npm - @webiny/pulumi-aws - Versions diffs - 5.25.0-beta.6 → 5.25.1-beta.1 - Mend

@webiny/pulumi-aws 5.25.0-beta.6 → 5.25.1-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/apps/admin/AdminApp.d.ts +14 -0
package/apps/admin/AdminApp.js +134 -0
package/apps/admin/AdminApp.js.map +1 -0
package/apps/admin/AdminUpload.d.ts +6 -0
package/apps/admin/AdminUpload.js +50 -0
package/apps/admin/AdminUpload.js.map +1 -0
package/apps/api/ApiApp.d.ts +66 -0
package/apps/api/ApiApp.js +223 -0
package/apps/api/ApiApp.js.map +1 -0
package/apps/api/ApiApwScheduler.d.ts +23 -0
package/apps/api/ApiApwScheduler.js +240 -0
package/apps/api/ApiApwScheduler.js.map +1 -0
package/apps/api/ApiCloudfront.d.ts +4 -0
package/apps/api/ApiCloudfront.js +103 -0
package/apps/api/ApiCloudfront.js.map +1 -0
package/apps/api/ApiFileManager.d.ts +18 -0
package/apps/api/ApiFileManager.js +168 -0
package/apps/api/ApiFileManager.js.map +1 -0
package/apps/api/ApiGateway.d.ts +19 -0
package/apps/api/ApiGateway.js +90 -0
package/apps/api/ApiGateway.js.map +1 -0
package/apps/api/ApiGraphql.d.ts +27 -0
package/apps/api/ApiGraphql.js +128 -0
package/apps/api/ApiGraphql.js.map +1 -0
package/apps/api/ApiHeadlessCMS.d.ts +18 -0
package/apps/api/ApiHeadlessCMS.js +90 -0
package/apps/api/ApiHeadlessCMS.js.map +1 -0
package/apps/api/ApiLambdaUtils.d.ts +11 -0
package/apps/api/ApiLambdaUtils.js +45 -0
package/apps/api/ApiLambdaUtils.js.map +1 -0
package/apps/api/ApiPageBuilder.d.ts +40 -0
package/apps/api/ApiPageBuilder.js +289 -0
package/apps/api/ApiPageBuilder.js.map +1 -0
package/apps/api/ApiPrerendering.d.ts +24 -0
package/apps/api/ApiPrerendering.js +200 -0
package/apps/api/ApiPrerendering.js.map +1 -0
package/apps/api/ApiVpc.d.ts +10 -0
package/apps/api/ApiVpc.js +129 -0
package/apps/api/ApiVpc.js.map +1 -0
package/apps/api/index.d.ts +8 -0
package/apps/api/index.js +109 -0
package/apps/api/index.js.map +1 -0
package/apps/awsUtils.d.ts +3 -0
package/apps/awsUtils.js +25 -0
package/apps/awsUtils.js.map +1 -0
package/apps/createAppBucket.d.ts +13 -0
package/apps/createAppBucket.js +107 -0
package/apps/createAppBucket.js.map +1 -0
package/apps/customDomain.d.ts +9 -0
package/apps/customDomain.js +14 -0
package/apps/customDomain.js.map +1 -0
package/apps/getStorageOutput.d.ts +13 -0
package/apps/getStorageOutput.js +29 -0
package/apps/getStorageOutput.js.map +1 -0
package/apps/index.d.ts +5 -0
package/apps/index.js +72 -0
package/apps/index.js.map +1 -0
package/apps/storage/StorageApp.d.ts +16 -0
package/apps/storage/StorageApp.js +90 -0
package/apps/storage/StorageApp.js.map +1 -0
package/apps/storage/StorageCognito.d.ts +11 -0
package/apps/storage/StorageCognito.js +102 -0
package/apps/storage/StorageCognito.js.map +1 -0
package/apps/storage/StorageDynamo.d.ts +6 -0
package/apps/storage/StorageDynamo.js +53 -0
package/apps/storage/StorageDynamo.js.map +1 -0
package/apps/storage/StorageFileManager.d.ts +6 -0
package/apps/storage/StorageFileManager.js +40 -0
package/apps/storage/StorageFileManager.js.map +1 -0
package/apps/storage/index.d.ts +4 -0
package/apps/storage/index.js +57 -0
package/apps/storage/index.js.map +1 -0
package/apps/website/WebsiteApp.d.ts +22 -0
package/apps/website/WebsiteApp.js +206 -0
package/apps/website/WebsiteApp.js.map +1 -0
package/apps/website/WebsiteHookRender.d.ts +1 -0
package/apps/website/WebsiteHookRender.js +65 -0
package/apps/website/WebsiteHookRender.js.map +1 -0
package/apps/website/WebsiteHookUpdatePbSettings.d.ts +5 -0
package/apps/website/WebsiteHookUpdatePbSettings.js +80 -0
package/apps/website/WebsiteHookUpdatePbSettings.js.map +1 -0
package/apps/website/WebsiteHookUpload.d.ts +1 -0
package/apps/website/WebsiteHookUpload.js +65 -0
package/apps/website/WebsiteHookUpload.js.map +1 -0
package/components/tenantRouter/functions/origin/request.js +54 -8
package/components/tenantRouter/functions/origin/request.js.map +1 -1
package/index.d.ts +1 -0
package/index.js +18 -1
package/index.js.map +1 -1
package/package.json +10 -6
package/types.d.ts +2 -0
package/types.js +5 -0
package/types.js.map +1 -0

package/apps/api/ApiPageBuilder.js ADDED Viewed

@@ -0,0 +1,289 @@
+"use strict";
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.ApiPageBuilder = void 0;
+var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
+var path = _interopRequireWildcard(require("path"));
+var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
+var aws = _interopRequireWildcard(require("@pulumi/aws"));
+var _installation = require("@webiny/api-page-builder/installation");
+var _pulumiSdk = require("@webiny/pulumi-sdk");
+var _ApiLambdaUtils = require("./ApiLambdaUtils");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
+function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
+const ApiPageBuilder = (0, _pulumiSdk.defineAppModule)({
+  name: "ApiPageBuilder",
+  config(app, params) {
+    app.addHandler(() => {
+      const pbInstallationZipPath = path.join(path.resolve(), ".tmp", "pbInstallation.zip"); // Will create "pbInstallation.zip" and save it in the `pbInstallationZipPath` path.
+      (0, _installation.createInstallationZip)(pbInstallationZipPath);
+      new aws.s3.BucketObject("./pbInstallation.zip", {
+        key: "pbInstallation.zip",
+        acl: "public-read",
+        bucket: params.fileManagerBucketId,
+        contentType: "application/octet-stream",
+        source: new pulumi.asset.FileAsset(pbInstallationZipPath)
+      });
+    });
+    const updateSettings = createUpdateSettingsResources(app, params);
+    const exportPages = createExportPagesResources(app, params);
+    const importPages = createImportPagesResources(app, params);
+    return {
+      updateSettings,
+      exportPages,
+      importPages
+    };
+  }
+});
+exports.ApiPageBuilder = ApiPageBuilder;
+function createUpdateSettingsResources(app, params) {
+  const policy = createUpdateSettingsLambdaPolicy(app, params);
+  const role = (0, _ApiLambdaUtils.createLambdaRole)(app, {
+    name: "pb-update-settings-lambda-role",
+    policy: policy.output,
+    vpc: params.vpc
+  });
+  const update = app.addResource(aws.lambda.Function, {
+    name: "pb-update-settings",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 10,
+      memorySize: 128,
+      description: "Updates default Page Builder app's settings, e.g. website or prerendering URLs, default title, etc.",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/pageBuilder/updateSettings/build"))
+      }),
+      environment: {
+        variables: _objectSpread({}, params.env)
+      },
+      vpcConfig: params.vpc ? {
+        subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+        securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+      } : undefined
+    }
+  });
+  return {
+    role,
+    policy,
+    functions: {
+      update
+    }
+  };
+}
+function createUpdateSettingsLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "PbUpdateSettingsLambdaPolicy",
+    config: {
+      description: "This policy enables access to Dynamodb",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "AllowDynamoDBAccess",
+          Effect: "Allow",
+          Action: ["dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:Query", "dynamodb:UpdateItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }]
+      }
+    }
+  });
+}
+function createExportPagesResources(app, params) {
+  const policy = createExportPagesLambdaPolicy(app, params);
+  const role = (0, _ApiLambdaUtils.createLambdaRole)(app, {
+    name: "pb-export-pages-lambda-role",
+    policy: policy.output,
+    vpc: params.vpc
+  });
+  const combine = app.addResource(aws.lambda.Function, {
+    name: "pb-export-pages-combine",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 128,
+      description: "Handle page export's combine workflow",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/pageBuilder/exportPages/combine/build"))
+      }),
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          S3_BUCKET: params.fileManagerBucketId
+        })
+      }
+    }
+  });
+  const process = app.addResource(aws.lambda.Function, {
+    name: "pb-export-pages-process",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 128,
+      description: "Handle page export's process workflow",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/pageBuilder/exportPages/process/build"))
+      }),
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          S3_BUCKET: params.fileManagerBucketId,
+          EXPORT_PAGE_COMBINE_HANDLER: combine.output.arn
+        })
+      }
+    }
+  });
+  return {
+    role,
+    policy,
+    functions: {
+      process,
+      combine
+    }
+  };
+}
+function createExportPagesLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "PbExportPageTaskLambdaPolicy",
+    config: {
+      description: "This policy enables access to Dynamodb",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "AllowDynamoDBAccess",
+          Effect: "Allow",
+          Action: ["dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:Query", "dynamodb:UpdateItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }, {
+          Sid: "PermissionForS3",
+          Effect: "Allow",
+          Action: ["s3:GetObjectAcl", "s3:DeleteObject", "s3:PutObjectAcl", "s3:PutObject", "s3:GetObject", "s3:ListBucket"],
+          Resource: [pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`, // We need to explicitly add bucket ARN to "Resource" list for "s3:ListBucket" action.
+          pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`]
+        }, {
+          Sid: "PermissionForLambda",
+          Effect: "Allow",
+          Action: ["lambda:InvokeFunction"],
+          Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`
+        }]
+      }
+    }
+  });
+}
+function createImportPagesResources(app, params) {
+  const policy = createImportPagesLambdaPolicy(app, params);
+  const role = (0, _ApiLambdaUtils.createLambdaRole)(app, {
+    name: "pb-import-page-lambda-role",
+    policy: policy.output,
+    vpc: params.vpc
+  });
+  const process = app.addResource(aws.lambda.Function, {
+    name: "pb-import-page-queue-process",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 512,
+      description: "Handle import page queue process workflow",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/pageBuilder/importPages/process/build"))
+      }),
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          S3_BUCKET: params.fileManagerBucketId
+        })
+      }
+    }
+  });
+  const create = app.addResource(aws.lambda.Function, {
+    name: "pb-import-page-queue-create",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 60,
+      memorySize: 512,
+      description: "Handle import page queue create workflow",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/pageBuilder/importPages/create/build"))
+      }),
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          S3_BUCKET: params.fileManagerBucketId,
+          IMPORT_PAGE_QUEUE_PROCESS_HANDLER: process.output.arn
+        })
+      }
+    }
+  });
+  return {
+    role,
+    policy,
+    functions: {
+      create,
+      process
+    }
+  };
+}
+function createImportPagesLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "ImportPageLambdaPolicy",
+    config: {
+      description: "This policy enables access Dynamodb, S3, Lambda and Cognito IDP",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "PermissionForDynamodb",
+          Effect: "Allow",
+          Action: ["dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:Query", "dynamodb:UpdateItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }, {
+          Sid: "PermissionForS3",
+          Effect: "Allow",
+          Action: ["s3:GetObjectAcl", "s3:DeleteObject", "s3:PutObjectAcl", "s3:PutObject", "s3:GetObject", "s3:ListBucket"],
+          Resource: [pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`, // We need to explicitly add bucket ARN to "Resource" list for "s3:ListBucket" action.
+          pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`]
+        }, {
+          Sid: "PermissionForLambda",
+          Effect: "Allow",
+          Action: ["lambda:InvokeFunction"],
+          Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`
+        }, {
+          Sid: "PermissionForCognitoIdp",
+          Effect: "Allow",
+          Action: "cognito-idp:*",
+          Resource: pulumi.interpolate`${params.cognitoUserPoolArn}`
+        }]
+      }
+    }
+  });
+}

package/apps/api/ApiPageBuilder.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["ApiPageBuilder.ts"],"names":["ApiPageBuilder","name","config","app","params","addHandler","pbInstallationZipPath","path","join","resolve","aws","s3","BucketObject","key","acl","bucket","fileManagerBucketId","contentType","source","pulumi","asset","FileAsset","updateSettings","createUpdateSettingsResources","exportPages","createExportPagesResources","importPages","createImportPagesResources","policy","createUpdateSettingsLambdaPolicy","role","output","vpc","update","addResource","lambda","Function","arn","runtime","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","ctx","appDir","environment","variables","env","vpcConfig","subnetIds","subnets","private","map","subNet","id","securityGroupIds","defaultSecurityGroupId","undefined","functions","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","createExportPagesLambdaPolicy","combine","S3_BUCKET","process","EXPORT_PAGE_COMBINE_HANDLER","awsRegion","awsAccountId","createImportPagesLambdaPolicy","create","IMPORT_PAGE_QUEUE_PROCESS_HANDLER","cognitoUserPoolArn"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AAEA;;;;;;;;;;AAcO,MAAMA,cAAc,GAAG,gCAAgB;AAC1CC,EAAAA,IAAI,EAAE,gBADoC;;AAE1CC,EAAAA,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA4C;AAC9CD,IAAAA,GAAG,CAACE,UAAJ,CAAe,MAAM;AACjB,YAAMC,qBAAqB,GAAGC,IAAI,CAACC,IAAL,CAAUD,IAAI,CAACE,OAAL,EAAV,EAA0B,MAA1B,EAAkC,oBAAlC,CAA9B,CADiB,CAEjB;;AACA,+CAAsBH,qBAAtB;AAEA,UAAII,GAAG,CAACC,EAAJ,CAAOC,YAAX,CAAwB,sBAAxB,EAAgD;AAC5CC,QAAAA,GAAG,EAAE,oBADuC;AAE5CC,QAAAA,GAAG,EAAE,aAFuC;AAG5CC,QAAAA,MAAM,EAAEX,MAAM,CAACY,mBAH6B;AAI5CC,QAAAA,WAAW,EAAE,0BAJ+B;AAK5CC,QAAAA,MAAM,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,SAAjB,CAA2Bf,qBAA3B;AALoC,OAAhD;AAOH,KAZD;AAcA,UAAMgB,cAAc,GAAGC,6BAA6B,CAACpB,GAAD,EAAMC,MAAN,CAApD;AACA,UAAMoB,WAAW,GAAGC,0BAA0B,CAACtB,GAAD,EAAMC,MAAN,CAA9C;AACA,UAAMsB,WAAW,GAAGC,0BAA0B,CAACxB,GAAD,EAAMC,MAAN,CAA9C;AAEA,WAAO;AACHkB,MAAAA,cADG;AAEHE,MAAAA,WAFG;AAGHE,MAAAA;AAHG,KAAP;AAKH;;AA1ByC,CAAhB,CAAvB;;;AA6BP,SAASH,6BAAT,CAAuCpB,GAAvC,EAAuDC,MAAvD,EAAkF;AAC9E,QAAMwB,MAAM,GAAGC,gCAAgC,CAAC1B,GAAD,EAAMC,MAAN,CAA/C;AACA,QAAM0B,IAAI,GAAG,sCAAiB3B,GAAjB,EAAsB;AAC/BF,IAAAA,IAAI,EAAE,gCADyB;AAE/B2B,IAAAA,MAAM,EAAEA,MAAM,CAACG,MAFgB;AAG/BC,IAAAA,GAAG,EAAE5B,MAAM,CAAC4B;AAHmB,GAAtB,CAAb;AAMA,QAAMC,MAAM,GAAG9B,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACyB,MAAJ,CAAWC,QAA3B,EAAqC;AAChDnC,IAAAA,IAAI,EAAE,oBAD0C;AAEhDC,IAAAA,MAAM,EAAE;AACJ4B,MAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYM,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJC,MAAAA,WAAW,EACP,qGAPA;AAQJC,MAAAA,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAP,CAAawB,YAAjB,CAA8B;AAChC,aAAK,IAAIzB,MAAM,CAACC,KAAP,CAAayB,WAAjB,CACDtC,IAAI,CAACC,IAAL,CAAUL,GAAG,CAAC2C,GAAJ,CAAQC,MAAlB,EAA0B,uCAA1B,CADC;AAD2B,OAA9B,CARF;AAaJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,oBACF7C,MAAM,CAAC8C,GADL;AADA,OAbT;AAkBJC,MAAAA,SAAS,EAAE/C,MAAM,CAAC4B,GAAP,GACL;AACIoB,QAAAA,SAAS,EAAEhD,MAAM,CAAC4B,GAAP,CAAWqB,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAACzB,MAAP,CAAc0B,EAAvD,CADf;AAEIC,QAAAA,gBAAgB,EAAE,CAACtD,MAAM,CAAC4B,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsB4B,sBAAvB;AAFtB,OADK,GAKLC;AAvBF;AAFwC,GAArC,CAAf;AA6BA,SAAO;AACH9B,IAAAA,IADG;AAEHF,IAAAA,MAFG;AAGHiC,IAAAA,SAAS,EAAE;AACP5B,MAAAA;AADO;AAHR,GAAP;AAOH;;AAED,SAASJ,gCAAT,CAA0C1B,GAA1C,EAA0DC,MAA1D,EAAqF;AACjF,SAAOD,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACoD,GAAJ,CAAQC,MAAxB,EAAgC;AACnC9D,IAAAA,IAAI,EAAE,8BAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJwC,MAAAA,WAAW,EAAE,wCADT;AAEJd,MAAAA,MAAM,EAAE;AACJoC,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;AAYIC,UAAAA,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,EAD9C,EAENpD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,IAF9C;AAZd,SADO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AA4BH;;AAED,SAAS9C,0BAAT,CAAoCtB,GAApC,EAAoDC,MAApD,EAA+E;AAC3E,QAAMwB,MAAM,GAAG4C,6BAA6B,CAACrE,GAAD,EAAMC,MAAN,CAA5C;AACA,QAAM0B,IAAI,GAAG,sCAAiB3B,GAAjB,EAAsB;AAC/BF,IAAAA,IAAI,EAAE,6BADyB;AAE/B2B,IAAAA,MAAM,EAAEA,MAAM,CAACG,MAFgB;AAG/BC,IAAAA,GAAG,EAAE5B,MAAM,CAAC4B;AAHmB,GAAtB,CAAb;AAMA,QAAMyC,OAAO,GAAGtE,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACyB,MAAJ,CAAWC,QAA3B,EAAqC;AACjDnC,IAAAA,IAAI,EAAE,yBAD2C;AAEjDC,IAAAA,MAAM,EAAE;AACJ4B,MAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYM,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJC,MAAAA,WAAW,EAAE,uCANT;AAOJC,MAAAA,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAP,CAAawB,YAAjB,CAA8B;AAChC,aAAK,IAAIzB,MAAM,CAACC,KAAP,CAAayB,WAAjB,CACDtC,IAAI,CAACC,IAAL,CAAUL,GAAG,CAAC2C,GAAJ,CAAQC,MAAlB,EAA0B,4CAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACF7C,MAAM,CAAC8C,GADL;AAELwB,UAAAA,SAAS,EAAEtE,MAAM,CAACY;AAFb;AADA;AAZT;AAFyC,GAArC,CAAhB;AAuBA,QAAM2D,OAAO,GAAGxE,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACyB,MAAJ,CAAWC,QAA3B,EAAqC;AACjDnC,IAAAA,IAAI,EAAE,yBAD2C;AAEjDC,IAAAA,MAAM,EAAE;AACJ4B,MAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYM,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJC,MAAAA,WAAW,EAAE,uCANT;AAOJC,MAAAA,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAP,CAAawB,YAAjB,CAA8B;AAChC,aAAK,IAAIzB,MAAM,CAACC,KAAP,CAAayB,WAAjB,CACDtC,IAAI,CAACC,IAAL,CAAUL,GAAG,CAAC2C,GAAJ,CAAQC,MAAlB,EAA0B,4CAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACF7C,MAAM,CAAC8C,GADL;AAELwB,UAAAA,SAAS,EAAEtE,MAAM,CAACY,mBAFb;AAGL4D,UAAAA,2BAA2B,EAAEH,OAAO,CAAC1C,MAAR,CAAeM;AAHvC;AADA;AAZT;AAFyC,GAArC,CAAhB;AAwBA,SAAO;AACHP,IAAAA,IADG;AAEHF,IAAAA,MAFG;AAGHiC,IAAAA,SAAS,EAAE;AACPc,MAAAA,OADO;AAEPF,MAAAA;AAFO;AAHR,GAAP;AAQH;;AAED,SAASD,6BAAT,CAAuCrE,GAAvC,EAAuDC,MAAvD,EAAkF;AAC9E,SAAOD,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACoD,GAAJ,CAAQC,MAAxB,EAAgC;AACnC9D,IAAAA,IAAI,EAAE,8BAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJwC,MAAAA,WAAW,EAAE,wCADT;AAEJd,MAAAA,MAAM,EAAE;AACJoC,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;AAYIC,UAAAA,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,EAD9C,EAENpD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,IAF9C;AAZd,SADO,EAkBP;AACIL,UAAAA,GAAG,EAAE,iBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;AAWIC,UAAAA,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,gBAAelE,MAAM,CAACY,mBAAoB,IADvD,EAEN;AACAG,UAAAA,MAAM,CAACmD,WAAY,gBAAelE,MAAM,CAACY,mBAAoB,EAHvD;AAXd,SAlBO,EAmCP;AACIkD,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CAAC,uBAAD,CAHZ;AAIIC,UAAAA,QAAQ,EAAElD,MAAM,CAACmD,WAAY,kBAAiBlE,MAAM,CAACyE,SAAU,IAAGzE,MAAM,CAAC0E,YAAa;AAJ1F,SAnCO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AAmDH;;AAED,SAASnD,0BAAT,CAAoCxB,GAApC,EAAoDC,MAApD,EAA+E;AAC3E,QAAMwB,MAAM,GAAGmD,6BAA6B,CAAC5E,GAAD,EAAMC,MAAN,CAA5C;AACA,QAAM0B,IAAI,GAAG,sCAAiB3B,GAAjB,EAAsB;AAC/BF,IAAAA,IAAI,EAAE,4BADyB;AAE/B2B,IAAAA,MAAM,EAAEA,MAAM,CAACG,MAFgB;AAG/BC,IAAAA,GAAG,EAAE5B,MAAM,CAAC4B;AAHmB,GAAtB,CAAb;AAMA,QAAM2C,OAAO,GAAGxE,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACyB,MAAJ,CAAWC,QAA3B,EAAqC;AACjDnC,IAAAA,IAAI,EAAE,8BAD2C;AAEjDC,IAAAA,MAAM,EAAE;AACJ4B,MAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYM,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJC,MAAAA,WAAW,EAAE,2CANT;AAOJC,MAAAA,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAP,CAAawB,YAAjB,CAA8B;AAChC,aAAK,IAAIzB,MAAM,CAACC,KAAP,CAAayB,WAAjB,CACDtC,IAAI,CAACC,IAAL,CAAUL,GAAG,CAAC2C,GAAJ,CAAQC,MAAlB,EAA0B,4CAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACF7C,MAAM,CAAC8C,GADL;AAELwB,UAAAA,SAAS,EAAEtE,MAAM,CAACY;AAFb;AADA;AAZT;AAFyC,GAArC,CAAhB;AAuBA,QAAMgE,MAAM,GAAG7E,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACyB,MAAJ,CAAWC,QAA3B,EAAqC;AAChDnC,IAAAA,IAAI,EAAE,6BAD0C;AAEhDC,IAAAA,MAAM,EAAE;AACJ4B,MAAAA,IAAI,EAAEA,IAAI,CAACC,MAAL,CAAYM,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJC,MAAAA,WAAW,EAAE,0CANT;AAOJC,MAAAA,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAP,CAAawB,YAAjB,CAA8B;AAChC,aAAK,IAAIzB,MAAM,CAACC,KAAP,CAAayB,WAAjB,CACDtC,IAAI,CAACC,IAAL,CAAUL,GAAG,CAAC2C,GAAJ,CAAQC,MAAlB,EAA0B,2CAA1B,CADC;AAD2B,OAA9B,CAPF;AAYJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACF7C,MAAM,CAAC8C,GADL;AAELwB,UAAAA,SAAS,EAAEtE,MAAM,CAACY,mBAFb;AAGLiE,UAAAA,iCAAiC,EAAEN,OAAO,CAAC5C,MAAR,CAAeM;AAH7C;AADA;AAZT;AAFwC,GAArC,CAAf;AAwBA,SAAO;AACHP,IAAAA,IADG;AAEHF,IAAAA,MAFG;AAGHiC,IAAAA,SAAS,EAAE;AACPmB,MAAAA,MADO;AAEPL,MAAAA;AAFO;AAHR,GAAP;AAQH;;AAED,SAASI,6BAAT,CAAuC5E,GAAvC,EAAuDC,MAAvD,EAAkF;AAC9E,SAAOD,GAAG,CAAC+B,WAAJ,CAAgBxB,GAAG,CAACoD,GAAJ,CAAQC,MAAxB,EAAgC;AACnC9D,IAAAA,IAAI,EAAE,wBAD6B;AAEnCC,IAAAA,MAAM,EAAE;AACJwC,MAAAA,WAAW,EAAE,iEADT;AAEJd,MAAAA,MAAM,EAAE;AACJoC,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,GAAG,EAAE,uBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;AAYIC,UAAAA,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,EAD9C,EAENpD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAACmE,uBAAwB,IAF9C;AAZd,SADO,EAkBP;AACIL,UAAAA,GAAG,EAAE,iBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;AAWIC,UAAAA,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,gBAAelE,MAAM,CAACY,mBAAoB,IADvD,EAEN;AACAG,UAAAA,MAAM,CAACmD,WAAY,gBAAelE,MAAM,CAACY,mBAAoB,EAHvD;AAXd,SAlBO,EAmCP;AACIkD,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CAAC,uBAAD,CAHZ;AAIIC,UAAAA,QAAQ,EAAElD,MAAM,CAACmD,WAAY,kBAAiBlE,MAAM,CAACyE,SAAU,IAAGzE,MAAM,CAAC0E,YAAa;AAJ1F,SAnCO,EAyCP;AACIZ,UAAAA,GAAG,EAAE,yBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,eAHZ;AAIIC,UAAAA,QAAQ,EAAElD,MAAM,CAACmD,WAAY,GAAElE,MAAM,CAAC8E,kBAAmB;AAJ7D,SAzCO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AAyDH","sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n//@ts-ignore\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { defineAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi-sdk\";\nimport { Vpc } from \"./ApiVpc\";\nimport { createLambdaRole } from \"./ApiLambdaUtils\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n primaryDynamodbTableArn: pulumi.Input<string>;\n fileManagerBucketId: pulumi.Input<string>;\n cognitoUserPoolArn: pulumi.Input<string>;\n awsAccountId: pulumi.Input<string>;\n awsRegion: pulumi.Input<string>;\n vpc: Vpc | undefined;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = defineAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n acl: \"public-read\",\n bucket: params.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const updateSettings = createUpdateSettingsResources(app, params);\n const exportPages = createExportPagesResources(app, params);\n const importPages = createImportPagesResources(app, params);\n\n return {\n updateSettings,\n exportPages,\n importPages\n };\n }\n});\n\nfunction createUpdateSettingsResources(app: PulumiApp, params: PageBuilderParams) {\n const policy = createUpdateSettingsLambdaPolicy(app, params);\n const role = createLambdaRole(app, {\n name: \"pb-update-settings-lambda-role\",\n policy: policy.output,\n vpc: params.vpc\n });\n\n const update = app.addResource(aws.lambda.Function, {\n name: \"pb-update-settings\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 10,\n memorySize: 128,\n description:\n \"Updates default Page Builder app's settings, e.g. website or prerendering URLs, default title, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/pageBuilder/updateSettings/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env\n }\n },\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n return {\n role,\n policy,\n functions: {\n update\n }\n };\n}\n\nfunction createUpdateSettingsLambdaPolicy(app: PulumiApp, params: PageBuilderParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"PbUpdateSettingsLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createExportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const policy = createExportPagesLambdaPolicy(app, params);\n const role = createLambdaRole(app, {\n name: \"pb-export-pages-lambda-role\",\n policy: policy.output,\n vpc: params.vpc\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-combine\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/pageBuilder/exportPages/combine/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env,\n S3_BUCKET: params.fileManagerBucketId\n }\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/pageBuilder/exportPages/process/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env,\n S3_BUCKET: params.fileManagerBucketId,\n EXPORT_PAGE_COMBINE_HANDLER: combine.output.arn\n }\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportPagesLambdaPolicy(app: PulumiApp, params: PageBuilderParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportPageTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`\n }\n ]\n }\n }\n });\n}\n\nfunction createImportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const policy = createImportPagesLambdaPolicy(app, params);\n const role = createLambdaRole(app, {\n name: \"pb-import-page-lambda-role\",\n policy: policy.output,\n vpc: params.vpc\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/pageBuilder/importPages/process/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env,\n S3_BUCKET: params.fileManagerBucketId\n }\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-create\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/pageBuilder/importPages/create/build\")\n )\n }),\n environment: {\n variables: {\n ...params.env,\n S3_BUCKET: params.fileManagerBucketId,\n IMPORT_PAGE_QUEUE_PROCESS_HANDLER: process.output.arn\n }\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportPagesLambdaPolicy(app: PulumiApp, params: PageBuilderParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"ImportPageLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: pulumi.interpolate`${params.cognitoUserPoolArn}`\n }\n ]\n }\n }\n });\n}\n"]}

package/apps/api/ApiPrerendering.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as aws from "@pulumi/aws";
+import { PulumiApp } from "@webiny/pulumi-sdk";
+import { Vpc } from "./ApiVpc";
+interface PreRenderingServiceParams {
+    env: Record<string, any>;
+    primaryDynamodbTableArn: pulumi.Input<string>;
+    fileManagerBucketId: pulumi.Input<string>;
+    cognitoUserPoolArn: pulumi.Input<string>;
+    awsAccountId: pulumi.Input<string>;
+    awsRegion: pulumi.Input<string>;
+    vpc: Vpc | undefined;
+}
+export declare function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams): {
+    functions: {
+        render: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+        flush: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+        queue: {
+            add: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+            process: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.lambda.Function>;
+        };
+    };
+};
+export {};

package/apps/api/ApiPrerendering.js ADDED Viewed

@@ -0,0 +1,200 @@
+"use strict";
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.createPrerenderingService = createPrerenderingService;
+var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
+var path = _interopRequireWildcard(require("path"));
+var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
+var aws = _interopRequireWildcard(require("@pulumi/aws"));
+var _awsLayers = require("@webiny/aws-layers");
+var _ApiLambdaUtils = require("./ApiLambdaUtils");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
+function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
+function createPrerenderingService(app, params) {
+  const policy = createRenderingServiceLambdaPolicy(app, params);
+  const role = (0, _ApiLambdaUtils.createLambdaRole)(app, {
+    name: "pre-rendering-service-lambda-role",
+    policy: policy.output,
+    vpc: params.vpc
+  });
+  const render = app.addResource(aws.lambda.Function, {
+    name: "ps-render",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 600,
+      memorySize: 2048,
+      layers: [(0, _awsLayers.getLayerArn)("shelf-io-chrome-aws-lambda-layer")],
+      environment: {
+        variables: _objectSpread({}, params.env)
+      },
+      description: "Renders pages and stores output in an S3 bucket of choice.",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/prerenderingService/render/build"))
+      }),
+      vpcConfig: params.vpc ? {
+        subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+        securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+      } : undefined
+    }
+  });
+  const flush = app.addResource(aws.lambda.Function, {
+    name: "ps-flush",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 30,
+      memorySize: 512,
+      environment: {
+        variables: _objectSpread({}, params.env)
+      },
+      description: "Flushes previously render pages.",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/prerenderingService/flush/build"))
+      }),
+      vpcConfig: params.vpc ? {
+        subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+        securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+      } : undefined
+    }
+  });
+  const queueAdd = app.addResource(aws.lambda.Function, {
+    name: "ps-queue-add",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 30,
+      memorySize: 512,
+      environment: {
+        variables: _objectSpread({}, params.env)
+      },
+      description: "Adds a prerendering task to the prerendering queue.",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/prerenderingService/queue/add/build"))
+      }),
+      vpcConfig: params.vpc ? {
+        subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+        securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+      } : undefined
+    }
+  });
+  const queueProcess = app.addResource(aws.lambda.Function, {
+    name: "ps-queue-process",
+    config: {
+      role: role.output.arn,
+      runtime: "nodejs14.x",
+      handler: "handler.handler",
+      timeout: 300,
+      // 5 minutes.
+      memorySize: 1024,
+      environment: {
+        variables: _objectSpread(_objectSpread({}, params.env), {}, {
+          PRERENDERING_RENDER_HANDLER: render.output.arn,
+          PRERENDERING_FLUSH_HANDLER: flush.output.arn
+        })
+      },
+      description: "Processes all jobs added to the prerendering queue.",
+      code: new pulumi.asset.AssetArchive({
+        ".": new pulumi.asset.FileArchive(path.join(app.ctx.appDir, "code/prerenderingService/queue/process/build"))
+      }),
+      vpcConfig: params.vpc ? {
+        subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),
+        securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]
+      } : undefined
+    }
+  });
+  const cloudWatchEventRule = app.addResource(aws.cloudwatch.EventRule, {
+    name: "ps-process-queue-event-rule",
+    config: {
+      description: `Triggers "ps-process-queue" Lambda function that will process all queued prerendering jobs.`,
+      scheduleExpression: "rate(1 minute)",
+      isEnabled: true
+    }
+  });
+  app.addResource(aws.lambda.Permission, {
+    name: "ps-process-queue-event-rule-permission",
+    config: {
+      action: "lambda:InvokeFunction",
+      function: queueProcess.output.arn,
+      principal: "events.amazonaws.com",
+      sourceArn: cloudWatchEventRule.output.arn
+    }
+  });
+  app.addResource(aws.cloudwatch.EventTarget, {
+    name: "ps-process-queue-event-target",
+    config: {
+      rule: cloudWatchEventRule.output.name,
+      arn: queueProcess.output.arn
+    }
+  });
+  const functions = {
+    render,
+    flush,
+    queue: {
+      add: queueAdd,
+      process: queueProcess
+    }
+  };
+  return {
+    functions
+  };
+}
+function createRenderingServiceLambdaPolicy(app, params) {
+  return app.addResource(aws.iam.Policy, {
+    name: "PreRenderingServicePolicy",
+    config: {
+      description: "This policy enables access to Lambda, S3, Cloudfront and Dynamodb",
+      policy: {
+        Version: "2012-10-17",
+        Statement: [{
+          Sid: "PermissionForDynamodb",
+          Effect: "Allow",
+          Action: ["dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query", "dynamodb:Scan", "dynamodb:UpdateItem"],
+          Resource: [pulumi.interpolate`${params.primaryDynamodbTableArn}`, pulumi.interpolate`${params.primaryDynamodbTableArn}/*`]
+        }, {
+          Sid: "PermissionForLambda",
+          Effect: "Allow",
+          Action: "lambda:InvokeFunction",
+          Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`
+        }, {
+          Sid: "PermissionForS3",
+          Effect: "Allow",
+          Action: ["s3:DeleteObject", "s3:GetObject", "s3:GetObjectAcl", "s3:PutObject", "s3:PutObjectAcl"],
+          Resource: [pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`,
+          /**
+           * We're using the hard-coded value for "delivery" S3 bucket because;
+           * It is created during deployment of the `apps/website` stack which is after the api stack,
+           * so, we don't know its ARN.
+           */
+          "arn:aws:s3:::delivery-*/*"]
+        }, {
+          Sid: "PermissionForCloudfront",
+          Effect: "Allow",
+          Action: "cloudfront:CreateInvalidation",
+          Resource: pulumi.interpolate`arn:aws:cloudfront::${params.awsAccountId}:distribution/*`
+        }]
+      }
+    }
+  });
+}

package/apps/api/ApiPrerendering.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["ApiPrerendering.ts"],"names":["createPrerenderingService","app","params","policy","createRenderingServiceLambdaPolicy","role","name","output","vpc","render","addResource","aws","lambda","Function","config","arn","runtime","handler","timeout","memorySize","layers","environment","variables","env","description","code","pulumi","asset","AssetArchive","FileArchive","path","join","ctx","appDir","vpcConfig","subnetIds","subnets","private","map","subNet","id","securityGroupIds","defaultSecurityGroupId","undefined","flush","queueAdd","queueProcess","PRERENDERING_RENDER_HANDLER","PRERENDERING_FLUSH_HANDLER","cloudWatchEventRule","cloudwatch","EventRule","scheduleExpression","isEnabled","Permission","action","function","principal","sourceArn","EventTarget","rule","functions","queue","add","process","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","awsRegion","awsAccountId","fileManagerBucketId"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAIA;;AAGA;;;;;;;;;;AAYO,SAASA,yBAAT,CAAmCC,GAAnC,EAAmDC,MAAnD,EAAsF;AACzF,QAAMC,MAAM,GAAGC,kCAAkC,CAACH,GAAD,EAAMC,MAAN,CAAjD;AACA,QAAMG,IAAI,GAAG,sCAAiBJ,GAAjB,EAAsB;AAC/BK,IAAAA,IAAI,EAAE,mCADyB;AAE/BH,IAAAA,MAAM,EAAEA,MAAM,CAACI,MAFgB;AAG/BC,IAAAA,GAAG,EAAEN,MAAM,CAACM;AAHmB,GAAtB,CAAb;AAMA,QAAMC,MAAM,GAAGR,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AAChDP,IAAAA,IAAI,EAAE,WAD0C;AAEhDQ,IAAAA,MAAM,EAAE;AACJT,MAAAA,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,GAJL;AAKJC,MAAAA,UAAU,EAAE,IALR;AAMJC,MAAAA,MAAM,EAAE,CAAC,4BAAY,kCAAZ,CAAD,CANJ;AAOJC,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,oBACFpB,MAAM,CAACqB,GADL;AADA,OAPT;AAYJC,MAAAA,WAAW,EAAE,4DAZT;AAaJC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,IAAI,CAACC,IAAL,CAAU9B,GAAG,CAAC+B,GAAJ,CAAQC,MAAlB,EAA0B,uCAA1B,CADC;AAD2B,OAA9B,CAbF;AAkBJC,MAAAA,SAAS,EAAEhC,MAAM,CAACM,GAAP,GACL;AACI2B,QAAAA,SAAS,EAAEjC,MAAM,CAACM,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,QAAAA,gBAAgB,EAAE,CAACvC,MAAM,CAACM,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,OADK,GAKLC;AAvBF;AAFwC,GAArC,CAAf;AA6BA,QAAMC,KAAK,GAAG3C,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AAC/CP,IAAAA,IAAI,EAAE,UADyC;AAE/CQ,IAAAA,MAAM,EAAE;AACJT,MAAAA,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJE,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,oBACFpB,MAAM,CAACqB,GADL;AADA,OANT;AAWJC,MAAAA,WAAW,EAAE,kCAXT;AAYJC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,IAAI,CAACC,IAAL,CAAU9B,GAAG,CAAC+B,GAAJ,CAAQC,MAAlB,EAA0B,sCAA1B,CADC;AAD2B,OAA9B,CAZF;AAiBJC,MAAAA,SAAS,EAAEhC,MAAM,CAACM,GAAP,GACL;AACI2B,QAAAA,SAAS,EAAEjC,MAAM,CAACM,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,QAAAA,gBAAgB,EAAE,CAACvC,MAAM,CAACM,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,OADK,GAKLC;AAtBF;AAFuC,GAArC,CAAd;AA4BA,QAAME,QAAQ,GAAG5C,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AAClDP,IAAAA,IAAI,EAAE,cAD4C;AAElDQ,IAAAA,MAAM,EAAE;AACJT,MAAAA,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,EAJL;AAKJC,MAAAA,UAAU,EAAE,GALR;AAMJE,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,oBACFpB,MAAM,CAACqB,GADL;AADA,OANT;AAWJC,MAAAA,WAAW,EAAE,qDAXT;AAYJC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,IAAI,CAACC,IAAL,CAAU9B,GAAG,CAAC+B,GAAJ,CAAQC,MAAlB,EAA0B,0CAA1B,CADC;AAD2B,OAA9B,CAZF;AAiBJC,MAAAA,SAAS,EAAEhC,MAAM,CAACM,GAAP,GACL;AACI2B,QAAAA,SAAS,EAAEjC,MAAM,CAACM,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,QAAAA,gBAAgB,EAAE,CAACvC,MAAM,CAACM,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,OADK,GAKLC;AAtBF;AAF0C,GAArC,CAAjB;AA4BA,QAAMG,YAAY,GAAG7C,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;AACtDP,IAAAA,IAAI,EAAE,kBADgD;AAEtDQ,IAAAA,MAAM,EAAE;AACJT,MAAAA,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GADd;AAEJC,MAAAA,OAAO,EAAE,YAFL;AAGJC,MAAAA,OAAO,EAAE,iBAHL;AAIJC,MAAAA,OAAO,EAAE,GAJL;AAIU;AACdC,MAAAA,UAAU,EAAE,IALR;AAMJE,MAAAA,WAAW,EAAE;AACTC,QAAAA,SAAS,kCACFpB,MAAM,CAACqB,GADL;AAELwB,UAAAA,2BAA2B,EAAEtC,MAAM,CAACF,MAAP,CAAcQ,GAFtC;AAGLiC,UAAAA,0BAA0B,EAAEJ,KAAK,CAACrC,MAAN,CAAaQ;AAHpC;AADA,OANT;AAaJS,MAAAA,WAAW,EAAE,qDAbT;AAcJC,MAAAA,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;AAChC,aAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,IAAI,CAACC,IAAL,CAAU9B,GAAG,CAAC+B,GAAJ,CAAQC,MAAlB,EAA0B,8CAA1B,CADC;AAD2B,OAA9B,CAdF;AAmBJC,MAAAA,SAAS,EAAEhC,MAAM,CAACM,GAAP,GACL;AACI2B,QAAAA,SAAS,EAAEjC,MAAM,CAACM,GAAP,CAAW4B,OAAX,CAAmBC,OAAnB,CAA2BC,GAA3B,CAA+BC,MAAM,IAAIA,MAAM,CAAChC,MAAP,CAAciC,EAAvD,CADf;AAEIC,QAAAA,gBAAgB,EAAE,CAACvC,MAAM,CAACM,GAAP,CAAWA,GAAX,CAAeD,MAAf,CAAsBmC,sBAAvB;AAFtB,OADK,GAKLC;AAxBF;AAF8C,GAArC,CAArB;AA8BA,QAAMM,mBAAmB,GAAGhD,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACuC,UAAJ,CAAeC,SAA/B,EAA0C;AAClE7C,IAAAA,IAAI,EAAE,6BAD4D;AAElEQ,IAAAA,MAAM,EAAE;AACJU,MAAAA,WAAW,EAAG,6FADV;AAEJ4B,MAAAA,kBAAkB,EAAE,gBAFhB;AAGJC,MAAAA,SAAS,EAAE;AAHP;AAF0D,GAA1C,CAA5B;AASApD,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAW0C,UAA3B,EAAuC;AACnChD,IAAAA,IAAI,EAAE,wCAD6B;AAEnCQ,IAAAA,MAAM,EAAE;AACJyC,MAAAA,MAAM,EAAE,uBADJ;AAEJC,MAAAA,QAAQ,EAAEV,YAAY,CAACvC,MAAb,CAAoBQ,GAF1B;AAGJ0C,MAAAA,SAAS,EAAE,sBAHP;AAIJC,MAAAA,SAAS,EAAET,mBAAmB,CAAC1C,MAApB,CAA2BQ;AAJlC;AAF2B,GAAvC;AAUAd,EAAAA,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACuC,UAAJ,CAAeS,WAA/B,EAA4C;AACxCrD,IAAAA,IAAI,EAAE,+BADkC;AAExCQ,IAAAA,MAAM,EAAE;AACJ8C,MAAAA,IAAI,EAAEX,mBAAmB,CAAC1C,MAApB,CAA2BD,IAD7B;AAEJS,MAAAA,GAAG,EAAE+B,YAAY,CAACvC,MAAb,CAAoBQ;AAFrB;AAFgC,GAA5C;AAQA,QAAM8C,SAAS,GAAG;AACdpD,IAAAA,MADc;AAEdmC,IAAAA,KAFc;AAGdkB,IAAAA,KAAK,EAAE;AACHC,MAAAA,GAAG,EAAElB,QADF;AAEHmB,MAAAA,OAAO,EAAElB;AAFN;AAHO,GAAlB;AASA,SAAO;AACHe,IAAAA;AADG,GAAP;AAGH;;AAED,SAASzD,kCAAT,CAA4CH,GAA5C,EAA4DC,MAA5D,EAA+F;AAC3F,SAAOD,GAAG,CAACS,WAAJ,CAAgBC,GAAG,CAACsD,GAAJ,CAAQC,MAAxB,EAAgC;AACnC5D,IAAAA,IAAI,EAAE,2BAD6B;AAEnCQ,IAAAA,MAAM,EAAE;AACJU,MAAAA,WAAW,EAAE,mEADT;AAEJrB,MAAAA,MAAM,EAAE;AACJgE,QAAAA,OAAO,EAAE,YADL;AAEJC,QAAAA,SAAS,EAAE,CACP;AACIC,UAAAA,GAAG,EAAE,uBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,qBAHI,EAIJ,kBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,eAPI,EAQJ,qBARI,CAHZ;AAaIC,UAAAA,QAAQ,EAAE,CACN9C,MAAM,CAAC+C,WAAY,GAAEvE,MAAM,CAACwE,uBAAwB,EAD9C,EAENhD,MAAM,CAAC+C,WAAY,GAAEvE,MAAM,CAACwE,uBAAwB,IAF9C;AAbd,SADO,EAmBP;AACIL,UAAAA,GAAG,EAAE,qBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,uBAHZ;AAIIC,UAAAA,QAAQ,EAAE9C,MAAM,CAAC+C,WAAY,kBAAiBvE,MAAM,CAACyE,SAAU,IAAGzE,MAAM,CAAC0E,YAAa;AAJ1F,SAnBO,EAyBP;AACIP,UAAAA,GAAG,EAAE,iBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,CACJ,iBADI,EAEJ,cAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,iBALI,CAHZ;AAUIC,UAAAA,QAAQ,EAAE,CACN9C,MAAM,CAAC+C,WAAY,gBAAevE,MAAM,CAAC2E,mBAAoB,IADvD;AAEN;AAC5B;AACA;AACA;AACA;AAC4B,qCAPM;AAVd,SAzBO,EA6CP;AACIR,UAAAA,GAAG,EAAE,yBADT;AAEIC,UAAAA,MAAM,EAAE,OAFZ;AAGIC,UAAAA,MAAM,EAAE,+BAHZ;AAIIC,UAAAA,QAAQ,EAAE9C,MAAM,CAAC+C,WAAY,uBAAsBvE,MAAM,CAAC0E,YAAa;AAJ3E,SA7CO;AAFP;AAFJ;AAF2B,GAAhC,CAAP;AA6DH","sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nimport { PulumiApp } from \"@webiny/pulumi-sdk\";\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nimport { Vpc } from \"./ApiVpc\";\nimport { createLambdaRole } from \"./ApiLambdaUtils\";\n\ninterface PreRenderingServiceParams {\n env: Record<string, any>;\n primaryDynamodbTableArn: pulumi.Input<string>;\n fileManagerBucketId: pulumi.Input<string>;\n cognitoUserPoolArn: pulumi.Input<string>;\n awsAccountId: pulumi.Input<string>;\n awsRegion: pulumi.Input<string>;\n vpc: Vpc | undefined;\n}\n\nexport function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams) {\n const policy = createRenderingServiceLambdaPolicy(app, params);\n const role = createLambdaRole(app, {\n name: \"pre-rendering-service-lambda-role\",\n policy: policy.output,\n vpc: params.vpc\n });\n\n const render = app.addResource(aws.lambda.Function, {\n name: \"ps-render\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 600,\n memorySize: 2048,\n layers: [getLayerArn(\"shelf-io-chrome-aws-lambda-layer\")],\n environment: {\n variables: {\n ...params.env\n }\n },\n description: \"Renders pages and stores output in an S3 bucket of choice.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/prerenderingService/render/build\")\n )\n }),\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const flush = app.addResource(aws.lambda.Function, {\n name: \"ps-flush\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n environment: {\n variables: {\n ...params.env\n }\n },\n description: \"Flushes previously render pages.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/prerenderingService/flush/build\")\n )\n }),\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const queueAdd = app.addResource(aws.lambda.Function, {\n name: \"ps-queue-add\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n environment: {\n variables: {\n ...params.env\n }\n },\n description: \"Adds a prerendering task to the prerendering queue.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/prerenderingService/queue/add/build\")\n )\n }),\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const queueProcess = app.addResource(aws.lambda.Function, {\n name: \"ps-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 300, // 5 minutes.\n memorySize: 1024,\n environment: {\n variables: {\n ...params.env,\n PRERENDERING_RENDER_HANDLER: render.output.arn,\n PRERENDERING_FLUSH_HANDLER: flush.output.arn\n }\n },\n description: \"Processes all jobs added to the prerendering queue.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.ctx.appDir, \"code/prerenderingService/queue/process/build\")\n )\n }),\n vpcConfig: params.vpc\n ? {\n subnetIds: params.vpc.subnets.private.map(subNet => subNet.output.id),\n securityGroupIds: [params.vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const cloudWatchEventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-process-queue-event-rule\",\n config: {\n description: `Triggers \"ps-process-queue\" Lambda function that will process all queued prerendering jobs.`,\n scheduleExpression: \"rate(1 minute)\",\n isEnabled: true\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"ps-process-queue-event-rule-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: queueProcess.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: cloudWatchEventRule.output.arn\n }\n });\n\n app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-process-queue-event-target\",\n config: {\n rule: cloudWatchEventRule.output.name,\n arn: queueProcess.output.arn\n }\n });\n\n const functions = {\n render,\n flush,\n queue: {\n add: queueAdd,\n process: queueProcess\n }\n };\n\n return {\n functions\n };\n}\n\nfunction createRenderingServiceLambdaPolicy(app: PulumiApp, params: PreRenderingServiceParams) {\n return app.addResource(aws.iam.Policy, {\n name: \"PreRenderingServicePolicy\",\n config: {\n description: \"This policy enables access to Lambda, S3, Cloudfront and Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${params.primaryDynamodbTableArn}`,\n pulumi.interpolate`${params.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: pulumi.interpolate`arn:aws:lambda:${params.awsRegion}:${params.awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:GetObject\",\n \"s3:GetObjectAcl\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${params.fileManagerBucketId}/*`,\n /**\n * We're using the hard-coded value for \"delivery\" S3 bucket because;\n * It is created during deployment of the `apps/website` stack which is after the api stack,\n * so, we don't know its ARN.\n */\n \"arn:aws:s3:::delivery-*/*\"\n ]\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${params.awsAccountId}:distribution/*`\n }\n ]\n }\n }\n });\n}\n"]}

package/apps/api/ApiVpc.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import * as aws from "@pulumi/aws";
+import { PulumiApp } from "@webiny/pulumi-sdk";
+export declare function createVpc(app: PulumiApp): {
+    vpc: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.ec2.Vpc>;
+    subnets: {
+        public: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.ec2.Subnet>[];
+        private: import("@webiny/pulumi-sdk").PulumiAppResource<typeof aws.ec2.Subnet>[];
+    };
+};
+export declare type Vpc = ReturnType<typeof createVpc>;