npm - @webiny/pulumi-aws - Versions diffs - 5.25.0-beta.5 → 5.25.1-beta.0 - Mend

@webiny/pulumi-aws 5.25.0-beta.5 → 5.25.1-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/apps/admin/AdminApp.d.ts +14 -0
package/apps/admin/AdminApp.js +134 -0
package/apps/admin/AdminApp.js.map +1 -0
package/apps/admin/AdminUpload.d.ts +6 -0
package/apps/admin/AdminUpload.js +50 -0
package/apps/admin/AdminUpload.js.map +1 -0
package/apps/api/ApiApp.d.ts +66 -0
package/apps/api/ApiApp.js +223 -0
package/apps/api/ApiApp.js.map +1 -0
package/apps/api/ApiApwScheduler.d.ts +23 -0
package/apps/api/ApiApwScheduler.js +240 -0
package/apps/api/ApiApwScheduler.js.map +1 -0
package/apps/api/ApiCloudfront.d.ts +4 -0
package/apps/api/ApiCloudfront.js +103 -0
package/apps/api/ApiCloudfront.js.map +1 -0
package/apps/api/ApiFileManager.d.ts +18 -0
package/apps/api/ApiFileManager.js +168 -0
package/apps/api/ApiFileManager.js.map +1 -0
package/apps/api/ApiGateway.d.ts +19 -0
package/apps/api/ApiGateway.js +90 -0
package/apps/api/ApiGateway.js.map +1 -0
package/apps/api/ApiGraphql.d.ts +27 -0
package/apps/api/ApiGraphql.js +128 -0
package/apps/api/ApiGraphql.js.map +1 -0
package/apps/api/ApiHeadlessCMS.d.ts +18 -0
package/apps/api/ApiHeadlessCMS.js +90 -0
package/apps/api/ApiHeadlessCMS.js.map +1 -0
package/apps/api/ApiLambdaUtils.d.ts +11 -0
package/apps/api/ApiLambdaUtils.js +45 -0
package/apps/api/ApiLambdaUtils.js.map +1 -0
package/apps/api/ApiPageBuilder.d.ts +40 -0
package/apps/api/ApiPageBuilder.js +289 -0
package/apps/api/ApiPageBuilder.js.map +1 -0
package/apps/api/ApiPrerendering.d.ts +24 -0
package/apps/api/ApiPrerendering.js +200 -0
package/apps/api/ApiPrerendering.js.map +1 -0
package/apps/api/ApiVpc.d.ts +10 -0
package/apps/api/ApiVpc.js +129 -0
package/apps/api/ApiVpc.js.map +1 -0
package/apps/api/index.d.ts +8 -0
package/apps/api/index.js +109 -0
package/apps/api/index.js.map +1 -0
package/apps/awsUtils.d.ts +3 -0
package/apps/awsUtils.js +25 -0
package/apps/awsUtils.js.map +1 -0
package/apps/createAppBucket.d.ts +13 -0
package/apps/createAppBucket.js +107 -0
package/apps/createAppBucket.js.map +1 -0
package/apps/customDomain.d.ts +9 -0
package/apps/customDomain.js +14 -0
package/apps/customDomain.js.map +1 -0
package/apps/getStorageOutput.d.ts +13 -0
package/apps/getStorageOutput.js +29 -0
package/apps/getStorageOutput.js.map +1 -0
package/apps/index.d.ts +5 -0
package/apps/index.js +72 -0
package/apps/index.js.map +1 -0
package/apps/storage/StorageApp.d.ts +16 -0
package/apps/storage/StorageApp.js +90 -0
package/apps/storage/StorageApp.js.map +1 -0
package/apps/storage/StorageCognito.d.ts +11 -0
package/apps/storage/StorageCognito.js +102 -0
package/apps/storage/StorageCognito.js.map +1 -0
package/apps/storage/StorageDynamo.d.ts +6 -0
package/apps/storage/StorageDynamo.js +53 -0
package/apps/storage/StorageDynamo.js.map +1 -0
package/apps/storage/StorageFileManager.d.ts +6 -0
package/apps/storage/StorageFileManager.js +40 -0
package/apps/storage/StorageFileManager.js.map +1 -0
package/apps/storage/index.d.ts +4 -0
package/apps/storage/index.js +57 -0
package/apps/storage/index.js.map +1 -0
package/apps/website/WebsiteApp.d.ts +22 -0
package/apps/website/WebsiteApp.js +206 -0
package/apps/website/WebsiteApp.js.map +1 -0
package/apps/website/WebsiteHookRender.d.ts +1 -0
package/apps/website/WebsiteHookRender.js +65 -0
package/apps/website/WebsiteHookRender.js.map +1 -0
package/apps/website/WebsiteHookUpdatePbSettings.d.ts +5 -0
package/apps/website/WebsiteHookUpdatePbSettings.js +80 -0
package/apps/website/WebsiteHookUpdatePbSettings.js.map +1 -0
package/apps/website/WebsiteHookUpload.d.ts +1 -0
package/apps/website/WebsiteHookUpload.js +65 -0
package/apps/website/WebsiteHookUpload.js.map +1 -0
package/components/tenantRouter/functions/origin/request.js +54 -8
package/components/tenantRouter/functions/origin/request.js.map +1 -1
package/index.d.ts +1 -0
package/index.js +18 -1
package/index.js.map +1 -1
package/package.json +10 -6
package/types.d.ts +2 -0
package/types.js +5 -0
package/types.js.map +1 -0

package/apps/api/ApiApwScheduler.js ADDED Viewed

@@ -0,0 +1,240 @@
+"use strict";
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.ApiApwScheduler = void 0;
+var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
+var _path = _interopRequireDefault(require("path"));
+var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
+var aws = _interopRequireWildcard(require("@pulumi/aws"));
+var _pulumiSdk = require("@webiny/pulumi-sdk");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
+function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
+const LAMBDA_NAME_PREFIX = "apw-scheduler";
+const CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;
+const EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;
+const EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;
+const EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;
+const ApiApwScheduler = (0, _pulumiSdk.defineAppModule)({
+  name: "ApiApwScheduler",
+  config(app, params) {
+    const executeAction = createExecuteActionLambda(app, params);
+    const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params); // Create event rule.
+    const eventRule = app.addResource(aws.cloudwatch.EventRule, {
+      name: EVENT_RULE_NAME,
+      config: {
+        description: `Enable us to schedule an action in publishing workflow at a particular datetime`,
+        scheduleExpression: "cron(* * * * ? 2000)",
+        isEnabled: true
+      }
+    }); // Add required permission to the target lambda.
+    app.addResource(aws.lambda.Permission, {
+      name: "eventTargetPermission",
+      config: {
+        action: "lambda:InvokeFunction",
+        function: scheduleAction.lambda.output.arn,
+        principal: "events.amazonaws.com",
+        statementId: "allow-rule-invoke-" + EVENT_RULE_NAME
+      }
+    }); // Add lambda as target to the event rule.
+    const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {
+      name: EVENT_RULE_TARGET,
+      config: {
+        rule: eventRule.output.name,
+        arn: scheduleAction.lambda.output.arn
+      }
+    });
+    return {
+      executeAction,
+      scheduleAction,
+      eventRule,
+      eventTarget
+    };
+  }
+});
+exports.ApiApwScheduler = ApiApwScheduler;
+function createExecuteActionLambda(app, params) {
+  const role = app.addResource(aws.iam.Role, {
+    name: `${EXECUTE_ACTION_LAMBDA}-role`,
+    config: {
+      assumeRolePolicy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Action: "sts:AssumeRole",
+          Principal: {
+            Service: "lambda.amazonaws.com"
+          },
+          Effect: "Allow"
+        }]
+      }
+    }
+  });
+  const policy = createExecuteActionLambdaPolicy(app, params);
+  app.addResource(aws.iam.RolePolicyAttachment, {
+    name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,
+    config: {
+      role: role.output,
+      policyArn: policy.output.arn
+    }
+  });
+  app.addResource(aws.iam.RolePolicyAttachment, {
+    name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,
+    config: {
+      role: role.output,
+      policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
+    }
+  });
+  const lambda = app.addResource(aws.lambda.Function, {
+    name: EXECUTE_ACTION_LAMBDA,
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 128,
+      description: "Handle execute action workflow in apw scheduler",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(_path.default.join(app.ctx.appDir, "code/apw/executeAction/build"))
+      }),
+      environment: {
+        variables: _objectSpread({}, params.env)
+      }
+    }
+  });
+  return {
+    role,
+    policy,
+    lambda
+  };
+}
+function createExecuteActionLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "ApwSchedulerExecuteActionLambdaPolicy",
+    config: {
+      description: "This policy enables access to cloudwatch event and lambda invocation",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "PermissionLambda",
+          Effect: "Allow",
+          Action: ["lambda:InvokeFunction"],
+          Resource: ["*"]
+        }, {
+          Sid: "PermissionDynamoDB",
+          Effect: "Allow",
+          Action: ["dynamodb:Query", "dynamodb:GetItem", "dynamodb:DeleteItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }]
+      }
+    }
+  });
+}
+function createScheduleActionLambda(app, executeLambda, params) {
+  const role = app.addResource(aws.iam.Role, {
+    name: `${CREATE_RULE_LAMBDA}-role`,
+    config: {
+      assumeRolePolicy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Action: "sts:AssumeRole",
+          Principal: {
+            Service: "lambda.amazonaws.com"
+          },
+          Effect: "Allow"
+        }]
+      }
+    }
+  });
+  const policy = createScheduleActionLambdaPolicy(app, params);
+  app.addResource(aws.iam.RolePolicyAttachment, {
+    name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,
+    config: {
+      role: role.output,
+      policyArn: policy.output.arn
+    }
+  });
+  app.addResource(aws.iam.RolePolicyAttachment, {
+    name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,
+    config: {
+      role: role.output,
+      policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
+    }
+  });
+  const lambda = app.addResource(aws.lambda.Function, {
+    name: CREATE_RULE_LAMBDA,
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 128,
+      description: "Handle schedule action workflow in apw scheduler",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(_path.default.join(app.ctx.appDir, "code/apw/scheduleAction/build"))
+      }),
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn // RULE_NAME: this.eventRule.name.apply(name => name),
+          // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)
+        })
+      }
+    }
+  });
+  return {
+    role,
+    policy,
+    lambda
+  };
+}
+function createScheduleActionLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "ApwSchedulerScheduleActionLambdaPolicy",
+    config: {
+      description: "This policy enables access to cloudwatch event and lambda invocation",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "PermissionLambda",
+          Effect: "Allow",
+          Action: ["lambda:InvokeFunction"],
+          Resource: ["*"]
+        }, {
+          Sid: "PermissionDynamoDB",
+          Effect: "Allow",
+          Action: ["dynamodb:PutItem", "dynamodb:Query", "dynamodb:GetItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }, {
+          Sid: "PermissionEvents",
+          Effect: "Allow",
+          Action: ["events:DeleteRule", "events:PutTargets", "events:PutRule", "events:ListRules", "events:RemoveTargets", "events:ListTargetsByRule"],
+          Resource: ["*"]
+        }]
+      }
+    }
+  });
+}

package/apps/api/ApiApwScheduler.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["ApiApwScheduler.ts"],"names":["LAMBDA_NAME_PREFIX","CREATE_RULE_LAMBDA","EXECUTE_ACTION_LAMBDA","EVENT_RULE_NAME","EVENT_RULE_TARGET","ApiApwScheduler","name","config","app","params","executeAction","createExecuteActionLambda","scheduleAction","createScheduleActionLambda","lambda","output","eventRule","addResource","aws","cloudwatch","EventRule","description","scheduleExpression","isEnabled","Permission","action","function","arn","principal","statementId","eventTarget","EventTarget","rule","role","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","policy","createExecuteActionLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaBasicExecutionRole","Function","runtime","handler","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","ctx","appDir","environment","variables","env","Policy","Sid","Resource","interpolate","primaryDynamodbTableArn","executeLambda","createScheduleActionLambdaPolicy","APW_SCHEDULER_EXECUTE_ACTION_HANDLER"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;;;;;;;;;AAOA,MAAMA,kBAAkB,GAAG,eAA3B;AACA,MAAMC,kBAAkB,GAAI,GAAED,kBAAmB,yBAAjD;AACA,MAAME,qBAAqB,GAAI,GAAEF,kBAAmB,wBAApD;AACA,MAAMG,eAAe,GAAI,GAAEH,kBAAmB,aAA9C;AACA,MAAMI,iBAAiB,GAAI,GAAEJ,kBAAmB,oBAAhD;AAIO,MAAMK,eAAe,GAAG,gCAAgB;AAC3CC,EAAAA,IAAI,EAAE,iBADqC;;AAE3CC,EAAAA,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA+C;AACjD,UAAMC,aAAa,GAAGC,yBAAyB,CAACH,GAAD,EAAMC,MAAN,CAA/C;AACA,UAAMG,cAAc,GAAGC,0BAA0B,CAACL,GAAD,EAAME,aAAa,CAACI,MAAd,CAAqBC,MAA3B,EAAmCN,MAAnC,CAAjD,CAFiD,CAIjD;;AACA,UAAMO,SAAS,GAAGR,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,SAA/B,EAA0C;AACxDd,MAAAA,IAAI,EAAEH,eADkD;AAExDI,MAAAA,MAAM,EAAE;AACJc,QAAAA,WAAW,EAAG,iFADV;AAEJC,QAAAA,kBAAkB,EAAE,sBAFhB;AAGJC,QAAAA,SAAS,EAAE;AAHP;AAFgD,KAA1C,CAAlB,CALiD,CAcjD;;AACAf,IAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACJ,MAAJ,CAAWU,UAA3B,EAAuC;AACnClB,MAAAA,IAAI,EAAE,uBAD6B;AAEnCC,MAAAA,MAAM,EAAE;AACJkB,QAAAA,MAAM,EAAE,uBADJ;AAEJC,QAAAA,QAAQ,EAAEd,cAAc,CAACE,MAAf,CAAsBC,MAAtB,CAA6BY,GAFnC;AAGJC,QAAAA,SAAS,EAAE,sBAHP;AAIJC,QAAAA,WAAW,EAAE,uBAAuB1B;AAJhC;AAF2B,KAAvC,EAfiD,CAyBjD;;AACA,UAAM2B,WAAW,GAAGtB,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeY,WAA/B,EAA4C;AAC5DzB,MAAAA,IAAI,EAAEF,iBADsD;AAE5DG,MAAAA,MAAM,EAAE;AACJyB,QAAAA,IAAI,EAAEhB,SAAS,CAACD,MAAV,CAAiBT,IADnB;AAEJqB,QAAAA,GAAG,EAAEf,cAAc,CAACE,MAAf,CAAsBC,MAAtB,CAA6BY;AAF9B;AAFoD,KAA5C,CAApB;AAQA,WAAO;AACHjB,MAAAA,aADG;AAEHE,MAAAA,cAFG;AAGHI,MAAAA,SAHG;AAIHc,MAAAA;AAJG,KAAP;AAMH;;AA1C0C,CAAhB,CAAxB;;;AA6CP,SAASnB,yBAAT,CAAmCH,GAAnC,EAAmDC,MAAnD,EAAiF;AAC7E,QAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQC,IAAxB,EAA8B;AACvC7B,IAAAA,IAAI,EAAG,GAAEJ,qBAAsB,OADQ;AAEvCK,IAAAA,MAAM,EAAE;AACJ6B,MAAAA,gBAAgB,EAAE;AACdC,QAAAA,OAAO,EAAE,YADK;AAEdC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,MAAM,EAAE,gBADZ;AAEIC,UAAAA,SAAS,EAAE;AACPC,YAAAA,OAAO,EAAE;AADF,WAFf;AAKIC,UAAAA,MAAM,EAAE;AALZ,SADO;AAFG;AADd;AAF+B,GAA9B,CAAb;AAkBA,QAAMC,MAAM,GAAGC,+BAA+B,CAACpC,GAAD,EAAMC,MAAN,CAA9C;AAEAD,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQW,oBAAxB,EAA8C;AAC1CvC,IAAAA,IAAI,EAAG,GAAEJ,qBAAsB,yBADW;AAE1CK,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MADP;AAEJ+B,MAAAA,SAAS,EAAEH,MAAM,CAAC5B,MAAP,CAAcY;AAFrB;AAFkC,GAA9C;AAQAnB,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQW,oBAAxB,EAA8C;AAC1CvC,IAAAA,IAAI,EAAG,GAAEJ,qBAAsB,8BADW;AAE1CK,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MADP;AAEJ+B,MAAAA,SAAS,EAAE5B,GAAG,CAACgB,GAAJ,CAAQa,aAAR,CAAsBC;AAF7B;AAFkC,GAA9C;AAQA,QAAMlC,MAAM,GAAGN,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACJ,MAAJ,CAAWmC,QAA3B,EAAqC;AAChD3C,IAAAA,IAAI,EAAEJ,qBAD0C;AAEhDK,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MAAL,CAAYY,GADd;AAEJuB,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJhC,MAAAA,WAAW,EAAE,iDANT;AAOJiC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,cAAKC,IAAL,CAAUpD,GAAG,CAACqD,GAAJ,CAAQC,MAAlB,EAA0B,8BAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,oBACFvD,MAAM,CAACwD,GADL;AADA;AAZT;AAFwC,GAArC,CAAf;AAsBA,SAAO;AACHhC,IAAAA,IADG;AAEHU,IAAAA,MAFG;AAGH7B,IAAAA;AAHG,GAAP;AAKH;;AAED,SAAS8B,+BAAT,CAAyCpC,GAAzC,EAAyDC,MAAzD,EAAuF;AACnF,SAAOD,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQgC,MAAxB,EAAgC;AACnC5D,IAAAA,IAAI,EAAE,uCAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJc,MAAAA,WAAW,EAAE,sEADT;AAEJsB,MAAAA,MAAM,EAAE;AACJN,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACI6B,UAAAA,GAAG,EAAE,kBADT;AAEIzB,UAAAA,MAAM,EAAE,OAFZ;AAGIH,UAAAA,MAAM,EAAE,CAAC,uBAAD,CAHZ;AAII6B,UAAAA,QAAQ,EAAE,CAAC,GAAD;AAJd,SADO,EAOP;AACID,UAAAA,GAAG,EAAE,oBADT;AAEIzB,UAAAA,MAAM,EAAE,OAFZ;AAGIH,UAAAA,MAAM,EAAE,CAAC,gBAAD,EAAmB,kBAAnB,EAAuC,qBAAvC,CAHZ;AAII6B,UAAAA,QAAQ,EAAE,CACNb,MAAM,CAACc,WAAY,GAAE5D,MAAM,CAAC6D,uBAAwB,EAD9C,EAENf,MAAM,CAACc,WAAY,GAAE5D,MAAM,CAAC6D,uBAAwB,IAF9C;AAJd,SAPO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AA0BH;;AAED,SAASzD,0BAAT,CACIL,GADJ,EAEI+D,aAFJ,EAGI9D,MAHJ,EAIE;AACE,QAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQC,IAAxB,EAA8B;AACvC7B,IAAAA,IAAI,EAAG,GAAEL,kBAAmB,OADW;AAEvCM,IAAAA,MAAM,EAAE;AACJ6B,MAAAA,gBAAgB,EAAE;AACdC,QAAAA,OAAO,EAAE,YADK;AAEdC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,MAAM,EAAE,gBADZ;AAEIC,UAAAA,SAAS,EAAE;AACPC,YAAAA,OAAO,EAAE;AADF,WAFf;AAKIC,UAAAA,MAAM,EAAE;AALZ,SADO;AAFG;AADd;AAF+B,GAA9B,CAAb;AAkBA,QAAMC,MAAM,GAAG6B,gCAAgC,CAAChE,GAAD,EAAMC,MAAN,CAA/C;AAEAD,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQW,oBAAxB,EAA8C;AAC1CvC,IAAAA,IAAI,EAAG,GAAEL,kBAAmB,yBADc;AAE1CM,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MADP;AAEJ+B,MAAAA,SAAS,EAAEH,MAAM,CAAC5B,MAAP,CAAcY;AAFrB;AAFkC,GAA9C;AAQAnB,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQW,oBAAxB,EAA8C;AAC1CvC,IAAAA,IAAI,EAAG,GAAEL,kBAAmB,8BADc;AAE1CM,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MADP;AAEJ+B,MAAAA,SAAS,EAAE5B,GAAG,CAACgB,GAAJ,CAAQa,aAAR,CAAsBC;AAF7B;AAFkC,GAA9C;AAQA,QAAMlC,MAAM,GAAGN,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACJ,MAAJ,CAAWmC,QAA3B,EAAqC;AAChD3C,IAAAA,IAAI,EAAEL,kBAD0C;AAEhDM,IAAAA,MAAM,EAAE;AACJ0B,MAAAA,IAAI,EAAEA,IAAI,CAAClB,MAAL,CAAYY,GADd;AAEJuB,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJhC,MAAAA,WAAW,EAAE,kDANT;AAOJiC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,cAAKC,IAAL,CAAUpD,GAAG,CAACqD,GAAJ,CAAQC,MAAlB,EAA0B,+BAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACFvD,MAAM,CAACwD,GADL;AAELQ,UAAAA,oCAAoC,EAAEF,aAAa,CAAC5C,GAF/C,CAGL;AACA;;AAJK;AADA;AAZT;AAFwC,GAArC,CAAf;AAyBA,SAAO;AACHM,IAAAA,IADG;AAEHU,IAAAA,MAFG;AAGH7B,IAAAA;AAHG,GAAP;AAKH;;AAED,SAAS0D,gCAAT,CAA0ChE,GAA1C,EAA0DC,MAA1D,EAAwF;AACpF,SAAOD,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACgB,GAAJ,CAAQgC,MAAxB,EAAgC;AACnC5D,IAAAA,IAAI,EAAE,wCAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJc,MAAAA,WAAW,EAAE,sEADT;AAEJsB,MAAAA,MAAM,EAAE;AACJN,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACI6B,UAAAA,GAAG,EAAE,kBADT;AAEIzB,UAAAA,MAAM,EAAE,OAFZ;AAGIH,UAAAA,MAAM,EAAE,CAAC,uBAAD,CAHZ;AAII6B,UAAAA,QAAQ,EAAE,CAAC,GAAD;AAJd,SADO,EAOP;AACID,UAAAA,GAAG,EAAE,oBADT;AAEIzB,UAAAA,MAAM,EAAE,OAFZ;AAGIH,UAAAA,MAAM,EAAE,CACJ,kBADI,EAEJ,gBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,qBALI,CAHZ;AAUI6B,UAAAA,QAAQ,EAAE,CACNb,MAAM,CAACc,WAAY,GAAE5D,MAAM,CAAC6D,uBAAwB,EAD9C,EAENf,MAAM,CAACc,WAAY,GAAE5D,MAAM,CAAC6D,uBAAwB,IAF9C;AAVd,SAPO,EAsBP;AACIH,UAAAA,GAAG,EAAE,kBADT;AAEIzB,UAAAA,MAAM,EAAE,OAFZ;AAGIH,UAAAA,MAAM,EAAE,CACJ,mBADI,EAEJ,mBAFI,EAGJ,gBAHI,EAIJ,kBAJI,EAKJ,sBALI,EAMJ,0BANI,CAHZ;AAWI6B,UAAAA,QAAQ,EAAE,CAAC,GAAD;AAXd,SAtBO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AA6CH","sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { defineAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi-sdk\";\n\ninterface ScheduleActionParams {\n env: Record<string, any>;\n primaryDynamodbTableArn: pulumi.Input<string>;\n}\n\nconst LAMBDA_NAME_PREFIX = \"apw-scheduler\";\nconst CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;\nconst EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;\nconst EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;\nconst EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;\n\nexport type ApiApwScheduler = PulumiAppModule<typeof ApiApwScheduler>;\n\nexport const ApiApwScheduler = defineAppModule({\n name: \"ApiApwScheduler\",\n config(app: PulumiApp, params: ScheduleActionParams) {\n const executeAction = createExecuteActionLambda(app, params);\n const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params);\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EVENT_RULE_NAME,\n config: {\n description: `Enable us to schedule an action in publishing workflow at a particular datetime`,\n scheduleExpression: \"cron(* * * * ? 2000)\",\n isEnabled: true\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: \"eventTargetPermission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: scheduleAction.lambda.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EVENT_RULE_NAME\n }\n });\n\n // Add lambda as target to the event rule.\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: scheduleAction.lambda.output.arn\n }\n });\n\n return {\n executeAction,\n scheduleAction,\n eventRule,\n eventTarget\n };\n }\n});\n\nfunction createExecuteActionLambda(app: PulumiApp, params: ScheduleActionParams) {\n const role = app.addResource(aws.iam.Role, {\n name: `${EXECUTE_ACTION_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const policy = createExecuteActionLambdaPolicy(app, params);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: EXECUTE_ACTION_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle execute action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/apw/executeAction/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env\n }\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createExecuteActionLambdaPolicy(app: PulumiApp, params: ScheduleActionParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerExecuteActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:Query\", \"dynamodb:GetItem\", \"dynamodb:DeleteItem\"],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createScheduleActionLambda(\n app: PulumiApp,\n executeLambda: pulumi.Output<aws.lambda.Function>,\n params: ScheduleActionParams\n) {\n const role = app.addResource(aws.iam.Role, {\n name: `${CREATE_RULE_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const policy = createScheduleActionLambdaPolicy(app, params);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: CREATE_RULE_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle schedule action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/apw/scheduleAction/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env,\n APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn\n // RULE_NAME: this.eventRule.name.apply(name => name),\n // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)\n }\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createScheduleActionLambdaPolicy(app: PulumiApp, params: ScheduleActionParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerScheduleActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:GetItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\"\n ],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionEvents\",\n Effect: \"Allow\",\n Action: [\n \"events:DeleteRule\",\n \"events:PutTargets\",\n \"events:PutRule\",\n \"events:ListRules\",\n \"events:RemoveTargets\",\n \"events:ListTargetsByRule\"\n ],\n Resource: [\"*\"]\n }\n ]\n }\n }\n });\n}\n"]}

package/apps/api/ApiCloudfront.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import * as aws from "@pulumi/aws";
+import { PulumiAppModule } from "@webiny/pulumi-sdk";
+export declare type ApiCloudfront = PulumiAppModule<typeof ApiCloudfront>;
+export declare const ApiCloudfront: import("@webiny/pulumi-sdk").PulumiAppModuleDefinition<import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.cloudfront.Distribution>, void>;

package/apps/api/ApiCloudfront.js ADDED Viewed

@@ -0,0 +1,103 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.ApiCloudfront = void 0;
+var aws = _interopRequireWildcard(require("@pulumi/aws"));
+var _pulumiSdk = require("@webiny/pulumi-sdk");
+var _ApiGateway = require("./ApiGateway");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const ApiCloudfront = (0, _pulumiSdk.defineAppModule)({
+  name: "ApiCloudfront",
+  config(app) {
+    const gateway = app.getModule(_ApiGateway.ApiGateway);
+    return app.addResource(aws.cloudfront.Distribution, {
+      name: "api-cloudfront",
+      config: {
+        waitForDeployment: false,
+        defaultCacheBehavior: {
+          compress: true,
+          allowedMethods: ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"],
+          cachedMethods: ["GET", "HEAD", "OPTIONS"],
+          forwardedValues: {
+            cookies: {
+              forward: "none"
+            },
+            headers: ["Accept", "Accept-Language"],
+            queryString: true
+          },
+          // MinTTL <= DefaultTTL <= MaxTTL
+          minTtl: 0,
+          defaultTtl: 0,
+          maxTtl: 86400,
+          targetOriginId: gateway.api.output.name,
+          viewerProtocolPolicy: "allow-all"
+        },
+        isIpv6Enabled: true,
+        enabled: true,
+        orderedCacheBehaviors: [{
+          compress: true,
+          allowedMethods: ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"],
+          cachedMethods: ["GET", "HEAD", "OPTIONS"],
+          forwardedValues: {
+            cookies: {
+              forward: "none"
+            },
+            headers: ["Accept", "Accept-Language"],
+            queryString: true
+          },
+          pathPattern: "/cms*",
+          viewerProtocolPolicy: "allow-all",
+          targetOriginId: gateway.api.output.name
+        }, {
+          allowedMethods: ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"],
+          cachedMethods: ["GET", "HEAD", "OPTIONS"],
+          forwardedValues: {
+            cookies: {
+              forward: "none"
+            },
+            headers: ["Accept", "Accept-Language"],
+            queryString: true
+          },
+          // MinTTL <= DefaultTTL <= MaxTTL
+          minTtl: 0,
+          defaultTtl: 0,
+          maxTtl: 2592000,
+          pathPattern: "/files/*",
+          viewerProtocolPolicy: "allow-all",
+          targetOriginId: gateway.api.output.name
+        }],
+        origins: [{
+          domainName: gateway.stage.output.invokeUrl.apply(url => new URL(url).hostname),
+          originPath: gateway.stage.output.invokeUrl.apply(url => new URL(url).pathname),
+          originId: gateway.api.output.name,
+          customOriginConfig: {
+            httpPort: 80,
+            httpsPort: 443,
+            originProtocolPolicy: "https-only",
+            originSslProtocols: ["TLSv1.2"]
+          }
+        }],
+        restrictions: {
+          geoRestriction: {
+            restrictionType: "none"
+          }
+        },
+        viewerCertificate: {
+          cloudfrontDefaultCertificate: true
+        }
+      }
+    });
+  }
+});
+exports.ApiCloudfront = ApiCloudfront;

package/apps/api/ApiCloudfront.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["ApiCloudfront.ts"],"names":["ApiCloudfront","name","config","app","gateway","getModule","ApiGateway","addResource","aws","cloudfront","Distribution","waitForDeployment","defaultCacheBehavior","compress","allowedMethods","cachedMethods","forwardedValues","cookies","forward","headers","queryString","minTtl","defaultTtl","maxTtl","targetOriginId","api","output","viewerProtocolPolicy","isIpv6Enabled","enabled","orderedCacheBehaviors","pathPattern","origins","domainName","stage","invokeUrl","apply","url","URL","hostname","originPath","pathname","originId","customOriginConfig","httpPort","httpsPort","originProtocolPolicy","originSslProtocols","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate"],"mappings":";;;;;;;AAAA;;AACA;;AAEA;;;;;;AAIO,MAAMA,aAAa,GAAG,gCAAgB;AACzCC,EAAAA,IAAI,EAAE,eADmC;;AAEzCC,EAAAA,MAAM,CAACC,GAAD,EAAiB;AACnB,UAAMC,OAAO,GAAGD,GAAG,CAACE,SAAJ,CAAcC,sBAAd,CAAhB;AAEA,WAAOH,GAAG,CAACI,WAAJ,CAAgBC,GAAG,CAACC,UAAJ,CAAeC,YAA/B,EAA6C;AAChDT,MAAAA,IAAI,EAAE,gBAD0C;AAEhDC,MAAAA,MAAM,EAAE;AACJS,QAAAA,iBAAiB,EAAE,KADf;AAEJC,QAAAA,oBAAoB,EAAE;AAClBC,UAAAA,QAAQ,EAAE,IADQ;AAElBC,UAAAA,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,EAA2B,KAA3B,EAAkC,MAAlC,EAA0C,OAA1C,EAAmD,QAAnD,CAFE;AAGlBC,UAAAA,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAHG;AAIlBC,UAAAA,eAAe,EAAE;AACbC,YAAAA,OAAO,EAAE;AACLC,cAAAA,OAAO,EAAE;AADJ,aADI;AAIbC,YAAAA,OAAO,EAAE,CAAC,QAAD,EAAW,iBAAX,CAJI;AAKbC,YAAAA,WAAW,EAAE;AALA,WAJC;AAWlB;AACAC,UAAAA,MAAM,EAAE,CAZU;AAalBC,UAAAA,UAAU,EAAE,CAbM;AAclBC,UAAAA,MAAM,EAAE,KAdU;AAelBC,UAAAA,cAAc,EAAEpB,OAAO,CAACqB,GAAR,CAAYC,MAAZ,CAAmBzB,IAfjB;AAgBlB0B,UAAAA,oBAAoB,EAAE;AAhBJ,SAFlB;AAoBJC,QAAAA,aAAa,EAAE,IApBX;AAqBJC,QAAAA,OAAO,EAAE,IArBL;AAsBJC,QAAAA,qBAAqB,EAAE,CACnB;AACIjB,UAAAA,QAAQ,EAAE,IADd;AAEIC,UAAAA,cAAc,EAAE,CACZ,KADY,EAEZ,MAFY,EAGZ,SAHY,EAIZ,KAJY,EAKZ,MALY,EAMZ,OANY,EAOZ,QAPY,CAFpB;AAWIC,UAAAA,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAXnB;AAYIC,UAAAA,eAAe,EAAE;AACbC,YAAAA,OAAO,EAAE;AACLC,cAAAA,OAAO,EAAE;AADJ,aADI;AAIbC,YAAAA,OAAO,EAAE,CAAC,QAAD,EAAW,iBAAX,CAJI;AAKbC,YAAAA,WAAW,EAAE;AALA,WAZrB;AAmBIW,UAAAA,WAAW,EAAE,OAnBjB;AAoBIJ,UAAAA,oBAAoB,EAAE,WApB1B;AAqBIH,UAAAA,cAAc,EAAEpB,OAAO,CAACqB,GAAR,CAAYC,MAAZ,CAAmBzB;AArBvC,SADmB,EAwBnB;AACIa,UAAAA,cAAc,EAAE,CACZ,KADY,EAEZ,MAFY,EAGZ,SAHY,EAIZ,KAJY,EAKZ,MALY,EAMZ,OANY,EAOZ,QAPY,CADpB;AAUIC,UAAAA,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAVnB;AAWIC,UAAAA,eAAe,EAAE;AACbC,YAAAA,OAAO,EAAE;AACLC,cAAAA,OAAO,EAAE;AADJ,aADI;AAIbC,YAAAA,OAAO,EAAE,CAAC,QAAD,EAAW,iBAAX,CAJI;AAKbC,YAAAA,WAAW,EAAE;AALA,WAXrB;AAkBI;AACAC,UAAAA,MAAM,EAAE,CAnBZ;AAoBIC,UAAAA,UAAU,EAAE,CApBhB;AAqBIC,UAAAA,MAAM,EAAE,OArBZ;AAsBIQ,UAAAA,WAAW,EAAE,UAtBjB;AAuBIJ,UAAAA,oBAAoB,EAAE,WAvB1B;AAwBIH,UAAAA,cAAc,EAAEpB,OAAO,CAACqB,GAAR,CAAYC,MAAZ,CAAmBzB;AAxBvC,SAxBmB,CAtBnB;AAyEJ+B,QAAAA,OAAO,EAAE,CACL;AACIC,UAAAA,UAAU,EAAE7B,OAAO,CAAC8B,KAAR,CAAcR,MAAd,CAAqBS,SAArB,CAA+BC,KAA/B,CACPC,GAAD,IAAiB,IAAIC,GAAJ,CAAQD,GAAR,EAAaE,QADtB,CADhB;AAIIC,UAAAA,UAAU,EAAEpC,OAAO,CAAC8B,KAAR,CAAcR,MAAd,CAAqBS,SAArB,CAA+BC,KAA/B,CACPC,GAAD,IAAiB,IAAIC,GAAJ,CAAQD,GAAR,EAAaI,QADtB,CAJhB;AAOIC,UAAAA,QAAQ,EAAEtC,OAAO,CAACqB,GAAR,CAAYC,MAAZ,CAAmBzB,IAPjC;AAQI0C,UAAAA,kBAAkB,EAAE;AAChBC,YAAAA,QAAQ,EAAE,EADM;AAEhBC,YAAAA,SAAS,EAAE,GAFK;AAGhBC,YAAAA,oBAAoB,EAAE,YAHN;AAIhBC,YAAAA,kBAAkB,EAAE,CAAC,SAAD;AAJJ;AARxB,SADK,CAzEL;AA0FJC,QAAAA,YAAY,EAAE;AACVC,UAAAA,cAAc,EAAE;AACZC,YAAAA,eAAe,EAAE;AADL;AADN,SA1FV;AA+FJC,QAAAA,iBAAiB,EAAE;AACfC,UAAAA,4BAA4B,EAAE;AADf;AA/Ff;AAFwC,KAA7C,CAAP;AAsGH;;AA3GwC,CAAhB,CAAtB","sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { defineAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi-sdk\";\n\nimport { ApiGateway } from \"./ApiGateway\";\n\nexport type ApiCloudfront = PulumiAppModule<typeof ApiCloudfront>;\n\nexport const ApiCloudfront = defineAppModule({\n name: \"ApiCloudfront\",\n config(app: PulumiApp) {\n const gateway = app.getModule(ApiGateway);\n\n return app.addResource(aws.cloudfront.Distribution, {\n name: \"api-cloudfront\",\n config: {\n waitForDeployment: false,\n defaultCacheBehavior: {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\", \"PUT\", \"POST\", \"PATCH\", \"DELETE\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 86400,\n targetOriginId: gateway.api.output.name,\n viewerProtocolPolicy: \"allow-all\"\n },\n isIpv6Enabled: true,\n enabled: true,\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PUT\",\n \"POST\",\n \"PATCH\",\n \"DELETE\"\n ],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n pathPattern: \"/cms*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: gateway.api.output.name\n },\n {\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PUT\",\n \"POST\",\n \"PATCH\",\n \"DELETE\"\n ],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 2592000,\n pathPattern: \"/files/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: gateway.api.output.name\n }\n ],\n origins: [\n {\n domainName: gateway.stage.output.invokeUrl.apply(\n (url: string) => new URL(url).hostname\n ),\n originPath: gateway.stage.output.invokeUrl.apply(\n (url: string) => new URL(url).pathname\n ),\n originId: gateway.api.output.name,\n customOriginConfig: {\n httpPort: 80,\n httpsPort: 443,\n originProtocolPolicy: \"https-only\",\n originSslProtocols: [\"TLSv1.2\"]\n }\n }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n }\n});\n"]}

package/apps/api/ApiFileManager.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as aws from "@pulumi/aws";
+import { PulumiAppModule } from "@webiny/pulumi-sdk";
+import { Vpc } from "./ApiVpc";
+interface FileManagerParams {
+    fileManagerBucketId: pulumi.Input<string>;
+    vpc: Vpc | undefined;
+}
+export declare type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;
+export declare const ApiFileManager: import("@webiny/pulumi-sdk").PulumiAppModuleDefinition<{
+    functions: {
+        transform: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+        manage: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+        download: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+    };
+    bucketNotification: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.s3.BucketNotification>;
+}, FileManagerParams>;
+export {};

package/apps/api/ApiFileManager.js ADDED Viewed

@@ -0,0 +1,168 @@
+"use strict";
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.ApiFileManager = void 0;
+var _path = _interopRequireDefault(require("path"));
+var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
+var aws = _interopRequireWildcard(require("@pulumi/aws"));
+var _awsLayers = require("@webiny/aws-layers");
+var _pulumiSdk = require("@webiny/pulumi-sdk");
+var _ApiLambdaUtils = require("./ApiLambdaUtils");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+// @ts-ignore
+const ApiFileManager = (0, _pulumiSdk.defineAppModule)({
+  name: "ApiFileManager",
+  config(app, params) {
+    const policy = createFileManagerLambdaPolicy(app, params);
+    const role = (0, _ApiLambdaUtils.createLambdaRole)(app, {
+      name: "fm-lambda-role",
+      policy: policy.output,
+      vpc: params.vpc
+    });
+    const transform = app.addResource(aws.lambda.Function, {
+      name: "fm-image-transformer",
+      config: {
+        handler: "handler.handler",
+        timeout: 30,
+        runtime: "nodejs14.x",
+        memorySize: 1600,
+        role: role.output.arn,
+        description: "Performs image optimization, resizing, etc.",
+        code: new pulumi.asset.AssetArchive({
+          ".": new pulumi.asset.FileArchive(_path.default.join(app.ctx.appDir, "code/fileManager/transform/build"))
+        }),
+        layers: [(0, _awsLayers.getLayerArn)("sharp")],
+        environment: {
+          variables: {
+            S3_BUCKET: params.fileManagerBucketId
+          }
+        },
+        vpcConfig: params.vpc ? {
+          subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+          securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+        } : undefined
+      }
+    });
+    const manage = app.addResource(aws.lambda.Function, {
+      name: "fm-manage",
+      config: {
+        role: role.output.arn,
+        runtime: "nodejs14.x",
+        handler: "handler.handler",
+        timeout: 30,
+        memorySize: 512,
+        description: "Triggered when a file is deleted.",
+        code: new pulumi.asset.AssetArchive({
+          ".": new pulumi.asset.FileArchive(_path.default.join(app.ctx.appDir, "code/fileManager/manage/build"))
+        }),
+        environment: {
+          variables: {
+            S3_BUCKET: params.fileManagerBucketId
+          }
+        },
+        vpcConfig: params.vpc ? {
+          subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+          securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+        } : undefined
+      }
+    });
+    const download = app.addResource(aws.lambda.Function, {
+      name: "fm-download",
+      config: {
+        role: role.output.arn,
+        runtime: "nodejs14.x",
+        handler: "handler.handler",
+        timeout: 30,
+        memorySize: 512,
+        description: "Serves previously uploaded files.",
+        code: new pulumi.asset.AssetArchive({
+          ".": new pulumi.asset.FileArchive(_path.default.join(app.ctx.appDir, "code/fileManager/download/build"))
+        }),
+        environment: {
+          variables: {
+            S3_BUCKET: params.fileManagerBucketId,
+            IMAGE_TRANSFORMER_FUNCTION: transform.output.arn
+          }
+        },
+        vpcConfig: params.vpc ? {
+          subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+          securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+        } : undefined
+      }
+    });
+    const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {
+      name: "fm-manage-s3-lambda-permission",
+      config: {
+        action: "lambda:InvokeFunction",
+        function: manage.output.arn,
+        principal: "s3.amazonaws.com",
+        sourceArn: pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`
+      },
+      opts: {
+        dependsOn: [manage.output]
+      }
+    });
+    const bucketNotification = app.addResource(aws.s3.BucketNotification, {
+      name: "bucketNotification",
+      config: {
+        bucket: params.fileManagerBucketId,
+        lambdaFunctions: [{
+          lambdaFunctionArn: manage.output.arn,
+          events: ["s3:ObjectRemoved:*"]
+        }]
+      },
+      opts: {
+        dependsOn: [manage.output, manageS3LambdaPermission.output]
+      }
+    });
+    const functions = {
+      transform,
+      manage,
+      download
+    };
+    return {
+      functions,
+      bucketNotification
+    };
+  }
+});
+exports.ApiFileManager = ApiFileManager;
+function createFileManagerLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "FileManagerLambdaPolicy",
+    config: {
+      description: "This policy enables access to Lambda and S3",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "PermissionForLambda",
+          Effect: "Allow",
+          Action: "lambda:InvokeFunction",
+          Resource: "*"
+        }, {
+          Sid: "PermissionForS3",
+          Effect: "Allow",
+          Action: "s3:*",
+          Resource: pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`
+        }]
+      }
+    }
+  });
+}

package/apps/api/ApiFileManager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["ApiFileManager.ts"],"names":["ApiFileManager","name","config","app","params","policy","createFileManagerLambdaPolicy","role","output","vpc","transform","addResource","aws","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","pulumi","asset","AssetArchive","FileArchive","path","join","ctx","appDir","layers","environment","variables","S3_BUCKET","fileManagerBucketId","vpcConfig","subnetIds","subnets","private","map","subNet","id","securityGroupIds","defaultSecurityGroupId","undefined","manage","download","IMAGE_TRANSFORMER_FUNCTION","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","functions","iam","Policy","Version","Statement","Sid","Effect","Action","Resource"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AAGA;;;;;;AALA;AAcO,MAAMA,cAAc,GAAG,gCAAgB;AAC1CC,EAAAA,IAAI,EAAE,gBADoC;;AAE1CC,EAAAA,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA4C;AAC9C,UAAMC,MAAM,GAAGC,6BAA6B,CAACH,GAAD,EAAMC,MAAN,CAA5C;AACA,UAAMG,IAAI,GAAG,sCAAiBJ,GAAjB,EAAsB;AAC/BF,MAAAA,IAAI,EAAE,gBADyB;AAE/BI,MAAAA,MAAM,EAAEA,MAAM,CAACG,MAFgB;AAG/BC,MAAAA,GAAG,EAAEL,MAAM,CAACK;AAHmB,KAAtB,CAAb;AAMA,UAAMC,SAAS,GAAGP,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AACnDb,MAAAA,IAAI,EAAE,sBAD6C;AAEnDC,MAAAA,MAAM,EAAE;AACJa,QAAAA,OAAO,EAAE,iBADL;AAEJC,QAAAA,OAAO,EAAE,EAFL;AAGJC,QAAAA,OAAO,EAAE,YAHL;AAIJC,QAAAA,UAAU,EAAE,IAJR;AAKJX,QAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYW,GALd;AAMJC,QAAAA,WAAW,EAAE,6CANT;AAOJC,QAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,eAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,cAAKC,IAAL,CAAUxB,GAAG,CAACyB,GAAJ,CAAQC,MAAlB,EAA0B,kCAA1B,CADC;AAD2B,SAA9B,CAPF;AAYJC,QAAAA,MAAM,EAAE,CAAC,4BAAY,OAAZ,CAAD,CAZJ;AAaJC,QAAAA,WAAW,EAAE;AACTC,UAAAA,SAAS,EAAE;AAAEC,YAAAA,SAAS,EAAE7B,MAAM,CAAC8B;AAApB;AADF,SAbT;AAgBJC,QAAAA,SAAS,EAAE/B,MAAM,CAACK,GAAP,GACL;AACI2B,UAAAA,SAAS,EAAEhC,MAAM,CAACK,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,UAAAA,gBAAgB,EAAE,CAACtC,MAAM,CAACK,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,SADK,GAKLC;AArBF;AAF2C,KAArC,CAAlB;AA2BA,UAAMC,MAAM,GAAG1C,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AAChDb,MAAAA,IAAI,EAAE,WAD0C;AAEhDC,MAAAA,MAAM,EAAE;AACJK,QAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYW,GADd;AAEJF,QAAAA,OAAO,EAAE,YAFL;AAGJF,QAAAA,OAAO,EAAE,iBAHL;AAIJC,QAAAA,OAAO,EAAE,EAJL;AAKJE,QAAAA,UAAU,EAAE,GALR;AAMJE,QAAAA,WAAW,EAAE,mCANT;AAOJC,QAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,eAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,cAAKC,IAAL,CAAUxB,GAAG,CAACyB,GAAJ,CAAQC,MAAlB,EAA0B,+BAA1B,CADC;AAD2B,SAA9B,CAPF;AAYJE,QAAAA,WAAW,EAAE;AACTC,UAAAA,SAAS,EAAE;AAAEC,YAAAA,SAAS,EAAE7B,MAAM,CAAC8B;AAApB;AADF,SAZT;AAeJC,QAAAA,SAAS,EAAE/B,MAAM,CAACK,GAAP,GACL;AACI2B,UAAAA,SAAS,EAAEhC,MAAM,CAACK,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,UAAAA,gBAAgB,EAAE,CAACtC,MAAM,CAACK,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,SADK,GAKLC;AApBF;AAFwC,KAArC,CAAf;AA0BA,UAAME,QAAQ,GAAG3C,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AAClDb,MAAAA,IAAI,EAAE,aAD4C;AAElDC,MAAAA,MAAM,EAAE;AACJK,QAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYW,GADd;AAEJF,QAAAA,OAAO,EAAE,YAFL;AAGJF,QAAAA,OAAO,EAAE,iBAHL;AAIJC,QAAAA,OAAO,EAAE,EAJL;AAKJE,QAAAA,UAAU,EAAE,GALR;AAMJE,QAAAA,WAAW,EAAE,mCANT;AAOJC,QAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,eAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,cAAKC,IAAL,CAAUxB,GAAG,CAACyB,GAAJ,CAAQC,MAAlB,EAA0B,iCAA1B,CADC;AAD2B,SAA9B,CAPF;AAYJE,QAAAA,WAAW,EAAE;AACTC,UAAAA,SAAS,EAAE;AACPC,YAAAA,SAAS,EAAE7B,MAAM,CAAC8B,mBADX;AAEPa,YAAAA,0BAA0B,EAAErC,SAAS,CAACF,MAAV,CAAiBW;AAFtC;AADF,SAZT;AAkBJgB,QAAAA,SAAS,EAAE/B,MAAM,CAACK,GAAP,GACL;AACI2B,UAAAA,SAAS,EAAEhC,MAAM,CAACK,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,UAAAA,gBAAgB,EAAE,CAACtC,MAAM,CAACK,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,SADK,GAKLC;AAvBF;AAF0C,KAArC,CAAjB;AA6BA,UAAMI,wBAAwB,GAAG7C,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWoC,UAA3B,EAAuC;AACpEhD,MAAAA,IAAI,EAAE,gCAD8D;AAEpEC,MAAAA,MAAM,EAAE;AACJgD,QAAAA,MAAM,EAAE,uBADJ;AAEJC,QAAAA,QAAQ,EAAEN,MAAM,CAACrC,MAAP,CAAcW,GAFpB;AAGJiC,QAAAA,SAAS,EAAE,kBAHP;AAIJC,QAAAA,SAAS,EAAE/B,MAAM,CAACgC,WAAY,gBAAelD,MAAM,CAAC8B,mBAAoB;AAJpE,OAF4D;AAQpEqB,MAAAA,IAAI,EAAE;AACFC,QAAAA,SAAS,EAAE,CAACX,MAAM,CAACrC,MAAR;AADT;AAR8D,KAAvC,CAAjC;AAaA,UAAMiD,kBAAkB,GAAGtD,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAAC8C,EAAJ,CAAOC,kBAAvB,EAA2C;AAClE1D,MAAAA,IAAI,EAAE,oBAD4D;AAElEC,MAAAA,MAAM,EAAE;AACJ0D,QAAAA,MAAM,EAAExD,MAAM,CAAC8B,mBADX;AAEJ2B,QAAAA,eAAe,EAAE,CACb;AACIC,UAAAA,iBAAiB,EAAEjB,MAAM,CAACrC,MAAP,CAAcW,GADrC;AAEI4C,UAAAA,MAAM,EAAE,CAAC,oBAAD;AAFZ,SADa;AAFb,OAF0D;AAWlER,MAAAA,IAAI,EAAE;AACFC,QAAAA,SAAS,EAAE,CAACX,MAAM,CAACrC,MAAR,EAAgBwC,wBAAwB,CAACxC,MAAzC;AADT;AAX4D,KAA3C,CAA3B;AAgBA,UAAMwD,SAAS,GAAG;AACdtD,MAAAA,SADc;AAEdmC,MAAAA,MAFc;AAGdC,MAAAA;AAHc,KAAlB;AAMA,WAAO;AACHkB,MAAAA,SADG;AAEHP,MAAAA;AAFG,KAAP;AAIH;;AAnIyC,CAAhB,CAAvB;;;AAsIP,SAASnD,6BAAT,CAAuCH,GAAvC,EAAuDC,MAAvD,EAAkF;AAC9E,SAAOD,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACqD,GAAJ,CAAQC,MAAxB,EAAgC;AACnCjE,IAAAA,IAAI,EAAE,yBAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJkB,MAAAA,WAAW,EAAE,6CADT;AAEJf,MAAAA,MAAM,EAAE;AACJ8D,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,uBAHZ;AAIIC,UAAAA,QAAQ,EAAE;AAJd,SADO,EAOP;AACIH,UAAAA,GAAG,EAAE,iBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,MAHZ;AAIIC,UAAAA,QAAQ,EAAElD,MAAM,CAACgC,WAAY,gBAAelD,MAAM,CAAC8B,mBAAoB;AAJ3E,SAPO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AAuBH","sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { defineAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi-sdk\";\n\nimport { Vpc } from \"./ApiVpc\";\nimport { createLambdaRole } from \"./ApiLambdaUtils\";\n\ninterface FileManagerParams {\n fileManagerBucketId: pulumi.Input<string>;\n vpc: Vpc | undefined;\n}\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\nexport const ApiFileManager = defineAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp, params: FileManagerParams) {\n const policy = createFileManagerLambdaPolicy(app, params);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output,\n vpc: params.vpc\n });\n\n const transform = app.addResource(aws.lambda.Function, {\n name: \"fm-image-transformer\",\n config: {\n handler: \"handler.handler\",\n timeout: 30,\n runtime: \"nodejs14.x\",\n memorySize: 1600,\n role: role.output.arn,\n description: \"Performs image optimization, resizing, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/fileManager/transform/build\")\n )\n }),\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: { S3_BUCKET: params.fileManagerBucketId }\n },\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/fileManager/manage/build\")\n )\n }),\n environment: {\n variables: { S3_BUCKET: params.fileManagerBucketId }\n },\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Serves previously uploaded files.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/fileManager/download/build\")\n )\n }),\n environment: {\n variables: {\n S3_BUCKET: params.fileManagerBucketId,\n IMAGE_TRANSFORMER_FUNCTION: transform.output.arn\n }\n },\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: params.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n transform,\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp, params: FileManagerParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: \"s3:*\",\n Resource: pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`\n }\n ]\n }\n }\n });\n}\n"]}

package/apps/api/ApiGateway.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import * as aws from "@pulumi/aws";
+import * as pulumi from "@pulumi/pulumi";
+import { PulumiAppModule } from "@webiny/pulumi-sdk";
+export interface ApiRouteParams {
+    path: pulumi.Input<string>;
+    method: pulumi.Input<string>;
+    function: pulumi.Input<string>;
+}
+export declare type ApiGateway = PulumiAppModule<typeof ApiGateway>;
+export declare const ApiGateway: import("@webiny/pulumi-sdk").PulumiAppModuleDefinition<{
+    api: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.apigatewayv2.Api>;
+    stage: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.apigatewayv2.Stage>;
+    routes: Record<string, {
+        integration: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.apigatewayv2.Integration>;
+        route: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.apigatewayv2.Route>;
+        permission: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Permission>;
+    }>;
+    addRoute: (name: string, params: ApiRouteParams) => void;
+}, Record<string, ApiRouteParams>>;