentity","cloudfront","OriginAccessIdentity","apply","s3OriginConfig","originAccessIdentity","cloudfrontAccessIdentityPath","bucketPublicAccessBlock","BucketPublicAccessBlock","blockPublicAcls","blockPublicPolicy","ignorePublicAcls","restrictPublicBuckets","bucketPolicy","BucketPolicy","policy","Version","Statement","statements","Effect","Principal","AWS","iamArn","Action","Resource","graphqlLambdaRole"],"sources":["createAppBucket.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { type PulumiApp } from \"@webiny/pulumi\";\nimport { ApiOutput } from \"~/pulumi/apps/api/index.js\";\nimport { getEnvVariableAwsRegion } from \"~/pulumi/env/awsRegion.js\";\n\nexport function createPublicAppBucket(app: PulumiApp, name: string) {\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n forceDestroy: true,\n website: {\n indexDocument: \"index.html\",\n errorDocument: \"_NOT_FOUND_PAGE_/index.html\"\n }\n }\n });\n\n const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {\n name: `${name}-ownership-controls`,\n config: {\n bucket: bucket.output.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\"\n }\n }\n });\n\n const bucketAcl = app.addResource(aws.s3.BucketAcl, {\n name: `${name}-acl`,\n config: {\n bucket: bucket.output.id,\n acl: aws.s3.CannedAcl.PublicRead\n },\n opts: {\n dependsOn: [bucketOwnershipControls.output]\n }\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.websiteEndpoint,\n customOriginConfig: {\n originProtocolPolicy: \"http-only\",\n httpPort: 80,\n httpsPort: 443,\n originSslProtocols: [\"TLSv1.2\"]\n }\n };\n\n return {\n bucket,\n bucketAcl,\n bucketOwnershipControls,\n origin\n };\n}\n\n// Forces S3 buckets to be available only through a cloudfront distribution.\n// Requires `ApiOutput` module to be loaded.\nexport function createPrivateAppBucket(app: PulumiApp, name: string) {\n const api = app.getModule(ApiOutput);\n\n const bucket = app.addResource(aws.s3.Bucket, {\n name: name,\n config: {\n forceDestroy: true\n }\n });\n\n const bucketOwnershipControls = app.addResource(aws.s3.BucketOwnershipControls, {\n name: `${name}-ownership-controls`,\n config: {\n bucket: bucket.output.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\"\n }\n }\n });\n\n const bucketAcl = app.addResource(aws.s3.BucketAcl, {\n name: `${name}-acl`,\n config: {\n bucket: bucket.output.id,\n acl: aws.s3.CannedAcl.Private\n },\n opts: {\n dependsOn: [bucketOwnershipControls.output]\n }\n });\n\n // Origin Identity is a kind of AWS user that represents Cloudfront distribution\n // We can add IAM policies to it later, to allow accessing private S3 bucket\n const originIdentity = app.addResource(aws.cloudfront.OriginAccessIdentity, {\n name: `${name}-origin-identity`,\n config: {}\n });\n\n const origin: aws.types.input.cloudfront.DistributionOrigin = {\n originId: bucket.output.arn,\n domainName: bucket.output.bucket.apply(\n // We need to create a regional domain name. Otherwise, we'll run into the following issue:\n // https://aws.amazon.com/premiumsupport/knowledge-center/s3-http-307-response/\n name => `${name}.s3.${getEnvVariableAwsRegion()}.amazonaws.com`\n ),\n s3OriginConfig: {\n originAccessIdentity: originIdentity.output.cloudfrontAccessIdentityPath\n }\n };\n\n // block any public access\n const bucketPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {\n name: `${name}-bucket-block-access`,\n config: {\n bucket: bucket.output.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true\n }\n });\n\n // Create an IAM policy to allow access to S3 bucket from cloudfront\n const bucketPolicy = app.addResource(aws.s3.BucketPolicy, {\n name: `${name}-bucket-policy`,\n config: {\n bucket: bucket.output.bucket,\n policy: {\n Version: \"2012-10-17\",\n Statement: bucket.output.arn.apply(arn => {\n const statements: aws.iam.PolicyStatement[] = [\n {\n Effect: \"Allow\",\n Principal: { AWS: originIdentity.output.iamArn },\n // we need GetObject to retrieve objects from S3\n // and ListBucket allows to properly handle non-existing files (404)\n Action: [\"s3:ListBucket\", \"s3:GetObject\"],\n Resource: [`${arn}`, `${arn}/*`]\n },\n {\n Effect: \"Allow\",\n Principal: {\n AWS: api.graphqlLambdaRole\n },\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [`${arn}`, `${arn}/*`]\n }\n ];\n\n return statements;\n })\n }\n }\n });\n\n return {\n bucket,\n bucketOwnershipControls,\n bucketAcl,\n originIdentity,\n origin,\n bucketPublicAccessBlock,\n bucketPolicy\n };\n}\n"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,aAAa;AAElC,SAASC,SAAS;AAClB,SAASC,uBAAuB;AAEhC,OAAO,SAASC,qBAAqBA,CAACC,GAAc,EAAEC,IAAY,EAAE;EAChE,MAAMC,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,YAAY,EAAE,IAAI;MAClBC,OAAO,EAAE;QACLC,aAAa,EAAE,YAAY;QAC3BC,aAAa,EAAE;MACnB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,uBAAuB,GAAGX,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACQ,uBAAuB,EAAE;IAC5EX,IAAI,EAAE,GAAGA,IAAI,qBAAqB;IAClCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBC,IAAI,EAAE;QACFC,eAAe,EAAE;MACrB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAGjB,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACc,SAAS,EAAE;IAChDjB,IAAI,EAAE,GAAGA,IAAI,MAAM;IACnBK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBK,GAAG,EAAEvB,GAAG,CAACQ,EAAE,CAACgB,SAAS,CAACC;IAC1B,CAAC;IACDC,IAAI,EAAE;MACFC,SAAS,EAAE,CAACZ,uBAAuB,CAACE,MAAM;IAC9C;EACJ,CAAC,CAAC;EAEF,MAAMW,MAAqD,GAAG;IAC1DC,QAAQ,EAAEvB,MAAM,CAACW,MAAM,CAACa,GAAG;IAC3BC,UAAU,EAAEzB,MAAM,CAACW,MAAM,CAACe,eAAe;IACzCC,kBAAkB,EAAE;MAChBC,oBAAoB,EAAE,WAAW;MACjCC,QAAQ,EAAE,EAAE;MACZC,SAAS,EAAE,GAAG;MACdC,kBAAkB,EAAE,CAAC,SAAS;IAClC;EACJ,CAAC;EAED,OAAO;IACH/B,MAAM;IACNe,SAAS;IACTN,uBAAuB;IACvBa;EACJ,CAAC;AACL;;AAEA;AACA;AACA,OAAO,SAASU,sBAAsBA,CAAClC,GAAc,EAAEC,IAAY,EAAE;EACjE,MAAMkC,GAAG,GAAGnC,GAAG,CAACoC,SAAS,CAACvC,SAAS,CAAC;EAEpC,MAAMK,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACC,MAAM,EAAE;IAC1CJ,IAAI,EAAEA,IAAI;IACVK,MAAM,EAAE;MACJC,YAAY,EAAE;IAClB;EACJ,CAAC,CAAC;EAEF,MAAMI,uBAAuB,GAAGX,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACQ,uBAAuB,EAAE;IAC5EX,IAAI,EAAE,GAAGA,IAAI,qBAAqB;IAClCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBC,IAAI,EAAE;QACFC,eAAe,EAAE;MACrB;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAGjB,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACc,SAAS,EAAE;IAChDjB,IAAI,EAAE,GAAGA,IAAI,MAAM;IACnBK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBK,GAAG,EAAEvB,GAAG,CAACQ,EAAE,CAACgB,SAAS,CAACiB;IAC1B,CAAC;IACDf,IAAI,EAAE;MACFC,SAAS,EAAE,CAACZ,uBAAuB,CAACE,MAAM;IAC9C;EACJ,CAAC,CAAC;;EAEF;EACA;EACA,MAAMyB,cAAc,GAAGtC,GAAG,CAACG,WAAW,CAACP,GAAG,CAAC2C,UAAU,CAACC,oBAAoB,EAAE;IACxEvC,IAAI,EAAE,GAAGA,IAAI,kBAAkB;IAC/BK,MAAM,EAAE,CAAC;EACb,CAAC,CAAC;EAEF,MAAMkB,MAAqD,GAAG;IAC1DC,QAAQ,EAAEvB,MAAM,CAACW,MAAM,CAACa,GAAG;IAC3BC,UAAU,EAAEzB,MAAM,CAACW,MAAM,CAACX,MAAM,CAACuC,KAAK;IAClC;IACA;IACAxC,IAAI,IAAI,GAAGA,IAAI,OAAOH,uBAAuB,CAAC,CAAC,gBACnD,CAAC;IACD4C,cAAc,EAAE;MACZC,oBAAoB,EAAEL,cAAc,CAACzB,MAAM,CAAC+B;IAChD;EACJ,CAAC;;EAED;EACA,MAAMC,uBAAuB,GAAG7C,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAAC0C,uBAAuB,EAAE;IAC5E7C,IAAI,EAAE,GAAGA,IAAI,sBAAsB;IACnCK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACC,EAAE;MACxBiC,eAAe,EAAE,IAAI;MACrBC,iBAAiB,EAAE,IAAI;MACvBC,gBAAgB,EAAE,IAAI;MACtBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC,CAAC;;EAEF;EACA,MAAMC,YAAY,GAAGnD,GAAG,CAACG,WAAW,CAACP,GAAG,CAACQ,EAAE,CAACgD,YAAY,EAAE;IACtDnD,IAAI,EAAE,GAAGA,IAAI,gBAAgB;IAC7BK,MAAM,EAAE;MACJJ,MAAM,EAAEA,MAAM,CAACW,MAAM,CAACX,MAAM;MAC5BmD,MAAM,EAAE;QACJC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAErD,MAAM,CAACW,MAAM,CAACa,GAAG,CAACe,KAAK,CAACf,GAAG,IAAI;UACtC,MAAM8B,UAAqC,GAAG,CAC1C;YACIC,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cAAEC,GAAG,EAAErB,cAAc,CAACzB,MAAM,CAAC+C;YAAO,CAAC;YAChD;YACA;YACAC,MAAM,EAAE,CAAC,eAAe,EAAE,cAAc,CAAC;YACzCC,QAAQ,EAAE,CAAC,GAAGpC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,EACD;YACI+B,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cACPC,GAAG,EAAExB,GAAG,CAAC4B;YACb,CAAC;YACDF,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CAAC,GAAGpC,GAAG,EAAE,EAAE,GAAGA,GAAG,IAAI;UACnC,CAAC,CACJ;UAED,OAAO8B,UAAU;QACrB,CAAC;MACL;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHtD,MAAM;IACNS,uBAAuB;IACvBM,SAAS;IACTqB,cAAc;IACdd,MAAM;IACNqB,uBAAuB;IACvBM;EACJ,CAAC;AACL","ignoreList":[]}
package/pulumi/apps/react/createReactPulumiApp.d.ts CHANGED
@@ -23,6 +23,8 @@ export interface CreateReactPulumiAppParams {
23
23
  export declare const createReactPulumiApp: (projectAppParams: CreateReactPulumiAppParams) => import("@webiny/pulumi").PulumiApp<{
24
24
  cloudfront: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront/distribution.js").Distribution>;
25
25
  bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucket.js").Bucket>;
26
+ bucketOwnershipControls: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketOwnershipControls.js").BucketOwnershipControls>;
27
+ bucketAcl: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketAcl.js").BucketAcl>;
26
28
  originIdentity: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront/originAccessIdentity.js").OriginAccessIdentity>;
27
29
  origin: aws.types.input.cloudfront.DistributionOrigin;
28
30
  bucketPublicAccessBlock: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucketPublicAccessBlock.js").BucketPublicAccessBlock>;