@webiny/pulumi-aws 5.30.0 → 5.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/apps/admin/createAdminPulumiApp.d.ts +8 -6
  2. package/apps/admin/createAdminPulumiApp.js +4 -86
  3. package/apps/admin/createAdminPulumiApp.js.map +1 -1
  4. package/apps/api/ApiFileManager.js +7 -3
  5. package/apps/api/ApiFileManager.js.map +1 -1
  6. package/apps/api/ApiGraphql.d.ts +9 -0
  7. package/apps/api/ApiGraphql.js +24 -1
  8. package/apps/api/ApiGraphql.js.map +1 -1
  9. package/apps/api/ApiOutput.d.ts +15 -0
  10. package/apps/api/ApiOutput.js +43 -0
  11. package/apps/api/ApiOutput.js.map +1 -0
  12. package/apps/api/ApiPageBuilder.js +0 -1
  13. package/apps/api/ApiPageBuilder.js.map +1 -1
  14. package/apps/api/createApiPulumiApp.d.ts +1 -0
  15. package/apps/api/createApiPulumiApp.js +12 -2
  16. package/apps/api/createApiPulumiApp.js.map +1 -1
  17. package/apps/api/index.d.ts +1 -0
  18. package/apps/api/index.js +13 -0
  19. package/apps/api/index.js.map +1 -1
  20. package/apps/core/CoreFileManager.d.ts +4 -1
  21. package/apps/core/CoreFileManager.js +20 -3
  22. package/apps/core/CoreFileManager.js.map +1 -1
  23. package/apps/core/createCorePulumiApp.js +3 -1
  24. package/apps/core/createCorePulumiApp.js.map +1 -1
  25. package/apps/createAppBucket.js +4 -3
  26. package/apps/createAppBucket.js.map +1 -1
  27. package/apps/index.d.ts +1 -0
  28. package/apps/index.js +14 -0
  29. package/apps/index.js.map +1 -1
  30. package/apps/lambdaUtils.js +10 -11
  31. package/apps/lambdaUtils.js.map +1 -1
  32. package/apps/react/createReactPulumiApp.d.ts +29 -0
  33. package/apps/react/createReactPulumiApp.js +111 -0
  34. package/apps/react/createReactPulumiApp.js.map +1 -0
  35. package/apps/react/index.d.ts +1 -0
  36. package/apps/react/index.js +18 -0
  37. package/apps/react/index.js.map +1 -0
  38. package/apps/website/WebsitePrerendering.js +6 -14
  39. package/apps/website/WebsitePrerendering.js.map +1 -1
  40. package/apps/website/createWebsitePulumiApp.d.ts +6 -0
  41. package/apps/website/createWebsitePulumiApp.js +23 -3
  42. package/apps/website/createWebsitePulumiApp.js.map +1 -1
  43. package/apps/website/deliveryViewerRequest.d.ts +2 -0
  44. package/apps/website/deliveryViewerRequest.js +32 -0
  45. package/apps/website/deliveryViewerRequest.js.map +1 -0
  46. package/components/tenantRouter/functions/origin/request.js +3 -1
  47. package/components/tenantRouter/functions/origin/request.js.map +1 -1
  48. package/package.json +10 -8
  49. package/utils/getPresignedPost.d.ts +11 -0
  50. package/utils/getPresignedPost.js +46 -0
  51. package/utils/getPresignedPost.js.map +1 -0
  52. package/utils/lambdaEnvVariables.js +3 -1
  53. package/utils/lambdaEnvVariables.js.map +1 -1
  54. package/utils/uploadFolderToS3.d.ts +3 -4
  55. package/utils/uploadFolderToS3.js +51 -13
  56. package/utils/uploadFolderToS3.js.map +1 -1
package/apps/admin/createAdminPulumiApp.d.ts CHANGED
@@ -1,7 +1,6 @@
1
- import * as aws from "@pulumi/aws";
2
1
  import { PulumiAppParamCallback } from "@webiny/pulumi";
3
- import { CustomDomainParams } from "../customDomain";
4
- export declare type AdminPulumiApp = ReturnType<typeof createAdminPulumiApp>;
2
+ import { createReactPulumiApp, CustomDomainParams } from "..";
3
+ export declare type AdminPulumiApp = ReturnType<typeof createReactPulumiApp>;
5
4
  export interface CreateAdminPulumiAppParams {
6
5
  /** Custom domain configuration */
7
6
  domains?: PulumiAppParamCallback<CustomDomainParams>;
@@ -12,7 +11,10 @@ export interface CreateAdminPulumiAppParams {
12
11
  pulumi?: (app: AdminPulumiApp) => void | Promise<void>;
13
12
  }
14
13
  export declare const createAdminPulumiApp: (projectAppParams: CreateAdminPulumiAppParams) => import("@webiny/pulumi").PulumiApp<{
15
- cloudfront: import("@webiny/pulumi").PulumiAppResource<typeof aws.cloudfront.Distribution>;
16
- bucket: import("@webiny/pulumi").PulumiAppResource<typeof aws.s3.Bucket>;
17
- origin: aws.types.input.cloudfront.DistributionOrigin;
14
+ cloudfront: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront").Distribution>;
15
+ bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3").Bucket>;
16
+ originIdentity: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudfront").OriginAccessIdentity>;
17
+ origin: import("@pulumi/aws/types/input").cloudfront.DistributionOrigin;
18
+ bucketPublicAccessBlock: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3").BucketPublicAccessBlock>;
19
+ bucketPolicy: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3").BucketPolicy>;
18
20
  }>;
package/apps/admin/createAdminPulumiApp.js CHANGED
@@ -9,99 +9,17 @@ exports.createAdminPulumiApp = void 0;
9
9
 
10
10
  var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
11
11
 
12
- var aws = _interopRequireWildcard(require("@pulumi/aws"));
13
-
14
- var _pulumi = require("@webiny/pulumi");
15
-
16
- var _utils = require("../../utils");
17
-
18
- var _createAppBucket = require("../createAppBucket");
19
-
20
- var _customDomain = require("../customDomain");
21
-
22
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
23
-
24
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
12
+ var _ = require("./..");
25
13
 
26
14
  function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
27
15
 
28
16
  function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
29
17
 
30
18
  const createAdminPulumiApp = projectAppParams => {
31
- return (0, _pulumi.createPulumiApp)({
19
+ return (0, _.createReactPulumiApp)(_objectSpread({
32
20
  name: "admin",
33
- path: "apps/admin",
34
- config: projectAppParams,
35
- program: async app => {
36
- // Overrides must be applied via a handler, registered at the very start of the program.
37
- // By doing this, we're ensuring user's adjustments are not applied to late.
38
- if (projectAppParams.pulumi) {
39
- app.addHandler(() => {
40
- return projectAppParams.pulumi(app);
41
- });
42
- }
43
-
44
- const bucket = (0, _createAppBucket.createPublicAppBucket)(app, "admin-app");
45
- const cloudfront = app.addResource(aws.cloudfront.Distribution, {
46
- name: "admin-app-cdn",
47
- config: {
48
- enabled: true,
49
- waitForDeployment: false,
50
- origins: [bucket.origin],
51
- defaultRootObject: "index.html",
52
- defaultCacheBehavior: {
53
- compress: true,
54
- targetOriginId: bucket.origin.originId,
55
- viewerProtocolPolicy: "redirect-to-https",
56
- allowedMethods: ["GET", "HEAD", "OPTIONS"],
57
- cachedMethods: ["GET", "HEAD", "OPTIONS"],
58
- forwardedValues: {
59
- cookies: {
60
- forward: "none"
61
- },
62
- queryString: false
63
- },
64
- // MinTTL <= DefaultTTL <= MaxTTL
65
- minTtl: 0,
66
- defaultTtl: 600,
67
- maxTtl: 600
68
- },
69
- priceClass: "PriceClass_100",
70
- customErrorResponses: [{
71
- errorCode: 404,
72
- responseCode: 404,
73
- responsePagePath: "/index.html"
74
- }],
75
- restrictions: {
76
- geoRestriction: {
77
- restrictionType: "none"
78
- }
79
- },
80
- viewerCertificate: {
81
- cloudfrontDefaultCertificate: true
82
- }
83
- }
84
- });
85
- const domains = app.getParam(projectAppParams.domains);
86
-
87
- if (domains) {
88
- (0, _customDomain.applyCustomDomain)(cloudfront, domains);
89
- }
90
-
91
- app.addOutputs({
92
- appStorage: bucket.bucket.output.id,
93
- appDomain: cloudfront.output.domainName,
94
- appUrl: cloudfront.output.domainName.apply(value => `https://${value}`)
95
- });
96
- (0, _utils.tagResources)({
97
- WbyProjectName: String(process.env["WEBINY_PROJECT_NAME"]),
98
- WbyEnvironment: String(process.env["WEBINY_ENV"])
99
- });
100
- return _objectSpread(_objectSpread({}, bucket), {}, {
101
- cloudfront
102
- });
103
- }
104
- });
21
+ folder: "apps/admin"
22
+ }, projectAppParams));
105
23
  };
106
24
 
107
25
  exports.createAdminPulumiApp = createAdminPulumiApp;
package/apps/admin/createAdminPulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createAdminPulumiApp","projectAppParams","createPulumiApp","name","path","config","program","app","pulumi","addHandler","bucket","createPublicAppBucket","cloudfront","addResource","aws","Distribution","enabled","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","domains","getParam","applyCustomDomain","addOutputs","appStorage","output","id","appDomain","domainName","appUrl","apply","value","tagResources","WbyProjectName","String","process","env","WbyEnvironment"],"sources":["createAdminPulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\n\nimport { createPulumiApp, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { tagResources } from \"~/utils\";\nimport { createPublicAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\n\nexport type AdminPulumiApp = ReturnType<typeof createAdminPulumiApp>;\n\nexport interface CreateAdminPulumiAppParams {\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: AdminPulumiApp) => void | Promise<void>;\n}\n\nexport const createAdminPulumiApp = (projectAppParams: CreateAdminPulumiAppParams) => {\n return createPulumiApp({\n name: \"admin\",\n path: \"apps/admin\",\n config: projectAppParams,\n program: async app => {\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as AdminPulumiApp);\n });\n }\n\n const bucket = createPublicAppBucket(app, \"admin-app\");\n\n const cloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"admin-app-cdn\",\n config: {\n enabled: true,\n waitForDeployment: false,\n origins: [bucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: bucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 600,\n maxTtl: 600\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(cloudfront, domains);\n }\n\n app.addOutputs({\n appStorage: bucket.bucket.output.id,\n appDomain: cloudfront.output.domainName,\n appUrl: cloudfront.output.domainName.apply(value => `https://${value}`)\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n ...bucket,\n cloudfront\n };\n }\n });\n};\n"],"mappings":";;;;;;;;;;;AAAA;;AAEA;;AACA;;AACA;;AACA;;;;;;;;;;AAeO,MAAMA,oBAAoB,GAAIC,gBAAD,IAAkD;EAClF,OAAO,IAAAC,uBAAA,EAAgB;IACnBC,IAAI,EAAE,OADa;IAEnBC,IAAI,EAAE,YAFa;IAGnBC,MAAM,EAAEJ,gBAHW;IAInBK,OAAO,EAAE,MAAMC,GAAN,IAAa;MAClB;MACA;MACA,IAAIN,gBAAgB,CAACO,MAArB,EAA6B;QACzBD,GAAG,CAACE,UAAJ,CAAe,MAAM;UACjB,OAAOR,gBAAgB,CAACO,MAAjB,CAAyBD,GAAzB,CAAP;QACH,CAFD;MAGH;;MAED,MAAMG,MAAM,GAAG,IAAAC,sCAAA,EAAsBJ,GAAtB,EAA2B,WAA3B,CAAf;MAEA,MAAMK,UAAU,GAAGL,GAAG,CAACM,WAAJ,CAAgBC,GAAG,CAACF,UAAJ,CAAeG,YAA/B,EAA6C;QAC5DZ,IAAI,EAAE,eADsD;QAE5DE,MAAM,EAAE;UACJW,OAAO,EAAE,IADL;UAEJC,iBAAiB,EAAE,KAFf;UAGJC,OAAO,EAAE,CAACR,MAAM,CAACS,MAAR,CAHL;UAIJC,iBAAiB,EAAE,YAJf;UAKJC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IADQ;YAElBC,cAAc,EAAEb,MAAM,CAACS,MAAP,CAAcK,QAFZ;YAGlBC,oBAAoB,EAAE,mBAHJ;YAIlBC,cAAc,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CAJE;YAKlBC,aAAa,EAAE,CAAC,KAAD,EAAQ,MAAR,EAAgB,SAAhB,CALG;YAMlBC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAX,CADI;cAEbC,WAAW,EAAE;YAFA,CANC;YAUlB;YACAC,MAAM,EAAE,CAXU;YAYlBC,UAAU,EAAE,GAZM;YAalBC,MAAM,EAAE;UAbU,CALlB;UAoBJC,UAAU,EAAE,gBApBR;UAqBJC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAb;YAAkBC,YAAY,EAAE,GAAhC;YAAqCC,gBAAgB,EAAE;UAAvD,CADkB,CArBlB;UAwBJC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YADL;UADN,CAxBV;UA6BJC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UADf;QA7Bf;MAFoD,CAA7C,CAAnB;MAqCA,MAAMC,OAAO,GAAGtC,GAAG,CAACuC,QAAJ,CAAa7C,gBAAgB,CAAC4C,OAA9B,CAAhB;;MACA,IAAIA,OAAJ,EAAa;QACT,IAAAE,+BAAA,EAAkBnC,UAAlB,EAA8BiC,OAA9B;MACH;;MAEDtC,GAAG,CAACyC,UAAJ,CAAe;QACXC,UAAU,EAAEvC,MAAM,CAACA,MAAP,CAAcwC,MAAd,CAAqBC,EADtB;QAEXC,SAAS,EAAExC,UAAU,CAACsC,MAAX,CAAkBG,UAFlB;QAGXC,MAAM,EAAE1C,UAAU,CAACsC,MAAX,CAAkBG,UAAlB,CAA6BE,KAA7B,CAAmCC,KAAK,IAAK,WAAUA,KAAM,EAA7D;MAHG,CAAf;MAMA,IAAAC,mBAAA,EAAa;QACTC,cAAc,EAAEC,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,qBAAZ,CAAD,CADb;QAETC,cAAc,EAAEH,MAAM,CAACC,OAAO,CAACC,GAAR,CAAY,YAAZ,CAAD;MAFb,CAAb;MAKA,uCACOnD,MADP;QAEIE;MAFJ;IAIH;EAxEkB,CAAhB,CAAP;AA0EH,CA3EM"}
1
+ {"version":3,"names":["createAdminPulumiApp","projectAppParams","createReactPulumiApp","name","folder"],"sources":["createAdminPulumiApp.ts"],"sourcesContent":["import { PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { createReactPulumiApp, CustomDomainParams } from \"~/apps\";\n\nexport type AdminPulumiApp = ReturnType<typeof createReactPulumiApp>;\n\nexport interface CreateAdminPulumiAppParams {\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: AdminPulumiApp) => void | Promise<void>;\n}\n\nexport const createAdminPulumiApp = (projectAppParams: CreateAdminPulumiAppParams) => {\n return createReactPulumiApp({\n name: \"admin\",\n folder: \"apps/admin\",\n ...projectAppParams\n });\n};\n"],"mappings":";;;;;;;;;;;AACA;;;;;;AAeO,MAAMA,oBAAoB,GAAIC,gBAAD,IAAkD;EAClF,OAAO,IAAAC,sBAAA;IACHC,IAAI,EAAE,OADH;IAEHC,MAAM,EAAE;EAFL,GAGAH,gBAHA,EAAP;AAKH,CANM"}
package/apps/api/ApiFileManager.js CHANGED
@@ -23,6 +23,8 @@ var _lambdaUtils = require("../lambdaUtils");
23
23
 
24
24
  var _common = require("../common");
25
25
 
26
+ var _awsUtils = require("../awsUtils");
27
+
26
28
  function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
27
29
 
28
30
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
@@ -36,6 +38,7 @@ const ApiFileManager = (0, _pulumi2.createAppModule)({
36
38
 
37
39
  config(app) {
38
40
  const core = app.getModule(_common.CoreOutput);
41
+ const accountId = (0, _awsUtils.getAwsAccountId)(app);
39
42
  const policy = createFileManagerLambdaPolicy(app);
40
43
  const role = (0, _lambdaUtils.createLambdaRole)(app, {
41
44
  name: "fm-lambda-role",
@@ -109,7 +112,8 @@ const ApiFileManager = (0, _pulumi2.createAppModule)({
109
112
  action: "lambda:InvokeFunction",
110
113
  function: manage.output.arn,
111
114
  principal: "s3.amazonaws.com",
112
- sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`
115
+ sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,
116
+ sourceAccount: accountId
113
117
  },
114
118
  opts: {
115
119
  dependsOn: [manage.output]
@@ -158,8 +162,8 @@ function createFileManagerLambdaPolicy(app) {
158
162
  }, {
159
163
  Sid: "PermissionForS3",
160
164
  Effect: "Allow",
161
- Action: "s3:*",
162
- Resource: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`
165
+ Action: ["s3:DeleteObject", "s3:PutObject", "s3:GetObject", "s3:ListBucket"],
166
+ Resource: [pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`, pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`]
163
167
  }]
164
168
  }
165
169
  }
package/apps/api/ApiFileManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["ApiFileManager","createAppModule","name","config","app","core","getModule","CoreOutput","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","transform","addResource","aws","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","layers","getLayerArn","environment","variables","getCommonLambdaEnvVariables","apply","value","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","manage","download","IMAGE_TRANSFORMER_FUNCTION","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","functions","iam","Policy","Version","Statement","Sid","Effect","Action","Resource"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const transform = app.addResource(aws.lambda.Function, {\n name: \"fm-image-transformer\",\n config: {\n handler: \"handler.handler\",\n timeout: 30,\n runtime: \"nodejs14.x\",\n memorySize: 1600,\n role: role.output.arn,\n description: \"Performs image optimization, resizing, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/transform/build\")\n )\n }),\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Serves previously uploaded files.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/download/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId,\n IMAGE_TRANSFORMER_FUNCTION: transform.output.arn\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n transform,\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: \"s3:*\",\n Resource: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AAEA;;AACA;;;;;;;;;;AAIO,MAAMA,cAAc,GAAG,IAAAC,wBAAA,EAAgB;EAC1CC,IAAI,EAAE,gBADoC;;EAE1CC,MAAM,CAACC,GAAD,EAAiB;IACnB,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAJ,CAAcC,kBAAd,CAAb;IAEA,MAAMC,MAAM,GAAGC,6BAA6B,CAACL,GAAD,CAA5C;IACA,MAAMM,IAAI,GAAG,IAAAC,6BAAA,EAAiBP,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,gBADyB;MAE/BM,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,SAAS,GAAGT,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACnDf,IAAI,EAAE,sBAD6C;MAEnDC,MAAM,EAAE;QACJe,OAAO,EAAE,iBADL;QAEJC,OAAO,EAAE,EAFL;QAGJC,OAAO,EAAE,YAHL;QAIJC,UAAU,EAAE,IAJR;QAKJX,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GALd;QAMJC,WAAW,EAAE,6CANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,6BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJC,MAAM,EAAE,CAAC,IAAAC,sBAAA,EAAY,OAAZ,CAAD,CAZJ;QAaJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAEnC,IAAI,CAACoC;UAFgC,EAAzC;QADF,CAbT;QAmBJC,SAAS,EAAEtC,GAAG,CAACE,SAAJ,CAAcqC,iBAAd,EAAyBC;MAnBhC;IAF2C,CAArC,CAAlB;IAyBA,MAAMC,MAAM,GAAGzC,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MAChDf,IAAI,EAAE,WAD0C;MAEhDC,MAAM,EAAE;QACJO,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GADd;QAEJF,OAAO,EAAE,YAFL;QAGJF,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,EAJL;QAKJE,UAAU,EAAE,GALR;QAMJE,WAAW,EAAE,mCANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,0BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAEnC,IAAI,CAACoC;UAFgC,EAAzC;QADF,CAZT;QAkBJC,SAAS,EAAEtC,GAAG,CAACE,SAAJ,CAAcqC,iBAAd,EAAyBC;MAlBhC;IAFwC,CAArC,CAAf;IAwBA,MAAME,QAAQ,GAAG1C,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MAClDf,IAAI,EAAE,aAD4C;MAElDC,MAAM,EAAE;QACJO,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GADd;QAEJF,OAAO,EAAE,YAFL;QAGJF,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,EAJL;QAKJE,UAAU,EAAE,GALR;QAMJE,WAAW,EAAE,mCANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,4BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAEnC,IAAI,CAACoC,mBAFgC;YAGhDM,0BAA0B,EAAElC,SAAS,CAACD,MAAV,CAAiBU;UAHG,EAAzC;QADF,CAZT;QAmBJoB,SAAS,EAAEtC,GAAG,CAACE,SAAJ,CAAcqC,iBAAd,EAAyBC;MAnBhC;IAF0C,CAArC,CAAjB;IAyBA,MAAMI,wBAAwB,GAAG5C,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWiC,UAA3B,EAAuC;MACpE/C,IAAI,EAAE,gCAD8D;MAEpEC,MAAM,EAAE;QACJ+C,MAAM,EAAE,uBADJ;QAEJC,QAAQ,EAAEN,MAAM,CAACjC,MAAP,CAAcU,GAFpB;QAGJ8B,SAAS,EAAE,kBAHP;QAIJC,SAAS,EAAE5B,MAAM,CAAC6B,WAAY,gBAAejD,IAAI,CAACoC,mBAAoB;MAJlE,CAF4D;MAQpEc,IAAI,EAAE;QACFC,SAAS,EAAE,CAACX,MAAM,CAACjC,MAAR;MADT;IAR8D,CAAvC,CAAjC;IAaA,MAAM6C,kBAAkB,GAAGrD,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAAC2C,EAAJ,CAAOC,kBAAvB,EAA2C;MAClEzD,IAAI,EAAE,oBAD4D;MAElEC,MAAM,EAAE;QACJyD,MAAM,EAAEvD,IAAI,CAACoC,mBADT;QAEJoB,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAEjB,MAAM,CAACjC,MAAP,CAAcU,GADrC;UAEIyC,MAAM,EAAE,CAAC,oBAAD;QAFZ,CADa;MAFb,CAF0D;MAWlER,IAAI,EAAE;QACFC,SAAS,EAAE,CAACX,MAAM,CAACjC,MAAR,EAAgBoC,wBAAwB,CAACpC,MAAzC;MADT;IAX4D,CAA3C,CAA3B;IAgBA,MAAMoD,SAAS,GAAG;MACdnD,SADc;MAEdgC,MAFc;MAGdC;IAHc,CAAlB;IAMA,OAAO;MACHkB,SADG;MAEHP;IAFG,CAAP;EAIH;;AA5HyC,CAAhB,CAAvB;;;AA+HP,SAAShD,6BAAT,CAAuCL,GAAvC,EAAuD;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAJ,CAAcC,kBAAd,CAAb;EAEA,OAAOH,GAAG,CAACU,WAAJ,CAAgBC,GAAG,CAACkD,GAAJ,CAAQC,MAAxB,EAAgC;IACnChE,IAAI,EAAE,yBAD6B;IAEnCC,MAAM,EAAE;MACJoB,WAAW,EAAE,6CADT;MAEJf,MAAM,EAAE;QACJ2D,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,uBAHZ;UAIIC,QAAQ,EAAE;QAJd,CADO,EAOP;UACIH,GAAG,EAAE,iBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,MAHZ;UAIIC,QAAQ,EAAE/C,MAAM,CAAC6B,WAAY,gBAAejD,IAAI,CAACoC,mBAAoB;QAJzE,CAPO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AAuBH"}
1
+ {"version":3,"names":["ApiFileManager","createAppModule","name","config","app","core","getModule","CoreOutput","accountId","getAwsAccountId","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","transform","addResource","aws","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","layers","getLayerArn","environment","variables","getCommonLambdaEnvVariables","apply","value","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","manage","download","IMAGE_TRANSFORMER_FUNCTION","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","sourceAccount","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","functions","iam","Policy","Version","Statement","Sid","Effect","Action","Resource"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"~/apps/awsUtils\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const accountId = getAwsAccountId(app);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const transform = app.addResource(aws.lambda.Function, {\n name: \"fm-image-transformer\",\n config: {\n handler: \"handler.handler\",\n timeout: 30,\n runtime: \"nodejs14.x\",\n memorySize: 1600,\n role: role.output.arn,\n description: \"Performs image optimization, resizing, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/transform/build\")\n )\n }),\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Serves previously uploaded files.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/download/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId,\n IMAGE_TRANSFORMER_FUNCTION: transform.output.arn\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n sourceAccount: accountId\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n transform,\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AAEA;;AACA;;AACA;;;;;;;;;;AAIO,MAAMA,cAAc,GAAG,IAAAC,wBAAA,EAAgB;EAC1CC,IAAI,EAAE,gBADoC;;EAE1CC,MAAM,CAACC,GAAD,EAAiB;IACnB,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAJ,CAAcC,kBAAd,CAAb;IACA,MAAMC,SAAS,GAAG,IAAAC,yBAAA,EAAgBL,GAAhB,CAAlB;IAEA,MAAMM,MAAM,GAAGC,6BAA6B,CAACP,GAAD,CAA5C;IACA,MAAMQ,IAAI,GAAG,IAAAC,6BAAA,EAAiBT,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,gBADyB;MAE/BQ,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,SAAS,GAAGX,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACnDjB,IAAI,EAAE,sBAD6C;MAEnDC,MAAM,EAAE;QACJiB,OAAO,EAAE,iBADL;QAEJC,OAAO,EAAE,EAFL;QAGJC,OAAO,EAAE,YAHL;QAIJC,UAAU,EAAE,IAJR;QAKJX,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GALd;QAMJC,WAAW,EAAE,6CANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU5B,GAAG,CAAC6B,KAAJ,CAAUC,SAApB,EAA+B,6BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJC,MAAM,EAAE,CAAC,IAAAC,sBAAA,EAAY,OAAZ,CAAD,CAZJ;QAaJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAErC,IAAI,CAACsC;UAFgC,EAAzC;QADF,CAbT;QAmBJC,SAAS,EAAExC,GAAG,CAACE,SAAJ,CAAcuC,iBAAd,EAAyBC;MAnBhC;IAF2C,CAArC,CAAlB;IAyBA,MAAMC,MAAM,GAAG3C,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MAChDjB,IAAI,EAAE,WAD0C;MAEhDC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GADd;QAEJF,OAAO,EAAE,YAFL;QAGJF,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,EAJL;QAKJE,UAAU,EAAE,GALR;QAMJE,WAAW,EAAE,mCANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU5B,GAAG,CAAC6B,KAAJ,CAAUC,SAApB,EAA+B,0BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAErC,IAAI,CAACsC;UAFgC,EAAzC;QADF,CAZT;QAkBJC,SAAS,EAAExC,GAAG,CAACE,SAAJ,CAAcuC,iBAAd,EAAyBC;MAlBhC;IAFwC,CAArC,CAAf;IAwBA,MAAME,QAAQ,GAAG5C,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MAClDjB,IAAI,EAAE,aAD4C;MAElDC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYU,GADd;QAEJF,OAAO,EAAE,YAFL;QAGJF,OAAO,EAAE,iBAHL;QAIJC,OAAO,EAAE,EAJL;QAKJE,UAAU,EAAE,GALR;QAMJE,WAAW,EAAE,mCANT;QAOJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU5B,GAAG,CAAC6B,KAAJ,CAAUC,SAApB,EAA+B,4BAA/B,CADC;QAD2B,CAA9B,CAPF;QAYJG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,oCAC7CA,KAD6C;YAEhDC,SAAS,EAAErC,IAAI,CAACsC,mBAFgC;YAGhDM,0BAA0B,EAAElC,SAAS,CAACD,MAAV,CAAiBU;UAHG,EAAzC;QADF,CAZT;QAmBJoB,SAAS,EAAExC,GAAG,CAACE,SAAJ,CAAcuC,iBAAd,EAAyBC;MAnBhC;IAF0C,CAArC,CAAjB;IAyBA,MAAMI,wBAAwB,GAAG9C,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWiC,UAA3B,EAAuC;MACpEjD,IAAI,EAAE,gCAD8D;MAEpEC,MAAM,EAAE;QACJiD,MAAM,EAAE,uBADJ;QAEJC,QAAQ,EAAEN,MAAM,CAACjC,MAAP,CAAcU,GAFpB;QAGJ8B,SAAS,EAAE,kBAHP;QAIJC,SAAS,EAAE5B,MAAM,CAAC6B,WAAY,gBAAenD,IAAI,CAACsC,mBAAoB,EAJlE;QAKJc,aAAa,EAAEjD;MALX,CAF4D;MASpEkD,IAAI,EAAE;QACFC,SAAS,EAAE,CAACZ,MAAM,CAACjC,MAAR;MADT;IAT8D,CAAvC,CAAjC;IAcA,MAAM8C,kBAAkB,GAAGxD,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAAC4C,EAAJ,CAAOC,kBAAvB,EAA2C;MAClE5D,IAAI,EAAE,oBAD4D;MAElEC,MAAM,EAAE;QACJ4D,MAAM,EAAE1D,IAAI,CAACsC,mBADT;QAEJqB,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAElB,MAAM,CAACjC,MAAP,CAAcU,GADrC;UAEI0C,MAAM,EAAE,CAAC,oBAAD;QAFZ,CADa;MAFb,CAF0D;MAWlER,IAAI,EAAE;QACFC,SAAS,EAAE,CAACZ,MAAM,CAACjC,MAAR,EAAgBoC,wBAAwB,CAACpC,MAAzC;MADT;IAX4D,CAA3C,CAA3B;IAgBA,MAAMqD,SAAS,GAAG;MACdpD,SADc;MAEdgC,MAFc;MAGdC;IAHc,CAAlB;IAMA,OAAO;MACHmB,SADG;MAEHP;IAFG,CAAP;EAIH;;AA9HyC,CAAhB,CAAvB;;;AAiIP,SAASjD,6BAAT,CAAuCP,GAAvC,EAAuD;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAJ,CAAcC,kBAAd,CAAb;EAEA,OAAOH,GAAG,CAACY,WAAJ,CAAgBC,GAAG,CAACmD,GAAJ,CAAQC,MAAxB,EAAgC;IACnCnE,IAAI,EAAE,yBAD6B;IAEnCC,MAAM,EAAE;MACJsB,WAAW,EAAE,6CADT;MAEJf,MAAM,EAAE;QACJ4D,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,uBAHZ;UAIIC,QAAQ,EAAE;QAJd,CADO,EAOP;UACIH,GAAG,EAAE,iBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,cAFI,EAGJ,cAHI,EAIJ,eAJI,CAHZ;UASIC,QAAQ,EAAE,CACNhD,MAAM,CAAC6B,WAAY,gBAAenD,IAAI,CAACsC,mBAAoB,EADrD,EAENhB,MAAM,CAAC6B,WAAY,gBAAenD,IAAI,CAACsC,mBAAoB,IAFrD;QATd,CAPO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AA+BH"}
package/apps/api/ApiGraphql.d.ts CHANGED
@@ -6,6 +6,14 @@ interface GraphqlParams {
6
6
  apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;
7
7
  apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;
8
8
  }
9
+ export interface AddRouteParams {
10
+ /**
11
+ * Must be in kebab case (a-z and -)
12
+ */
13
+ name: string;
14
+ path: `/${string}`;
15
+ method: "DELETE" | "GET" | "HEAD" | "PATCH" | "POST" | "PUT" | "OPTIONS" | "ANY";
16
+ }
9
17
  export declare type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;
10
18
  export declare const ApiGraphql: import("@webiny/pulumi").PulumiAppModuleDefinition<{
11
19
  role: import("@webiny/pulumi").PulumiAppResource<typeof aws.iam.Role>;
@@ -13,5 +21,6 @@ export declare const ApiGraphql: import("@webiny/pulumi").PulumiAppModuleDefinit
13
21
  functions: {
14
22
  graphql: import("@webiny/pulumi").PulumiAppResource<typeof aws.lambda.Function>;
15
23
  };
24
+ addRoute: (routeParams: AddRouteParams) => any;
16
25
  }, GraphqlParams>;
17
26
  export {};
package/apps/api/ApiGraphql.js CHANGED
@@ -15,6 +15,8 @@ var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
15
15
 
16
16
  var aws = _interopRequireWildcard(require("@pulumi/aws"));
17
17
 
18
+ var _kebabCase = _interopRequireDefault(require("lodash/kebabCase"));
19
+
18
20
  var _pulumi2 = require("@webiny/pulumi");
19
21
 
20
22
  var _lambdaUtils = require("../lambdaUtils");
@@ -75,7 +77,7 @@ const ApiGraphql = (0, _pulumi2.createAppModule)({
75
77
  rangeKey: pulumi.output(core.primaryDynamodbTableRangeKey).apply(key => key || "SK"),
76
78
  item: pulumi.interpolate`{
77
79
  "PK": {"S": "APW#SETTINGS"},
78
- "SK": {"S": "${app.params.run.variant || "A"}"},
80
+ "SK": {"S": "${app.params.run.variant || "default"}"},
79
81
  "mainGraphqlFunctionArn": {"S": "${graphql.output.arn}"},
80
82
  "eventRuleName": {"S": "${params.apwSchedulerEventRule.name}"},
81
83
  "eventTargetId": {"S": "${params.apwSchedulerEventTarget.targetId}"}
@@ -87,6 +89,27 @@ const ApiGraphql = (0, _pulumi2.createAppModule)({
87
89
  policy,
88
90
  functions: {
89
91
  graphql
92
+ },
93
+ addRoute: routeParams => {
94
+ const apiGateway = app.resources.apiGateway;
95
+
96
+ if (!apiGateway) {
97
+ console.log("Could not add route because there is no apiGateway in the resources.");
98
+ return;
99
+ }
100
+
101
+ const kebabName = (0, _kebabCase.default)(routeParams.name);
102
+
103
+ if (kebabName !== routeParams.name) {
104
+ console.log(`Route name is not allowed: "${routeParams.name}".`);
105
+ return;
106
+ }
107
+
108
+ return apiGateway.addRoute(routeParams.name, {
109
+ path: routeParams.path,
110
+ method: routeParams.method,
111
+ function: graphql.output.arn
112
+ });
90
113
  }
91
114
  };
92
115
  }
package/apps/api/ApiGraphql.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","functions","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"A\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AACA;;;;;;;;;;AAUO,MAAMA,UAAU,GAAG,IAAAC,wBAAA,EAAgB;EACtCC,IAAI,EAAE,YADgC;;EAEtCC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAAwC;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAb;IAEA,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAD,CAAxC;IACA,MAAMO,IAAI,GAAG,IAAAC,6BAAA,EAAiBR,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,iBADyB;MAE/BO,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACjDhB,IAAI,EAAE,SAD2C;MAEjDC,MAAM,EAAE;QACJgB,OAAO,EAAE,YADL;QAEJC,OAAO,EAAE,iBAFL;QAGJT,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GAHd;QAIJC,OAAO,EAAE,EAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,eAA/B,CADC;QAD2B,CAA9B,CANF;QAWJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ChC,MAAM,CAACiC,GAFsC;YAGhDC,mCAAmC,EAAE;UAHW,EAAzC;QADF,CAXT;QAkBJC,SAAS,EAAEpC,GAAG,CAACG,SAAJ,CAAckC,WAAd,EAAyBC;MAlBhC;IAFyC,CAArC,CAAhB;IAwBA;AACR;AACA;AACA;AACA;AACA;;IACQtC,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC2B,QAAJ,CAAaC,SAA7B,EAAwC;MACpC1C,IAAI,EAAE,aAD8B;MAEpCC,MAAM,EAAE;QACJ0C,SAAS,EAAEvC,IAAI,CAACwC,wBADZ;QAEJC,OAAO,EAAEzC,IAAI,CAAC0C,2BAFV;QAGJC,QAAQ,EAAExB,MAAM,CACXZ,MADK,CACEP,IAAI,CAAC4C,4BADP,EAELd,KAFK,CAECe,GAAG,IAAIA,GAAG,IAAI,IAFf,CAHN;QAMJC,IAAI,EAAE3B,MAAM,CAAC4B,WAAY;AACzC;AACA,6BAA6BjD,GAAG,CAACC,MAAJ,CAAWiD,GAAX,CAAeC,OAAf,IAA0B,GAAI;AAC3D,iDAAiDzC,OAAO,CAACD,MAAR,CAAeQ,GAAI;AACpE,wCAAwChB,MAAM,CAACmD,qBAAP,CAA6BtD,IAAK;AAC1E,wCAAwCG,MAAM,CAACoD,uBAAP,CAA+BC,QAAS;AAChF;MAZoB;IAF4B,CAAxC;IAkBA,OAAO;MACH/C,IADG;MAEHF,MAFG;MAGHkD,SAAS,EAAE;QACP7C;MADO;IAHR,CAAP;EAOH;;AAlEqC,CAAhB,CAAnB;;;AAqEP,SAASJ,yBAAT,CAAmCN,GAAnC,EAAmD;EAC/C,MAAMwD,UAAU,GAAGxD,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAnB;EACA,MAAMqD,YAAY,GAAG,IAAAC,yBAAA,EAAgB1D,GAAhB,CAArB;EACA,MAAM2D,SAAS,GAAG,IAAAC,sBAAA,EAAa5D,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAACiD,GAAJ,CAAQC,MAAxB,EAAgC;IACnChE,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJgE,WAAW,EAAE,oEADT;MAEJ;MACA1D,MAAM,EAAEmD,UAAU,CAACxB,KAAX,CAAiB9B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnC2D,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,6BAHI,EAIJ,uBAJI,EAKJ,sBALI,EAMJ,6BANI,EAOJ,uBAPI,EAQJ,qBARI,EASJ,sBATI,EAUJ,6BAVI,EAWJ,yBAXI,EAYJ,oCAZI,EAaJ,sCAbI,EAcJ,yBAdI,EAeJ,8CAfI,EAgBJ,yBAhBI,EAiBJ,mCAjBI,EAkBJ,4CAlBI,EAmBJ,yBAnBI,EAoBJ,wBApBI,EAqBJ,0CArBI,EAsBJ,6BAtBI,EAuBJ,6CAvBI,EAwBJ,4CAxBI,EAyBJ,mCAzBI,EA0BJ,kBA1BI,EA2BJ,qBA3BI,EA4BJ,2BA5BI,EA6BJ,sBA7BI,EA8BJ,kCA9BI,EA+BJ,sBA/BI,EAgCJ,sBAhCI,EAiCJ,qBAjCI,EAkCJ,6BAlCI,EAmCJ,wBAnCI,EAoCJ,wBApCI,EAqCJ,wBArCI,EAsCJ,wBAtCI,EAuCJ,4CAvCI,EAwCJ,kBAxCI,EAyCJ,gBAzCI,EA0CJ,iCA1CI,EA2CJ,oCA3CI,EA4CJ,eA5CI,EA6CJ,kCA7CI,EA8CJ,oCA9CI,EA+CJ,qBA/CI,EAgDJ,sBAhDI,EAiDJ,wCAjDI,EAkDJ,2BAlDI,CAHZ;YAuDIC,QAAQ,EAAE,CACL,GAAEnE,IAAI,CAACoE,uBAAwB,EAD1B,EAEL,GAAEpE,IAAI,CAACoE,uBAAwB,IAF1B,EAGN;YACA,IAAIpE,IAAI,CAACqE,6BAAL,GACE,CACK,GAAErE,IAAI,CAACqE,6BAA8B,EAD1C,EAEK,GAAErE,IAAI,CAACqE,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAvDd,CADO,EAoEP;YACIL,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,CAHZ;YAUIC,QAAQ,EAAG,gBAAenE,IAAI,CAACsE,mBAAoB;UAVvD,CApEO,EAgFP;YACIN,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAEhD,MAAM,CAAC4B,WAAY,kBAAiBU,SAAU,IAAGF,YAAa;UAJ5E,CAhFO,EAsFP;YACIS,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAEnE,IAAI,CAACuE,kBAAmB;UAJzC,CAtFO,EA4FP;YACIP,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,kBAHZ;YAIIC,QAAQ,EAAEnE,IAAI,CAACwE;UAJnB,CA5FO,EAkGP;UACA,IAAIxE,IAAI,CAACyE,sBAAL,GACE,CACI;YACIT,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAEnE,IAAI,CAACyE,sBAAuB,EADzB,EAEL,GAAEzE,IAAI,CAACyE,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAnGO;QAFwB,CAAvC;QAqHA,OAAOtE,MAAP;MACH,CAvHO;IAHJ;EAF2B,CAAhC,CAAP;AA+HH"}
1
+ {"version":3,"names":["ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","function","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AACA;;;;;;;;;;AAmBO,MAAMA,UAAU,GAAG,IAAAC,wBAAA,EAAgB;EACtCC,IAAI,EAAE,YADgC;;EAEtCC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAAwC;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAb;IAEA,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAD,CAAxC;IACA,MAAMO,IAAI,GAAG,IAAAC,6BAAA,EAAiBR,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,iBADyB;MAE/BO,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACjDhB,IAAI,EAAE,SAD2C;MAEjDC,MAAM,EAAE;QACJgB,OAAO,EAAE,YADL;QAEJC,OAAO,EAAE,iBAFL;QAGJT,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GAHd;QAIJC,OAAO,EAAE,EAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAU1B,GAAG,CAAC2B,KAAJ,CAAUC,SAApB,EAA+B,eAA/B,CADC;QAD2B,CAA9B,CANF;QAWJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ChC,MAAM,CAACiC,GAFsC;YAGhDC,mCAAmC,EAAE;UAHW,EAAzC;QADF,CAXT;QAkBJC,SAAS,EAAEpC,GAAG,CAACG,SAAJ,CAAckC,WAAd,EAAyBC;MAlBhC;IAFyC,CAArC,CAAhB;IAwBA;AACR;AACA;AACA;AACA;AACA;;IACQtC,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC2B,QAAJ,CAAaC,SAA7B,EAAwC;MACpC1C,IAAI,EAAE,aAD8B;MAEpCC,MAAM,EAAE;QACJ0C,SAAS,EAAEvC,IAAI,CAACwC,wBADZ;QAEJC,OAAO,EAAEzC,IAAI,CAAC0C,2BAFV;QAGJC,QAAQ,EAAExB,MAAM,CACXZ,MADK,CACEP,IAAI,CAAC4C,4BADP,EAELd,KAFK,CAECe,GAAG,IAAIA,GAAG,IAAI,IAFf,CAHN;QAMJC,IAAI,EAAE3B,MAAM,CAAC4B,WAAY;AACzC;AACA,6BAA6BjD,GAAG,CAACC,MAAJ,CAAWiD,GAAX,CAAeC,OAAf,IAA0B,SAAU;AACjE,iDAAiDzC,OAAO,CAACD,MAAR,CAAeQ,GAAI;AACpE,wCAAwChB,MAAM,CAACmD,qBAAP,CAA6BtD,IAAK;AAC1E,wCAAwCG,MAAM,CAACoD,uBAAP,CAA+BC,QAAS;AAChF;MAZoB;IAF4B,CAAxC;IAkBA,OAAO;MACH/C,IADG;MAEHF,MAFG;MAGHkD,SAAS,EAAE;QACP7C;MADO,CAHR;MAMH8C,QAAQ,EAAGC,WAAD,IAAiC;QACvC,MAAMC,UAAe,GAAG1D,GAAG,CAAC2D,SAAJ,CAAcD,UAAtC;;QACA,IAAI,CAACA,UAAL,EAAiB;UACbE,OAAO,CAACC,GAAR,CACI,sEADJ;UAGA;QACH;;QACD,MAAMC,SAAS,GAAG,IAAAC,kBAAA,EAAYN,WAAW,CAAC3D,IAAxB,CAAlB;;QACA,IAAIgE,SAAS,KAAKL,WAAW,CAAC3D,IAA9B,EAAoC;UAChC8D,OAAO,CAACC,GAAR,CAAa,+BAA8BJ,WAAW,CAAC3D,IAAK,IAA5D;UACA;QACH;;QACD,OAAO4D,UAAU,CAACF,QAAX,CAAoBC,WAAW,CAAC3D,IAAhC,EAAsC;UACzC2B,IAAI,EAAEgC,WAAW,CAAChC,IADuB;UAEzCuC,MAAM,EAAEP,WAAW,CAACO,MAFqB;UAGzCC,QAAQ,EAAEvD,OAAO,CAACD,MAAR,CAAeQ;QAHgB,CAAtC,CAAP;MAKH;IAxBE,CAAP;EA0BH;;AArFqC,CAAhB,CAAnB;;;AAwFP,SAASX,yBAAT,CAAmCN,GAAnC,EAAmD;EAC/C,MAAMkE,UAAU,GAAGlE,GAAG,CAACG,SAAJ,CAAcC,YAAd,CAAnB;EACA,MAAM+D,YAAY,GAAG,IAAAC,yBAAA,EAAgBpE,GAAhB,CAArB;EACA,MAAMqE,SAAS,GAAG,IAAAC,sBAAA,EAAatE,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACW,WAAJ,CAAgBC,GAAG,CAAC2D,GAAJ,CAAQC,MAAxB,EAAgC;IACnC1E,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJ0E,WAAW,EAAE,oEADT;MAEJ;MACApE,MAAM,EAAE6D,UAAU,CAAClC,KAAX,CAAiB9B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCqE,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,6BAHI,EAIJ,uBAJI,EAKJ,sBALI,EAMJ,6BANI,EAOJ,uBAPI,EAQJ,qBARI,EASJ,sBATI,EAUJ,6BAVI,EAWJ,yBAXI,EAYJ,oCAZI,EAaJ,sCAbI,EAcJ,yBAdI,EAeJ,8CAfI,EAgBJ,yBAhBI,EAiBJ,mCAjBI,EAkBJ,4CAlBI,EAmBJ,yBAnBI,EAoBJ,wBApBI,EAqBJ,0CArBI,EAsBJ,6BAtBI,EAuBJ,6CAvBI,EAwBJ,4CAxBI,EAyBJ,mCAzBI,EA0BJ,kBA1BI,EA2BJ,qBA3BI,EA4BJ,2BA5BI,EA6BJ,sBA7BI,EA8BJ,kCA9BI,EA+BJ,sBA/BI,EAgCJ,sBAhCI,EAiCJ,qBAjCI,EAkCJ,6BAlCI,EAmCJ,wBAnCI,EAoCJ,wBApCI,EAqCJ,wBArCI,EAsCJ,wBAtCI,EAuCJ,4CAvCI,EAwCJ,kBAxCI,EAyCJ,gBAzCI,EA0CJ,iCA1CI,EA2CJ,oCA3CI,EA4CJ,eA5CI,EA6CJ,kCA7CI,EA8CJ,oCA9CI,EA+CJ,qBA/CI,EAgDJ,sBAhDI,EAiDJ,wCAjDI,EAkDJ,2BAlDI,CAHZ;YAuDIC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAAC8E,uBAAwB,EAD1B,EAEL,GAAE9E,IAAI,CAAC8E,uBAAwB,IAF1B,EAGN;YACA,IAAI9E,IAAI,CAAC+E,6BAAL,GACE,CACK,GAAE/E,IAAI,CAAC+E,6BAA8B,EAD1C,EAEK,GAAE/E,IAAI,CAAC+E,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAvDd,CADO,EAoEP;YACIL,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,CAHZ;YAUIC,QAAQ,EAAG,gBAAe7E,IAAI,CAACgF,mBAAoB;UAVvD,CApEO,EAgFP;YACIN,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAE1D,MAAM,CAAC4B,WAAY,kBAAiBoB,SAAU,IAAGF,YAAa;UAJ5E,CAhFO,EAsFP;YACIS,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAE7E,IAAI,CAACiF,kBAAmB;UAJzC,CAtFO,EA4FP;YACIP,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,kBAHZ;YAIIC,QAAQ,EAAE7E,IAAI,CAACkF;UAJnB,CA5FO,EAkGP;UACA,IAAIlF,IAAI,CAACmF,sBAAL,GACE,CACI;YACIT,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAACmF,sBAAuB,EADzB,EAEL,GAAEnF,IAAI,CAACmF,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAnGO;QAFwB,CAAvC;QAqHA,OAAOhF,MAAP;MACH,CAvHO;IAHJ;EAF2B,CAAhC,CAAP;AA+HH"}
package/apps/api/ApiOutput.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ import { PulumiAppModule } from "@webiny/pulumi";
2
+ export declare type ApiOutput = PulumiAppModule<typeof ApiOutput>;
3
+ export declare const ApiOutput: import("@webiny/pulumi").PulumiAppModuleDefinition<import("@pulumi/pulumi").Output<import("@pulumi/pulumi").UnwrappedObject<{
4
+ apiDomain: string;
5
+ apiUrl: string;
6
+ apwSchedulerEventRule: string | undefined;
7
+ apwSchedulerEventTargetId: string | undefined;
8
+ apwSchedulerExecuteAction: string | undefined;
9
+ apwSchedulerScheduleAction: string | undefined;
10
+ cognitoAppClientId: string;
11
+ cognitoUserPoolId: string;
12
+ cognitoUserPoolPasswordPolicy: string;
13
+ dynamoDbTable: string;
14
+ region: string;
15
+ }>>, void>;
package/apps/api/ApiOutput.js ADDED
@@ -0,0 +1,43 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.ApiOutput = void 0;
7
+
8
+ var _pulumi = require("@webiny/pulumi");
9
+
10
+ var _utils = require("@webiny/cli-plugin-deploy-pulumi/utils");
11
+
12
+ const ApiOutput = (0, _pulumi.createAppModule)({
13
+ name: "ApiOutput",
14
+
15
+ config(app) {
16
+ return app.addHandler(async () => {
17
+ const output = (0, _utils.getStackOutput)({
18
+ folder: "apps/api",
19
+ env: app.params.run.env
20
+ });
21
+
22
+ if (!output) {
23
+ throw new Error("API application is not deployed.");
24
+ }
25
+
26
+ return {
27
+ apiDomain: output["apiDomain"],
28
+ apiUrl: output["apiUrl"],
29
+ apwSchedulerEventRule: output["apwSchedulerEventRule"],
30
+ apwSchedulerEventTargetId: output["apwSchedulerEventTargetId"],
31
+ apwSchedulerExecuteAction: output["apwSchedulerExecuteAction"],
32
+ apwSchedulerScheduleAction: output["apwSchedulerScheduleAction"],
33
+ cognitoAppClientId: output["cognitoAppClientId"],
34
+ cognitoUserPoolId: output["cognitoUserPoolId"],
35
+ cognitoUserPoolPasswordPolicy: output["cognitoUserPoolPasswordPolicy"],
36
+ dynamoDbTable: output["dynamoDbTable"],
37
+ region: output["region"]
38
+ };
39
+ });
40
+ }
41
+
42
+ });
43
+ exports.ApiOutput = ApiOutput;
package/apps/api/ApiOutput.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["ApiOutput","createAppModule","name","config","app","addHandler","output","getStackOutput","folder","env","params","run","Error","apiDomain","apiUrl","apwSchedulerEventRule","apwSchedulerEventTargetId","apwSchedulerExecuteAction","apwSchedulerScheduleAction","cognitoAppClientId","cognitoUserPoolId","cognitoUserPoolPasswordPolicy","dynamoDbTable","region"],"sources":["ApiOutput.ts"],"sourcesContent":["import { createAppModule, PulumiAppModule } from \"@webiny/pulumi\";\nimport { getStackOutput } from \"@webiny/cli-plugin-deploy-pulumi/utils\";\n\nexport type ApiOutput = PulumiAppModule<typeof ApiOutput>;\n\nexport const ApiOutput = createAppModule({\n name: \"ApiOutput\",\n config(app) {\n return app.addHandler(async () => {\n const output = getStackOutput({\n folder: \"apps/api\",\n env: app.params.run.env\n });\n\n if (!output) {\n throw new Error(\"API application is not deployed.\");\n }\n\n return {\n apiDomain: output[\"apiDomain\"] as string,\n apiUrl: output[\"apiUrl\"] as string,\n apwSchedulerEventRule: output[\"apwSchedulerEventRule\"] as string | undefined,\n apwSchedulerEventTargetId: output[\"apwSchedulerEventTargetId\"] as\n | string\n | undefined,\n apwSchedulerExecuteAction: output[\"apwSchedulerExecuteAction\"] as\n | string\n | undefined,\n apwSchedulerScheduleAction: output[\"apwSchedulerScheduleAction\"] as\n | string\n | undefined,\n cognitoAppClientId: output[\"cognitoAppClientId\"] as string,\n cognitoUserPoolId: output[\"cognitoUserPoolId\"] as string,\n cognitoUserPoolPasswordPolicy: output[\"cognitoUserPoolPasswordPolicy\"] as string,\n dynamoDbTable: output[\"dynamoDbTable\"] as string,\n region: output[\"region\"] as string\n };\n });\n }\n});\n"],"mappings":";;;;;;;AAAA;;AACA;;AAIO,MAAMA,SAAS,GAAG,IAAAC,uBAAA,EAAgB;EACrCC,IAAI,EAAE,WAD+B;;EAErCC,MAAM,CAACC,GAAD,EAAM;IACR,OAAOA,GAAG,CAACC,UAAJ,CAAe,YAAY;MAC9B,MAAMC,MAAM,GAAG,IAAAC,qBAAA,EAAe;QAC1BC,MAAM,EAAE,UADkB;QAE1BC,GAAG,EAAEL,GAAG,CAACM,MAAJ,CAAWC,GAAX,CAAeF;MAFM,CAAf,CAAf;;MAKA,IAAI,CAACH,MAAL,EAAa;QACT,MAAM,IAAIM,KAAJ,CAAU,kCAAV,CAAN;MACH;;MAED,OAAO;QACHC,SAAS,EAAEP,MAAM,CAAC,WAAD,CADd;QAEHQ,MAAM,EAAER,MAAM,CAAC,QAAD,CAFX;QAGHS,qBAAqB,EAAET,MAAM,CAAC,uBAAD,CAH1B;QAIHU,yBAAyB,EAAEV,MAAM,CAAC,2BAAD,CAJ9B;QAOHW,yBAAyB,EAAEX,MAAM,CAAC,2BAAD,CAP9B;QAUHY,0BAA0B,EAAEZ,MAAM,CAAC,4BAAD,CAV/B;QAaHa,kBAAkB,EAAEb,MAAM,CAAC,oBAAD,CAbvB;QAcHc,iBAAiB,EAAEd,MAAM,CAAC,mBAAD,CAdtB;QAeHe,6BAA6B,EAAEf,MAAM,CAAC,+BAAD,CAflC;QAgBHgB,aAAa,EAAEhB,MAAM,CAAC,eAAD,CAhBlB;QAiBHiB,MAAM,EAAEjB,MAAM,CAAC,QAAD;MAjBX,CAAP;IAmBH,CA7BM,CAAP;EA8BH;;AAjCoC,CAAhB,CAAlB"}
package/apps/api/ApiPageBuilder.js CHANGED
@@ -44,7 +44,6 @@ const ApiPageBuilder = (0, _pulumi2.createAppModule)({
44
44
  (0, _installation.createInstallationZip)(pbInstallationZipPath);
45
45
  new aws.s3.BucketObject("./pbInstallation.zip", {
46
46
  key: "pbInstallation.zip",
47
- acl: "public-read",
48
47
  bucket: core.fileManagerBucketId,
49
48
  contentType: "application/octet-stream",
50
49
  source: new pulumi.asset.FileAsset(pbInstallationZipPath)
package/apps/api/ApiPageBuilder.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["ApiPageBuilder","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","path","join","resolve","createInstallationZip","aws","s3","BucketObject","key","acl","bucket","fileManagerBucketId","contentType","source","pulumi","asset","FileAsset","exportPages","createExportPagesResources","importPages","createImportPagesResources","policy","createExportPagesLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","S3_BUCKET","process","EXPORT_PAGE_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","createImportPagesLambdaPolicy","create","IMPORT_PAGE_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn","elasticsearchDomainArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n//@ts-ignore\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n acl: \"public-read\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportPages = createExportPagesResources(app, params);\n const importPages = createImportPagesResources(app, params);\n\n return {\n exportPages,\n importPages\n };\n }\n});\n\nfunction createExportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportPagesLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-pages-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-combine\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/exportPages/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/exportPages/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_PAGE_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportPagesLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportPageTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n }\n ]\n }\n }\n });\n}\n\nfunction createImportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportPagesLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-page-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/importPages/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-create\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/importPages/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_PAGE_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportPagesLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportPageLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;AAQO,MAAMA,cAAc,GAAG,IAAAC,wBAAA,EAAgB;EAC1CC,IAAI,EAAE,gBADoC;;EAE1CC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA4C;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;IAEAJ,GAAG,CAACK,UAAJ,CAAe,MAAM;MACjB,MAAMC,qBAAqB,GAAGC,IAAI,CAACC,IAAL,CAAUD,IAAI,CAACE,OAAL,EAAV,EAA0B,MAA1B,EAAkC,oBAAlC,CAA9B,CADiB,CAEjB;;MACA,IAAAC,mCAAA,EAAsBJ,qBAAtB;MAEA,IAAIK,GAAG,CAACC,EAAJ,CAAOC,YAAX,CAAwB,sBAAxB,EAAgD;QAC5CC,GAAG,EAAE,oBADuC;QAE5CC,GAAG,EAAE,aAFuC;QAG5CC,MAAM,EAAEd,IAAI,CAACe,mBAH+B;QAI5CC,WAAW,EAAE,0BAJ+B;QAK5CC,MAAM,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,SAAjB,CAA2BhB,qBAA3B;MALoC,CAAhD;IAOH,CAZD;IAcA,MAAMiB,WAAW,GAAGC,0BAA0B,CAACxB,GAAD,EAAMC,MAAN,CAA9C;IACA,MAAMwB,WAAW,GAAGC,0BAA0B,CAAC1B,GAAD,EAAMC,MAAN,CAA9C;IAEA,OAAO;MACHsB,WADG;MAEHE;IAFG,CAAP;EAIH;;AA1ByC,CAAhB,CAAvB;;;AA6BP,SAASD,0BAAT,CAAoCxB,GAApC,EAAoDC,MAApD,EAA+E;EAC3E,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EAEA,MAAMuB,MAAM,GAAGC,6BAA6B,CAAC5B,GAAD,CAA5C;EACA,MAAM6B,IAAI,GAAG,IAAAC,6BAAA,EAAiB9B,GAAjB,EAAsB;IAC/BF,IAAI,EAAE,6BADyB;IAE/B6B,MAAM,EAAEA,MAAM,CAACI;EAFgB,CAAtB,CAAb;EAKA,MAAMC,OAAO,GAAGhC,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACuB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDrC,IAAI,EAAE,yBAD2C;IAEjDC,MAAM,EAAE;MACJ8B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,uCANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDrC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC6C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ClD,MAAM,CAACmD,GAFsC;UAGhDC,SAAS,EAAEnD,IAAI,CAACe;QAHgC,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAwBA,MAAMqC,OAAO,GAAGtD,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACuB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDrC,IAAI,EAAE,yBAD2C;IAEjDC,MAAM,EAAE;MACJ8B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,uCANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDrC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC6C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ClD,MAAM,CAACmD,GAFsC;UAGhDC,SAAS,EAAEnD,IAAI,CAACe,mBAHgC;UAIhDsC,2BAA2B,EAAEvB,OAAO,CAACD,MAAR,CAAeK;QAJI,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAyBA,OAAO;IACHP,IADG;IAEHF,MAFG;IAGH6B,SAAS,EAAE;MACPF,OADO;MAEPtB;IAFO;EAHR,CAAP;AAQH;;AAED,SAASJ,6BAAT,CAAuC5B,GAAvC,EAAuD;EACnD,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EACA,MAAMqD,YAAY,GAAG,IAAAC,yBAAA,EAAgB1D,GAAhB,CAArB;EACA,MAAM2D,SAAS,GAAG,IAAAC,sBAAA,EAAa5D,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACkD,GAAJ,CAAQC,MAAxB,EAAgC;IACnChE,IAAI,EAAE,8BAD6B;IAEnCC,MAAM,EAAE;MACJ0C,WAAW,EAAE,wCADT;MAEJd,MAAM,EAAE;QACJoC,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;UAYIC,QAAQ,EAAE,CACNhD,MAAM,CAACiD,WAAY,GAAEnE,IAAI,CAACoE,uBAAwB,EAD5C,EAENlD,MAAM,CAACiD,WAAY,GAAEnE,IAAI,CAACoE,uBAAwB,IAF5C;QAZd,CADO,EAkBP;UACIL,GAAG,EAAE,iBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;UAWIC,QAAQ,EAAE,CACNhD,MAAM,CAACiD,WAAY,gBAAenE,IAAI,CAACe,mBAAoB,IADrD,EAEN;UACAG,MAAM,CAACiD,WAAY,gBAAenE,IAAI,CAACe,mBAAoB,EAHrD;QAXd,CAlBO,EAmCP;UACIgD,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;UAIIC,QAAQ,EAAEhD,MAAM,CAACiD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;QAJ5E,CAnCO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AAmDH;;AAED,SAAS/B,0BAAT,CAAoC1B,GAApC,EAAoDC,MAApD,EAA+E;EAC3E,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EACA,MAAMuB,MAAM,GAAG4C,6BAA6B,CAACvE,GAAD,CAA5C;EACA,MAAM6B,IAAI,GAAG,IAAAC,6BAAA,EAAiB9B,GAAjB,EAAsB;IAC/BF,IAAI,EAAE,4BADyB;IAE/B6B,MAAM,EAAEA,MAAM,CAACI;EAFgB,CAAtB,CAAb;EAKA,MAAMuB,OAAO,GAAGtD,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACuB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDrC,IAAI,EAAE,8BAD2C;IAEjDC,MAAM,EAAE;MACJ8B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,2CANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDrC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC6C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ClD,MAAM,CAACmD,GAFsC;UAGhDC,SAAS,EAAEnD,IAAI,CAACe;QAHgC,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAwBA,MAAMuD,MAAM,GAAGxE,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACuB,MAAJ,CAAWC,QAA3B,EAAqC;IAChDrC,IAAI,EAAE,6BAD0C;IAEhDC,MAAM,EAAE;MACJ8B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,0CANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDrC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC6C,KAAJ,CAAUC,SAApB,EAA+B,sCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7ClD,MAAM,CAACmD,GAFsC;UAGhDC,SAAS,EAAEnD,IAAI,CAACe,mBAHgC;UAIhDwD,iCAAiC,EAAEnB,OAAO,CAACvB,MAAR,CAAeK;QAJF,EAAzC;MADF;IAZT;EAFwC,CAArC,CAAf;EAyBA,OAAO;IACHP,IADG;IAEHF,MAFG;IAGH6B,SAAS,EAAE;MACPgB,MADO;MAEPlB;IAFO;EAHR,CAAP;AAQH;;AAED,SAASiB,6BAAT,CAAuCvE,GAAvC,EAAuD;EACnD,MAAM0E,UAAU,GAAG1E,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAnB;EACA,MAAMqD,YAAY,GAAG,IAAAC,yBAAA,EAAgB1D,GAAhB,CAArB;EACA,MAAM2D,SAAS,GAAG,IAAAC,sBAAA,EAAa5D,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACiC,WAAJ,CAAgBtB,GAAG,CAACkD,GAAJ,CAAQC,MAAxB,EAAgC;IACnChE,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJ0C,WAAW,EAAE,iEADT;MAEJ;MACAd,MAAM,EAAE+C,UAAU,CAACxB,KAAX,CAAiBhD,IAAI,IAAI;QAC7B,MAAMyB,MAA8B,GAAG;UACnCoC,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;YAYIC,QAAQ,EAAE,CACL,GAAElE,IAAI,CAACoE,uBAAwB,EAD1B,EAEL,GAAEpE,IAAI,CAACoE,uBAAwB,IAF1B,EAGN;YACA,IAAIpE,IAAI,CAACyE,6BAAL,GACE,CACK,GAAEzE,IAAI,CAACyE,6BAA8B,EAD1C,EAEK,GAAEzE,IAAI,CAACyE,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAZd,CADO,EAyBP;YACIV,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;YAWIC,QAAQ,EAAE,CACL,gBAAelE,IAAI,CAACe,mBAAoB,IADnC,EAEN;YACC,gBAAef,IAAI,CAACe,mBAAoB,EAHnC;UAXd,CAzBO,EA0CP;YACIgD,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAEhD,MAAM,CAACiD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;UAJ5E,CA1CO,EAgDP;YACIQ,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAElE,IAAI,CAAC0E,kBAAmB;UAJzC,CAhDO,EAsDP;UACA,IAAI1E,IAAI,CAAC2E,sBAAL,GACE,CACI;YACIZ,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAElE,IAAI,CAAC2E,sBAAuB,EADzB,EAEL,GAAE3E,IAAI,CAAC2E,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAvDO;QAFwB,CAAvC;QAyEA,OAAOlD,MAAP;MACH,CA3EO;IAHJ;EAF2B,CAAhC,CAAP;AAmFH"}
1
+ {"version":3,"names":["ApiPageBuilder","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","path","join","resolve","createInstallationZip","aws","s3","BucketObject","key","bucket","fileManagerBucketId","contentType","source","pulumi","asset","FileAsset","exportPages","createExportPagesResources","importPages","createImportPagesResources","policy","createExportPagesLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","S3_BUCKET","process","EXPORT_PAGE_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","createImportPagesLambdaPolicy","create","IMPORT_PAGE_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn","elasticsearchDomainArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n//@ts-ignore\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportPages = createExportPagesResources(app, params);\n const importPages = createImportPagesResources(app, params);\n\n return {\n exportPages,\n importPages\n };\n }\n});\n\nfunction createExportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportPagesLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-pages-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-combine\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/exportPages/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-pages-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle page export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/exportPages/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_PAGE_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportPagesLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportPageTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n }\n ]\n }\n }\n });\n}\n\nfunction createImportPagesResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportPagesLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-page-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/importPages/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-page-queue-create\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import page queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/importPages/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_PAGE_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportPagesLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportPageLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;AAAA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;AAQO,MAAMA,cAAc,GAAG,IAAAC,wBAAA,EAAgB;EAC1CC,IAAI,EAAE,gBADoC;;EAE1CC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA4C;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;IAEAJ,GAAG,CAACK,UAAJ,CAAe,MAAM;MACjB,MAAMC,qBAAqB,GAAGC,IAAI,CAACC,IAAL,CAAUD,IAAI,CAACE,OAAL,EAAV,EAA0B,MAA1B,EAAkC,oBAAlC,CAA9B,CADiB,CAEjB;;MACA,IAAAC,mCAAA,EAAsBJ,qBAAtB;MAEA,IAAIK,GAAG,CAACC,EAAJ,CAAOC,YAAX,CAAwB,sBAAxB,EAAgD;QAC5CC,GAAG,EAAE,oBADuC;QAE5CC,MAAM,EAAEb,IAAI,CAACc,mBAF+B;QAG5CC,WAAW,EAAE,0BAH+B;QAI5CC,MAAM,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,SAAjB,CAA2Bf,qBAA3B;MAJoC,CAAhD;IAMH,CAXD;IAaA,MAAMgB,WAAW,GAAGC,0BAA0B,CAACvB,GAAD,EAAMC,MAAN,CAA9C;IACA,MAAMuB,WAAW,GAAGC,0BAA0B,CAACzB,GAAD,EAAMC,MAAN,CAA9C;IAEA,OAAO;MACHqB,WADG;MAEHE;IAFG,CAAP;EAIH;;AAzByC,CAAhB,CAAvB;;;AA4BP,SAASD,0BAAT,CAAoCvB,GAApC,EAAoDC,MAApD,EAA+E;EAC3E,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EAEA,MAAMsB,MAAM,GAAGC,6BAA6B,CAAC3B,GAAD,CAA5C;EACA,MAAM4B,IAAI,GAAG,IAAAC,6BAAA,EAAiB7B,GAAjB,EAAsB;IAC/BF,IAAI,EAAE,6BADyB;IAE/B4B,MAAM,EAAEA,MAAM,CAACI;EAFgB,CAAtB,CAAb;EAKA,MAAMC,OAAO,GAAG/B,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACsB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDpC,IAAI,EAAE,yBAD2C;IAEjDC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,uCANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDpC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC4C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7CjD,MAAM,CAACkD,GAFsC;UAGhDC,SAAS,EAAElD,IAAI,CAACc;QAHgC,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAwBA,MAAMqC,OAAO,GAAGrD,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACsB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDpC,IAAI,EAAE,yBAD2C;IAEjDC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,uCANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDpC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC4C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7CjD,MAAM,CAACkD,GAFsC;UAGhDC,SAAS,EAAElD,IAAI,CAACc,mBAHgC;UAIhDsC,2BAA2B,EAAEvB,OAAO,CAACD,MAAR,CAAeK;QAJI,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAyBA,OAAO;IACHP,IADG;IAEHF,MAFG;IAGH6B,SAAS,EAAE;MACPF,OADO;MAEPtB;IAFO;EAHR,CAAP;AAQH;;AAED,SAASJ,6BAAT,CAAuC3B,GAAvC,EAAuD;EACnD,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EACA,MAAMoD,YAAY,GAAG,IAAAC,yBAAA,EAAgBzD,GAAhB,CAArB;EACA,MAAM0D,SAAS,GAAG,IAAAC,sBAAA,EAAa3D,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACiD,GAAJ,CAAQC,MAAxB,EAAgC;IACnC/D,IAAI,EAAE,8BAD6B;IAEnCC,MAAM,EAAE;MACJyC,WAAW,EAAE,wCADT;MAEJd,MAAM,EAAE;QACJoC,OAAO,EAAE,YADL;QAEJC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;UAYIC,QAAQ,EAAE,CACNhD,MAAM,CAACiD,WAAY,GAAElE,IAAI,CAACmE,uBAAwB,EAD5C,EAENlD,MAAM,CAACiD,WAAY,GAAElE,IAAI,CAACmE,uBAAwB,IAF5C;QAZd,CADO,EAkBP;UACIL,GAAG,EAAE,iBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;UAWIC,QAAQ,EAAE,CACNhD,MAAM,CAACiD,WAAY,gBAAelE,IAAI,CAACc,mBAAoB,IADrD,EAEN;UACAG,MAAM,CAACiD,WAAY,gBAAelE,IAAI,CAACc,mBAAoB,EAHrD;QAXd,CAlBO,EAmCP;UACIgD,GAAG,EAAE,qBADT;UAEIC,MAAM,EAAE,OAFZ;UAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;UAIIC,QAAQ,EAAEhD,MAAM,CAACiD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;QAJ5E,CAnCO;MAFP;IAFJ;EAF2B,CAAhC,CAAP;AAmDH;;AAED,SAAS/B,0BAAT,CAAoCzB,GAApC,EAAoDC,MAApD,EAA+E;EAC3E,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAb;EACA,MAAMsB,MAAM,GAAG4C,6BAA6B,CAACtE,GAAD,CAA5C;EACA,MAAM4B,IAAI,GAAG,IAAAC,6BAAA,EAAiB7B,GAAjB,EAAsB;IAC/BF,IAAI,EAAE,4BADyB;IAE/B4B,MAAM,EAAEA,MAAM,CAACI;EAFgB,CAAtB,CAAb;EAKA,MAAMuB,OAAO,GAAGrD,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACsB,MAAJ,CAAWC,QAA3B,EAAqC;IACjDpC,IAAI,EAAE,8BAD2C;IAEjDC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,2CANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDpC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC4C,KAAJ,CAAUC,SAApB,EAA+B,uCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7CjD,MAAM,CAACkD,GAFsC;UAGhDC,SAAS,EAAElD,IAAI,CAACc;QAHgC,EAAzC;MADF;IAZT;EAFyC,CAArC,CAAhB;EAwBA,MAAMuD,MAAM,GAAGvE,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACsB,MAAJ,CAAWC,QAA3B,EAAqC;IAChDpC,IAAI,EAAE,6BAD0C;IAEhDC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYK,GADd;MAEJC,OAAO,EAAE,YAFL;MAGJC,OAAO,EAAE,iBAHL;MAIJC,OAAO,EAAE,EAJL;MAKJC,UAAU,EAAE,GALR;MAMJC,WAAW,EAAE,0CANT;MAOJC,IAAI,EAAE,IAAItB,MAAM,CAACC,KAAP,CAAasB,YAAjB,CAA8B;QAChC,KAAK,IAAIvB,MAAM,CAACC,KAAP,CAAauB,WAAjB,CACDpC,IAAI,CAACC,IAAL,CAAUR,GAAG,CAAC4C,KAAJ,CAAUC,SAApB,EAA+B,sCAA/B,CADC;MAD2B,CAA9B,CAPF;MAYJC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,kDAC7CA,KAD6C,GAE7CjD,MAAM,CAACkD,GAFsC;UAGhDC,SAAS,EAAElD,IAAI,CAACc,mBAHgC;UAIhDwD,iCAAiC,EAAEnB,OAAO,CAACvB,MAAR,CAAeK;QAJF,EAAzC;MADF;IAZT;EAFwC,CAArC,CAAf;EAyBA,OAAO;IACHP,IADG;IAEHF,MAFG;IAGH6B,SAAS,EAAE;MACPgB,MADO;MAEPlB;IAFO;EAHR,CAAP;AAQH;;AAED,SAASiB,6BAAT,CAAuCtE,GAAvC,EAAuD;EACnD,MAAMyE,UAAU,GAAGzE,GAAG,CAACG,SAAJ,CAAcC,kBAAd,CAAnB;EACA,MAAMoD,YAAY,GAAG,IAAAC,yBAAA,EAAgBzD,GAAhB,CAArB;EACA,MAAM0D,SAAS,GAAG,IAAAC,sBAAA,EAAa3D,GAAb,CAAlB;EAEA,OAAOA,GAAG,CAACgC,WAAJ,CAAgBrB,GAAG,CAACiD,GAAJ,CAAQC,MAAxB,EAAgC;IACnC/D,IAAI,EAAE,wBAD6B;IAEnCC,MAAM,EAAE;MACJyC,WAAW,EAAE,iEADT;MAEJ;MACAd,MAAM,EAAE+C,UAAU,CAACxB,KAAX,CAAiB/C,IAAI,IAAI;QAC7B,MAAMwB,MAA8B,GAAG;UACnCoC,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,kBAHI,EAIJ,qBAJI,EAKJ,kBALI,EAMJ,gBANI,EAOJ,qBAPI,CAHZ;YAYIC,QAAQ,EAAE,CACL,GAAEjE,IAAI,CAACmE,uBAAwB,EAD1B,EAEL,GAAEnE,IAAI,CAACmE,uBAAwB,IAF1B,EAGN;YACA,IAAInE,IAAI,CAACwE,6BAAL,GACE,CACK,GAAExE,IAAI,CAACwE,6BAA8B,EAD1C,EAEK,GAAExE,IAAI,CAACwE,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAZd,CADO,EAyBP;YACIV,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,iBADI,EAEJ,iBAFI,EAGJ,iBAHI,EAIJ,cAJI,EAKJ,cALI,EAMJ,eANI,CAHZ;YAWIC,QAAQ,EAAE,CACL,gBAAejE,IAAI,CAACc,mBAAoB,IADnC,EAEN;YACC,gBAAed,IAAI,CAACc,mBAAoB,EAHnC;UAXd,CAzBO,EA0CP;YACIgD,GAAG,EAAE,qBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CAAC,uBAAD,CAHZ;YAIIC,QAAQ,EAAEhD,MAAM,CAACiD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;UAJ5E,CA1CO,EAgDP;YACIQ,GAAG,EAAE,yBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,eAHZ;YAIIC,QAAQ,EAAG,GAAEjE,IAAI,CAACyE,kBAAmB;UAJzC,CAhDO,EAsDP;UACA,IAAIzE,IAAI,CAAC0E,sBAAL,GACE,CACI;YACIZ,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAEjE,IAAI,CAAC0E,sBAAuB,EADzB,EAEL,GAAE1E,IAAI,CAAC0E,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CAvDO;QAFwB,CAAvC;QAyEA,OAAOlD,MAAP;MACH,CA3EO;IAHJ;EAF2B,CAAhC,CAAP;AAmFH"}
package/apps/api/createApiPulumiApp.d.ts CHANGED
@@ -30,6 +30,7 @@ export declare const createApiPulumiApp: (projectAppParams?: CreateApiPulumiAppP
30
30
  functions: {
31
31
  graphql: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/lambda").Function>;
32
32
  };
33
+ addRoute: (routeParams: import("~/apps").AddRouteParams) => any;
33
34
  };
34
35
  headlessCms: {
35
36
  role: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam").Role>;