@webiny/pulumi-aws 5.35.0 → 5.35.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/apps/awsUtils.d.ts +1 -1
  2. package/apps/tenantRouter.d.ts +3 -1
  3. package/apps/tenantRouter.js +9 -1
  4. package/apps/tenantRouter.js.map +1 -1
  5. package/apps/website/createWebsitePulumiApp.js +8 -1
  6. package/apps/website/createWebsitePulumiApp.js.map +1 -1
  7. package/package.json +18 -18
  8. package/apps/api/ApiHeadlessCMS.d.ts +0 -13
  9. package/apps/api/ApiHeadlessCMS.js +0 -94
  10. package/apps/api/ApiHeadlessCMS.js.map +0 -1
package/apps/awsUtils.d.ts CHANGED
@@ -1,3 +1,3 @@
1
1
  import { PulumiApp } from "@webiny/pulumi";
2
2
  export declare function getAwsAccountId(app: PulumiApp): import("@pulumi/pulumi").Output<string>;
3
- export declare function getAwsRegion(app: PulumiApp): import("@pulumi/pulumi").Output<"us-east-1" | "af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-south-2" | "ap-southeast-1" | "ap-southeast-2" | "ap-southeast-3" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-central-2" | "eu-north-1" | "eu-south-1" | "eu-south-2" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-central-1" | "me-south-1" | "sa-east-1" | "us-gov-east-1" | "us-gov-west-1" | "us-east-2" | "us-west-1" | "us-west-2">;
3
+ export declare function getAwsRegion(app: PulumiApp): import("@pulumi/pulumi").Output<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-south-2" | "ap-southeast-1" | "ap-southeast-2" | "ap-southeast-3" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-central-2" | "eu-north-1" | "eu-south-1" | "eu-south-2" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-central-1" | "me-south-1" | "sa-east-1" | "us-gov-east-1" | "us-gov-west-1" | "us-east-1" | "us-east-2" | "us-west-1" | "us-west-2">;
package/apps/tenantRouter.d.ts CHANGED
@@ -1,3 +1,5 @@
1
1
  import * as aws from "@pulumi/aws";
2
2
  import { PulumiApp, PulumiAppResource } from "@webiny/pulumi";
3
- export declare function applyTenantRouter(app: PulumiApp, cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>): void;
3
+ export declare function applyTenantRouter(app: PulumiApp, cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>): {
4
+ originLambda: PulumiAppResource<typeof import("@pulumi/aws/lambda/function").Function>;
5
+ };
package/apps/tenantRouter.js CHANGED
@@ -82,8 +82,13 @@ function applyTenantRouter(app, cloudfront) {
82
82
  });
83
83
  })
84
84
  },
85
+ // With the `retainOnDelete` option set to `true`, the Lambda function will not be deleted when
86
+ // the environment is destroyed. Users need to delete the function manually. We decided to use
87
+ // this option here because it enables us to avoid annoying AWS Lambda function replication
88
+ // errors upon destroying the stack (see https://github.com/pulumi/pulumi-aws/issues/2178).
85
89
  opts: {
86
- provider: awsUsEast1
90
+ provider: awsUsEast1,
91
+ retainOnDelete: true
87
92
  }
88
93
  });
89
94
  cloudfront.config.defaultCacheBehavior(value => {
@@ -104,4 +109,7 @@ function applyTenantRouter(app, cloudfront) {
104
109
  }]
105
110
  });
106
111
  });
112
+ return {
113
+ originLambda
114
+ };
107
115
  }
package/apps/tenantRouter.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createFunctionArchive","dynamoDbTable","region","handler","readFileSync","__dirname","source","replace","pulumi","asset","AssetArchive","StringAsset","PREFIX","applyTenantRouter","app","cloudfront","String","process","env","AWS_REGION","core","getModule","CoreOutput","primaryDynamodbTableName","inlinePolicies","all","aws","getCallerIdentity","apply","identity","name","policy","JSON","stringify","Version","Statement","Sid","Effect","Action","Resource","accountId","role","addResource","iam","Role","config","managedPolicyArns","ManagedPolicies","AWSLambdaBasicExecutionRole","assumeRolePolicy","Principal","Principals","LambdaPrincipal","EdgeLambdaPrincipal","awsUsEast1","Provider","originLambda","lambda","Function","publish","runtime","output","arn","timeout","memorySize","code","opts","provider","defaultCacheBehavior","value","forwardedValues","queryString","cookies","forward","headers","lambdaFunctionAssociations","eventType","includeBody","lambdaArn","qualifiedArn"],"sources":["tenantRouter.ts"],"sourcesContent":["import { readFileSync } from \"fs\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp, PulumiAppResource } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./common\";\n\ninterface Params {\n region: string;\n dynamoDbTable: string;\n}\n\nfunction createFunctionArchive({ dynamoDbTable, region }: Params) {\n const handler = readFileSync(\n __dirname + \"/../components/tenantRouter/functions/origin/request.js\",\n \"utf-8\"\n );\n\n const source = handler\n .replace(\"{DB_TABLE_NAME}\", dynamoDbTable)\n .replace(\"{DB_TABLE_REGION}\", region);\n\n return new pulumi.asset.AssetArchive({\n \"index.js\": new pulumi.asset.StringAsset(source)\n });\n}\n\nconst PREFIX = \"website-router\";\n\nexport function applyTenantRouter(\n app: PulumiApp,\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>\n) {\n const region = String(process.env.AWS_REGION);\n\n // Get Core app output\n const core = app.getModule(CoreOutput);\n\n // `primaryDynamodbTableName` is a string, hence the type cast here.\n const dynamoDbTable = core.primaryDynamodbTableName;\n\n // Because of JSON.stringify, we need to resolve promises upfront.\n const inlinePolicies = pulumi\n .all([aws.getCallerIdentity({}), dynamoDbTable])\n .apply(([identity, dynamoDbTable]) => [\n {\n name: \"tenant-router-policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}`,\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}/*`\n ]\n }\n ]\n })\n }\n ]);\n\n const role = app.addResource(aws.iam.Role, {\n name: `${PREFIX}-role`,\n config: {\n inlinePolicies,\n managedPolicyArns: [aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole],\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.LambdaPrincipal,\n Effect: \"Allow\"\n },\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.EdgeLambdaPrincipal,\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const awsUsEast1 = new aws.Provider(\"us-east-1\", { region: \"us-east-1\" });\n\n const originLambda = app.addResource(aws.lambda.Function, {\n name: `${PREFIX}-origin-request`,\n config: {\n publish: true,\n runtime: \"nodejs14.x\",\n handler: \"index.handler\",\n role: role.output.arn,\n timeout: 5,\n memorySize: 128,\n code: dynamoDbTable.apply(dynamoDbTable => {\n return createFunctionArchive({\n region,\n dynamoDbTable\n });\n })\n },\n opts: { provider: awsUsEast1 }\n });\n\n cloudfront.config.defaultCacheBehavior(value => {\n return {\n ...value,\n // We need to forward the `Host` header so the Lambda@Edge knows what custom domain was requested.\n forwardedValues: {\n ...value.forwardedValues,\n queryString: value.forwardedValues?.queryString || false,\n cookies: value.forwardedValues?.cookies || { forward: \"none\" },\n headers: [...(value.forwardedValues?.headers || []), \"Host\"]\n },\n lambdaFunctionAssociations: [\n ...(value.lambdaFunctionAssociations || []),\n {\n eventType: \"origin-request\",\n includeBody: false,\n lambdaArn: originLambda.output.qualifiedArn\n }\n ]\n };\n });\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AAEA;AAOA,SAASA,qBAAqB,CAAC;EAAEC,aAAa;EAAEC;AAAe,CAAC,EAAE;EAC9D,MAAMC,OAAO,GAAG,IAAAC,gBAAY,EACxBC,SAAS,GAAG,yDAAyD,EACrE,OAAO,CACV;EAED,MAAMC,MAAM,GAAGH,OAAO,CACjBI,OAAO,CAAC,iBAAiB,EAAEN,aAAa,CAAC,CACzCM,OAAO,CAAC,mBAAmB,EAAEL,MAAM,CAAC;EAEzC,OAAO,IAAIM,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;IACjC,UAAU,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAACL,MAAM;EACnD,CAAC,CAAC;AACN;AAEA,MAAMM,MAAM,GAAG,gBAAgB;AAExB,SAASC,iBAAiB,CAC7BC,GAAc,EACdC,UAAiE,EACnE;EACE,MAAMb,MAAM,GAAGc,MAAM,CAACC,OAAO,CAACC,GAAG,CAACC,UAAU,CAAC;;EAE7C;EACA,MAAMC,IAAI,GAAGN,GAAG,CAACO,SAAS,CAACC,kBAAU,CAAC;;EAEtC;EACA,MAAMrB,aAAa,GAAGmB,IAAI,CAACG,wBAAwB;;EAEnD;EACA,MAAMC,cAAc,GAAGhB,MAAM,CACxBiB,GAAG,CAAC,CAACC,GAAG,CAACC,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE1B,aAAa,CAAC,CAAC,CAC/C2B,KAAK,CAAC,CAAC,CAACC,QAAQ,EAAE5B,aAAa,CAAC,KAAK,CAClC;IACI6B,IAAI,EAAE,sBAAsB;IAC5BC,MAAM,EAAEC,IAAI,CAACC,SAAS,CAAC;MACnBC,OAAO,EAAE,YAAY;MACrBC,SAAS,EAAE,CACP;QACIC,GAAG,EAAE,uBAAuB;QAC5BC,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;QAC9CC,QAAQ,EAAE,CACL,oBAAmBrC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,EAAC,EACxE,oBAAmBC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,IAAG;MAEnF,CAAC;IAET,CAAC;EACL,CAAC,CACJ,CAAC;EAEN,MAAMwC,IAAI,GAAG3B,GAAG,CAAC4B,WAAW,CAAChB,GAAG,CAACiB,GAAG,CAACC,IAAI,EAAE;IACvCd,IAAI,EAAG,GAAElB,MAAO,OAAM;IACtBiC,MAAM,EAAE;MACJrB,cAAc;MACdsB,iBAAiB,EAAE,CAACpB,GAAG,CAACiB,GAAG,CAACI,eAAe,CAACC,2BAA2B,CAAC;MACxEC,gBAAgB,EAAE;QACdf,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIG,MAAM,EAAE,gBAAgB;UACxBY,SAAS,EAAExB,GAAG,CAACiB,GAAG,CAACQ,UAAU,CAACC,eAAe;UAC7Cf,MAAM,EAAE;QACZ,CAAC,EACD;UACIC,MAAM,EAAE,gBAAgB;UACxBY,SAAS,EAAExB,GAAG,CAACiB,GAAG,CAACQ,UAAU,CAACE,mBAAmB;UACjDhB,MAAM,EAAE;QACZ,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMiB,UAAU,GAAG,IAAI5B,GAAG,CAAC6B,QAAQ,CAAC,WAAW,EAAE;IAAErD,MAAM,EAAE;EAAY,CAAC,CAAC;EAEzE,MAAMsD,YAAY,GAAG1C,GAAG,CAAC4B,WAAW,CAAChB,GAAG,CAAC+B,MAAM,CAACC,QAAQ,EAAE;IACtD5B,IAAI,EAAG,GAAElB,MAAO,iBAAgB;IAChCiC,MAAM,EAAE;MACJc,OAAO,EAAE,IAAI;MACbC,OAAO,EAAE,YAAY;MACrBzD,OAAO,EAAE,eAAe;MACxBsC,IAAI,EAAEA,IAAI,CAACoB,MAAM,CAACC,GAAG;MACrBC,OAAO,EAAE,CAAC;MACVC,UAAU,EAAE,GAAG;MACfC,IAAI,EAAEhE,aAAa,CAAC2B,KAAK,CAAC3B,aAAa,IAAI;QACvC,OAAOD,qBAAqB,CAAC;UACzBE,MAAM;UACND;QACJ,CAAC,CAAC;MACN,CAAC;IACL,CAAC;IACDiE,IAAI,EAAE;MAAEC,QAAQ,EAAEb;IAAW;EACjC,CAAC,CAAC;EAEFvC,UAAU,CAAC8B,MAAM,CAACuB,oBAAoB,CAACC,KAAK,IAAI;IAAA;IAC5C,mEACOA,KAAK;MACR;MACAC,eAAe,8DACRD,KAAK,CAACC,eAAe;QACxBC,WAAW,EAAE,0BAAAF,KAAK,CAACC,eAAe,0DAArB,sBAAuBC,WAAW,KAAI,KAAK;QACxDC,OAAO,EAAE,2BAAAH,KAAK,CAACC,eAAe,2DAArB,uBAAuBE,OAAO,KAAI;UAAEC,OAAO,EAAE;QAAO,CAAC;QAC9DC,OAAO,EAAE,CAAC,IAAI,2BAAAL,KAAK,CAACC,eAAe,2DAArB,uBAAuBI,OAAO,KAAI,EAAE,CAAC,EAAE,MAAM;MAAC,EAC/D;MACDC,0BAA0B,EAAE,CACxB,IAAIN,KAAK,CAACM,0BAA0B,IAAI,EAAE,CAAC,EAC3C;QACIC,SAAS,EAAE,gBAAgB;QAC3BC,WAAW,EAAE,KAAK;QAClBC,SAAS,EAAEtB,YAAY,CAACK,MAAM,CAACkB;MACnC,CAAC;IACJ;EAET,CAAC,CAAC;AACN"}
1
+ {"version":3,"names":["createFunctionArchive","dynamoDbTable","region","handler","readFileSync","__dirname","source","replace","pulumi","asset","AssetArchive","StringAsset","PREFIX","applyTenantRouter","app","cloudfront","String","process","env","AWS_REGION","core","getModule","CoreOutput","primaryDynamodbTableName","inlinePolicies","all","aws","getCallerIdentity","apply","identity","name","policy","JSON","stringify","Version","Statement","Sid","Effect","Action","Resource","accountId","role","addResource","iam","Role","config","managedPolicyArns","ManagedPolicies","AWSLambdaBasicExecutionRole","assumeRolePolicy","Principal","Principals","LambdaPrincipal","EdgeLambdaPrincipal","awsUsEast1","Provider","originLambda","lambda","Function","publish","runtime","output","arn","timeout","memorySize","code","opts","provider","retainOnDelete","defaultCacheBehavior","value","forwardedValues","queryString","cookies","forward","headers","lambdaFunctionAssociations","eventType","includeBody","lambdaArn","qualifiedArn"],"sources":["tenantRouter.ts"],"sourcesContent":["import { readFileSync } from \"fs\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { PulumiApp, PulumiAppResource } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"./common\";\n\ninterface Params {\n region: string;\n dynamoDbTable: string;\n}\n\nfunction createFunctionArchive({ dynamoDbTable, region }: Params) {\n const handler = readFileSync(\n __dirname + \"/../components/tenantRouter/functions/origin/request.js\",\n \"utf-8\"\n );\n\n const source = handler\n .replace(\"{DB_TABLE_NAME}\", dynamoDbTable)\n .replace(\"{DB_TABLE_REGION}\", region);\n\n return new pulumi.asset.AssetArchive({\n \"index.js\": new pulumi.asset.StringAsset(source)\n });\n}\n\nconst PREFIX = \"website-router\";\n\nexport function applyTenantRouter(\n app: PulumiApp,\n cloudfront: PulumiAppResource<typeof aws.cloudfront.Distribution>\n) {\n const region = String(process.env.AWS_REGION);\n\n // Get Core app output\n const core = app.getModule(CoreOutput);\n\n // `primaryDynamodbTableName` is a string, hence the type cast here.\n const dynamoDbTable = core.primaryDynamodbTableName;\n\n // Because of JSON.stringify, we need to resolve promises upfront.\n const inlinePolicies = pulumi\n .all([aws.getCallerIdentity({}), dynamoDbTable])\n .apply(([identity, dynamoDbTable]) => [\n {\n name: \"tenant-router-policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}`,\n `arn:aws:dynamodb:${region}:${identity.accountId}:table/${dynamoDbTable}/*`\n ]\n }\n ]\n })\n }\n ]);\n\n const role = app.addResource(aws.iam.Role, {\n name: `${PREFIX}-role`,\n config: {\n inlinePolicies,\n managedPolicyArns: [aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole],\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.LambdaPrincipal,\n Effect: \"Allow\"\n },\n {\n Action: \"sts:AssumeRole\",\n Principal: aws.iam.Principals.EdgeLambdaPrincipal,\n Effect: \"Allow\"\n }\n ]\n }\n }\n });\n\n const awsUsEast1 = new aws.Provider(\"us-east-1\", { region: \"us-east-1\" });\n\n const originLambda = app.addResource(aws.lambda.Function, {\n name: `${PREFIX}-origin-request`,\n config: {\n publish: true,\n runtime: \"nodejs14.x\",\n handler: \"index.handler\",\n role: role.output.arn,\n timeout: 5,\n memorySize: 128,\n code: dynamoDbTable.apply(dynamoDbTable => {\n return createFunctionArchive({\n region,\n dynamoDbTable\n });\n })\n },\n // With the `retainOnDelete` option set to `true`, the Lambda function will not be deleted when\n // the environment is destroyed. Users need to delete the function manually. We decided to use\n // this option here because it enables us to avoid annoying AWS Lambda function replication\n // errors upon destroying the stack (see https://github.com/pulumi/pulumi-aws/issues/2178).\n opts: { provider: awsUsEast1, retainOnDelete: true }\n });\n\n cloudfront.config.defaultCacheBehavior(value => {\n return {\n ...value,\n // We need to forward the `Host` header so the Lambda@Edge knows what custom domain was requested.\n forwardedValues: {\n ...value.forwardedValues,\n queryString: value.forwardedValues?.queryString || false,\n cookies: value.forwardedValues?.cookies || { forward: \"none\" },\n headers: [...(value.forwardedValues?.headers || []), \"Host\"]\n },\n lambdaFunctionAssociations: [\n ...(value.lambdaFunctionAssociations || []),\n {\n eventType: \"origin-request\",\n includeBody: false,\n lambdaArn: originLambda.output.qualifiedArn\n }\n ]\n };\n });\n\n return { originLambda };\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AAEA;AAOA,SAASA,qBAAqB,CAAC;EAAEC,aAAa;EAAEC;AAAe,CAAC,EAAE;EAC9D,MAAMC,OAAO,GAAG,IAAAC,gBAAY,EACxBC,SAAS,GAAG,yDAAyD,EACrE,OAAO,CACV;EAED,MAAMC,MAAM,GAAGH,OAAO,CACjBI,OAAO,CAAC,iBAAiB,EAAEN,aAAa,CAAC,CACzCM,OAAO,CAAC,mBAAmB,EAAEL,MAAM,CAAC;EAEzC,OAAO,IAAIM,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;IACjC,UAAU,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAACL,MAAM;EACnD,CAAC,CAAC;AACN;AAEA,MAAMM,MAAM,GAAG,gBAAgB;AAExB,SAASC,iBAAiB,CAC7BC,GAAc,EACdC,UAAiE,EACnE;EACE,MAAMb,MAAM,GAAGc,MAAM,CAACC,OAAO,CAACC,GAAG,CAACC,UAAU,CAAC;;EAE7C;EACA,MAAMC,IAAI,GAAGN,GAAG,CAACO,SAAS,CAACC,kBAAU,CAAC;;EAEtC;EACA,MAAMrB,aAAa,GAAGmB,IAAI,CAACG,wBAAwB;;EAEnD;EACA,MAAMC,cAAc,GAAGhB,MAAM,CACxBiB,GAAG,CAAC,CAACC,GAAG,CAACC,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE1B,aAAa,CAAC,CAAC,CAC/C2B,KAAK,CAAC,CAAC,CAACC,QAAQ,EAAE5B,aAAa,CAAC,KAAK,CAClC;IACI6B,IAAI,EAAE,sBAAsB;IAC5BC,MAAM,EAAEC,IAAI,CAACC,SAAS,CAAC;MACnBC,OAAO,EAAE,YAAY;MACrBC,SAAS,EAAE,CACP;QACIC,GAAG,EAAE,uBAAuB;QAC5BC,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;QAC9CC,QAAQ,EAAE,CACL,oBAAmBrC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,EAAC,EACxE,oBAAmBC,MAAO,IAAG2B,QAAQ,CAACW,SAAU,UAASvC,aAAc,IAAG;MAEnF,CAAC;IAET,CAAC;EACL,CAAC,CACJ,CAAC;EAEN,MAAMwC,IAAI,GAAG3B,GAAG,CAAC4B,WAAW,CAAChB,GAAG,CAACiB,GAAG,CAACC,IAAI,EAAE;IACvCd,IAAI,EAAG,GAAElB,MAAO,OAAM;IACtBiC,MAAM,EAAE;MACJrB,cAAc;MACdsB,iBAAiB,EAAE,CAACpB,GAAG,CAACiB,GAAG,CAACI,eAAe,CAACC,2BAA2B,CAAC;MACxEC,gBAAgB,EAAE;QACdf,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIG,MAAM,EAAE,gBAAgB;UACxBY,SAAS,EAAExB,GAAG,CAACiB,GAAG,CAACQ,UAAU,CAACC,eAAe;UAC7Cf,MAAM,EAAE;QACZ,CAAC,EACD;UACIC,MAAM,EAAE,gBAAgB;UACxBY,SAAS,EAAExB,GAAG,CAACiB,GAAG,CAACQ,UAAU,CAACE,mBAAmB;UACjDhB,MAAM,EAAE;QACZ,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMiB,UAAU,GAAG,IAAI5B,GAAG,CAAC6B,QAAQ,CAAC,WAAW,EAAE;IAAErD,MAAM,EAAE;EAAY,CAAC,CAAC;EAEzE,MAAMsD,YAAY,GAAG1C,GAAG,CAAC4B,WAAW,CAAChB,GAAG,CAAC+B,MAAM,CAACC,QAAQ,EAAE;IACtD5B,IAAI,EAAG,GAAElB,MAAO,iBAAgB;IAChCiC,MAAM,EAAE;MACJc,OAAO,EAAE,IAAI;MACbC,OAAO,EAAE,YAAY;MACrBzD,OAAO,EAAE,eAAe;MACxBsC,IAAI,EAAEA,IAAI,CAACoB,MAAM,CAACC,GAAG;MACrBC,OAAO,EAAE,CAAC;MACVC,UAAU,EAAE,GAAG;MACfC,IAAI,EAAEhE,aAAa,CAAC2B,KAAK,CAAC3B,aAAa,IAAI;QACvC,OAAOD,qBAAqB,CAAC;UACzBE,MAAM;UACND;QACJ,CAAC,CAAC;MACN,CAAC;IACL,CAAC;IACD;IACA;IACA;IACA;IACAiE,IAAI,EAAE;MAAEC,QAAQ,EAAEb,UAAU;MAAEc,cAAc,EAAE;IAAK;EACvD,CAAC,CAAC;EAEFrD,UAAU,CAAC8B,MAAM,CAACwB,oBAAoB,CAACC,KAAK,IAAI;IAAA;IAC5C,mEACOA,KAAK;MACR;MACAC,eAAe,8DACRD,KAAK,CAACC,eAAe;QACxBC,WAAW,EAAE,0BAAAF,KAAK,CAACC,eAAe,0DAArB,sBAAuBC,WAAW,KAAI,KAAK;QACxDC,OAAO,EAAE,2BAAAH,KAAK,CAACC,eAAe,2DAArB,uBAAuBE,OAAO,KAAI;UAAEC,OAAO,EAAE;QAAO,CAAC;QAC9DC,OAAO,EAAE,CAAC,IAAI,2BAAAL,KAAK,CAACC,eAAe,2DAArB,uBAAuBI,OAAO,KAAI,EAAE,CAAC,EAAE,MAAM;MAAC,EAC/D;MACDC,0BAA0B,EAAE,CACxB,IAAIN,KAAK,CAACM,0BAA0B,IAAI,EAAE,CAAC,EAC3C;QACIC,SAAS,EAAE,gBAAgB;QAC3BC,WAAW,EAAE,KAAK;QAClBC,SAAS,EAAEvB,YAAY,CAACK,MAAM,CAACmB;MACnC,CAAC;IACJ;EAET,CAAC,CAAC;EAEF,OAAO;IAAExB;EAAa,CAAC;AAC3B"}
package/apps/website/createWebsitePulumiApp.js CHANGED
@@ -189,7 +189,14 @@ const createWebsitePulumiApp = (projectAppParams = {}) => {
189
189
  (0, _customDomain.applyCustomDomain)(appCloudfront, previewDomains);
190
190
  }
191
191
  if (process.env.WCP_PROJECT_ENVIRONMENT || process.env.WEBINY_MULTI_TENANCY === "true") {
192
- (0, _tenantRouter.applyTenantRouter)(app, deliveryCloudfront);
192
+ const {
193
+ originLambda
194
+ } = (0, _tenantRouter.applyTenantRouter)(app, deliveryCloudfront);
195
+ app.addHandler(() => {
196
+ app.addOutputs({
197
+ websiteRouterOriginRequestFunction: originLambda.output.name
198
+ });
199
+ });
193
200
  }
194
201
  app.addOutputs({
195
202
  // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly
package/apps/website/createWebsitePulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["createWebsitePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumiResourceNamePrefix","getParam","onResource","resource","startsWith","pulumi","addHandler","productionEnvironments","params","create","isProduction","includes","run","env","core","addModule","CoreOutput","vpcEnabled","vpc","VpcConfig","enabled","appBucket","createPrivateAppBucket","appCloudfront","addResource","aws","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","previewDomains","process","WCP_PROJECT_ENVIRONMENT","WEBINY_MULTI_TENANCY","applyTenantRouter","addOutputs","appId","appStorage","deliveryId","deliveryStorage","addDomainsUrlsOutputs","cloudfrontDistribution","map","distributionDomain","distributionUrl","usedDomain","usedUrl","tagResources","WbyProjectName","String","WbyEnvironment","preview","delivery","withCommonLambdaEnvVariables"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport { createPulumiApp, PulumiAppParamCallback, PulumiAppParam } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { addDomainsUrlsOutputs, tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /**\n * Custom domain(s) configuration.\n */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Custom preview domain(s) configuration.\n */\n previewDomains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n const productionEnvironments = app.params.create.productionEnvironments || [\"prod\"];\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n // Register core output as a module available for all other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules.\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n app.addModule(VpcConfig, { enabled: vpcEnabled });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n const previewDomains = app.getParam(projectAppParams.previewDomains);\n if (previewDomains) {\n applyCustomDomain(appCloudfront, previewDomains);\n }\n\n if (\n process.env.WCP_PROJECT_ENVIRONMENT ||\n process.env.WEBINY_MULTI_TENANCY === \"true\"\n ) {\n applyTenantRouter(app, deliveryCloudfront);\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id\n });\n\n app.addHandler(() => {\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: appCloudfront,\n map: {\n distributionDomain: \"cloudfrontAppDomain\",\n distributionUrl: \"cloudfrontAppUrl\",\n usedDomain: \"appDomain\",\n usedUrl: \"appUrl\"\n }\n });\n\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: deliveryCloudfront,\n map: {\n distributionDomain: \"cloudfrontDeliveryDomain\",\n distributionUrl: \"cloudfrontDeliveryUrl\",\n usedDomain: \"deliveryDomain\",\n usedUrl: \"deliveryUrl\"\n }\n });\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n prerendering,\n\n // \"preview\" and \"app\" are the same.\n // We introduced \"preview\" just because it's the word we use when talking about\n // Page Builder and \"previewing\" pages. In other words, the \"preview\" property\n // contains all resources related to serving page previews, unlike \"delivery\",\n // which is used to serve published pages to actual website visitors.\n // The \"app\" property was still left here just for backwards compatibility.\n preview: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAwCO,MAAMA,sBAAsB,GAAG,CAACC,gBAA8C,GAAG,CAAC,CAAC,KAAK;EAC3F,MAAMC,GAAG,GAAG,IAAAC,wBAAe,EAAC;IACxBC,IAAI,EAAE,SAAS;IACfC,IAAI,EAAE,cAAc;IACpBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAML,GAAG,IAAI;MAClB,MAAMM,wBAAwB,GAAGN,GAAG,CAACO,QAAQ,CACzCR,gBAAgB,CAACO,wBAAwB,CAC5C;MACD,IAAIA,wBAAwB,EAAE;QAC1BN,GAAG,CAACQ,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAACP,IAAI,CAACQ,UAAU,CAACJ,wBAAwB,CAAC,EAAE;YACrDG,QAAQ,CAACP,IAAI,GAAI,GAAEI,wBAAyB,GAAEG,QAAQ,CAACP,IAAK,EAAC;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAACY,MAAM,EAAE;QACzBX,GAAG,CAACY,UAAU,CAAC,MAAM;UACjB,OAAOb,gBAAgB,CAACY,MAAM,CAAEX,GAAG,CAAqB;QAC5D,CAAC,CAAC;MACN;MAEA,MAAMa,sBAAsB,GAAGb,GAAG,CAACc,MAAM,CAACC,MAAM,CAACF,sBAAsB,IAAI,CAAC,MAAM,CAAC;MACnF,MAAMG,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACjB,GAAG,CAACc,MAAM,CAACI,GAAG,CAACC,GAAG,CAAC;;MAExE;MACA,MAAMC,IAAI,GAAGpB,GAAG,CAACqB,SAAS,CAACC,YAAU,CAAC;;MAEtC;MACA,MAAMC,UAAU,GAAGvB,GAAG,CAACO,QAAQ,CAACR,gBAAgB,aAAhBA,gBAAgB,uBAAhBA,gBAAgB,CAAEyB,GAAG,CAAC,IAAIR,YAAY;MACtEhB,GAAG,CAACqB,SAAS,CAACI,WAAS,EAAE;QAAEC,OAAO,EAAEH;MAAW,CAAC,CAAC;MAEjD,MAAMI,SAAS,GAAG,IAAAC,uCAAsB,EAAC5B,GAAG,EAAE,KAAK,CAAC;MAEpD,MAAM6B,aAAa,GAAG7B,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACC,YAAY,EAAE;QAC/D/B,IAAI,EAAE,KAAK;QACXE,MAAM,EAAE;UACJsB,OAAO,EAAE,IAAI;UACbQ,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAACR,SAAS,CAACS,MAAM,CAAC;UAC3BC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEb,SAAS,CAACS,MAAM,CAACK,QAAQ;YACzCC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,CAAC;YACbC,MAAM,EAAE;UACZ,CAAC;UACDC,UAAU,EAAE,gBAAgB;UAC5BC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAG;YAAEC,YAAY,EAAE,GAAG;YAAEC,gBAAgB,EAAE;UAAc,CAAC,CACzE;UACDC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ;MACJ,CAAC,CAAC;MAEF,MAAMC,cAAc,GAAG,IAAAlC,uCAAsB,EAAC5B,GAAG,EAAE,UAAU,CAAC;;MAE9D;AACZ;AACA;AACA;AACA;MACY,MAAM+D,aAAa,GAAG/D,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACgC,QAAQ,EAAE;QAC3D9D,IAAI,EAAE,iBAAiB;QACvBE,MAAM,EAAE;UACJ6D,OAAO,EAAE,mBAAmB;UAC5BC,OAAO,EAAE,IAAI;UACbC,IAAI,EAAEC,WAAE,CAACC,YAAY,CAACC,SAAS,GAAI,2BAA0B,EAAE,MAAM;QACzE;MACJ,CAAC,CAAC;MAEF,MAAMC,kBAAkB,GAAGvE,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACC,YAAY,EAAE;QACpE/B,IAAI,EAAE,UAAU;QAChBE,MAAM,EAAE;UACJsB,OAAO,EAAE,IAAI;UACbQ,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAAC2B,cAAc,CAAC1B,MAAM,EAAET,SAAS,CAACS,MAAM,CAAC;UAClDC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEsB,cAAc,CAAC1B,MAAM,CAACK,QAAQ;YAC9CC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC4B,qBAAqB,EAAE,EAAE;YACzB3B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,EAAE;YACdC,MAAM,EAAE,EAAE;YACVsB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAM,CAACC,GAAG;cAAEC,SAAS,EAAE;YAAiB,CAAC;UAE9E,CAAC;UACDC,qBAAqB,EAAE,CACnB;YACIvC,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDgC,OAAO,EAAE,EAAE;cACX/B,WAAW,EAAE;YACjB,CAAC;YACDgC,WAAW,EAAE,WAAW;YACxBtC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEb,SAAS,CAACS,MAAM,CAACK,QAAQ;YACzC;YACAQ,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,OAAO;YAAE;YACrBC,MAAM,EAAE;UACZ,CAAC,CACJ;UACDE,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GAAG;YACdC,YAAY,EAAE,GAAG;YACjBC,gBAAgB,EAAE;UACtB,CAAC,CACJ;UACDJ,UAAU,EAAE,gBAAgB;UAC5BK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ;MACJ,CAAC,CAAC;MAEF,MAAMoB,YAAY,GAAG,IAAAC,8CAAyB,EAAClF,GAAG,EAAE;QAChDmF,WAAW,EAAE/D,IAAI,CAACgE,wBAAwB;QAC1CC,cAAc,EAAEjE,IAAI,CAACkE,2BAA2B;QAChDC,eAAe,EAAEnE,IAAI,CAACoE,4BAA4B;QAClDC,MAAM,EAAE9E,MAAM,CAAC+E,WAAY,WAAU7D,aAAa,CAAC8C,MAAM,CAACgB,UAAW,EAAC;QACtEC,WAAW,EAAEjF,MAAM,CAAC+E,WAAY,WAAUnB,kBAAkB,CAACI,MAAM,CAACgB,UAAW,EAAC;QAChFE,MAAM,EAAE/B,cAAc,CAAC+B,MAAM,CAAClB,MAAM,CAACkB,MAAM;QAC3CC,YAAY,EAAEvB,kBAAkB,CAACI,MAAM,CAACoB;MAC5C,CAAC,CAAC;MAEF,MAAMC,OAAO,GAAGhG,GAAG,CAACO,QAAQ,CAACR,gBAAgB,CAACiG,OAAO,CAAC;MACtD,IAAIA,OAAO,EAAE;QACT,IAAAC,+BAAiB,EAAC1B,kBAAkB,EAAEyB,OAAO,CAAC;MAClD;MAEA,MAAME,cAAc,GAAGlG,GAAG,CAACO,QAAQ,CAACR,gBAAgB,CAACmG,cAAc,CAAC;MACpE,IAAIA,cAAc,EAAE;QAChB,IAAAD,+BAAiB,EAACpE,aAAa,EAAEqE,cAAc,CAAC;MACpD;MAEA,IACIC,OAAO,CAAChF,GAAG,CAACiF,uBAAuB,IACnCD,OAAO,CAAChF,GAAG,CAACkF,oBAAoB,KAAK,MAAM,EAC7C;QACE,IAAAC,+BAAiB,EAACtG,GAAG,EAAEuE,kBAAkB,CAAC;MAC9C;MAEAvE,GAAG,CAACuG,UAAU,CAAC;QACX;QACA;QACA;QACAC,KAAK,EAAE3E,aAAa,CAAC8C,MAAM,CAACoB,EAAE;QAC9BU,UAAU,EAAE9E,SAAS,CAACkE,MAAM,CAAClB,MAAM,CAACoB,EAAE;QAEtC;QACA;QACA;QACAW,UAAU,EAAEnC,kBAAkB,CAACI,MAAM,CAACoB,EAAE;QACxCY,eAAe,EAAE7C,cAAc,CAAC+B,MAAM,CAAClB,MAAM,CAACoB;MAClD,CAAC,CAAC;MAEF/F,GAAG,CAACY,UAAU,CAAC,MAAM;QACjB,IAAAgG,4BAAqB,EAAC;UAClB5G,GAAG;UACH6G,sBAAsB,EAAEhF,aAAa;UACrCiF,GAAG,EAAE;YACDC,kBAAkB,EAAE,qBAAqB;YACzCC,eAAe,EAAE,kBAAkB;YACnCC,UAAU,EAAE,WAAW;YACvBC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;QAEF,IAAAN,4BAAqB,EAAC;UAClB5G,GAAG;UACH6G,sBAAsB,EAAEtC,kBAAkB;UAC1CuC,GAAG,EAAE;YACDC,kBAAkB,EAAE,0BAA0B;YAC9CC,eAAe,EAAE,uBAAuB;YACxCC,UAAU,EAAE,gBAAgB;YAC5BC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;MACN,CAAC,CAAC;MAEF,IAAAC,mBAAY,EAAC;QACTC,cAAc,EAAEC,MAAM,CAAClB,OAAO,CAAChF,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAC1DmG,cAAc,EAAED,MAAM,CAAClB,OAAO,CAAChF,GAAG,CAAC,YAAY,CAAC;MACpD,CAAC,CAAC;MAEF,OAAO;QACH8D,YAAY;QAEZ;QACA;QACA;QACA;QACA;QACA;QACAsC,OAAO,8DACA5F,SAAS;UACZK,UAAU,EAAEH;QAAa,EAC5B;QACD7B,GAAG,8DACI2B,SAAS;UACZK,UAAU,EAAEH;QAAa,EAC5B;QAED2F,QAAQ,8DACD1D,cAAc;UACjB9B,UAAU,EAAEuC;QAAkB;MAEtC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,OAAO,IAAAkD,mCAA4B,EAACzH,GAAG,CAAC;AAC5C,CAAC;AAAC"}
1
+ {"version":3,"names":["createWebsitePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","pulumiResourceNamePrefix","getParam","onResource","resource","startsWith","pulumi","addHandler","productionEnvironments","params","create","isProduction","includes","run","env","core","addModule","CoreOutput","vpcEnabled","vpc","VpcConfig","enabled","appBucket","createPrivateAppBucket","appCloudfront","addResource","aws","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","previewDomains","process","WCP_PROJECT_ENVIRONMENT","WEBINY_MULTI_TENANCY","originLambda","applyTenantRouter","addOutputs","websiteRouterOriginRequestFunction","appId","appStorage","deliveryId","deliveryStorage","addDomainsUrlsOutputs","cloudfrontDistribution","map","distributionDomain","distributionUrl","usedDomain","usedUrl","tagResources","WbyProjectName","String","WbyEnvironment","preview","delivery","withCommonLambdaEnvVariables"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport { createPulumiApp, PulumiAppParamCallback, PulumiAppParam } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { addDomainsUrlsOutputs, tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /**\n * Custom domain(s) configuration.\n */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Custom preview domain(s) configuration.\n */\n previewDomains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const app = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n const productionEnvironments = app.params.create.productionEnvironments || [\"prod\"];\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n // Register core output as a module available for all other modules\n const core = app.addModule(CoreOutput);\n\n // Register VPC config module to be available to other modules.\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n app.addModule(VpcConfig, { enabled: vpcEnabled });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n const previewDomains = app.getParam(projectAppParams.previewDomains);\n if (previewDomains) {\n applyCustomDomain(appCloudfront, previewDomains);\n }\n\n if (\n process.env.WCP_PROJECT_ENVIRONMENT ||\n process.env.WEBINY_MULTI_TENANCY === \"true\"\n ) {\n const { originLambda } = applyTenantRouter(app, deliveryCloudfront);\n\n app.addHandler(() => {\n app.addOutputs({\n websiteRouterOriginRequestFunction: originLambda.output.name\n });\n });\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id\n });\n\n app.addHandler(() => {\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: appCloudfront,\n map: {\n distributionDomain: \"cloudfrontAppDomain\",\n distributionUrl: \"cloudfrontAppUrl\",\n usedDomain: \"appDomain\",\n usedUrl: \"appUrl\"\n }\n });\n\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: deliveryCloudfront,\n map: {\n distributionDomain: \"cloudfrontDeliveryDomain\",\n distributionUrl: \"cloudfrontDeliveryUrl\",\n usedDomain: \"deliveryDomain\",\n usedUrl: \"deliveryUrl\"\n }\n });\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n prerendering,\n\n // \"preview\" and \"app\" are the same.\n // We introduced \"preview\" just because it's the word we use when talking about\n // Page Builder and \"previewing\" pages. In other words, the \"preview\" property\n // contains all resources related to serving page previews, unlike \"delivery\",\n // which is used to serve published pages to actual website visitors.\n // The \"app\" property was still left here just for backwards compatibility.\n preview: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n return withCommonLambdaEnvVariables(app);\n};\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAwCO,MAAMA,sBAAsB,GAAG,CAACC,gBAA8C,GAAG,CAAC,CAAC,KAAK;EAC3F,MAAMC,GAAG,GAAG,IAAAC,wBAAe,EAAC;IACxBC,IAAI,EAAE,SAAS;IACfC,IAAI,EAAE,cAAc;IACpBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAML,GAAG,IAAI;MAClB,MAAMM,wBAAwB,GAAGN,GAAG,CAACO,QAAQ,CACzCR,gBAAgB,CAACO,wBAAwB,CAC5C;MACD,IAAIA,wBAAwB,EAAE;QAC1BN,GAAG,CAACQ,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAACP,IAAI,CAACQ,UAAU,CAACJ,wBAAwB,CAAC,EAAE;YACrDG,QAAQ,CAACP,IAAI,GAAI,GAAEI,wBAAyB,GAAEG,QAAQ,CAACP,IAAK,EAAC;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAACY,MAAM,EAAE;QACzBX,GAAG,CAACY,UAAU,CAAC,MAAM;UACjB,OAAOb,gBAAgB,CAACY,MAAM,CAAEX,GAAG,CAAqB;QAC5D,CAAC,CAAC;MACN;MAEA,MAAMa,sBAAsB,GAAGb,GAAG,CAACc,MAAM,CAACC,MAAM,CAACF,sBAAsB,IAAI,CAAC,MAAM,CAAC;MACnF,MAAMG,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACjB,GAAG,CAACc,MAAM,CAACI,GAAG,CAACC,GAAG,CAAC;;MAExE;MACA,MAAMC,IAAI,GAAGpB,GAAG,CAACqB,SAAS,CAACC,YAAU,CAAC;;MAEtC;MACA,MAAMC,UAAU,GAAGvB,GAAG,CAACO,QAAQ,CAACR,gBAAgB,aAAhBA,gBAAgB,uBAAhBA,gBAAgB,CAAEyB,GAAG,CAAC,IAAIR,YAAY;MACtEhB,GAAG,CAACqB,SAAS,CAACI,WAAS,EAAE;QAAEC,OAAO,EAAEH;MAAW,CAAC,CAAC;MAEjD,MAAMI,SAAS,GAAG,IAAAC,uCAAsB,EAAC5B,GAAG,EAAE,KAAK,CAAC;MAEpD,MAAM6B,aAAa,GAAG7B,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACC,YAAY,EAAE;QAC/D/B,IAAI,EAAE,KAAK;QACXE,MAAM,EAAE;UACJsB,OAAO,EAAE,IAAI;UACbQ,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAACR,SAAS,CAACS,MAAM,CAAC;UAC3BC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEb,SAAS,CAACS,MAAM,CAACK,QAAQ;YACzCC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,CAAC;YACbC,MAAM,EAAE;UACZ,CAAC;UACDC,UAAU,EAAE,gBAAgB;UAC5BC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAG;YAAEC,YAAY,EAAE,GAAG;YAAEC,gBAAgB,EAAE;UAAc,CAAC,CACzE;UACDC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ;MACJ,CAAC,CAAC;MAEF,MAAMC,cAAc,GAAG,IAAAlC,uCAAsB,EAAC5B,GAAG,EAAE,UAAU,CAAC;;MAE9D;AACZ;AACA;AACA;AACA;MACY,MAAM+D,aAAa,GAAG/D,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACgC,QAAQ,EAAE;QAC3D9D,IAAI,EAAE,iBAAiB;QACvBE,MAAM,EAAE;UACJ6D,OAAO,EAAE,mBAAmB;UAC5BC,OAAO,EAAE,IAAI;UACbC,IAAI,EAAEC,WAAE,CAACC,YAAY,CAACC,SAAS,GAAI,2BAA0B,EAAE,MAAM;QACzE;MACJ,CAAC,CAAC;MAEF,MAAMC,kBAAkB,GAAGvE,GAAG,CAAC8B,WAAW,CAACC,GAAG,CAACC,UAAU,CAACC,YAAY,EAAE;QACpE/B,IAAI,EAAE,UAAU;QAChBE,MAAM,EAAE;UACJsB,OAAO,EAAE,IAAI;UACbQ,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAAC2B,cAAc,CAAC1B,MAAM,EAAET,SAAS,CAACS,MAAM,CAAC;UAClDC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEsB,cAAc,CAAC1B,MAAM,CAACK,QAAQ;YAC9CC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC4B,qBAAqB,EAAE,EAAE;YACzB3B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,EAAE;YACdC,MAAM,EAAE,EAAE;YACVsB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAM,CAACC,GAAG;cAAEC,SAAS,EAAE;YAAiB,CAAC;UAE9E,CAAC;UACDC,qBAAqB,EAAE,CACnB;YACIvC,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDgC,OAAO,EAAE,EAAE;cACX/B,WAAW,EAAE;YACjB,CAAC;YACDgC,WAAW,EAAE,WAAW;YACxBtC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEb,SAAS,CAACS,MAAM,CAACK,QAAQ;YACzC;YACAQ,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,OAAO;YAAE;YACrBC,MAAM,EAAE;UACZ,CAAC,CACJ;UACDE,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GAAG;YACdC,YAAY,EAAE,GAAG;YACjBC,gBAAgB,EAAE;UACtB,CAAC,CACJ;UACDJ,UAAU,EAAE,gBAAgB;UAC5BK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ;MACJ,CAAC,CAAC;MAEF,MAAMoB,YAAY,GAAG,IAAAC,8CAAyB,EAAClF,GAAG,EAAE;QAChDmF,WAAW,EAAE/D,IAAI,CAACgE,wBAAwB;QAC1CC,cAAc,EAAEjE,IAAI,CAACkE,2BAA2B;QAChDC,eAAe,EAAEnE,IAAI,CAACoE,4BAA4B;QAClDC,MAAM,EAAE9E,MAAM,CAAC+E,WAAY,WAAU7D,aAAa,CAAC8C,MAAM,CAACgB,UAAW,EAAC;QACtEC,WAAW,EAAEjF,MAAM,CAAC+E,WAAY,WAAUnB,kBAAkB,CAACI,MAAM,CAACgB,UAAW,EAAC;QAChFE,MAAM,EAAE/B,cAAc,CAAC+B,MAAM,CAAClB,MAAM,CAACkB,MAAM;QAC3CC,YAAY,EAAEvB,kBAAkB,CAACI,MAAM,CAACoB;MAC5C,CAAC,CAAC;MAEF,MAAMC,OAAO,GAAGhG,GAAG,CAACO,QAAQ,CAACR,gBAAgB,CAACiG,OAAO,CAAC;MACtD,IAAIA,OAAO,EAAE;QACT,IAAAC,+BAAiB,EAAC1B,kBAAkB,EAAEyB,OAAO,CAAC;MAClD;MAEA,MAAME,cAAc,GAAGlG,GAAG,CAACO,QAAQ,CAACR,gBAAgB,CAACmG,cAAc,CAAC;MACpE,IAAIA,cAAc,EAAE;QAChB,IAAAD,+BAAiB,EAACpE,aAAa,EAAEqE,cAAc,CAAC;MACpD;MAEA,IACIC,OAAO,CAAChF,GAAG,CAACiF,uBAAuB,IACnCD,OAAO,CAAChF,GAAG,CAACkF,oBAAoB,KAAK,MAAM,EAC7C;QACE,MAAM;UAAEC;QAAa,CAAC,GAAG,IAAAC,+BAAiB,EAACvG,GAAG,EAAEuE,kBAAkB,CAAC;QAEnEvE,GAAG,CAACY,UAAU,CAAC,MAAM;UACjBZ,GAAG,CAACwG,UAAU,CAAC;YACXC,kCAAkC,EAAEH,YAAY,CAAC3B,MAAM,CAACzE;UAC5D,CAAC,CAAC;QACN,CAAC,CAAC;MACN;MAEAF,GAAG,CAACwG,UAAU,CAAC;QACX;QACA;QACA;QACAE,KAAK,EAAE7E,aAAa,CAAC8C,MAAM,CAACoB,EAAE;QAC9BY,UAAU,EAAEhF,SAAS,CAACkE,MAAM,CAAClB,MAAM,CAACoB,EAAE;QAEtC;QACA;QACA;QACAa,UAAU,EAAErC,kBAAkB,CAACI,MAAM,CAACoB,EAAE;QACxCc,eAAe,EAAE/C,cAAc,CAAC+B,MAAM,CAAClB,MAAM,CAACoB;MAClD,CAAC,CAAC;MAEF/F,GAAG,CAACY,UAAU,CAAC,MAAM;QACjB,IAAAkG,4BAAqB,EAAC;UAClB9G,GAAG;UACH+G,sBAAsB,EAAElF,aAAa;UACrCmF,GAAG,EAAE;YACDC,kBAAkB,EAAE,qBAAqB;YACzCC,eAAe,EAAE,kBAAkB;YACnCC,UAAU,EAAE,WAAW;YACvBC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;QAEF,IAAAN,4BAAqB,EAAC;UAClB9G,GAAG;UACH+G,sBAAsB,EAAExC,kBAAkB;UAC1CyC,GAAG,EAAE;YACDC,kBAAkB,EAAE,0BAA0B;YAC9CC,eAAe,EAAE,uBAAuB;YACxCC,UAAU,EAAE,gBAAgB;YAC5BC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;MACN,CAAC,CAAC;MAEF,IAAAC,mBAAY,EAAC;QACTC,cAAc,EAAEC,MAAM,CAACpB,OAAO,CAAChF,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAC1DqG,cAAc,EAAED,MAAM,CAACpB,OAAO,CAAChF,GAAG,CAAC,YAAY,CAAC;MACpD,CAAC,CAAC;MAEF,OAAO;QACH8D,YAAY;QAEZ;QACA;QACA;QACA;QACA;QACA;QACAwC,OAAO,8DACA9F,SAAS;UACZK,UAAU,EAAEH;QAAa,EAC5B;QACD7B,GAAG,8DACI2B,SAAS;UACZK,UAAU,EAAEH;QAAa,EAC5B;QAED6F,QAAQ,8DACD5D,cAAc;UACjB9B,UAAU,EAAEuC;QAAkB;MAEtC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,OAAO,IAAAoD,mCAA4B,EAAC3H,GAAG,CAAC;AAC5C,CAAC;AAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webiny/pulumi-aws",
3
- "version": "5.35.0",
3
+ "version": "5.35.1",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "https://github.com/webiny/webiny-js.git"
@@ -15,26 +15,26 @@
15
15
  "dependencies": {
16
16
  "@pulumi/aws": "^5.8.0",
17
17
  "@pulumi/pulumi": "^3.34.0",
18
- "@webiny/cli-plugin-deploy-pulumi": "5.35.0",
19
- "@webiny/pulumi": "5.35.0",
18
+ "@webiny/cli-plugin-deploy-pulumi": "^5.35.1",
19
+ "@webiny/pulumi": "^5.35.1",
20
20
  "form-data": "4.0.0",
21
21
  "node-fetch": "2.6.9"
22
22
  },
23
23
  "devDependencies": {
24
- "@babel/cli": "^7.19.3",
25
- "@babel/core": "^7.19.3",
26
- "@babel/preset-env": "^7.19.4",
27
- "@babel/preset-typescript": "^7.18.6",
28
- "@babel/runtime": "^7.19.0",
29
- "@webiny/api-page-builder": "^5.35.0",
30
- "@webiny/aws-layers": "^5.35.0",
31
- "@webiny/cli": "^5.35.0",
32
- "@webiny/project-utils": "^5.35.0",
33
- "chalk": "^4.1.0",
34
- "lodash": "^4.5.0",
35
- "mime": "^2.5.2",
36
- "rimraf": "^3.0.2",
37
- "ttypescript": "^1.5.12",
24
+ "@babel/cli": "7.20.7",
25
+ "@babel/core": "7.20.12",
26
+ "@babel/preset-env": "7.20.2",
27
+ "@babel/preset-typescript": "7.18.6",
28
+ "@babel/runtime": "7.20.13",
29
+ "@webiny/api-page-builder": "^5.35.1",
30
+ "@webiny/aws-layers": "^5.35.1",
31
+ "@webiny/cli": "^5.35.1",
32
+ "@webiny/project-utils": "^5.35.1",
33
+ "chalk": "4.1.2",
34
+ "lodash": "4.17.21",
35
+ "mime": "2.6.0",
36
+ "rimraf": "3.0.2",
37
+ "ttypescript": "1.5.15",
38
38
  "typescript": "4.7.4"
39
39
  },
40
40
  "scripts": {
@@ -49,5 +49,5 @@
49
49
  ]
50
50
  }
51
51
  },
52
- "gitHead": "948cd1e05978e0ed25137ace7dd6c15ed0bf2cca"
52
+ "gitHead": "d6a257ebbb9e7aeccfaa33a7f83301cf1919b082"
53
53
  }
package/apps/api/ApiHeadlessCMS.d.ts DELETED
@@ -1,13 +0,0 @@
1
- import { PulumiAppModule } from "@webiny/pulumi";
2
- interface HeadlessCMSParams {
3
- env: Record<string, any>;
4
- }
5
- export declare type ApiHeadlessCMS = PulumiAppModule<typeof ApiHeadlessCMS>;
6
- export declare const ApiHeadlessCMS: import("@webiny/pulumi").PulumiAppModuleDefinition<{
7
- role: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/role").Role>;
8
- policy: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/policy").Policy>;
9
- functions: {
10
- graphql: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/lambda/function").Function>;
11
- };
12
- }, HeadlessCMSParams>;
13
- export {};
package/apps/api/ApiHeadlessCMS.js DELETED
@@ -1,94 +0,0 @@
1
- "use strict";
2
-
3
- var _interopRequireWildcard = require("@babel/runtime/helpers/interopRequireWildcard").default;
4
-
5
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
6
-
7
- Object.defineProperty(exports, "__esModule", {
8
- value: true
9
- });
10
- exports.ApiHeadlessCMS = void 0;
11
-
12
- var _objectSpread2 = _interopRequireDefault(require("@babel/runtime/helpers/objectSpread2"));
13
-
14
- var _path = _interopRequireDefault(require("path"));
15
-
16
- var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
17
-
18
- var aws = _interopRequireWildcard(require("@pulumi/aws"));
19
-
20
- var _pulumi2 = require("@webiny/pulumi");
21
-
22
- var _lambdaUtils = require("../lambdaUtils");
23
-
24
- var _common = require("../common");
25
-
26
- const ApiHeadlessCMS = (0, _pulumi2.createAppModule)({
27
- name: "ApiHeadlessCMS",
28
-
29
- config(app, params) {
30
- const policy = createHeadlessCmsLambdaPolicy(app);
31
- const role = (0, _lambdaUtils.createLambdaRole)(app, {
32
- name: "headless-cms-lambda-role",
33
- policy: policy.output
34
- });
35
- const graphql = app.addResource(aws.lambda.Function, {
36
- name: "headless-cms",
37
- config: {
38
- runtime: "nodejs14.x",
39
- handler: "handler.handler",
40
- role: role.output.arn,
41
- timeout: 30,
42
- memorySize: 512,
43
- code: new pulumi.asset.AssetArchive({
44
- ".": new pulumi.asset.FileArchive(_path.default.join(app.paths.workspace, "headlessCMS/build"))
45
- }),
46
- environment: {
47
- variables: (0, _lambdaUtils.getCommonLambdaEnvVariables)().apply(value => (0, _objectSpread2.default)((0, _objectSpread2.default)((0, _objectSpread2.default)({}, value), params.env), {}, {
48
- AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1"
49
- }))
50
- },
51
- vpcConfig: app.getModule(_common.VpcConfig).functionVpcConfig
52
- }
53
- });
54
- return {
55
- role,
56
- policy,
57
- functions: {
58
- graphql
59
- }
60
- };
61
- }
62
-
63
- });
64
- exports.ApiHeadlessCMS = ApiHeadlessCMS;
65
-
66
- function createHeadlessCmsLambdaPolicy(app) {
67
- const coreOutput = app.getModule(_common.CoreOutput);
68
- return app.addResource(aws.iam.Policy, {
69
- name: "HeadlessCmsLambdaPolicy",
70
- config: {
71
- description: "This policy enables access to Dynamodb streams",
72
- // Core is pulumi.Output, so we need to run apply() to resolve policy based on it
73
- policy: coreOutput.apply(core => {
74
- const policy = {
75
- Version: "2012-10-17",
76
- Statement: [{
77
- Sid: "PermissionDynamodb",
78
- Effect: "Allow",
79
- Action: ["dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeExport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:Query", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateItem", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive"],
80
- Resource: [`${core.primaryDynamodbTableArn}`, `${core.primaryDynamodbTableArn}/*`, // Attach permissions for elastic search dynamo as well (if ES is enabled).
81
- ...(core.elasticsearchDynamodbTableArn ? [`${core.elasticsearchDynamodbTableArn}`, `${core.elasticsearchDynamodbTableArn}/*`] : [])]
82
- }, // Attach permissions for elastic search domain as well (if ES is enabled).
83
- ...(core.elasticsearchDomainArn ? [{
84
- Sid: "PermissionForES",
85
- Effect: "Allow",
86
- Action: "es:*",
87
- Resource: [`${core.elasticsearchDomainArn}`, `${core.elasticsearchDomainArn}/*`]
88
- }] : [])]
89
- };
90
- return policy;
91
- })
92
- }
93
- });
94
- }
package/apps/api/ApiHeadlessCMS.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"names":["ApiHeadlessCMS","createAppModule","name","config","app","params","policy","createHeadlessCmsLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","getModule","VpcConfig","functionVpcConfig","functions","coreOutput","CoreOutput","iam","Policy","description","core","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","elasticsearchDomainArn"],"sources":["ApiHeadlessCMS.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\n\ninterface HeadlessCMSParams {\n env: Record<string, any>;\n}\n\nexport type ApiHeadlessCMS = PulumiAppModule<typeof ApiHeadlessCMS>;\n\nexport const ApiHeadlessCMS = createAppModule({\n name: \"ApiHeadlessCMS\",\n config(app: PulumiApp, params: HeadlessCMSParams) {\n const policy = createHeadlessCmsLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"headless-cms-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"headless-cms\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"headlessCMS/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n }\n };\n }\n});\n\nfunction createHeadlessCmsLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"HeadlessCmsLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb streams\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;;;;;AAAA;;AACA;;AACA;;AAEA;;AAEA;;AACA;;AAQO,MAAMA,cAAc,GAAG,IAAAC,wBAAA,EAAgB;EAC1CC,IAAI,EAAE,gBADoC;;EAE1CC,MAAM,CAACC,GAAD,EAAiBC,MAAjB,EAA4C;IAC9C,MAAMC,MAAM,GAAGC,6BAA6B,CAACH,GAAD,CAA5C;IACA,MAAMI,IAAI,GAAG,IAAAC,6BAAA,EAAiBL,GAAjB,EAAsB;MAC/BF,IAAI,EAAE,0BADyB;MAE/BI,MAAM,EAAEA,MAAM,CAACI;IAFgB,CAAtB,CAAb;IAKA,MAAMC,OAAO,GAAGP,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAACC,MAAJ,CAAWC,QAA3B,EAAqC;MACjDb,IAAI,EAAE,cAD2C;MAEjDC,MAAM,EAAE;QACJa,OAAO,EAAE,YADL;QAEJC,OAAO,EAAE,iBAFL;QAGJT,IAAI,EAAEA,IAAI,CAACE,MAAL,CAAYQ,GAHd;QAIJC,OAAO,EAAE,EAJL;QAKJC,UAAU,EAAE,GALR;QAMJC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAP,CAAaC,YAAjB,CAA8B;UAChC,KAAK,IAAIF,MAAM,CAACC,KAAP,CAAaE,WAAjB,CACDC,aAAA,CAAKC,IAAL,CAAUvB,GAAG,CAACwB,KAAJ,CAAUC,SAApB,EAA+B,mBAA/B,CADC;QAD2B,CAA9B,CANF;QAWJC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAAA,IAA8BC,KAA9B,CAAoCC,KAAK,4FAC7CA,KAD6C,GAE7C7B,MAAM,CAAC8B,GAFsC;YAGhDC,mCAAmC,EAAE;UAHW,EAAzC;QADF,CAXT;QAkBJC,SAAS,EAAEjC,GAAG,CAACkC,SAAJ,CAAcC,iBAAd,EAAyBC;MAlBhC;IAFyC,CAArC,CAAhB;IAwBA,OAAO;MACHhC,IADG;MAEHF,MAFG;MAGHmC,SAAS,EAAE;QACP9B;MADO;IAHR,CAAP;EAOH;;AAxCyC,CAAhB,CAAvB;;;AA2CP,SAASJ,6BAAT,CAAuCH,GAAvC,EAAuD;EACnD,MAAMsC,UAAU,GAAGtC,GAAG,CAACkC,SAAJ,CAAcK,kBAAd,CAAnB;EAEA,OAAOvC,GAAG,CAACQ,WAAJ,CAAgBC,GAAG,CAAC+B,GAAJ,CAAQC,MAAxB,EAAgC;IACnC3C,IAAI,EAAE,yBAD6B;IAEnCC,MAAM,EAAE;MACJ2C,WAAW,EAAE,gDADT;MAEJ;MACAxC,MAAM,EAAEoC,UAAU,CAACT,KAAX,CAAiBc,IAAI,IAAI;QAC7B,MAAMzC,MAA8B,GAAG;UACnC0C,OAAO,EAAE,YAD0B;UAEnCC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,oBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,CACJ,uBADI,EAEJ,yBAFI,EAGJ,6BAHI,EAIJ,uBAJI,EAKJ,sBALI,EAMJ,6BANI,EAOJ,uBAPI,EAQJ,qBARI,EASJ,sBATI,EAUJ,6BAVI,EAWJ,yBAXI,EAYJ,oCAZI,EAaJ,sCAbI,EAcJ,yBAdI,EAeJ,8CAfI,EAgBJ,yBAhBI,EAiBJ,mCAjBI,EAkBJ,4CAlBI,EAmBJ,yBAnBI,EAoBJ,wBApBI,EAqBJ,0CArBI,EAsBJ,6BAtBI,EAuBJ,6CAvBI,EAwBJ,4CAxBI,EAyBJ,mCAzBI,EA0BJ,kBA1BI,EA2BJ,qBA3BI,EA4BJ,2BA5BI,EA6BJ,sBA7BI,EA8BJ,kCA9BI,EA+BJ,sBA/BI,EAgCJ,sBAhCI,EAiCJ,qBAjCI,EAkCJ,6BAlCI,EAmCJ,wBAnCI,EAoCJ,wBApCI,EAqCJ,wBArCI,EAsCJ,wBAtCI,EAuCJ,4CAvCI,EAwCJ,kBAxCI,EAyCJ,gBAzCI,EA0CJ,iCA1CI,EA2CJ,oCA3CI,EA4CJ,eA5CI,EA6CJ,kCA7CI,EA8CJ,oCA9CI,EA+CJ,qBA/CI,EAgDJ,sBAhDI,EAiDJ,wCAjDI,EAkDJ,2BAlDI,CAHZ;YAuDIC,QAAQ,EAAE,CACL,GAAEN,IAAI,CAACO,uBAAwB,EAD1B,EAEL,GAAEP,IAAI,CAACO,uBAAwB,IAF1B,EAGN;YACA,IAAIP,IAAI,CAACQ,6BAAL,GACE,CACK,GAAER,IAAI,CAACQ,6BAA8B,EAD1C,EAEK,GAAER,IAAI,CAACQ,6BAA8B,IAF1C,CADF,GAKE,EALN,CAJM;UAvDd,CADO,EAoEP;UACA,IAAIR,IAAI,CAACS,sBAAL,GACE,CACI;YACIN,GAAG,EAAE,iBADT;YAEIC,MAAM,EAAE,OAFZ;YAGIC,MAAM,EAAE,MAHZ;YAIIC,QAAQ,EAAE,CACL,GAAEN,IAAI,CAACS,sBAAuB,EADzB,EAEL,GAAET,IAAI,CAACS,sBAAuB,IAFzB;UAJd,CADJ,CADF,GAYE,EAZN,CArEO;QAFwB,CAAvC;QAuFA,OAAOlD,MAAP;MACH,CAzFO;IAHJ;EAF2B,CAAhC,CAAP;AAiGH"}