@webiny/pulumi-aws 5.40.1 → 5.40.2-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/apps/api/ApiApwScheduler.js +2 -2
- package/apps/api/ApiApwScheduler.js.map +1 -1
- package/apps/api/ApiBackgroundTask.js +1 -1
- package/apps/api/ApiBackgroundTask.js.map +1 -1
- package/apps/api/ApiFileManager.js +1 -1
- package/apps/api/ApiFileManager.js.map +1 -1
- package/apps/api/ApiGraphql.js +1 -1
- package/apps/api/ApiGraphql.js.map +1 -1
- package/apps/api/ApiPageBuilder.js +4 -4
- package/apps/api/ApiPageBuilder.js.map +1 -1
- package/apps/core/CoreCognito.js +9 -1
- package/apps/core/CoreCognito.js.map +1 -1
- package/apps/core/WatchCommand.d.ts +7 -0
- package/apps/core/WatchCommand.js +110 -0
- package/apps/core/WatchCommand.js.map +1 -0
- package/apps/core/createCorePulumiApp.js +12 -0
- package/apps/core/createCorePulumiApp.js.map +1 -1
- package/apps/core/webinyWatchCommand/handler.d.ts +28 -0
- package/apps/core/webinyWatchCommand/handler.js +39 -0
- package/apps/core/webinyWatchCommand/handler.js.map +1 -0
- package/apps/website/WebsitePrerendering.js +2 -2
- package/apps/website/WebsitePrerendering.js.map +1 -1
- package/package.json +10 -9
|
@@ -102,7 +102,7 @@ function createExecuteActionLambda(app, params) {
|
|
|
102
102
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
103
103
|
handler: "handler.handler",
|
|
104
104
|
timeout: 60,
|
|
105
|
-
memorySize:
|
|
105
|
+
memorySize: 512,
|
|
106
106
|
description: "Handle execute action workflow in apw scheduler",
|
|
107
107
|
code: new pulumi.asset.AssetArchive({
|
|
108
108
|
".": new pulumi.asset.FileArchive(_path.default.join(app.paths.workspace, "apw/executeAction/build"))
|
|
@@ -185,7 +185,7 @@ function createScheduleActionLambda(app, executeLambda, params) {
|
|
|
185
185
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
186
186
|
handler: "handler.handler",
|
|
187
187
|
timeout: 60,
|
|
188
|
-
memorySize:
|
|
188
|
+
memorySize: 512,
|
|
189
189
|
description: "Handle schedule action workflow in apw scheduler",
|
|
190
190
|
code: new pulumi.asset.AssetArchive({
|
|
191
191
|
".": new pulumi.asset.FileArchive(_path.default.join(app.paths.workspace, "apw/scheduleAction/build"))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_constants","_pulumi2","_common","_lambdaUtils","LAMBDA_NAME_PREFIX","CREATE_RULE_LAMBDA","EXECUTE_ACTION_LAMBDA","EVENT_RULE_NAME","EVENT_RULE_TARGET","ApiApwScheduler","exports","createAppModule","name","config","app","params","executeAction","createExecuteActionLambda","scheduleAction","createScheduleActionLambda","lambda","output","eventRule","addResource","cloudwatch","EventRule","description","scheduleExpression","state","Permission","action","function","arn","principal","statementId","eventTarget","EventTarget","rule","role","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","policy","createExecuteActionLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaBasicExecutionRole","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","core","getModule","CoreOutput","Policy","Sid","Resource","interpolate","primaryDynamodbTableArn","executeLambda","createScheduleActionLambdaPolicy","APW_SCHEDULER_EXECUTE_ACTION_HANDLER"],"sources":["ApiApwScheduler.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { getCommonLambdaEnvVariables } from \"../lambdaUtils\";\n\ninterface ScheduleActionParams {\n env: Record<string, any>;\n}\n\nconst LAMBDA_NAME_PREFIX = \"apw-scheduler\";\nconst CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;\nconst EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;\nconst EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;\nconst EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;\n\nexport type ApiApwScheduler = PulumiAppModule<typeof ApiApwScheduler>;\n\nexport const ApiApwScheduler = createAppModule({\n name: \"ApiApwScheduler\",\n config(app: PulumiApp, params: ScheduleActionParams) {\n const executeAction = createExecuteActionLambda(app, params);\n const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params);\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EVENT_RULE_NAME,\n config: {\n description: `Enable us to schedule an action in publishing workflow at a particular datetime`,\n scheduleExpression: \"cron(* * * * ? 2000)\",\n state: \"ENABLED\"\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: \"eventTargetPermission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: scheduleAction.lambda.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EVENT_RULE_NAME\n }\n });\n\n // Add lambda as target to the event rule.\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: scheduleAction.lambda.output.arn\n }\n });\n\n return {\n executeAction,\n scheduleAction,\n eventRule,\n eventTarget\n };\n }\n});\n\nfunction createExecuteActionLambda(app: PulumiApp, params: ScheduleActionParams) {\n const role = app.addResource(aws.iam.Role, {\n name: `${EXECUTE_ACTION_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createExecuteActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: EXECUTE_ACTION_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle execute action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/executeAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createExecuteActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerExecuteActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:Query\", \"dynamodb:GetItem\", \"dynamodb:DeleteItem\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createScheduleActionLambda(\n app: PulumiApp,\n executeLambda: pulumi.Output<aws.lambda.Function>,\n params: ScheduleActionParams\n) {\n const role = app.addResource(aws.iam.Role, {\n name: `${CREATE_RULE_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createScheduleActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: CREATE_RULE_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle schedule action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/scheduleAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn\n // RULE_NAME: this.eventRule.name.apply(name => name),\n // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createScheduleActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerScheduleActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:GetItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionEvents\",\n Effect: \"Allow\",\n Action: [\n \"events:DeleteRule\",\n \"events:PutTargets\",\n \"events:PutRule\",\n \"events:ListRules\",\n \"events:RemoveTargets\",\n \"events:ListTargetsByRule\"\n ],\n Resource: [\"*\"]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,YAAA,GAAAP,OAAA;AAMA,MAAMQ,kBAAkB,GAAG,eAAe;AAC1C,MAAMC,kBAAkB,GAAI,GAAED,kBAAmB,yBAAwB;AACzE,MAAME,qBAAqB,GAAI,GAAEF,kBAAmB,wBAAuB;AAC3E,MAAMG,eAAe,GAAI,GAAEH,kBAAmB,aAAY;AAC1D,MAAMI,iBAAiB,GAAI,GAAEJ,kBAAmB,oBAAmB;AAI5D,MAAMK,eAAe,GAAAC,OAAA,CAAAD,eAAA,GAAG,IAAAE,wBAAe,EAAC;EAC3CC,IAAI,EAAE,iBAAiB;EACvBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMC,aAAa,GAAGC,yBAAyB,CAACH,GAAG,EAAEC,MAAM,CAAC;IAC5D,MAAMG,cAAc,GAAGC,0BAA0B,CAACL,GAAG,EAAEE,aAAa,CAACI,MAAM,CAACC,MAAM,EAAEN,MAAM,CAAC;;IAE3F;IACA,MAAMO,SAAS,GAAGR,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACyB,UAAU,CAACC,SAAS,EAAE;MACxDb,IAAI,EAAEL,eAAe;MACrBM,MAAM,EAAE;QACJa,WAAW,EAAG,iFAAgF;QAC9FC,kBAAkB,EAAE,sBAAsB;QAC1CC,KAAK,EAAE;MACX;IACJ,CAAC,CAAC;;IAEF;IACAd,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACS,UAAU,EAAE;MACnCjB,IAAI,EAAE,uBAAuB;MAC7BC,MAAM,EAAE;QACJiB,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEb,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW,GAAG;QAC1CC,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAG3B;MACxC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAM4B,WAAW,GAAGrB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACyB,UAAU,CAACY,WAAW,EAAE;MAC5DxB,IAAI,EAAEJ,iBAAiB;MACvBK,MAAM,EAAE;QACJwB,IAAI,EAAEf,SAAS,CAACD,MAAM,CAACT,IAAI;QAC3BoB,GAAG,EAAEd,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW;MACtC;IACJ,CAAC,CAAC;IAEF,OAAO;MACHhB,aAAa;MACbE,cAAc;MACdI,SAAS;MACTa;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASlB,yBAAyBA,CAACH,GAAc,EAAEC,MAA4B,EAAE;EAC7E,MAAMuB,IAAI,GAAGxB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACC,IAAI,EAAE;IACvC5B,IAAI,EAAG,GAAEN,qBAAsB,OAAM;IACrCO,MAAM,EAAE;MACJ4B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,+BAA+B,CAACrC,GAAG,CAAC;EAEnDA,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEN,qBAAsB,yBAAwB;IACvDO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEH,MAAM,CAAC7B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEN,qBAAsB,8BAA6B;IAC5DO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEtD,GAAG,CAACwC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMnC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACoC,QAAQ,EAAE;IAChD5C,IAAI,EAAEN,qBAAqB;IAC3BO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM,CAACW,GAAG;MACrByB,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,iDAAiD;MAC9DoC,IAAI,EAAE,IAAIjE,MAAM,CAACkE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAInE,MAAM,CAACkE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,yBAAyB,CAC5D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAG3D,MAAM,CAAC4D;QACd,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHrC,IAAI;IACJY,MAAM;IACN9B;EACJ,CAAC;AACL;AAEA,SAAS+B,+BAA+BA,CAACrC,GAAc,EAAE;EACrD,MAAM8D,IAAI,GAAG9D,GAAG,CAAC+D,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOhE,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACwC,MAAM,EAAE;IACnCnE,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;UACrEqC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAAShE,0BAA0BA,CAC/BL,GAAc,EACdsE,aAAiD,EACjDrE,MAA4B,EAC9B;EACE,MAAMuB,IAAI,GAAGxB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACC,IAAI,EAAE;IACvC5B,IAAI,EAAG,GAAEP,kBAAmB,OAAM;IAClCQ,MAAM,EAAE;MACJ4B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGmC,gCAAgC,CAACvE,GAAG,CAAC;EAEpDA,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEP,kBAAmB,yBAAwB;IACpDQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEH,MAAM,CAAC7B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEP,kBAAmB,8BAA6B;IACzDQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEtD,GAAG,CAACwC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMnC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACoC,QAAQ,EAAE;IAChD5C,IAAI,EAAEP,kBAAkB;IACxBQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM,CAACW,GAAG;MACrByB,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,kDAAkD;MAC/DoC,IAAI,EAAE,IAAIjE,MAAM,CAACkE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAInE,MAAM,CAACkE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAG3D,MAAM,CAAC4D,GAAG;UACbW,oCAAoC,EAAEF,aAAa,CAACpD;UACpD;UACA;QACJ,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHM,IAAI;IACJY,MAAM;IACN9B;EACJ,CAAC;AACL;AAEA,SAASiE,gCAAgCA,CAACvE,GAAc,EAAE;EACtD,MAAM8D,IAAI,GAAG9D,GAAG,CAAC+D,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOhE,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACwC,MAAM,EAAE;IACnCnE,IAAI,EAAE,wCAAwC;IAC9CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,CACxB;UACDqC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIH,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,sBAAsB,EACtB,0BAA0B,CAC7B;UACDqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_constants","_pulumi2","_common","_lambdaUtils","LAMBDA_NAME_PREFIX","CREATE_RULE_LAMBDA","EXECUTE_ACTION_LAMBDA","EVENT_RULE_NAME","EVENT_RULE_TARGET","ApiApwScheduler","exports","createAppModule","name","config","app","params","executeAction","createExecuteActionLambda","scheduleAction","createScheduleActionLambda","lambda","output","eventRule","addResource","cloudwatch","EventRule","description","scheduleExpression","state","Permission","action","function","arn","principal","statementId","eventTarget","EventTarget","rule","role","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","policy","createExecuteActionLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaBasicExecutionRole","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","core","getModule","CoreOutput","Policy","Sid","Resource","interpolate","primaryDynamodbTableArn","executeLambda","createScheduleActionLambdaPolicy","APW_SCHEDULER_EXECUTE_ACTION_HANDLER"],"sources":["ApiApwScheduler.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { getCommonLambdaEnvVariables } from \"../lambdaUtils\";\n\ninterface ScheduleActionParams {\n env: Record<string, any>;\n}\n\nconst LAMBDA_NAME_PREFIX = \"apw-scheduler\";\nconst CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;\nconst EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;\nconst EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;\nconst EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;\n\nexport type ApiApwScheduler = PulumiAppModule<typeof ApiApwScheduler>;\n\nexport const ApiApwScheduler = createAppModule({\n name: \"ApiApwScheduler\",\n config(app: PulumiApp, params: ScheduleActionParams) {\n const executeAction = createExecuteActionLambda(app, params);\n const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params);\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EVENT_RULE_NAME,\n config: {\n description: `Enable us to schedule an action in publishing workflow at a particular datetime`,\n scheduleExpression: \"cron(* * * * ? 2000)\",\n state: \"ENABLED\"\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: \"eventTargetPermission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: scheduleAction.lambda.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EVENT_RULE_NAME\n }\n });\n\n // Add lambda as target to the event rule.\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: scheduleAction.lambda.output.arn\n }\n });\n\n return {\n executeAction,\n scheduleAction,\n eventRule,\n eventTarget\n };\n }\n});\n\nfunction createExecuteActionLambda(app: PulumiApp, params: ScheduleActionParams) {\n const role = app.addResource(aws.iam.Role, {\n name: `${EXECUTE_ACTION_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createExecuteActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: EXECUTE_ACTION_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle execute action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/executeAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createExecuteActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerExecuteActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:Query\", \"dynamodb:GetItem\", \"dynamodb:DeleteItem\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createScheduleActionLambda(\n app: PulumiApp,\n executeLambda: pulumi.Output<aws.lambda.Function>,\n params: ScheduleActionParams\n) {\n const role = app.addResource(aws.iam.Role, {\n name: `${CREATE_RULE_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createScheduleActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: CREATE_RULE_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle schedule action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/scheduleAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn\n // RULE_NAME: this.eventRule.name.apply(name => name),\n // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createScheduleActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerScheduleActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:GetItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionEvents\",\n Effect: \"Allow\",\n Action: [\n \"events:DeleteRule\",\n \"events:PutTargets\",\n \"events:PutRule\",\n \"events:ListRules\",\n \"events:RemoveTargets\",\n \"events:ListTargetsByRule\"\n ],\n Resource: [\"*\"]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,YAAA,GAAAP,OAAA;AAMA,MAAMQ,kBAAkB,GAAG,eAAe;AAC1C,MAAMC,kBAAkB,GAAI,GAAED,kBAAmB,yBAAwB;AACzE,MAAME,qBAAqB,GAAI,GAAEF,kBAAmB,wBAAuB;AAC3E,MAAMG,eAAe,GAAI,GAAEH,kBAAmB,aAAY;AAC1D,MAAMI,iBAAiB,GAAI,GAAEJ,kBAAmB,oBAAmB;AAI5D,MAAMK,eAAe,GAAAC,OAAA,CAAAD,eAAA,GAAG,IAAAE,wBAAe,EAAC;EAC3CC,IAAI,EAAE,iBAAiB;EACvBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMC,aAAa,GAAGC,yBAAyB,CAACH,GAAG,EAAEC,MAAM,CAAC;IAC5D,MAAMG,cAAc,GAAGC,0BAA0B,CAACL,GAAG,EAAEE,aAAa,CAACI,MAAM,CAACC,MAAM,EAAEN,MAAM,CAAC;;IAE3F;IACA,MAAMO,SAAS,GAAGR,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACyB,UAAU,CAACC,SAAS,EAAE;MACxDb,IAAI,EAAEL,eAAe;MACrBM,MAAM,EAAE;QACJa,WAAW,EAAG,iFAAgF;QAC9FC,kBAAkB,EAAE,sBAAsB;QAC1CC,KAAK,EAAE;MACX;IACJ,CAAC,CAAC;;IAEF;IACAd,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACS,UAAU,EAAE;MACnCjB,IAAI,EAAE,uBAAuB;MAC7BC,MAAM,EAAE;QACJiB,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEb,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW,GAAG;QAC1CC,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAG3B;MACxC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAM4B,WAAW,GAAGrB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACyB,UAAU,CAACY,WAAW,EAAE;MAC5DxB,IAAI,EAAEJ,iBAAiB;MACvBK,MAAM,EAAE;QACJwB,IAAI,EAAEf,SAAS,CAACD,MAAM,CAACT,IAAI;QAC3BoB,GAAG,EAAEd,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW;MACtC;IACJ,CAAC,CAAC;IAEF,OAAO;MACHhB,aAAa;MACbE,cAAc;MACdI,SAAS;MACTa;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASlB,yBAAyBA,CAACH,GAAc,EAAEC,MAA4B,EAAE;EAC7E,MAAMuB,IAAI,GAAGxB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACC,IAAI,EAAE;IACvC5B,IAAI,EAAG,GAAEN,qBAAsB,OAAM;IACrCO,MAAM,EAAE;MACJ4B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,+BAA+B,CAACrC,GAAG,CAAC;EAEnDA,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEN,qBAAsB,yBAAwB;IACvDO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEH,MAAM,CAAC7B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEN,qBAAsB,8BAA6B;IAC5DO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEtD,GAAG,CAACwC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMnC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACoC,QAAQ,EAAE;IAChD5C,IAAI,EAAEN,qBAAqB;IAC3BO,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM,CAACW,GAAG;MACrByB,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,iDAAiD;MAC9DoC,IAAI,EAAE,IAAIjE,MAAM,CAACkE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAInE,MAAM,CAACkE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,yBAAyB,CAC5D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAG3D,MAAM,CAAC4D;QACd,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHrC,IAAI;IACJY,MAAM;IACN9B;EACJ,CAAC;AACL;AAEA,SAAS+B,+BAA+BA,CAACrC,GAAc,EAAE;EACrD,MAAM8D,IAAI,GAAG9D,GAAG,CAAC+D,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOhE,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACwC,MAAM,EAAE;IACnCnE,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;UACrEqC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAAShE,0BAA0BA,CAC/BL,GAAc,EACdsE,aAAiD,EACjDrE,MAA4B,EAC9B;EACE,MAAMuB,IAAI,GAAGxB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACC,IAAI,EAAE;IACvC5B,IAAI,EAAG,GAAEP,kBAAmB,OAAM;IAClCQ,MAAM,EAAE;MACJ4B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGmC,gCAAgC,CAACvE,GAAG,CAAC;EAEpDA,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEP,kBAAmB,yBAAwB;IACpDQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEH,MAAM,CAAC7B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACa,oBAAoB,EAAE;IAC1CxC,IAAI,EAAG,GAAEP,kBAAmB,8BAA6B;IACzDQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM;MACjBgC,SAAS,EAAEtD,GAAG,CAACwC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMnC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACqB,MAAM,CAACoC,QAAQ,EAAE;IAChD5C,IAAI,EAAEP,kBAAkB;IACxBQ,MAAM,EAAE;MACJyB,IAAI,EAAEA,IAAI,CAACjB,MAAM,CAACW,GAAG;MACrByB,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,kDAAkD;MAC/DoC,IAAI,EAAE,IAAIjE,MAAM,CAACkE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAInE,MAAM,CAACkE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAG3D,MAAM,CAAC4D,GAAG;UACbW,oCAAoC,EAAEF,aAAa,CAACpD;UACpD;UACA;QACJ,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHM,IAAI;IACJY,MAAM;IACN9B;EACJ,CAAC;AACL;AAEA,SAASiE,gCAAgCA,CAACvE,GAAc,EAAE;EACtD,MAAM8D,IAAI,GAAG9D,GAAG,CAAC+D,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOhE,GAAG,CAACS,WAAW,CAACxB,GAAG,CAACwC,GAAG,CAACwC,MAAM,EAAE;IACnCnE,IAAI,EAAE,wCAAwC;IAC9CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,CACxB;UACDqC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIH,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,sBAAsB,EACtB,0BAA0B,CAC7B;UACDqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
@@ -28,7 +28,7 @@ const ApiBackgroundTask = exports.ApiBackgroundTask = (0, _pulumi2.createAppModu
|
|
|
28
28
|
return Array.from(new Set([...(arns || []), (0, _awsLayers.getLayerArn)("sharp")]));
|
|
29
29
|
}),
|
|
30
30
|
timeout: 900,
|
|
31
|
-
memorySize:
|
|
31
|
+
memorySize: 1024,
|
|
32
32
|
description: "Performs background tasks."
|
|
33
33
|
}
|
|
34
34
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["pulumi","_interopRequireWildcard","require","aws","_pulumi2","_","_definition","_policy","_role","_awsLayers","ApiBackgroundTaskLambdaName","exports","ApiBackgroundTask","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","baseConfig","functions","clone","backgroundTask","addResource","lambda","Function","layers","output","apply","arns","Array","from","Set","getLayerArn","timeout","memorySize","description","stepFunctionPolicy","createBackgroundTaskStepFunctionPolicy","lambdaFunctionArn","arn","stepFunctionRole","createBackgroundTaskStepFunctionRole","policy","stepFunction","sfn","StateMachine","roleArn","definition","jsonStringify","createBackgroundTaskDefinition","lambdaName","lambdaArn","eventRole","iam","Role","assumeRolePolicy","Version","Statement","Action","Effect","Principal","Service","eventPolicy","Policy","Resource","eventRolePolicyAttachment","RolePolicyAttachment","role","policyArn","eventRule","cloudwatch","EventRule","eventBusName","eventPattern","JSON","stringify","eventTarget","EventTarget","rule"],"sources":["ApiBackgroundTask.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { ApiGraphql, CoreOutput } from \"~/apps\";\nimport { createBackgroundTaskDefinition } from \"./backgroundTask/definition\";\nimport { createBackgroundTaskStepFunctionPolicy } from \"~/apps/api/backgroundTask/policy\";\nimport { createBackgroundTaskStepFunctionRole } from \"./backgroundTask/role\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nexport type ApiBackgroundTask = PulumiAppModule<typeof ApiBackgroundTask>;\n\nexport const ApiBackgroundTaskLambdaName = \"background-task\";\n\nexport const ApiBackgroundTask = createAppModule({\n name: \"ApiBackgroundTask\",\n config(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const graphql = app.getModule(ApiGraphql);\n const baseConfig = graphql.functions.graphql.config.clone();\n\n const backgroundTask = app.addResource(aws.lambda.Function, {\n name: ApiBackgroundTaskLambdaName,\n config: {\n ...baseConfig,\n layers: graphql.functions.graphql.output.layers.apply(arns => {\n return Array.from(new Set([...(arns || []), getLayerArn(\"sharp\")]));\n }),\n timeout: 900,\n memorySize:
|
|
1
|
+
{"version":3,"names":["pulumi","_interopRequireWildcard","require","aws","_pulumi2","_","_definition","_policy","_role","_awsLayers","ApiBackgroundTaskLambdaName","exports","ApiBackgroundTask","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","baseConfig","functions","clone","backgroundTask","addResource","lambda","Function","layers","output","apply","arns","Array","from","Set","getLayerArn","timeout","memorySize","description","stepFunctionPolicy","createBackgroundTaskStepFunctionPolicy","lambdaFunctionArn","arn","stepFunctionRole","createBackgroundTaskStepFunctionRole","policy","stepFunction","sfn","StateMachine","roleArn","definition","jsonStringify","createBackgroundTaskDefinition","lambdaName","lambdaArn","eventRole","iam","Role","assumeRolePolicy","Version","Statement","Action","Effect","Principal","Service","eventPolicy","Policy","Resource","eventRolePolicyAttachment","RolePolicyAttachment","role","policyArn","eventRule","cloudwatch","EventRule","eventBusName","eventPattern","JSON","stringify","eventTarget","EventTarget","rule"],"sources":["ApiBackgroundTask.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { ApiGraphql, CoreOutput } from \"~/apps\";\nimport { createBackgroundTaskDefinition } from \"./backgroundTask/definition\";\nimport { createBackgroundTaskStepFunctionPolicy } from \"~/apps/api/backgroundTask/policy\";\nimport { createBackgroundTaskStepFunctionRole } from \"./backgroundTask/role\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nexport type ApiBackgroundTask = PulumiAppModule<typeof ApiBackgroundTask>;\n\nexport const ApiBackgroundTaskLambdaName = \"background-task\";\n\nexport const ApiBackgroundTask = createAppModule({\n name: \"ApiBackgroundTask\",\n config(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const graphql = app.getModule(ApiGraphql);\n const baseConfig = graphql.functions.graphql.config.clone();\n\n const backgroundTask = app.addResource(aws.lambda.Function, {\n name: ApiBackgroundTaskLambdaName,\n config: {\n ...baseConfig,\n layers: graphql.functions.graphql.output.layers.apply(arns => {\n return Array.from(new Set([...(arns || []), getLayerArn(\"sharp\")]));\n }),\n timeout: 900,\n memorySize: 1024,\n description: \"Performs background tasks.\"\n }\n });\n\n const stepFunctionPolicy = createBackgroundTaskStepFunctionPolicy(app, {\n name: \"background-task-sfn-policy\",\n lambdaFunctionArn: backgroundTask.output.arn\n });\n\n const stepFunctionRole = createBackgroundTaskStepFunctionRole(app, {\n name: \"background-task-sfn-role\",\n policy: stepFunctionPolicy.output\n });\n\n const stepFunction = app.addResource(aws.sfn.StateMachine, {\n name: \"background-task-sfn\",\n config: {\n // TODO logging to cloudwatch\n /*\n loggingConfiguration: {\n level: \"ALL\",\n includeExecutionData: true,\n // insert real ARN\n logDestination: ARN\n */\n roleArn: stepFunctionRole.output.arn,\n definition: pulumi.jsonStringify(\n createBackgroundTaskDefinition({\n lambdaName: ApiBackgroundTaskLambdaName,\n lambdaArn: backgroundTask.output.arn\n })\n )\n }\n });\n\n const eventRole = app.addResource(aws.iam.Role, {\n name: \"background-task-event-role\",\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"events.amazonaws.com\"\n }\n }\n ]\n }\n }\n });\n\n const eventPolicy = app.addResource(aws.iam.Policy, {\n name: \"background-task-event-policy\",\n config: {\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"states:StartExecution\",\n Effect: \"Allow\",\n Resource: stepFunction.output.arn\n }\n ]\n }\n }\n });\n\n const eventRolePolicyAttachment = app.addResource(aws.iam.RolePolicyAttachment, {\n name: \"background-task-event-role-policy-attachment\",\n config: {\n role: eventRole.output.name,\n policyArn: eventPolicy.output.arn\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"background-task-event-rule\",\n config: {\n eventBusName: core.eventBusName,\n roleArn: eventRole.output.arn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"WebinyBackgroundTask\"]\n })\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"background-task-event-target\",\n config: {\n // This is going to get called.\n arn: stepFunction.output.arn,\n // This is the rule which determines if this target gets called.\n rule: eventRule.output.name,\n // This is the role which gets assumed when calling the target.\n roleArn: eventRole.output.arn,\n // This is the event bus name.\n eventBusName: core.eventBusName\n }\n });\n\n return {\n backgroundTask,\n stepFunction,\n eventRole,\n eventPolicy,\n eventRolePolicyAttachment,\n eventRule,\n eventTarget\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,GAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAH,OAAA;AACA,IAAAI,WAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAIO,MAAMQ,2BAA2B,GAAAC,OAAA,CAAAD,2BAAA,GAAG,iBAAiB;AAErD,MAAME,iBAAiB,GAAAD,OAAA,CAAAC,iBAAA,GAAG,IAAAC,wBAAe,EAAC;EAC7CC,IAAI,EAAE,mBAAmB;EACzBC,MAAMA,CAACC,GAAc,EAAE;IACnB,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;IACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACE,SAAS,CAACG,YAAU,CAAC;IACzC,MAAMC,UAAU,GAAGF,OAAO,CAACG,SAAS,CAACH,OAAO,CAACL,MAAM,CAACS,KAAK,CAAC,CAAC;IAE3D,MAAMC,cAAc,GAAGT,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACwB,MAAM,CAACC,QAAQ,EAAE;MACxDd,IAAI,EAAEJ,2BAA2B;MACjCK,MAAM,EAAE;QACJ,GAAGO,UAAU;QACbO,MAAM,EAAET,OAAO,CAACG,SAAS,CAACH,OAAO,CAACU,MAAM,CAACD,MAAM,CAACE,KAAK,CAACC,IAAI,IAAI;UAC1D,OAAOC,KAAK,CAACC,IAAI,CAAC,IAAIC,GAAG,CAAC,CAAC,IAAIH,IAAI,IAAI,EAAE,CAAC,EAAE,IAAAI,sBAAW,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACvE,CAAC,CAAC;QACFC,OAAO,EAAE,GAAG;QACZC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE;MACjB;IACJ,CAAC,CAAC;IAEF,MAAMC,kBAAkB,GAAG,IAAAC,8CAAsC,EAACzB,GAAG,EAAE;MACnEF,IAAI,EAAE,4BAA4B;MAClC4B,iBAAiB,EAAEjB,cAAc,CAACK,MAAM,CAACa;IAC7C,CAAC,CAAC;IAEF,MAAMC,gBAAgB,GAAG,IAAAC,0CAAoC,EAAC7B,GAAG,EAAE;MAC/DF,IAAI,EAAE,0BAA0B;MAChCgC,MAAM,EAAEN,kBAAkB,CAACV;IAC/B,CAAC,CAAC;IAEF,MAAMiB,YAAY,GAAG/B,GAAG,CAACU,WAAW,CAACvB,GAAG,CAAC6C,GAAG,CAACC,YAAY,EAAE;MACvDnC,IAAI,EAAE,qBAAqB;MAC3BC,MAAM,EAAE;QACJ;QACA;AAChB;AACA;AACA;AACA;AACA;AACA;QACgBmC,OAAO,EAAEN,gBAAgB,CAACd,MAAM,CAACa,GAAG;QACpCQ,UAAU,EAAEnD,MAAM,CAACoD,aAAa,CAC5B,IAAAC,0CAA8B,EAAC;UAC3BC,UAAU,EAAE5C,2BAA2B;UACvC6C,SAAS,EAAE9B,cAAc,CAACK,MAAM,CAACa;QACrC,CAAC,CACL;MACJ;IACJ,CAAC,CAAC;IAEF,MAAMa,SAAS,GAAGxC,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACsD,GAAG,CAACC,IAAI,EAAE;MAC5C5C,IAAI,EAAE,4BAA4B;MAClCC,MAAM,EAAE;QACJ4C,gBAAgB,EAAE;UACdC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,MAAM,EAAE,gBAAgB;YACxBC,MAAM,EAAE,OAAO;YACfC,SAAS,EAAE;cACPC,OAAO,EAAE;YACb;UACJ,CAAC;QAET;MACJ;IACJ,CAAC,CAAC;IAEF,MAAMC,WAAW,GAAGlD,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACsD,GAAG,CAACU,MAAM,EAAE;MAChDrD,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJ+B,MAAM,EAAE;UACJc,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,MAAM,EAAE,uBAAuB;YAC/BC,MAAM,EAAE,OAAO;YACfK,QAAQ,EAAErB,YAAY,CAACjB,MAAM,CAACa;UAClC,CAAC;QAET;MACJ;IACJ,CAAC,CAAC;IAEF,MAAM0B,yBAAyB,GAAGrD,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACsD,GAAG,CAACa,oBAAoB,EAAE;MAC5ExD,IAAI,EAAE,8CAA8C;MACpDC,MAAM,EAAE;QACJwD,IAAI,EAAEf,SAAS,CAAC1B,MAAM,CAAChB,IAAI;QAC3B0D,SAAS,EAAEN,WAAW,CAACpC,MAAM,CAACa;MAClC;IACJ,CAAC,CAAC;IAEF,MAAM8B,SAAS,GAAGzD,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACuE,UAAU,CAACC,SAAS,EAAE;MACxD7D,IAAI,EAAE,4BAA4B;MAClCC,MAAM,EAAE;QACJ6D,YAAY,EAAE3D,IAAI,CAAC2D,YAAY;QAC/B1B,OAAO,EAAEM,SAAS,CAAC1B,MAAM,CAACa,GAAG;QAC7BkC,YAAY,EAAEC,IAAI,CAACC,SAAS,CAAC;UACzB,aAAa,EAAE,CAAC,sBAAsB;QAC1C,CAAC;MACL;IACJ,CAAC,CAAC;IAEF,MAAMC,WAAW,GAAGhE,GAAG,CAACU,WAAW,CAACvB,GAAG,CAACuE,UAAU,CAACO,WAAW,EAAE;MAC5DnE,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJ;QACA4B,GAAG,EAAEI,YAAY,CAACjB,MAAM,CAACa,GAAG;QAC5B;QACAuC,IAAI,EAAET,SAAS,CAAC3C,MAAM,CAAChB,IAAI;QAC3B;QACAoC,OAAO,EAAEM,SAAS,CAAC1B,MAAM,CAACa,GAAG;QAC7B;QACAiC,YAAY,EAAE3D,IAAI,CAAC2D;MACvB;IACJ,CAAC,CAAC;IAEF,OAAO;MACHnD,cAAc;MACdsB,YAAY;MACZS,SAAS;MACTU,WAAW;MACXG,yBAAyB;MACzBI,SAAS;MACTO;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
|
|
@@ -33,7 +33,7 @@ const ApiFileManager = exports.ApiFileManager = (0, _pulumi2.createAppModule)({
|
|
|
33
33
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
34
34
|
handler: "handler.handler",
|
|
35
35
|
timeout: 30,
|
|
36
|
-
memorySize:
|
|
36
|
+
memorySize: 1024,
|
|
37
37
|
description: "Triggered when a file is deleted.",
|
|
38
38
|
code: new pulumi.asset.AssetArchive({
|
|
39
39
|
".": new pulumi.asset.FileArchive(_path.default.join(app.paths.workspace, "fileManager/manage/build"))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_awsLayers","_pulumi2","_lambdaUtils","_","_awsUtils","_constants","ApiFileManager","exports","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","accountId","getAwsAccountId","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","manage","addResource","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","baseConfig","functions","clone","download","layers","getLayerArn","env","WEBINY_FUNCTION_TYPE","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","sourceAccount","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { ApiGraphql, CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId } from \"~/apps/awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\ninterface ApiFileManagerConfig {\n env: Record<string, any>;\n}\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp, config: ApiFileManagerConfig) {\n const core = app.getModule(CoreOutput);\n const graphql = app.getModule(ApiGraphql);\n const accountId = getAwsAccountId(app);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const baseConfig = graphql.functions.graphql.config.clone();\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n ...baseConfig,\n memorySize: 1600,\n description: \"Serves previously uploaded files.\",\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: graphql.functions.graphql.output.environment.apply(env => {\n return {\n WEBINY_FUNCTION_TYPE: \"asset-delivery\",\n ...env?.variables,\n ...config.env\n };\n })\n }\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n sourceAccount: accountId\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAEA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AAQO,MAAMU,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAED,MAA4B,EAAE;IACjD,MAAME,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;IACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACE,SAAS,CAACG,YAAU,CAAC;IACzC,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACP,GAAG,CAAC;IAEtC,MAAMQ,MAAM,GAAGC,6BAA6B,CAACT,GAAG,CAAC;IACjD,MAAMU,IAAI,GAAG,IAAAC,6BAAgB,EAACX,GAAG,EAAE;MAC/BF,IAAI,EAAE,gBAAgB;MACtBU,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGb,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MAChDlB,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJW,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;QACrBC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAItC,MAAM,CAACuC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIxC,MAAM,CAACuC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC7B,GAAG,CAAC8B,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;YACrD,GAAGA,KAAK;YACRC,SAAS,EAAEpC,IAAI,CAACqC;UACpB,CAAC,CAAC;QACN,CAAC;QACDC,SAAS,EAAEvC,GAAG,CAACE,SAAS,CAACsC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMC,UAAU,GAAGtC,OAAO,CAACuC,SAAS,CAACvC,OAAO,CAACL,MAAM,CAAC6C,KAAK,CAAC,CAAC;IAE3D,MAAMC,QAAQ,GAAG7C,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MAClDlB,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ,GAAG2C,UAAU;QACbpB,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE,mCAAmC;QAChDuB,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,OAAO,CAAC,CAAC;QAC9Bf,WAAW,EAAE;UACTC,SAAS,EAAE7B,OAAO,CAACuC,SAAS,CAACvC,OAAO,CAACQ,MAAM,CAACoB,WAAW,CAACG,KAAK,CAACa,GAAG,IAAI;YACjE,OAAO;cACHC,oBAAoB,EAAE,gBAAgB;cACtC,GAAGD,GAAG,EAAEf,SAAS;cACjB,GAAGlC,MAAM,CAACiD;YACd,CAAC;UACL,CAAC;QACL;MACJ;IACJ,CAAC,CAAC;IAEF,MAAME,wBAAwB,GAAGlD,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACoC,UAAU,EAAE;MACpErD,IAAI,EAAE,gCAAgC;MACtCC,MAAM,EAAE;QACJqD,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAExC,MAAM,CAACD,MAAM,CAACK,GAAG;QAC3BqC,SAAS,EAAE,kBAAkB;QAC7BC,SAAS,EAAErE,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,EAAC;QACvEmB,aAAa,EAAEnD;MACnB,CAAC;MACDoD,IAAI,EAAE;QACFC,SAAS,EAAE,CAAC9C,MAAM,CAACD,MAAM;MAC7B;IACJ,CAAC,CAAC;IAEF,MAAMgD,kBAAkB,GAAG5D,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAACyE,EAAE,CAACC,kBAAkB,EAAE;MAClEhE,IAAI,EAAE,oBAAoB;MAC1BC,MAAM,EAAE;QACJgE,MAAM,EAAE9D,IAAI,CAACqC,mBAAmB;QAChC0B,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAEpD,MAAM,CAACD,MAAM,CAACK,GAAG;UACpCiD,MAAM,EAAE,CAAC,oBAAoB;QACjC,CAAC;MAET,CAAC;MACDR,IAAI,EAAE;QACFC,SAAS,EAAE,CAAC9C,MAAM,CAACD,MAAM,EAAEsC,wBAAwB,CAACtC,MAAM;MAC9D;IACJ,CAAC,CAAC;IAEF,MAAM+B,SAAS,GAAG;MACd9B,MAAM;MACNgC;IACJ,CAAC;IAED,OAAO;MACHF,SAAS;MACTiB;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASnD,6BAA6BA,CAACT,GAAc,EAAE;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;EAEtC,OAAOH,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC+E,GAAG,CAACC,MAAM,EAAE;IACnCtE,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJwB,WAAW,EAAE,6CAA6C;MAC1Df,MAAM,EAAE;QACJ6D,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,uBAAuB;UAC/BC,QAAQ,EAAE;QACd,CAAC,EACD;UACIH,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNxF,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,EAAC,EAC5DpD,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,IAAG;QAEtE,CAAC,EACD;UACIiC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;UAC9CC,QAAQ,EAAE,CACNxF,MAAM,CAACsE,WAAY,GAAEvD,IAAI,CAAC0E,uBAAwB,EAAC,EACnDzF,MAAM,CAACsE,WAAY,GAAEvD,IAAI,CAAC0E,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_awsLayers","_pulumi2","_lambdaUtils","_","_awsUtils","_constants","ApiFileManager","exports","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","accountId","getAwsAccountId","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","manage","addResource","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","baseConfig","functions","clone","download","layers","getLayerArn","env","WEBINY_FUNCTION_TYPE","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","sourceAccount","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { ApiGraphql, CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId } from \"~/apps/awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\ninterface ApiFileManagerConfig {\n env: Record<string, any>;\n}\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp, config: ApiFileManagerConfig) {\n const core = app.getModule(CoreOutput);\n const graphql = app.getModule(ApiGraphql);\n const accountId = getAwsAccountId(app);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const baseConfig = graphql.functions.graphql.config.clone();\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n ...baseConfig,\n memorySize: 1600,\n description: \"Serves previously uploaded files.\",\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: graphql.functions.graphql.output.environment.apply(env => {\n return {\n WEBINY_FUNCTION_TYPE: \"asset-delivery\",\n ...env?.variables,\n ...config.env\n };\n })\n }\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n sourceAccount: accountId\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAEA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AAQO,MAAMU,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAED,MAA4B,EAAE;IACjD,MAAME,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;IACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACE,SAAS,CAACG,YAAU,CAAC;IACzC,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACP,GAAG,CAAC;IAEtC,MAAMQ,MAAM,GAAGC,6BAA6B,CAACT,GAAG,CAAC;IACjD,MAAMU,IAAI,GAAG,IAAAC,6BAAgB,EAACX,GAAG,EAAE;MAC/BF,IAAI,EAAE,gBAAgB;MACtBU,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGb,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MAChDlB,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJW,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;QACrBC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAItC,MAAM,CAACuC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIxC,MAAM,CAACuC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC7B,GAAG,CAAC8B,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;YACrD,GAAGA,KAAK;YACRC,SAAS,EAAEpC,IAAI,CAACqC;UACpB,CAAC,CAAC;QACN,CAAC;QACDC,SAAS,EAAEvC,GAAG,CAACE,SAAS,CAACsC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMC,UAAU,GAAGtC,OAAO,CAACuC,SAAS,CAACvC,OAAO,CAACL,MAAM,CAAC6C,KAAK,CAAC,CAAC;IAE3D,MAAMC,QAAQ,GAAG7C,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MAClDlB,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ,GAAG2C,UAAU;QACbpB,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE,mCAAmC;QAChDuB,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,OAAO,CAAC,CAAC;QAC9Bf,WAAW,EAAE;UACTC,SAAS,EAAE7B,OAAO,CAACuC,SAAS,CAACvC,OAAO,CAACQ,MAAM,CAACoB,WAAW,CAACG,KAAK,CAACa,GAAG,IAAI;YACjE,OAAO;cACHC,oBAAoB,EAAE,gBAAgB;cACtC,GAAGD,GAAG,EAAEf,SAAS;cACjB,GAAGlC,MAAM,CAACiD;YACd,CAAC;UACL,CAAC;QACL;MACJ;IACJ,CAAC,CAAC;IAEF,MAAME,wBAAwB,GAAGlD,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACoC,UAAU,EAAE;MACpErD,IAAI,EAAE,gCAAgC;MACtCC,MAAM,EAAE;QACJqD,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAExC,MAAM,CAACD,MAAM,CAACK,GAAG;QAC3BqC,SAAS,EAAE,kBAAkB;QAC7BC,SAAS,EAAErE,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,EAAC;QACvEmB,aAAa,EAAEnD;MACnB,CAAC;MACDoD,IAAI,EAAE;QACFC,SAAS,EAAE,CAAC9C,MAAM,CAACD,MAAM;MAC7B;IACJ,CAAC,CAAC;IAEF,MAAMgD,kBAAkB,GAAG5D,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAACyE,EAAE,CAACC,kBAAkB,EAAE;MAClEhE,IAAI,EAAE,oBAAoB;MAC1BC,MAAM,EAAE;QACJgE,MAAM,EAAE9D,IAAI,CAACqC,mBAAmB;QAChC0B,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAEpD,MAAM,CAACD,MAAM,CAACK,GAAG;UACpCiD,MAAM,EAAE,CAAC,oBAAoB;QACjC,CAAC;MAET,CAAC;MACDR,IAAI,EAAE;QACFC,SAAS,EAAE,CAAC9C,MAAM,CAACD,MAAM,EAAEsC,wBAAwB,CAACtC,MAAM;MAC9D;IACJ,CAAC,CAAC;IAEF,MAAM+B,SAAS,GAAG;MACd9B,MAAM;MACNgC;IACJ,CAAC;IAED,OAAO;MACHF,SAAS;MACTiB;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASnD,6BAA6BA,CAACT,GAAc,EAAE;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;EAEtC,OAAOH,GAAG,CAACc,WAAW,CAAC1B,GAAG,CAAC+E,GAAG,CAACC,MAAM,EAAE;IACnCtE,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJwB,WAAW,EAAE,6CAA6C;MAC1Df,MAAM,EAAE;QACJ6D,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,uBAAuB;UAC/BC,QAAQ,EAAE;QACd,CAAC,EACD;UACIH,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNxF,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,EAAC,EAC5DpD,MAAM,CAACsE,WAAY,gBAAevD,IAAI,CAACqC,mBAAoB,IAAG;QAEtE,CAAC,EACD;UACIiC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;UAC9CC,QAAQ,EAAE,CACNxF,MAAM,CAACsE,WAAY,GAAEvD,IAAI,CAAC0E,uBAAwB,EAAC,EACnDzF,MAAM,CAACsE,WAAY,GAAEvD,IAAI,CAAC0E,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
package/apps/api/ApiGraphql.js
CHANGED
|
@@ -34,7 +34,7 @@ const ApiGraphql = exports.ApiGraphql = (0, _pulumi2.createAppModule)({
|
|
|
34
34
|
handler: "handler.handler",
|
|
35
35
|
role: role.output.arn,
|
|
36
36
|
timeout: 30,
|
|
37
|
-
memorySize:
|
|
37
|
+
memorySize: 1024,
|
|
38
38
|
code: new pulumi.asset.AssetArchive({
|
|
39
39
|
".": new pulumi.asset.FileArchive(_path.default.join(app.paths.workspace, "graphql/build"))
|
|
40
40
|
}),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_kebabCase","_pulumi2","_lambdaUtils","_","_awsUtils","_constants","EMPTY_TRASH_BIN_EVENT_RULE_NAME","EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME","EMPTY_TRASH_BIN_EVENT_RULE_TARGET","ApiGraphql","exports","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","lambda","Function","runtime","LAMBDA_RUNTIME","handler","arn","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","eventRule","cloudwatch","EventRule","description","scheduleExpression","Permission","action","function","principal","statementId","EventTarget","rule","input","JSON","stringify","source","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nconst EMPTY_TRASH_BIN_EVENT_RULE_NAME = `empty-trash-bin-event-rule`;\nconst EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME = `empty-trash-bin-event-target-permission`;\nconst EMPTY_TRASH_BIN_EVENT_RULE_TARGET = `empty-trash-bin-event-rule-target`;\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EMPTY_TRASH_BIN_EVENT_RULE_NAME,\n config: {\n description: \"Enable us to empty the trash-bin ever day\",\n scheduleExpression: \"cron(0 3 * * ? *)\"\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME,\n config: {\n action: \"lambda:InvokeFunction\",\n function: graphql.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EMPTY_TRASH_BIN_EVENT_RULE_NAME\n }\n });\n\n // Target the main graphql lambda.\n app.addResource(aws.cloudwatch.EventTarget, {\n name: EMPTY_TRASH_BIN_EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: graphql.output.arn,\n input: JSON.stringify({\n source: \"webiny.events\",\n \"detail-type\": \"WebinyEmptyTrashBin\"\n })\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:ListBucket\",\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AAiBA,MAAMU,+BAA+B,GAAI,4BAA2B;AACpE,MAAMC,qCAAqC,GAAI,yCAAwC;AACvF,MAAMC,iCAAiC,GAAI,mCAAkC;AAItE,MAAMC,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAc,EAAEC,MAAqB,EAAE;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;IAEtC,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAG,CAAC;IAC7C,MAAMO,IAAI,GAAG,IAAAC,6BAAgB,EAACR,GAAG,EAAE;MAC/BF,IAAI,EAAE,iBAAiB;MACvBO,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MACjDf,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJe,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BT,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,IAAI,EAAE,IAAIrC,MAAM,CAACsC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIvC,MAAM,CAACsC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACzB,GAAG,CAAC0B,KAAK,CAACC,SAAS,EAAE,eAAe,CAClD;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;YACrD,GAAGA,KAAK;YACR,GAAG/B,MAAM,CAACgC,GAAG;YACbC,mCAAmC,EAAE;UACzC,CAAC,CAAC;QACN,CAAC;QACDC,SAAS,EAAEnC,GAAG,CAACG,SAAS,CAACiC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IACF;AACR;AACA;AACA;AACA;AACA;IACQrC,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACqD,QAAQ,CAACC,SAAS,EAAE;MACpCzC,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJyC,SAAS,EAAEtC,IAAI,CAACuC,wBAAwB;QACxCC,OAAO,EAAExC,IAAI,CAACyC,2BAA2B;QACzCC,QAAQ,EAAE7D,MAAM,CACX0B,MAAM,CAACP,IAAI,CAAC2C,4BAA4B,CAAC,CACzCd,KAAK,CAACe,GAAG,IAAIA,GAAG,IAAI,IAAI,CAAC;QAC9BC,IAAI,EAAEhE,MAAM,CAACiE,WAAY;AACzC;AACA,6BAA6BhD,GAAG,CAACC,MAAM,CAACgD,GAAG,CAACC,OAAO,IAAI,SAAU;AACjE,iDAAiDxC,OAAO,CAACD,MAAM,CAACQ,GAAI;AACpE,wCAAwChB,MAAM,CAACkD,qBAAqB,CAACrD,IAAK;AAC1E,wCAAwCG,MAAM,CAACmD,uBAAuB,CAACC,QAAS;AAChF;MACY;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMC,SAAS,GAAGtD,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACsE,UAAU,CAACC,SAAS,EAAE;MACxD1D,IAAI,EAAEN,+BAA+B;MACrCO,MAAM,EAAE;QACJ0D,WAAW,EAAE,2CAA2C;QACxDC,kBAAkB,EAAE;MACxB;IACJ,CAAC,CAAC;;IAEF;IACA1D,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAAC+C,UAAU,EAAE;MACnC7D,IAAI,EAAEL,qCAAqC;MAC3CM,MAAM,EAAE;QACJ6D,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEnD,OAAO,CAACD,MAAM,CAACQ,GAAG;QAC5B6C,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAGvE;MACxC;IACJ,CAAC,CAAC;;IAEF;IACAQ,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACsE,UAAU,CAACS,WAAW,EAAE;MACxClE,IAAI,EAAEJ,iCAAiC;MACvCK,MAAM,EAAE;QACJkE,IAAI,EAAEX,SAAS,CAAC7C,MAAM,CAACX,IAAI;QAC3BmB,GAAG,EAAEP,OAAO,CAACD,MAAM,CAACQ,GAAG;QACvBiD,KAAK,EAAEC,IAAI,CAACC,SAAS,CAAC;UAClBC,MAAM,EAAE,eAAe;UACvB,aAAa,EAAE;QACnB,CAAC;MACL;IACJ,CAAC,CAAC;IAEF,OAAO;MACH9D,IAAI;MACJF,MAAM;MACNiE,SAAS,EAAE;QACP5D;MACJ,CAAC;MACD6D,QAAQ,EAAGC,WAA2B,IAAK;QACvC,MAAMC,UAAe,GAAGzE,GAAG,CAAC0E,SAAS,CAACD,UAAU;QAChD,IAAI,CAACA,UAAU,EAAE;UACbE,OAAO,CAACC,GAAG,CACP,sEACJ,CAAC;UACD;QACJ;QACA,MAAMC,SAAS,GAAG,IAAAC,kBAAW,EAACN,WAAW,CAAC1E,IAAI,CAAC;QAC/C,IAAI+E,SAAS,KAAKL,WAAW,CAAC1E,IAAI,EAAE;UAChC6E,OAAO,CAACC,GAAG,CAAE,+BAA8BJ,WAAW,CAAC1E,IAAK,IAAG,CAAC;UAChE;QACJ;QACA,OAAO2E,UAAU,CAACF,QAAQ,CAACC,WAAW,CAAC1E,IAAI,EAAE;UACzC0B,IAAI,EAAEgD,WAAW,CAAChD,IAAI;UACtBuD,MAAM,EAAEP,WAAW,CAACO,MAAM;UAC1BlB,QAAQ,EAAEnD,OAAO,CAACD,MAAM,CAACQ;QAC7B,CAAC,CAAC;MACN;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASX,yBAAyBA,CAACN,GAAc,EAAE;EAC/C,MAAMgF,UAAU,GAAGhF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;EAC5C,MAAM6E,YAAY,GAAG,IAAAC,yBAAe,EAAClF,GAAG,CAAC;EACzC,MAAMmF,SAAS,GAAG,IAAAC,sBAAY,EAACpF,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACoG,GAAG,CAACC,MAAM,EAAE;IACnCxF,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ0D,WAAW,EAAE,oEAAoE;MACjF;MACApD,MAAM,EAAE2E,UAAU,CAACjD,KAAK,CAAC7B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCkF,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,6BAA6B,EAC7B,uBAAuB,EACvB,sBAAsB,EACtB,6BAA6B,EAC7B,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,6BAA6B,EAC7B,yBAAyB,EACzB,oCAAoC,EACpC,sCAAsC,EACtC,yBAAyB,EACzB,8CAA8C,EAC9C,yBAAyB,EACzB,mCAAmC,EACnC,4CAA4C,EAC5C,yBAAyB,EACzB,wBAAwB,EACxB,0CAA0C,EAC1C,6BAA6B,EAC7B,6CAA6C,EAC7C,4CAA4C,EAC5C,mCAAmC,EACnC,kBAAkB,EAClB,qBAAqB,EACrB,2BAA2B,EAC3B,sBAAsB,EACtB,kCAAkC,EAClC,sBAAsB,EACtB,sBAAsB,EACtB,qBAAqB,EACrB,6BAA6B,EAC7B,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,4CAA4C,EAC5C,kBAAkB,EAClB,gBAAgB,EAChB,iCAAiC,EACjC,oCAAoC,EACpC,eAAe,EACf,kCAAkC,EAClC,oCAAoC,EACpC,qBAAqB,EACrB,sBAAsB,EACtB,wCAAwC,EACxC,2BAA2B,CAC9B;YACDC,QAAQ,EAAE,CACL,GAAE1F,IAAI,CAAC2F,uBAAwB,EAAC,EAChC,GAAE3F,IAAI,CAAC2F,uBAAwB,IAAG;YACnC;YACA,IAAI3F,IAAI,CAAC4F,6BAA6B,GAChC,CACK,GAAE5F,IAAI,CAAC4F,6BAA8B,EAAC,EACtC,GAAE5F,IAAI,CAAC4F,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIL,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,CACjB;YACDC,QAAQ,EAAE,CACN7G,MAAM,CAACiE,WAAY,gBAAe9C,IAAI,CAAC6F,mBAAoB,EAAC,EAC5DhH,MAAM,CAACiE,WAAY,gBAAe9C,IAAI,CAAC6F,mBAAoB,IAAG;UAEtE,CAAC,EACD;YACIN,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAE7G,MAAM,CAACiE,WAAY,kBAAiBmC,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIQ,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAE1F,IAAI,CAAC8F,kBAAmB;UACzC,CAAC,EACD;YACIP,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,kBAAkB;YAC1BC,QAAQ,EAAE1F,IAAI,CAAC+F;UACnB,CAAC,EACD;YACIR,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,+BAA+B;YACvCC,QAAQ,EAAE7G,MAAM,CAACiE,WAAY,uBAAsBiC,YAAa;UACpE,CAAC;UACD;UACA,IAAI/E,IAAI,CAACgG,sBAAsB,GACzB,CACI;YACIT,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACL,GAAE1F,IAAI,CAACgG,sBAAuB,EAAC,EAC/B,GAAEhG,IAAI,CAACgG,sBAAuB,IAAG;UAE1C,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAO7F,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_kebabCase","_pulumi2","_lambdaUtils","_","_awsUtils","_constants","EMPTY_TRASH_BIN_EVENT_RULE_NAME","EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME","EMPTY_TRASH_BIN_EVENT_RULE_TARGET","ApiGraphql","exports","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","lambda","Function","runtime","LAMBDA_RUNTIME","handler","arn","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","eventRule","cloudwatch","EventRule","description","scheduleExpression","Permission","action","function","principal","statementId","EventTarget","rule","input","JSON","stringify","source","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nconst EMPTY_TRASH_BIN_EVENT_RULE_NAME = `empty-trash-bin-event-rule`;\nconst EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME = `empty-trash-bin-event-target-permission`;\nconst EMPTY_TRASH_BIN_EVENT_RULE_TARGET = `empty-trash-bin-event-rule-target`;\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 1024,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EMPTY_TRASH_BIN_EVENT_RULE_NAME,\n config: {\n description: \"Enable us to empty the trash-bin ever day\",\n scheduleExpression: \"cron(0 3 * * ? *)\"\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: EMPTY_TRASH_BIN_EVENT_PERMISSION_NAME,\n config: {\n action: \"lambda:InvokeFunction\",\n function: graphql.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EMPTY_TRASH_BIN_EVENT_RULE_NAME\n }\n });\n\n // Target the main graphql lambda.\n app.addResource(aws.cloudwatch.EventTarget, {\n name: EMPTY_TRASH_BIN_EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: graphql.output.arn,\n input: JSON.stringify({\n source: \"webiny.events\",\n \"detail-type\": \"WebinyEmptyTrashBin\"\n })\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:ListBucket\",\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AAiBA,MAAMU,+BAA+B,GAAI,4BAA2B;AACpE,MAAMC,qCAAqC,GAAI,yCAAwC;AACvF,MAAMC,iCAAiC,GAAI,mCAAkC;AAItE,MAAMC,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAc,EAAEC,MAAqB,EAAE;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;IAEtC,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAG,CAAC;IAC7C,MAAMO,IAAI,GAAG,IAAAC,6BAAgB,EAACR,GAAG,EAAE;MAC/BF,IAAI,EAAE,iBAAiB;MACvBO,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAACC,QAAQ,EAAE;MACjDf,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJe,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BT,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,IAAI;QAChBC,IAAI,EAAE,IAAIrC,MAAM,CAACsC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIvC,MAAM,CAACsC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACzB,GAAG,CAAC0B,KAAK,CAACC,SAAS,EAAE,eAAe,CAClD;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;YACrD,GAAGA,KAAK;YACR,GAAG/B,MAAM,CAACgC,GAAG;YACbC,mCAAmC,EAAE;UACzC,CAAC,CAAC;QACN,CAAC;QACDC,SAAS,EAAEnC,GAAG,CAACG,SAAS,CAACiC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IACF;AACR;AACA;AACA;AACA;AACA;IACQrC,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACqD,QAAQ,CAACC,SAAS,EAAE;MACpCzC,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJyC,SAAS,EAAEtC,IAAI,CAACuC,wBAAwB;QACxCC,OAAO,EAAExC,IAAI,CAACyC,2BAA2B;QACzCC,QAAQ,EAAE7D,MAAM,CACX0B,MAAM,CAACP,IAAI,CAAC2C,4BAA4B,CAAC,CACzCd,KAAK,CAACe,GAAG,IAAIA,GAAG,IAAI,IAAI,CAAC;QAC9BC,IAAI,EAAEhE,MAAM,CAACiE,WAAY;AACzC;AACA,6BAA6BhD,GAAG,CAACC,MAAM,CAACgD,GAAG,CAACC,OAAO,IAAI,SAAU;AACjE,iDAAiDxC,OAAO,CAACD,MAAM,CAACQ,GAAI;AACpE,wCAAwChB,MAAM,CAACkD,qBAAqB,CAACrD,IAAK;AAC1E,wCAAwCG,MAAM,CAACmD,uBAAuB,CAACC,QAAS;AAChF;MACY;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMC,SAAS,GAAGtD,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACsE,UAAU,CAACC,SAAS,EAAE;MACxD1D,IAAI,EAAEN,+BAA+B;MACrCO,MAAM,EAAE;QACJ0D,WAAW,EAAE,2CAA2C;QACxDC,kBAAkB,EAAE;MACxB;IACJ,CAAC,CAAC;;IAEF;IACA1D,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAAC2B,MAAM,CAAC+C,UAAU,EAAE;MACnC7D,IAAI,EAAEL,qCAAqC;MAC3CM,MAAM,EAAE;QACJ6D,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEnD,OAAO,CAACD,MAAM,CAACQ,GAAG;QAC5B6C,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAGvE;MACxC;IACJ,CAAC,CAAC;;IAEF;IACAQ,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACsE,UAAU,CAACS,WAAW,EAAE;MACxClE,IAAI,EAAEJ,iCAAiC;MACvCK,MAAM,EAAE;QACJkE,IAAI,EAAEX,SAAS,CAAC7C,MAAM,CAACX,IAAI;QAC3BmB,GAAG,EAAEP,OAAO,CAACD,MAAM,CAACQ,GAAG;QACvBiD,KAAK,EAAEC,IAAI,CAACC,SAAS,CAAC;UAClBC,MAAM,EAAE,eAAe;UACvB,aAAa,EAAE;QACnB,CAAC;MACL;IACJ,CAAC,CAAC;IAEF,OAAO;MACH9D,IAAI;MACJF,MAAM;MACNiE,SAAS,EAAE;QACP5D;MACJ,CAAC;MACD6D,QAAQ,EAAGC,WAA2B,IAAK;QACvC,MAAMC,UAAe,GAAGzE,GAAG,CAAC0E,SAAS,CAACD,UAAU;QAChD,IAAI,CAACA,UAAU,EAAE;UACbE,OAAO,CAACC,GAAG,CACP,sEACJ,CAAC;UACD;QACJ;QACA,MAAMC,SAAS,GAAG,IAAAC,kBAAW,EAACN,WAAW,CAAC1E,IAAI,CAAC;QAC/C,IAAI+E,SAAS,KAAKL,WAAW,CAAC1E,IAAI,EAAE;UAChC6E,OAAO,CAACC,GAAG,CAAE,+BAA8BJ,WAAW,CAAC1E,IAAK,IAAG,CAAC;UAChE;QACJ;QACA,OAAO2E,UAAU,CAACF,QAAQ,CAACC,WAAW,CAAC1E,IAAI,EAAE;UACzC0B,IAAI,EAAEgD,WAAW,CAAChD,IAAI;UACtBuD,MAAM,EAAEP,WAAW,CAACO,MAAM;UAC1BlB,QAAQ,EAAEnD,OAAO,CAACD,MAAM,CAACQ;QAC7B,CAAC,CAAC;MACN;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASX,yBAAyBA,CAACN,GAAc,EAAE;EAC/C,MAAMgF,UAAU,GAAGhF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;EAC5C,MAAM6E,YAAY,GAAG,IAAAC,yBAAe,EAAClF,GAAG,CAAC;EACzC,MAAMmF,SAAS,GAAG,IAAAC,sBAAY,EAACpF,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACW,WAAW,CAAC1B,GAAG,CAACoG,GAAG,CAACC,MAAM,EAAE;IACnCxF,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ0D,WAAW,EAAE,oEAAoE;MACjF;MACApD,MAAM,EAAE2E,UAAU,CAACjD,KAAK,CAAC7B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCkF,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,6BAA6B,EAC7B,uBAAuB,EACvB,sBAAsB,EACtB,6BAA6B,EAC7B,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,6BAA6B,EAC7B,yBAAyB,EACzB,oCAAoC,EACpC,sCAAsC,EACtC,yBAAyB,EACzB,8CAA8C,EAC9C,yBAAyB,EACzB,mCAAmC,EACnC,4CAA4C,EAC5C,yBAAyB,EACzB,wBAAwB,EACxB,0CAA0C,EAC1C,6BAA6B,EAC7B,6CAA6C,EAC7C,4CAA4C,EAC5C,mCAAmC,EACnC,kBAAkB,EAClB,qBAAqB,EACrB,2BAA2B,EAC3B,sBAAsB,EACtB,kCAAkC,EAClC,sBAAsB,EACtB,sBAAsB,EACtB,qBAAqB,EACrB,6BAA6B,EAC7B,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,4CAA4C,EAC5C,kBAAkB,EAClB,gBAAgB,EAChB,iCAAiC,EACjC,oCAAoC,EACpC,eAAe,EACf,kCAAkC,EAClC,oCAAoC,EACpC,qBAAqB,EACrB,sBAAsB,EACtB,wCAAwC,EACxC,2BAA2B,CAC9B;YACDC,QAAQ,EAAE,CACL,GAAE1F,IAAI,CAAC2F,uBAAwB,EAAC,EAChC,GAAE3F,IAAI,CAAC2F,uBAAwB,IAAG;YACnC;YACA,IAAI3F,IAAI,CAAC4F,6BAA6B,GAChC,CACK,GAAE5F,IAAI,CAAC4F,6BAA8B,EAAC,EACtC,GAAE5F,IAAI,CAAC4F,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIL,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,CACjB;YACDC,QAAQ,EAAE,CACN7G,MAAM,CAACiE,WAAY,gBAAe9C,IAAI,CAAC6F,mBAAoB,EAAC,EAC5DhH,MAAM,CAACiE,WAAY,gBAAe9C,IAAI,CAAC6F,mBAAoB,IAAG;UAEtE,CAAC,EACD;YACIN,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAE7G,MAAM,CAACiE,WAAY,kBAAiBmC,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIQ,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAE1F,IAAI,CAAC8F,kBAAmB;UACzC,CAAC,EACD;YACIP,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,kBAAkB;YAC1BC,QAAQ,EAAE1F,IAAI,CAAC+F;UACnB,CAAC,EACD;YACIR,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,+BAA+B;YACvCC,QAAQ,EAAE7G,MAAM,CAACiE,WAAY,uBAAsBiC,YAAa;UACpE,CAAC;UACD;UACA,IAAI/E,IAAI,CAACgG,sBAAsB,GACzB,CACI;YACIT,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACL,GAAE1F,IAAI,CAACgG,sBAAuB,EAAC,EAC/B,GAAEhG,IAAI,CAACgG,sBAAuB,IAAG;UAE1C,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAO7F,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
@@ -51,7 +51,7 @@ function createExportResources(app, params) {
|
|
|
51
51
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
52
52
|
handler: "handler.handler",
|
|
53
53
|
timeout: 60,
|
|
54
|
-
memorySize:
|
|
54
|
+
memorySize: 1024,
|
|
55
55
|
description: "Handle export's combine workflow",
|
|
56
56
|
code: new pulumi.asset.AssetArchive({
|
|
57
57
|
".": new pulumi.asset.FileArchive(path.join(app.paths.workspace, "pageBuilder/export/combine/build"))
|
|
@@ -72,7 +72,7 @@ function createExportResources(app, params) {
|
|
|
72
72
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
73
73
|
handler: "handler.handler",
|
|
74
74
|
timeout: 60,
|
|
75
|
-
memorySize:
|
|
75
|
+
memorySize: 1024,
|
|
76
76
|
description: "Handle export's process workflow",
|
|
77
77
|
code: new pulumi.asset.AssetArchive({
|
|
78
78
|
".": new pulumi.asset.FileArchive(path.join(app.paths.workspace, "pageBuilder/export/process/build"))
|
|
@@ -150,7 +150,7 @@ function createImportResources(app, params) {
|
|
|
150
150
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
151
151
|
handler: "handler.handler",
|
|
152
152
|
timeout: 60,
|
|
153
|
-
memorySize:
|
|
153
|
+
memorySize: 1024,
|
|
154
154
|
description: "Handle import queue process workflow",
|
|
155
155
|
code: new pulumi.asset.AssetArchive({
|
|
156
156
|
".": new pulumi.asset.FileArchive(path.join(app.paths.workspace, "pageBuilder/import/process/build"))
|
|
@@ -171,7 +171,7 @@ function createImportResources(app, params) {
|
|
|
171
171
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
172
172
|
handler: "handler.handler",
|
|
173
173
|
timeout: 60,
|
|
174
|
-
memorySize:
|
|
174
|
+
memorySize: 1024,
|
|
175
175
|
description: "Handle import queue create workflow",
|
|
176
176
|
code: new pulumi.asset.AssetArchive({
|
|
177
177
|
".": new pulumi.asset.FileArchive(path.join(app.paths.workspace, "pageBuilder/import/create/build"))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_installation","_pulumi2","_common","_lambdaUtils","_awsUtils","_constants","ApiPageBuilder","exports","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","join","resolve","createInstallationZip","s3","BucketObject","key","bucket","fileManagerBucketId","contentType","source","asset","FileAsset","exportResources","createExportResources","importResources","createImportResources","export","import","policy","createExportLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","S3_BUCKET","process","EXPORT_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","elasticSearchEnabled","create","elasticSearch","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","elasticsearchDomainArn","createImportLambdaPolicy","IMPORT_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportResources = createExportResources(app, params);\n const importResources = createImportResources(app, params);\n\n return {\n export: exportResources,\n import: importResources\n };\n }\n});\n\nfunction createExportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-combine\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-process\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n }\n }\n });\n}\n\nfunction createImportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-process\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-create\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,aAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAQO,MAAMS,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;IAEtCJ,GAAG,CAACK,UAAU,CAAC,MAAM;MACjB,MAAMC,qBAAqB,GAAGtB,IAAI,CAACuB,IAAI,CAACvB,IAAI,CAACwB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC;MACrF;MACA,IAAAC,mCAAqB,EAACH,qBAAqB,CAAC;MAE5C,IAAIlB,GAAG,CAACsB,EAAE,CAACC,YAAY,CAAC,sBAAsB,EAAE;QAC5CC,GAAG,EAAE,oBAAoB;QACzBC,MAAM,EAAEX,IAAI,CAACY,mBAAmB;QAChCC,WAAW,EAAE,0BAA0B;QACvCC,MAAM,EAAE,IAAI7B,MAAM,CAAC8B,KAAK,CAACC,SAAS,CAACZ,qBAAqB;MAC5D,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMa,eAAe,GAAGC,qBAAqB,CAACpB,GAAG,EAAEC,MAAM,CAAC;IAC1D,MAAMoB,eAAe,GAAGC,qBAAqB,CAACtB,GAAG,EAAEC,MAAM,CAAC;IAE1D,OAAO;MACHsB,MAAM,EAAEJ,eAAe;MACvBK,MAAM,EAAEH;IACZ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASD,qBAAqBA,CAACpB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMqB,MAAM,GAAGC,wBAAwB,CAAC1B,GAAG,CAAC;EAC5C,MAAM2B,IAAI,GAAG,IAAAC,6BAAgB,EAAC5B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B2B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMC,OAAO,GAAG9B,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY;QACpB,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMuC,OAAO,GAAGrD,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY,mBAAmB;UACnCwC,sBAAsB,EAAExB,OAAO,CAACD,MAAM,CAACK;QAC3C,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN8B,SAAS,EAAE;MACPF,OAAO;MACPvB;IACJ;EACJ,CAAC;AACL;AAEA,SAASJ,wBAAwBA,CAAC1B,GAAc,EAAE;EAC9C,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMoD,YAAY,GAAG,IAAAC,yBAAe,EAACzD,GAAG,CAAC;EACzC,MAAM0D,SAAS,GAAG,IAAAC,sBAAY,EAAC3D,GAAG,CAAC;EAEnC,MAAM4D,oBAAoB,GAAG,CAAC,CAAC5D,GAAG,CAACC,MAAM,CAAC4D,MAAM,CAACC,aAAa;EAE9D,OAAO9D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnClE,IAAI,EAAE,0BAA0B;IAChCC,MAAM,EAAE;MACJyC,WAAW,EAAE,wCAAwC;MACrDf,MAAM,EAAE;QACJwC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACsE,uBAAwB,EAAC,EACnDrF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACsE,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,gBAAerE,IAAI,CAACY,mBAAoB,IAAG;UAC9D;UACA3B,MAAM,CAACoF,WAAY,gBAAerE,IAAI,CAACY,mBAAoB,EAAC;QAEpE,CAAC,EACD;UACIqD,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;QAC5E,CAAC;QACD;QACA,IAAII,oBAAoB,GAClB,CACI;UACIO,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAgB;UACxBC,MAAM,EAAE,MAAM;UACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,IAAG;QAE5D,CAAC,CACJ,GACD,EAAE,CAAC;MAEjB;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASnD,qBAAqBA,CAACtB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMqB,MAAM,GAAGiD,wBAAwB,CAAC1E,GAAG,CAAC;EAC5C,MAAM2B,IAAI,GAAG,IAAAC,6BAAgB,EAAC5B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B2B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMwB,OAAO,GAAGrD,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,sCAAsC;MACnDC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY;QACpB,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAM+C,MAAM,GAAG7D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IAChDnC,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,qCAAqC;MAClDC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,iCAAiC,CACpE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY,mBAAmB;UACnC6D,4BAA4B,EAAEtB,OAAO,CAACxB,MAAM,CAACK;QACjD,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN8B,SAAS,EAAE;MACPM,MAAM;MACNR;IACJ;EACJ,CAAC;AACL;AAEA,SAASqB,wBAAwBA,CAAC1E,GAAc,EAAE;EAC9C,MAAM4E,UAAU,GAAG5E,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAC5C,MAAMoD,YAAY,GAAG,IAAAC,yBAAe,EAACzD,GAAG,CAAC;EACzC,MAAM0D,SAAS,GAAG,IAAAC,sBAAY,EAAC3D,GAAG,CAAC;EAEnC,MAAM4D,oBAAoB,GAAG,CAAC,CAAC5D,GAAG,CAACC,MAAM,CAAC4D,MAAM,CAACC,aAAa;EAE9D,OAAO9D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnClE,IAAI,EAAE,oBAAoB;IAC1BC,MAAM,EAAE;MACJyC,WAAW,EAAE,iEAAiE;MAC9E;MACAf,MAAM,EAAEmD,UAAU,CAAC3B,KAAK,CAAC/C,IAAI,IAAI;QAC7B,MAAMuB,MAA8B,GAAG;UACnCwC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;YACDC,QAAQ,EAAE,CACL,GAAEpE,IAAI,CAACsE,uBAAwB,EAAC,EAChC,GAAEtE,IAAI,CAACsE,uBAAwB,IAAG;YACnC;YACA,IAAItE,IAAI,CAAC2E,6BAA6B,GAChC,CACK,GAAE3E,IAAI,CAAC2E,6BAA8B,EAAC,EACtC,GAAE3E,IAAI,CAAC2E,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIV,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CACL,gBAAepE,IAAI,CAACY,mBAAoB,IAAG;YAC5C;YACC,gBAAeZ,IAAI,CAACY,mBAAoB,EAAC;UAElD,CAAC,EACD;YACIqD,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIW,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAEpE,IAAI,CAAC4E,kBAAmB;UACzC,CAAC;UACD;UACA,IAAIlB,oBAAoB,GAClB,CACI;YACIO,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,IAAG;UAE5D,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOhD,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_installation","_pulumi2","_common","_lambdaUtils","_awsUtils","_constants","ApiPageBuilder","exports","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","join","resolve","createInstallationZip","s3","BucketObject","key","bucket","fileManagerBucketId","contentType","source","asset","FileAsset","exportResources","createExportResources","importResources","createImportResources","export","import","policy","createExportLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","S3_BUCKET","process","EXPORT_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","elasticSearchEnabled","create","elasticSearch","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","elasticsearchDomainArn","createImportLambdaPolicy","IMPORT_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportResources = createExportResources(app, params);\n const importResources = createImportResources(app, params);\n\n return {\n export: exportResources,\n import: importResources\n };\n }\n});\n\nfunction createExportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-combine\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 1024,\n description: \"Handle export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-process\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 1024,\n description: \"Handle export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n }\n }\n });\n}\n\nfunction createImportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-process\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 1024,\n description: \"Handle import queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-create\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 1024,\n description: \"Handle import queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,aAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAQO,MAAMS,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;IAEtCJ,GAAG,CAACK,UAAU,CAAC,MAAM;MACjB,MAAMC,qBAAqB,GAAGtB,IAAI,CAACuB,IAAI,CAACvB,IAAI,CAACwB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC;MACrF;MACA,IAAAC,mCAAqB,EAACH,qBAAqB,CAAC;MAE5C,IAAIlB,GAAG,CAACsB,EAAE,CAACC,YAAY,CAAC,sBAAsB,EAAE;QAC5CC,GAAG,EAAE,oBAAoB;QACzBC,MAAM,EAAEX,IAAI,CAACY,mBAAmB;QAChCC,WAAW,EAAE,0BAA0B;QACvCC,MAAM,EAAE,IAAI7B,MAAM,CAAC8B,KAAK,CAACC,SAAS,CAACZ,qBAAqB;MAC5D,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMa,eAAe,GAAGC,qBAAqB,CAACpB,GAAG,EAAEC,MAAM,CAAC;IAC1D,MAAMoB,eAAe,GAAGC,qBAAqB,CAACtB,GAAG,EAAEC,MAAM,CAAC;IAE1D,OAAO;MACHsB,MAAM,EAAEJ,eAAe;MACvBK,MAAM,EAAEH;IACZ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAASD,qBAAqBA,CAACpB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMqB,MAAM,GAAGC,wBAAwB,CAAC1B,GAAG,CAAC;EAC5C,MAAM2B,IAAI,GAAG,IAAAC,6BAAgB,EAAC5B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B2B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMC,OAAO,GAAG9B,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY;QACpB,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMuC,OAAO,GAAGrD,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY,mBAAmB;UACnCwC,sBAAsB,EAAExB,OAAO,CAACD,MAAM,CAACK;QAC3C,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN8B,SAAS,EAAE;MACPF,OAAO;MACPvB;IACJ;EACJ,CAAC;AACL;AAEA,SAASJ,wBAAwBA,CAAC1B,GAAc,EAAE;EAC9C,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMoD,YAAY,GAAG,IAAAC,yBAAe,EAACzD,GAAG,CAAC;EACzC,MAAM0D,SAAS,GAAG,IAAAC,sBAAY,EAAC3D,GAAG,CAAC;EAEnC,MAAM4D,oBAAoB,GAAG,CAAC,CAAC5D,GAAG,CAACC,MAAM,CAAC4D,MAAM,CAACC,aAAa;EAE9D,OAAO9D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnClE,IAAI,EAAE,0BAA0B;IAChCC,MAAM,EAAE;MACJyC,WAAW,EAAE,wCAAwC;MACrDf,MAAM,EAAE;QACJwC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACsE,uBAAwB,EAAC,EACnDrF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACsE,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,gBAAerE,IAAI,CAACY,mBAAoB,IAAG;UAC9D;UACA3B,MAAM,CAACoF,WAAY,gBAAerE,IAAI,CAACY,mBAAoB,EAAC;QAEpE,CAAC,EACD;UACIqD,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;QAC5E,CAAC;QACD;QACA,IAAII,oBAAoB,GAClB,CACI;UACIO,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAgB;UACxBC,MAAM,EAAE,MAAM;UACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,IAAG;QAE5D,CAAC,CACJ,GACD,EAAE,CAAC;MAEjB;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASnD,qBAAqBA,CAACtB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMqB,MAAM,GAAGiD,wBAAwB,CAAC1E,GAAG,CAAC;EAC5C,MAAM2B,IAAI,GAAG,IAAAC,6BAAgB,EAAC5B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B2B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMwB,OAAO,GAAGrD,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IACjDnC,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,sCAAsC;MACnDC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY;QACpB,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAM+C,MAAM,GAAG7D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC4C,MAAM,CAACC,QAAQ,EAAE;IAChDnC,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ4B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,qCAAqC;MAClDC,IAAI,EAAE,IAAItD,MAAM,CAAC8B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIvD,MAAM,CAAC8B,KAAK,CAAC0B,WAAW,CAC7B3D,IAAI,CAACuB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,iCAAiC,CACpE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,KAAK;UACrD,GAAGA,KAAK;UACR,GAAGjD,MAAM,CAACkD,GAAG;UACbC,SAAS,EAAElD,IAAI,CAACY,mBAAmB;UACnC6D,4BAA4B,EAAEtB,OAAO,CAACxB,MAAM,CAACK;QACjD,CAAC,CAAC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN8B,SAAS,EAAE;MACPM,MAAM;MACNR;IACJ;EACJ,CAAC;AACL;AAEA,SAASqB,wBAAwBA,CAAC1E,GAAc,EAAE;EAC9C,MAAM4E,UAAU,GAAG5E,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAC5C,MAAMoD,YAAY,GAAG,IAAAC,yBAAe,EAACzD,GAAG,CAAC;EACzC,MAAM0D,SAAS,GAAG,IAAAC,sBAAY,EAAC3D,GAAG,CAAC;EAEnC,MAAM4D,oBAAoB,GAAG,CAAC,CAAC5D,GAAG,CAACC,MAAM,CAAC4D,MAAM,CAACC,aAAa;EAE9D,OAAO9D,GAAG,CAAC+B,WAAW,CAAC3C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnClE,IAAI,EAAE,oBAAoB;IAC1BC,MAAM,EAAE;MACJyC,WAAW,EAAE,iEAAiE;MAC9E;MACAf,MAAM,EAAEmD,UAAU,CAAC3B,KAAK,CAAC/C,IAAI,IAAI;QAC7B,MAAMuB,MAA8B,GAAG;UACnCwC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;YACDC,QAAQ,EAAE,CACL,GAAEpE,IAAI,CAACsE,uBAAwB,EAAC,EAChC,GAAEtE,IAAI,CAACsE,uBAAwB,IAAG;YACnC;YACA,IAAItE,IAAI,CAAC2E,6BAA6B,GAChC,CACK,GAAE3E,IAAI,CAAC2E,6BAA8B,EAAC,EACtC,GAAE3E,IAAI,CAAC2E,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIV,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CACL,gBAAepE,IAAI,CAACY,mBAAoB,IAAG;YAC5C;YACC,gBAAeZ,IAAI,CAACY,mBAAoB,EAAC;UAElD,CAAC,EACD;YACIqD,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIW,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAEpE,IAAI,CAAC4E,kBAAmB;UACzC,CAAC;UACD;UACA,IAAIlB,oBAAoB,GAClB,CACI;YACIO,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAErE,IAAI,CAACuE,sBAAuB,IAAG;UAE5D,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOhD,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
package/apps/core/CoreCognito.js
CHANGED
|
@@ -96,7 +96,15 @@ const CoreCognito = exports.CoreCognito = (0, _pulumi.createAppModule)({
|
|
|
96
96
|
const userPoolClient = app.addResource(aws.cognito.UserPoolClient, {
|
|
97
97
|
name: "user-pool-client",
|
|
98
98
|
config: {
|
|
99
|
-
userPoolId: userPool.output.id
|
|
99
|
+
userPoolId: userPool.output.id,
|
|
100
|
+
accessTokenValidity: 60,
|
|
101
|
+
idTokenValidity: 60,
|
|
102
|
+
refreshTokenValidity: 30,
|
|
103
|
+
tokenValidityUnits: {
|
|
104
|
+
accessToken: "minutes",
|
|
105
|
+
idToken: "minutes",
|
|
106
|
+
refreshToken: "days"
|
|
107
|
+
}
|
|
100
108
|
}
|
|
101
109
|
});
|
|
102
110
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreCognito","exports","createAppModule","name","config","app","params","userPool","addResource","cognito","UserPool","passwordPolicy","minimumLength","requireLowercase","requireNumbers","requireSymbols","requireUppercase","temporaryPasswordValidityDays","adminCreateUserConfig","allowAdminCreateUserOnly","autoVerifiedAttributes","emailConfiguration","emailSendingAccount","usernameAttributes","useEmailAsUsername","undefined","aliasAttributes","lambdaConfig","mfaConfiguration","userPoolAddOns","advancedSecurityMode","verificationMessageTemplate","defaultEmailOption","accountRecoverySetting","recoveryMechanisms","priority","schemas","attributeDataType","required","developerOnlyAttribute","mutable","stringAttributeConstraints","maxLength","minLength","opts","protect","userPoolClient","UserPoolClient","userPoolId","output","id"],"sources":["CoreCognito.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport interface CoreCognitoParams {\n protect: boolean;\n useEmailAsUsername: boolean;\n}\n\nexport type CoreCognito = PulumiAppModule<typeof CoreCognito>;\n\nexport const CoreCognito = createAppModule({\n name: \"Cognito\",\n config(app: PulumiApp, params: CoreCognitoParams) {\n const userPool = app.addResource(aws.cognito.UserPool, {\n name: \"user-pool\",\n config: {\n passwordPolicy: {\n minimumLength: 8,\n requireLowercase: false,\n requireNumbers: false,\n requireSymbols: false,\n requireUppercase: false,\n temporaryPasswordValidityDays: 7\n },\n adminCreateUserConfig: {\n allowAdminCreateUserOnly: true\n },\n autoVerifiedAttributes: [\"email\"],\n emailConfiguration: {\n emailSendingAccount: \"COGNITO_DEFAULT\"\n },\n // In a legacy setup we use email as username.\n // We need to provide a way for users to have this setup,\n // because changing it would require whole cognito pool to be recreated.\n usernameAttributes: params.useEmailAsUsername ? [\"email\"] : undefined,\n aliasAttributes: params.useEmailAsUsername ? undefined : [\"preferred_username\"],\n lambdaConfig: {},\n mfaConfiguration: \"OFF\",\n userPoolAddOns: {\n advancedSecurityMode: \"OFF\" /* required */\n },\n verificationMessageTemplate: {\n defaultEmailOption: \"CONFIRM_WITH_CODE\"\n },\n accountRecoverySetting: {\n recoveryMechanisms: [{ name: \"verified_email\", priority: 1 }]\n },\n schemas: [\n {\n attributeDataType: \"String\",\n name: \"email\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"family_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"given_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"id\",\n required: false,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"36\",\n minLength: \"0\"\n }\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n const userPoolClient = app.addResource(aws.cognito.UserPoolClient, {\n name: \"user-pool-client\",\n config: {\n userPoolId: userPool.output.id\n }\n });\n\n return {\n userPool,\n userPoolClient\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AASO,MAAME,WAAW,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,uBAAe,EAAC;EACvCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,QAAQ,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACC,QAAQ,EAAE;MACnDP,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJO,cAAc,EAAE;UACZC,aAAa,EAAE,CAAC;UAChBC,gBAAgB,EAAE,KAAK;UACvBC,cAAc,EAAE,KAAK;UACrBC,cAAc,EAAE,KAAK;UACrBC,gBAAgB,EAAE,KAAK;UACvBC,6BAA6B,EAAE;QACnC,CAAC;QACDC,qBAAqB,EAAE;UACnBC,wBAAwB,EAAE;QAC9B,CAAC;QACDC,sBAAsB,EAAE,CAAC,OAAO,CAAC;QACjCC,kBAAkB,EAAE;UAChBC,mBAAmB,EAAE;QACzB,CAAC;QACD;QACA;QACA;QACAC,kBAAkB,EAAEjB,MAAM,CAACkB,kBAAkB,GAAG,CAAC,OAAO,CAAC,GAAGC,SAAS;QACrEC,eAAe,EAAEpB,MAAM,CAACkB,kBAAkB,GAAGC,SAAS,GAAG,CAAC,oBAAoB,CAAC;QAC/EE,YAAY,EAAE,CAAC,CAAC;QAChBC,gBAAgB,EAAE,KAAK;QACvBC,cAAc,EAAE;UACZC,oBAAoB,EAAE,KAAK,CAAC;QAChC,CAAC;QACDC,2BAA2B,EAAE;UACzBC,kBAAkB,EAAE;QACxB,CAAC;QACDC,sBAAsB,EAAE;UACpBC,kBAAkB,EAAE,CAAC;YAAE/B,IAAI,EAAE,gBAAgB;YAAEgC,QAAQ,EAAE;UAAE,CAAC;QAChE,CAAC;QACDC,OAAO,EAAE,CACL;UACIC,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,OAAO;UACbmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,aAAa;UACnBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,YAAY;UAClBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,IAAI;UACVmC,QAAQ,EAAE,KAAK;UACfC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,IAAI;YACfC,SAAS,EAAE;UACf;QACJ,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEvC,MAAM,CAACuC;MACpB;IACJ,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGzC,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACsC,cAAc,EAAE;MAC/D5C,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJ4C,UAAU,EAAEzC,QAAQ,CAAC0C,MAAM,CAACC;
|
|
1
|
+
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreCognito","exports","createAppModule","name","config","app","params","userPool","addResource","cognito","UserPool","passwordPolicy","minimumLength","requireLowercase","requireNumbers","requireSymbols","requireUppercase","temporaryPasswordValidityDays","adminCreateUserConfig","allowAdminCreateUserOnly","autoVerifiedAttributes","emailConfiguration","emailSendingAccount","usernameAttributes","useEmailAsUsername","undefined","aliasAttributes","lambdaConfig","mfaConfiguration","userPoolAddOns","advancedSecurityMode","verificationMessageTemplate","defaultEmailOption","accountRecoverySetting","recoveryMechanisms","priority","schemas","attributeDataType","required","developerOnlyAttribute","mutable","stringAttributeConstraints","maxLength","minLength","opts","protect","userPoolClient","UserPoolClient","userPoolId","output","id","accessTokenValidity","idTokenValidity","refreshTokenValidity","tokenValidityUnits","accessToken","idToken","refreshToken"],"sources":["CoreCognito.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport interface CoreCognitoParams {\n protect: boolean;\n useEmailAsUsername: boolean;\n}\n\nexport type CoreCognito = PulumiAppModule<typeof CoreCognito>;\n\nexport const CoreCognito = createAppModule({\n name: \"Cognito\",\n config(app: PulumiApp, params: CoreCognitoParams) {\n const userPool = app.addResource(aws.cognito.UserPool, {\n name: \"user-pool\",\n config: {\n passwordPolicy: {\n minimumLength: 8,\n requireLowercase: false,\n requireNumbers: false,\n requireSymbols: false,\n requireUppercase: false,\n temporaryPasswordValidityDays: 7\n },\n adminCreateUserConfig: {\n allowAdminCreateUserOnly: true\n },\n autoVerifiedAttributes: [\"email\"],\n emailConfiguration: {\n emailSendingAccount: \"COGNITO_DEFAULT\"\n },\n // In a legacy setup we use email as username.\n // We need to provide a way for users to have this setup,\n // because changing it would require whole cognito pool to be recreated.\n usernameAttributes: params.useEmailAsUsername ? [\"email\"] : undefined,\n aliasAttributes: params.useEmailAsUsername ? undefined : [\"preferred_username\"],\n lambdaConfig: {},\n mfaConfiguration: \"OFF\",\n userPoolAddOns: {\n advancedSecurityMode: \"OFF\" /* required */\n },\n verificationMessageTemplate: {\n defaultEmailOption: \"CONFIRM_WITH_CODE\"\n },\n accountRecoverySetting: {\n recoveryMechanisms: [{ name: \"verified_email\", priority: 1 }]\n },\n schemas: [\n {\n attributeDataType: \"String\",\n name: \"email\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"family_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"given_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"id\",\n required: false,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"36\",\n minLength: \"0\"\n }\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n const userPoolClient = app.addResource(aws.cognito.UserPoolClient, {\n name: \"user-pool-client\",\n config: {\n userPoolId: userPool.output.id,\n accessTokenValidity: 60,\n idTokenValidity: 60,\n refreshTokenValidity: 30,\n tokenValidityUnits: {\n accessToken: \"minutes\",\n idToken: \"minutes\",\n refreshToken: \"days\"\n }\n }\n });\n\n return {\n userPool,\n userPoolClient\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AASO,MAAME,WAAW,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,uBAAe,EAAC;EACvCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,QAAQ,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACC,QAAQ,EAAE;MACnDP,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJO,cAAc,EAAE;UACZC,aAAa,EAAE,CAAC;UAChBC,gBAAgB,EAAE,KAAK;UACvBC,cAAc,EAAE,KAAK;UACrBC,cAAc,EAAE,KAAK;UACrBC,gBAAgB,EAAE,KAAK;UACvBC,6BAA6B,EAAE;QACnC,CAAC;QACDC,qBAAqB,EAAE;UACnBC,wBAAwB,EAAE;QAC9B,CAAC;QACDC,sBAAsB,EAAE,CAAC,OAAO,CAAC;QACjCC,kBAAkB,EAAE;UAChBC,mBAAmB,EAAE;QACzB,CAAC;QACD;QACA;QACA;QACAC,kBAAkB,EAAEjB,MAAM,CAACkB,kBAAkB,GAAG,CAAC,OAAO,CAAC,GAAGC,SAAS;QACrEC,eAAe,EAAEpB,MAAM,CAACkB,kBAAkB,GAAGC,SAAS,GAAG,CAAC,oBAAoB,CAAC;QAC/EE,YAAY,EAAE,CAAC,CAAC;QAChBC,gBAAgB,EAAE,KAAK;QACvBC,cAAc,EAAE;UACZC,oBAAoB,EAAE,KAAK,CAAC;QAChC,CAAC;QACDC,2BAA2B,EAAE;UACzBC,kBAAkB,EAAE;QACxB,CAAC;QACDC,sBAAsB,EAAE;UACpBC,kBAAkB,EAAE,CAAC;YAAE/B,IAAI,EAAE,gBAAgB;YAAEgC,QAAQ,EAAE;UAAE,CAAC;QAChE,CAAC;QACDC,OAAO,EAAE,CACL;UACIC,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,OAAO;UACbmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,aAAa;UACnBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,YAAY;UAClBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,IAAI;UACVmC,QAAQ,EAAE,KAAK;UACfC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,IAAI;YACfC,SAAS,EAAE;UACf;QACJ,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEvC,MAAM,CAACuC;MACpB;IACJ,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGzC,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACsC,cAAc,EAAE;MAC/D5C,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJ4C,UAAU,EAAEzC,QAAQ,CAAC0C,MAAM,CAACC,EAAE;QAC9BC,mBAAmB,EAAE,EAAE;QACvBC,eAAe,EAAE,EAAE;QACnBC,oBAAoB,EAAE,EAAE;QACxBC,kBAAkB,EAAE;UAChBC,WAAW,EAAE,SAAS;UACtBC,OAAO,EAAE,SAAS;UAClBC,YAAY,EAAE;QAClB;MACJ;IACJ,CAAC,CAAC;IAEF,OAAO;MACHlD,QAAQ;MACRuC;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
export interface WatchCommandParams {
|
|
3
|
+
deploymentId: pulumi.Output<string>;
|
|
4
|
+
}
|
|
5
|
+
export declare const WatchCommand: import("@webiny/pulumi").PulumiAppModuleDefinition<{
|
|
6
|
+
iotAuthorizerFunction: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/lambda/function").Function>;
|
|
7
|
+
}, WatchCommandParams>;
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
|
|
4
|
+
var _interopRequireWildcard = require("@babel/runtime/helpers/interopRequireWildcard").default;
|
|
5
|
+
Object.defineProperty(exports, "__esModule", {
|
|
6
|
+
value: true
|
|
7
|
+
});
|
|
8
|
+
exports.WatchCommand = void 0;
|
|
9
|
+
var aws = _interopRequireWildcard(require("@pulumi/aws"));
|
|
10
|
+
var _pulumi = require("@webiny/pulumi");
|
|
11
|
+
var _constants = require("../../constants");
|
|
12
|
+
var pulumi = _interopRequireWildcard(require("@pulumi/pulumi"));
|
|
13
|
+
var _path = _interopRequireDefault(require("path"));
|
|
14
|
+
var _ = require("./..");
|
|
15
|
+
const WatchCommand = exports.WatchCommand = (0, _pulumi.createAppModule)({
|
|
16
|
+
name: "WatchCommand",
|
|
17
|
+
config(app, params) {
|
|
18
|
+
const roleName = "iot-authorizer-lambda-role";
|
|
19
|
+
const role = app.addResource(aws.iam.Role, {
|
|
20
|
+
name: roleName,
|
|
21
|
+
config: {
|
|
22
|
+
assumeRolePolicy: {
|
|
23
|
+
Version: "2012-10-17",
|
|
24
|
+
Statement: [{
|
|
25
|
+
Action: "sts:AssumeRole",
|
|
26
|
+
Principal: {
|
|
27
|
+
Service: "lambda.amazonaws.com"
|
|
28
|
+
},
|
|
29
|
+
Effect: "Allow"
|
|
30
|
+
}]
|
|
31
|
+
}
|
|
32
|
+
},
|
|
33
|
+
meta: {
|
|
34
|
+
isLambdaFunctionRole: true
|
|
35
|
+
}
|
|
36
|
+
});
|
|
37
|
+
const vpc = app.getModule(_.CoreVpc, {
|
|
38
|
+
optional: true
|
|
39
|
+
});
|
|
40
|
+
|
|
41
|
+
// Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.
|
|
42
|
+
if (vpc) {
|
|
43
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
44
|
+
name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,
|
|
45
|
+
config: {
|
|
46
|
+
role: role.output,
|
|
47
|
+
policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole
|
|
48
|
+
}
|
|
49
|
+
});
|
|
50
|
+
} else {
|
|
51
|
+
app.addResource(aws.iam.RolePolicyAttachment, {
|
|
52
|
+
name: `${roleName}-AWSLambdaBasicExecutionRole`,
|
|
53
|
+
config: {
|
|
54
|
+
role: role.output,
|
|
55
|
+
policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole
|
|
56
|
+
}
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
const iotAuthorizerFunction = app.addResource(aws.lambda.Function, {
|
|
60
|
+
name: "watch-command-iot-authorizer",
|
|
61
|
+
config: {
|
|
62
|
+
role: role.output.arn,
|
|
63
|
+
runtime: _constants.LAMBDA_RUNTIME,
|
|
64
|
+
handler: "handler.handler",
|
|
65
|
+
timeout: 10,
|
|
66
|
+
memorySize: 128,
|
|
67
|
+
description: "Authorizes 'webiny watch' command communication.",
|
|
68
|
+
code: new pulumi.asset.AssetArchive({
|
|
69
|
+
".": new pulumi.asset.FileArchive(_path.default.join(__dirname, "webinyWatchCommand"))
|
|
70
|
+
}),
|
|
71
|
+
environment: {
|
|
72
|
+
variables: {
|
|
73
|
+
WEBINY_WATCH_COMMAND_TOPIC: params.deploymentId.apply(deploymentId => {
|
|
74
|
+
return `webiny-watch-${deploymentId}`;
|
|
75
|
+
})
|
|
76
|
+
}
|
|
77
|
+
},
|
|
78
|
+
vpcConfig: vpc ? {
|
|
79
|
+
subnetIds: vpc.subnets.private.map(s => s.output.id),
|
|
80
|
+
securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]
|
|
81
|
+
} : undefined
|
|
82
|
+
}
|
|
83
|
+
});
|
|
84
|
+
const iotAuthorizer = app.addResource(aws.iot.Authorizer, {
|
|
85
|
+
name: "watch-command-iot-authorizer",
|
|
86
|
+
config: {
|
|
87
|
+
signingDisabled: true,
|
|
88
|
+
authorizerFunctionArn: iotAuthorizerFunction.output.arn,
|
|
89
|
+
status: "ACTIVE"
|
|
90
|
+
}
|
|
91
|
+
});
|
|
92
|
+
app.addResource(aws.lambda.Permission, {
|
|
93
|
+
name: "webiny-watch-iot-authorizer",
|
|
94
|
+
config: {
|
|
95
|
+
principal: "iot.amazonaws.com",
|
|
96
|
+
function: iotAuthorizerFunction.output.arn,
|
|
97
|
+
sourceArn: iotAuthorizer.output.arn,
|
|
98
|
+
action: "lambda:InvokeFunction"
|
|
99
|
+
}
|
|
100
|
+
});
|
|
101
|
+
app.addOutputs({
|
|
102
|
+
iotAuthorizerName: iotAuthorizer.output.name
|
|
103
|
+
});
|
|
104
|
+
return {
|
|
105
|
+
iotAuthorizerFunction
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
});
|
|
109
|
+
|
|
110
|
+
//# sourceMappingURL=WatchCommand.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_constants","pulumi","_path","_interopRequireDefault","_","WatchCommand","exports","createAppModule","name","config","app","params","roleName","role","addResource","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","vpc","getModule","CoreVpc","optional","RolePolicyAttachment","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","iotAuthorizerFunction","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","asset","AssetArchive","FileArchive","path","join","__dirname","environment","variables","WEBINY_WATCH_COMMAND_TOPIC","deploymentId","apply","vpcConfig","subnetIds","subnets","private","map","s","id","securityGroupIds","defaultSecurityGroupId","undefined","iotAuthorizer","iot","Authorizer","signingDisabled","authorizerFunctionArn","status","Permission","principal","function","sourceArn","action","addOutputs","iotAuthorizerName"],"sources":["WatchCommand.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp } from \"@webiny/pulumi\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport path from \"path\";\nimport { CoreVpc } from \"~/apps\";\n\nexport interface WatchCommandParams {\n deploymentId: pulumi.Output<string>;\n}\n\nexport const WatchCommand = createAppModule({\n name: \"WatchCommand\",\n config(app: PulumiApp, params: WatchCommandParams) {\n const roleName = \"iot-authorizer-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n const iotAuthorizerFunction = app.addResource(aws.lambda.Function, {\n name: \"watch-command-iot-authorizer\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 10,\n memorySize: 128,\n description: \"Authorizes 'webiny watch' command communication.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(path.join(__dirname, \"webinyWatchCommand\"))\n }),\n environment: {\n variables: {\n WEBINY_WATCH_COMMAND_TOPIC: params.deploymentId.apply(deploymentId => {\n return `webiny-watch-${deploymentId}`;\n })\n }\n },\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const iotAuthorizer = app.addResource(aws.iot.Authorizer, {\n name: \"watch-command-iot-authorizer\",\n config: {\n signingDisabled: true,\n authorizerFunctionArn: iotAuthorizerFunction.output.arn,\n status: \"ACTIVE\"\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"webiny-watch-iot-authorizer\",\n config: {\n principal: \"iot.amazonaws.com\",\n function: iotAuthorizerFunction.output.arn,\n sourceArn: iotAuthorizer.output.arn,\n action: \"lambda:InvokeFunction\"\n }\n });\n\n app.addOutputs({\n iotAuthorizerName: iotAuthorizer.output.name\n });\n\n return { iotAuthorizerFunction };\n }\n});\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,KAAA,GAAAC,sBAAA,CAAAL,OAAA;AACA,IAAAM,CAAA,GAAAN,OAAA;AAMO,MAAMO,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAAE,uBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAEC,MAA0B,EAAE;IAC/C,MAAMC,QAAQ,GAAG,4BAA4B;IAE7C,MAAMC,IAAI,GAAGH,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACC,IAAI,EAAE;MACvCR,IAAI,EAAEI,QAAQ;MACdH,MAAM,EAAE;QACJQ,gBAAgB,EAAE;UACdC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,MAAM,EAAE,gBAAgB;YACxBC,SAAS,EAAE;cACPC,OAAO,EAAE;YACb,CAAC;YACDC,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDC,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,GAAG,GAAGhB,GAAG,CAACiB,SAAS,CAACC,SAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;;IAEtD;IACA,IAAIH,GAAG,EAAE;MACLhB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAG,GAAEI,QAAS,kCAAiC;QACnDH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHxB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAG,GAAEI,QAAS,8BAA6B;QAC/CH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEA,MAAMC,qBAAqB,GAAG1B,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACC,QAAQ,EAAE;MAC/D9B,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,WAAW,EAAE,kDAAkD;QAC/DC,IAAI,EAAE,IAAI7C,MAAM,CAAC8C,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI/C,MAAM,CAAC8C,KAAK,CAACE,WAAW,CAACC,aAAI,CAACC,IAAI,CAACC,SAAS,EAAE,oBAAoB,CAAC;QAChF,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,0BAA0B,EAAE5C,MAAM,CAAC6C,YAAY,CAACC,KAAK,CAACD,YAAY,IAAI;cAClE,OAAQ,gBAAeA,YAAa,EAAC;YACzC,CAAC;UACL;QACJ,CAAC;QACDE,SAAS,EAAEhC,GAAG,GACR;UACIiC,SAAS,EAAEjC,GAAG,CAACkC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAAChC,MAAM,CAACiC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACK,MAAM,CAACmC,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAMC,aAAa,GAAG1D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyE,GAAG,CAACC,UAAU,EAAE;MACtD9D,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJ8D,eAAe,EAAE,IAAI;QACrBC,qBAAqB,EAAEpC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QACvDkC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEF/D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACqC,UAAU,EAAE;MACnClE,IAAI,EAAE,6BAA6B;MACnCC,MAAM,EAAE;QACJkE,SAAS,EAAE,mBAAmB;QAC9BC,QAAQ,EAAExC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QAC1CsC,SAAS,EAAET,aAAa,CAACrC,MAAM,CAACQ,GAAG;QACnCuC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEFpE,GAAG,CAACqE,UAAU,CAAC;MACXC,iBAAiB,EAAEZ,aAAa,CAACrC,MAAM,CAACvB;IAC5C,CAAC,CAAC;IAEF,OAAO;MAAE4B;IAAsB,CAAC;EACpC;AACJ,CAAC,CAAC","ignoreList":[]}
|
|
@@ -14,16 +14,22 @@ var _CoreOpenSearch = require("./CoreOpenSearch");
|
|
|
14
14
|
var _CoreEventBus = require("./CoreEventBus");
|
|
15
15
|
var _CoreFileManager = require("./CoreFileManager");
|
|
16
16
|
var _CoreVpc = require("./CoreVpc");
|
|
17
|
+
var _WatchCommand = require("./WatchCommand");
|
|
17
18
|
var _utils = require("../../utils");
|
|
18
19
|
var _withServiceManifest = require("../../utils/withServiceManifest");
|
|
19
20
|
var _addServiceManifestTableItem = require("../../utils/addServiceManifestTableItem");
|
|
20
21
|
var _constants = require("../../constants");
|
|
22
|
+
var random = _interopRequireWildcard(require("@pulumi/random"));
|
|
23
|
+
var _featureFlags = require("@webiny/feature-flags");
|
|
21
24
|
function createCorePulumiApp(projectAppParams = {}) {
|
|
22
25
|
const app = (0, _pulumi.createPulumiApp)({
|
|
23
26
|
name: "core",
|
|
24
27
|
path: "apps/core",
|
|
25
28
|
config: projectAppParams,
|
|
26
29
|
program: async app => {
|
|
30
|
+
const deploymentId = new random.RandomId("deploymentId", {
|
|
31
|
+
byteLength: 8
|
|
32
|
+
});
|
|
27
33
|
let searchEngineType = null;
|
|
28
34
|
let searchEngineParams = null;
|
|
29
35
|
if (projectAppParams.openSearch) {
|
|
@@ -99,7 +105,13 @@ function createCorePulumiApp(projectAppParams = {}) {
|
|
|
99
105
|
protect
|
|
100
106
|
});
|
|
101
107
|
}
|
|
108
|
+
if (_featureFlags.featureFlags.newWatchCommand) {
|
|
109
|
+
app.addModule(_WatchCommand.WatchCommand, {
|
|
110
|
+
deploymentId: deploymentId.hex
|
|
111
|
+
});
|
|
112
|
+
}
|
|
102
113
|
app.addOutputs({
|
|
114
|
+
deploymentId: deploymentId.hex,
|
|
103
115
|
region: aws.config.region,
|
|
104
116
|
fileManagerBucketId: fileManagerBucket.output.id,
|
|
105
117
|
primaryDynamodbTableArn: dynamoDbTable.output.arn,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_CoreCognito","_CoreDynamo","_CoreElasticSearch","_CoreOpenSearch","_CoreEventBus","_CoreFileManager","_CoreVpc","_utils","_withServiceManifest","_addServiceManifestTableItem","_constants","createCorePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","searchEngineType","searchEngineParams","openSearch","getParam","elasticSearch","params","domainName","process","env","AWS_ELASTIC_SEARCH_DOMAIN_NAME","indexPrefix","ELASTIC_SEARCH_INDEX_PREFIX","pulumiResourceNamePrefix","onResource","resource","startsWith","pulumi","addHandler","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","protect","legacyConfig","legacy","dynamoDbTable","addModule","CoreDynamo","vpcEnabled","vpc","CoreVpc","cognito","CoreCognito","useEmailAsUsername","eventBus","CoreEventBus","bucket","fileManagerBucket","CoreFileManger","OpenSearch","ElasticSearch","addOutputs","region","fileManagerBucketId","output","id","primaryDynamodbTableArn","arn","primaryDynamodbTableName","primaryDynamodbTableHashKey","hashKey","primaryDynamodbTableRangeKey","rangeKey","cognitoUserPoolId","userPool","cognitoUserPoolArn","cognitoUserPoolPasswordPolicy","passwordPolicy","cognitoAppClientId","userPoolClient","eventBusName","eventBusArn","tagResources","WbyProjectName","String","WbyEnvironment","withServiceManifest","manifests","dynamoTable","resources","table","tableName","forEach","manifest","addServiceManifestTableItem"],"sources":["createCorePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createPulumiApp, PulumiAppParam } from \"@webiny/pulumi\";\nimport { CoreCognito } from \"./CoreCognito\";\nimport { CoreDynamo } from \"./CoreDynamo\";\nimport { ElasticSearch } from \"./CoreElasticSearch\";\nimport { OpenSearch } from \"./CoreOpenSearch\";\nimport { CoreEventBus } from \"./CoreEventBus\";\nimport { CoreFileManger } from \"./CoreFileManager\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { tagResources } from \"~/utils\";\nimport { withServiceManifest } from \"~/utils/withServiceManifest\";\nimport { addServiceManifestTableItem, TableDefinition } from \"~/utils/addServiceManifestTableItem\";\nimport { DEFAULT_PROD_ENV_NAMES } from \"~/constants\";\n\nexport type CorePulumiApp = ReturnType<typeof createCorePulumiApp>;\n\nexport interface CreateCorePulumiAppParams {\n /**\n * Secures against deleting database by accident.\n * By default enabled in production environments.\n */\n protect?: PulumiAppParam<boolean>;\n\n /**\n * Enables ElasticSearch infrastructure.\n * Note that it requires also changes in application code.\n */\n elasticSearch?: PulumiAppParam<\n | boolean\n | Partial<{\n domainName: string;\n indexPrefix: string;\n }>\n >;\n\n /**\n * Enables OpenSearch infrastructure.\n * Note that it requires also changes in application code.\n */\n openSearch?: PulumiAppParam<\n | boolean\n | Partial<{\n domainName: string;\n indexPrefix: string;\n }>\n >;\n\n /**\n * Enables VPC for the application.\n * By default enabled in production environments.\n */\n vpc?: PulumiAppParam<boolean>;\n\n /**\n * Additional settings for backwards compatibility.\n */\n legacy?: PulumiAppParam<CoreAppLegacyConfig>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: CorePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport interface CoreAppLegacyConfig {\n useEmailAsUsername?: boolean;\n}\n\nexport function createCorePulumiApp(projectAppParams: CreateCorePulumiAppParams = {}) {\n const app = createPulumiApp({\n name: \"core\",\n path: \"apps/core\",\n config: projectAppParams,\n program: async app => {\n let searchEngineType: \"openSearch\" | \"elasticSearch\" | null = null;\n let searchEngineParams:\n | CreateCorePulumiAppParams[\"openSearch\"]\n | CreateCorePulumiAppParams[\"elasticSearch\"]\n | null = null;\n\n if (projectAppParams.openSearch) {\n searchEngineParams = app.getParam(projectAppParams.openSearch);\n searchEngineType = \"openSearch\";\n } else if (projectAppParams.elasticSearch) {\n searchEngineParams = app.getParam(projectAppParams.elasticSearch);\n searchEngineType = \"elasticSearch\";\n }\n\n if (searchEngineParams) {\n const params = app.getParam(searchEngineParams);\n if (typeof params === \"object\") {\n if (params.domainName) {\n process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME = params.domainName;\n }\n\n if (params.indexPrefix) {\n process.env.ELASTIC_SEARCH_INDEX_PREFIX = params.indexPrefix;\n }\n }\n }\n\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as unknown as CorePulumiApp);\n });\n }\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const protect = app.getParam(projectAppParams.protect) ?? isProduction;\n const legacyConfig = app.getParam(projectAppParams.legacy) || {};\n\n // Setup DynamoDB table\n const dynamoDbTable = app.addModule(CoreDynamo, { protect });\n\n // Setup VPC\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n const vpc = vpcEnabled ? app.addModule(CoreVpc) : null;\n\n // Setup Cognito\n const cognito = app.addModule(CoreCognito, {\n protect,\n useEmailAsUsername: legacyConfig.useEmailAsUsername ?? false\n });\n\n // Setup event bus\n const eventBus = app.addModule(CoreEventBus);\n\n // Setup file core bucket\n const { bucket: fileManagerBucket } = app.addModule(CoreFileManger, { protect });\n\n let elasticSearch;\n if (searchEngineType === \"openSearch\") {\n elasticSearch = app.addModule(OpenSearch, { protect });\n } else if (searchEngineType === \"elasticSearch\") {\n elasticSearch = app.addModule(ElasticSearch, { protect });\n }\n\n app.addOutputs({\n region: aws.config.region,\n fileManagerBucketId: fileManagerBucket.output.id,\n primaryDynamodbTableArn: dynamoDbTable.output.arn,\n primaryDynamodbTableName: dynamoDbTable.output.name,\n primaryDynamodbTableHashKey: dynamoDbTable.output.hashKey,\n primaryDynamodbTableRangeKey: dynamoDbTable.output.rangeKey,\n cognitoUserPoolId: cognito.userPool.output.id,\n cognitoUserPoolArn: cognito.userPool.output.arn,\n cognitoUserPoolPasswordPolicy: cognito.userPool.output.passwordPolicy,\n cognitoAppClientId: cognito.userPoolClient.output.id,\n eventBusName: eventBus.output.name,\n eventBusArn: eventBus.output.arn\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n dynamoDbTable,\n vpc,\n ...cognito,\n fileManagerBucket,\n eventBus,\n elasticSearch\n };\n }\n });\n\n return withServiceManifest(app, manifests => {\n const dynamoTable = app.resources.dynamoDbTable;\n\n const table: TableDefinition = {\n tableName: dynamoTable.output.name,\n hashKey: dynamoTable.output.hashKey,\n rangeKey: dynamoTable.output.rangeKey\n };\n\n manifests.forEach(manifest => addServiceManifestTableItem(app, table, manifest));\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,YAAA,GAAAF,OAAA;AACA,IAAAG,WAAA,GAAAH,OAAA;AACA,IAAAI,kBAAA,GAAAJ,OAAA;AACA,IAAAK,eAAA,GAAAL,OAAA;AACA,IAAAM,aAAA,GAAAN,OAAA;AACA,IAAAO,gBAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,MAAA,GAAAT,OAAA;AACA,IAAAU,oBAAA,GAAAV,OAAA;AACA,IAAAW,4BAAA,GAAAX,OAAA;AACA,IAAAY,UAAA,GAAAZ,OAAA;AAqEO,SAASa,mBAAmBA,CAACC,gBAA2C,GAAG,CAAC,CAAC,EAAE;EAClF,MAAMC,GAAG,GAAG,IAAAC,uBAAe,EAAC;IACxBC,IAAI,EAAE,MAAM;IACZC,IAAI,EAAE,WAAW;IACjBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAML,GAAG,IAAI;MAClB,IAAIM,gBAAuD,GAAG,IAAI;MAClE,IAAIC,kBAGM,GAAG,IAAI;MAEjB,IAAIR,gBAAgB,CAACS,UAAU,EAAE;QAC7BD,kBAAkB,GAAGP,GAAG,CAACS,QAAQ,CAACV,gBAAgB,CAACS,UAAU,CAAC;QAC9DF,gBAAgB,GAAG,YAAY;MACnC,CAAC,MAAM,IAAIP,gBAAgB,CAACW,aAAa,EAAE;QACvCH,kBAAkB,GAAGP,GAAG,CAACS,QAAQ,CAACV,gBAAgB,CAACW,aAAa,CAAC;QACjEJ,gBAAgB,GAAG,eAAe;MACtC;MAEA,IAAIC,kBAAkB,EAAE;QACpB,MAAMI,MAAM,GAAGX,GAAG,CAACS,QAAQ,CAACF,kBAAkB,CAAC;QAC/C,IAAI,OAAOI,MAAM,KAAK,QAAQ,EAAE;UAC5B,IAAIA,MAAM,CAACC,UAAU,EAAE;YACnBC,OAAO,CAACC,GAAG,CAACC,8BAA8B,GAAGJ,MAAM,CAACC,UAAU;UAClE;UAEA,IAAID,MAAM,CAACK,WAAW,EAAE;YACpBH,OAAO,CAACC,GAAG,CAACG,2BAA2B,GAAGN,MAAM,CAACK,WAAW;UAChE;QACJ;MACJ;MAEA,MAAME,wBAAwB,GAAGlB,GAAG,CAACS,QAAQ,CACzCV,gBAAgB,CAACmB,wBACrB,CAAC;MAED,IAAIA,wBAAwB,EAAE;QAC1BlB,GAAG,CAACmB,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAAClB,IAAI,CAACmB,UAAU,CAACH,wBAAwB,CAAC,EAAE;YACrDE,QAAQ,CAAClB,IAAI,GAAI,GAAEgB,wBAAyB,GAAEE,QAAQ,CAAClB,IAAK,EAAC;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAACuB,MAAM,EAAE;QACzBtB,GAAG,CAACuB,UAAU,CAAC,MAAM;UACjB,OAAOxB,gBAAgB,CAACuB,MAAM,CAAEtB,GAA+B,CAAC;QACpE,CAAC,CAAC;MACN;MAEA,MAAMwB,sBAAsB,GACxBxB,GAAG,CAACW,MAAM,CAACc,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;MACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAAC5B,GAAG,CAACW,MAAM,CAACkB,GAAG,CAACf,GAAG,CAAC;MAExE,MAAMgB,OAAO,GAAG9B,GAAG,CAACS,QAAQ,CAACV,gBAAgB,CAAC+B,OAAO,CAAC,IAAIH,YAAY;MACtE,MAAMI,YAAY,GAAG/B,GAAG,CAACS,QAAQ,CAACV,gBAAgB,CAACiC,MAAM,CAAC,IAAI,CAAC,CAAC;;MAEhE;MACA,MAAMC,aAAa,GAAGjC,GAAG,CAACkC,SAAS,CAACC,sBAAU,EAAE;QAAEL;MAAQ,CAAC,CAAC;;MAE5D;MACA,MAAMM,UAAU,GAAGpC,GAAG,CAACS,QAAQ,CAACV,gBAAgB,EAAEsC,GAAG,CAAC,IAAIV,YAAY;MACtE,MAAMU,GAAG,GAAGD,UAAU,GAAGpC,GAAG,CAACkC,SAAS,CAACI,gBAAO,CAAC,GAAG,IAAI;;MAEtD;MACA,MAAMC,OAAO,GAAGvC,GAAG,CAACkC,SAAS,CAACM,wBAAW,EAAE;QACvCV,OAAO;QACPW,kBAAkB,EAAEV,YAAY,CAACU,kBAAkB,IAAI;MAC3D,CAAC,CAAC;;MAEF;MACA,MAAMC,QAAQ,GAAG1C,GAAG,CAACkC,SAAS,CAACS,0BAAY,CAAC;;MAE5C;MACA,MAAM;QAAEC,MAAM,EAAEC;MAAkB,CAAC,GAAG7C,GAAG,CAACkC,SAAS,CAACY,+BAAc,EAAE;QAAEhB;MAAQ,CAAC,CAAC;MAEhF,IAAIpB,aAAa;MACjB,IAAIJ,gBAAgB,KAAK,YAAY,EAAE;QACnCI,aAAa,GAAGV,GAAG,CAACkC,SAAS,CAACa,0BAAU,EAAE;UAAEjB;QAAQ,CAAC,CAAC;MAC1D,CAAC,MAAM,IAAIxB,gBAAgB,KAAK,eAAe,EAAE;QAC7CI,aAAa,GAAGV,GAAG,CAACkC,SAAS,CAACc,gCAAa,EAAE;UAAElB;QAAQ,CAAC,CAAC;MAC7D;MAEA9B,GAAG,CAACiD,UAAU,CAAC;QACXC,MAAM,EAAEnE,GAAG,CAACqB,MAAM,CAAC8C,MAAM;QACzBC,mBAAmB,EAAEN,iBAAiB,CAACO,MAAM,CAACC,EAAE;QAChDC,uBAAuB,EAAErB,aAAa,CAACmB,MAAM,CAACG,GAAG;QACjDC,wBAAwB,EAAEvB,aAAa,CAACmB,MAAM,CAAClD,IAAI;QACnDuD,2BAA2B,EAAExB,aAAa,CAACmB,MAAM,CAACM,OAAO;QACzDC,4BAA4B,EAAE1B,aAAa,CAACmB,MAAM,CAACQ,QAAQ;QAC3DC,iBAAiB,EAAEtB,OAAO,CAACuB,QAAQ,CAACV,MAAM,CAACC,EAAE;QAC7CU,kBAAkB,EAAExB,OAAO,CAACuB,QAAQ,CAACV,MAAM,CAACG,GAAG;QAC/CS,6BAA6B,EAAEzB,OAAO,CAACuB,QAAQ,CAACV,MAAM,CAACa,cAAc;QACrEC,kBAAkB,EAAE3B,OAAO,CAAC4B,cAAc,CAACf,MAAM,CAACC,EAAE;QACpDe,YAAY,EAAE1B,QAAQ,CAACU,MAAM,CAAClD,IAAI;QAClCmE,WAAW,EAAE3B,QAAQ,CAACU,MAAM,CAACG;MACjC,CAAC,CAAC;MAEF,IAAAe,mBAAY,EAAC;QACTC,cAAc,EAAEC,MAAM,CAAC3D,OAAO,CAACC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAC1D2D,cAAc,EAAED,MAAM,CAAC3D,OAAO,CAACC,GAAG,CAAC,YAAY,CAAC;MACpD,CAAC,CAAC;MAEF,OAAO;QACHmB,aAAa;QACbI,GAAG;QACH,GAAGE,OAAO;QACVM,iBAAiB;QACjBH,QAAQ;QACRhC;MACJ,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,OAAO,IAAAgE,wCAAmB,EAAC1E,GAAG,EAAE2E,SAAS,IAAI;IACzC,MAAMC,WAAW,GAAG5E,GAAG,CAAC6E,SAAS,CAAC5C,aAAa;IAE/C,MAAM6C,KAAsB,GAAG;MAC3BC,SAAS,EAAEH,WAAW,CAACxB,MAAM,CAAClD,IAAI;MAClCwD,OAAO,EAAEkB,WAAW,CAACxB,MAAM,CAACM,OAAO;MACnCE,QAAQ,EAAEgB,WAAW,CAACxB,MAAM,CAACQ;IACjC,CAAC;IAEDe,SAAS,CAACK,OAAO,CAACC,QAAQ,IAAI,IAAAC,wDAA2B,EAAClF,GAAG,EAAE8E,KAAK,EAAEG,QAAQ,CAAC,CAAC;EACpF,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_CoreCognito","_CoreDynamo","_CoreElasticSearch","_CoreOpenSearch","_CoreEventBus","_CoreFileManager","_CoreVpc","_WatchCommand","_utils","_withServiceManifest","_addServiceManifestTableItem","_constants","random","_featureFlags","createCorePulumiApp","projectAppParams","app","createPulumiApp","name","path","config","program","deploymentId","RandomId","byteLength","searchEngineType","searchEngineParams","openSearch","getParam","elasticSearch","params","domainName","process","env","AWS_ELASTIC_SEARCH_DOMAIN_NAME","indexPrefix","ELASTIC_SEARCH_INDEX_PREFIX","pulumiResourceNamePrefix","onResource","resource","startsWith","pulumi","addHandler","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","protect","legacyConfig","legacy","dynamoDbTable","addModule","CoreDynamo","vpcEnabled","vpc","CoreVpc","cognito","CoreCognito","useEmailAsUsername","eventBus","CoreEventBus","bucket","fileManagerBucket","CoreFileManger","OpenSearch","ElasticSearch","featureFlags","newWatchCommand","WatchCommand","hex","addOutputs","region","fileManagerBucketId","output","id","primaryDynamodbTableArn","arn","primaryDynamodbTableName","primaryDynamodbTableHashKey","hashKey","primaryDynamodbTableRangeKey","rangeKey","cognitoUserPoolId","userPool","cognitoUserPoolArn","cognitoUserPoolPasswordPolicy","passwordPolicy","cognitoAppClientId","userPoolClient","eventBusName","eventBusArn","tagResources","WbyProjectName","String","WbyEnvironment","withServiceManifest","manifests","dynamoTable","resources","table","tableName","forEach","manifest","addServiceManifestTableItem"],"sources":["createCorePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createPulumiApp, PulumiAppParam } from \"@webiny/pulumi\";\nimport { CoreCognito } from \"./CoreCognito\";\nimport { CoreDynamo } from \"./CoreDynamo\";\nimport { ElasticSearch } from \"./CoreElasticSearch\";\nimport { OpenSearch } from \"./CoreOpenSearch\";\nimport { CoreEventBus } from \"./CoreEventBus\";\nimport { CoreFileManger } from \"./CoreFileManager\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { WatchCommand } from \"./WatchCommand\";\nimport { tagResources } from \"~/utils\";\nimport { withServiceManifest } from \"~/utils/withServiceManifest\";\nimport { addServiceManifestTableItem, TableDefinition } from \"~/utils/addServiceManifestTableItem\";\nimport { DEFAULT_PROD_ENV_NAMES } from \"~/constants\";\nimport * as random from \"@pulumi/random\";\nimport { featureFlags } from \"@webiny/feature-flags\";\n\nexport type CorePulumiApp = ReturnType<typeof createCorePulumiApp>;\n\nexport interface CreateCorePulumiAppParams {\n /**\n * Secures against deleting database by accident.\n * By default enabled in production environments.\n */\n protect?: PulumiAppParam<boolean>;\n\n /**\n * Enables ElasticSearch infrastructure.\n * Note that it requires also changes in application code.\n */\n elasticSearch?: PulumiAppParam<\n | boolean\n | Partial<{\n domainName: string;\n indexPrefix: string;\n }>\n >;\n\n /**\n * Enables OpenSearch infrastructure.\n * Note that it requires also changes in application code.\n */\n openSearch?: PulumiAppParam<\n | boolean\n | Partial<{\n domainName: string;\n indexPrefix: string;\n }>\n >;\n\n /**\n * Enables VPC for the application.\n * By default enabled in production environments.\n */\n vpc?: PulumiAppParam<boolean>;\n\n /**\n * Additional settings for backwards compatibility.\n */\n legacy?: PulumiAppParam<CoreAppLegacyConfig>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: CorePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport interface CoreAppLegacyConfig {\n useEmailAsUsername?: boolean;\n}\n\nexport function createCorePulumiApp(projectAppParams: CreateCorePulumiAppParams = {}) {\n const app = createPulumiApp({\n name: \"core\",\n path: \"apps/core\",\n config: projectAppParams,\n program: async app => {\n const deploymentId = new random.RandomId(\"deploymentId\", { byteLength: 8 });\n\n let searchEngineType: \"openSearch\" | \"elasticSearch\" | null = null;\n let searchEngineParams:\n | CreateCorePulumiAppParams[\"openSearch\"]\n | CreateCorePulumiAppParams[\"elasticSearch\"]\n | null = null;\n\n if (projectAppParams.openSearch) {\n searchEngineParams = app.getParam(projectAppParams.openSearch);\n searchEngineType = \"openSearch\";\n } else if (projectAppParams.elasticSearch) {\n searchEngineParams = app.getParam(projectAppParams.elasticSearch);\n searchEngineType = \"elasticSearch\";\n }\n\n if (searchEngineParams) {\n const params = app.getParam(searchEngineParams);\n if (typeof params === \"object\") {\n if (params.domainName) {\n process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME = params.domainName;\n }\n\n if (params.indexPrefix) {\n process.env.ELASTIC_SEARCH_INDEX_PREFIX = params.indexPrefix;\n }\n }\n }\n\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as unknown as CorePulumiApp);\n });\n }\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const protect = app.getParam(projectAppParams.protect) ?? isProduction;\n const legacyConfig = app.getParam(projectAppParams.legacy) || {};\n\n // Setup DynamoDB table\n const dynamoDbTable = app.addModule(CoreDynamo, { protect });\n\n // Setup VPC\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n const vpc = vpcEnabled ? app.addModule(CoreVpc) : null;\n\n // Setup Cognito\n const cognito = app.addModule(CoreCognito, {\n protect,\n useEmailAsUsername: legacyConfig.useEmailAsUsername ?? false\n });\n\n // Setup event bus\n const eventBus = app.addModule(CoreEventBus);\n\n // Setup file core bucket\n const { bucket: fileManagerBucket } = app.addModule(CoreFileManger, { protect });\n\n let elasticSearch;\n if (searchEngineType === \"openSearch\") {\n elasticSearch = app.addModule(OpenSearch, { protect });\n } else if (searchEngineType === \"elasticSearch\") {\n elasticSearch = app.addModule(ElasticSearch, { protect });\n }\n\n if (featureFlags.newWatchCommand) {\n app.addModule(WatchCommand, {\n deploymentId: deploymentId.hex\n });\n }\n\n app.addOutputs({\n deploymentId: deploymentId.hex,\n region: aws.config.region,\n fileManagerBucketId: fileManagerBucket.output.id,\n primaryDynamodbTableArn: dynamoDbTable.output.arn,\n primaryDynamodbTableName: dynamoDbTable.output.name,\n primaryDynamodbTableHashKey: dynamoDbTable.output.hashKey,\n primaryDynamodbTableRangeKey: dynamoDbTable.output.rangeKey,\n cognitoUserPoolId: cognito.userPool.output.id,\n cognitoUserPoolArn: cognito.userPool.output.arn,\n cognitoUserPoolPasswordPolicy: cognito.userPool.output.passwordPolicy,\n cognitoAppClientId: cognito.userPoolClient.output.id,\n eventBusName: eventBus.output.name,\n eventBusArn: eventBus.output.arn\n });\n\n tagResources({\n WbyProjectName: String(process.env[\"WEBINY_PROJECT_NAME\"]),\n WbyEnvironment: String(process.env[\"WEBINY_ENV\"])\n });\n\n return {\n dynamoDbTable,\n vpc,\n ...cognito,\n fileManagerBucket,\n eventBus,\n elasticSearch\n };\n }\n });\n\n return withServiceManifest(app, manifests => {\n const dynamoTable = app.resources.dynamoDbTable;\n\n const table: TableDefinition = {\n tableName: dynamoTable.output.name,\n hashKey: dynamoTable.output.hashKey,\n rangeKey: dynamoTable.output.rangeKey\n };\n\n manifests.forEach(manifest => addServiceManifestTableItem(app, table, manifest));\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,YAAA,GAAAF,OAAA;AACA,IAAAG,WAAA,GAAAH,OAAA;AACA,IAAAI,kBAAA,GAAAJ,OAAA;AACA,IAAAK,eAAA,GAAAL,OAAA;AACA,IAAAM,aAAA,GAAAN,OAAA;AACA,IAAAO,gBAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,aAAA,GAAAT,OAAA;AACA,IAAAU,MAAA,GAAAV,OAAA;AACA,IAAAW,oBAAA,GAAAX,OAAA;AACA,IAAAY,4BAAA,GAAAZ,OAAA;AACA,IAAAa,UAAA,GAAAb,OAAA;AACA,IAAAc,MAAA,GAAAf,uBAAA,CAAAC,OAAA;AACA,IAAAe,aAAA,GAAAf,OAAA;AAqEO,SAASgB,mBAAmBA,CAACC,gBAA2C,GAAG,CAAC,CAAC,EAAE;EAClF,MAAMC,GAAG,GAAG,IAAAC,uBAAe,EAAC;IACxBC,IAAI,EAAE,MAAM;IACZC,IAAI,EAAE,WAAW;IACjBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAML,GAAG,IAAI;MAClB,MAAMM,YAAY,GAAG,IAAIV,MAAM,CAACW,QAAQ,CAAC,cAAc,EAAE;QAAEC,UAAU,EAAE;MAAE,CAAC,CAAC;MAE3E,IAAIC,gBAAuD,GAAG,IAAI;MAClE,IAAIC,kBAGM,GAAG,IAAI;MAEjB,IAAIX,gBAAgB,CAACY,UAAU,EAAE;QAC7BD,kBAAkB,GAAGV,GAAG,CAACY,QAAQ,CAACb,gBAAgB,CAACY,UAAU,CAAC;QAC9DF,gBAAgB,GAAG,YAAY;MACnC,CAAC,MAAM,IAAIV,gBAAgB,CAACc,aAAa,EAAE;QACvCH,kBAAkB,GAAGV,GAAG,CAACY,QAAQ,CAACb,gBAAgB,CAACc,aAAa,CAAC;QACjEJ,gBAAgB,GAAG,eAAe;MACtC;MAEA,IAAIC,kBAAkB,EAAE;QACpB,MAAMI,MAAM,GAAGd,GAAG,CAACY,QAAQ,CAACF,kBAAkB,CAAC;QAC/C,IAAI,OAAOI,MAAM,KAAK,QAAQ,EAAE;UAC5B,IAAIA,MAAM,CAACC,UAAU,EAAE;YACnBC,OAAO,CAACC,GAAG,CAACC,8BAA8B,GAAGJ,MAAM,CAACC,UAAU;UAClE;UAEA,IAAID,MAAM,CAACK,WAAW,EAAE;YACpBH,OAAO,CAACC,GAAG,CAACG,2BAA2B,GAAGN,MAAM,CAACK,WAAW;UAChE;QACJ;MACJ;MAEA,MAAME,wBAAwB,GAAGrB,GAAG,CAACY,QAAQ,CACzCb,gBAAgB,CAACsB,wBACrB,CAAC;MAED,IAAIA,wBAAwB,EAAE;QAC1BrB,GAAG,CAACsB,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAACrB,IAAI,CAACsB,UAAU,CAACH,wBAAwB,CAAC,EAAE;YACrDE,QAAQ,CAACrB,IAAI,GAAI,GAAEmB,wBAAyB,GAAEE,QAAQ,CAACrB,IAAK,EAAC;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAAC0B,MAAM,EAAE;QACzBzB,GAAG,CAAC0B,UAAU,CAAC,MAAM;UACjB,OAAO3B,gBAAgB,CAAC0B,MAAM,CAAEzB,GAA+B,CAAC;QACpE,CAAC,CAAC;MACN;MAEA,MAAM2B,sBAAsB,GACxB3B,GAAG,CAACc,MAAM,CAACc,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;MACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAAC/B,GAAG,CAACc,MAAM,CAACkB,GAAG,CAACf,GAAG,CAAC;MAExE,MAAMgB,OAAO,GAAGjC,GAAG,CAACY,QAAQ,CAACb,gBAAgB,CAACkC,OAAO,CAAC,IAAIH,YAAY;MACtE,MAAMI,YAAY,GAAGlC,GAAG,CAACY,QAAQ,CAACb,gBAAgB,CAACoC,MAAM,CAAC,IAAI,CAAC,CAAC;;MAEhE;MACA,MAAMC,aAAa,GAAGpC,GAAG,CAACqC,SAAS,CAACC,sBAAU,EAAE;QAAEL;MAAQ,CAAC,CAAC;;MAE5D;MACA,MAAMM,UAAU,GAAGvC,GAAG,CAACY,QAAQ,CAACb,gBAAgB,EAAEyC,GAAG,CAAC,IAAIV,YAAY;MACtE,MAAMU,GAAG,GAAGD,UAAU,GAAGvC,GAAG,CAACqC,SAAS,CAACI,gBAAO,CAAC,GAAG,IAAI;;MAEtD;MACA,MAAMC,OAAO,GAAG1C,GAAG,CAACqC,SAAS,CAACM,wBAAW,EAAE;QACvCV,OAAO;QACPW,kBAAkB,EAAEV,YAAY,CAACU,kBAAkB,IAAI;MAC3D,CAAC,CAAC;;MAEF;MACA,MAAMC,QAAQ,GAAG7C,GAAG,CAACqC,SAAS,CAACS,0BAAY,CAAC;;MAE5C;MACA,MAAM;QAAEC,MAAM,EAAEC;MAAkB,CAAC,GAAGhD,GAAG,CAACqC,SAAS,CAACY,+BAAc,EAAE;QAAEhB;MAAQ,CAAC,CAAC;MAEhF,IAAIpB,aAAa;MACjB,IAAIJ,gBAAgB,KAAK,YAAY,EAAE;QACnCI,aAAa,GAAGb,GAAG,CAACqC,SAAS,CAACa,0BAAU,EAAE;UAAEjB;QAAQ,CAAC,CAAC;MAC1D,CAAC,MAAM,IAAIxB,gBAAgB,KAAK,eAAe,EAAE;QAC7CI,aAAa,GAAGb,GAAG,CAACqC,SAAS,CAACc,gCAAa,EAAE;UAAElB;QAAQ,CAAC,CAAC;MAC7D;MAEA,IAAImB,0BAAY,CAACC,eAAe,EAAE;QAC9BrD,GAAG,CAACqC,SAAS,CAACiB,0BAAY,EAAE;UACxBhD,YAAY,EAAEA,YAAY,CAACiD;QAC/B,CAAC,CAAC;MACN;MAEAvD,GAAG,CAACwD,UAAU,CAAC;QACXlD,YAAY,EAAEA,YAAY,CAACiD,GAAG;QAC9BE,MAAM,EAAE7E,GAAG,CAACwB,MAAM,CAACqD,MAAM;QACzBC,mBAAmB,EAAEV,iBAAiB,CAACW,MAAM,CAACC,EAAE;QAChDC,uBAAuB,EAAEzB,aAAa,CAACuB,MAAM,CAACG,GAAG;QACjDC,wBAAwB,EAAE3B,aAAa,CAACuB,MAAM,CAACzD,IAAI;QACnD8D,2BAA2B,EAAE5B,aAAa,CAACuB,MAAM,CAACM,OAAO;QACzDC,4BAA4B,EAAE9B,aAAa,CAACuB,MAAM,CAACQ,QAAQ;QAC3DC,iBAAiB,EAAE1B,OAAO,CAAC2B,QAAQ,CAACV,MAAM,CAACC,EAAE;QAC7CU,kBAAkB,EAAE5B,OAAO,CAAC2B,QAAQ,CAACV,MAAM,CAACG,GAAG;QAC/CS,6BAA6B,EAAE7B,OAAO,CAAC2B,QAAQ,CAACV,MAAM,CAACa,cAAc;QACrEC,kBAAkB,EAAE/B,OAAO,CAACgC,cAAc,CAACf,MAAM,CAACC,EAAE;QACpDe,YAAY,EAAE9B,QAAQ,CAACc,MAAM,CAACzD,IAAI;QAClC0E,WAAW,EAAE/B,QAAQ,CAACc,MAAM,CAACG;MACjC,CAAC,CAAC;MAEF,IAAAe,mBAAY,EAAC;QACTC,cAAc,EAAEC,MAAM,CAAC/D,OAAO,CAACC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAC1D+D,cAAc,EAAED,MAAM,CAAC/D,OAAO,CAACC,GAAG,CAAC,YAAY,CAAC;MACpD,CAAC,CAAC;MAEF,OAAO;QACHmB,aAAa;QACbI,GAAG;QACH,GAAGE,OAAO;QACVM,iBAAiB;QACjBH,QAAQ;QACRhC;MACJ,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,OAAO,IAAAoE,wCAAmB,EAACjF,GAAG,EAAEkF,SAAS,IAAI;IACzC,MAAMC,WAAW,GAAGnF,GAAG,CAACoF,SAAS,CAAChD,aAAa;IAE/C,MAAMiD,KAAsB,GAAG;MAC3BC,SAAS,EAAEH,WAAW,CAACxB,MAAM,CAACzD,IAAI;MAClC+D,OAAO,EAAEkB,WAAW,CAACxB,MAAM,CAACM,OAAO;MACnCE,QAAQ,EAAEgB,WAAW,CAACxB,MAAM,CAACQ;IACjC,CAAC;IAEDe,SAAS,CAACK,OAAO,CAACC,QAAQ,IAAI,IAAAC,wDAA2B,EAACzF,GAAG,EAAEqF,KAAK,EAAEG,QAAQ,CAAC,CAAC;EACpF,CAAC,CAAC;AACN","ignoreList":[]}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
export function handler(event: any): Promise<{
|
|
2
|
+
isAuthenticated: boolean;
|
|
3
|
+
principalId?: undefined;
|
|
4
|
+
policyDocuments?: undefined;
|
|
5
|
+
disconnectAfterInSeconds?: undefined;
|
|
6
|
+
refreshAfterInSeconds?: undefined;
|
|
7
|
+
} | {
|
|
8
|
+
isAuthenticated: boolean;
|
|
9
|
+
principalId: string;
|
|
10
|
+
policyDocuments: {
|
|
11
|
+
Version: string;
|
|
12
|
+
Statement: ({
|
|
13
|
+
Effect: string;
|
|
14
|
+
Action: string;
|
|
15
|
+
Resource: string;
|
|
16
|
+
} | {
|
|
17
|
+
Effect: string;
|
|
18
|
+
Action: string;
|
|
19
|
+
Resource: string[];
|
|
20
|
+
} | {
|
|
21
|
+
Effect: string;
|
|
22
|
+
Action: string[];
|
|
23
|
+
Resource: string[];
|
|
24
|
+
})[];
|
|
25
|
+
}[];
|
|
26
|
+
disconnectAfterInSeconds: number;
|
|
27
|
+
refreshAfterInSeconds: number;
|
|
28
|
+
}>;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
exports.handler = async event => {
|
|
4
|
+
const urlParams = new URLSearchParams(event.protocolData.http.queryString);
|
|
5
|
+
const WEBINY_WATCH_COMMAND_TOPIC = process.env.WEBINY_WATCH_COMMAND_TOPIC;
|
|
6
|
+
if (urlParams.get("x-webiny-watch-command-topic") !== WEBINY_WATCH_COMMAND_TOPIC) {
|
|
7
|
+
return {
|
|
8
|
+
isAuthenticated: false
|
|
9
|
+
};
|
|
10
|
+
}
|
|
11
|
+
return {
|
|
12
|
+
isAuthenticated: true,
|
|
13
|
+
principalId: "Unauthenticated",
|
|
14
|
+
policyDocuments: [{
|
|
15
|
+
Version: "2012-10-17",
|
|
16
|
+
Statement: [{
|
|
17
|
+
Effect: "Allow",
|
|
18
|
+
Action: "iot:Connect",
|
|
19
|
+
Resource: "arn:aws:iot:*:*:client/*"
|
|
20
|
+
}, {
|
|
21
|
+
Effect: "Allow",
|
|
22
|
+
Action: "iot:Subscribe",
|
|
23
|
+
Resource: [`arn:aws:iot:*:*:topicfilter/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
24
|
+
}, {
|
|
25
|
+
Effect: "Allow",
|
|
26
|
+
Action: "iot:Publish",
|
|
27
|
+
Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
28
|
+
}, {
|
|
29
|
+
Effect: "Allow",
|
|
30
|
+
Action: ["iot:Receive"],
|
|
31
|
+
Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]
|
|
32
|
+
}]
|
|
33
|
+
}],
|
|
34
|
+
disconnectAfterInSeconds: 3600,
|
|
35
|
+
refreshAfterInSeconds: 300
|
|
36
|
+
};
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
//# sourceMappingURL=handler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["exports","handler","event","urlParams","URLSearchParams","protocolData","http","queryString","WEBINY_WATCH_COMMAND_TOPIC","process","env","get","isAuthenticated","principalId","policyDocuments","Version","Statement","Effect","Action","Resource","disconnectAfterInSeconds","refreshAfterInSeconds"],"sources":["handler.js"],"sourcesContent":["exports.handler = async event => {\n const urlParams = new URLSearchParams(event.protocolData.http.queryString);\n\n const WEBINY_WATCH_COMMAND_TOPIC = process.env.WEBINY_WATCH_COMMAND_TOPIC;\n if (urlParams.get(\"x-webiny-watch-command-topic\") !== WEBINY_WATCH_COMMAND_TOPIC) {\n return {\n isAuthenticated: false\n };\n }\n\n return {\n isAuthenticated: true,\n principalId: \"Unauthenticated\",\n policyDocuments: [\n {\n Version: \"2012-10-17\",\n Statement: [\n {\n Effect: \"Allow\",\n Action: \"iot:Connect\",\n Resource: \"arn:aws:iot:*:*:client/*\"\n },\n {\n Effect: \"Allow\",\n Action: \"iot:Subscribe\",\n Resource: [`arn:aws:iot:*:*:topicfilter/${WEBINY_WATCH_COMMAND_TOPIC}`]\n },\n {\n Effect: \"Allow\",\n Action: \"iot:Publish\",\n Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]\n },\n {\n Effect: \"Allow\",\n Action: [\"iot:Receive\"],\n Resource: [`arn:aws:iot:*:*:topic/${WEBINY_WATCH_COMMAND_TOPIC}`]\n }\n ]\n }\n ],\n disconnectAfterInSeconds: 3600,\n refreshAfterInSeconds: 300\n };\n};\n"],"mappings":";;AAAAA,OAAO,CAACC,OAAO,GAAG,MAAMC,KAAK,IAAI;EAC7B,MAAMC,SAAS,GAAG,IAAIC,eAAe,CAACF,KAAK,CAACG,YAAY,CAACC,IAAI,CAACC,WAAW,CAAC;EAE1E,MAAMC,0BAA0B,GAAGC,OAAO,CAACC,GAAG,CAACF,0BAA0B;EACzE,IAAIL,SAAS,CAACQ,GAAG,CAAC,8BAA8B,CAAC,KAAKH,0BAA0B,EAAE;IAC9E,OAAO;MACHI,eAAe,EAAE;IACrB,CAAC;EACL;EAEA,OAAO;IACHA,eAAe,EAAE,IAAI;IACrBC,WAAW,EAAE,iBAAiB;IAC9BC,eAAe,EAAE,CACb;MACIC,OAAO,EAAE,YAAY;MACrBC,SAAS,EAAE,CACP;QACIC,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,aAAa;QACrBC,QAAQ,EAAE;MACd,CAAC,EACD;QACIF,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,eAAe;QACvBC,QAAQ,EAAE,CAAE,+BAA8BX,0BAA2B,EAAC;MAC1E,CAAC,EACD;QACIS,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,aAAa;QACrBC,QAAQ,EAAE,CAAE,yBAAwBX,0BAA2B,EAAC;MACpE,CAAC,EACD;QACIS,MAAM,EAAE,OAAO;QACfC,MAAM,EAAE,CAAC,aAAa,CAAC;QACvBC,QAAQ,EAAE,CAAE,yBAAwBX,0BAA2B,EAAC;MACpE,CAAC;IAET,CAAC,CACJ;IACDY,wBAAwB,EAAE,IAAI;IAC9BC,qBAAqB,EAAE;EAC3B,CAAC;AACL,CAAC","ignoreList":[]}
|
|
@@ -80,7 +80,7 @@ function createRenderSubscriber(app, policy, params) {
|
|
|
80
80
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
81
81
|
handler: "handler.handler",
|
|
82
82
|
timeout: 30,
|
|
83
|
-
memorySize:
|
|
83
|
+
memorySize: 1024,
|
|
84
84
|
environment: {
|
|
85
85
|
variables: (0, _lambdaUtils.getCommonLambdaEnvVariables)().apply(value => ({
|
|
86
86
|
...value,
|
|
@@ -192,7 +192,7 @@ function createFlushService(app, policy, params) {
|
|
|
192
192
|
runtime: _constants.LAMBDA_RUNTIME,
|
|
193
193
|
handler: "handler.handler",
|
|
194
194
|
timeout: 30,
|
|
195
|
-
memorySize:
|
|
195
|
+
memorySize: 1024,
|
|
196
196
|
environment: {
|
|
197
197
|
variables: (0, _lambdaUtils.getCommonLambdaEnvVariables)().apply(value => ({
|
|
198
198
|
...value,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_clientDynamodb","_awsLayers","_lambdaUtils","_common","_awsUtils","_constants","createPrerenderingService","app","params","queue","addResource","sqs","Queue","name","config","visibilityTimeoutSeconds","fifoQueue","policy","createLambdaPolicy","output","renderer","createRenderer","subscriber","createRenderSubscriber","flush","createFlushService","settings","createPrerenderingSettingsDbItem","tableItem","dynamodb","TableItem","tableName","dbTableName","hashKey","dbTableHashKey","rangeKey","dbTableRangeKey","item","interpolate","run","variant","appUrl","deliveryUrl","bucket","cloudfrontId","url","apply","v","JSON","stringify","marshall","parse","core","getModule","CoreOutput","role","createLambdaRole","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","getCommonLambdaEnvVariables","value","DB_TABLE","description","code","asset","AssetArchive","FileArchive","join","paths","workspace","vpcConfig","VpcConfig","functionVpcConfig","eventRule","cloudwatch","EventRule","eventBusName","eventBusArn","eventPattern","eventPermission","Permission","action","function","principal","sourceArn","eventTarget","EventTarget","rule","executionRole","iam","ManagedPolicy","AWSLambdaSQSQueueExecutionRole","layers","getLayerArn","eventSourceMapping","EventSourceMapping","functionName","eventSourceArn","batchSize","awsAccountId","getAwsAccountId","Policy","Version","Statement","Sid","Effect","Action","Resource","s","resources","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","push"],"sources":["WebsitePrerendering.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { marshall } from \"@webiny/aws-sdk/client-dynamodb\";\n\nimport { PulumiApp } from \"@webiny/pulumi\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PreRenderingServiceParams {\n dbTableName: pulumi.Output<string>;\n dbTableHashKey: pulumi.Output<string>;\n dbTableRangeKey: pulumi.Output<string>;\n appUrl: pulumi.Output<string>;\n deliveryUrl: pulumi.Output<string>;\n bucket: pulumi.Output<string>;\n cloudfrontId: pulumi.Output<string>;\n}\n\nexport function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams) {\n const queue = app.addResource(aws.sqs.Queue, {\n name: \"ps-render-queue\",\n config: {\n visibilityTimeoutSeconds: 300,\n fifoQueue: true\n }\n });\n\n const policy = createLambdaPolicy(app, queue.output, params);\n const renderer = createRenderer(app, queue.output, policy.output, params);\n const subscriber = createRenderSubscriber(app, policy.output, params);\n const flush = createFlushService(app, policy.output, params);\n const settings = createPrerenderingSettingsDbItem(app, queue.output, params);\n\n return {\n subscriber,\n renderer,\n flush,\n settings\n };\n}\n\nfunction createPrerenderingSettingsDbItem(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n /**\n * To handle everything related to prerendering, we need the following information:\n * - appUrl - SPA URL used to prerender HTML\n * - bucket - name of the S3 bucket used for storage of HTML snapshots\n * - cloudfrontId - for cache invalidation\n * - sqsQueueUrl - an SQS queue for prerendering tasks (messages)\n */\n const tableItem = app.addResource(aws.dynamodb.TableItem, {\n name: \"psSettings\",\n config: {\n tableName: params.dbTableName,\n hashKey: params.dbTableHashKey,\n rangeKey: params.dbTableRangeKey,\n item: pulumi.interpolate`{\n \"PK\": \"PS#SETTINGS\",\n \"SK\": \"${app.params.run.variant || \"default\"}\",\n \"data\": {\n \"appUrl\": \"${params.appUrl}\",\n \"deliveryUrl\": \"${params.deliveryUrl}\",\n \"bucket\": \"${params.bucket}\",\n \"cloudfrontId\": \"${params.cloudfrontId}\",\n \"sqsQueueUrl\": \"${queue.url}\"\n }\n }`\n // We're using the native DynamoDB converter to avoid building those nested objects ourselves.\n .apply(v => JSON.stringify(marshall(JSON.parse(v))))\n }\n });\n\n return { tableItem };\n}\n\nfunction createRenderSubscriber(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-render-subscriber-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-subscriber-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Subscribes to render events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/subscribe/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * TODO: when we get to staged rollouts and variants, maybe we can create per-variant event rules,\n * to avoid invocation of all variant lambdas just to do a `detail-type` check and exit early.\n * That way, we would be publishing events scoped to a variant, like \"RenderPages-{variant}\".\n */\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-render-subscriber-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"RenderPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-render-subscriber-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-render-subscriber-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createRenderer(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const role = createLambdaRole(app, {\n name: \"ps-render-lambda-role\",\n policy: policy,\n executionRole: aws.iam.ManagedPolicy.AWSLambdaSQSQueueExecutionRole\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 300,\n memorySize: 2048,\n layers: [getLayerArn(\"chromium\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Renders pages and stores output in an S3 bucket of choice.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/render/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"ps-render-event-source-mapping\",\n config: {\n functionName: lambda.output.arn,\n eventSourceArn: queue.arn,\n batchSize: 1\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventSourceMapping\n };\n}\n\nfunction createFlushService(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-flush-lambda-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-flush-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Subscribes to flush events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/flush/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-flush-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"FlushPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-flush-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-flush-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createLambdaPolicy(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ps-lambda-policy\",\n config: {\n description: \"This policy enables access to Lambda, S3, Cloudfront, SQS and Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: core.apply(s => {\n // Add permissions to DynamoDB table\n const resources = [\n `${s.primaryDynamodbTableArn}`,\n `${s.primaryDynamodbTableArn}/*`\n ];\n\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n if (s.elasticsearchDynamodbTableArn) {\n resources.push(\n `${s.elasticsearchDynamodbTableArn}`,\n `${s.elasticsearchDynamodbTableArn}/*`\n );\n }\n\n return resources;\n })\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\"s3:DeleteObject\", \"s3:GetObject\", \"s3:PutObject\"],\n Resource: [pulumi.interpolate`arn:aws:s3:::${params.bucket}/*`]\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n {\n Sid: \"PermissionForSQS\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\", \"sqs:SendMessageBatch\"],\n Resource: queue.arn\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AAGA,IAAAI,UAAA,GAAAJ,OAAA;AAEA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAYO,SAASS,yBAAyBA,CAACC,GAAc,EAAEC,MAAiC,EAAE;EACzF,MAAMC,KAAK,GAAGF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,KAAK,EAAE;IACzCC,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJC,wBAAwB,EAAE,GAAG;MAC7BC,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,kBAAkB,CAACX,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMY,QAAQ,GAAGC,cAAc,CAACd,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEF,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACzE,MAAMc,UAAU,GAAGC,sBAAsB,CAAChB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACrE,MAAMgB,KAAK,GAAGC,kBAAkB,CAAClB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMkB,QAAQ,GAAGC,gCAAgC,CAACpB,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAE5E,OAAO;IACHc,UAAU;IACVF,QAAQ;IACRI,KAAK;IACLE;EACJ,CAAC;AACL;AAEA,SAASC,gCAAgCA,CACrCpB,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAMoB,SAAS,GAAGrB,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC8B,QAAQ,CAACC,SAAS,EAAE;IACtDjB,IAAI,EAAE,YAAY;IAClBC,MAAM,EAAE;MACJiB,SAAS,EAAEvB,MAAM,CAACwB,WAAW;MAC7BC,OAAO,EAAEzB,MAAM,CAAC0B,cAAc;MAC9BC,QAAQ,EAAE3B,MAAM,CAAC4B,eAAe;MAChCC,IAAI,EAAEvC,MAAM,CAACwC,WAAY;AACrC;AACA,yBAAyB/B,GAAG,CAACC,MAAM,CAAC+B,GAAG,CAACC,OAAO,IAAI,SAAU;AAC7D;AACA,iCAAiChC,MAAM,CAACiC,MAAO;AAC/C,sCAAsCjC,MAAM,CAACkC,WAAY;AACzD,iCAAiClC,MAAM,CAACmC,MAAO;AAC/C,uCAAuCnC,MAAM,CAACoC,YAAa;AAC3D,sCAAsCnC,KAAK,CAACoC,GAAI;AAChD;AACA;MACgB;MAAA,CACCC,KAAK,CAACC,CAAC,IAAIC,IAAI,CAACC,SAAS,CAAC,IAAAC,wBAAQ,EAACF,IAAI,CAACG,KAAK,CAACJ,CAAC,CAAC,CAAC,CAAC;IAC3D;EACJ,CAAC,CAAC;EAEF,OAAO;IAAEnB;EAAU,CAAC;AACxB;AAEA,SAASL,sBAAsBA,CAC3BhB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,2BAA2B;IACjCI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMwC,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,6BAA6B;IACnCC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,0CAA0C;MACvDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,8BAA8B,CACjE;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;;EAEF;AACJ;AACA;AACA;AACA;;EAEI,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,iCAAiC;IACvCC,MAAM,EAAE;MACJsE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9BC,YAAY,EAAEtC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,aAAa;MACjC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMsC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC+B,UAAU,EAAE;IAC3D3E,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEjC,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC3BgC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACwC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMkC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,mCAAmC;IACzCC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9B1B,GAAG,EAAEF,MAAM,CAACtC,MAAM,CAACwC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACH1C,MAAM;IACNsC,IAAI;IACJE,MAAM;IACNwB,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAASxE,cAAcA,CACnBd,GAAc,EACdE,KAAmC,EACnCQ,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM+C,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,uBAAuB;IAC7BI,MAAM,EAAEA,MAAM;IACd+E,aAAa,EAAEjG,GAAG,CAACkG,GAAG,CAACC,aAAa,CAACC;EACzC,CAAC,CAAC;EAEF,MAAM1C,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,GAAG;MACZC,UAAU,EAAE,IAAI;MAChBoC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,UAAU,CAAC,CAAC;MACjCpC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,4DAA4D;MACzEC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,2BAA2B,CAC9D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMsB,kBAAkB,GAAG/F,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC8C,kBAAkB,EAAE;IACtE1F,IAAI,EAAE,gCAAgC;IACtCC,MAAM,EAAE;MACJ0F,YAAY,EAAE/C,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC/B8C,cAAc,EAAEhG,KAAK,CAACkD,GAAG;MACzB+C,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,OAAO;IACHzF,MAAM;IACNsC,IAAI;IACJE,MAAM;IACN6C;EACJ,CAAC;AACL;AAEA,SAAS7E,kBAAkBA,CACvBlB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,sBAAsB;IAC5BI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMwC,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,yCAAyC;MACtDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,qBAAqB;IAC3BC,MAAM,EAAE;MACJsE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9BC,YAAY,EAAEtC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,YAAY;MAChC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMsC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC+B,UAAU,EAAE;IAC3D3E,IAAI,EAAE,2BAA2B;IACjCC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEjC,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC3BgC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACwC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMkC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,uBAAuB;IAC7BC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9B1B,GAAG,EAAEF,MAAM,CAACtC,MAAM,CAACwC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACH1C,MAAM;IACNsC,IAAI;IACJE,MAAM;IACNwB,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAAS3E,kBAAkBA,CACvBX,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMqD,YAAY,GAAG,IAAAC,yBAAe,EAACrG,GAAG,CAAC;EAEzC,OAAOA,GAAG,CAACG,WAAW,CAACX,GAAG,CAACkG,GAAG,CAACY,MAAM,EAAE;IACnChG,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJwD,WAAW,EAAE,wEAAwE;MACrFrD,MAAM,EAAE;QACJ6F,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,qBAAqB,EACrB,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,qBAAqB,CACxB;UACDC,QAAQ,EAAE/D,IAAI,CAACN,KAAK,CAACsE,CAAC,IAAI;YACtB;YACA,MAAMC,SAAS,GAAG,CACb,GAAED,CAAC,CAACE,uBAAwB,EAAC,EAC7B,GAAEF,CAAC,CAACE,uBAAwB,IAAG,CACnC;;YAED;YACA,IAAIF,CAAC,CAACG,6BAA6B,EAAE;cACjCF,SAAS,CAACG,IAAI,CACT,GAAEJ,CAAC,CAACG,6BAA8B,EAAC,EACnC,GAAEH,CAAC,CAACG,6BAA8B,IACvC,CAAC;YACL;YAEA,OAAOF,SAAS;UACpB,CAAC;QACL,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,cAAc,EAAE,cAAc,CAAC;UAC3DC,QAAQ,EAAE,CAACrH,MAAM,CAACwC,WAAY,gBAAe9B,MAAM,CAACmC,MAAO,IAAG;QAClE,CAAC,EACD;UACIqE,GAAG,EAAE,yBAAyB;UAC9BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,+BAA+B;UACvCC,QAAQ,EAAErH,MAAM,CAACwC,WAAY,uBAAsBqE,YAAa;QACpE,CAAC,EACD;UACIK,GAAG,EAAE,kBAAkB;UACvBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,sBAAsB,CAAC;UACnDC,QAAQ,EAAE1G,KAAK,CAACkD;QACpB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_clientDynamodb","_awsLayers","_lambdaUtils","_common","_awsUtils","_constants","createPrerenderingService","app","params","queue","addResource","sqs","Queue","name","config","visibilityTimeoutSeconds","fifoQueue","policy","createLambdaPolicy","output","renderer","createRenderer","subscriber","createRenderSubscriber","flush","createFlushService","settings","createPrerenderingSettingsDbItem","tableItem","dynamodb","TableItem","tableName","dbTableName","hashKey","dbTableHashKey","rangeKey","dbTableRangeKey","item","interpolate","run","variant","appUrl","deliveryUrl","bucket","cloudfrontId","url","apply","v","JSON","stringify","marshall","parse","core","getModule","CoreOutput","role","createLambdaRole","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","getCommonLambdaEnvVariables","value","DB_TABLE","description","code","asset","AssetArchive","FileArchive","join","paths","workspace","vpcConfig","VpcConfig","functionVpcConfig","eventRule","cloudwatch","EventRule","eventBusName","eventBusArn","eventPattern","eventPermission","Permission","action","function","principal","sourceArn","eventTarget","EventTarget","rule","executionRole","iam","ManagedPolicy","AWSLambdaSQSQueueExecutionRole","layers","getLayerArn","eventSourceMapping","EventSourceMapping","functionName","eventSourceArn","batchSize","awsAccountId","getAwsAccountId","Policy","Version","Statement","Sid","Effect","Action","Resource","s","resources","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","push"],"sources":["WebsitePrerendering.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { marshall } from \"@webiny/aws-sdk/client-dynamodb\";\n\nimport { PulumiApp } from \"@webiny/pulumi\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PreRenderingServiceParams {\n dbTableName: pulumi.Output<string>;\n dbTableHashKey: pulumi.Output<string>;\n dbTableRangeKey: pulumi.Output<string>;\n appUrl: pulumi.Output<string>;\n deliveryUrl: pulumi.Output<string>;\n bucket: pulumi.Output<string>;\n cloudfrontId: pulumi.Output<string>;\n}\n\nexport function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams) {\n const queue = app.addResource(aws.sqs.Queue, {\n name: \"ps-render-queue\",\n config: {\n visibilityTimeoutSeconds: 300,\n fifoQueue: true\n }\n });\n\n const policy = createLambdaPolicy(app, queue.output, params);\n const renderer = createRenderer(app, queue.output, policy.output, params);\n const subscriber = createRenderSubscriber(app, policy.output, params);\n const flush = createFlushService(app, policy.output, params);\n const settings = createPrerenderingSettingsDbItem(app, queue.output, params);\n\n return {\n subscriber,\n renderer,\n flush,\n settings\n };\n}\n\nfunction createPrerenderingSettingsDbItem(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n /**\n * To handle everything related to prerendering, we need the following information:\n * - appUrl - SPA URL used to prerender HTML\n * - bucket - name of the S3 bucket used for storage of HTML snapshots\n * - cloudfrontId - for cache invalidation\n * - sqsQueueUrl - an SQS queue for prerendering tasks (messages)\n */\n const tableItem = app.addResource(aws.dynamodb.TableItem, {\n name: \"psSettings\",\n config: {\n tableName: params.dbTableName,\n hashKey: params.dbTableHashKey,\n rangeKey: params.dbTableRangeKey,\n item: pulumi.interpolate`{\n \"PK\": \"PS#SETTINGS\",\n \"SK\": \"${app.params.run.variant || \"default\"}\",\n \"data\": {\n \"appUrl\": \"${params.appUrl}\",\n \"deliveryUrl\": \"${params.deliveryUrl}\",\n \"bucket\": \"${params.bucket}\",\n \"cloudfrontId\": \"${params.cloudfrontId}\",\n \"sqsQueueUrl\": \"${queue.url}\"\n }\n }`\n // We're using the native DynamoDB converter to avoid building those nested objects ourselves.\n .apply(v => JSON.stringify(marshall(JSON.parse(v))))\n }\n });\n\n return { tableItem };\n}\n\nfunction createRenderSubscriber(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-render-subscriber-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-subscriber-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Subscribes to render events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/subscribe/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * TODO: when we get to staged rollouts and variants, maybe we can create per-variant event rules,\n * to avoid invocation of all variant lambdas just to do a `detail-type` check and exit early.\n * That way, we would be publishing events scoped to a variant, like \"RenderPages-{variant}\".\n */\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-render-subscriber-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"RenderPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-render-subscriber-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-render-subscriber-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createRenderer(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const role = createLambdaRole(app, {\n name: \"ps-render-lambda-role\",\n policy: policy,\n executionRole: aws.iam.ManagedPolicy.AWSLambdaSQSQueueExecutionRole\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 300,\n memorySize: 2048,\n layers: [getLayerArn(\"chromium\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Renders pages and stores output in an S3 bucket of choice.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/render/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"ps-render-event-source-mapping\",\n config: {\n functionName: lambda.output.arn,\n eventSourceArn: queue.arn,\n batchSize: 1\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventSourceMapping\n };\n}\n\nfunction createFlushService(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-flush-lambda-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-flush-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName\n }))\n },\n description: \"Subscribes to flush events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/flush/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-flush-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"FlushPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-flush-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-flush-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createLambdaPolicy(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ps-lambda-policy\",\n config: {\n description: \"This policy enables access to Lambda, S3, Cloudfront, SQS and Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: core.apply(s => {\n // Add permissions to DynamoDB table\n const resources = [\n `${s.primaryDynamodbTableArn}`,\n `${s.primaryDynamodbTableArn}/*`\n ];\n\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n if (s.elasticsearchDynamodbTableArn) {\n resources.push(\n `${s.elasticsearchDynamodbTableArn}`,\n `${s.elasticsearchDynamodbTableArn}/*`\n );\n }\n\n return resources;\n })\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\"s3:DeleteObject\", \"s3:GetObject\", \"s3:PutObject\"],\n Resource: [pulumi.interpolate`arn:aws:s3:::${params.bucket}/*`]\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n {\n Sid: \"PermissionForSQS\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\", \"sqs:SendMessageBatch\"],\n Resource: queue.arn\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AAGA,IAAAI,UAAA,GAAAJ,OAAA;AAEA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAYO,SAASS,yBAAyBA,CAACC,GAAc,EAAEC,MAAiC,EAAE;EACzF,MAAMC,KAAK,GAAGF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,KAAK,EAAE;IACzCC,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJC,wBAAwB,EAAE,GAAG;MAC7BC,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,kBAAkB,CAACX,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMY,QAAQ,GAAGC,cAAc,CAACd,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEF,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACzE,MAAMc,UAAU,GAAGC,sBAAsB,CAAChB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACrE,MAAMgB,KAAK,GAAGC,kBAAkB,CAAClB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMkB,QAAQ,GAAGC,gCAAgC,CAACpB,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAE5E,OAAO;IACHc,UAAU;IACVF,QAAQ;IACRI,KAAK;IACLE;EACJ,CAAC;AACL;AAEA,SAASC,gCAAgCA,CACrCpB,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAMoB,SAAS,GAAGrB,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC8B,QAAQ,CAACC,SAAS,EAAE;IACtDjB,IAAI,EAAE,YAAY;IAClBC,MAAM,EAAE;MACJiB,SAAS,EAAEvB,MAAM,CAACwB,WAAW;MAC7BC,OAAO,EAAEzB,MAAM,CAAC0B,cAAc;MAC9BC,QAAQ,EAAE3B,MAAM,CAAC4B,eAAe;MAChCC,IAAI,EAAEvC,MAAM,CAACwC,WAAY;AACrC;AACA,yBAAyB/B,GAAG,CAACC,MAAM,CAAC+B,GAAG,CAACC,OAAO,IAAI,SAAU;AAC7D;AACA,iCAAiChC,MAAM,CAACiC,MAAO;AAC/C,sCAAsCjC,MAAM,CAACkC,WAAY;AACzD,iCAAiClC,MAAM,CAACmC,MAAO;AAC/C,uCAAuCnC,MAAM,CAACoC,YAAa;AAC3D,sCAAsCnC,KAAK,CAACoC,GAAI;AAChD;AACA;MACgB;MAAA,CACCC,KAAK,CAACC,CAAC,IAAIC,IAAI,CAACC,SAAS,CAAC,IAAAC,wBAAQ,EAACF,IAAI,CAACG,KAAK,CAACJ,CAAC,CAAC,CAAC,CAAC;IAC3D;EACJ,CAAC,CAAC;EAEF,OAAO;IAAEnB;EAAU,CAAC;AACxB;AAEA,SAASL,sBAAsBA,CAC3BhB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,2BAA2B;IACjCI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMwC,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,6BAA6B;IACnCC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,0CAA0C;MACvDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,8BAA8B,CACjE;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;;EAEF;AACJ;AACA;AACA;AACA;;EAEI,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,iCAAiC;IACvCC,MAAM,EAAE;MACJsE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9BC,YAAY,EAAEtC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,aAAa;MACjC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMsC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC+B,UAAU,EAAE;IAC3D3E,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEjC,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC3BgC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACwC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMkC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,mCAAmC;IACzCC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9B1B,GAAG,EAAEF,MAAM,CAACtC,MAAM,CAACwC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACH1C,MAAM;IACNsC,IAAI;IACJE,MAAM;IACNwB,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAASxE,cAAcA,CACnBd,GAAc,EACdE,KAAmC,EACnCQ,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM+C,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,uBAAuB;IAC7BI,MAAM,EAAEA,MAAM;IACd+E,aAAa,EAAEjG,GAAG,CAACkG,GAAG,CAACC,aAAa,CAACC;EACzC,CAAC,CAAC;EAEF,MAAM1C,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,GAAG;MACZC,UAAU,EAAE,IAAI;MAChBoC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,UAAU,CAAC,CAAC;MACjCpC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,4DAA4D;MACzEC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,2BAA2B,CAC9D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMsB,kBAAkB,GAAG/F,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC8C,kBAAkB,EAAE;IACtE1F,IAAI,EAAE,gCAAgC;IACtCC,MAAM,EAAE;MACJ0F,YAAY,EAAE/C,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC/B8C,cAAc,EAAEhG,KAAK,CAACkD,GAAG;MACzB+C,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,OAAO;IACHzF,MAAM;IACNsC,IAAI;IACJE,MAAM;IACN6C;EACJ,CAAC;AACL;AAEA,SAAS7E,kBAAkBA,CACvBlB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAACjD,GAAG,EAAE;IAC/BM,IAAI,EAAE,sBAAsB;IAC5BI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMwC,MAAM,GAAGlD,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAACC,QAAQ,EAAE;IAChD7C,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJyC,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE7D,MAAM,CAACwB;QACrB,CAAC,CAAC;MACN,CAAC;MACDsC,WAAW,EAAE,yCAAyC;MACtDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC8C,SAAS,CAAC0B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,qBAAqB;IAC3BC,MAAM,EAAE;MACJsE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9BC,YAAY,EAAEtC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,YAAY;MAChC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMsC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC0D,MAAM,CAAC+B,UAAU,EAAE;IAC3D3E,IAAI,EAAE,2BAA2B;IACjCC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEjC,MAAM,CAACtC,MAAM,CAACwC,GAAG;MAC3BgC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACwC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMkC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,uBAAuB;IAC7BC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAEhC,IAAI,CAACiC,WAAW;MAC9B1B,GAAG,EAAEF,MAAM,CAACtC,MAAM,CAACwC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACH1C,MAAM;IACNsC,IAAI;IACJE,MAAM;IACNwB,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAAS3E,kBAAkBA,CACvBX,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE,MAAM4C,IAAI,GAAG7C,GAAG,CAAC8C,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMqD,YAAY,GAAG,IAAAC,yBAAe,EAACrG,GAAG,CAAC;EAEzC,OAAOA,GAAG,CAACG,WAAW,CAACX,GAAG,CAACkG,GAAG,CAACY,MAAM,EAAE;IACnChG,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJwD,WAAW,EAAE,wEAAwE;MACrFrD,MAAM,EAAE;QACJ6F,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,qBAAqB,EACrB,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,qBAAqB,CACxB;UACDC,QAAQ,EAAE/D,IAAI,CAACN,KAAK,CAACsE,CAAC,IAAI;YACtB;YACA,MAAMC,SAAS,GAAG,CACb,GAAED,CAAC,CAACE,uBAAwB,EAAC,EAC7B,GAAEF,CAAC,CAACE,uBAAwB,IAAG,CACnC;;YAED;YACA,IAAIF,CAAC,CAACG,6BAA6B,EAAE;cACjCF,SAAS,CAACG,IAAI,CACT,GAAEJ,CAAC,CAACG,6BAA8B,EAAC,EACnC,GAAEH,CAAC,CAACG,6BAA8B,IACvC,CAAC;YACL;YAEA,OAAOF,SAAS;UACpB,CAAC;QACL,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,cAAc,EAAE,cAAc,CAAC;UAC3DC,QAAQ,EAAE,CAACrH,MAAM,CAACwC,WAAY,gBAAe9B,MAAM,CAACmC,MAAO,IAAG;QAClE,CAAC,EACD;UACIqE,GAAG,EAAE,yBAAyB;UAC9BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,+BAA+B;UACvCC,QAAQ,EAAErH,MAAM,CAACwC,WAAY,uBAAsBqE,YAAa;QACpE,CAAC,EACD;UACIK,GAAG,EAAE,kBAAkB;UACvBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,sBAAsB,CAAC;UACnDC,QAAQ,EAAE1G,KAAK,CAACkD;QACpB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@webiny/pulumi-aws",
|
|
3
|
-
"version": "5.40.
|
|
3
|
+
"version": "5.40.2-beta.0",
|
|
4
4
|
"repository": {
|
|
5
5
|
"type": "git",
|
|
6
6
|
"url": "https://github.com/webiny/webiny-js.git"
|
|
@@ -16,9 +16,9 @@
|
|
|
16
16
|
"@pulumi/aws": "^6.32.0",
|
|
17
17
|
"@pulumi/pulumi": "^3.113.3",
|
|
18
18
|
"@pulumi/random": "v3.2.0",
|
|
19
|
-
"@webiny/aws-sdk": "5.40.
|
|
20
|
-
"@webiny/cli-plugin-deploy-pulumi": "5.40.
|
|
21
|
-
"@webiny/pulumi": "5.40.
|
|
19
|
+
"@webiny/aws-sdk": "5.40.2-beta.0",
|
|
20
|
+
"@webiny/cli-plugin-deploy-pulumi": "5.40.2-beta.0",
|
|
21
|
+
"@webiny/pulumi": "5.40.2-beta.0",
|
|
22
22
|
"form-data": "4.0.0",
|
|
23
23
|
"node-fetch": "2.7.0"
|
|
24
24
|
},
|
|
@@ -28,10 +28,11 @@
|
|
|
28
28
|
"@babel/preset-env": "7.24.3",
|
|
29
29
|
"@babel/preset-typescript": "7.24.1",
|
|
30
30
|
"@babel/runtime": "7.24.1",
|
|
31
|
-
"@webiny/api-page-builder": "5.40.
|
|
32
|
-
"@webiny/aws-layers": "5.40.
|
|
33
|
-
"@webiny/cli": "5.40.
|
|
34
|
-
"@webiny/
|
|
31
|
+
"@webiny/api-page-builder": "5.40.2-beta.0",
|
|
32
|
+
"@webiny/aws-layers": "5.40.2-beta.0",
|
|
33
|
+
"@webiny/cli": "5.40.2-beta.0",
|
|
34
|
+
"@webiny/feature-flags": "5.40.2-beta.0",
|
|
35
|
+
"@webiny/project-utils": "5.40.2-beta.0",
|
|
35
36
|
"chalk": "4.1.2",
|
|
36
37
|
"lodash": "4.17.21",
|
|
37
38
|
"mime": "2.6.0",
|
|
@@ -55,5 +56,5 @@
|
|
|
55
56
|
]
|
|
56
57
|
}
|
|
57
58
|
},
|
|
58
|
-
"gitHead": "
|
|
59
|
+
"gitHead": "cf2c1929dbb2f75bc25ed37ea9b411acd2409f6f"
|
|
59
60
|
}
|