@webiny/pulumi-aws 6.0.0-alpha.0 → 6.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (191) hide show
  1. package/apps/admin/createAdminPulumiApp.d.ts +3 -2
  2. package/apps/admin/createAdminPulumiApp.js +1 -0
  3. package/apps/admin/createAdminPulumiApp.js.map +1 -1
  4. package/apps/api/ApiApwScheduler.d.ts +1 -1
  5. package/apps/api/ApiApwScheduler.js.map +1 -1
  6. package/apps/api/ApiBackgroundTask.d.ts +1 -1
  7. package/apps/api/ApiBackgroundTask.js.map +1 -1
  8. package/apps/api/ApiCloudfront.d.ts +1 -1
  9. package/apps/api/ApiCloudfront.js.map +1 -1
  10. package/apps/api/ApiFileManager.d.ts +7 -1
  11. package/apps/api/ApiFileManager.js +6 -0
  12. package/apps/api/ApiFileManager.js.map +1 -1
  13. package/apps/api/ApiGateway.d.ts +2 -2
  14. package/apps/api/ApiGateway.js.map +1 -1
  15. package/apps/api/ApiGraphql.d.ts +1 -1
  16. package/apps/api/ApiGraphql.js.map +1 -1
  17. package/apps/api/ApiMigration.d.ts +1 -1
  18. package/apps/api/ApiMigration.js.map +1 -1
  19. package/apps/api/ApiOutput.d.ts +11 -1
  20. package/apps/api/ApiOutput.js +11 -1
  21. package/apps/api/ApiOutput.js.map +1 -1
  22. package/apps/api/ApiPageBuilder.d.ts +1 -1
  23. package/apps/api/ApiPageBuilder.js.map +1 -1
  24. package/apps/api/ApiScheduler.d.ts +8 -0
  25. package/apps/api/ApiScheduler.js +105 -0
  26. package/apps/api/ApiScheduler.js.map +1 -0
  27. package/apps/api/ApiWebsocket.d.ts +1 -1
  28. package/apps/api/ApiWebsocket.js.map +1 -1
  29. package/apps/api/backgroundTask/definition.d.ts +2 -2
  30. package/apps/api/backgroundTask/definition.js.map +1 -1
  31. package/apps/api/backgroundTask/policy.d.ts +2 -2
  32. package/apps/api/backgroundTask/policy.js.map +1 -1
  33. package/apps/api/backgroundTask/role.d.ts +2 -2
  34. package/apps/api/backgroundTask/role.js.map +1 -1
  35. package/apps/api/backgroundTask/types.d.ts +1 -1
  36. package/apps/api/backgroundTask/types.js.map +1 -1
  37. package/apps/api/createApiPulumiApp.d.ts +19 -13
  38. package/apps/api/createApiPulumiApp.js +50 -19
  39. package/apps/api/createApiPulumiApp.js.map +1 -1
  40. package/apps/awsUtils.d.ts +1 -1
  41. package/apps/awsUtils.js.map +1 -1
  42. package/apps/blueGreen/createBlueGreenPulumiApp.d.ts +7 -1
  43. package/apps/blueGreen/createBlueGreenPulumiApp.js +2 -2
  44. package/apps/blueGreen/createBlueGreenPulumiApp.js.map +1 -1
  45. package/apps/blueGreen/domains/attachDomainsToOutput.d.ts +1 -1
  46. package/apps/blueGreen/domains/attachDomainsToOutput.js.map +1 -1
  47. package/apps/blueGreen/types.d.ts +4 -1
  48. package/apps/blueGreen/types.js.map +1 -1
  49. package/apps/common/CoreOutput.d.ts +2 -1
  50. package/apps/common/CoreOutput.js +1 -0
  51. package/apps/common/CoreOutput.js.map +1 -1
  52. package/apps/common/VpcConfig.d.ts +1 -1
  53. package/apps/common/VpcConfig.js.map +1 -1
  54. package/apps/core/CoreCognito.d.ts +1 -1
  55. package/apps/core/CoreCognito.js.map +1 -1
  56. package/apps/core/CoreDynamo.d.ts +1 -1
  57. package/apps/core/CoreDynamo.js.map +1 -1
  58. package/apps/core/CoreElasticSearch.d.ts +1 -1
  59. package/apps/core/CoreElasticSearch.js +7 -1
  60. package/apps/core/CoreElasticSearch.js.map +1 -1
  61. package/apps/core/CoreEventBus.js.map +1 -1
  62. package/apps/core/CoreFileManager.d.ts +1 -1
  63. package/apps/core/CoreFileManager.js.map +1 -1
  64. package/apps/core/CoreOpenSearch.d.ts +1 -1
  65. package/apps/core/CoreOpenSearch.js +7 -1
  66. package/apps/core/CoreOpenSearch.js.map +1 -1
  67. package/apps/core/CoreVpc.d.ts +1 -1
  68. package/apps/core/CoreVpc.js.map +1 -1
  69. package/apps/core/LogDynamo.d.ts +1 -1
  70. package/apps/core/LogDynamo.js.map +1 -1
  71. package/apps/core/WatchCommand.js.map +1 -1
  72. package/apps/core/cognitoIdentityProviders/amazon.d.ts +3 -3
  73. package/apps/core/cognitoIdentityProviders/amazon.js.map +1 -1
  74. package/apps/core/cognitoIdentityProviders/apple.d.ts +3 -3
  75. package/apps/core/cognitoIdentityProviders/apple.js.map +1 -1
  76. package/apps/core/cognitoIdentityProviders/configure.d.ts +3 -3
  77. package/apps/core/cognitoIdentityProviders/configure.js.map +1 -1
  78. package/apps/core/cognitoIdentityProviders/facebook.d.ts +3 -3
  79. package/apps/core/cognitoIdentityProviders/facebook.js.map +1 -1
  80. package/apps/core/cognitoIdentityProviders/getIdpConfig.d.ts +2 -2
  81. package/apps/core/cognitoIdentityProviders/getIdpConfig.js.map +1 -1
  82. package/apps/core/cognitoIdentityProviders/google.d.ts +3 -3
  83. package/apps/core/cognitoIdentityProviders/google.js.map +1 -1
  84. package/apps/core/cognitoIdentityProviders/oidc.d.ts +3 -3
  85. package/apps/core/cognitoIdentityProviders/oidc.js.map +1 -1
  86. package/apps/core/createCorePulumiApp.d.ts +1 -1
  87. package/apps/core/createCorePulumiApp.js +2 -1
  88. package/apps/core/createCorePulumiApp.js.map +1 -1
  89. package/apps/createAppBucket.d.ts +1 -1
  90. package/apps/createAppBucket.js.map +1 -1
  91. package/apps/customDomain.d.ts +3 -3
  92. package/apps/customDomain.js.map +1 -1
  93. package/apps/lambdaUtils.d.ts +3 -2
  94. package/apps/lambdaUtils.js +21 -3
  95. package/apps/lambdaUtils.js.map +1 -1
  96. package/apps/react/createReactPulumiApp.d.ts +2 -2
  97. package/apps/react/createReactPulumiApp.js.map +1 -1
  98. package/apps/syncSystem/SyncSystemDynamo.d.ts +1 -1
  99. package/apps/syncSystem/SyncSystemDynamo.js.map +1 -1
  100. package/apps/syncSystem/SyncSystemDynamoDb.d.ts +3 -0
  101. package/apps/syncSystem/SyncSystemDynamoDb.js +55 -0
  102. package/apps/syncSystem/SyncSystemDynamoDb.js.map +1 -0
  103. package/apps/syncSystem/SyncSystemEventBus.d.ts +6 -0
  104. package/apps/syncSystem/SyncSystemEventBus.js +84 -0
  105. package/apps/syncSystem/SyncSystemEventBus.js.map +1 -0
  106. package/apps/syncSystem/SyncSystemLambda.d.ts +1 -1
  107. package/apps/syncSystem/SyncSystemLambda.js.map +1 -1
  108. package/apps/syncSystem/SyncSystemOutput.d.ts +3 -0
  109. package/apps/syncSystem/SyncSystemOutput.js +26 -0
  110. package/apps/syncSystem/SyncSystemOutput.js.map +1 -0
  111. package/apps/syncSystem/SyncSystemResolverLambda.d.ts +8 -0
  112. package/apps/syncSystem/SyncSystemResolverLambda.js +78 -0
  113. package/apps/syncSystem/SyncSystemResolverLambda.js.map +1 -0
  114. package/apps/syncSystem/SyncSystemSQS.d.ts +3 -4
  115. package/apps/syncSystem/SyncSystemSQS.js +33 -12
  116. package/apps/syncSystem/SyncSystemSQS.js.map +1 -1
  117. package/apps/syncSystem/SyncSystemWorkerLambda.d.ts +7 -0
  118. package/apps/syncSystem/SyncSystemWorkerLambda.js +57 -0
  119. package/apps/syncSystem/SyncSystemWorkerLambda.js.map +1 -0
  120. package/apps/syncSystem/api/addServiceManifest.d.ts +8 -0
  121. package/apps/syncSystem/api/addServiceManifest.js +25 -0
  122. package/apps/syncSystem/api/addServiceManifest.js.map +1 -0
  123. package/apps/syncSystem/api/attachCognitoPermissions.d.ts +14 -0
  124. package/apps/syncSystem/api/attachCognitoPermissions.js +67 -0
  125. package/apps/syncSystem/api/attachCognitoPermissions.js.map +1 -0
  126. package/apps/syncSystem/api/attachDynamoDbPermissions.d.ts +13 -0
  127. package/apps/syncSystem/api/attachDynamoDbPermissions.js +53 -0
  128. package/apps/syncSystem/api/attachDynamoDbPermissions.js.map +1 -0
  129. package/apps/syncSystem/api/attachEventBusPermissions.d.ts +18 -0
  130. package/apps/syncSystem/api/attachEventBusPermissions.js +66 -0
  131. package/apps/syncSystem/api/attachEventBusPermissions.js.map +1 -0
  132. package/apps/syncSystem/api/attachS3Permissions.d.ts +14 -0
  133. package/apps/syncSystem/api/attachS3Permissions.js +59 -0
  134. package/apps/syncSystem/api/attachS3Permissions.js.map +1 -0
  135. package/apps/syncSystem/api/index.d.ts +9 -0
  136. package/apps/syncSystem/api/index.js +65 -0
  137. package/apps/syncSystem/api/index.js.map +1 -0
  138. package/apps/syncSystem/constants.d.ts +1 -0
  139. package/apps/syncSystem/constants.js +9 -0
  140. package/apps/syncSystem/constants.js.map +1 -0
  141. package/apps/syncSystem/createSyncResourceName.d.ts +4 -0
  142. package/apps/syncSystem/createSyncResourceName.js +17 -0
  143. package/apps/syncSystem/createSyncResourceName.js.map +1 -0
  144. package/apps/syncSystem/createSyncSystemPulumiApp.d.ts +19 -10
  145. package/apps/syncSystem/createSyncSystemPulumiApp.js +107 -34
  146. package/apps/syncSystem/createSyncSystemPulumiApp.js.map +1 -1
  147. package/apps/syncSystem/customApp.d.ts +6 -0
  148. package/apps/syncSystem/customApp.js +26 -0
  149. package/apps/syncSystem/customApp.js.map +1 -0
  150. package/apps/syncSystem/getSyncSystemOutput.d.ts +6 -0
  151. package/apps/syncSystem/getSyncSystemOutput.js +28 -0
  152. package/apps/syncSystem/getSyncSystemOutput.js.map +1 -0
  153. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.d.ts +7 -0
  154. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js +55 -0
  155. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js.map +1 -0
  156. package/apps/syncSystem/types.d.ts +55 -0
  157. package/apps/syncSystem/types.js +7 -0
  158. package/apps/syncSystem/types.js.map +1 -0
  159. package/apps/tenantRouter.d.ts +1 -1
  160. package/apps/tenantRouter.js.map +1 -1
  161. package/apps/website/WebsitePrerendering.d.ts +1 -1
  162. package/apps/website/WebsitePrerendering.js.map +1 -1
  163. package/apps/website/createWebsitePulumiApp.d.ts +2 -2
  164. package/apps/website/createWebsitePulumiApp.js.map +1 -1
  165. package/enterprise/api/handleGuardDutyEvents.d.ts +1 -1
  166. package/enterprise/api/handleGuardDutyEvents.js.map +1 -1
  167. package/enterprise/createApiPulumiApp.d.ts +13 -2
  168. package/enterprise/createApiPulumiApp.js.map +1 -1
  169. package/enterprise/createCorePulumiApp.d.ts +2 -2
  170. package/enterprise/createCorePulumiApp.js.map +1 -1
  171. package/enterprise/createSyncSystemPulumiApp.d.ts +13 -8
  172. package/enterprise/createSyncSystemPulumiApp.js +1 -1
  173. package/enterprise/createSyncSystemPulumiApp.js.map +1 -1
  174. package/enterprise/createWebsitePulumiApp.d.ts +2 -2
  175. package/enterprise/createWebsitePulumiApp.js.map +1 -1
  176. package/package.json +12 -12
  177. package/utils/addDomainsUrlsOutputs.d.ts +2 -2
  178. package/utils/addDomainsUrlsOutputs.js.map +1 -1
  179. package/utils/addServiceManifestTableItem.d.ts +1 -1
  180. package/utils/addServiceManifestTableItem.js.map +1 -1
  181. package/utils/createAssetArchive.d.ts +2 -0
  182. package/utils/createAssetArchive.js +16 -0
  183. package/utils/createAssetArchive.js.map +1 -0
  184. package/utils/getPresignedPost.d.ts +1 -1
  185. package/utils/getPresignedPost.js.map +1 -1
  186. package/utils/lambdaEnvVariables.d.ts +1 -1
  187. package/utils/lambdaEnvVariables.js.map +1 -1
  188. package/utils/uploadFolderToS3.d.ts +1 -1
  189. package/utils/uploadFolderToS3.js.map +1 -1
  190. package/utils/withServiceManifest.d.ts +2 -2
  191. package/utils/withServiceManifest.js.map +1 -1
package/apps/website/WebsitePrerendering.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_clientDynamodb","_awsLayers","_lambdaUtils","_common","_awsUtils","_constants","createPrerenderingService","app","params","queue","addResource","sqs","Queue","name","config","visibilityTimeoutSeconds","fifoQueue","policy","createLambdaPolicy","output","renderer","createRenderer","subscriber","createRenderSubscriber","flush","createFlushService","settings","createPrerenderingSettingsDbItem","tableItem","dynamodb","TableItem","tableName","dbTableName","hashKey","dbTableHashKey","rangeKey","dbTableRangeKey","item","interpolate","appUrl","deliveryUrl","bucket","cloudfrontId","url","apply","v","JSON","stringify","marshall","parse","core","getModule","CoreOutput","role","createLambdaRole","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","getCommonLambdaEnvVariables","value","DB_TABLE","DB_TABLE_LOG","logDbTableName","description","code","asset","AssetArchive","FileArchive","join","paths","workspace","vpcConfig","VpcConfig","functionVpcConfig","eventRule","cloudwatch","EventRule","eventBusName","eventBusArn","eventPattern","eventPermission","Permission","action","function","principal","sourceArn","eventTarget","EventTarget","rule","executionRole","iam","ManagedPolicy","AWSLambdaSQSQueueExecutionRole","layers","getLayerArn","eventSourceMapping","EventSourceMapping","functionName","eventSourceArn","batchSize","awsAccountId","getAwsAccountId","Policy","Version","Statement","Sid","Effect","Action","Resource","s","resources","primaryDynamodbTableArn","logDynamodbTableArn","elasticsearchDynamodbTableArn","push"],"sources":["WebsitePrerendering.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { marshall } from \"@webiny/aws-sdk/client-dynamodb\";\n\nimport { PulumiApp } from \"@webiny/pulumi\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PreRenderingServiceParams {\n dbTableName: pulumi.Output<string>;\n dbTableHashKey: pulumi.Output<string>;\n dbTableRangeKey: pulumi.Output<string>;\n logDbTableName: pulumi.Output<string>;\n appUrl: pulumi.Output<string>;\n deliveryUrl: pulumi.Output<string>;\n bucket: pulumi.Output<string>;\n cloudfrontId: pulumi.Output<string>;\n}\n\nexport function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams) {\n const queue = app.addResource(aws.sqs.Queue, {\n name: \"ps-render-queue\",\n config: {\n visibilityTimeoutSeconds: 300,\n fifoQueue: true\n }\n });\n\n const policy = createLambdaPolicy(app, queue.output, params);\n const renderer = createRenderer(app, queue.output, policy.output, params);\n const subscriber = createRenderSubscriber(app, policy.output, params);\n const flush = createFlushService(app, policy.output, params);\n const settings = createPrerenderingSettingsDbItem(app, queue.output, params);\n\n return {\n subscriber,\n renderer,\n flush,\n settings\n };\n}\n\nfunction createPrerenderingSettingsDbItem(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n /**\n * To handle everything related to prerendering, we need the following information:\n * - appUrl - SPA URL used to prerender HTML\n * - bucket - name of the S3 bucket used for storage of HTML snapshots\n * - cloudfrontId - for cache invalidation\n * - sqsQueueUrl - an SQS queue for prerendering tasks (messages)\n */\n const tableItem = app.addResource(aws.dynamodb.TableItem, {\n name: \"psSettings\",\n config: {\n tableName: params.dbTableName,\n hashKey: params.dbTableHashKey,\n rangeKey: params.dbTableRangeKey,\n item: pulumi.interpolate`{\n \"PK\": \"PS#SETTINGS\",\n \"SK\": \"default\",\n \"data\": {\n \"appUrl\": \"${params.appUrl}\",\n \"deliveryUrl\": \"${params.deliveryUrl}\",\n \"bucket\": \"${params.bucket}\",\n \"cloudfrontId\": \"${params.cloudfrontId}\",\n \"sqsQueueUrl\": \"${queue.url}\"\n }\n }`\n // We're using the native DynamoDB converter to avoid building those nested objects ourselves.\n .apply(v => JSON.stringify(marshall(JSON.parse(v))))\n }\n });\n\n return { tableItem };\n}\n\nfunction createRenderSubscriber(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-render-subscriber-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-subscriber-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Subscribes to render events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/subscribe/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * TODO: when we get to staged rollouts and variants, maybe we can create per-variant event rules,\n * to avoid invocation of all variant lambdas just to do a `detail-type` check and exit early.\n * That way, we would be publishing events scoped to a variant, like \"RenderPages-{variant}\".\n */\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-render-subscriber-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"RenderPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-render-subscriber-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-render-subscriber-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createRenderer(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const role = createLambdaRole(app, {\n name: \"ps-render-lambda-role\",\n policy: policy,\n executionRole: aws.iam.ManagedPolicy.AWSLambdaSQSQueueExecutionRole\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 300,\n memorySize: 2048,\n layers: [getLayerArn(\"chromium\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Renders pages and stores output in an S3 bucket of choice.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/render/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"ps-render-event-source-mapping\",\n config: {\n functionName: lambda.output.arn,\n eventSourceArn: queue.arn,\n batchSize: 1\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventSourceMapping\n };\n}\n\nfunction createFlushService(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-flush-lambda-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-flush-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Subscribes to flush events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/flush/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-flush-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"FlushPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-flush-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-flush-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createLambdaPolicy(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ps-lambda-policy\",\n config: {\n description: \"This policy enables access to Lambda, S3, Cloudfront, SQS and Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: core.apply(s => {\n // Add permissions to DynamoDB table\n const resources = [\n `${s.primaryDynamodbTableArn}`,\n `${s.primaryDynamodbTableArn}/*`,\n `${s.logDynamodbTableArn}`,\n `${s.logDynamodbTableArn}/*`\n ];\n\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n if (s.elasticsearchDynamodbTableArn) {\n resources.push(\n `${s.elasticsearchDynamodbTableArn}`,\n `${s.elasticsearchDynamodbTableArn}/*`\n );\n }\n\n return resources;\n })\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\"s3:DeleteObject\", \"s3:GetObject\", \"s3:PutObject\"],\n Resource: [pulumi.interpolate`arn:aws:s3:::${params.bucket}/*`]\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n {\n Sid: \"PermissionForSQS\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\", \"sqs:SendMessageBatch\"],\n Resource: queue.arn\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AAGA,IAAAI,UAAA,GAAAJ,OAAA;AAEA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAaO,SAASS,yBAAyBA,CAACC,GAAc,EAAEC,MAAiC,EAAE;EACzF,MAAMC,KAAK,GAAGF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,KAAK,EAAE;IACzCC,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJC,wBAAwB,EAAE,GAAG;MAC7BC,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,kBAAkB,CAACX,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMY,QAAQ,GAAGC,cAAc,CAACd,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEF,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACzE,MAAMc,UAAU,GAAGC,sBAAsB,CAAChB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACrE,MAAMgB,KAAK,GAAGC,kBAAkB,CAAClB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMkB,QAAQ,GAAGC,gCAAgC,CAACpB,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAE5E,OAAO;IACHc,UAAU;IACVF,QAAQ;IACRI,KAAK;IACLE;EACJ,CAAC;AACL;AAEA,SAASC,gCAAgCA,CACrCpB,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAMoB,SAAS,GAAGrB,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC8B,QAAQ,CAACC,SAAS,EAAE;IACtDjB,IAAI,EAAE,YAAY;IAClBC,MAAM,EAAE;MACJiB,SAAS,EAAEvB,MAAM,CAACwB,WAAW;MAC7BC,OAAO,EAAEzB,MAAM,CAAC0B,cAAc;MAC9BC,QAAQ,EAAE3B,MAAM,CAAC4B,eAAe;MAChCC,IAAI,EAAEvC,MAAM,CAACwC,WAAW;AACpC;AACA;AACA;AACA,iCAAiC9B,MAAM,CAAC+B,MAAM;AAC9C,sCAAsC/B,MAAM,CAACgC,WAAW;AACxD,iCAAiChC,MAAM,CAACiC,MAAM;AAC9C,uCAAuCjC,MAAM,CAACkC,YAAY;AAC1D,sCAAsCjC,KAAK,CAACkC,GAAG;AAC/C;AACA;MACgB;MAAA,CACCC,KAAK,CAACC,CAAC,IAAIC,IAAI,CAACC,SAAS,CAAC,IAAAC,wBAAQ,EAACF,IAAI,CAACG,KAAK,CAACJ,CAAC,CAAC,CAAC,CAAC;IAC3D;EACJ,CAAC,CAAC;EAEF,OAAO;IAAEjB;EAAU,CAAC;AACxB;AAEA,SAASL,sBAAsBA,CAC3BhB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,2BAA2B;IACjCI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMsC,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,6BAA6B;IACnCC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,0CAA0C;MACvDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,8BAA8B,CACjE;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;;EAEF;AACJ;AACA;AACA;AACA;;EAEI,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,iCAAiC;IACvCC,MAAM,EAAE;MACJsE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9BC,YAAY,EAAExC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,aAAa;MACjC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMwC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACiC,UAAU,EAAE;IAC3D3E,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEnC,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC3BkC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACsC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMoC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,mCAAmC;IACzCC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9B5B,GAAG,EAAEF,MAAM,CAACpC,MAAM,CAACsC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACHxC,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN0B,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAASxE,cAAcA,CACnBd,GAAc,EACdE,KAAmC,EACnCQ,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM6C,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,uBAAuB;IAC7BI,MAAM,EAAEA,MAAM;IACd+E,aAAa,EAAEjG,GAAG,CAACkG,GAAG,CAACC,aAAa,CAACC;EACzC,CAAC,CAAC;EAEF,MAAM5C,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,GAAG;MACZC,UAAU,EAAE,IAAI;MAChBsC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,UAAU,CAAC,CAAC;MACjCtC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,4DAA4D;MACzEC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,2BAA2B,CAC9D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMsB,kBAAkB,GAAG/F,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACgD,kBAAkB,EAAE;IACtE1F,IAAI,EAAE,gCAAgC;IACtCC,MAAM,EAAE;MACJ0F,YAAY,EAAEjD,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC/BgD,cAAc,EAAEhG,KAAK,CAACgD,GAAG;MACzBiD,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,OAAO;IACHzF,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN+C;EACJ,CAAC;AACL;AAEA,SAAS7E,kBAAkBA,CACvBlB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,sBAAsB;IAC5BI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMsC,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,yCAAyC;MACtDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,qBAAqB;IAC3BC,MAAM,EAAE;MACJsE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9BC,YAAY,EAAExC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,YAAY;MAChC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMwC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACiC,UAAU,EAAE;IAC3D3E,IAAI,EAAE,2BAA2B;IACjCC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEnC,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC3BkC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACsC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMoC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,uBAAuB;IAC7BC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9B5B,GAAG,EAAEF,MAAM,CAACpC,MAAM,CAACsC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACHxC,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN0B,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAAS3E,kBAAkBA,CACvBX,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMuD,YAAY,GAAG,IAAAC,yBAAe,EAACrG,GAAG,CAAC;EAEzC,OAAOA,GAAG,CAACG,WAAW,CAACX,GAAG,CAACkG,GAAG,CAACY,MAAM,EAAE;IACnChG,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJwD,WAAW,EAAE,wEAAwE;MACrFrD,MAAM,EAAE;QACJ6F,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,qBAAqB,EACrB,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,qBAAqB,CACxB;UACDC,QAAQ,EAAEjE,IAAI,CAACN,KAAK,CAACwE,CAAC,IAAI;YACtB;YACA,MAAMC,SAAS,GAAG,CACd,GAAGD,CAAC,CAACE,uBAAuB,EAAE,EAC9B,GAAGF,CAAC,CAACE,uBAAuB,IAAI,EAChC,GAAGF,CAAC,CAACG,mBAAmB,EAAE,EAC1B,GAAGH,CAAC,CAACG,mBAAmB,IAAI,CAC/B;;YAED;YACA,IAAIH,CAAC,CAACI,6BAA6B,EAAE;cACjCH,SAAS,CAACI,IAAI,CACV,GAAGL,CAAC,CAACI,6BAA6B,EAAE,EACpC,GAAGJ,CAAC,CAACI,6BAA6B,IACtC,CAAC;YACL;YAEA,OAAOH,SAAS;UACpB,CAAC;QACL,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,cAAc,EAAE,cAAc,CAAC;UAC3DC,QAAQ,EAAE,CAACrH,MAAM,CAACwC,WAAW,gBAAgB9B,MAAM,CAACiC,MAAM,IAAI;QAClE,CAAC,EACD;UACIuE,GAAG,EAAE,yBAAyB;UAC9BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,+BAA+B;UACvCC,QAAQ,EAAErH,MAAM,CAACwC,WAAW,uBAAuBqE,YAAY;QACnE,CAAC,EACD;UACIK,GAAG,EAAE,kBAAkB;UACvBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,sBAAsB,CAAC;UACnDC,QAAQ,EAAE1G,KAAK,CAACgD;QACpB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_clientDynamodb","_awsLayers","_lambdaUtils","_common","_awsUtils","_constants","createPrerenderingService","app","params","queue","addResource","sqs","Queue","name","config","visibilityTimeoutSeconds","fifoQueue","policy","createLambdaPolicy","output","renderer","createRenderer","subscriber","createRenderSubscriber","flush","createFlushService","settings","createPrerenderingSettingsDbItem","tableItem","dynamodb","TableItem","tableName","dbTableName","hashKey","dbTableHashKey","rangeKey","dbTableRangeKey","item","interpolate","appUrl","deliveryUrl","bucket","cloudfrontId","url","apply","v","JSON","stringify","marshall","parse","core","getModule","CoreOutput","role","createLambdaRole","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","getCommonLambdaEnvVariables","value","DB_TABLE","DB_TABLE_LOG","logDbTableName","description","code","asset","AssetArchive","FileArchive","join","paths","workspace","vpcConfig","VpcConfig","functionVpcConfig","eventRule","cloudwatch","EventRule","eventBusName","eventBusArn","eventPattern","eventPermission","Permission","action","function","principal","sourceArn","eventTarget","EventTarget","rule","executionRole","iam","ManagedPolicy","AWSLambdaSQSQueueExecutionRole","layers","getLayerArn","eventSourceMapping","EventSourceMapping","functionName","eventSourceArn","batchSize","awsAccountId","getAwsAccountId","Policy","Version","Statement","Sid","Effect","Action","Resource","s","resources","primaryDynamodbTableArn","logDynamodbTableArn","elasticsearchDynamodbTableArn","push"],"sources":["WebsitePrerendering.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { marshall } from \"@webiny/aws-sdk/client-dynamodb\";\n\nimport type { PulumiApp } from \"@webiny/pulumi\";\nimport { getLayerArn } from \"@webiny/aws-layers\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\n\ninterface PreRenderingServiceParams {\n dbTableName: pulumi.Output<string>;\n dbTableHashKey: pulumi.Output<string>;\n dbTableRangeKey: pulumi.Output<string>;\n logDbTableName: pulumi.Output<string>;\n appUrl: pulumi.Output<string>;\n deliveryUrl: pulumi.Output<string>;\n bucket: pulumi.Output<string>;\n cloudfrontId: pulumi.Output<string>;\n}\n\nexport function createPrerenderingService(app: PulumiApp, params: PreRenderingServiceParams) {\n const queue = app.addResource(aws.sqs.Queue, {\n name: \"ps-render-queue\",\n config: {\n visibilityTimeoutSeconds: 300,\n fifoQueue: true\n }\n });\n\n const policy = createLambdaPolicy(app, queue.output, params);\n const renderer = createRenderer(app, queue.output, policy.output, params);\n const subscriber = createRenderSubscriber(app, policy.output, params);\n const flush = createFlushService(app, policy.output, params);\n const settings = createPrerenderingSettingsDbItem(app, queue.output, params);\n\n return {\n subscriber,\n renderer,\n flush,\n settings\n };\n}\n\nfunction createPrerenderingSettingsDbItem(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n /**\n * To handle everything related to prerendering, we need the following information:\n * - appUrl - SPA URL used to prerender HTML\n * - bucket - name of the S3 bucket used for storage of HTML snapshots\n * - cloudfrontId - for cache invalidation\n * - sqsQueueUrl - an SQS queue for prerendering tasks (messages)\n */\n const tableItem = app.addResource(aws.dynamodb.TableItem, {\n name: \"psSettings\",\n config: {\n tableName: params.dbTableName,\n hashKey: params.dbTableHashKey,\n rangeKey: params.dbTableRangeKey,\n item: pulumi.interpolate`{\n \"PK\": \"PS#SETTINGS\",\n \"SK\": \"default\",\n \"data\": {\n \"appUrl\": \"${params.appUrl}\",\n \"deliveryUrl\": \"${params.deliveryUrl}\",\n \"bucket\": \"${params.bucket}\",\n \"cloudfrontId\": \"${params.cloudfrontId}\",\n \"sqsQueueUrl\": \"${queue.url}\"\n }\n }`\n // We're using the native DynamoDB converter to avoid building those nested objects ourselves.\n .apply(v => JSON.stringify(marshall(JSON.parse(v))))\n }\n });\n\n return { tableItem };\n}\n\nfunction createRenderSubscriber(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-render-subscriber-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-subscriber-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Subscribes to render events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/subscribe/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n /**\n * TODO: when we get to staged rollouts and variants, maybe we can create per-variant event rules,\n * to avoid invocation of all variant lambdas just to do a `detail-type` check and exit early.\n * That way, we would be publishing events scoped to a variant, like \"RenderPages-{variant}\".\n */\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-render-subscriber-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"RenderPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-render-subscriber-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-render-subscriber-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createRenderer(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const role = createLambdaRole(app, {\n name: \"ps-render-lambda-role\",\n policy: policy,\n executionRole: aws.iam.ManagedPolicy.AWSLambdaSQSQueueExecutionRole\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-render-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 300,\n memorySize: 2048,\n layers: [getLayerArn(\"chromium\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Renders pages and stores output in an S3 bucket of choice.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/render/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"ps-render-event-source-mapping\",\n config: {\n functionName: lambda.output.arn,\n eventSourceArn: queue.arn,\n batchSize: 1\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventSourceMapping\n };\n}\n\nfunction createFlushService(\n app: PulumiApp,\n policy: pulumi.Output<aws.iam.Policy>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n\n const role = createLambdaRole(app, {\n name: \"ps-flush-lambda-role\",\n policy: policy\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"ps-flush-lambda\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 1024,\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n DB_TABLE: params.dbTableName,\n DB_TABLE_LOG: params.logDbTableName\n }))\n },\n description: \"Subscribes to flush events on event bus\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"prerendering/flush/build\")\n )\n }),\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: \"ps-flush-event-rule\",\n config: {\n eventBusName: core.eventBusArn,\n eventPattern: JSON.stringify({\n \"detail-type\": [\"FlushPages\"]\n })\n }\n });\n\n const eventPermission = app.addResource(aws.lambda.Permission, {\n name: \"ps-flush-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: lambda.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: \"ps-flush-event-target\",\n config: {\n rule: eventRule.output.name,\n eventBusName: core.eventBusArn,\n arn: lambda.output.arn\n }\n });\n\n return {\n policy,\n role,\n lambda,\n eventRule,\n eventPermission,\n eventTarget\n };\n}\n\nfunction createLambdaPolicy(\n app: PulumiApp,\n queue: pulumi.Output<aws.sqs.Queue>,\n params: PreRenderingServiceParams\n) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ps-lambda-policy\",\n config: {\n description: \"This policy enables access to Lambda, S3, Cloudfront, SQS and Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: core.apply(s => {\n // Add permissions to DynamoDB table\n const resources = [\n `${s.primaryDynamodbTableArn}`,\n `${s.primaryDynamodbTableArn}/*`,\n `${s.logDynamodbTableArn}`,\n `${s.logDynamodbTableArn}/*`\n ];\n\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n if (s.elasticsearchDynamodbTableArn) {\n resources.push(\n `${s.elasticsearchDynamodbTableArn}`,\n `${s.elasticsearchDynamodbTableArn}/*`\n );\n }\n\n return resources;\n })\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\"s3:DeleteObject\", \"s3:GetObject\", \"s3:PutObject\"],\n Resource: [pulumi.interpolate`arn:aws:s3:::${params.bucket}/*`]\n },\n {\n Sid: \"PermissionForCloudfront\",\n Effect: \"Allow\",\n Action: \"cloudfront:CreateInvalidation\",\n Resource: pulumi.interpolate`arn:aws:cloudfront::${awsAccountId}:distribution/*`\n },\n {\n Sid: \"PermissionForSQS\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\", \"sqs:SendMessageBatch\"],\n Resource: queue.arn\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AAGA,IAAAI,UAAA,GAAAJ,OAAA;AAEA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAaO,SAASS,yBAAyBA,CAACC,GAAc,EAAEC,MAAiC,EAAE;EACzF,MAAMC,KAAK,GAAGF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,KAAK,EAAE;IACzCC,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJC,wBAAwB,EAAE,GAAG;MAC7BC,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,kBAAkB,CAACX,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMY,QAAQ,GAAGC,cAAc,CAACd,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEF,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACzE,MAAMc,UAAU,GAAGC,sBAAsB,CAAChB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EACrE,MAAMgB,KAAK,GAAGC,kBAAkB,CAAClB,GAAG,EAAEU,MAAM,CAACE,MAAM,EAAEX,MAAM,CAAC;EAC5D,MAAMkB,QAAQ,GAAGC,gCAAgC,CAACpB,GAAG,EAAEE,KAAK,CAACU,MAAM,EAAEX,MAAM,CAAC;EAE5E,OAAO;IACHc,UAAU;IACVF,QAAQ;IACRI,KAAK;IACLE;EACJ,CAAC;AACL;AAEA,SAASC,gCAAgCA,CACrCpB,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAMoB,SAAS,GAAGrB,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC8B,QAAQ,CAACC,SAAS,EAAE;IACtDjB,IAAI,EAAE,YAAY;IAClBC,MAAM,EAAE;MACJiB,SAAS,EAAEvB,MAAM,CAACwB,WAAW;MAC7BC,OAAO,EAAEzB,MAAM,CAAC0B,cAAc;MAC9BC,QAAQ,EAAE3B,MAAM,CAAC4B,eAAe;MAChCC,IAAI,EAAEvC,MAAM,CAACwC,WAAW;AACpC;AACA;AACA;AACA,iCAAiC9B,MAAM,CAAC+B,MAAM;AAC9C,sCAAsC/B,MAAM,CAACgC,WAAW;AACxD,iCAAiChC,MAAM,CAACiC,MAAM;AAC9C,uCAAuCjC,MAAM,CAACkC,YAAY;AAC1D,sCAAsCjC,KAAK,CAACkC,GAAG;AAC/C;AACA;MACgB;MAAA,CACCC,KAAK,CAACC,CAAC,IAAIC,IAAI,CAACC,SAAS,CAAC,IAAAC,wBAAQ,EAACF,IAAI,CAACG,KAAK,CAACJ,CAAC,CAAC,CAAC,CAAC;IAC3D;EACJ,CAAC,CAAC;EAEF,OAAO;IAAEjB;EAAU,CAAC;AACxB;AAEA,SAASL,sBAAsBA,CAC3BhB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,2BAA2B;IACjCI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMsC,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,6BAA6B;IACnCC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,0CAA0C;MACvDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,8BAA8B,CACjE;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;;EAEF;AACJ;AACA;AACA;AACA;;EAEI,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,iCAAiC;IACvCC,MAAM,EAAE;MACJsE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9BC,YAAY,EAAExC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,aAAa;MACjC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMwC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACiC,UAAU,EAAE;IAC3D3E,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEnC,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC3BkC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACsC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMoC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,mCAAmC;IACzCC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9B5B,GAAG,EAAEF,MAAM,CAACpC,MAAM,CAACsC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACHxC,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN0B,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAASxE,cAAcA,CACnBd,GAAc,EACdE,KAAmC,EACnCQ,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM6C,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,uBAAuB;IAC7BI,MAAM,EAAEA,MAAM;IACd+E,aAAa,EAAEjG,GAAG,CAACkG,GAAG,CAACC,aAAa,CAACC;EACzC,CAAC,CAAC;EAEF,MAAM5C,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,GAAG;MACZC,UAAU,EAAE,IAAI;MAChBsC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,UAAU,CAAC,CAAC;MACjCtC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,4DAA4D;MACzEC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,2BAA2B,CAC9D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMsB,kBAAkB,GAAG/F,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACgD,kBAAkB,EAAE;IACtE1F,IAAI,EAAE,gCAAgC;IACtCC,MAAM,EAAE;MACJ0F,YAAY,EAAEjD,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC/BgD,cAAc,EAAEhG,KAAK,CAACgD,GAAG;MACzBiD,SAAS,EAAE;IACf;EACJ,CAAC,CAAC;EAEF,OAAO;IACHzF,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN+C;EACJ,CAAC;AACL;AAEA,SAAS7E,kBAAkBA,CACvBlB,GAAc,EACdU,MAAqC,EACrCT,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAAC/C,GAAG,EAAE;IAC/BM,IAAI,EAAE,sBAAsB;IAC5BI,MAAM,EAAEA;EACZ,CAAC,CAAC;EAEF,MAAMsC,MAAM,GAAGhD,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACC,QAAQ,EAAE;IAChD3C,IAAI,EAAE,iBAAiB;IACvBC,MAAM,EAAE;MACJuC,IAAI,EAAEA,IAAI,CAAClC,MAAM,CAACsC,GAAG;MACrBC,OAAO,EAAEC,yBAAc;MACvBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACrB,KAAK,CAACsB,KAAK,KAAK;UACrD,GAAGA,KAAK;UACRC,QAAQ,EAAE3D,MAAM,CAACwB,WAAW;UAC5BoC,YAAY,EAAE5D,MAAM,CAAC6D;QACzB,CAAC,CAAC;MACN,CAAC;MACDC,WAAW,EAAE,yCAAyC;MACtDC,IAAI,EAAE,IAAIzE,MAAM,CAAC0E,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAI3E,MAAM,CAAC0E,KAAK,CAACE,WAAW,CAC7B/E,IAAI,CAACgF,IAAI,CAACpE,GAAG,CAACqE,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,SAAS,EAAEvE,GAAG,CAAC4C,SAAS,CAAC4B,iBAAS,CAAC,CAACC;IACxC;EACJ,CAAC,CAAC;EAEF,MAAMC,SAAS,GAAG1E,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACC,SAAS,EAAE;IACxDtE,IAAI,EAAE,qBAAqB;IAC3BC,MAAM,EAAE;MACJsE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9BC,YAAY,EAAExC,IAAI,CAACC,SAAS,CAAC;QACzB,aAAa,EAAE,CAAC,YAAY;MAChC,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMwC,eAAe,GAAGhF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACwD,MAAM,CAACiC,UAAU,EAAE;IAC3D3E,IAAI,EAAE,2BAA2B;IACjCC,MAAM,EAAE;MACJ2E,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEnC,MAAM,CAACpC,MAAM,CAACsC,GAAG;MAC3BkC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEX,SAAS,CAAC9D,MAAM,CAACsC;IAChC;EACJ,CAAC,CAAC;EAEF,MAAMoC,WAAW,GAAGtF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACmF,UAAU,CAACY,WAAW,EAAE;IAC5DjF,IAAI,EAAE,uBAAuB;IAC7BC,MAAM,EAAE;MACJiF,IAAI,EAAEd,SAAS,CAAC9D,MAAM,CAACN,IAAI;MAC3BuE,YAAY,EAAElC,IAAI,CAACmC,WAAW;MAC9B5B,GAAG,EAAEF,MAAM,CAACpC,MAAM,CAACsC;IACvB;EACJ,CAAC,CAAC;EAEF,OAAO;IACHxC,MAAM;IACNoC,IAAI;IACJE,MAAM;IACN0B,SAAS;IACTM,eAAe;IACfM;EACJ,CAAC;AACL;AAEA,SAAS3E,kBAAkBA,CACvBX,GAAc,EACdE,KAAmC,EACnCD,MAAiC,EACnC;EACE,MAAM0C,IAAI,GAAG3C,GAAG,CAAC4C,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMuD,YAAY,GAAG,IAAAC,yBAAe,EAACrG,GAAG,CAAC;EAEzC,OAAOA,GAAG,CAACG,WAAW,CAACX,GAAG,CAACkG,GAAG,CAACY,MAAM,EAAE;IACnChG,IAAI,EAAE,kBAAkB;IACxBC,MAAM,EAAE;MACJwD,WAAW,EAAE,wEAAwE;MACrFrD,MAAM,EAAE;QACJ6F,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,qBAAqB,EACrB,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,qBAAqB,CACxB;UACDC,QAAQ,EAAEjE,IAAI,CAACN,KAAK,CAACwE,CAAC,IAAI;YACtB;YACA,MAAMC,SAAS,GAAG,CACd,GAAGD,CAAC,CAACE,uBAAuB,EAAE,EAC9B,GAAGF,CAAC,CAACE,uBAAuB,IAAI,EAChC,GAAGF,CAAC,CAACG,mBAAmB,EAAE,EAC1B,GAAGH,CAAC,CAACG,mBAAmB,IAAI,CAC/B;;YAED;YACA,IAAIH,CAAC,CAACI,6BAA6B,EAAE;cACjCH,SAAS,CAACI,IAAI,CACV,GAAGL,CAAC,CAACI,6BAA6B,EAAE,EACpC,GAAGJ,CAAC,CAACI,6BAA6B,IACtC,CAAC;YACL;YAEA,OAAOH,SAAS;UACpB,CAAC;QACL,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,cAAc,EAAE,cAAc,CAAC;UAC3DC,QAAQ,EAAE,CAACrH,MAAM,CAACwC,WAAW,gBAAgB9B,MAAM,CAACiC,MAAM,IAAI;QAClE,CAAC,EACD;UACIuE,GAAG,EAAE,yBAAyB;UAC9BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,+BAA+B;UACvCC,QAAQ,EAAErH,MAAM,CAACwC,WAAW,uBAAuBqE,YAAY;QACnE,CAAC,EACD;UACIK,GAAG,EAAE,kBAAkB;UACvBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,iBAAiB,EAAE,sBAAsB,CAAC;UACnDC,QAAQ,EAAE1G,KAAK,CAACgD;QACpB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/apps/website/createWebsitePulumiApp.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  import * as pulumi from "@pulumi/pulumi";
2
2
  import * as aws from "@pulumi/aws";
3
- import { PulumiAppParam, PulumiAppParamCallback } from "@webiny/pulumi";
4
- import { CustomDomainParams } from "../customDomain";
3
+ import type { PulumiAppParam, PulumiAppParamCallback } from "@webiny/pulumi";
4
+ import type { CustomDomainParams } from "../customDomain";
5
5
  export type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;
6
6
  export interface CreateWebsitePulumiAppParams {
7
7
  /**
package/apps/website/createWebsitePulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["pulumi","_interopRequireWildcard","require","aws","_fs","_interopRequireDefault","_pulumi2","_createAppBucket","_customDomain","_WebsitePrerendering","_","_utils","_tenantRouter","_withServiceManifest","_constants","_variant","_env","_projectName","createWebsitePulumiApp","projectAppParams","baseApp","createPulumiApp","name","path","config","program","app","pulumiResourceNamePrefix","getParam","onResource","resource","startsWith","addHandler","productionEnvironments","params","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","core","addModule","CoreOutput","ApiOutput","vpcEnabled","vpc","VpcConfig","enabled","appBucket","createPrivateAppBucket","appCloudfront","addResource","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","opts","ignoreChanges","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","logDbTableName","logDynamodbTableName","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","previewDomains","process","WCP_PROJECT_ENVIRONMENT","WEBINY_MULTI_TENANCY","originLambda","applyTenantRouter","addOutputs","websiteRouterOriginRequestFunction","appId","appStorage","deliveryId","deliveryStorage","addDomainsUrlsOutputs","cloudfrontDistribution","map","distributionDomain","distributionUrl","usedDomain","usedUrl","tagResources","WbyProjectName","getEnvVariableWebinyProjectName","WbyEnvironment","getEnvVariableWebinyEnv","WbyEnvironmentVariant","getEnvVariableWebinyVariant","preview","delivery","withServiceManifest","withCommonLambdaEnvVariables","resources","addServiceManifest","manifest","distributionId","bucketDomainName","bucketRegionalDomainName","exports"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport { createPulumiApp, PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport { applyCustomDomain, CustomDomainParams } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { ApiOutput, CoreOutput, VpcConfig } from \"~/apps\";\nimport { addDomainsUrlsOutputs, tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\nimport { withServiceManifest } from \"~/utils/withServiceManifest\";\nimport { DEFAULT_PROD_ENV_NAMES } from \"~/constants\";\nimport { getEnvVariableWebinyVariant } from \"~/env/variant\";\nimport { getEnvVariableWebinyEnv } from \"~/env/env\";\nimport { getEnvVariableWebinyProjectName } from \"~/env/projectName\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /**\n * Custom domain(s) configuration.\n */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Custom preview domain(s) configuration.\n */\n previewDomains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const baseApp = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n // Register core and api output as a module, to be available to all other modules.\n const core = app.addModule(CoreOutput);\n app.addModule(ApiOutput);\n\n // Register VPC config module to be available to other modules.\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n app.addModule(VpcConfig, { enabled: vpcEnabled });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n },\n opts: {\n // We are ignoring changes to the \"staging\" property. This is because of the following.\n // With the 5.41.0 release of Webiny, we also upgraded Pulumi to v6. This introduced a change\n // with how Cloudfront distributions are deployed, where Pulumi now also controls the new\n // `staging` property.\n // If not set, Pulumi will default it to `false`. Which is fine, but, the problem is\n // that, because this property did not exist before, it will always be considered as a change\n // upon deployment.\n // We might think this is fine, but, the problem is that a change in this property causes\n // a full replacement of the Cloudfront distribution, which is not acceptable. Especially\n // if a custom domain has already been associated with the distribution. This then would\n // require the user to disassociate the domain, wait for the distribution to be replaced,\n // and then re-associate the domain. This is not a good experience.\n ignoreChanges: [\"staging\"]\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n },\n // This forward is necessary for non-WCP projects. For WCP projects, the\n // forwarding is performed by the `website-router` Lambda@Edge function.\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/robots.txt\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n },\n opts: {\n // Check the comment in the `appCloudfront` resource above for more info.\n ignoreChanges: [\"staging\"]\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n logDbTableName: core.logDynamodbTableName,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n const previewDomains = app.getParam(projectAppParams.previewDomains);\n if (previewDomains) {\n applyCustomDomain(appCloudfront, previewDomains);\n }\n\n if (\n process.env.WCP_PROJECT_ENVIRONMENT ||\n process.env.WEBINY_MULTI_TENANCY === \"true\"\n ) {\n const { originLambda } = applyTenantRouter(app, deliveryCloudfront);\n\n app.addHandler(() => {\n app.addOutputs({\n websiteRouterOriginRequestFunction: originLambda.output.name\n });\n });\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id\n });\n\n app.addHandler(() => {\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: appCloudfront,\n map: {\n distributionDomain: \"cloudfrontAppDomain\",\n distributionUrl: \"cloudfrontAppUrl\",\n usedDomain: \"appDomain\",\n usedUrl: \"appUrl\"\n }\n });\n\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: deliveryCloudfront,\n map: {\n distributionDomain: \"cloudfrontDeliveryDomain\",\n distributionUrl: \"cloudfrontDeliveryUrl\",\n usedDomain: \"deliveryDomain\",\n usedUrl: \"deliveryUrl\"\n }\n });\n });\n\n tagResources({\n WbyProjectName: getEnvVariableWebinyProjectName(),\n WbyEnvironment: getEnvVariableWebinyEnv(),\n WbyEnvironmentVariant: getEnvVariableWebinyVariant()\n });\n\n return {\n prerendering,\n\n // \"preview\" and \"app\" are the same.\n // We introduced \"preview\" just because it's the word we use when talking about\n // Page Builder and \"previewing\" pages. In other words, the \"preview\" property\n // contains all resources related to serving page previews, unlike \"delivery\",\n // which is used to serve published pages to actual website visitors.\n // The \"app\" property was still left here just for backwards compatibility.\n preview: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n const app = withServiceManifest(withCommonLambdaEnvVariables(baseApp));\n\n app.addHandler(() => {\n const preview = baseApp.resources.preview;\n const delivery = baseApp.resources.delivery;\n\n app.addServiceManifest({\n name: \"website\",\n manifest: {\n preview: {\n cloudfront: {\n distributionId: preview.cloudfront.output.id,\n domainName: preview.cloudfront.output.domainName\n },\n bucket: {\n name: preview.bucket.output.id,\n arn: preview.bucket.output.arn,\n bucketDomainName: preview.bucket.output.bucketDomainName,\n bucketRegionalDomainName: preview.bucket.output.bucketRegionalDomainName\n }\n },\n delivery: {\n cloudfront: {\n distributionId: delivery.cloudfront.output.id,\n domainName: delivery.cloudfront.output.domainName\n },\n bucket: {\n name: delivery.bucket.output.id,\n arn: delivery.bucket.output.arn,\n bucketDomainName: delivery.bucket.output.bucketDomainName,\n bucketRegionalDomainName: delivery.bucket.output.bucketRegionalDomainName\n }\n }\n }\n });\n });\n\n return app;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,GAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAL,OAAA;AACA,IAAAM,aAAA,GAAAN,OAAA;AACA,IAAAO,oBAAA,GAAAP,OAAA;AACA,IAAAQ,CAAA,GAAAR,OAAA;AACA,IAAAS,MAAA,GAAAT,OAAA;AACA,IAAAU,aAAA,GAAAV,OAAA;AACA,IAAAW,oBAAA,GAAAX,OAAA;AACA,IAAAY,UAAA,GAAAZ,OAAA;AACA,IAAAa,QAAA,GAAAb,OAAA;AACA,IAAAc,IAAA,GAAAd,OAAA;AACA,IAAAe,YAAA,GAAAf,OAAA;AAwCO,MAAMgB,sBAAsB,GAAGA,CAACC,gBAA8C,GAAG,CAAC,CAAC,KAAK;EAC3F,MAAMC,OAAO,GAAG,IAAAC,wBAAe,EAAC;IAC5BC,IAAI,EAAE,SAAS;IACfC,IAAI,EAAE,cAAc;IACpBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAMC,GAAG,IAAI;MAClB,MAAMC,wBAAwB,GAAGD,GAAG,CAACE,QAAQ,CACzCT,gBAAgB,CAACQ,wBACrB,CAAC;MACD,IAAIA,wBAAwB,EAAE;QAC1BD,GAAG,CAACG,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAACR,IAAI,CAACS,UAAU,CAACJ,wBAAwB,CAAC,EAAE;YACrDG,QAAQ,CAACR,IAAI,GAAG,GAAGK,wBAAwB,GAAGG,QAAQ,CAACR,IAAI,EAAE;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAACnB,MAAM,EAAE;QACzB0B,GAAG,CAACM,UAAU,CAAC,MAAM;UACjB,OAAOb,gBAAgB,CAACnB,MAAM,CAAE0B,GAAuB,CAAC;QAC5D,CAAC,CAAC;MACN;MAEA,MAAMO,sBAAsB,GACxBP,GAAG,CAACQ,MAAM,CAACC,MAAM,CAACF,sBAAsB,IAAIG,iCAAsB;MACtE,MAAMC,YAAY,GAAGJ,sBAAsB,CAACK,QAAQ,CAACZ,GAAG,CAACQ,MAAM,CAACK,GAAG,CAACC,GAAG,CAAC;;MAExE;MACA,MAAMC,IAAI,GAAGf,GAAG,CAACgB,SAAS,CAACC,YAAU,CAAC;MACtCjB,GAAG,CAACgB,SAAS,CAACE,WAAS,CAAC;;MAExB;MACA,MAAMC,UAAU,GAAGnB,GAAG,CAACE,QAAQ,CAACT,gBAAgB,EAAE2B,GAAG,CAAC,IAAIT,YAAY;MACtEX,GAAG,CAACgB,SAAS,CAACK,WAAS,EAAE;QAAEC,OAAO,EAAEH;MAAW,CAAC,CAAC;MAEjD,MAAMI,SAAS,GAAG,IAAAC,uCAAsB,EAACxB,GAAG,EAAE,KAAK,CAAC;MAEpD,MAAMyB,aAAa,GAAGzB,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACC,YAAY,EAAE;QAC/DhC,IAAI,EAAE,KAAK;QACXE,MAAM,EAAE;UACJwB,OAAO,EAAE,IAAI;UACbO,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAACP,SAAS,CAACQ,MAAM,CAAC;UAC3BC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK,QAAQ;YACzCC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,CAAC;YACbC,MAAM,EAAE;UACZ,CAAC;UACDC,UAAU,EAAE,gBAAgB;UAC5BC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAG;YAAEC,YAAY,EAAE,GAAG;YAAEC,gBAAgB,EAAE;UAAc,CAAC,CACzE;UACDC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ,CAAC;QACDC,IAAI,EAAE;UACF;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACAC,aAAa,EAAE,CAAC,SAAS;QAC7B;MACJ,CAAC,CAAC;MAEF,MAAMC,cAAc,GAAG,IAAAnC,uCAAsB,EAACxB,GAAG,EAAE,UAAU,CAAC;;MAE9D;AACZ;AACA;AACA;AACA;MACY,MAAM4D,aAAa,GAAG5D,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACkC,QAAQ,EAAE;QAC3DjE,IAAI,EAAE,iBAAiB;QACvBE,MAAM,EAAE;UACJgE,OAAO,EAAE,mBAAmB;UAC5BC,OAAO,EAAE,IAAI;UACbC,IAAI,EAAEC,WAAE,CAACC,YAAY,CAACC,SAAS,GAAG,2BAA2B,EAAE,MAAM;QACzE;MACJ,CAAC,CAAC;MAEF,MAAMC,kBAAkB,GAAGpE,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACC,YAAY,EAAE;QACpEhC,IAAI,EAAE,UAAU;QAChBE,MAAM,EAAE;UACJwB,OAAO,EAAE,IAAI;UACbO,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAAC6B,cAAc,CAAC5B,MAAM,EAAER,SAAS,CAACQ,MAAM,CAAC;UAClDC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEwB,cAAc,CAAC5B,MAAM,CAACK,QAAQ;YAC9CC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC8B,qBAAqB,EAAE,EAAE;YACzB7B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,EAAE;YACdC,MAAM,EAAE,EAAE;YACVwB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAM,CAACC,GAAG;cAAEC,SAAS,EAAE;YAAiB,CAAC;UAE9E,CAAC;UACDC,qBAAqB,EAAE,CACnB;YACIzC,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDkC,OAAO,EAAE,EAAE;cACXjC,WAAW,EAAE;YACjB,CAAC;YACDkC,WAAW,EAAE,WAAW;YACxBxC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK,QAAQ;YACzC;YACAQ,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,OAAO;YAAE;YACrBC,MAAM,EAAE;UACZ,CAAC;UACD;UACA;UACA;YACIZ,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDkC,OAAO,EAAE,EAAE;cACXjC,WAAW,EAAE;YACjB,CAAC;YACDkC,WAAW,EAAE,aAAa;YAC1BxC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK;UACrC,CAAC,CACJ;UACDY,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GAAG;YACdC,YAAY,EAAE,GAAG;YACjBC,gBAAgB,EAAE;UACtB,CAAC,CACJ;UACDJ,UAAU,EAAE,gBAAgB;UAC5BK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ,CAAC;QACDC,IAAI,EAAE;UACF;UACAC,aAAa,EAAE,CAAC,SAAS;QAC7B;MACJ,CAAC,CAAC;MAEF,MAAMoB,YAAY,GAAG,IAAAC,8CAAyB,EAAC/E,GAAG,EAAE;QAChDgF,WAAW,EAAEjE,IAAI,CAACkE,wBAAwB;QAC1CC,cAAc,EAAEnE,IAAI,CAACoE,2BAA2B;QAChDC,eAAe,EAAErE,IAAI,CAACsE,4BAA4B;QAClDC,cAAc,EAAEvE,IAAI,CAACwE,oBAAoB;QACzCC,MAAM,EAAElH,MAAM,CAACmH,WAAW,WAAWhE,aAAa,CAAC+C,MAAM,CAACkB,UAAU,EAAE;QACtEC,WAAW,EAAErH,MAAM,CAACmH,WAAW,WAAWrB,kBAAkB,CAACI,MAAM,CAACkB,UAAU,EAAE;QAChFE,MAAM,EAAEjC,cAAc,CAACiC,MAAM,CAACpB,MAAM,CAACoB,MAAM;QAC3CC,YAAY,EAAEzB,kBAAkB,CAACI,MAAM,CAACsB;MAC5C,CAAC,CAAC;MAEF,MAAMC,OAAO,GAAG/F,GAAG,CAACE,QAAQ,CAACT,gBAAgB,CAACsG,OAAO,CAAC;MACtD,IAAIA,OAAO,EAAE;QACT,IAAAC,+BAAiB,EAAC5B,kBAAkB,EAAE2B,OAAO,CAAC;MAClD;MAEA,MAAME,cAAc,GAAGjG,GAAG,CAACE,QAAQ,CAACT,gBAAgB,CAACwG,cAAc,CAAC;MACpE,IAAIA,cAAc,EAAE;QAChB,IAAAD,+BAAiB,EAACvE,aAAa,EAAEwE,cAAc,CAAC;MACpD;MAEA,IACIC,OAAO,CAACpF,GAAG,CAACqF,uBAAuB,IACnCD,OAAO,CAACpF,GAAG,CAACsF,oBAAoB,KAAK,MAAM,EAC7C;QACE,MAAM;UAAEC;QAAa,CAAC,GAAG,IAAAC,+BAAiB,EAACtG,GAAG,EAAEoE,kBAAkB,CAAC;QAEnEpE,GAAG,CAACM,UAAU,CAAC,MAAM;UACjBN,GAAG,CAACuG,UAAU,CAAC;YACXC,kCAAkC,EAAEH,YAAY,CAAC7B,MAAM,CAAC5E;UAC5D,CAAC,CAAC;QACN,CAAC,CAAC;MACN;MAEAI,GAAG,CAACuG,UAAU,CAAC;QACX;QACA;QACA;QACAE,KAAK,EAAEhF,aAAa,CAAC+C,MAAM,CAACsB,EAAE;QAC9BY,UAAU,EAAEnF,SAAS,CAACqE,MAAM,CAACpB,MAAM,CAACsB,EAAE;QAEtC;QACA;QACA;QACAa,UAAU,EAAEvC,kBAAkB,CAACI,MAAM,CAACsB,EAAE;QACxCc,eAAe,EAAEjD,cAAc,CAACiC,MAAM,CAACpB,MAAM,CAACsB;MAClD,CAAC,CAAC;MAEF9F,GAAG,CAACM,UAAU,CAAC,MAAM;QACjB,IAAAuG,4BAAqB,EAAC;UAClB7G,GAAG;UACH8G,sBAAsB,EAAErF,aAAa;UACrCsF,GAAG,EAAE;YACDC,kBAAkB,EAAE,qBAAqB;YACzCC,eAAe,EAAE,kBAAkB;YACnCC,UAAU,EAAE,WAAW;YACvBC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;QAEF,IAAAN,4BAAqB,EAAC;UAClB7G,GAAG;UACH8G,sBAAsB,EAAE1C,kBAAkB;UAC1C2C,GAAG,EAAE;YACDC,kBAAkB,EAAE,0BAA0B;YAC9CC,eAAe,EAAE,uBAAuB;YACxCC,UAAU,EAAE,gBAAgB;YAC5BC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;MACN,CAAC,CAAC;MAEF,IAAAC,mBAAY,EAAC;QACTC,cAAc,EAAE,IAAAC,4CAA+B,EAAC,CAAC;QACjDC,cAAc,EAAE,IAAAC,4BAAuB,EAAC,CAAC;QACzCC,qBAAqB,EAAE,IAAAC,oCAA2B,EAAC;MACvD,CAAC,CAAC;MAEF,OAAO;QACH5C,YAAY;QAEZ;QACA;QACA;QACA;QACA;QACA;QACA6C,OAAO,EAAE;UACL,GAAGpG,SAAS;UACZI,UAAU,EAAEF;QAChB,CAAC;QACDzB,GAAG,EAAE;UACD,GAAGuB,SAAS;UACZI,UAAU,EAAEF;QAChB,CAAC;QAEDmG,QAAQ,EAAE;UACN,GAAGjE,cAAc;UACjBhC,UAAU,EAAEyC;QAChB;MACJ,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMpE,GAAG,GAAG,IAAA6H,wCAAmB,EAAC,IAAAC,mCAA4B,EAACpI,OAAO,CAAC,CAAC;EAEtEM,GAAG,CAACM,UAAU,CAAC,MAAM;IACjB,MAAMqH,OAAO,GAAGjI,OAAO,CAACqI,SAAS,CAACJ,OAAO;IACzC,MAAMC,QAAQ,GAAGlI,OAAO,CAACqI,SAAS,CAACH,QAAQ;IAE3C5H,GAAG,CAACgI,kBAAkB,CAAC;MACnBpI,IAAI,EAAE,SAAS;MACfqI,QAAQ,EAAE;QACNN,OAAO,EAAE;UACLhG,UAAU,EAAE;YACRuG,cAAc,EAAEP,OAAO,CAAChG,UAAU,CAAC6C,MAAM,CAACsB,EAAE;YAC5CJ,UAAU,EAAEiC,OAAO,CAAChG,UAAU,CAAC6C,MAAM,CAACkB;UAC1C,CAAC;UACDE,MAAM,EAAE;YACJhG,IAAI,EAAE+H,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAACsB,EAAE;YAC9BrB,GAAG,EAAEkD,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAACC,GAAG;YAC9B0D,gBAAgB,EAAER,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAAC2D,gBAAgB;YACxDC,wBAAwB,EAAET,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAAC4D;UACpD;QACJ,CAAC;QACDR,QAAQ,EAAE;UACNjG,UAAU,EAAE;YACRuG,cAAc,EAAEN,QAAQ,CAACjG,UAAU,CAAC6C,MAAM,CAACsB,EAAE;YAC7CJ,UAAU,EAAEkC,QAAQ,CAACjG,UAAU,CAAC6C,MAAM,CAACkB;UAC3C,CAAC;UACDE,MAAM,EAAE;YACJhG,IAAI,EAAEgI,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAACsB,EAAE;YAC/BrB,GAAG,EAAEmD,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAACC,GAAG;YAC/B0D,gBAAgB,EAAEP,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAAC2D,gBAAgB;YACzDC,wBAAwB,EAAER,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAAC4D;UACrD;QACJ;MACJ;IACJ,CAAC,CAAC;EACN,CAAC,CAAC;EAEF,OAAOpI,GAAG;AACd,CAAC;AAACqI,OAAA,CAAA7I,sBAAA,GAAAA,sBAAA","ignoreList":[]}
1
+ {"version":3,"names":["pulumi","_interopRequireWildcard","require","aws","_fs","_interopRequireDefault","_pulumi2","_createAppBucket","_customDomain","_WebsitePrerendering","_","_utils","_tenantRouter","_withServiceManifest","_constants","_variant","_env","_projectName","createWebsitePulumiApp","projectAppParams","baseApp","createPulumiApp","name","path","config","program","app","pulumiResourceNamePrefix","getParam","onResource","resource","startsWith","addHandler","productionEnvironments","params","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","core","addModule","CoreOutput","ApiOutput","vpcEnabled","vpc","VpcConfig","enabled","appBucket","createPrivateAppBucket","appCloudfront","addResource","cloudfront","Distribution","waitForDeployment","origins","origin","defaultRootObject","defaultCacheBehavior","compress","targetOriginId","originId","viewerProtocolPolicy","allowedMethods","cachedMethods","forwardedValues","cookies","forward","queryString","minTtl","defaultTtl","maxTtl","priceClass","customErrorResponses","errorCode","responseCode","responsePagePath","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","opts","ignoreChanges","deliveryBucket","viewerRequest","Function","runtime","publish","code","fs","readFileSync","__dirname","deliveryCloudfront","originRequestPolicyId","functionAssociations","functionArn","output","arn","eventType","orderedCacheBehaviors","headers","pathPattern","prerendering","createPrerenderingService","dbTableName","primaryDynamodbTableName","dbTableHashKey","primaryDynamodbTableHashKey","dbTableRangeKey","primaryDynamodbTableRangeKey","logDbTableName","logDynamodbTableName","appUrl","interpolate","domainName","deliveryUrl","bucket","cloudfrontId","id","domains","applyCustomDomain","previewDomains","process","WCP_PROJECT_ENVIRONMENT","WEBINY_MULTI_TENANCY","originLambda","applyTenantRouter","addOutputs","websiteRouterOriginRequestFunction","appId","appStorage","deliveryId","deliveryStorage","addDomainsUrlsOutputs","cloudfrontDistribution","map","distributionDomain","distributionUrl","usedDomain","usedUrl","tagResources","WbyProjectName","getEnvVariableWebinyProjectName","WbyEnvironment","getEnvVariableWebinyEnv","WbyEnvironmentVariant","getEnvVariableWebinyVariant","preview","delivery","withServiceManifest","withCommonLambdaEnvVariables","resources","addServiceManifest","manifest","distributionId","bucketDomainName","bucketRegionalDomainName","exports"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport fs from \"fs\";\nimport type { PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { createPulumiApp } from \"@webiny/pulumi\";\nimport { createPrivateAppBucket } from \"../createAppBucket\";\nimport type { CustomDomainParams } from \"../customDomain\";\nimport { applyCustomDomain } from \"../customDomain\";\nimport { createPrerenderingService } from \"./WebsitePrerendering\";\nimport { ApiOutput, CoreOutput, VpcConfig } from \"~/apps\";\nimport { addDomainsUrlsOutputs, tagResources, withCommonLambdaEnvVariables } from \"~/utils\";\nimport { applyTenantRouter } from \"~/apps/tenantRouter\";\nimport { withServiceManifest } from \"~/utils/withServiceManifest\";\nimport { DEFAULT_PROD_ENV_NAMES } from \"~/constants\";\nimport { getEnvVariableWebinyVariant } from \"~/env/variant\";\nimport { getEnvVariableWebinyEnv } from \"~/env/env\";\nimport { getEnvVariableWebinyProjectName } from \"~/env/projectName\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport interface CreateWebsitePulumiAppParams {\n /**\n * Custom domain(s) configuration.\n */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Custom preview domain(s) configuration.\n */\n previewDomains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Enables or disables VPC for the API.\n * For VPC to work you also have to enable it in the `core` application.\n */\n vpc?: PulumiAppParam<boolean | undefined>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: WebsitePulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createWebsitePulumiApp = (projectAppParams: CreateWebsitePulumiAppParams = {}) => {\n const baseApp = createPulumiApp({\n name: \"website\",\n path: \"apps/website\",\n config: projectAppParams,\n program: async app => {\n const pulumiResourceNamePrefix = app.getParam(\n projectAppParams.pulumiResourceNamePrefix\n );\n if (pulumiResourceNamePrefix) {\n app.onResource(resource => {\n if (!resource.name.startsWith(pulumiResourceNamePrefix)) {\n resource.name = `${pulumiResourceNamePrefix}${resource.name}`;\n }\n });\n }\n\n // Overrides must be applied via a handler, registered at the very start of the program.\n // By doing this, we're ensuring user's adjustments are not applied to late.\n if (projectAppParams.pulumi) {\n app.addHandler(() => {\n return projectAppParams.pulumi!(app as WebsitePulumiApp);\n });\n }\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n // Register core and api output as a module, to be available to all other modules.\n const core = app.addModule(CoreOutput);\n app.addModule(ApiOutput);\n\n // Register VPC config module to be available to other modules.\n const vpcEnabled = app.getParam(projectAppParams?.vpc) ?? isProduction;\n app.addModule(VpcConfig, { enabled: vpcEnabled });\n\n const appBucket = createPrivateAppBucket(app, \"app\");\n\n const appCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"app\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: appBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: false\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 0\n },\n priceClass: \"PriceClass_100\",\n customErrorResponses: [\n { errorCode: 404, responseCode: 404, responsePagePath: \"/index.html\" }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n },\n opts: {\n // We are ignoring changes to the \"staging\" property. This is because of the following.\n // With the 5.41.0 release of Webiny, we also upgraded Pulumi to v6. This introduced a change\n // with how Cloudfront distributions are deployed, where Pulumi now also controls the new\n // `staging` property.\n // If not set, Pulumi will default it to `false`. Which is fine, but, the problem is\n // that, because this property did not exist before, it will always be considered as a change\n // upon deployment.\n // We might think this is fine, but, the problem is that a change in this property causes\n // a full replacement of the Cloudfront distribution, which is not acceptable. Especially\n // if a custom domain has already been associated with the distribution. This then would\n // require the user to disassociate the domain, wait for the distribution to be replaced,\n // and then re-associate the domain. This is not a good experience.\n ignoreChanges: [\"staging\"]\n }\n });\n\n const deliveryBucket = createPrivateAppBucket(app, \"delivery\");\n\n /**\n * We need to have a Cloudfront Function to perform a simple request rewrite, so the request always includes\n * an \"/index.html\". This is necessary because our buckets are not \"website\" buckets, and we need to\n * have an exact object key when requesting page paths.\n */\n const viewerRequest = app.addResource(aws.cloudfront.Function, {\n name: \"cfViewerRequest\",\n config: {\n runtime: \"cloudfront-js-1.0\",\n publish: true,\n code: fs.readFileSync(__dirname + `/deliveryViewerRequest.js`, \"utf8\")\n }\n });\n\n const deliveryCloudfront = app.addResource(aws.cloudfront.Distribution, {\n name: \"delivery\",\n config: {\n enabled: true,\n waitForDeployment: true,\n origins: [deliveryBucket.origin, appBucket.origin],\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n compress: true,\n targetOriginId: deliveryBucket.origin.originId,\n viewerProtocolPolicy: \"redirect-to-https\",\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n originRequestPolicyId: \"\",\n forwardedValues: {\n cookies: { forward: \"none\" },\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 30,\n maxTtl: 30,\n functionAssociations: [\n { functionArn: viewerRequest.output.arn, eventType: \"viewer-request\" }\n ]\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/static/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId,\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 2592000, // 30 days\n maxTtl: 2592000\n },\n // This forward is necessary for non-WCP projects. For WCP projects, the\n // forwarding is performed by the `website-router` Lambda@Edge function.\n {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [],\n queryString: false\n },\n pathPattern: \"/robots.txt\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: appBucket.origin.originId\n }\n ],\n customErrorResponses: [\n {\n errorCode: 404,\n responseCode: 404,\n responsePagePath: \"/_NOT_FOUND_PAGE_/index.html\"\n }\n ],\n priceClass: \"PriceClass_100\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n },\n opts: {\n // Check the comment in the `appCloudfront` resource above for more info.\n ignoreChanges: [\"staging\"]\n }\n });\n\n const prerendering = createPrerenderingService(app, {\n dbTableName: core.primaryDynamodbTableName,\n dbTableHashKey: core.primaryDynamodbTableHashKey,\n dbTableRangeKey: core.primaryDynamodbTableRangeKey,\n logDbTableName: core.logDynamodbTableName,\n appUrl: pulumi.interpolate`https://${appCloudfront.output.domainName}`,\n deliveryUrl: pulumi.interpolate`https://${deliveryCloudfront.output.domainName}`,\n bucket: deliveryBucket.bucket.output.bucket,\n cloudfrontId: deliveryCloudfront.output.id\n });\n\n const domains = app.getParam(projectAppParams.domains);\n if (domains) {\n applyCustomDomain(deliveryCloudfront, domains);\n }\n\n const previewDomains = app.getParam(projectAppParams.previewDomains);\n if (previewDomains) {\n applyCustomDomain(appCloudfront, previewDomains);\n }\n\n if (\n process.env.WCP_PROJECT_ENVIRONMENT ||\n process.env.WEBINY_MULTI_TENANCY === \"true\"\n ) {\n const { originLambda } = applyTenantRouter(app, deliveryCloudfront);\n\n app.addHandler(() => {\n app.addOutputs({\n websiteRouterOriginRequestFunction: originLambda.output.name\n });\n });\n }\n\n app.addOutputs({\n // Cloudfront and S3 bucket used to host the single-page application (SPA). The URL of the distribution is mainly\n // utilized by the Page Builder app's prerendering engine. Using this URL, it accesses the SPA and creates HTML snapshots.\n // The files that are generated in that process are stored in the `deliveryStorage` S3 bucket further below.\n appId: appCloudfront.output.id,\n appStorage: appBucket.bucket.output.id,\n\n // These are the Cloudfront and S3 bucket that will deliver static pages to the actual website visitors.\n // The static HTML snapshots delivered from them still rely on the app's S3 bucket\n // defined above, for serving static assets (JS, CSS, images).\n deliveryId: deliveryCloudfront.output.id,\n deliveryStorage: deliveryBucket.bucket.output.id\n });\n\n app.addHandler(() => {\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: appCloudfront,\n map: {\n distributionDomain: \"cloudfrontAppDomain\",\n distributionUrl: \"cloudfrontAppUrl\",\n usedDomain: \"appDomain\",\n usedUrl: \"appUrl\"\n }\n });\n\n addDomainsUrlsOutputs({\n app,\n cloudfrontDistribution: deliveryCloudfront,\n map: {\n distributionDomain: \"cloudfrontDeliveryDomain\",\n distributionUrl: \"cloudfrontDeliveryUrl\",\n usedDomain: \"deliveryDomain\",\n usedUrl: \"deliveryUrl\"\n }\n });\n });\n\n tagResources({\n WbyProjectName: getEnvVariableWebinyProjectName(),\n WbyEnvironment: getEnvVariableWebinyEnv(),\n WbyEnvironmentVariant: getEnvVariableWebinyVariant()\n });\n\n return {\n prerendering,\n\n // \"preview\" and \"app\" are the same.\n // We introduced \"preview\" just because it's the word we use when talking about\n // Page Builder and \"previewing\" pages. In other words, the \"preview\" property\n // contains all resources related to serving page previews, unlike \"delivery\",\n // which is used to serve published pages to actual website visitors.\n // The \"app\" property was still left here just for backwards compatibility.\n preview: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n app: {\n ...appBucket,\n cloudfront: appCloudfront\n },\n\n delivery: {\n ...deliveryBucket,\n cloudfront: deliveryCloudfront\n }\n };\n }\n });\n\n const app = withServiceManifest(withCommonLambdaEnvVariables(baseApp));\n\n app.addHandler(() => {\n const preview = baseApp.resources.preview;\n const delivery = baseApp.resources.delivery;\n\n app.addServiceManifest({\n name: \"website\",\n manifest: {\n preview: {\n cloudfront: {\n distributionId: preview.cloudfront.output.id,\n domainName: preview.cloudfront.output.domainName\n },\n bucket: {\n name: preview.bucket.output.id,\n arn: preview.bucket.output.arn,\n bucketDomainName: preview.bucket.output.bucketDomainName,\n bucketRegionalDomainName: preview.bucket.output.bucketRegionalDomainName\n }\n },\n delivery: {\n cloudfront: {\n distributionId: delivery.cloudfront.output.id,\n domainName: delivery.cloudfront.output.domainName\n },\n bucket: {\n name: delivery.bucket.output.id,\n arn: delivery.bucket.output.arn,\n bucketDomainName: delivery.bucket.output.bucketDomainName,\n bucketRegionalDomainName: delivery.bucket.output.bucketRegionalDomainName\n }\n }\n }\n });\n });\n\n return app;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,GAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAL,OAAA;AAEA,IAAAM,aAAA,GAAAN,OAAA;AACA,IAAAO,oBAAA,GAAAP,OAAA;AACA,IAAAQ,CAAA,GAAAR,OAAA;AACA,IAAAS,MAAA,GAAAT,OAAA;AACA,IAAAU,aAAA,GAAAV,OAAA;AACA,IAAAW,oBAAA,GAAAX,OAAA;AACA,IAAAY,UAAA,GAAAZ,OAAA;AACA,IAAAa,QAAA,GAAAb,OAAA;AACA,IAAAc,IAAA,GAAAd,OAAA;AACA,IAAAe,YAAA,GAAAf,OAAA;AAwCO,MAAMgB,sBAAsB,GAAGA,CAACC,gBAA8C,GAAG,CAAC,CAAC,KAAK;EAC3F,MAAMC,OAAO,GAAG,IAAAC,wBAAe,EAAC;IAC5BC,IAAI,EAAE,SAAS;IACfC,IAAI,EAAE,cAAc;IACpBC,MAAM,EAAEL,gBAAgB;IACxBM,OAAO,EAAE,MAAMC,GAAG,IAAI;MAClB,MAAMC,wBAAwB,GAAGD,GAAG,CAACE,QAAQ,CACzCT,gBAAgB,CAACQ,wBACrB,CAAC;MACD,IAAIA,wBAAwB,EAAE;QAC1BD,GAAG,CAACG,UAAU,CAACC,QAAQ,IAAI;UACvB,IAAI,CAACA,QAAQ,CAACR,IAAI,CAACS,UAAU,CAACJ,wBAAwB,CAAC,EAAE;YACrDG,QAAQ,CAACR,IAAI,GAAG,GAAGK,wBAAwB,GAAGG,QAAQ,CAACR,IAAI,EAAE;UACjE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA;MACA,IAAIH,gBAAgB,CAACnB,MAAM,EAAE;QACzB0B,GAAG,CAACM,UAAU,CAAC,MAAM;UACjB,OAAOb,gBAAgB,CAACnB,MAAM,CAAE0B,GAAuB,CAAC;QAC5D,CAAC,CAAC;MACN;MAEA,MAAMO,sBAAsB,GACxBP,GAAG,CAACQ,MAAM,CAACC,MAAM,CAACF,sBAAsB,IAAIG,iCAAsB;MACtE,MAAMC,YAAY,GAAGJ,sBAAsB,CAACK,QAAQ,CAACZ,GAAG,CAACQ,MAAM,CAACK,GAAG,CAACC,GAAG,CAAC;;MAExE;MACA,MAAMC,IAAI,GAAGf,GAAG,CAACgB,SAAS,CAACC,YAAU,CAAC;MACtCjB,GAAG,CAACgB,SAAS,CAACE,WAAS,CAAC;;MAExB;MACA,MAAMC,UAAU,GAAGnB,GAAG,CAACE,QAAQ,CAACT,gBAAgB,EAAE2B,GAAG,CAAC,IAAIT,YAAY;MACtEX,GAAG,CAACgB,SAAS,CAACK,WAAS,EAAE;QAAEC,OAAO,EAAEH;MAAW,CAAC,CAAC;MAEjD,MAAMI,SAAS,GAAG,IAAAC,uCAAsB,EAACxB,GAAG,EAAE,KAAK,CAAC;MAEpD,MAAMyB,aAAa,GAAGzB,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACC,YAAY,EAAE;QAC/DhC,IAAI,EAAE,KAAK;QACXE,MAAM,EAAE;UACJwB,OAAO,EAAE,IAAI;UACbO,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAACP,SAAS,CAACQ,MAAM,CAAC;UAC3BC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK,QAAQ;YACzCC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,CAAC;YACbC,MAAM,EAAE;UACZ,CAAC;UACDC,UAAU,EAAE,gBAAgB;UAC5BC,oBAAoB,EAAE,CAClB;YAAEC,SAAS,EAAE,GAAG;YAAEC,YAAY,EAAE,GAAG;YAAEC,gBAAgB,EAAE;UAAc,CAAC,CACzE;UACDC,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ,CAAC;QACDC,IAAI,EAAE;UACF;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACAC,aAAa,EAAE,CAAC,SAAS;QAC7B;MACJ,CAAC,CAAC;MAEF,MAAMC,cAAc,GAAG,IAAAnC,uCAAsB,EAACxB,GAAG,EAAE,UAAU,CAAC;;MAE9D;AACZ;AACA;AACA;AACA;MACY,MAAM4D,aAAa,GAAG5D,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACkC,QAAQ,EAAE;QAC3DjE,IAAI,EAAE,iBAAiB;QACvBE,MAAM,EAAE;UACJgE,OAAO,EAAE,mBAAmB;UAC5BC,OAAO,EAAE,IAAI;UACbC,IAAI,EAAEC,WAAE,CAACC,YAAY,CAACC,SAAS,GAAG,2BAA2B,EAAE,MAAM;QACzE;MACJ,CAAC,CAAC;MAEF,MAAMC,kBAAkB,GAAGpE,GAAG,CAAC0B,WAAW,CAACjD,GAAG,CAACkD,UAAU,CAACC,YAAY,EAAE;QACpEhC,IAAI,EAAE,UAAU;QAChBE,MAAM,EAAE;UACJwB,OAAO,EAAE,IAAI;UACbO,iBAAiB,EAAE,IAAI;UACvBC,OAAO,EAAE,CAAC6B,cAAc,CAAC5B,MAAM,EAAER,SAAS,CAACQ,MAAM,CAAC;UAClDC,iBAAiB,EAAE,YAAY;UAC/BC,oBAAoB,EAAE;YAClBC,QAAQ,EAAE,IAAI;YACdC,cAAc,EAAEwB,cAAc,CAAC5B,MAAM,CAACK,QAAQ;YAC9CC,oBAAoB,EAAE,mBAAmB;YACzCC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC8B,qBAAqB,EAAE,EAAE;YACzB7B,eAAe,EAAE;cACbC,OAAO,EAAE;gBAAEC,OAAO,EAAE;cAAO,CAAC;cAC5BC,WAAW,EAAE;YACjB,CAAC;YACD;YACAC,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,EAAE;YACdC,MAAM,EAAE,EAAE;YACVwB,oBAAoB,EAAE,CAClB;cAAEC,WAAW,EAAEX,aAAa,CAACY,MAAM,CAACC,GAAG;cAAEC,SAAS,EAAE;YAAiB,CAAC;UAE9E,CAAC;UACDC,qBAAqB,EAAE,CACnB;YACIzC,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDkC,OAAO,EAAE,EAAE;cACXjC,WAAW,EAAE;YACjB,CAAC;YACDkC,WAAW,EAAE,WAAW;YACxBxC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK,QAAQ;YACzC;YACAQ,MAAM,EAAE,CAAC;YACTC,UAAU,EAAE,OAAO;YAAE;YACrBC,MAAM,EAAE;UACZ,CAAC;UACD;UACA;UACA;YACIZ,QAAQ,EAAE,IAAI;YACdI,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YAC1CC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzCC,eAAe,EAAE;cACbC,OAAO,EAAE;gBACLC,OAAO,EAAE;cACb,CAAC;cACDkC,OAAO,EAAE,EAAE;cACXjC,WAAW,EAAE;YACjB,CAAC;YACDkC,WAAW,EAAE,aAAa;YAC1BxC,oBAAoB,EAAE,WAAW;YACjCF,cAAc,EAAEZ,SAAS,CAACQ,MAAM,CAACK;UACrC,CAAC,CACJ;UACDY,oBAAoB,EAAE,CAClB;YACIC,SAAS,EAAE,GAAG;YACdC,YAAY,EAAE,GAAG;YACjBC,gBAAgB,EAAE;UACtB,CAAC,CACJ;UACDJ,UAAU,EAAE,gBAAgB;UAC5BK,YAAY,EAAE;YACVC,cAAc,EAAE;cACZC,eAAe,EAAE;YACrB;UACJ,CAAC;UACDC,iBAAiB,EAAE;YACfC,4BAA4B,EAAE;UAClC;QACJ,CAAC;QACDC,IAAI,EAAE;UACF;UACAC,aAAa,EAAE,CAAC,SAAS;QAC7B;MACJ,CAAC,CAAC;MAEF,MAAMoB,YAAY,GAAG,IAAAC,8CAAyB,EAAC/E,GAAG,EAAE;QAChDgF,WAAW,EAAEjE,IAAI,CAACkE,wBAAwB;QAC1CC,cAAc,EAAEnE,IAAI,CAACoE,2BAA2B;QAChDC,eAAe,EAAErE,IAAI,CAACsE,4BAA4B;QAClDC,cAAc,EAAEvE,IAAI,CAACwE,oBAAoB;QACzCC,MAAM,EAAElH,MAAM,CAACmH,WAAW,WAAWhE,aAAa,CAAC+C,MAAM,CAACkB,UAAU,EAAE;QACtEC,WAAW,EAAErH,MAAM,CAACmH,WAAW,WAAWrB,kBAAkB,CAACI,MAAM,CAACkB,UAAU,EAAE;QAChFE,MAAM,EAAEjC,cAAc,CAACiC,MAAM,CAACpB,MAAM,CAACoB,MAAM;QAC3CC,YAAY,EAAEzB,kBAAkB,CAACI,MAAM,CAACsB;MAC5C,CAAC,CAAC;MAEF,MAAMC,OAAO,GAAG/F,GAAG,CAACE,QAAQ,CAACT,gBAAgB,CAACsG,OAAO,CAAC;MACtD,IAAIA,OAAO,EAAE;QACT,IAAAC,+BAAiB,EAAC5B,kBAAkB,EAAE2B,OAAO,CAAC;MAClD;MAEA,MAAME,cAAc,GAAGjG,GAAG,CAACE,QAAQ,CAACT,gBAAgB,CAACwG,cAAc,CAAC;MACpE,IAAIA,cAAc,EAAE;QAChB,IAAAD,+BAAiB,EAACvE,aAAa,EAAEwE,cAAc,CAAC;MACpD;MAEA,IACIC,OAAO,CAACpF,GAAG,CAACqF,uBAAuB,IACnCD,OAAO,CAACpF,GAAG,CAACsF,oBAAoB,KAAK,MAAM,EAC7C;QACE,MAAM;UAAEC;QAAa,CAAC,GAAG,IAAAC,+BAAiB,EAACtG,GAAG,EAAEoE,kBAAkB,CAAC;QAEnEpE,GAAG,CAACM,UAAU,CAAC,MAAM;UACjBN,GAAG,CAACuG,UAAU,CAAC;YACXC,kCAAkC,EAAEH,YAAY,CAAC7B,MAAM,CAAC5E;UAC5D,CAAC,CAAC;QACN,CAAC,CAAC;MACN;MAEAI,GAAG,CAACuG,UAAU,CAAC;QACX;QACA;QACA;QACAE,KAAK,EAAEhF,aAAa,CAAC+C,MAAM,CAACsB,EAAE;QAC9BY,UAAU,EAAEnF,SAAS,CAACqE,MAAM,CAACpB,MAAM,CAACsB,EAAE;QAEtC;QACA;QACA;QACAa,UAAU,EAAEvC,kBAAkB,CAACI,MAAM,CAACsB,EAAE;QACxCc,eAAe,EAAEjD,cAAc,CAACiC,MAAM,CAACpB,MAAM,CAACsB;MAClD,CAAC,CAAC;MAEF9F,GAAG,CAACM,UAAU,CAAC,MAAM;QACjB,IAAAuG,4BAAqB,EAAC;UAClB7G,GAAG;UACH8G,sBAAsB,EAAErF,aAAa;UACrCsF,GAAG,EAAE;YACDC,kBAAkB,EAAE,qBAAqB;YACzCC,eAAe,EAAE,kBAAkB;YACnCC,UAAU,EAAE,WAAW;YACvBC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;QAEF,IAAAN,4BAAqB,EAAC;UAClB7G,GAAG;UACH8G,sBAAsB,EAAE1C,kBAAkB;UAC1C2C,GAAG,EAAE;YACDC,kBAAkB,EAAE,0BAA0B;YAC9CC,eAAe,EAAE,uBAAuB;YACxCC,UAAU,EAAE,gBAAgB;YAC5BC,OAAO,EAAE;UACb;QACJ,CAAC,CAAC;MACN,CAAC,CAAC;MAEF,IAAAC,mBAAY,EAAC;QACTC,cAAc,EAAE,IAAAC,4CAA+B,EAAC,CAAC;QACjDC,cAAc,EAAE,IAAAC,4BAAuB,EAAC,CAAC;QACzCC,qBAAqB,EAAE,IAAAC,oCAA2B,EAAC;MACvD,CAAC,CAAC;MAEF,OAAO;QACH5C,YAAY;QAEZ;QACA;QACA;QACA;QACA;QACA;QACA6C,OAAO,EAAE;UACL,GAAGpG,SAAS;UACZI,UAAU,EAAEF;QAChB,CAAC;QACDzB,GAAG,EAAE;UACD,GAAGuB,SAAS;UACZI,UAAU,EAAEF;QAChB,CAAC;QAEDmG,QAAQ,EAAE;UACN,GAAGjE,cAAc;UACjBhC,UAAU,EAAEyC;QAChB;MACJ,CAAC;IACL;EACJ,CAAC,CAAC;EAEF,MAAMpE,GAAG,GAAG,IAAA6H,wCAAmB,EAAC,IAAAC,mCAA4B,EAACpI,OAAO,CAAC,CAAC;EAEtEM,GAAG,CAACM,UAAU,CAAC,MAAM;IACjB,MAAMqH,OAAO,GAAGjI,OAAO,CAACqI,SAAS,CAACJ,OAAO;IACzC,MAAMC,QAAQ,GAAGlI,OAAO,CAACqI,SAAS,CAACH,QAAQ;IAE3C5H,GAAG,CAACgI,kBAAkB,CAAC;MACnBpI,IAAI,EAAE,SAAS;MACfqI,QAAQ,EAAE;QACNN,OAAO,EAAE;UACLhG,UAAU,EAAE;YACRuG,cAAc,EAAEP,OAAO,CAAChG,UAAU,CAAC6C,MAAM,CAACsB,EAAE;YAC5CJ,UAAU,EAAEiC,OAAO,CAAChG,UAAU,CAAC6C,MAAM,CAACkB;UAC1C,CAAC;UACDE,MAAM,EAAE;YACJhG,IAAI,EAAE+H,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAACsB,EAAE;YAC9BrB,GAAG,EAAEkD,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAACC,GAAG;YAC9B0D,gBAAgB,EAAER,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAAC2D,gBAAgB;YACxDC,wBAAwB,EAAET,OAAO,CAAC/B,MAAM,CAACpB,MAAM,CAAC4D;UACpD;QACJ,CAAC;QACDR,QAAQ,EAAE;UACNjG,UAAU,EAAE;YACRuG,cAAc,EAAEN,QAAQ,CAACjG,UAAU,CAAC6C,MAAM,CAACsB,EAAE;YAC7CJ,UAAU,EAAEkC,QAAQ,CAACjG,UAAU,CAAC6C,MAAM,CAACkB;UAC3C,CAAC;UACDE,MAAM,EAAE;YACJhG,IAAI,EAAEgI,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAACsB,EAAE;YAC/BrB,GAAG,EAAEmD,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAACC,GAAG;YAC/B0D,gBAAgB,EAAEP,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAAC2D,gBAAgB;YACzDC,wBAAwB,EAAER,QAAQ,CAAChC,MAAM,CAACpB,MAAM,CAAC4D;UACrD;QACJ;MACJ;IACJ,CAAC,CAAC;EACN,CAAC,CAAC;EAEF,OAAOpI,GAAG;AACd,CAAC;AAACqI,OAAA,CAAA7I,sBAAA,GAAAA,sBAAA","ignoreList":[]}
package/enterprise/api/handleGuardDutyEvents.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- import { ApiPulumiApp } from "../../index";
1
+ import type { ApiPulumiApp } from "../../index";
2
2
  export declare const handleGuardDutyEvents: (app: ApiPulumiApp) => void;
package/enterprise/api/handleGuardDutyEvents.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_","handleGuardDutyEvents","app","core","getModule","CoreOutput","graphql","resources","functions","baseConfig","config","clone","threatDetectionHandler","addResource","lambda","Function","name","memorySize","description","environment","variables","output","apply","env","WEBINY_FUNCTION_TYPE","eventRule","cloudwatch","EventRule","eventBusName","eventPattern","JSON","stringify","source","Permission","action","function","arn","principal","sourceArn","EventTarget","rule","exports"],"sources":["handleGuardDutyEvents.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { ApiPulumiApp, CoreOutput } from \"~/index\";\n\nexport const handleGuardDutyEvents = (app: ApiPulumiApp) => {\n const core = app.getModule(CoreOutput);\n const graphql = app.resources.graphql.functions.graphql;\n\n const baseConfig = graphql.config.clone();\n\n const threatDetectionHandler = app.addResource(aws.lambda.Function, {\n name: \"fm-threat-detection\",\n config: {\n ...baseConfig,\n memorySize: 1024,\n description: \"Handles Guard Duty threat scan results.\",\n environment: {\n variables: graphql.output.environment.apply(env => {\n return {\n WEBINY_FUNCTION_TYPE: \"threat-detection-event-handler\",\n ...env?.variables\n };\n })\n }\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: `fm-bucket-malware-protection-event-rule`,\n config: {\n eventBusName: core.eventBusName,\n eventPattern: JSON.stringify({\n source: [\"aws.guardduty\"],\n \"detail-type\": [\"GuardDuty Malware Protection Object Scan Result\"]\n })\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"fm-bucket-malware-protection-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: threatDetectionHandler.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n app.addResource(aws.cloudwatch.EventTarget, {\n name: `fm-bucket-malware-protection-event-target`,\n config: {\n rule: eventRule.output.name,\n arn: threatDetectionHandler.output.arn,\n eventBusName: core.eventBusName\n }\n });\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,CAAA,GAAAD,OAAA;AAEO,MAAME,qBAAqB,GAAIC,GAAiB,IAAK;EACxD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;EACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACK,SAAS,CAACD,OAAO,CAACE,SAAS,CAACF,OAAO;EAEvD,MAAMG,UAAU,GAAGH,OAAO,CAACI,MAAM,CAACC,KAAK,CAAC,CAAC;EAEzC,MAAMC,sBAAsB,GAAGV,GAAG,CAACW,WAAW,CAAChB,GAAG,CAACiB,MAAM,CAACC,QAAQ,EAAE;IAChEC,IAAI,EAAE,qBAAqB;IAC3BN,MAAM,EAAE;MACJ,GAAGD,UAAU;MACbQ,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,yCAAyC;MACtDC,WAAW,EAAE;QACTC,SAAS,EAAEd,OAAO,CAACe,MAAM,CAACF,WAAW,CAACG,KAAK,CAACC,GAAG,IAAI;UAC/C,OAAO;YACHC,oBAAoB,EAAE,gCAAgC;YACtD,GAAGD,GAAG,EAAEH;UACZ,CAAC;QACL,CAAC;MACL;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMK,SAAS,GAAGvB,GAAG,CAACW,WAAW,CAAChB,GAAG,CAAC6B,UAAU,CAACC,SAAS,EAAE;IACxDX,IAAI,EAAE,yCAAyC;IAC/CN,MAAM,EAAE;MACJkB,YAAY,EAAEzB,IAAI,CAACyB,YAAY;MAC/BC,YAAY,EAAEC,IAAI,CAACC,SAAS,CAAC;QACzBC,MAAM,EAAE,CAAC,eAAe,CAAC;QACzB,aAAa,EAAE,CAAC,iDAAiD;MACrE,CAAC;IACL;EACJ,CAAC,CAAC;EAEF9B,GAAG,CAACW,WAAW,CAAChB,GAAG,CAACiB,MAAM,CAACmB,UAAU,EAAE;IACnCjB,IAAI,EAAE,+CAA+C;IACrDN,MAAM,EAAE;MACJwB,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEvB,sBAAsB,CAACS,MAAM,CAACe,GAAG;MAC3CC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEb,SAAS,CAACJ,MAAM,CAACe;IAChC;EACJ,CAAC,CAAC;EAEFlC,GAAG,CAACW,WAAW,CAAChB,GAAG,CAAC6B,UAAU,CAACa,WAAW,EAAE;IACxCvB,IAAI,EAAE,2CAA2C;IACjDN,MAAM,EAAE;MACJ8B,IAAI,EAAEf,SAAS,CAACJ,MAAM,CAACL,IAAI;MAC3BoB,GAAG,EAAExB,sBAAsB,CAACS,MAAM,CAACe,GAAG;MACtCR,YAAY,EAAEzB,IAAI,CAACyB;IACvB;EACJ,CAAC,CAAC;AACN,CAAC;AAACa,OAAA,CAAAxC,qBAAA,GAAAA,qBAAA","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_","handleGuardDutyEvents","app","core","getModule","CoreOutput","graphql","resources","functions","baseConfig","config","clone","threatDetectionHandler","addResource","lambda","Function","name","memorySize","description","environment","variables","output","apply","env","WEBINY_FUNCTION_TYPE","eventRule","cloudwatch","EventRule","eventBusName","eventPattern","JSON","stringify","source","Permission","action","function","arn","principal","sourceArn","EventTarget","rule","exports"],"sources":["handleGuardDutyEvents.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { ApiPulumiApp } from \"~/index\";\nimport { CoreOutput } from \"~/index\";\n\nexport const handleGuardDutyEvents = (app: ApiPulumiApp) => {\n const core = app.getModule(CoreOutput);\n const graphql = app.resources.graphql.functions.graphql;\n\n const baseConfig = graphql.config.clone();\n\n const threatDetectionHandler = app.addResource(aws.lambda.Function, {\n name: \"fm-threat-detection\",\n config: {\n ...baseConfig,\n memorySize: 1024,\n description: \"Handles Guard Duty threat scan results.\",\n environment: {\n variables: graphql.output.environment.apply(env => {\n return {\n WEBINY_FUNCTION_TYPE: \"threat-detection-event-handler\",\n ...env?.variables\n };\n })\n }\n }\n });\n\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: `fm-bucket-malware-protection-event-rule`,\n config: {\n eventBusName: core.eventBusName,\n eventPattern: JSON.stringify({\n source: [\"aws.guardduty\"],\n \"detail-type\": [\"GuardDuty Malware Protection Object Scan Result\"]\n })\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"fm-bucket-malware-protection-event-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: threatDetectionHandler.output.arn,\n principal: \"events.amazonaws.com\",\n sourceArn: eventRule.output.arn\n }\n });\n\n app.addResource(aws.cloudwatch.EventTarget, {\n name: `fm-bucket-malware-protection-event-target`,\n config: {\n rule: eventRule.output.name,\n arn: threatDetectionHandler.output.arn,\n eventBusName: core.eventBusName\n }\n });\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,CAAA,GAAAD,OAAA;AAEO,MAAME,qBAAqB,GAAIC,GAAiB,IAAK;EACxD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,YAAU,CAAC;EACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACK,SAAS,CAACD,OAAO,CAACE,SAAS,CAACF,OAAO;EAEvD,MAAMG,UAAU,GAAGH,OAAO,CAACI,MAAM,CAACC,KAAK,CAAC,CAAC;EAEzC,MAAMC,sBAAsB,GAAGV,GAAG,CAACW,WAAW,CAAChB,GAAG,CAACiB,MAAM,CAACC,QAAQ,EAAE;IAChEC,IAAI,EAAE,qBAAqB;IAC3BN,MAAM,EAAE;MACJ,GAAGD,UAAU;MACbQ,UAAU,EAAE,IAAI;MAChBC,WAAW,EAAE,yCAAyC;MACtDC,WAAW,EAAE;QACTC,SAAS,EAAEd,OAAO,CAACe,MAAM,CAACF,WAAW,CAACG,KAAK,CAACC,GAAG,IAAI;UAC/C,OAAO;YACHC,oBAAoB,EAAE,gCAAgC;YACtD,GAAGD,GAAG,EAAEH;UACZ,CAAC;QACL,CAAC;MACL;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMK,SAAS,GAAGvB,GAAG,CAACW,WAAW,CAAChB,GAAG,CAAC6B,UAAU,CAACC,SAAS,EAAE;IACxDX,IAAI,EAAE,yCAAyC;IAC/CN,MAAM,EAAE;MACJkB,YAAY,EAAEzB,IAAI,CAACyB,YAAY;MAC/BC,YAAY,EAAEC,IAAI,CAACC,SAAS,CAAC;QACzBC,MAAM,EAAE,CAAC,eAAe,CAAC;QACzB,aAAa,EAAE,CAAC,iDAAiD;MACrE,CAAC;IACL;EACJ,CAAC,CAAC;EAEF9B,GAAG,CAACW,WAAW,CAAChB,GAAG,CAACiB,MAAM,CAACmB,UAAU,EAAE;IACnCjB,IAAI,EAAE,+CAA+C;IACrDN,MAAM,EAAE;MACJwB,MAAM,EAAE,uBAAuB;MAC/BC,QAAQ,EAAEvB,sBAAsB,CAACS,MAAM,CAACe,GAAG;MAC3CC,SAAS,EAAE,sBAAsB;MACjCC,SAAS,EAAEb,SAAS,CAACJ,MAAM,CAACe;IAChC;EACJ,CAAC,CAAC;EAEFlC,GAAG,CAACW,WAAW,CAAChB,GAAG,CAAC6B,UAAU,CAACa,WAAW,EAAE;IACxCvB,IAAI,EAAE,2CAA2C;IACjDN,MAAM,EAAE;MACJ8B,IAAI,EAAEf,SAAS,CAACJ,MAAM,CAACL,IAAI;MAC3BoB,GAAG,EAAExB,sBAAsB,CAACS,MAAM,CAACe,GAAG;MACtCR,YAAY,EAAEzB,IAAI,CAACyB;IACvB;EACJ,CAAC,CAAC;AACN,CAAC;AAACa,OAAA,CAAAxC,qBAAA,GAAAA,qBAAA","ignoreList":[]}
package/enterprise/createApiPulumiApp.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import * as aws from "@pulumi/aws";
2
- import { PulumiAppParam } from "@webiny/pulumi";
3
- import { CreateApiPulumiAppParams as BaseCreateApiPulumiAppParams } from "../apps/api/createApiPulumiApp";
2
+ import type { PulumiAppParam } from "@webiny/pulumi";
3
+ import type { CreateApiPulumiAppParams as BaseCreateApiPulumiAppParams } from "../apps/api/createApiPulumiApp";
4
4
  export type ApiPulumiApp = ReturnType<typeof createApiPulumiApp>;
5
5
  export type ApiPulumiAppAdvancedVpcParams = Partial<{
6
6
  useExistingVpc: {
@@ -12,6 +12,12 @@ export interface CreateApiPulumiAppParams extends Omit<BaseCreateApiPulumiAppPar
12
12
  }
13
13
  export declare function createApiPulumiApp(projectAppParams?: CreateApiPulumiAppParams): import("@webiny/pulumi").PulumiApp<{
14
14
  fileManager: {
15
+ roles: {
16
+ manage: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/role").Role>;
17
+ };
18
+ policies: {
19
+ manage: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/policy").Policy>;
20
+ };
15
21
  functions: {
16
22
  manage: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/lambda/function").Function>;
17
23
  download: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/lambda/function").Function>;
@@ -74,4 +80,9 @@ export declare function createApiPulumiApp(projectAppParams?: CreateApiPulumiApp
74
80
  eventRolePolicyAttachment: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/rolePolicyAttachment").RolePolicyAttachment>;
75
81
  eventTarget: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/cloudwatch/eventTarget").EventTarget>;
76
82
  };
83
+ scheduler: {
84
+ invokeRole: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/role").Role>;
85
+ invokePolicy: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/rolePolicy").RolePolicy>;
86
+ policyAttachment: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/iam/rolePolicyAttachment").RolePolicyAttachment>;
87
+ };
77
88
  }> & import("../utils/lambdaEnvVariables").WithCommonLambdaEnvVariables & import("../utils/withServiceManifest").WithServiceManifest;
package/enterprise/createApiPulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_wcp","_createApiPulumiApp","_handleGuardDutyEvents","createApiPulumiApp","projectAppParams","baseCreateApiPulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","pulumi","app","license","License","fromEnvironment","canUseFileManagerThreatDetection","handleGuardDutyEvents","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createApiPulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { isResourceOfType, PulumiAppParam } from \"@webiny/pulumi\";\nimport { License } from \"@webiny/wcp\";\nimport {\n createApiPulumiApp as baseCreateApiPulumiApp,\n CreateApiPulumiAppParams as BaseCreateApiPulumiAppParams\n} from \"~/apps/api/createApiPulumiApp\";\nimport { handleGuardDutyEvents } from \"~/enterprise/api/handleGuardDutyEvents\";\n\nexport type ApiPulumiApp = ReturnType<typeof createApiPulumiApp>;\n\nexport type ApiPulumiAppAdvancedVpcParams = Partial<{\n useExistingVpc: {\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateApiPulumiAppParams extends Omit<BaseCreateApiPulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | ApiPulumiAppAdvancedVpcParams>;\n}\n\nexport function createApiPulumiApp(projectAppParams: CreateApiPulumiAppParams = {}) {\n return baseCreateApiPulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n async pulumi(app) {\n const license = await License.fromEnvironment();\n\n const { getParam } = app;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n if (license.canUseFileManagerThreatDetection()) {\n handleGuardDutyEvents(app);\n }\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(app);\n }\n\n const { onResource, addResource } = app;\n const { useExistingVpc } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(app);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AACA,IAAAG,mBAAA,GAAAH,OAAA;AAIA,IAAAI,sBAAA,GAAAJ,OAAA;AAcO,SAASK,kBAAkBA,CAACC,gBAA0C,GAAG,CAAC,CAAC,EAAE;EAChF,OAAO,IAAAC,sCAAsB,EAAC;IAC1B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACD,MAAMC,MAAMA,CAACC,GAAG,EAAE;MACd,MAAMC,OAAO,GAAG,MAAMC,YAAO,CAACC,eAAe,CAAC,CAAC;MAE/C,MAAM;QAAEP;MAAS,CAAC,GAAGI,GAAG;MACxB,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAE9D,IAAIM,OAAO,CAACG,gCAAgC,CAAC,CAAC,EAAE;QAC5C,IAAAC,4CAAqB,EAACL,GAAG,CAAC;MAC9B;;MAEA;MACA,IAAI,CAACH,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACM,MAAM,GAAGC,GAAG,CAAC;MACzC;MAEA,MAAM;QAAEM,UAAU;QAAEC;MAAY,CAAC,GAAGP,GAAG;MACvC,MAAM;QAAEF;MAAe,CAAC,GAAGH,GAAG;;MAE9B;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACU,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAEzB,GAAG,CAAC2B,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACnB,cAAc,CAAEU,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAEzB,GAAG,CAACiC,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAACtB,GAAG,CAACiC,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAExC,GAAG,CAACiC,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAOlC,gBAAgB,CAACM,MAAM,GAAGC,GAAG,CAAC;IACzC;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_wcp","_createApiPulumiApp","_handleGuardDutyEvents","createApiPulumiApp","projectAppParams","baseCreateApiPulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","pulumi","app","license","License","fromEnvironment","canUseFileManagerThreatDetection","handleGuardDutyEvents","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createApiPulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiAppParam } from \"@webiny/pulumi\";\nimport { isResourceOfType } from \"@webiny/pulumi\";\nimport { License } from \"@webiny/wcp\";\nimport type { CreateApiPulumiAppParams as BaseCreateApiPulumiAppParams } from \"~/apps/api/createApiPulumiApp\";\nimport { createApiPulumiApp as baseCreateApiPulumiApp } from \"~/apps/api/createApiPulumiApp\";\nimport { handleGuardDutyEvents } from \"~/enterprise/api/handleGuardDutyEvents\";\n\nexport type ApiPulumiApp = ReturnType<typeof createApiPulumiApp>;\n\nexport type ApiPulumiAppAdvancedVpcParams = Partial<{\n useExistingVpc: {\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateApiPulumiAppParams extends Omit<BaseCreateApiPulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | ApiPulumiAppAdvancedVpcParams>;\n}\n\nexport function createApiPulumiApp(projectAppParams: CreateApiPulumiAppParams = {}) {\n return baseCreateApiPulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n async pulumi(app) {\n const license = await License.fromEnvironment();\n\n const { getParam } = app;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n if (license.canUseFileManagerThreatDetection()) {\n handleGuardDutyEvents(app);\n }\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(app);\n }\n\n const { onResource, addResource } = app;\n const { useExistingVpc } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(app);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AAEA,IAAAG,mBAAA,GAAAH,OAAA;AACA,IAAAI,sBAAA,GAAAJ,OAAA;AAcO,SAASK,kBAAkBA,CAACC,gBAA0C,GAAG,CAAC,CAAC,EAAE;EAChF,OAAO,IAAAC,sCAAsB,EAAC;IAC1B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACD,MAAMC,MAAMA,CAACC,GAAG,EAAE;MACd,MAAMC,OAAO,GAAG,MAAMC,YAAO,CAACC,eAAe,CAAC,CAAC;MAE/C,MAAM;QAAEP;MAAS,CAAC,GAAGI,GAAG;MACxB,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAE9D,IAAIM,OAAO,CAACG,gCAAgC,CAAC,CAAC,EAAE;QAC5C,IAAAC,4CAAqB,EAACL,GAAG,CAAC;MAC9B;;MAEA;MACA,IAAI,CAACH,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACM,MAAM,GAAGC,GAAG,CAAC;MACzC;MAEA,MAAM;QAAEM,UAAU;QAAEC;MAAY,CAAC,GAAGP,GAAG;MACvC,MAAM;QAAEF;MAAe,CAAC,GAAGH,GAAG;;MAE9B;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACU,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAEzB,GAAG,CAAC2B,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACnB,cAAc,CAAEU,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAEzB,GAAG,CAACiC,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAACtB,GAAG,CAACiC,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAExC,GAAG,CAACiC,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAOlC,gBAAgB,CAACM,MAAM,GAAGC,GAAG,CAAC;IACzC;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/enterprise/createCorePulumiApp.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import * as aws from "@pulumi/aws";
2
- import { CreateCorePulumiAppParams as BaseCreateCorePulumiAppParams } from "../apps/core/createCorePulumiApp";
3
- import { PulumiAppParam } from "@webiny/pulumi";
2
+ import type { CreateCorePulumiAppParams as BaseCreateCorePulumiAppParams } from "../apps/core/createCorePulumiApp";
3
+ import type { PulumiAppParam } from "@webiny/pulumi";
4
4
  export type CorePulumiApp = ReturnType<typeof createCorePulumiApp>;
5
5
  export type CorePulumiAppAdvancedVpcParams = Partial<{
6
6
  useVpcEndpoints: boolean;
package/enterprise/createCorePulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","pulumi","_createCorePulumiApp","_pulumi2","_awsUtils","_configureS3BucketMalwareProtection","_wcp","createCorePulumiApp","projectAppParams","baseCreateCorePulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","args","app","license","License","fromEnvironment","canUseFileManagerThreatDetection","configureS3BucketMalwareProtection","resources","addResource","onResource","useVpcEndpoints","Error","elasticSearch","elasticSearchDomainVpcConfig","resource","isResourceOfType","elasticsearch","Domain","config","vpcOptions","openSearch","openSearchDomainVpcConfig","opensearch","lambdaFunctionsVpcConfig","lambda","Function","canUseVpc","meta","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","region","getAwsRegion","ec2","Vpc","enableDnsSupport","enableDnsHostnames","subnets","routeTables","VpcEndpoint","vpcId","id","serviceName","interpolate","routeTableIds","privateSubnets","vpcEndpointType","privateDnsEnabled","securityGroupIds","defaultSecurityGroupId","subnetIds","private","map","subNet"],"sources":["createCorePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport {\n createCorePulumiApp as baseCreateCorePulumiApp,\n CreateCorePulumiAppParams as BaseCreateCorePulumiAppParams\n} from \"~/apps/core/createCorePulumiApp\";\nimport { isResourceOfType, PulumiAppParam } from \"@webiny/pulumi\";\nimport { getAwsRegion } from \"~/apps/awsUtils\";\nimport { configureS3BucketMalwareProtection } from \"~/enterprise/core/configureS3BucketMalwareProtection\";\nimport { License } from \"@webiny/wcp\";\n\nexport type CorePulumiApp = ReturnType<typeof createCorePulumiApp>;\n\nexport type CorePulumiAppAdvancedVpcParams = Partial<{\n useVpcEndpoints: boolean;\n useExistingVpc: {\n elasticSearchDomainVpcConfig?: aws.types.input.elasticsearch.DomainVpcOptions;\n openSearchDomainVpcConfig?: aws.types.input.opensearch.DomainVpcOptions;\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateCorePulumiAppParams extends Omit<BaseCreateCorePulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | CorePulumiAppAdvancedVpcParams>;\n}\n\nexport function createCorePulumiApp(projectAppParams: CreateCorePulumiAppParams = {}) {\n return baseCreateCorePulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n async pulumi(...args) {\n const [app] = args;\n const { getParam } = app;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n const license = await License.fromEnvironment();\n\n if (license.canUseFileManagerThreatDetection()) {\n configureS3BucketMalwareProtection(app);\n }\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ resources, addResource, onResource }] = args;\n const { useExistingVpc, useVpcEndpoints } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (\"useVpcEndpoints\" in vpc) {\n throw new Error(\n \"Cannot specify `useVpcEndpoints` parameter when using an existing VPC. The VPC endpoints configurations should be already defined within the existing VPC.\"\n );\n }\n\n if (projectAppParams.elasticSearch) {\n if (!useExistingVpc.elasticSearchDomainVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `elasticSearchDomainVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.elasticsearch.Domain)) {\n resource.config.vpcOptions(\n useExistingVpc!.elasticSearchDomainVpcConfig\n );\n }\n });\n }\n\n if (projectAppParams.openSearch) {\n if (!useExistingVpc.openSearchDomainVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `openSearchDomainVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.opensearch.Domain)) {\n resource.config.vpcOptions(useExistingVpc!.openSearchDomainVpcConfig);\n }\n });\n }\n\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n\n return projectAppParams.pulumi?.(...args);\n }\n\n // 2. Now we deal with \"non-existing VPC\" setup.\n if (useVpcEndpoints) {\n const region = getAwsRegion(app);\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.ec2.Vpc)) {\n resource.config.enableDnsSupport(true);\n resource.config.enableDnsHostnames(true);\n }\n });\n\n const { vpc, subnets, routeTables } = resources.vpc!;\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-s3-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.s3`,\n routeTableIds: [routeTables.privateSubnets.output.id]\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-dynamodb-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.dynamodb`,\n routeTableIds: [routeTables.privateSubnets.output.id]\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-sqs-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.sqs`,\n vpcEndpointType: \"Interface\",\n privateDnsEnabled: true,\n securityGroupIds: [vpc.output.defaultSecurityGroupId],\n subnetIds: subnets.private.map(subNet => subNet.output.id)\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-events-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.events`,\n vpcEndpointType: \"Interface\",\n privateDnsEnabled: true,\n securityGroupIds: [vpc.output.defaultSecurityGroupId],\n subnetIds: subnets.private.map(subNet => subNet.output.id)\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,oBAAA,GAAAF,OAAA;AAIA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AACA,IAAAK,mCAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAiBO,SAASO,mBAAmBA,CAACC,gBAA2C,GAAG,CAAC,CAAC,EAAE;EAClF,OAAO,IAAAC,wCAAuB,EAAC;IAC3B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACD,MAAMZ,MAAMA,CAAC,GAAGa,IAAI,EAAE;MAClB,MAAM,CAACC,GAAG,CAAC,GAAGD,IAAI;MAClB,MAAM;QAAEH;MAAS,CAAC,GAAGI,GAAG;MACxB,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAE9D,MAAMM,OAAO,GAAG,MAAMC,YAAO,CAACC,eAAe,CAAC,CAAC;MAE/C,IAAIF,OAAO,CAACG,gCAAgC,CAAC,CAAC,EAAE;QAC5C,IAAAC,sEAAkC,EAACL,GAAG,CAAC;MAC3C;;MAEA;MACA,IAAI,CAACH,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEO,SAAS;QAAEC,WAAW;QAAEC;MAAW,CAAC,CAAC,GAAGT,IAAI;MACrD,MAAM;QAAED,cAAc;QAAEW;MAAgB,CAAC,GAAGd,GAAG;;MAE/C;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,iBAAiB,IAAIH,GAAG,EAAE;UAC1B,MAAM,IAAIe,KAAK,CACX,4JACJ,CAAC;QACL;QAEA,IAAIjB,gBAAgB,CAACkB,aAAa,EAAE;UAChC,IAAI,CAACb,cAAc,CAACc,4BAA4B,EAAE;YAC9C,MAAM,IAAIF,KAAK,CACX,iHACJ,CAAC;UACL;UAEAF,UAAU,CAACK,QAAQ,IAAI;YACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACgC,aAAa,CAACC,MAAM,CAAC,EAAE;cACtDH,QAAQ,CAACI,MAAM,CAACC,UAAU,CACtBpB,cAAc,CAAEc,4BACpB,CAAC;YACL;UACJ,CAAC,CAAC;QACN;QAEA,IAAInB,gBAAgB,CAAC0B,UAAU,EAAE;UAC7B,IAAI,CAACrB,cAAc,CAACsB,yBAAyB,EAAE;YAC3C,MAAM,IAAIV,KAAK,CACX,8GACJ,CAAC;UACL;UAEAF,UAAU,CAACK,QAAQ,IAAI;YACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACsC,UAAU,CAACL,MAAM,CAAC,EAAE;cACnDH,QAAQ,CAACI,MAAM,CAACC,UAAU,CAACpB,cAAc,CAAEsB,yBAAyB,CAAC;YACzE;UACJ,CAAC,CAAC;QACN;QAEA,IAAI,CAACtB,cAAc,CAACwB,wBAAwB,EAAE;UAC1C,MAAM,IAAIZ,KAAK,CACX,6GACJ,CAAC;QACL;QAEAF,UAAU,CAACK,QAAQ,IAAI;UACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACwC,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGZ,QAAQ,CAACa,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXZ,QAAQ,CAACI,MAAM,CAACU,SAAS,CAAC7B,cAAc,CAAEwB,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAR,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAAC6C,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIhB,QAAQ,CAACa,IAAI,CAACI,oBAAoB,EAAE;cACpCvB,WAAW,CAACxB,GAAG,CAAC6C,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGnB,QAAQ,CAACmB,IAAI,4BAA4B;gBAClDf,MAAM,EAAE;kBACJgB,IAAI,EAAEpB,QAAQ,CAACqB,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAEpD,GAAG,CAAC6C,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;QAEF,OAAO5C,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;MAC7C;;MAEA;MACA,IAAIU,eAAe,EAAE;QACjB,MAAM6B,MAAM,GAAG,IAAAC,sBAAY,EAACvC,GAAG,CAAC;QAEhCQ,UAAU,CAACK,QAAQ,IAAI;UACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACyD,GAAG,CAACC,GAAG,CAAC,EAAE;YACzC5B,QAAQ,CAACI,MAAM,CAACyB,gBAAgB,CAAC,IAAI,CAAC;YACtC7B,QAAQ,CAACI,MAAM,CAAC0B,kBAAkB,CAAC,IAAI,CAAC;UAC5C;QACJ,CAAC,CAAC;QAEF,MAAM;UAAEhD,GAAG;UAAEiD,OAAO;UAAEC;QAAY,CAAC,GAAGvC,SAAS,CAACX,GAAI;QACpDY,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,qBAAqB;UAC3Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,KAAK;YAC3Da,aAAa,EAAE,CAACN,WAAW,CAACO,cAAc,CAAClB,MAAM,CAACc,EAAE;UACxD;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,2BAA2B;UACjCf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,WAAW;YACjEa,aAAa,EAAE,CAACN,WAAW,CAACO,cAAc,CAAClB,MAAM,CAACc,EAAE;UACxD;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,sBAAsB;UAC5Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,MAAM;YAC5De,eAAe,EAAE,WAAW;YAC5BC,iBAAiB,EAAE,IAAI;YACvBC,gBAAgB,EAAE,CAAC5D,GAAG,CAACuC,MAAM,CAACsB,sBAAsB,CAAC;YACrDC,SAAS,EAAEb,OAAO,CAACc,OAAO,CAACC,GAAG,CAACC,MAAM,IAAIA,MAAM,CAAC1B,MAAM,CAACc,EAAE;UAC7D;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,yBAAyB;UAC/Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,SAAS;YAC/De,eAAe,EAAE,WAAW;YAC5BC,iBAAiB,EAAE,IAAI;YACvBC,gBAAgB,EAAE,CAAC5D,GAAG,CAACuC,MAAM,CAACsB,sBAAsB,CAAC;YACrDC,SAAS,EAAEb,OAAO,CAACc,OAAO,CAACC,GAAG,CAACC,MAAM,IAAIA,MAAM,CAAC1B,MAAM,CAACc,EAAE;UAC7D;QACJ,CAAC,CAAC;MACN;MAEA,OAAOvD,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","pulumi","_createCorePulumiApp","_pulumi2","_awsUtils","_configureS3BucketMalwareProtection","_wcp","createCorePulumiApp","projectAppParams","baseCreateCorePulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","args","app","license","License","fromEnvironment","canUseFileManagerThreatDetection","configureS3BucketMalwareProtection","resources","addResource","onResource","useVpcEndpoints","Error","elasticSearch","elasticSearchDomainVpcConfig","resource","isResourceOfType","elasticsearch","Domain","config","vpcOptions","openSearch","openSearchDomainVpcConfig","opensearch","lambdaFunctionsVpcConfig","lambda","Function","canUseVpc","meta","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","region","getAwsRegion","ec2","Vpc","enableDnsSupport","enableDnsHostnames","subnets","routeTables","VpcEndpoint","vpcId","id","serviceName","interpolate","routeTableIds","privateSubnets","vpcEndpointType","privateDnsEnabled","securityGroupIds","defaultSecurityGroupId","subnetIds","private","map","subNet"],"sources":["createCorePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport type { CreateCorePulumiAppParams as BaseCreateCorePulumiAppParams } from \"~/apps/core/createCorePulumiApp\";\nimport { createCorePulumiApp as baseCreateCorePulumiApp } from \"~/apps/core/createCorePulumiApp\";\nimport type { PulumiAppParam } from \"@webiny/pulumi\";\nimport { isResourceOfType } from \"@webiny/pulumi\";\nimport { getAwsRegion } from \"~/apps/awsUtils\";\nimport { configureS3BucketMalwareProtection } from \"~/enterprise/core/configureS3BucketMalwareProtection\";\nimport { License } from \"@webiny/wcp\";\n\nexport type CorePulumiApp = ReturnType<typeof createCorePulumiApp>;\n\nexport type CorePulumiAppAdvancedVpcParams = Partial<{\n useVpcEndpoints: boolean;\n useExistingVpc: {\n elasticSearchDomainVpcConfig?: aws.types.input.elasticsearch.DomainVpcOptions;\n openSearchDomainVpcConfig?: aws.types.input.opensearch.DomainVpcOptions;\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateCorePulumiAppParams extends Omit<BaseCreateCorePulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | CorePulumiAppAdvancedVpcParams>;\n}\n\nexport function createCorePulumiApp(projectAppParams: CreateCorePulumiAppParams = {}) {\n return baseCreateCorePulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n async pulumi(...args) {\n const [app] = args;\n const { getParam } = app;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n const license = await License.fromEnvironment();\n\n if (license.canUseFileManagerThreatDetection()) {\n configureS3BucketMalwareProtection(app);\n }\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ resources, addResource, onResource }] = args;\n const { useExistingVpc, useVpcEndpoints } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (\"useVpcEndpoints\" in vpc) {\n throw new Error(\n \"Cannot specify `useVpcEndpoints` parameter when using an existing VPC. The VPC endpoints configurations should be already defined within the existing VPC.\"\n );\n }\n\n if (projectAppParams.elasticSearch) {\n if (!useExistingVpc.elasticSearchDomainVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `elasticSearchDomainVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.elasticsearch.Domain)) {\n resource.config.vpcOptions(\n useExistingVpc!.elasticSearchDomainVpcConfig\n );\n }\n });\n }\n\n if (projectAppParams.openSearch) {\n if (!useExistingVpc.openSearchDomainVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `openSearchDomainVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.opensearch.Domain)) {\n resource.config.vpcOptions(useExistingVpc!.openSearchDomainVpcConfig);\n }\n });\n }\n\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n\n return projectAppParams.pulumi?.(...args);\n }\n\n // 2. Now we deal with \"non-existing VPC\" setup.\n if (useVpcEndpoints) {\n const region = getAwsRegion(app);\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.ec2.Vpc)) {\n resource.config.enableDnsSupport(true);\n resource.config.enableDnsHostnames(true);\n }\n });\n\n const { vpc, subnets, routeTables } = resources.vpc!;\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-s3-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.s3`,\n routeTableIds: [routeTables.privateSubnets.output.id]\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-dynamodb-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.dynamodb`,\n routeTableIds: [routeTables.privateSubnets.output.id]\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-sqs-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.sqs`,\n vpcEndpointType: \"Interface\",\n privateDnsEnabled: true,\n securityGroupIds: [vpc.output.defaultSecurityGroupId],\n subnetIds: subnets.private.map(subNet => subNet.output.id)\n }\n });\n\n addResource(aws.ec2.VpcEndpoint, {\n name: \"vpc-events-vpc-endpoint\",\n config: {\n vpcId: vpc.output.id,\n serviceName: pulumi.interpolate`com.amazonaws.${region}.events`,\n vpcEndpointType: \"Interface\",\n privateDnsEnabled: true,\n securityGroupIds: [vpc.output.defaultSecurityGroupId],\n subnetIds: subnets.private.map(subNet => subNet.output.id)\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AAEA,IAAAE,oBAAA,GAAAF,OAAA;AAEA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AACA,IAAAK,mCAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAiBO,SAASO,mBAAmBA,CAACC,gBAA2C,GAAG,CAAC,CAAC,EAAE;EAClF,OAAO,IAAAC,wCAAuB,EAAC;IAC3B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACD,MAAMZ,MAAMA,CAAC,GAAGa,IAAI,EAAE;MAClB,MAAM,CAACC,GAAG,CAAC,GAAGD,IAAI;MAClB,MAAM;QAAEH;MAAS,CAAC,GAAGI,GAAG;MACxB,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAE9D,MAAMM,OAAO,GAAG,MAAMC,YAAO,CAACC,eAAe,CAAC,CAAC;MAE/C,IAAIF,OAAO,CAACG,gCAAgC,CAAC,CAAC,EAAE;QAC5C,IAAAC,sEAAkC,EAACL,GAAG,CAAC;MAC3C;;MAEA;MACA,IAAI,CAACH,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEO,SAAS;QAAEC,WAAW;QAAEC;MAAW,CAAC,CAAC,GAAGT,IAAI;MACrD,MAAM;QAAED,cAAc;QAAEW;MAAgB,CAAC,GAAGd,GAAG;;MAE/C;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,iBAAiB,IAAIH,GAAG,EAAE;UAC1B,MAAM,IAAIe,KAAK,CACX,4JACJ,CAAC;QACL;QAEA,IAAIjB,gBAAgB,CAACkB,aAAa,EAAE;UAChC,IAAI,CAACb,cAAc,CAACc,4BAA4B,EAAE;YAC9C,MAAM,IAAIF,KAAK,CACX,iHACJ,CAAC;UACL;UAEAF,UAAU,CAACK,QAAQ,IAAI;YACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACgC,aAAa,CAACC,MAAM,CAAC,EAAE;cACtDH,QAAQ,CAACI,MAAM,CAACC,UAAU,CACtBpB,cAAc,CAAEc,4BACpB,CAAC;YACL;UACJ,CAAC,CAAC;QACN;QAEA,IAAInB,gBAAgB,CAAC0B,UAAU,EAAE;UAC7B,IAAI,CAACrB,cAAc,CAACsB,yBAAyB,EAAE;YAC3C,MAAM,IAAIV,KAAK,CACX,8GACJ,CAAC;UACL;UAEAF,UAAU,CAACK,QAAQ,IAAI;YACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACsC,UAAU,CAACL,MAAM,CAAC,EAAE;cACnDH,QAAQ,CAACI,MAAM,CAACC,UAAU,CAACpB,cAAc,CAAEsB,yBAAyB,CAAC;YACzE;UACJ,CAAC,CAAC;QACN;QAEA,IAAI,CAACtB,cAAc,CAACwB,wBAAwB,EAAE;UAC1C,MAAM,IAAIZ,KAAK,CACX,6GACJ,CAAC;QACL;QAEAF,UAAU,CAACK,QAAQ,IAAI;UACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACwC,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGZ,QAAQ,CAACa,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXZ,QAAQ,CAACI,MAAM,CAACU,SAAS,CAAC7B,cAAc,CAAEwB,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAR,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAAC6C,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIhB,QAAQ,CAACa,IAAI,CAACI,oBAAoB,EAAE;cACpCvB,WAAW,CAACxB,GAAG,CAAC6C,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGnB,QAAQ,CAACmB,IAAI,4BAA4B;gBAClDf,MAAM,EAAE;kBACJgB,IAAI,EAAEpB,QAAQ,CAACqB,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAEpD,GAAG,CAAC6C,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;QAEF,OAAO5C,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;MAC7C;;MAEA;MACA,IAAIU,eAAe,EAAE;QACjB,MAAM6B,MAAM,GAAG,IAAAC,sBAAY,EAACvC,GAAG,CAAC;QAEhCQ,UAAU,CAACK,QAAQ,IAAI;UACnB,IAAI,IAAAC,yBAAgB,EAACD,QAAQ,EAAE9B,GAAG,CAACyD,GAAG,CAACC,GAAG,CAAC,EAAE;YACzC5B,QAAQ,CAACI,MAAM,CAACyB,gBAAgB,CAAC,IAAI,CAAC;YACtC7B,QAAQ,CAACI,MAAM,CAAC0B,kBAAkB,CAAC,IAAI,CAAC;UAC5C;QACJ,CAAC,CAAC;QAEF,MAAM;UAAEhD,GAAG;UAAEiD,OAAO;UAAEC;QAAY,CAAC,GAAGvC,SAAS,CAACX,GAAI;QACpDY,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,qBAAqB;UAC3Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,KAAK;YAC3Da,aAAa,EAAE,CAACN,WAAW,CAACO,cAAc,CAAClB,MAAM,CAACc,EAAE;UACxD;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,2BAA2B;UACjCf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,WAAW;YACjEa,aAAa,EAAE,CAACN,WAAW,CAACO,cAAc,CAAClB,MAAM,CAACc,EAAE;UACxD;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,sBAAsB;UAC5Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,MAAM;YAC5De,eAAe,EAAE,WAAW;YAC5BC,iBAAiB,EAAE,IAAI;YACvBC,gBAAgB,EAAE,CAAC5D,GAAG,CAACuC,MAAM,CAACsB,sBAAsB,CAAC;YACrDC,SAAS,EAAEb,OAAO,CAACc,OAAO,CAACC,GAAG,CAACC,MAAM,IAAIA,MAAM,CAAC1B,MAAM,CAACc,EAAE;UAC7D;QACJ,CAAC,CAAC;QAEFzC,WAAW,CAACxB,GAAG,CAACyD,GAAG,CAACM,WAAW,EAAE;UAC7Bd,IAAI,EAAE,yBAAyB;UAC/Bf,MAAM,EAAE;YACJ8B,KAAK,EAAEpD,GAAG,CAACuC,MAAM,CAACc,EAAE;YACpBC,WAAW,EAAE/D,MAAM,CAACgE,WAAW,iBAAiBZ,MAAM,SAAS;YAC/De,eAAe,EAAE,WAAW;YAC5BC,iBAAiB,EAAE,IAAI;YACvBC,gBAAgB,EAAE,CAAC5D,GAAG,CAACuC,MAAM,CAACsB,sBAAsB,CAAC;YACrDC,SAAS,EAAEb,OAAO,CAACc,OAAO,CAACC,GAAG,CAACC,MAAM,IAAIA,MAAM,CAAC1B,MAAM,CAACc,EAAE;UAC7D;QACJ,CAAC,CAAC;MACN;MAEA,OAAOvD,gBAAgB,CAACP,MAAM,GAAG,GAAGa,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/enterprise/createSyncSystemPulumiApp.d.ts CHANGED
@@ -13,14 +13,19 @@ export type SyncSystemPulumiAppAdvancedVpcParams = Partial<{
13
13
  export interface CreateSyncSystemPulumiAppParams extends Omit<BaseCreateSyncSystemPulumiAppParams, "vpc"> {
14
14
  vpc?: PulumiAppParam<boolean | SyncSystemPulumiAppAdvancedVpcParams>;
15
15
  }
16
- export declare function createSyncSystemPulumiApp(projectAppParams?: CreateSyncSystemPulumiAppParams): import("@webiny/pulumi").PulumiApp<{
17
- dynamodbTable: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/dynamodb/table").Table>;
18
- dynamodbTableArn: import("@pulumi/pulumi").Output<string>;
19
- dynamodbTableName: import("@pulumi/pulumi").Output<string>;
20
- dynamodbTableHashKey: import("@pulumi/pulumi").Output<string>;
21
- dynamodbTableRangeKey: import("@pulumi/pulumi").Output<string | undefined>;
22
- sqs: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/sqs/queue").Queue>;
23
- sqsArn: import("@pulumi/pulumi").Output<string>;
16
+ export declare function createSyncSystemPulumiApp(projectAppParams: CreateSyncSystemPulumiAppParams): import("@webiny/pulumi").PulumiApp<{
17
+ sqs: import("@pulumi/pulumi").Output<import("@pulumi/aws/sqs/queue").Queue>;
18
+ dynamoDb: import("@pulumi/pulumi").Output<import("@pulumi/aws/dynamodb/table").Table>;
19
+ eventBus: import("@pulumi/pulumi").Output<import("@pulumi/aws/cloudwatch/eventBus").EventBus>;
20
+ eventBusRule: import("@pulumi/pulumi").Output<import("@pulumi/aws/cloudwatch/eventRule").EventRule>;
21
+ eventBusTarget: import("@pulumi/pulumi").Output<import("@pulumi/aws/cloudwatch/eventTarget").EventTarget>;
22
+ eventBusPolicy: import("@pulumi/pulumi").Output<import("@pulumi/aws/sqs/queuePolicy").QueuePolicy>;
23
+ workerLambda: import("@pulumi/pulumi").Output<import("@pulumi/aws/lambda/function").Function>;
24
+ workerLambdaRole: import("@pulumi/pulumi").Output<import("@pulumi/aws/iam/role").Role>;
25
+ resolverLambda: import("@pulumi/pulumi").Output<import("@pulumi/aws/lambda/function").Function>;
26
+ resolverLambdaRole: import("@pulumi/pulumi").Output<import("@pulumi/aws/iam/role").Role>;
27
+ resolverLambdaPolicy: import("@pulumi/pulumi").Output<import("@pulumi/aws/iam/policy").Policy>;
28
+ resolverLambdaEventSourceMapping: import("@pulumi/pulumi").Output<import("@pulumi/aws/lambda/eventSourceMapping").EventSourceMapping>;
24
29
  primary: {};
25
30
  secondary: {};
26
31
  }>;
package/enterprise/createSyncSystemPulumiApp.js CHANGED
@@ -8,7 +8,7 @@ exports.createSyncSystemPulumiApp = createSyncSystemPulumiApp;
8
8
  var aws = _interopRequireWildcard(require("@pulumi/aws"));
9
9
  var _createSyncSystemPulumiApp = require("../apps/syncSystem/createSyncSystemPulumiApp");
10
10
  var _pulumi = require("@webiny/pulumi");
11
- function createSyncSystemPulumiApp(projectAppParams = {}) {
11
+ function createSyncSystemPulumiApp(projectAppParams) {
12
12
  return (0, _createSyncSystemPulumiApp.createSyncSystemPulumiApp)({
13
13
  ...projectAppParams,
14
14
  // If using existing VPC, we ensure `vpc` param is set to `false`.
package/enterprise/createSyncSystemPulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_createSyncSystemPulumiApp","_pulumi","createSyncSystemPulumiApp","projectAppParams","baseCreateSyncSystemPulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","Boolean","pulumi","args","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createSyncSystemPulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { CreateSyncSystemPulumiAppParams as BaseCreateSyncSystemPulumiAppParams } from \"~/apps/syncSystem/createSyncSystemPulumiApp\";\nimport { createSyncSystemPulumiApp as baseCreateSyncSystemPulumiApp } from \"~/apps/syncSystem/createSyncSystemPulumiApp\";\nimport type { PulumiAppParam } from \"@webiny/pulumi\";\nimport { isResourceOfType } from \"@webiny/pulumi\";\n\nexport type SyncSystemPulumiApp = ReturnType<typeof createSyncSystemPulumiApp>;\n\nexport type SyncSystemPulumiAppAdvancedVpcParams = Partial<{\n useVpcEndpoints: boolean;\n useExistingVpc: {\n elasticSearchDomainVpcConfig?: aws.types.input.elasticsearch.DomainVpcOptions;\n openSearchDomainVpcConfig?: aws.types.input.opensearch.DomainVpcOptions;\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateSyncSystemPulumiAppParams\n extends Omit<BaseCreateSyncSystemPulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | SyncSystemPulumiAppAdvancedVpcParams>;\n}\n\nexport function createSyncSystemPulumiApp(projectAppParams: CreateSyncSystemPulumiAppParams = {}) {\n return baseCreateSyncSystemPulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n return usingAdvancedVpcParams && vpc.useExistingVpc ? false : Boolean(vpc);\n },\n pulumi(...args) {\n const [{ getParam }] = args;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ onResource, addResource }] = args;\n const { useExistingVpc } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,0BAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AAkBO,SAASG,yBAAyBA,CAACC,gBAAiD,GAAG,CAAC,CAAC,EAAE;EAC9F,OAAO,IAAAC,oDAA6B,EAAC;IACjC,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAC9D,OAAOE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,GAAG,KAAK,GAAGC,OAAO,CAACJ,GAAG,CAAC;IAC9E,CAAC;IACDK,MAAMA,CAAC,GAAGC,IAAI,EAAE;MACZ,MAAM,CAAC;QAAEL;MAAS,CAAC,CAAC,GAAGK,IAAI;MAC3B,MAAMN,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;;MAE9D;MACA,IAAI,CAACE,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACO,MAAM,GAAG,GAAGC,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEC,UAAU;QAAEC;MAAY,CAAC,CAAC,GAAGF,IAAI;MAC1C,MAAM;QAAEH;MAAe,CAAC,GAAGH,GAAG;;MAE9B;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACM,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAEnB,GAAG,CAACqB,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACf,cAAc,CAAEM,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAEnB,GAAG,CAAC2B,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAAChB,GAAG,CAAC2B,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAElC,GAAG,CAAC2B,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAO9B,gBAAgB,CAACO,MAAM,GAAG,GAAGC,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_createSyncSystemPulumiApp","_pulumi","createSyncSystemPulumiApp","projectAppParams","baseCreateSyncSystemPulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","Boolean","pulumi","args","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createSyncSystemPulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { CreateSyncSystemPulumiAppParams as BaseCreateSyncSystemPulumiAppParams } from \"~/apps/syncSystem/createSyncSystemPulumiApp\";\nimport { createSyncSystemPulumiApp as baseCreateSyncSystemPulumiApp } from \"~/apps/syncSystem/createSyncSystemPulumiApp\";\nimport type { PulumiAppParam } from \"@webiny/pulumi\";\nimport { isResourceOfType } from \"@webiny/pulumi\";\n\nexport type SyncSystemPulumiApp = ReturnType<typeof createSyncSystemPulumiApp>;\n\nexport type SyncSystemPulumiAppAdvancedVpcParams = Partial<{\n useVpcEndpoints: boolean;\n useExistingVpc: {\n elasticSearchDomainVpcConfig?: aws.types.input.elasticsearch.DomainVpcOptions;\n openSearchDomainVpcConfig?: aws.types.input.opensearch.DomainVpcOptions;\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateSyncSystemPulumiAppParams\n extends Omit<BaseCreateSyncSystemPulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | SyncSystemPulumiAppAdvancedVpcParams>;\n}\n\nexport function createSyncSystemPulumiApp(projectAppParams: CreateSyncSystemPulumiAppParams) {\n return baseCreateSyncSystemPulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n return usingAdvancedVpcParams && vpc.useExistingVpc ? false : Boolean(vpc);\n },\n pulumi(...args) {\n const [{ getParam }] = args;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ onResource, addResource }] = args;\n const { useExistingVpc } = vpc;\n\n // 1. We first deal with \"existing VPC\" setup.\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,0BAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AAkBO,SAASG,yBAAyBA,CAACC,gBAAiD,EAAE;EACzF,OAAO,IAAAC,oDAA6B,EAAC;IACjC,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;MAC9D,OAAOE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,GAAG,KAAK,GAAGC,OAAO,CAACJ,GAAG,CAAC;IAC9E,CAAC;IACDK,MAAMA,CAAC,GAAGC,IAAI,EAAE;MACZ,MAAM,CAAC;QAAEL;MAAS,CAAC,CAAC,GAAGK,IAAI;MAC3B,MAAMN,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;;MAE9D;MACA,IAAI,CAACE,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACO,MAAM,GAAG,GAAGC,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEC,UAAU;QAAEC;MAAY,CAAC,CAAC,GAAGF,IAAI;MAC1C,MAAM;QAAEH;MAAe,CAAC,GAAGH,GAAG;;MAE9B;MACA,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACM,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAEnB,GAAG,CAACqB,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACf,cAAc,CAAEM,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAEnB,GAAG,CAAC2B,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAAChB,GAAG,CAAC2B,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAElC,GAAG,CAAC2B,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAO9B,gBAAgB,CAACO,MAAM,GAAG,GAAGC,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/enterprise/createWebsitePulumiApp.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import * as aws from "@pulumi/aws";
2
- import { CreateWebsitePulumiAppParams as BaseCreateWebsitePulumiAppParams } from "../apps/website/createWebsitePulumiApp";
3
- import { PulumiAppParam } from "@webiny/pulumi";
2
+ import type { CreateWebsitePulumiAppParams as BaseCreateWebsitePulumiAppParams } from "../apps/website/createWebsitePulumiApp";
3
+ import type { PulumiAppParam } from "@webiny/pulumi";
4
4
  export type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;
5
5
  export type WebsitePulumiAppAdvancedVpcParams = Partial<{
6
6
  useExistingVpc: {
package/enterprise/createWebsitePulumiApp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_createWebsitePulumiApp","_pulumi","createWebsitePulumiApp","projectAppParams","baseCreateWebsitePulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","pulumi","args","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport {\n createWebsitePulumiApp as baseCreateWebsitePulumiApp,\n CreateWebsitePulumiAppParams as BaseCreateWebsitePulumiAppParams\n} from \"~/apps/website/createWebsitePulumiApp\";\nimport { isResourceOfType, PulumiAppParam } from \"@webiny/pulumi\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport type WebsitePulumiAppAdvancedVpcParams = Partial<{\n useExistingVpc: {\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateWebsitePulumiAppParams\n extends Omit<BaseCreateWebsitePulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | WebsitePulumiAppAdvancedVpcParams>;\n}\n\nexport function createWebsitePulumiApp(projectAppParams: CreateWebsitePulumiAppParams = {}) {\n return baseCreateWebsitePulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n pulumi(...args) {\n const [{ getParam }] = args;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ onResource, addResource }] = args;\n const { useExistingVpc } = vpc;\n\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AAIA,IAAAE,OAAA,GAAAF,OAAA;AAeO,SAASG,sBAAsBA,CAACC,gBAA8C,GAAG,CAAC,CAAC,EAAE;EACxF,OAAO,IAAAC,8CAA0B,EAAC;IAC9B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACDC,MAAMA,CAAC,GAAGC,IAAI,EAAE;MACZ,MAAM,CAAC;QAAEJ;MAAS,CAAC,CAAC,GAAGI,IAAI;MAC3B,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;;MAE9D;MACA,IAAI,CAACE,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACM,MAAM,GAAG,GAAGC,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEC,UAAU;QAAEC;MAAY,CAAC,CAAC,GAAGF,IAAI;MAC1C,MAAM;QAAEF;MAAe,CAAC,GAAGH,GAAG;MAE9B,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACK,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAElB,GAAG,CAACoB,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACd,cAAc,CAAEK,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAElB,GAAG,CAAC0B,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAACf,GAAG,CAAC0B,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAEjC,GAAG,CAAC0B,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAO7B,gBAAgB,CAACM,MAAM,GAAG,GAAGC,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_createWebsitePulumiApp","_pulumi","createWebsitePulumiApp","projectAppParams","baseCreateWebsitePulumiApp","vpc","getParam","usingAdvancedVpcParams","useExistingVpc","pulumi","args","onResource","addResource","lambdaFunctionsVpcConfig","Error","resource","isResourceOfType","lambda","Function","canUseVpc","meta","config","vpcConfig","iam","Role","isLambdaFunctionRole","RolePolicyAttachment","name","role","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole"],"sources":["createWebsitePulumiApp.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { CreateWebsitePulumiAppParams as BaseCreateWebsitePulumiAppParams } from \"~/apps/website/createWebsitePulumiApp\";\nimport { createWebsitePulumiApp as baseCreateWebsitePulumiApp } from \"~/apps/website/createWebsitePulumiApp\";\nimport type { PulumiAppParam } from \"@webiny/pulumi\";\nimport { isResourceOfType } from \"@webiny/pulumi\";\n\nexport type WebsitePulumiApp = ReturnType<typeof createWebsitePulumiApp>;\n\nexport type WebsitePulumiAppAdvancedVpcParams = Partial<{\n useExistingVpc: {\n lambdaFunctionsVpcConfig: aws.types.input.lambda.FunctionVpcConfig;\n };\n}>;\n\nexport interface CreateWebsitePulumiAppParams\n extends Omit<BaseCreateWebsitePulumiAppParams, \"vpc\"> {\n vpc?: PulumiAppParam<boolean | WebsitePulumiAppAdvancedVpcParams>;\n}\n\nexport function createWebsitePulumiApp(projectAppParams: CreateWebsitePulumiAppParams = {}) {\n return baseCreateWebsitePulumiApp({\n ...projectAppParams,\n // If using existing VPC, we ensure `vpc` param is set to `false`.\n vpc: ({ getParam }) => {\n const vpc = getParam(projectAppParams.vpc);\n if (!vpc) {\n // This could be `false` or `undefined`. If `undefined`, down the line,\n // this means \"deploy into VPC if dealing with a production environment\".\n return vpc;\n }\n\n // If using an existing VPC, we ensure Webiny does not deploy its own VPC.\n const usingAdvancedVpcParams = typeof vpc !== \"boolean\";\n if (usingAdvancedVpcParams && vpc.useExistingVpc) {\n return false;\n }\n\n return true;\n },\n pulumi(...args) {\n const [{ getParam }] = args;\n const vpc = getParam(projectAppParams.vpc);\n const usingAdvancedVpcParams = vpc && typeof vpc !== \"boolean\";\n\n // Not using advanced VPC params? Then immediately exit.\n if (!usingAdvancedVpcParams) {\n return projectAppParams.pulumi?.(...args);\n }\n\n const [{ onResource, addResource }] = args;\n const { useExistingVpc } = vpc;\n\n if (useExistingVpc) {\n if (!useExistingVpc.lambdaFunctionsVpcConfig) {\n throw new Error(\n \"Cannot specify `useExistingVpc` parameter because the `lambdaFunctionsVpcConfig` parameter wasn't provided.\"\n );\n }\n\n onResource(resource => {\n if (isResourceOfType(resource, aws.lambda.Function)) {\n const canUseVpc = resource.meta.canUseVpc !== false;\n if (canUseVpc) {\n resource.config.vpcConfig(useExistingVpc!.lambdaFunctionsVpcConfig);\n }\n }\n\n if (isResourceOfType(resource, aws.iam.Role)) {\n if (resource.meta.isLambdaFunctionRole) {\n addResource(aws.iam.RolePolicyAttachment, {\n name: `${resource.name}-vpc-access-execution-role`,\n config: {\n role: resource.output.name,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n }\n }\n });\n }\n\n return projectAppParams.pulumi?.(...args);\n }\n });\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,uBAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AAeO,SAASG,sBAAsBA,CAACC,gBAA8C,GAAG,CAAC,CAAC,EAAE;EACxF,OAAO,IAAAC,8CAA0B,EAAC;IAC9B,GAAGD,gBAAgB;IACnB;IACAE,GAAG,EAAEA,CAAC;MAAEC;IAAS,CAAC,KAAK;MACnB,MAAMD,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,IAAI,CAACA,GAAG,EAAE;QACN;QACA;QACA,OAAOA,GAAG;MACd;;MAEA;MACA,MAAME,sBAAsB,GAAG,OAAOF,GAAG,KAAK,SAAS;MACvD,IAAIE,sBAAsB,IAAIF,GAAG,CAACG,cAAc,EAAE;QAC9C,OAAO,KAAK;MAChB;MAEA,OAAO,IAAI;IACf,CAAC;IACDC,MAAMA,CAAC,GAAGC,IAAI,EAAE;MACZ,MAAM,CAAC;QAAEJ;MAAS,CAAC,CAAC,GAAGI,IAAI;MAC3B,MAAML,GAAG,GAAGC,QAAQ,CAACH,gBAAgB,CAACE,GAAG,CAAC;MAC1C,MAAME,sBAAsB,GAAGF,GAAG,IAAI,OAAOA,GAAG,KAAK,SAAS;;MAE9D;MACA,IAAI,CAACE,sBAAsB,EAAE;QACzB,OAAOJ,gBAAgB,CAACM,MAAM,GAAG,GAAGC,IAAI,CAAC;MAC7C;MAEA,MAAM,CAAC;QAAEC,UAAU;QAAEC;MAAY,CAAC,CAAC,GAAGF,IAAI;MAC1C,MAAM;QAAEF;MAAe,CAAC,GAAGH,GAAG;MAE9B,IAAIG,cAAc,EAAE;QAChB,IAAI,CAACA,cAAc,CAACK,wBAAwB,EAAE;UAC1C,MAAM,IAAIC,KAAK,CACX,6GACJ,CAAC;QACL;QAEAH,UAAU,CAACI,QAAQ,IAAI;UACnB,IAAI,IAAAC,wBAAgB,EAACD,QAAQ,EAAElB,GAAG,CAACoB,MAAM,CAACC,QAAQ,CAAC,EAAE;YACjD,MAAMC,SAAS,GAAGJ,QAAQ,CAACK,IAAI,CAACD,SAAS,KAAK,KAAK;YACnD,IAAIA,SAAS,EAAE;cACXJ,QAAQ,CAACM,MAAM,CAACC,SAAS,CAACd,cAAc,CAAEK,wBAAwB,CAAC;YACvE;UACJ;UAEA,IAAI,IAAAG,wBAAgB,EAACD,QAAQ,EAAElB,GAAG,CAAC0B,GAAG,CAACC,IAAI,CAAC,EAAE;YAC1C,IAAIT,QAAQ,CAACK,IAAI,CAACK,oBAAoB,EAAE;cACpCb,WAAW,CAACf,GAAG,CAAC0B,GAAG,CAACG,oBAAoB,EAAE;gBACtCC,IAAI,EAAE,GAAGZ,QAAQ,CAACY,IAAI,4BAA4B;gBAClDN,MAAM,EAAE;kBACJO,IAAI,EAAEb,QAAQ,CAACc,MAAM,CAACF,IAAI;kBAC1BG,SAAS,EAAEjC,GAAG,CAAC0B,GAAG,CAACQ,aAAa,CAACC;gBACrC;cACJ,CAAC,CAAC;YACN;UACJ;QACJ,CAAC,CAAC;MACN;MAEA,OAAO7B,gBAAgB,CAACM,MAAM,GAAG,GAAGC,IAAI,CAAC;IAC7C;EACJ,CAAC,CAAC;AACN","ignoreList":[]}