@webiny/pulumi-aws 6.0.0-alpha.0 → 6.0.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (191) hide show
  1. package/apps/admin/createAdminPulumiApp.d.ts +3 -2
  2. package/apps/admin/createAdminPulumiApp.js +1 -0
  3. package/apps/admin/createAdminPulumiApp.js.map +1 -1
  4. package/apps/api/ApiApwScheduler.d.ts +1 -1
  5. package/apps/api/ApiApwScheduler.js.map +1 -1
  6. package/apps/api/ApiBackgroundTask.d.ts +1 -1
  7. package/apps/api/ApiBackgroundTask.js.map +1 -1
  8. package/apps/api/ApiCloudfront.d.ts +1 -1
  9. package/apps/api/ApiCloudfront.js.map +1 -1
  10. package/apps/api/ApiFileManager.d.ts +7 -1
  11. package/apps/api/ApiFileManager.js +6 -0
  12. package/apps/api/ApiFileManager.js.map +1 -1
  13. package/apps/api/ApiGateway.d.ts +2 -2
  14. package/apps/api/ApiGateway.js.map +1 -1
  15. package/apps/api/ApiGraphql.d.ts +1 -1
  16. package/apps/api/ApiGraphql.js.map +1 -1
  17. package/apps/api/ApiMigration.d.ts +1 -1
  18. package/apps/api/ApiMigration.js.map +1 -1
  19. package/apps/api/ApiOutput.d.ts +11 -1
  20. package/apps/api/ApiOutput.js +11 -1
  21. package/apps/api/ApiOutput.js.map +1 -1
  22. package/apps/api/ApiPageBuilder.d.ts +1 -1
  23. package/apps/api/ApiPageBuilder.js.map +1 -1
  24. package/apps/api/ApiScheduler.d.ts +8 -0
  25. package/apps/api/ApiScheduler.js +105 -0
  26. package/apps/api/ApiScheduler.js.map +1 -0
  27. package/apps/api/ApiWebsocket.d.ts +1 -1
  28. package/apps/api/ApiWebsocket.js.map +1 -1
  29. package/apps/api/backgroundTask/definition.d.ts +2 -2
  30. package/apps/api/backgroundTask/definition.js.map +1 -1
  31. package/apps/api/backgroundTask/policy.d.ts +2 -2
  32. package/apps/api/backgroundTask/policy.js.map +1 -1
  33. package/apps/api/backgroundTask/role.d.ts +2 -2
  34. package/apps/api/backgroundTask/role.js.map +1 -1
  35. package/apps/api/backgroundTask/types.d.ts +1 -1
  36. package/apps/api/backgroundTask/types.js.map +1 -1
  37. package/apps/api/createApiPulumiApp.d.ts +19 -13
  38. package/apps/api/createApiPulumiApp.js +50 -19
  39. package/apps/api/createApiPulumiApp.js.map +1 -1
  40. package/apps/awsUtils.d.ts +2 -2
  41. package/apps/awsUtils.js.map +1 -1
  42. package/apps/blueGreen/createBlueGreenPulumiApp.d.ts +7 -1
  43. package/apps/blueGreen/createBlueGreenPulumiApp.js +2 -2
  44. package/apps/blueGreen/createBlueGreenPulumiApp.js.map +1 -1
  45. package/apps/blueGreen/domains/attachDomainsToOutput.d.ts +1 -1
  46. package/apps/blueGreen/domains/attachDomainsToOutput.js.map +1 -1
  47. package/apps/blueGreen/types.d.ts +4 -1
  48. package/apps/blueGreen/types.js.map +1 -1
  49. package/apps/common/CoreOutput.d.ts +2 -1
  50. package/apps/common/CoreOutput.js +1 -0
  51. package/apps/common/CoreOutput.js.map +1 -1
  52. package/apps/common/VpcConfig.d.ts +1 -1
  53. package/apps/common/VpcConfig.js.map +1 -1
  54. package/apps/core/CoreCognito.d.ts +1 -1
  55. package/apps/core/CoreCognito.js.map +1 -1
  56. package/apps/core/CoreDynamo.d.ts +1 -1
  57. package/apps/core/CoreDynamo.js.map +1 -1
  58. package/apps/core/CoreElasticSearch.d.ts +1 -1
  59. package/apps/core/CoreElasticSearch.js +7 -1
  60. package/apps/core/CoreElasticSearch.js.map +1 -1
  61. package/apps/core/CoreEventBus.js.map +1 -1
  62. package/apps/core/CoreFileManager.d.ts +1 -1
  63. package/apps/core/CoreFileManager.js.map +1 -1
  64. package/apps/core/CoreOpenSearch.d.ts +1 -1
  65. package/apps/core/CoreOpenSearch.js +7 -1
  66. package/apps/core/CoreOpenSearch.js.map +1 -1
  67. package/apps/core/CoreVpc.d.ts +1 -1
  68. package/apps/core/CoreVpc.js.map +1 -1
  69. package/apps/core/LogDynamo.d.ts +1 -1
  70. package/apps/core/LogDynamo.js.map +1 -1
  71. package/apps/core/WatchCommand.js.map +1 -1
  72. package/apps/core/cognitoIdentityProviders/amazon.d.ts +3 -3
  73. package/apps/core/cognitoIdentityProviders/amazon.js.map +1 -1
  74. package/apps/core/cognitoIdentityProviders/apple.d.ts +3 -3
  75. package/apps/core/cognitoIdentityProviders/apple.js.map +1 -1
  76. package/apps/core/cognitoIdentityProviders/configure.d.ts +3 -3
  77. package/apps/core/cognitoIdentityProviders/configure.js.map +1 -1
  78. package/apps/core/cognitoIdentityProviders/facebook.d.ts +3 -3
  79. package/apps/core/cognitoIdentityProviders/facebook.js.map +1 -1
  80. package/apps/core/cognitoIdentityProviders/getIdpConfig.d.ts +2 -2
  81. package/apps/core/cognitoIdentityProviders/getIdpConfig.js.map +1 -1
  82. package/apps/core/cognitoIdentityProviders/google.d.ts +3 -3
  83. package/apps/core/cognitoIdentityProviders/google.js.map +1 -1
  84. package/apps/core/cognitoIdentityProviders/oidc.d.ts +3 -3
  85. package/apps/core/cognitoIdentityProviders/oidc.js.map +1 -1
  86. package/apps/core/createCorePulumiApp.d.ts +1 -1
  87. package/apps/core/createCorePulumiApp.js +2 -1
  88. package/apps/core/createCorePulumiApp.js.map +1 -1
  89. package/apps/createAppBucket.d.ts +1 -1
  90. package/apps/createAppBucket.js.map +1 -1
  91. package/apps/customDomain.d.ts +3 -3
  92. package/apps/customDomain.js.map +1 -1
  93. package/apps/lambdaUtils.d.ts +3 -2
  94. package/apps/lambdaUtils.js +21 -3
  95. package/apps/lambdaUtils.js.map +1 -1
  96. package/apps/react/createReactPulumiApp.d.ts +2 -2
  97. package/apps/react/createReactPulumiApp.js.map +1 -1
  98. package/apps/syncSystem/SyncSystemDynamo.d.ts +1 -1
  99. package/apps/syncSystem/SyncSystemDynamo.js.map +1 -1
  100. package/apps/syncSystem/SyncSystemDynamoDb.d.ts +3 -0
  101. package/apps/syncSystem/SyncSystemDynamoDb.js +55 -0
  102. package/apps/syncSystem/SyncSystemDynamoDb.js.map +1 -0
  103. package/apps/syncSystem/SyncSystemEventBus.d.ts +6 -0
  104. package/apps/syncSystem/SyncSystemEventBus.js +84 -0
  105. package/apps/syncSystem/SyncSystemEventBus.js.map +1 -0
  106. package/apps/syncSystem/SyncSystemLambda.d.ts +1 -1
  107. package/apps/syncSystem/SyncSystemLambda.js.map +1 -1
  108. package/apps/syncSystem/SyncSystemOutput.d.ts +3 -0
  109. package/apps/syncSystem/SyncSystemOutput.js +26 -0
  110. package/apps/syncSystem/SyncSystemOutput.js.map +1 -0
  111. package/apps/syncSystem/SyncSystemResolverLambda.d.ts +8 -0
  112. package/apps/syncSystem/SyncSystemResolverLambda.js +78 -0
  113. package/apps/syncSystem/SyncSystemResolverLambda.js.map +1 -0
  114. package/apps/syncSystem/SyncSystemSQS.d.ts +3 -4
  115. package/apps/syncSystem/SyncSystemSQS.js +33 -12
  116. package/apps/syncSystem/SyncSystemSQS.js.map +1 -1
  117. package/apps/syncSystem/SyncSystemWorkerLambda.d.ts +7 -0
  118. package/apps/syncSystem/SyncSystemWorkerLambda.js +57 -0
  119. package/apps/syncSystem/SyncSystemWorkerLambda.js.map +1 -0
  120. package/apps/syncSystem/api/addServiceManifest.d.ts +8 -0
  121. package/apps/syncSystem/api/addServiceManifest.js +25 -0
  122. package/apps/syncSystem/api/addServiceManifest.js.map +1 -0
  123. package/apps/syncSystem/api/attachCognitoPermissions.d.ts +14 -0
  124. package/apps/syncSystem/api/attachCognitoPermissions.js +67 -0
  125. package/apps/syncSystem/api/attachCognitoPermissions.js.map +1 -0
  126. package/apps/syncSystem/api/attachDynamoDbPermissions.d.ts +13 -0
  127. package/apps/syncSystem/api/attachDynamoDbPermissions.js +53 -0
  128. package/apps/syncSystem/api/attachDynamoDbPermissions.js.map +1 -0
  129. package/apps/syncSystem/api/attachEventBusPermissions.d.ts +18 -0
  130. package/apps/syncSystem/api/attachEventBusPermissions.js +66 -0
  131. package/apps/syncSystem/api/attachEventBusPermissions.js.map +1 -0
  132. package/apps/syncSystem/api/attachS3Permissions.d.ts +14 -0
  133. package/apps/syncSystem/api/attachS3Permissions.js +59 -0
  134. package/apps/syncSystem/api/attachS3Permissions.js.map +1 -0
  135. package/apps/syncSystem/api/index.d.ts +9 -0
  136. package/apps/syncSystem/api/index.js +65 -0
  137. package/apps/syncSystem/api/index.js.map +1 -0
  138. package/apps/syncSystem/constants.d.ts +1 -0
  139. package/apps/syncSystem/constants.js +9 -0
  140. package/apps/syncSystem/constants.js.map +1 -0
  141. package/apps/syncSystem/createSyncResourceName.d.ts +4 -0
  142. package/apps/syncSystem/createSyncResourceName.js +17 -0
  143. package/apps/syncSystem/createSyncResourceName.js.map +1 -0
  144. package/apps/syncSystem/createSyncSystemPulumiApp.d.ts +19 -10
  145. package/apps/syncSystem/createSyncSystemPulumiApp.js +107 -34
  146. package/apps/syncSystem/createSyncSystemPulumiApp.js.map +1 -1
  147. package/apps/syncSystem/customApp.d.ts +6 -0
  148. package/apps/syncSystem/customApp.js +26 -0
  149. package/apps/syncSystem/customApp.js.map +1 -0
  150. package/apps/syncSystem/getSyncSystemOutput.d.ts +6 -0
  151. package/apps/syncSystem/getSyncSystemOutput.js +28 -0
  152. package/apps/syncSystem/getSyncSystemOutput.js.map +1 -0
  153. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.d.ts +7 -0
  154. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js +55 -0
  155. package/apps/syncSystem/lambda/createSyncSystemResolverLambdaPolicy.js.map +1 -0
  156. package/apps/syncSystem/types.d.ts +55 -0
  157. package/apps/syncSystem/types.js +7 -0
  158. package/apps/syncSystem/types.js.map +1 -0
  159. package/apps/tenantRouter.d.ts +1 -1
  160. package/apps/tenantRouter.js.map +1 -1
  161. package/apps/website/WebsitePrerendering.d.ts +1 -1
  162. package/apps/website/WebsitePrerendering.js.map +1 -1
  163. package/apps/website/createWebsitePulumiApp.d.ts +2 -2
  164. package/apps/website/createWebsitePulumiApp.js.map +1 -1
  165. package/enterprise/api/handleGuardDutyEvents.d.ts +1 -1
  166. package/enterprise/api/handleGuardDutyEvents.js.map +1 -1
  167. package/enterprise/createApiPulumiApp.d.ts +13 -2
  168. package/enterprise/createApiPulumiApp.js.map +1 -1
  169. package/enterprise/createCorePulumiApp.d.ts +2 -2
  170. package/enterprise/createCorePulumiApp.js.map +1 -1
  171. package/enterprise/createSyncSystemPulumiApp.d.ts +13 -8
  172. package/enterprise/createSyncSystemPulumiApp.js +1 -1
  173. package/enterprise/createSyncSystemPulumiApp.js.map +1 -1
  174. package/enterprise/createWebsitePulumiApp.d.ts +2 -2
  175. package/enterprise/createWebsitePulumiApp.js.map +1 -1
  176. package/package.json +12 -12
  177. package/utils/addDomainsUrlsOutputs.d.ts +2 -2
  178. package/utils/addDomainsUrlsOutputs.js.map +1 -1
  179. package/utils/addServiceManifestTableItem.d.ts +1 -1
  180. package/utils/addServiceManifestTableItem.js.map +1 -1
  181. package/utils/createAssetArchive.d.ts +2 -0
  182. package/utils/createAssetArchive.js +16 -0
  183. package/utils/createAssetArchive.js.map +1 -0
  184. package/utils/getPresignedPost.d.ts +1 -1
  185. package/utils/getPresignedPost.js.map +1 -1
  186. package/utils/lambdaEnvVariables.d.ts +1 -1
  187. package/utils/lambdaEnvVariables.js.map +1 -1
  188. package/utils/uploadFolderToS3.d.ts +1 -1
  189. package/utils/uploadFolderToS3.js.map +1 -1
  190. package/utils/withServiceManifest.d.ts +2 -2
  191. package/utils/withServiceManifest.js.map +1 -1
package/apps/core/CoreCognito.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreCognito","exports","createAppModule","name","config","app","params","userPool","addResource","cognito","UserPool","passwordPolicy","minimumLength","requireLowercase","requireNumbers","requireSymbols","requireUppercase","temporaryPasswordValidityDays","adminCreateUserConfig","allowAdminCreateUserOnly","autoVerifiedAttributes","emailConfiguration","emailSendingAccount","usernameAttributes","useEmailAsUsername","undefined","aliasAttributes","lambdaConfig","mfaConfiguration","userPoolAddOns","advancedSecurityMode","verificationMessageTemplate","defaultEmailOption","accountRecoverySetting","recoveryMechanisms","priority","schemas","attributeDataType","required","developerOnlyAttribute","mutable","stringAttributeConstraints","maxLength","minLength","opts","protect","userPoolClient","UserPoolClient","userPoolId","output","id","accessTokenValidity","idTokenValidity","refreshTokenValidity","tokenValidityUnits","accessToken","idToken","refreshToken"],"sources":["CoreCognito.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport interface CoreCognitoParams {\n protect: boolean;\n useEmailAsUsername: boolean;\n}\n\nexport type CoreCognito = PulumiAppModule<typeof CoreCognito>;\n\nexport const CoreCognito = createAppModule({\n name: \"Cognito\",\n config(app: PulumiApp, params: CoreCognitoParams) {\n const userPool = app.addResource(aws.cognito.UserPool, {\n name: \"user-pool\",\n config: {\n passwordPolicy: {\n minimumLength: 8,\n requireLowercase: false,\n requireNumbers: false,\n requireSymbols: false,\n requireUppercase: false,\n temporaryPasswordValidityDays: 7\n },\n adminCreateUserConfig: {\n allowAdminCreateUserOnly: true\n },\n autoVerifiedAttributes: [\"email\"],\n emailConfiguration: {\n emailSendingAccount: \"COGNITO_DEFAULT\"\n },\n // In a legacy setup we use email as username.\n // We need to provide a way for users to have this setup,\n // because changing it would require whole cognito pool to be recreated.\n usernameAttributes: params.useEmailAsUsername ? [\"email\"] : undefined,\n aliasAttributes: params.useEmailAsUsername ? undefined : [\"preferred_username\"],\n lambdaConfig: {},\n mfaConfiguration: \"OFF\",\n userPoolAddOns: {\n advancedSecurityMode: \"OFF\" /* required */\n },\n verificationMessageTemplate: {\n defaultEmailOption: \"CONFIRM_WITH_CODE\"\n },\n accountRecoverySetting: {\n recoveryMechanisms: [{ name: \"verified_email\", priority: 1 }]\n },\n schemas: [\n {\n attributeDataType: \"String\",\n name: \"email\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"family_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"given_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"id\",\n required: false,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"36\",\n minLength: \"0\"\n }\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n const userPoolClient = app.addResource(aws.cognito.UserPoolClient, {\n name: \"user-pool-client\",\n config: {\n userPoolId: userPool.output.id,\n accessTokenValidity: 60,\n idTokenValidity: 60,\n refreshTokenValidity: 30,\n tokenValidityUnits: {\n accessToken: \"minutes\",\n idToken: \"minutes\",\n refreshToken: \"days\"\n }\n }\n });\n\n return {\n userPool,\n userPoolClient\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AASO,MAAME,WAAW,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,uBAAe,EAAC;EACvCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,QAAQ,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACC,QAAQ,EAAE;MACnDP,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJO,cAAc,EAAE;UACZC,aAAa,EAAE,CAAC;UAChBC,gBAAgB,EAAE,KAAK;UACvBC,cAAc,EAAE,KAAK;UACrBC,cAAc,EAAE,KAAK;UACrBC,gBAAgB,EAAE,KAAK;UACvBC,6BAA6B,EAAE;QACnC,CAAC;QACDC,qBAAqB,EAAE;UACnBC,wBAAwB,EAAE;QAC9B,CAAC;QACDC,sBAAsB,EAAE,CAAC,OAAO,CAAC;QACjCC,kBAAkB,EAAE;UAChBC,mBAAmB,EAAE;QACzB,CAAC;QACD;QACA;QACA;QACAC,kBAAkB,EAAEjB,MAAM,CAACkB,kBAAkB,GAAG,CAAC,OAAO,CAAC,GAAGC,SAAS;QACrEC,eAAe,EAAEpB,MAAM,CAACkB,kBAAkB,GAAGC,SAAS,GAAG,CAAC,oBAAoB,CAAC;QAC/EE,YAAY,EAAE,CAAC,CAAC;QAChBC,gBAAgB,EAAE,KAAK;QACvBC,cAAc,EAAE;UACZC,oBAAoB,EAAE,KAAK,CAAC;QAChC,CAAC;QACDC,2BAA2B,EAAE;UACzBC,kBAAkB,EAAE;QACxB,CAAC;QACDC,sBAAsB,EAAE;UACpBC,kBAAkB,EAAE,CAAC;YAAE/B,IAAI,EAAE,gBAAgB;YAAEgC,QAAQ,EAAE;UAAE,CAAC;QAChE,CAAC;QACDC,OAAO,EAAE,CACL;UACIC,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,OAAO;UACbmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,aAAa;UACnBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,YAAY;UAClBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,IAAI;UACVmC,QAAQ,EAAE,KAAK;UACfC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,IAAI;YACfC,SAAS,EAAE;UACf;QACJ,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEvC,MAAM,CAACuC;MACpB;IACJ,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGzC,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACsC,cAAc,EAAE;MAC/D5C,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJ4C,UAAU,EAAEzC,QAAQ,CAAC0C,MAAM,CAACC,EAAE;QAC9BC,mBAAmB,EAAE,EAAE;QACvBC,eAAe,EAAE,EAAE;QACnBC,oBAAoB,EAAE,EAAE;QACxBC,kBAAkB,EAAE;UAChBC,WAAW,EAAE,SAAS;UACtBC,OAAO,EAAE,SAAS;UAClBC,YAAY,EAAE;QAClB;MACJ;IACJ,CAAC,CAAC;IAEF,OAAO;MACHlD,QAAQ;MACRuC;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreCognito","exports","createAppModule","name","config","app","params","userPool","addResource","cognito","UserPool","passwordPolicy","minimumLength","requireLowercase","requireNumbers","requireSymbols","requireUppercase","temporaryPasswordValidityDays","adminCreateUserConfig","allowAdminCreateUserOnly","autoVerifiedAttributes","emailConfiguration","emailSendingAccount","usernameAttributes","useEmailAsUsername","undefined","aliasAttributes","lambdaConfig","mfaConfiguration","userPoolAddOns","advancedSecurityMode","verificationMessageTemplate","defaultEmailOption","accountRecoverySetting","recoveryMechanisms","priority","schemas","attributeDataType","required","developerOnlyAttribute","mutable","stringAttributeConstraints","maxLength","minLength","opts","protect","userPoolClient","UserPoolClient","userPoolId","output","id","accessTokenValidity","idTokenValidity","refreshTokenValidity","tokenValidityUnits","accessToken","idToken","refreshToken"],"sources":["CoreCognito.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport interface CoreCognitoParams {\n protect: boolean;\n useEmailAsUsername: boolean;\n}\n\nexport type CoreCognito = PulumiAppModule<typeof CoreCognito>;\n\nexport const CoreCognito = createAppModule({\n name: \"Cognito\",\n config(app: PulumiApp, params: CoreCognitoParams) {\n const userPool = app.addResource(aws.cognito.UserPool, {\n name: \"user-pool\",\n config: {\n passwordPolicy: {\n minimumLength: 8,\n requireLowercase: false,\n requireNumbers: false,\n requireSymbols: false,\n requireUppercase: false,\n temporaryPasswordValidityDays: 7\n },\n adminCreateUserConfig: {\n allowAdminCreateUserOnly: true\n },\n autoVerifiedAttributes: [\"email\"],\n emailConfiguration: {\n emailSendingAccount: \"COGNITO_DEFAULT\"\n },\n // In a legacy setup we use email as username.\n // We need to provide a way for users to have this setup,\n // because changing it would require whole cognito pool to be recreated.\n usernameAttributes: params.useEmailAsUsername ? [\"email\"] : undefined,\n aliasAttributes: params.useEmailAsUsername ? undefined : [\"preferred_username\"],\n lambdaConfig: {},\n mfaConfiguration: \"OFF\",\n userPoolAddOns: {\n advancedSecurityMode: \"OFF\" /* required */\n },\n verificationMessageTemplate: {\n defaultEmailOption: \"CONFIRM_WITH_CODE\"\n },\n accountRecoverySetting: {\n recoveryMechanisms: [{ name: \"verified_email\", priority: 1 }]\n },\n schemas: [\n {\n attributeDataType: \"String\",\n name: \"email\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"family_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"given_name\",\n required: true,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"2048\",\n minLength: \"0\"\n }\n },\n {\n attributeDataType: \"String\",\n name: \"id\",\n required: false,\n developerOnlyAttribute: false,\n mutable: true,\n stringAttributeConstraints: {\n maxLength: \"36\",\n minLength: \"0\"\n }\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n const userPoolClient = app.addResource(aws.cognito.UserPoolClient, {\n name: \"user-pool-client\",\n config: {\n userPoolId: userPool.output.id,\n accessTokenValidity: 60,\n idTokenValidity: 60,\n refreshTokenValidity: 30,\n tokenValidityUnits: {\n accessToken: \"minutes\",\n idToken: \"minutes\",\n refreshToken: \"days\"\n }\n }\n });\n\n return {\n userPool,\n userPoolClient\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AASO,MAAME,WAAW,GAAAC,OAAA,CAAAD,WAAA,GAAG,IAAAE,uBAAe,EAAC;EACvCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,QAAQ,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACC,QAAQ,EAAE;MACnDP,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJO,cAAc,EAAE;UACZC,aAAa,EAAE,CAAC;UAChBC,gBAAgB,EAAE,KAAK;UACvBC,cAAc,EAAE,KAAK;UACrBC,cAAc,EAAE,KAAK;UACrBC,gBAAgB,EAAE,KAAK;UACvBC,6BAA6B,EAAE;QACnC,CAAC;QACDC,qBAAqB,EAAE;UACnBC,wBAAwB,EAAE;QAC9B,CAAC;QACDC,sBAAsB,EAAE,CAAC,OAAO,CAAC;QACjCC,kBAAkB,EAAE;UAChBC,mBAAmB,EAAE;QACzB,CAAC;QACD;QACA;QACA;QACAC,kBAAkB,EAAEjB,MAAM,CAACkB,kBAAkB,GAAG,CAAC,OAAO,CAAC,GAAGC,SAAS;QACrEC,eAAe,EAAEpB,MAAM,CAACkB,kBAAkB,GAAGC,SAAS,GAAG,CAAC,oBAAoB,CAAC;QAC/EE,YAAY,EAAE,CAAC,CAAC;QAChBC,gBAAgB,EAAE,KAAK;QACvBC,cAAc,EAAE;UACZC,oBAAoB,EAAE,KAAK,CAAC;QAChC,CAAC;QACDC,2BAA2B,EAAE;UACzBC,kBAAkB,EAAE;QACxB,CAAC;QACDC,sBAAsB,EAAE;UACpBC,kBAAkB,EAAE,CAAC;YAAE/B,IAAI,EAAE,gBAAgB;YAAEgC,QAAQ,EAAE;UAAE,CAAC;QAChE,CAAC;QACDC,OAAO,EAAE,CACL;UACIC,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,OAAO;UACbmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,aAAa;UACnBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,YAAY;UAClBmC,QAAQ,EAAE,IAAI;UACdC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,MAAM;YACjBC,SAAS,EAAE;UACf;QACJ,CAAC,EACD;UACIN,iBAAiB,EAAE,QAAQ;UAC3BlC,IAAI,EAAE,IAAI;UACVmC,QAAQ,EAAE,KAAK;UACfC,sBAAsB,EAAE,KAAK;UAC7BC,OAAO,EAAE,IAAI;UACbC,0BAA0B,EAAE;YACxBC,SAAS,EAAE,IAAI;YACfC,SAAS,EAAE;UACf;QACJ,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEvC,MAAM,CAACuC;MACpB;IACJ,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGzC,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,OAAO,CAACsC,cAAc,EAAE;MAC/D5C,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJ4C,UAAU,EAAEzC,QAAQ,CAAC0C,MAAM,CAACC,EAAE;QAC9BC,mBAAmB,EAAE,EAAE;QACvBC,eAAe,EAAE,EAAE;QACnBC,oBAAoB,EAAE,EAAE;QACxBC,kBAAkB,EAAE;UAChBC,WAAW,EAAE,SAAS;UACtBC,OAAO,EAAE,SAAS;UAClBC,YAAY,EAAE;QAClB;MACJ;IACJ,CAAC,CAAC;IAEF,OAAO;MACHlD,QAAQ;MACRuC;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/CoreDynamo.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { PulumiAppModule } from "@webiny/pulumi";
1
+ import type { PulumiAppModule } from "@webiny/pulumi";
2
2
  export type CoreDynamo = PulumiAppModule<typeof CoreDynamo>;
3
3
  export declare const CoreDynamo: import("@webiny/pulumi").PulumiAppModuleDefinition<import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/dynamodb/table").Table>, {
4
4
  protect: boolean;
package/apps/core/CoreDynamo.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreDynamo","exports","createAppModule","name","config","app","params","addResource","dynamodb","Table","attributes","type","billingMode","hashKey","rangeKey","globalSecondaryIndexes","projectionType","opts","protect"],"sources":["CoreDynamo.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport type CoreDynamo = PulumiAppModule<typeof CoreDynamo>;\n\nexport const CoreDynamo = createAppModule({\n name: \"DynamoDb\",\n config(app: PulumiApp, params: { protect: boolean }) {\n return app.addResource(aws.dynamodb.Table, {\n name: \"webiny\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" },\n { name: \"GSI1_PK\", type: \"S\" },\n { name: \"GSI1_SK\", type: \"S\" },\n { name: \"GSI2_PK\", type: \"S\" },\n { name: \"GSI2_SK\", type: \"S\" }\n ],\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\",\n globalSecondaryIndexes: [\n {\n name: \"GSI1\",\n hashKey: \"GSI1_PK\",\n rangeKey: \"GSI1_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI2\",\n hashKey: \"GSI2_PK\",\n rangeKey: \"GSI2_SK\",\n projectionType: \"ALL\"\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,uBAAe,EAAC;EACtCC,IAAI,EAAE,UAAU;EAChBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,OAAOD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,QAAQ,CAACC,KAAK,EAAE;MACvCN,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJM,UAAU,EAAE,CACR;UAAEP,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,CACjC;QACDC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE,IAAI;QACdC,sBAAsB,EAAE,CACpB;UACIZ,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEZ,MAAM,CAACY;MACpB;IACJ,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreDynamo","exports","createAppModule","name","config","app","params","addResource","dynamodb","Table","attributes","type","billingMode","hashKey","rangeKey","globalSecondaryIndexes","projectionType","opts","protect"],"sources":["CoreDynamo.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport type CoreDynamo = PulumiAppModule<typeof CoreDynamo>;\n\nexport const CoreDynamo = createAppModule({\n name: \"DynamoDb\",\n config(app: PulumiApp, params: { protect: boolean }) {\n return app.addResource(aws.dynamodb.Table, {\n name: \"webiny\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" },\n { name: \"GSI1_PK\", type: \"S\" },\n { name: \"GSI1_SK\", type: \"S\" },\n { name: \"GSI2_PK\", type: \"S\" },\n { name: \"GSI2_SK\", type: \"S\" }\n ],\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\",\n globalSecondaryIndexes: [\n {\n name: \"GSI1\",\n hashKey: \"GSI1_PK\",\n rangeKey: \"GSI1_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI2\",\n hashKey: \"GSI2_PK\",\n rangeKey: \"GSI2_SK\",\n projectionType: \"ALL\"\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,uBAAe,EAAC;EACtCC,IAAI,EAAE,UAAU;EAChBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,OAAOD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,QAAQ,CAACC,KAAK,EAAE;MACvCN,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJM,UAAU,EAAE,CACR;UAAEP,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,CACjC;QACDC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE,IAAI;QACdC,sBAAsB,EAAE,CACpB;UACIZ,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEZ,MAAM,CAACY;MACpB;IACJ,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/CoreElasticSearch.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import * as aws from "@pulumi/aws";
2
- import { PulumiAppRemoteResource, PulumiAppResource, PulumiAppResourceConstructor } from "@webiny/pulumi";
2
+ import type { PulumiAppRemoteResource, PulumiAppResource, PulumiAppResourceConstructor } from "@webiny/pulumi";
3
3
  export interface ElasticSearchParams {
4
4
  protect: boolean;
5
5
  }
package/apps/core/CoreElasticSearch.js CHANGED
@@ -264,6 +264,7 @@ const ElasticSearch = exports.ElasticSearch = (0, _pulumi2.createAppModule)({
264
264
  }
265
265
  });
266
266
  function getDynamoDbToElasticLambdaPolicy(app, domain) {
267
+ const logDynamoDbTable = app.getModule(_LogDynamo.LogDynamo);
267
268
  return app.addResource(aws.iam.Policy, {
268
269
  name: "DynamoDbToElasticLambdaPolicy-updated",
269
270
  config: {
@@ -273,8 +274,13 @@ function getDynamoDbToElasticLambdaPolicy(app, domain) {
273
274
  Statement: [{
274
275
  Sid: "PermissionForES",
275
276
  Effect: "Allow",
276
- Action: ["es:ESHttpGet", "es:ESHttpDelete", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:GetItem", "dynamodb:DeleteItem", "dynamodb:Query", "dynamodb:UpdateItem"],
277
+ Action: ["es:ESHttpGet", "es:ESHttpDelete", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut"],
277
278
  Resource: [pulumi.interpolate`${domain.arn}`, pulumi.interpolate`${domain.arn}/*`]
279
+ }, {
280
+ Sid: "PermissionForDynamoDbLog",
281
+ Effect: "Allow",
282
+ Action: ["dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:Scan", "dynamodb:Query"],
283
+ Resource: [pulumi.interpolate`${logDynamoDbTable.output.arn}`, pulumi.interpolate`${logDynamoDbTable.output.arn}/*`]
278
284
  }]
279
285
  }
280
286
  }
package/apps/core/CoreElasticSearch.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_pulumi2","_awsUtils","_CoreVpc","_constants","_LogDynamo","getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","ElasticSearch","exports","createAppModule","name","config","app","params","domainName","accountId","getAwsAccountId","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","vpc","getModule","CoreVpc","optional","logDynamoDbTable","LogDynamo","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","String","addRemoteResource","elasticsearch","getDomain","async","addResource","Domain","elasticsearchVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","DomainPolicy","accessPolicies","Version","Statement","Effect","Principal","AWS","Action","Resource","interpolate","arn","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","meta","isLambdaFunctionRole","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","DB_TABLE_LOG","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","elasticsearchDynamoToElasticLambdaName","dynamoToElastic","Policy","Sid"],"sources":["CoreElasticSearch.ts"],"sourcesContent":["/**\n * Important documents to read:\n *\n * https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#network-limits\n */\nimport path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport {\n createAppModule,\n PulumiApp,\n PulumiAppRemoteResource,\n PulumiAppResource,\n PulumiAppResourceConstructor\n} from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { DEFAULT_PROD_ENV_NAMES, LAMBDA_RUNTIME } from \"~/constants\";\nimport { LogDynamo } from \"~/apps/core/LogDynamo\";\n\nexport interface ElasticSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.elasticsearch\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.elasticsearch\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nexport const ElasticSearch = createAppModule({\n name: \"ElasticSearch\",\n config(app, params: ElasticSearchParams) {\n const domainName = \"webiny-js\";\n const accountId = getAwsAccountId(app);\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n // This needs to be implemented in order to be able to use a shared ElasticSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.elasticsearch.Domain>>\n | PulumiAppRemoteResource<aws.elasticsearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.elasticsearch.getDomain({ domainName }, { async: true });\n });\n } else {\n // Regular ElasticSearch deployment.\n domain = app.addResource(aws.elasticsearch.Domain, {\n name: domainName,\n config: {\n elasticsearchVersion: \"7.10\",\n clusterConfig: isProduction ? getProdClusterConfig() : getDevClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your Elasticsearch Domain.\n * For details on Elasticsearch security, read the official documentation:\n * https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/security.html\n */\n domainPolicy = app.addResource(aws.elasticsearch.DomainPolicy, {\n name: `${domainName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: {\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: pulumi.interpolate`${domain.output.arn}/*`\n }\n ]\n }\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for Elasticsearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your Elasticsearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with Elasticsearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains Elasticsearch items.\n * Elasticsearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for Elasticsearch in a DynamoDB table, and asynchronously insert it into Elasticsearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 900,\n memorySize: 1024,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint,\n DB_TABLE_LOG: logDynamoDbTable.output.name\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 50,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name,\n elasticsearchDynamoToElasticLambdaName: lambda.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.elasticsearch.Domain | aws.elasticsearch.GetDomainResult>\n) {\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpGet\",\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\",\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAKA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAQA,IAAAK,SAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAnBA;AACA;AACA;AACA;AACA;;AAqBA,SAASS,mBAAmBA,CAAA,EAAsD;EAC9E,OAAO;IACHC,YAAY,EAAE;EAClB,CAAC;AACL;AAEA,SAASC,oBAAoBA,CAAA,EAAsD;EAC/E,OAAO;IACH;IACAD,YAAY,EAAE,yBAAyB;IACvCE,aAAa,EAAE,CAAC;IAChBC,oBAAoB,EAAE,IAAI;IAC1BC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC;AACL;AAEO,MAAMC,aAAa,GAAAC,OAAA,CAAAD,aAAA,GAAG,IAAAE,wBAAe,EAAC;EACzCC,IAAI,EAAE,eAAe;EACrBC,MAAMA,CAACC,GAAG,EAAEC,MAA2B,EAAE;IACrC,MAAMC,UAAU,GAAG,WAAW;IAC9B,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACJ,GAAG,CAAC;IAEtC,MAAMK,sBAAsB,GACxBL,GAAG,CAACC,MAAM,CAACK,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;IACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACT,GAAG,CAACC,MAAM,CAACS,GAAG,CAACC,GAAG,CAAC;IAExE,MAAMC,GAAG,GAAGZ,GAAG,CAACa,SAAS,CAACC,gBAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;IAEtD,MAAMC,gBAAgB,GAAGhB,GAAG,CAACa,SAAS,CAACI,oBAAS,CAAC;;IAEjD;IACA,IAAIC,MAE4D;IAEhE,IAAIC,YAAY;IAEhB,IAAIC,OAAO,CAACT,GAAG,CAACU,8BAA8B,EAAE;MAC5C,MAAMnB,UAAU,GAAGoB,MAAM,CAACF,OAAO,CAACT,GAAG,CAACU,8BAA8B,CAAC;MACrE;MACA;MACAH,MAAM,GAAGlB,GAAG,CAACuB,iBAAiB,CAACrB,UAAU,EAAE,MAAM;QAC7C,OAAOpB,GAAG,CAAC0C,aAAa,CAACC,SAAS,CAAC;UAAEvB;QAAW,CAAC,EAAE;UAAEwB,KAAK,EAAE;QAAK,CAAC,CAAC;MACvE,CAAC,CAAC;IACN,CAAC,MAAM;MACH;MACAR,MAAM,GAAGlB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0C,aAAa,CAACI,MAAM,EAAE;QAC/C9B,IAAI,EAAEI,UAAU;QAChBH,MAAM,EAAE;UACJ8B,oBAAoB,EAAE,MAAM;UAC5BC,aAAa,EAAEtB,YAAY,GAAGlB,oBAAoB,CAAC,CAAC,GAAGF,mBAAmB,CAAC,CAAC;UAC5E2C,UAAU,EAAEnB,GAAG,GACT;YACIoB,SAAS,EAAEpB,GAAG,CAACqB,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;YACpDC,gBAAgB,EAAE,CAAC3B,GAAG,CAACA,GAAG,CAACyB,MAAM,CAACG,sBAAsB;UAC5D,CAAC,GACDC,SAAS;UACfC,UAAU,EAAE;YACRC,UAAU,EAAE,IAAI;YAChBC,UAAU,EAAE,EAAE;YACdC,UAAU,EAAE;UAChB,CAAC;UACDC,eAAe,EAAE;YACb,wCAAwC,EAAE;UAC9C,CAAC;UACDC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UAChC;QACJ,CAAC;QACDC,IAAI,EAAE;UAAEC,OAAO,EAAEjD,MAAM,CAACiD;QAAQ;MACpC,CAAC,CAAC;;MAEF;AACZ;AACA;AACA;AACA;MACY/B,YAAY,GAAGnB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0C,aAAa,CAAC2B,YAAY,EAAE;QAC3DrD,IAAI,EAAE,GAAGI,UAAU,SAAS;QAC5BH,MAAM,EAAE;UACJG,UAAU,EAAEgB,MAAM,CAACmB,MAAM,CAACnC,UAAU;UACpCkD,cAAc,EAAE;YACZC,OAAO,EAAE,YAAY;YACrBC,SAAS,EAAE;YACP;AAC5B;AACA;YAC4B;cACIC,MAAM,EAAE,OAAO;cACfC,SAAS,EAAE;gBACPC,GAAG,EAAEtD;cACT,CAAC;cACDuD,MAAM,EAAE,MAAM;cACdC,QAAQ,EAAE/E,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAACmB,MAAM,CAACwB,GAAG;YACpD,CAAC;UAET;QACJ,CAAC;QACDZ,IAAI,EAAE;UAAEC,OAAO,EAAEjD,MAAM,CAACiD;QAAQ;MACpC,CAAC,CAAC;IACN;;IAEA;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMY,KAAK,GAAG9D,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAACiF,QAAQ,CAACC,KAAK,EAAE;MAC9ClE,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJkE,UAAU,EAAE,CACR;UAAEnE,IAAI,EAAE,IAAI;UAAEoE,IAAI,EAAE;QAAI,CAAC,EACzB;UAAEpE,IAAI,EAAE,IAAI;UAAEoE,IAAI,EAAE;QAAI,CAAC,CAC5B;QACDC,aAAa,EAAE,IAAI;QACnBC,cAAc,EAAE,oBAAoB;QACpCC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE;MACd,CAAC;MACDtB,IAAI,EAAE;QAAEC,OAAO,EAAEjD,MAAM,CAACiD;MAAQ;IACpC,CAAC,CAAC;IAEF,MAAMsB,QAAQ,GAAG,+BAA+B;IAEhD,MAAMC,IAAI,GAAGzE,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACC,IAAI,EAAE;MACvC7E,IAAI,EAAE0E,QAAQ;MACdzE,MAAM,EAAE;QACJ6E,gBAAgB,EAAE;UACdvB,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBAAgB;YACxBF,SAAS,EAAE;cACPqB,OAAO,EAAE;YACb,CAAC;YACDtB,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDuB,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGC,gCAAgC,CAACjF,GAAG,EAAEkB,MAAM,CAACmB,MAAM,CAAC;IAEnErC,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;MAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,gCAAgC;MACjDzE,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;QACjB8C,SAAS,EAAEH,MAAM,CAAC3C,MAAM,CAACwB;MAC7B;IACJ,CAAC,CAAC;;IAEF;IACA,IAAIjD,GAAG,EAAE;MACLZ,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;QAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,kCAAkC;QACnDzE,MAAM,EAAE;UACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;UACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHrF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;QAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,8BAA8B;QAC/CzE,MAAM,EAAE;UACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;UACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEAtF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;MAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,iCAAiC;MAClDzE,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;QACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACG;MACrC;IACJ,CAAC,CAAC;;IAEF;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMC,MAAM,GAAGxF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0G,MAAM,CAACC,QAAQ,EAAE;MAChD3F,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwB,GAAG;QACrB6B,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,GAAG;QACZC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAE3E,MAAM,CAACF,OAAO,CAACT,GAAG,CAACsF,KAAK,CAAC;YAChCC,uBAAuB,EAAEhF,MAAM,CAACmB,MAAM,CAAC8D,QAAQ;YAC/CC,YAAY,EAAEpF,gBAAgB,CAACqB,MAAM,CAACvC;UAC1C;QACJ,CAAC;QACDuG,WAAW,EAAE,0BAA0B;QACvCC,IAAI,EAAE,IAAI1H,MAAM,CAAC2H,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI5H,MAAM,CAAC2H,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC3G,GAAG,CAAC4G,KAAK,CAACC,SAAS,EAAE,uBAAuB,CAC1D;QACJ,CAAC,CAAC;QACFC,SAAS,EAAElG,GAAG,GACR;UACIoB,SAAS,EAAEpB,GAAG,CAACqB,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAAC3B,GAAG,CAACA,GAAG,CAACyB,MAAM,CAACG,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAMsE,kBAAkB,GAAG/G,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0G,MAAM,CAACwB,kBAAkB,EAAE;MACtElH,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJkH,cAAc,EAAEnD,KAAK,CAACzB,MAAM,CAAC6E,SAAS;QACtCC,YAAY,EAAE3B,MAAM,CAACnD,MAAM,CAACwB,GAAG;QAC/BuD,gBAAgB,EAAE,QAAQ;QAC1BC,oBAAoB,EAAE,CAAC;QACvBC,SAAS,EAAE,EAAE;QACbC,8BAA8B,EAAE;MACpC;IACJ,CAAC,CAAC;IAEFvH,GAAG,CAACwH,UAAU,CAAC;MACXC,sBAAsB,EAAEvG,MAAM,CAACmB,MAAM,CAACwB,GAAG;MACzC6D,2BAA2B,EAAExG,MAAM,CAACmB,MAAM,CAAC8D,QAAQ;MACnDwB,6BAA6B,EAAE7D,KAAK,CAACzB,MAAM,CAACwB,GAAG;MAC/C+D,8BAA8B,EAAE9D,KAAK,CAACzB,MAAM,CAACvC,IAAI;MACjD+H,sCAAsC,EAAErC,MAAM,CAACnD,MAAM,CAACvC;IAC1D,CAAC,CAAC;IAEF,OAAO;MACHoB,MAAM;MACNC,YAAY;MACZ2C,KAAK;MACLgE,eAAe,EAAE;QACbrD,IAAI;QACJO,MAAM;QACNQ,MAAM;QACNuB;MACJ;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAAS9B,gCAAgCA,CACrCjF,GAAc,EACdkB,MAAmF,EACrF;EACE,OAAOlB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACqD,MAAM,EAAE;IACnCjI,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJsG,WAAW,EAAE,uDAAuD;MACpErB,MAAM,EAAE;QACJ3B,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACI0E,GAAG,EAAE,iBAAiB;UACtBzE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,EACrB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACN/E,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAAC2C,GAAG,EAAE,EACjCjF,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAAC2C,GAAG,IAAI;QAE3C,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_pulumi2","_awsUtils","_CoreVpc","_constants","_LogDynamo","getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","ElasticSearch","exports","createAppModule","name","config","app","params","domainName","accountId","getAwsAccountId","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","vpc","getModule","CoreVpc","optional","logDynamoDbTable","LogDynamo","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","String","addRemoteResource","elasticsearch","getDomain","async","addResource","Domain","elasticsearchVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","DomainPolicy","accessPolicies","Version","Statement","Effect","Principal","AWS","Action","Resource","interpolate","arn","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","meta","isLambdaFunctionRole","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","DB_TABLE_LOG","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","elasticsearchDynamoToElasticLambdaName","dynamoToElastic","Policy","Sid"],"sources":["CoreElasticSearch.ts"],"sourcesContent":["/**\n * Important documents to read:\n *\n * https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#network-limits\n */\nimport path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport type {\n PulumiApp,\n PulumiAppRemoteResource,\n PulumiAppResource,\n PulumiAppResourceConstructor\n} from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { DEFAULT_PROD_ENV_NAMES, LAMBDA_RUNTIME } from \"~/constants\";\nimport { LogDynamo } from \"~/apps/core/LogDynamo\";\n\nexport interface ElasticSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.elasticsearch\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.elasticsearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.elasticsearch\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nexport const ElasticSearch = createAppModule({\n name: \"ElasticSearch\",\n config(app, params: ElasticSearchParams) {\n const domainName = \"webiny-js\";\n const accountId = getAwsAccountId(app);\n\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n // This needs to be implemented in order to be able to use a shared ElasticSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.elasticsearch.Domain>>\n | PulumiAppRemoteResource<aws.elasticsearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.elasticsearch.getDomain({ domainName }, { async: true });\n });\n } else {\n // Regular ElasticSearch deployment.\n domain = app.addResource(aws.elasticsearch.Domain, {\n name: domainName,\n config: {\n elasticsearchVersion: \"7.10\",\n clusterConfig: isProduction ? getProdClusterConfig() : getDevClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your Elasticsearch Domain.\n * For details on Elasticsearch security, read the official documentation:\n * https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/security.html\n */\n domainPolicy = app.addResource(aws.elasticsearch.DomainPolicy, {\n name: `${domainName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: {\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: pulumi.interpolate`${domain.output.arn}/*`\n }\n ]\n }\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for Elasticsearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your Elasticsearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with Elasticsearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains Elasticsearch items.\n * Elasticsearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for Elasticsearch in a DynamoDB table, and asynchronously insert it into Elasticsearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 900,\n memorySize: 1024,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint,\n DB_TABLE_LOG: logDynamoDbTable.output.name\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 50,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name,\n elasticsearchDynamoToElasticLambdaName: lambda.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.elasticsearch.Domain | aws.elasticsearch.GetDomainResult>\n) {\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpGet\",\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDbLog\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:Scan\",\n \"dynamodb:Query\"\n ],\n Resource: [\n pulumi.interpolate`${logDynamoDbTable.output.arn}`,\n pulumi.interpolate`${logDynamoDbTable.output.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAKA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AAOA,IAAAI,QAAA,GAAAJ,OAAA;AAEA,IAAAK,SAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AAnBA;AACA;AACA;AACA;AACA;;AAqBA,SAASS,mBAAmBA,CAAA,EAAsD;EAC9E,OAAO;IACHC,YAAY,EAAE;EAClB,CAAC;AACL;AAEA,SAASC,oBAAoBA,CAAA,EAAsD;EAC/E,OAAO;IACH;IACAD,YAAY,EAAE,yBAAyB;IACvCE,aAAa,EAAE,CAAC;IAChBC,oBAAoB,EAAE,IAAI;IAC1BC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC;AACL;AAEO,MAAMC,aAAa,GAAAC,OAAA,CAAAD,aAAA,GAAG,IAAAE,wBAAe,EAAC;EACzCC,IAAI,EAAE,eAAe;EACrBC,MAAMA,CAACC,GAAG,EAAEC,MAA2B,EAAE;IACrC,MAAMC,UAAU,GAAG,WAAW;IAC9B,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACJ,GAAG,CAAC;IAEtC,MAAMK,sBAAsB,GACxBL,GAAG,CAACC,MAAM,CAACK,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;IACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACT,GAAG,CAACC,MAAM,CAACS,GAAG,CAACC,GAAG,CAAC;IAExE,MAAMC,GAAG,GAAGZ,GAAG,CAACa,SAAS,CAACC,gBAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;IAEtD,MAAMC,gBAAgB,GAAGhB,GAAG,CAACa,SAAS,CAACI,oBAAS,CAAC;;IAEjD;IACA,IAAIC,MAE4D;IAEhE,IAAIC,YAAY;IAEhB,IAAIC,OAAO,CAACT,GAAG,CAACU,8BAA8B,EAAE;MAC5C,MAAMnB,UAAU,GAAGoB,MAAM,CAACF,OAAO,CAACT,GAAG,CAACU,8BAA8B,CAAC;MACrE;MACA;MACAH,MAAM,GAAGlB,GAAG,CAACuB,iBAAiB,CAACrB,UAAU,EAAE,MAAM;QAC7C,OAAOpB,GAAG,CAAC0C,aAAa,CAACC,SAAS,CAAC;UAAEvB;QAAW,CAAC,EAAE;UAAEwB,KAAK,EAAE;QAAK,CAAC,CAAC;MACvE,CAAC,CAAC;IACN,CAAC,MAAM;MACH;MACAR,MAAM,GAAGlB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0C,aAAa,CAACI,MAAM,EAAE;QAC/C9B,IAAI,EAAEI,UAAU;QAChBH,MAAM,EAAE;UACJ8B,oBAAoB,EAAE,MAAM;UAC5BC,aAAa,EAAEtB,YAAY,GAAGlB,oBAAoB,CAAC,CAAC,GAAGF,mBAAmB,CAAC,CAAC;UAC5E2C,UAAU,EAAEnB,GAAG,GACT;YACIoB,SAAS,EAAEpB,GAAG,CAACqB,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;YACpDC,gBAAgB,EAAE,CAAC3B,GAAG,CAACA,GAAG,CAACyB,MAAM,CAACG,sBAAsB;UAC5D,CAAC,GACDC,SAAS;UACfC,UAAU,EAAE;YACRC,UAAU,EAAE,IAAI;YAChBC,UAAU,EAAE,EAAE;YACdC,UAAU,EAAE;UAChB,CAAC;UACDC,eAAe,EAAE;YACb,wCAAwC,EAAE;UAC9C,CAAC;UACDC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UAChC;QACJ,CAAC;QACDC,IAAI,EAAE;UAAEC,OAAO,EAAEjD,MAAM,CAACiD;QAAQ;MACpC,CAAC,CAAC;;MAEF;AACZ;AACA;AACA;AACA;MACY/B,YAAY,GAAGnB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0C,aAAa,CAAC2B,YAAY,EAAE;QAC3DrD,IAAI,EAAE,GAAGI,UAAU,SAAS;QAC5BH,MAAM,EAAE;UACJG,UAAU,EAAEgB,MAAM,CAACmB,MAAM,CAACnC,UAAU;UACpCkD,cAAc,EAAE;YACZC,OAAO,EAAE,YAAY;YACrBC,SAAS,EAAE;YACP;AAC5B;AACA;YAC4B;cACIC,MAAM,EAAE,OAAO;cACfC,SAAS,EAAE;gBACPC,GAAG,EAAEtD;cACT,CAAC;cACDuD,MAAM,EAAE,MAAM;cACdC,QAAQ,EAAE/E,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAACmB,MAAM,CAACwB,GAAG;YACpD,CAAC;UAET;QACJ,CAAC;QACDZ,IAAI,EAAE;UAAEC,OAAO,EAAEjD,MAAM,CAACiD;QAAQ;MACpC,CAAC,CAAC;IACN;;IAEA;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMY,KAAK,GAAG9D,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAACiF,QAAQ,CAACC,KAAK,EAAE;MAC9ClE,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJkE,UAAU,EAAE,CACR;UAAEnE,IAAI,EAAE,IAAI;UAAEoE,IAAI,EAAE;QAAI,CAAC,EACzB;UAAEpE,IAAI,EAAE,IAAI;UAAEoE,IAAI,EAAE;QAAI,CAAC,CAC5B;QACDC,aAAa,EAAE,IAAI;QACnBC,cAAc,EAAE,oBAAoB;QACpCC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE;MACd,CAAC;MACDtB,IAAI,EAAE;QAAEC,OAAO,EAAEjD,MAAM,CAACiD;MAAQ;IACpC,CAAC,CAAC;IAEF,MAAMsB,QAAQ,GAAG,+BAA+B;IAEhD,MAAMC,IAAI,GAAGzE,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACC,IAAI,EAAE;MACvC7E,IAAI,EAAE0E,QAAQ;MACdzE,MAAM,EAAE;QACJ6E,gBAAgB,EAAE;UACdvB,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBAAgB;YACxBF,SAAS,EAAE;cACPqB,OAAO,EAAE;YACb,CAAC;YACDtB,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDuB,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGC,gCAAgC,CAACjF,GAAG,EAAEkB,MAAM,CAACmB,MAAM,CAAC;IAEnErC,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;MAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,gCAAgC;MACjDzE,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;QACjB8C,SAAS,EAAEH,MAAM,CAAC3C,MAAM,CAACwB;MAC7B;IACJ,CAAC,CAAC;;IAEF;IACA,IAAIjD,GAAG,EAAE;MACLZ,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;QAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,kCAAkC;QACnDzE,MAAM,EAAE;UACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;UACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHrF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;QAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,8BAA8B;QAC/CzE,MAAM,EAAE;UACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;UACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEAtF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACQ,oBAAoB,EAAE;MAC1CpF,IAAI,EAAE,GAAG0E,QAAQ,iCAAiC;MAClDzE,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM;QACjB8C,SAAS,EAAErG,GAAG,CAAC4F,GAAG,CAACU,aAAa,CAACG;MACrC;IACJ,CAAC,CAAC;;IAEF;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMC,MAAM,GAAGxF,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0G,MAAM,CAACC,QAAQ,EAAE;MAChD3F,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJ0E,IAAI,EAAEA,IAAI,CAACpC,MAAM,CAACwB,GAAG;QACrB6B,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,GAAG;QACZC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAE3E,MAAM,CAACF,OAAO,CAACT,GAAG,CAACsF,KAAK,CAAC;YAChCC,uBAAuB,EAAEhF,MAAM,CAACmB,MAAM,CAAC8D,QAAQ;YAC/CC,YAAY,EAAEpF,gBAAgB,CAACqB,MAAM,CAACvC;UAC1C;QACJ,CAAC;QACDuG,WAAW,EAAE,0BAA0B;QACvCC,IAAI,EAAE,IAAI1H,MAAM,CAAC2H,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI5H,MAAM,CAAC2H,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC3G,GAAG,CAAC4G,KAAK,CAACC,SAAS,EAAE,uBAAuB,CAC1D;QACJ,CAAC,CAAC;QACFC,SAAS,EAAElG,GAAG,GACR;UACIoB,SAAS,EAAEpB,GAAG,CAACqB,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAAC3B,GAAG,CAACA,GAAG,CAACyB,MAAM,CAACG,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAMsE,kBAAkB,GAAG/G,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC0G,MAAM,CAACwB,kBAAkB,EAAE;MACtElH,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJkH,cAAc,EAAEnD,KAAK,CAACzB,MAAM,CAAC6E,SAAS;QACtCC,YAAY,EAAE3B,MAAM,CAACnD,MAAM,CAACwB,GAAG;QAC/BuD,gBAAgB,EAAE,QAAQ;QAC1BC,oBAAoB,EAAE,CAAC;QACvBC,SAAS,EAAE,EAAE;QACbC,8BAA8B,EAAE;MACpC;IACJ,CAAC,CAAC;IAEFvH,GAAG,CAACwH,UAAU,CAAC;MACXC,sBAAsB,EAAEvG,MAAM,CAACmB,MAAM,CAACwB,GAAG;MACzC6D,2BAA2B,EAAExG,MAAM,CAACmB,MAAM,CAAC8D,QAAQ;MACnDwB,6BAA6B,EAAE7D,KAAK,CAACzB,MAAM,CAACwB,GAAG;MAC/C+D,8BAA8B,EAAE9D,KAAK,CAACzB,MAAM,CAACvC,IAAI;MACjD+H,sCAAsC,EAAErC,MAAM,CAACnD,MAAM,CAACvC;IAC1D,CAAC,CAAC;IAEF,OAAO;MACHoB,MAAM;MACNC,YAAY;MACZ2C,KAAK;MACLgE,eAAe,EAAE;QACbrD,IAAI;QACJO,MAAM;QACNQ,MAAM;QACNuB;MACJ;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAAS9B,gCAAgCA,CACrCjF,GAAc,EACdkB,MAAmF,EACrF;EACE,MAAMF,gBAAgB,GAAGhB,GAAG,CAACa,SAAS,CAACI,oBAAS,CAAC;EAEjD,OAAOjB,GAAG,CAAC2B,WAAW,CAAC7C,GAAG,CAAC4F,GAAG,CAACqD,MAAM,EAAE;IACnCjI,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJsG,WAAW,EAAE,uDAAuD;MACpErB,MAAM,EAAE;QACJ3B,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACI0E,GAAG,EAAE,iBAAiB;UACtBzE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,CACjB;UACDC,QAAQ,EAAE,CACN/E,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAAC2C,GAAG,EAAE,EACjCjF,MAAM,CAACgF,WAAW,GAAG1C,MAAM,CAAC2C,GAAG,IAAI;QAE3C,CAAC,EACD;UACImE,GAAG,EAAE,0BAA0B;UAC/BzE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,uBAAuB,EACvB,yBAAyB,EACzB,eAAe,EACf,gBAAgB,CACnB;UACDC,QAAQ,EAAE,CACN/E,MAAM,CAACgF,WAAW,GAAG5C,gBAAgB,CAACqB,MAAM,CAACwB,GAAG,EAAE,EAClDjF,MAAM,CAACgF,WAAW,GAAG5C,gBAAgB,CAACqB,MAAM,CAACwB,GAAG,IAAI;QAE5D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/apps/core/CoreEventBus.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreEventBus","exports","createAppModule","name","config","app","addResource","cloudwatch","EventBus"],"sources":["CoreEventBus.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp } from \"@webiny/pulumi\";\n\nexport const CoreEventBus = createAppModule({\n name: \"CoreEventBus\",\n config(app: PulumiApp) {\n return app.addResource(aws.cloudwatch.EventBus, {\n name: \"event-bus\",\n config: {}\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEO,MAAME,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAAE,uBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAE;IACnB,OAAOA,GAAG,CAACC,WAAW,CAACV,GAAG,CAACW,UAAU,CAACC,QAAQ,EAAE;MAC5CL,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE,CAAC;IACb,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreEventBus","exports","createAppModule","name","config","app","addResource","cloudwatch","EventBus"],"sources":["CoreEventBus.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport const CoreEventBus = createAppModule({\n name: \"CoreEventBus\",\n config(app: PulumiApp) {\n return app.addResource(aws.cloudwatch.EventBus, {\n name: \"event-bus\",\n config: {}\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAEO,MAAME,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAAE,uBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAE;IACnB,OAAOA,GAAG,CAACC,WAAW,CAACV,GAAG,CAACW,UAAU,CAACC,QAAQ,EAAE;MAC5CL,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE,CAAC;IACb,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/CoreFileManager.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { PulumiAppModule } from "@webiny/pulumi";
1
+ import type { PulumiAppModule } from "@webiny/pulumi";
2
2
  export type CoreFileManger = PulumiAppModule<typeof CoreFileManger>;
3
3
  export declare const CoreFileManger: import("@webiny/pulumi").PulumiAppModuleDefinition<{
4
4
  bucket: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/s3/bucket").Bucket>;
package/apps/core/CoreFileManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreFileManger","exports","createAppModule","name","config","app","params","bucket","addResource","s3","Bucket","acl","CannedAcl","Private","forceDestroy","protect","corsRules","allowedHeaders","allowedMethods","allowedOrigins","maxAgeSeconds","opts","blockPublicAccessBlock","BucketPublicAccessBlock","output","id","blockPublicAcls","blockPublicPolicy","ignorePublicAcls","restrictPublicBuckets"],"sources":["CoreFileManager.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport type CoreFileManger = PulumiAppModule<typeof CoreFileManger>;\n\nexport const CoreFileManger = createAppModule({\n name: \"FileManagerBucket\",\n config(app: PulumiApp, params: { protect: boolean }) {\n const name = \"fm-bucket\";\n\n const bucket = app.addResource(aws.s3.Bucket, {\n name,\n config: {\n acl: aws.s3.CannedAcl.Private,\n // We definitely don't want to force-destroy if \"protected\" flag is true.\n forceDestroy: !params.protect,\n // We need these rules to be able to upload to this bucket from the browser.\n corsRules: [\n {\n allowedHeaders: [\"*\"],\n allowedMethods: [\"POST\", \"GET\", \"PUT\"],\n allowedOrigins: [\"*\"],\n maxAgeSeconds: 3000\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n // Block any public access\n const blockPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {\n name: `${name}-block-public-access`,\n config: {\n bucket: bucket.output.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true\n }\n });\n\n return {\n bucket,\n blockPublicAccessBlock\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,uBAAe,EAAC;EAC1CC,IAAI,EAAE,mBAAmB;EACzBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMH,IAAI,GAAG,WAAW;IAExB,MAAMI,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,EAAE,CAACC,MAAM,EAAE;MAC1CP,IAAI;MACJC,MAAM,EAAE;QACJO,GAAG,EAAEf,GAAG,CAACa,EAAE,CAACG,SAAS,CAACC,OAAO;QAC7B;QACAC,YAAY,EAAE,CAACR,MAAM,CAACS,OAAO;QAC7B;QACAC,SAAS,EAAE,CACP;UACIC,cAAc,EAAE,CAAC,GAAG,CAAC;UACrBC,cAAc,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC;UACtCC,cAAc,EAAE,CAAC,GAAG,CAAC;UACrBC,aAAa,EAAE;QACnB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFN,OAAO,EAAET,MAAM,CAACS;MACpB;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMO,sBAAsB,GAAGjB,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,EAAE,CAACc,uBAAuB,EAAE;MAC3EpB,IAAI,EAAE,GAAGA,IAAI,sBAAsB;MACnCC,MAAM,EAAE;QACJG,MAAM,EAAEA,MAAM,CAACiB,MAAM,CAACC,EAAE;QACxBC,eAAe,EAAE,IAAI;QACrBC,iBAAiB,EAAE,IAAI;QACvBC,gBAAgB,EAAE,IAAI;QACtBC,qBAAqB,EAAE;MAC3B;IACJ,CAAC,CAAC;IAEF,OAAO;MACHtB,MAAM;MACNe;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreFileManger","exports","createAppModule","name","config","app","params","bucket","addResource","s3","Bucket","acl","CannedAcl","Private","forceDestroy","protect","corsRules","allowedHeaders","allowedMethods","allowedOrigins","maxAgeSeconds","opts","blockPublicAccessBlock","BucketPublicAccessBlock","output","id","blockPublicAcls","blockPublicPolicy","ignorePublicAcls","restrictPublicBuckets"],"sources":["CoreFileManager.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport type CoreFileManger = PulumiAppModule<typeof CoreFileManger>;\n\nexport const CoreFileManger = createAppModule({\n name: \"FileManagerBucket\",\n config(app: PulumiApp, params: { protect: boolean }) {\n const name = \"fm-bucket\";\n\n const bucket = app.addResource(aws.s3.Bucket, {\n name,\n config: {\n acl: aws.s3.CannedAcl.Private,\n // We definitely don't want to force-destroy if \"protected\" flag is true.\n forceDestroy: !params.protect,\n // We need these rules to be able to upload to this bucket from the browser.\n corsRules: [\n {\n allowedHeaders: [\"*\"],\n allowedMethods: [\"POST\", \"GET\", \"PUT\"],\n allowedOrigins: [\"*\"],\n maxAgeSeconds: 3000\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n\n // Block any public access\n const blockPublicAccessBlock = app.addResource(aws.s3.BucketPublicAccessBlock, {\n name: `${name}-block-public-access`,\n config: {\n bucket: bucket.output.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true\n }\n });\n\n return {\n bucket,\n blockPublicAccessBlock\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,cAAc,GAAAC,OAAA,CAAAD,cAAA,GAAG,IAAAE,uBAAe,EAAC;EAC1CC,IAAI,EAAE,mBAAmB;EACzBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMH,IAAI,GAAG,WAAW;IAExB,MAAMI,MAAM,GAAGF,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,EAAE,CAACC,MAAM,EAAE;MAC1CP,IAAI;MACJC,MAAM,EAAE;QACJO,GAAG,EAAEf,GAAG,CAACa,EAAE,CAACG,SAAS,CAACC,OAAO;QAC7B;QACAC,YAAY,EAAE,CAACR,MAAM,CAACS,OAAO;QAC7B;QACAC,SAAS,EAAE,CACP;UACIC,cAAc,EAAE,CAAC,GAAG,CAAC;UACrBC,cAAc,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC;UACtCC,cAAc,EAAE,CAAC,GAAG,CAAC;UACrBC,aAAa,EAAE;QACnB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFN,OAAO,EAAET,MAAM,CAACS;MACpB;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMO,sBAAsB,GAAGjB,GAAG,CAACG,WAAW,CAACZ,GAAG,CAACa,EAAE,CAACc,uBAAuB,EAAE;MAC3EpB,IAAI,EAAE,GAAGA,IAAI,sBAAsB;MACnCC,MAAM,EAAE;QACJG,MAAM,EAAEA,MAAM,CAACiB,MAAM,CAACC,EAAE;QACxBC,eAAe,EAAE,IAAI;QACrBC,iBAAiB,EAAE,IAAI;QACvBC,gBAAgB,EAAE,IAAI;QACtBC,qBAAqB,EAAE;MAC3B;IACJ,CAAC,CAAC;IAEF,OAAO;MACHtB,MAAM;MACNe;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/CoreOpenSearch.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import * as aws from "@pulumi/aws";
2
- import { PulumiAppResource, PulumiAppResourceConstructor, PulumiAppRemoteResource } from "@webiny/pulumi";
2
+ import type { PulumiAppRemoteResource, PulumiAppResource, PulumiAppResourceConstructor } from "@webiny/pulumi";
3
3
  export interface OpenSearchParams {
4
4
  protect: boolean;
5
5
  }
package/apps/core/CoreOpenSearch.js CHANGED
@@ -274,6 +274,7 @@ const OpenSearch = exports.OpenSearch = (0, _pulumi2.createAppModule)({
274
274
  }
275
275
  });
276
276
  function getDynamoDbToElasticLambdaPolicy(app, domain) {
277
+ const logDynamoDbTable = app.getModule(_LogDynamo.LogDynamo);
277
278
  return app.addResource(aws.iam.Policy, {
278
279
  name: "DynamoDbToElasticLambdaPolicy-updated",
279
280
  config: {
@@ -283,8 +284,13 @@ function getDynamoDbToElasticLambdaPolicy(app, domain) {
283
284
  Statement: [{
284
285
  Sid: "PermissionForES",
285
286
  Effect: "Allow",
286
- Action: ["es:ESHttpGet", "es:ESHttpDelete", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:PutItem", "dynamodb:GetItem", "dynamodb:DeleteItem", "dynamodb:Query", "dynamodb:UpdateItem"],
287
+ Action: ["es:ESHttpGet", "es:ESHttpDelete", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut"],
287
288
  Resource: [pulumi.interpolate`${domain.arn}`, pulumi.interpolate`${domain.arn}/*`]
289
+ }, {
290
+ Sid: "PermissionForDynamoDbLog",
291
+ Effect: "Allow",
292
+ Action: ["dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:Scan", "dynamodb:Query"],
293
+ Resource: [pulumi.interpolate`${logDynamoDbTable.output.arn}`, pulumi.interpolate`${logDynamoDbTable.output.arn}/*`]
288
294
  }]
289
295
  }
290
296
  }
package/apps/core/CoreOpenSearch.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","random","_pulumi2","_awsUtils","_CoreVpc","_constants","_LogDynamo","getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","OS_ENGINE_VERSION","OpenSearch","exports","createAppModule","name","config","app","params","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","vpc","getModule","CoreVpc","optional","logDynamoDbTable","LogDynamo","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","domainName","String","addRemoteResource","opensearch","getDomain","async","randomId","RandomId","byteLength","namePrefix","getParam","pulumiResourceNamePrefix","domainLogicalName","domainPhysicalName","hex","apply","slice","addResource","Domain","engineVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","accountId","getAwsAccountId","DomainPolicy","accessPolicies","all","arn","domainArn","JSON","stringify","Version","Statement","Effect","Principal","AWS","Action","Resource","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","meta","isLambdaFunctionRole","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","DB_TABLE_LOG","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","dynamoToElastic","Policy","Sid","interpolate"],"sources":["CoreOpenSearch.ts"],"sourcesContent":["/**\n * Important documents to read:\n *\n * https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#network-limits\n */\nimport path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as random from \"@pulumi/random\";\nimport {\n createAppModule,\n PulumiApp,\n PulumiAppResource,\n PulumiAppResourceConstructor,\n PulumiAppRemoteResource\n} from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { DEFAULT_PROD_ENV_NAMES, LAMBDA_RUNTIME } from \"~/constants\";\nimport { LogDynamo } from \"~/apps/core/LogDynamo\";\n\nexport interface OpenSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.opensearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.search\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.opensearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.search\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nconst OS_ENGINE_VERSION = \"OpenSearch_2.11\";\n\nexport const OpenSearch = createAppModule({\n name: \"OpenSearch\",\n config(app, params: OpenSearchParams) {\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n // This needs to be implemented in order to be able to use a shared OpenSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.opensearch.Domain>>\n | PulumiAppRemoteResource<aws.opensearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.opensearch.getDomain({ domainName }, { async: true });\n });\n } else {\n const randomId = new random.RandomId(\"osDomainRandomId\", { byteLength: 8 });\n const namePrefix = app.getParam(app.params.create.pulumiResourceNamePrefix) || \"\";\n\n const domainLogicalName = \"webiny-js\";\n const domainPhysicalName = randomId.hex.apply((hex: string) => {\n return `${namePrefix}${domainLogicalName}-${hex.slice(-7)}`;\n });\n\n domain = app.addResource(aws.opensearch.Domain, {\n name: domainLogicalName,\n config: {\n domainName: domainPhysicalName,\n engineVersion: OS_ENGINE_VERSION,\n clusterConfig: isProduction ? getProdClusterConfig() : getDevClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your OpenSearch Domain.\n * For details on OpenSearch security, read the official documentation:\n * https://docs.aws.amazon.com/openSearch-service/latest/developerguide/security.html\n */\n const accountId = getAwsAccountId(app);\n\n domainPolicy = app.addResource(aws.opensearch.DomainPolicy, {\n name: `${domainLogicalName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: pulumi\n .all([accountId, domain.output.arn])\n .apply(([accountId, domainArn]) => {\n return JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: `${domainArn}/*`\n }\n ]\n });\n })\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for OpenSearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your OpenSearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with OpenSearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains OpenSearch items.\n * OpenSearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for OpenSearch in a DynamoDB table, and asynchronously insert it into OpenSearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 900,\n memorySize: 1024,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint,\n DB_TABLE_LOG: logDynamoDbTable.output.name\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 50,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.opensearch.Domain | aws.opensearch.GetDomainResult>\n) {\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpGet\",\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\",\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAKA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,MAAA,GAAAF,uBAAA,CAAAF,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAQA,IAAAM,SAAA,GAAAN,OAAA;AACA,IAAAO,QAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AApBA;AACA;AACA;AACA;AACA;;AAsBA,SAASU,mBAAmBA,CAAA,EAAmD;EAC3E,OAAO;IACHC,YAAY,EAAE;EAClB,CAAC;AACL;AAEA,SAASC,oBAAoBA,CAAA,EAAmD;EAC5E,OAAO;IACH;IACAD,YAAY,EAAE,kBAAkB;IAChCE,aAAa,EAAE,CAAC;IAChBC,oBAAoB,EAAE,IAAI;IAC1BC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC;AACL;AAEA,MAAMC,iBAAiB,GAAG,iBAAiB;AAEpC,MAAMC,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAG,EAAEC,MAAwB,EAAE;IAClC,MAAMC,sBAAsB,GACxBF,GAAG,CAACC,MAAM,CAACE,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;IACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACN,GAAG,CAACC,MAAM,CAACM,GAAG,CAACC,GAAG,CAAC;IAExE,MAAMC,GAAG,GAAGT,GAAG,CAACU,SAAS,CAACC,gBAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;IAEtD,MAAMC,gBAAgB,GAAGb,GAAG,CAACU,SAAS,CAACI,oBAAS,CAAC;;IAEjD;IACA,IAAIC,MAEyD;IAE7D,IAAIC,YAAY;IAEhB,IAAIC,OAAO,CAACT,GAAG,CAACU,8BAA8B,EAAE;MAC5C,MAAMC,UAAU,GAAGC,MAAM,CAACH,OAAO,CAACT,GAAG,CAACU,8BAA8B,CAAC;MACrE;MACA;MACAH,MAAM,GAAGf,GAAG,CAACqB,iBAAiB,CAACF,UAAU,EAAE,MAAM;QAC7C,OAAOvC,GAAG,CAAC0C,UAAU,CAACC,SAAS,CAAC;UAAEJ;QAAW,CAAC,EAAE;UAAEK,KAAK,EAAE;QAAK,CAAC,CAAC;MACpE,CAAC,CAAC;IACN,CAAC,MAAM;MACH,MAAMC,QAAQ,GAAG,IAAI5C,MAAM,CAAC6C,QAAQ,CAAC,kBAAkB,EAAE;QAAEC,UAAU,EAAE;MAAE,CAAC,CAAC;MAC3E,MAAMC,UAAU,GAAG5B,GAAG,CAAC6B,QAAQ,CAAC7B,GAAG,CAACC,MAAM,CAACE,MAAM,CAAC2B,wBAAwB,CAAC,IAAI,EAAE;MAEjF,MAAMC,iBAAiB,GAAG,WAAW;MACrC,MAAMC,kBAAkB,GAAGP,QAAQ,CAACQ,GAAG,CAACC,KAAK,CAAED,GAAW,IAAK;QAC3D,OAAO,GAAGL,UAAU,GAAGG,iBAAiB,IAAIE,GAAG,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;MAC/D,CAAC,CAAC;MAEFpB,MAAM,GAAGf,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0C,UAAU,CAACe,MAAM,EAAE;QAC5CvC,IAAI,EAAEiC,iBAAiB;QACvBhC,MAAM,EAAE;UACJoB,UAAU,EAAEa,kBAAkB;UAC9BM,aAAa,EAAE5C,iBAAiB;UAChC6C,aAAa,EAAElC,YAAY,GAAGhB,oBAAoB,CAAC,CAAC,GAAGF,mBAAmB,CAAC,CAAC;UAC5EqD,UAAU,EAAE/B,GAAG,GACT;YACIgC,SAAS,EAAEhC,GAAG,CAACiC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;YACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACqC,MAAM,CAACG,sBAAsB;UAC5D,CAAC,GACDC,SAAS;UACfC,UAAU,EAAE;YACRC,UAAU,EAAE,IAAI;YAChBC,UAAU,EAAE,EAAE;YACdC,UAAU,EAAE;UAChB,CAAC;UACDC,eAAe,EAAE;YACb,wCAAwC,EAAE;UAC9C,CAAC;UACDC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UAChC;QACJ,CAAC;QACDC,IAAI,EAAE;UAAEC,OAAO,EAAE1D,MAAM,CAAC0D;QAAQ;MACpC,CAAC,CAAC;;MAEF;AACZ;AACA;AACA;AACA;MACY,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAAC7D,GAAG,CAAC;MAEtCgB,YAAY,GAAGhB,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0C,UAAU,CAACwC,YAAY,EAAE;QACxDhE,IAAI,EAAE,GAAGiC,iBAAiB,SAAS;QACnChC,MAAM,EAAE;UACJoB,UAAU,EAAEJ,MAAM,CAAC+B,MAAM,CAAC3B,UAAU;UACpC4C,cAAc,EAAErF,MAAM,CACjBsF,GAAG,CAAC,CAACJ,SAAS,EAAE7C,MAAM,CAAC+B,MAAM,CAACmB,GAAG,CAAC,CAAC,CACnC/B,KAAK,CAAC,CAAC,CAAC0B,SAAS,EAAEM,SAAS,CAAC,KAAK;YAC/B,OAAOC,IAAI,CAACC,SAAS,CAAC;cAClBC,OAAO,EAAE,YAAY;cACrBC,SAAS,EAAE;cACP;AACpC;AACA;cACoC;gBACIC,MAAM,EAAE,OAAO;gBACfC,SAAS,EAAE;kBACPC,GAAG,EAAEb;gBACT,CAAC;gBACDc,MAAM,EAAE,MAAM;gBACdC,QAAQ,EAAE,GAAGT,SAAS;cAC1B,CAAC;YAET,CAAC,CAAC;UACN,CAAC;QACT,CAAC;QACDR,IAAI,EAAE;UAAEC,OAAO,EAAE1D,MAAM,CAAC0D;QAAQ;MACpC,CAAC,CAAC;IACN;;IAEA;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMiB,KAAK,GAAG5E,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAACiG,QAAQ,CAACC,KAAK,EAAE;MAC9ChF,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJgF,UAAU,EAAE,CACR;UAAEjF,IAAI,EAAE,IAAI;UAAEkF,IAAI,EAAE;QAAI,CAAC,EACzB;UAAElF,IAAI,EAAE,IAAI;UAAEkF,IAAI,EAAE;QAAI,CAAC,CAC5B;QACDC,aAAa,EAAE,IAAI;QACnBC,cAAc,EAAE,oBAAoB;QACpCC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE;MACd,CAAC;MACD3B,IAAI,EAAE;QAAEC,OAAO,EAAE1D,MAAM,CAAC0D;MAAQ;IACpC,CAAC,CAAC;IAEF,MAAM2B,QAAQ,GAAG,+BAA+B;IAEhD,MAAMC,IAAI,GAAGvF,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACC,IAAI,EAAE;MACvC3F,IAAI,EAAEwF,QAAQ;MACdvF,MAAM,EAAE;QACJ2F,gBAAgB,EAAE;UACdrB,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBAAgB;YACxBF,SAAS,EAAE;cACPmB,OAAO,EAAE;YACb,CAAC;YACDpB,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDqB,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGC,gCAAgC,CAAC/F,GAAG,EAAEe,MAAM,CAAC+B,MAAM,CAAC;IAEnE9C,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;MAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,gCAAgC;MACjDvF,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;QACjBmD,SAAS,EAAEH,MAAM,CAAChD,MAAM,CAACmB;MAC7B;IACJ,CAAC,CAAC;;IAEF;IACA,IAAIxD,GAAG,EAAE;MACLT,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;QAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,kCAAkC;QACnDvF,MAAM,EAAE;UACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;UACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHnG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;QAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,8BAA8B;QAC/CvF,MAAM,EAAE;UACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;UACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEApG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;MAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,iCAAiC;MAClDvF,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;QACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACG;MACrC;IACJ,CAAC,CAAC;;IAEF;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMC,MAAM,GAAGtG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0H,MAAM,CAACC,QAAQ,EAAE;MAChDzG,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM,CAACmB,GAAG;QACrBuC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,GAAG;QACZC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAE3F,MAAM,CAACH,OAAO,CAACT,GAAG,CAACuG,KAAK,CAAC;YAChCC,uBAAuB,EAAEjG,MAAM,CAAC+B,MAAM,CAACmE,QAAQ;YAC/CC,YAAY,EAAErG,gBAAgB,CAACiC,MAAM,CAAChD;UAC1C;QACJ,CAAC;QACDqH,WAAW,EAAE,0BAA0B;QACvCC,IAAI,EAAE,IAAI1I,MAAM,CAAC2I,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI5I,MAAM,CAAC2I,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACzH,GAAG,CAAC0H,KAAK,CAACC,SAAS,EAAE,uBAAuB,CAC1D;QACJ,CAAC,CAAC;QACFC,SAAS,EAAEnH,GAAG,GACR;UACIgC,SAAS,EAAEhC,GAAG,CAACiC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACqC,MAAM,CAACG,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAM2E,kBAAkB,GAAG7H,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0H,MAAM,CAACwB,kBAAkB,EAAE;MACtEhI,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJgI,cAAc,EAAEnD,KAAK,CAAC9B,MAAM,CAACkF,SAAS;QACtCC,YAAY,EAAE3B,MAAM,CAACxD,MAAM,CAACmB,GAAG;QAC/BiE,gBAAgB,EAAE,QAAQ;QAC1BC,oBAAoB,EAAE,CAAC;QACvBC,SAAS,EAAE,EAAE;QACbC,8BAA8B,EAAE;MACpC;IACJ,CAAC,CAAC;IAEFrI,GAAG,CAACsI,UAAU,CAAC;MACXC,sBAAsB,EAAExH,MAAM,CAAC+B,MAAM,CAACmB,GAAG;MACzCuE,2BAA2B,EAAEzH,MAAM,CAAC+B,MAAM,CAACmE,QAAQ;MACnDwB,6BAA6B,EAAE7D,KAAK,CAAC9B,MAAM,CAACmB,GAAG;MAC/CyE,8BAA8B,EAAE9D,KAAK,CAAC9B,MAAM,CAAChD;IACjD,CAAC,CAAC;IAEF,OAAO;MACHiB,MAAM;MACNC,YAAY;MACZ4D,KAAK;MACL+D,eAAe,EAAE;QACbpD,IAAI;QACJO,MAAM;QACNQ,MAAM;QACNuB;MACJ;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAAS9B,gCAAgCA,CACrC/F,GAAc,EACde,MAA6E,EAC/E;EACE,OAAOf,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACoD,MAAM,EAAE;IACnC9I,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJoH,WAAW,EAAE,uDAAuD;MACpErB,MAAM,EAAE;QACJzB,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIuE,GAAG,EAAE,iBAAiB;UACtBtE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,EACrB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACNjG,MAAM,CAACoK,WAAW,GAAG/H,MAAM,CAACkD,GAAG,EAAE,EACjCvF,MAAM,CAACoK,WAAW,GAAG/H,MAAM,CAACkD,GAAG,IAAI;QAE3C,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
1
+ {"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","random","_pulumi2","_awsUtils","_CoreVpc","_constants","_LogDynamo","getDevClusterConfig","instanceType","getProdClusterConfig","instanceCount","zoneAwarenessEnabled","zoneAwarenessConfig","availabilityZoneCount","OS_ENGINE_VERSION","OpenSearch","exports","createAppModule","name","config","app","params","productionEnvironments","create","DEFAULT_PROD_ENV_NAMES","isProduction","includes","run","env","vpc","getModule","CoreVpc","optional","logDynamoDbTable","LogDynamo","domain","domainPolicy","process","AWS_ELASTIC_SEARCH_DOMAIN_NAME","domainName","String","addRemoteResource","opensearch","getDomain","async","randomId","RandomId","byteLength","namePrefix","getParam","pulumiResourceNamePrefix","domainLogicalName","domainPhysicalName","hex","apply","slice","addResource","Domain","engineVersion","clusterConfig","vpcOptions","subnetIds","subnets","private","map","s","output","id","securityGroupIds","defaultSecurityGroupId","undefined","ebsOptions","ebsEnabled","volumeSize","volumeType","advancedOptions","snapshotOptions","automatedSnapshotStartHour","opts","protect","accountId","getAwsAccountId","DomainPolicy","accessPolicies","all","arn","domainArn","JSON","stringify","Version","Statement","Effect","Principal","AWS","Action","Resource","table","dynamodb","Table","attributes","type","streamEnabled","streamViewType","billingMode","hashKey","rangeKey","roleName","role","iam","Role","assumeRolePolicy","Service","meta","isLambdaFunctionRole","policy","getDynamoDbToElasticLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","AWSLambdaDynamoDBExecutionRole","lambda","Function","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","environment","variables","DEBUG","ELASTIC_SEARCH_ENDPOINT","endpoint","DB_TABLE_LOG","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","vpcConfig","eventSourceMapping","EventSourceMapping","eventSourceArn","streamArn","functionName","startingPosition","maximumRetryAttempts","batchSize","maximumBatchingWindowInSeconds","addOutputs","elasticsearchDomainArn","elasticsearchDomainEndpoint","elasticsearchDynamodbTableArn","elasticsearchDynamodbTableName","dynamoToElastic","Policy","Sid","interpolate"],"sources":["CoreOpenSearch.ts"],"sourcesContent":["/**\n * Important documents to read:\n *\n * https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#network-limits\n */\nimport path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as random from \"@pulumi/random\";\nimport type {\n PulumiApp,\n PulumiAppRemoteResource,\n PulumiAppResource,\n PulumiAppResourceConstructor\n} from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nimport { getAwsAccountId } from \"../awsUtils\";\nimport { CoreVpc } from \"./CoreVpc\";\nimport { DEFAULT_PROD_ENV_NAMES, LAMBDA_RUNTIME } from \"~/constants\";\nimport { LogDynamo } from \"~/apps/core/LogDynamo\";\n\nexport interface OpenSearchParams {\n protect: boolean;\n}\n\nfunction getDevClusterConfig(): aws.types.input.opensearch.DomainClusterConfig {\n return {\n instanceType: \"t3.small.search\"\n };\n}\n\nfunction getProdClusterConfig(): aws.types.input.opensearch.DomainClusterConfig {\n return {\n // For production deployments, we create 2 instances and configure multi-AZ.\n instanceType: \"t3.medium.search\",\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n zoneAwarenessConfig: {\n availabilityZoneCount: 2\n }\n };\n}\n\nconst OS_ENGINE_VERSION = \"OpenSearch_2.11\";\n\nexport const OpenSearch = createAppModule({\n name: \"OpenSearch\",\n config(app, params: OpenSearchParams) {\n const productionEnvironments =\n app.params.create.productionEnvironments || DEFAULT_PROD_ENV_NAMES;\n const isProduction = productionEnvironments.includes(app.params.run.env);\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n // This needs to be implemented in order to be able to use a shared OpenSearch cluster.\n let domain:\n | PulumiAppResource<PulumiAppResourceConstructor<aws.opensearch.Domain>>\n | PulumiAppRemoteResource<aws.opensearch.GetDomainResult>;\n\n let domainPolicy;\n\n if (process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME) {\n const domainName = String(process.env.AWS_ELASTIC_SEARCH_DOMAIN_NAME);\n // This can be useful for testing purposes in ephemeral environments. More information here:\n // https://www.webiny.com/docs/key-topics/ci-cd/testing/slow-ephemeral-environments\n domain = app.addRemoteResource(domainName, () => {\n return aws.opensearch.getDomain({ domainName }, { async: true });\n });\n } else {\n const randomId = new random.RandomId(\"osDomainRandomId\", { byteLength: 8 });\n const namePrefix = app.getParam(app.params.create.pulumiResourceNamePrefix) || \"\";\n\n const domainLogicalName = \"webiny-js\";\n const domainPhysicalName = randomId.hex.apply((hex: string) => {\n return `${namePrefix}${domainLogicalName}-${hex.slice(-7)}`;\n });\n\n domain = app.addResource(aws.opensearch.Domain, {\n name: domainLogicalName,\n config: {\n domainName: domainPhysicalName,\n engineVersion: OS_ENGINE_VERSION,\n clusterConfig: isProduction ? getProdClusterConfig() : getDevClusterConfig(),\n vpcOptions: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined,\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n volumeType: \"gp2\"\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\"\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23\n }\n },\n opts: { protect: params.protect }\n });\n\n /**\n * Domain policy defines who can access your OpenSearch Domain.\n * For details on OpenSearch security, read the official documentation:\n * https://docs.aws.amazon.com/openSearch-service/latest/developerguide/security.html\n */\n const accountId = getAwsAccountId(app);\n\n domainPolicy = app.addResource(aws.opensearch.DomainPolicy, {\n name: `${domainLogicalName}-policy`,\n config: {\n domainName: domain.output.domainName,\n accessPolicies: pulumi\n .all([accountId, domain.output.arn])\n .apply(([accountId, domainArn]) => {\n return JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n /**\n * Allow requests signed with current account\n */\n {\n Effect: \"Allow\",\n Principal: {\n AWS: accountId\n },\n Action: \"es:*\",\n Resource: `${domainArn}/*`\n }\n ]\n });\n })\n },\n opts: { protect: params.protect }\n });\n }\n\n /**\n * Create a table for OpenSearch records. All ES records are stored in this table to dramatically improve\n * performance and stability on write operations (especially massive data imports). This table also serves as a backup and\n * a single source of truth for your OpenSearch domain. Streaming is enabled on this table, and it will\n * allow asynchronous synchronization of data with OpenSearch domain.\n */\n const table = app.addResource(aws.dynamodb.Table, {\n name: \"webiny-es\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" }\n ],\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\"\n },\n opts: { protect: params.protect }\n });\n\n const roleName = \"dynamo-to-elastic-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = getDynamoDbToElasticLambdaPolicy(app, domain.output);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-DynamoDbToElasticLambdaPolicy`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaDynamoDBExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaDynamoDBExecutionRole\n }\n });\n\n /**\n * This Lambda will process the stream events from DynamoDB table that contains OpenSearch items.\n * OpenSearch can't take large amount of individual writes in a short period of time, so this way\n * we store data for OpenSearch in a DynamoDB table, and asynchronously insert it into OpenSearch\n * using batching.\n */\n const lambda = app.addResource(aws.lambda.Function, {\n name: \"dynamo-to-elastic\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 900,\n memorySize: 1024,\n environment: {\n variables: {\n DEBUG: String(process.env.DEBUG),\n ELASTIC_SEARCH_ENDPOINT: domain.output.endpoint,\n DB_TABLE_LOG: logDynamoDbTable.output.name\n }\n },\n description: \"Process DynamoDB Stream.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"dynamoToElastic/build\")\n )\n }),\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const eventSourceMapping = app.addResource(aws.lambda.EventSourceMapping, {\n name: \"dynamo-to-elastic\",\n config: {\n eventSourceArn: table.output.streamArn,\n functionName: lambda.output.arn,\n startingPosition: \"LATEST\",\n maximumRetryAttempts: 3,\n batchSize: 50,\n maximumBatchingWindowInSeconds: 1\n }\n });\n\n app.addOutputs({\n elasticsearchDomainArn: domain.output.arn,\n elasticsearchDomainEndpoint: domain.output.endpoint,\n elasticsearchDynamodbTableArn: table.output.arn,\n elasticsearchDynamodbTableName: table.output.name\n });\n\n return {\n domain,\n domainPolicy,\n table,\n dynamoToElastic: {\n role,\n policy,\n lambda,\n eventSourceMapping\n }\n };\n }\n});\n\nfunction getDynamoDbToElasticLambdaPolicy(\n app: PulumiApp,\n domain: pulumi.Output<aws.opensearch.Domain | aws.opensearch.GetDomainResult>\n) {\n const logDynamoDbTable = app.getModule(LogDynamo);\n\n return app.addResource(aws.iam.Policy, {\n name: \"DynamoDbToElasticLambdaPolicy-updated\",\n config: {\n description: \"This policy enables access to ES and Dynamodb streams\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\",\n Action: [\n \"es:ESHttpGet\",\n \"es:ESHttpDelete\",\n \"es:ESHttpPatch\",\n \"es:ESHttpPost\",\n \"es:ESHttpPut\"\n ],\n Resource: [\n pulumi.interpolate`${domain.arn}`,\n pulumi.interpolate`${domain.arn}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDbLog\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:GetItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:Scan\",\n \"dynamodb:Query\"\n ],\n Resource: [\n pulumi.interpolate`${logDynamoDbTable.output.arn}`,\n pulumi.interpolate`${logDynamoDbTable.output.arn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;AAKA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,MAAA,GAAAF,uBAAA,CAAAF,OAAA;AAOA,IAAAK,QAAA,GAAAL,OAAA;AAEA,IAAAM,SAAA,GAAAN,OAAA;AACA,IAAAO,QAAA,GAAAP,OAAA;AACA,IAAAQ,UAAA,GAAAR,OAAA;AACA,IAAAS,UAAA,GAAAT,OAAA;AApBA;AACA;AACA;AACA;AACA;;AAsBA,SAASU,mBAAmBA,CAAA,EAAmD;EAC3E,OAAO;IACHC,YAAY,EAAE;EAClB,CAAC;AACL;AAEA,SAASC,oBAAoBA,CAAA,EAAmD;EAC5E,OAAO;IACH;IACAD,YAAY,EAAE,kBAAkB;IAChCE,aAAa,EAAE,CAAC;IAChBC,oBAAoB,EAAE,IAAI;IAC1BC,mBAAmB,EAAE;MACjBC,qBAAqB,EAAE;IAC3B;EACJ,CAAC;AACL;AAEA,MAAMC,iBAAiB,GAAG,iBAAiB;AAEpC,MAAMC,UAAU,GAAAC,OAAA,CAAAD,UAAA,GAAG,IAAAE,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAG,EAAEC,MAAwB,EAAE;IAClC,MAAMC,sBAAsB,GACxBF,GAAG,CAACC,MAAM,CAACE,MAAM,CAACD,sBAAsB,IAAIE,iCAAsB;IACtE,MAAMC,YAAY,GAAGH,sBAAsB,CAACI,QAAQ,CAACN,GAAG,CAACC,MAAM,CAACM,GAAG,CAACC,GAAG,CAAC;IAExE,MAAMC,GAAG,GAAGT,GAAG,CAACU,SAAS,CAACC,gBAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;IAEtD,MAAMC,gBAAgB,GAAGb,GAAG,CAACU,SAAS,CAACI,oBAAS,CAAC;;IAEjD;IACA,IAAIC,MAEyD;IAE7D,IAAIC,YAAY;IAEhB,IAAIC,OAAO,CAACT,GAAG,CAACU,8BAA8B,EAAE;MAC5C,MAAMC,UAAU,GAAGC,MAAM,CAACH,OAAO,CAACT,GAAG,CAACU,8BAA8B,CAAC;MACrE;MACA;MACAH,MAAM,GAAGf,GAAG,CAACqB,iBAAiB,CAACF,UAAU,EAAE,MAAM;QAC7C,OAAOvC,GAAG,CAAC0C,UAAU,CAACC,SAAS,CAAC;UAAEJ;QAAW,CAAC,EAAE;UAAEK,KAAK,EAAE;QAAK,CAAC,CAAC;MACpE,CAAC,CAAC;IACN,CAAC,MAAM;MACH,MAAMC,QAAQ,GAAG,IAAI5C,MAAM,CAAC6C,QAAQ,CAAC,kBAAkB,EAAE;QAAEC,UAAU,EAAE;MAAE,CAAC,CAAC;MAC3E,MAAMC,UAAU,GAAG5B,GAAG,CAAC6B,QAAQ,CAAC7B,GAAG,CAACC,MAAM,CAACE,MAAM,CAAC2B,wBAAwB,CAAC,IAAI,EAAE;MAEjF,MAAMC,iBAAiB,GAAG,WAAW;MACrC,MAAMC,kBAAkB,GAAGP,QAAQ,CAACQ,GAAG,CAACC,KAAK,CAAED,GAAW,IAAK;QAC3D,OAAO,GAAGL,UAAU,GAAGG,iBAAiB,IAAIE,GAAG,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;MAC/D,CAAC,CAAC;MAEFpB,MAAM,GAAGf,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0C,UAAU,CAACe,MAAM,EAAE;QAC5CvC,IAAI,EAAEiC,iBAAiB;QACvBhC,MAAM,EAAE;UACJoB,UAAU,EAAEa,kBAAkB;UAC9BM,aAAa,EAAE5C,iBAAiB;UAChC6C,aAAa,EAAElC,YAAY,GAAGhB,oBAAoB,CAAC,CAAC,GAAGF,mBAAmB,CAAC,CAAC;UAC5EqD,UAAU,EAAE/B,GAAG,GACT;YACIgC,SAAS,EAAEhC,GAAG,CAACiC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;YACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACqC,MAAM,CAACG,sBAAsB;UAC5D,CAAC,GACDC,SAAS;UACfC,UAAU,EAAE;YACRC,UAAU,EAAE,IAAI;YAChBC,UAAU,EAAE,EAAE;YACdC,UAAU,EAAE;UAChB,CAAC;UACDC,eAAe,EAAE;YACb,wCAAwC,EAAE;UAC9C,CAAC;UACDC,eAAe,EAAE;YACbC,0BAA0B,EAAE;UAChC;QACJ,CAAC;QACDC,IAAI,EAAE;UAAEC,OAAO,EAAE1D,MAAM,CAAC0D;QAAQ;MACpC,CAAC,CAAC;;MAEF;AACZ;AACA;AACA;AACA;MACY,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAAC7D,GAAG,CAAC;MAEtCgB,YAAY,GAAGhB,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0C,UAAU,CAACwC,YAAY,EAAE;QACxDhE,IAAI,EAAE,GAAGiC,iBAAiB,SAAS;QACnChC,MAAM,EAAE;UACJoB,UAAU,EAAEJ,MAAM,CAAC+B,MAAM,CAAC3B,UAAU;UACpC4C,cAAc,EAAErF,MAAM,CACjBsF,GAAG,CAAC,CAACJ,SAAS,EAAE7C,MAAM,CAAC+B,MAAM,CAACmB,GAAG,CAAC,CAAC,CACnC/B,KAAK,CAAC,CAAC,CAAC0B,SAAS,EAAEM,SAAS,CAAC,KAAK;YAC/B,OAAOC,IAAI,CAACC,SAAS,CAAC;cAClBC,OAAO,EAAE,YAAY;cACrBC,SAAS,EAAE;cACP;AACpC;AACA;cACoC;gBACIC,MAAM,EAAE,OAAO;gBACfC,SAAS,EAAE;kBACPC,GAAG,EAAEb;gBACT,CAAC;gBACDc,MAAM,EAAE,MAAM;gBACdC,QAAQ,EAAE,GAAGT,SAAS;cAC1B,CAAC;YAET,CAAC,CAAC;UACN,CAAC;QACT,CAAC;QACDR,IAAI,EAAE;UAAEC,OAAO,EAAE1D,MAAM,CAAC0D;QAAQ;MACpC,CAAC,CAAC;IACN;;IAEA;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMiB,KAAK,GAAG5E,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAACiG,QAAQ,CAACC,KAAK,EAAE;MAC9ChF,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJgF,UAAU,EAAE,CACR;UAAEjF,IAAI,EAAE,IAAI;UAAEkF,IAAI,EAAE;QAAI,CAAC,EACzB;UAAElF,IAAI,EAAE,IAAI;UAAEkF,IAAI,EAAE;QAAI,CAAC,CAC5B;QACDC,aAAa,EAAE,IAAI;QACnBC,cAAc,EAAE,oBAAoB;QACpCC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE;MACd,CAAC;MACD3B,IAAI,EAAE;QAAEC,OAAO,EAAE1D,MAAM,CAAC0D;MAAQ;IACpC,CAAC,CAAC;IAEF,MAAM2B,QAAQ,GAAG,+BAA+B;IAEhD,MAAMC,IAAI,GAAGvF,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACC,IAAI,EAAE;MACvC3F,IAAI,EAAEwF,QAAQ;MACdvF,MAAM,EAAE;QACJ2F,gBAAgB,EAAE;UACdrB,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACII,MAAM,EAAE,gBAAgB;YACxBF,SAAS,EAAE;cACPmB,OAAO,EAAE;YACb,CAAC;YACDpB,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDqB,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAGC,gCAAgC,CAAC/F,GAAG,EAAEe,MAAM,CAAC+B,MAAM,CAAC;IAEnE9C,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;MAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,gCAAgC;MACjDvF,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;QACjBmD,SAAS,EAAEH,MAAM,CAAChD,MAAM,CAACmB;MAC7B;IACJ,CAAC,CAAC;;IAEF;IACA,IAAIxD,GAAG,EAAE;MACLT,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;QAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,kCAAkC;QACnDvF,MAAM,EAAE;UACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;UACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHnG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;QAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,8BAA8B;QAC/CvF,MAAM,EAAE;UACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;UACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEApG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACQ,oBAAoB,EAAE;MAC1ClG,IAAI,EAAE,GAAGwF,QAAQ,iCAAiC;MAClDvF,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM;QACjBmD,SAAS,EAAErH,GAAG,CAAC4G,GAAG,CAACU,aAAa,CAACG;MACrC;IACJ,CAAC,CAAC;;IAEF;AACR;AACA;AACA;AACA;AACA;IACQ,MAAMC,MAAM,GAAGtG,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0H,MAAM,CAACC,QAAQ,EAAE;MAChDzG,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJwF,IAAI,EAAEA,IAAI,CAACzC,MAAM,CAACmB,GAAG;QACrBuC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,GAAG;QACZC,UAAU,EAAE,IAAI;QAChBC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,KAAK,EAAE3F,MAAM,CAACH,OAAO,CAACT,GAAG,CAACuG,KAAK,CAAC;YAChCC,uBAAuB,EAAEjG,MAAM,CAAC+B,MAAM,CAACmE,QAAQ;YAC/CC,YAAY,EAAErG,gBAAgB,CAACiC,MAAM,CAAChD;UAC1C;QACJ,CAAC;QACDqH,WAAW,EAAE,0BAA0B;QACvCC,IAAI,EAAE,IAAI1I,MAAM,CAAC2I,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI5I,MAAM,CAAC2I,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACzH,GAAG,CAAC0H,KAAK,CAACC,SAAS,EAAE,uBAAuB,CAC1D;QACJ,CAAC,CAAC;QACFC,SAAS,EAAEnH,GAAG,GACR;UACIgC,SAAS,EAAEhC,GAAG,CAACiC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAACC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACqC,MAAM,CAACG,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAM2E,kBAAkB,GAAG7H,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC0H,MAAM,CAACwB,kBAAkB,EAAE;MACtEhI,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACJgI,cAAc,EAAEnD,KAAK,CAAC9B,MAAM,CAACkF,SAAS;QACtCC,YAAY,EAAE3B,MAAM,CAACxD,MAAM,CAACmB,GAAG;QAC/BiE,gBAAgB,EAAE,QAAQ;QAC1BC,oBAAoB,EAAE,CAAC;QACvBC,SAAS,EAAE,EAAE;QACbC,8BAA8B,EAAE;MACpC;IACJ,CAAC,CAAC;IAEFrI,GAAG,CAACsI,UAAU,CAAC;MACXC,sBAAsB,EAAExH,MAAM,CAAC+B,MAAM,CAACmB,GAAG;MACzCuE,2BAA2B,EAAEzH,MAAM,CAAC+B,MAAM,CAACmE,QAAQ;MACnDwB,6BAA6B,EAAE7D,KAAK,CAAC9B,MAAM,CAACmB,GAAG;MAC/CyE,8BAA8B,EAAE9D,KAAK,CAAC9B,MAAM,CAAChD;IACjD,CAAC,CAAC;IAEF,OAAO;MACHiB,MAAM;MACNC,YAAY;MACZ4D,KAAK;MACL+D,eAAe,EAAE;QACbpD,IAAI;QACJO,MAAM;QACNQ,MAAM;QACNuB;MACJ;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAEF,SAAS9B,gCAAgCA,CACrC/F,GAAc,EACde,MAA6E,EAC/E;EACE,MAAMF,gBAAgB,GAAGb,GAAG,CAACU,SAAS,CAACI,oBAAS,CAAC;EAEjD,OAAOd,GAAG,CAACoC,WAAW,CAACxD,GAAG,CAAC4G,GAAG,CAACoD,MAAM,EAAE;IACnC9I,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJoH,WAAW,EAAE,uDAAuD;MACpErB,MAAM,EAAE;QACJzB,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIuE,GAAG,EAAE,iBAAiB;UACtBtE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,CACjB;UACDC,QAAQ,EAAE,CACNjG,MAAM,CAACoK,WAAW,GAAG/H,MAAM,CAACkD,GAAG,EAAE,EACjCvF,MAAM,CAACoK,WAAW,GAAG/H,MAAM,CAACkD,GAAG,IAAI;QAE3C,CAAC,EACD;UACI4E,GAAG,EAAE,0BAA0B;UAC/BtE,MAAM,EAAE,OAAO;UACfG,MAAM,EAAE,CACJ,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,uBAAuB,EACvB,yBAAyB,EACzB,eAAe,EACf,gBAAgB,CACnB;UACDC,QAAQ,EAAE,CACNjG,MAAM,CAACoK,WAAW,GAAGjI,gBAAgB,CAACiC,MAAM,CAACmB,GAAG,EAAE,EAClDvF,MAAM,CAACoK,WAAW,GAAGjI,gBAAgB,CAACiC,MAAM,CAACmB,GAAG,IAAI;QAE5D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN","ignoreList":[]}
package/apps/core/CoreVpc.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { PulumiAppModule } from "@webiny/pulumi";
1
+ import type { PulumiAppModule } from "@webiny/pulumi";
2
2
  export type CoreVpc = PulumiAppModule<typeof CoreVpc>;
3
3
  export declare const CoreVpc: import("@webiny/pulumi").PulumiAppModuleDefinition<{
4
4
  vpc: import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/ec2/vpc").Vpc>;
package/apps/core/CoreVpc.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreVpc","exports","createAppModule","name","config","app","vpc","addResource","ec2","Vpc","cidrBlock","publicSubnet","Subnet","vpcId","output","id","tags","Name","availabilityZones","addHandler","getAvailabilityZones","state","privateSubnet1","availabilityZone","apply","zone","names","privateSubnet2","internetGateway","InternetGateway","elasticIpAllocation","Eip","natGateway","NatGateway","allocationId","subnetId","publicSubnetRouteTable","RouteTable","routes","gatewayId","privateSubnetRouteTable","natGatewayId","RouteTableAssociation","routeTableId","subnets","public","private","routeTables","privateSubnets","publicSubnets","addOutputs","vpcPublicSubnetIds","map","subNet","vpcPrivateSubnetIds","vpcSecurityGroupIds","defaultSecurityGroupId"],"sources":["CoreVpc.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport type CoreVpc = PulumiAppModule<typeof CoreVpc>;\n\nexport const CoreVpc = createAppModule({\n name: \"CoreVpc\",\n config(app) {\n // Create VPC.\n const vpc = app.addResource(aws.ec2.Vpc, {\n name: \"webiny\",\n config: {\n cidrBlock: \"10.0.0.0/16\"\n }\n });\n\n // Create one public and two private subnets.\n const publicSubnet = app.addResource(aws.ec2.Subnet, {\n name: \"public\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.0.0/24\",\n tags: { Name: \"public-subnet\" }\n }\n });\n\n const availabilityZones = app.addHandler(() => {\n return aws.getAvailabilityZones({\n state: \"available\"\n });\n });\n\n const privateSubnet1 = app.addResource(aws.ec2.Subnet, {\n name: \"private-subnet-1\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.1.0/24\",\n availabilityZone: availabilityZones.apply(zone => zone.names[0]),\n tags: { Name: \"private-subnet-1\" }\n }\n });\n\n const privateSubnet2 = app.addResource(aws.ec2.Subnet, {\n name: \"private-subnet-2\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.2.0/24\",\n availabilityZone: availabilityZones.apply(zone => zone.names[1]),\n tags: { Name: \"private-subnet-2\" }\n }\n });\n\n // Create Internet gateway.\n const internetGateway = app.addResource(aws.ec2.InternetGateway, {\n name: \"internet-gateway\",\n config: {\n vpcId: vpc.output.id\n }\n });\n\n // Create NAT gateway.\n const elasticIpAllocation = app.addResource(aws.ec2.Eip, {\n name: \"nat-gateway-elastic-ip\",\n config: {\n vpc: true\n }\n });\n\n const natGateway = app.addResource(aws.ec2.NatGateway, {\n name: \"nat-gateway\",\n config: {\n allocationId: elasticIpAllocation.output.id,\n subnetId: publicSubnet.output.id\n }\n });\n\n // Create a route table for both subnets.\n const publicSubnetRouteTable = app.addResource(aws.ec2.RouteTable, {\n name: \"public\",\n config: {\n vpcId: vpc.output.id,\n routes: [\n {\n cidrBlock: \"0.0.0.0/0\",\n gatewayId: internetGateway.output.id\n }\n ]\n }\n });\n\n const privateSubnetRouteTable = app.addResource(aws.ec2.RouteTable, {\n name: \"private\",\n config: {\n vpcId: vpc.output.id,\n routes: [\n {\n cidrBlock: \"0.0.0.0/0\",\n natGatewayId: natGateway.output.id\n }\n ]\n }\n });\n\n // Create route table associations - links between subnets and route tables.\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"public-subnet-route-table-association\",\n config: {\n subnetId: publicSubnet.output.id,\n routeTableId: publicSubnetRouteTable.output.id\n }\n });\n\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"private-subnet-1-route-table-association\",\n config: {\n subnetId: privateSubnet1.output.id,\n routeTableId: privateSubnetRouteTable.output.id\n }\n });\n\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"private-subnet-2-route-table-association\",\n config: {\n subnetId: privateSubnet2.output.id,\n routeTableId: privateSubnetRouteTable.output.id\n }\n });\n\n const subnets = {\n public: [publicSubnet],\n private: [privateSubnet1, privateSubnet2]\n };\n\n const routeTables = {\n privateSubnets: privateSubnetRouteTable,\n publicSubnets: publicSubnetRouteTable\n };\n\n app.addOutputs({\n vpcPublicSubnetIds: subnets.public.map(subNet => subNet.output.id),\n vpcPrivateSubnetIds: subnets.private.map(subNet => subNet.output.id),\n vpcSecurityGroupIds: [vpc.output.defaultSecurityGroupId]\n });\n\n return {\n vpc,\n subnets,\n routeTables\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,OAAO,GAAAC,OAAA,CAAAD,OAAA,GAAG,IAAAE,uBAAe,EAAC;EACnCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAG,EAAE;IACR;IACA,MAAMC,GAAG,GAAGD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,GAAG,EAAE;MACrCN,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJM,SAAS,EAAE;MACf;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMC,YAAY,GAAGN,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACjDT,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBM,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAgB;MAClC;IACJ,CAAC,CAAC;IAEF,MAAMC,iBAAiB,GAAGb,GAAG,CAACc,UAAU,CAAC,MAAM;MAC3C,OAAOvB,GAAG,CAACwB,oBAAoB,CAAC;QAC5BC,KAAK,EAAE;MACX,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGjB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACnDT,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBa,gBAAgB,EAAEL,iBAAiB,CAACM,KAAK,CAACC,IAAI,IAAIA,IAAI,CAACC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChEV,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAmB;MACrC;IACJ,CAAC,CAAC;IAEF,MAAMU,cAAc,GAAGtB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACnDT,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBa,gBAAgB,EAAEL,iBAAiB,CAACM,KAAK,CAACC,IAAI,IAAIA,IAAI,CAACC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChEV,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAmB;MACrC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMW,eAAe,GAAGvB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACqB,eAAe,EAAE;MAC7D1B,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC;MACtB;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMe,mBAAmB,GAAGzB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACuB,GAAG,EAAE;MACrD5B,IAAI,EAAE,wBAAwB;MAC9BC,MAAM,EAAE;QACJE,GAAG,EAAE;MACT;IACJ,CAAC,CAAC;IAEF,MAAM0B,UAAU,GAAG3B,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACyB,UAAU,EAAE;MACnD9B,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ8B,YAAY,EAAEJ,mBAAmB,CAAChB,MAAM,CAACC,EAAE;QAC3CoB,QAAQ,EAAExB,YAAY,CAACG,MAAM,CAACC;MAClC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMqB,sBAAsB,GAAG/B,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAAC6B,UAAU,EAAE;MAC/DlC,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBuB,MAAM,EAAE,CACJ;UACI5B,SAAS,EAAE,WAAW;UACtB6B,SAAS,EAAEX,eAAe,CAACd,MAAM,CAACC;QACtC,CAAC;MAET;IACJ,CAAC,CAAC;IAEF,MAAMyB,uBAAuB,GAAGnC,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAAC6B,UAAU,EAAE;MAChElC,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBuB,MAAM,EAAE,CACJ;UACI5B,SAAS,EAAE,WAAW;UACtB+B,YAAY,EAAET,UAAU,CAAClB,MAAM,CAACC;QACpC,CAAC;MAET;IACJ,CAAC,CAAC;;IAEF;IACAV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,uCAAuC;MAC7CC,MAAM,EAAE;QACJ+B,QAAQ,EAAExB,YAAY,CAACG,MAAM,CAACC,EAAE;QAChC4B,YAAY,EAAEP,sBAAsB,CAACtB,MAAM,CAACC;MAChD;IACJ,CAAC,CAAC;IAEFV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,0CAA0C;MAChDC,MAAM,EAAE;QACJ+B,QAAQ,EAAEb,cAAc,CAACR,MAAM,CAACC,EAAE;QAClC4B,YAAY,EAAEH,uBAAuB,CAAC1B,MAAM,CAACC;MACjD;IACJ,CAAC,CAAC;IAEFV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,0CAA0C;MAChDC,MAAM,EAAE;QACJ+B,QAAQ,EAAER,cAAc,CAACb,MAAM,CAACC,EAAE;QAClC4B,YAAY,EAAEH,uBAAuB,CAAC1B,MAAM,CAACC;MACjD;IACJ,CAAC,CAAC;IAEF,MAAM6B,OAAO,GAAG;MACZC,MAAM,EAAE,CAAClC,YAAY,CAAC;MACtBmC,OAAO,EAAE,CAACxB,cAAc,EAAEK,cAAc;IAC5C,CAAC;IAED,MAAMoB,WAAW,GAAG;MAChBC,cAAc,EAAER,uBAAuB;MACvCS,aAAa,EAAEb;IACnB,CAAC;IAED/B,GAAG,CAAC6C,UAAU,CAAC;MACXC,kBAAkB,EAAEP,OAAO,CAACC,MAAM,CAACO,GAAG,CAACC,MAAM,IAAIA,MAAM,CAACvC,MAAM,CAACC,EAAE,CAAC;MAClEuC,mBAAmB,EAAEV,OAAO,CAACE,OAAO,CAACM,GAAG,CAACC,MAAM,IAAIA,MAAM,CAACvC,MAAM,CAACC,EAAE,CAAC;MACpEwC,mBAAmB,EAAE,CAACjD,GAAG,CAACQ,MAAM,CAAC0C,sBAAsB;IAC3D,CAAC,CAAC;IAEF,OAAO;MACHlD,GAAG;MACHsC,OAAO;MACPG;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","CoreVpc","exports","createAppModule","name","config","app","vpc","addResource","ec2","Vpc","cidrBlock","publicSubnet","Subnet","vpcId","output","id","tags","Name","availabilityZones","addHandler","getAvailabilityZones","state","privateSubnet1","availabilityZone","apply","zone","names","privateSubnet2","internetGateway","InternetGateway","elasticIpAllocation","Eip","natGateway","NatGateway","allocationId","subnetId","publicSubnetRouteTable","RouteTable","routes","gatewayId","privateSubnetRouteTable","natGatewayId","RouteTableAssociation","routeTableId","subnets","public","private","routeTables","privateSubnets","publicSubnets","addOutputs","vpcPublicSubnetIds","map","subNet","vpcPrivateSubnetIds","vpcSecurityGroupIds","defaultSecurityGroupId"],"sources":["CoreVpc.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiAppModule } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport type CoreVpc = PulumiAppModule<typeof CoreVpc>;\n\nexport const CoreVpc = createAppModule({\n name: \"CoreVpc\",\n config(app) {\n // Create VPC.\n const vpc = app.addResource(aws.ec2.Vpc, {\n name: \"webiny\",\n config: {\n cidrBlock: \"10.0.0.0/16\"\n }\n });\n\n // Create one public and two private subnets.\n const publicSubnet = app.addResource(aws.ec2.Subnet, {\n name: \"public\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.0.0/24\",\n tags: { Name: \"public-subnet\" }\n }\n });\n\n const availabilityZones = app.addHandler(() => {\n return aws.getAvailabilityZones({\n state: \"available\"\n });\n });\n\n const privateSubnet1 = app.addResource(aws.ec2.Subnet, {\n name: \"private-subnet-1\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.1.0/24\",\n availabilityZone: availabilityZones.apply(zone => zone.names[0]),\n tags: { Name: \"private-subnet-1\" }\n }\n });\n\n const privateSubnet2 = app.addResource(aws.ec2.Subnet, {\n name: \"private-subnet-2\",\n config: {\n vpcId: vpc.output.id,\n cidrBlock: \"10.0.2.0/24\",\n availabilityZone: availabilityZones.apply(zone => zone.names[1]),\n tags: { Name: \"private-subnet-2\" }\n }\n });\n\n // Create Internet gateway.\n const internetGateway = app.addResource(aws.ec2.InternetGateway, {\n name: \"internet-gateway\",\n config: {\n vpcId: vpc.output.id\n }\n });\n\n // Create NAT gateway.\n const elasticIpAllocation = app.addResource(aws.ec2.Eip, {\n name: \"nat-gateway-elastic-ip\",\n config: {\n vpc: true\n }\n });\n\n const natGateway = app.addResource(aws.ec2.NatGateway, {\n name: \"nat-gateway\",\n config: {\n allocationId: elasticIpAllocation.output.id,\n subnetId: publicSubnet.output.id\n }\n });\n\n // Create a route table for both subnets.\n const publicSubnetRouteTable = app.addResource(aws.ec2.RouteTable, {\n name: \"public\",\n config: {\n vpcId: vpc.output.id,\n routes: [\n {\n cidrBlock: \"0.0.0.0/0\",\n gatewayId: internetGateway.output.id\n }\n ]\n }\n });\n\n const privateSubnetRouteTable = app.addResource(aws.ec2.RouteTable, {\n name: \"private\",\n config: {\n vpcId: vpc.output.id,\n routes: [\n {\n cidrBlock: \"0.0.0.0/0\",\n natGatewayId: natGateway.output.id\n }\n ]\n }\n });\n\n // Create route table associations - links between subnets and route tables.\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"public-subnet-route-table-association\",\n config: {\n subnetId: publicSubnet.output.id,\n routeTableId: publicSubnetRouteTable.output.id\n }\n });\n\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"private-subnet-1-route-table-association\",\n config: {\n subnetId: privateSubnet1.output.id,\n routeTableId: privateSubnetRouteTable.output.id\n }\n });\n\n app.addResource(aws.ec2.RouteTableAssociation, {\n name: \"private-subnet-2-route-table-association\",\n config: {\n subnetId: privateSubnet2.output.id,\n routeTableId: privateSubnetRouteTable.output.id\n }\n });\n\n const subnets = {\n public: [publicSubnet],\n private: [privateSubnet1, privateSubnet2]\n };\n\n const routeTables = {\n privateSubnets: privateSubnetRouteTable,\n publicSubnets: publicSubnetRouteTable\n };\n\n app.addOutputs({\n vpcPublicSubnetIds: subnets.public.map(subNet => subNet.output.id),\n vpcPrivateSubnetIds: subnets.private.map(subNet => subNet.output.id),\n vpcSecurityGroupIds: [vpc.output.defaultSecurityGroupId]\n });\n\n return {\n vpc,\n subnets,\n routeTables\n };\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,OAAO,GAAAC,OAAA,CAAAD,OAAA,GAAG,IAAAE,uBAAe,EAAC;EACnCC,IAAI,EAAE,SAAS;EACfC,MAAMA,CAACC,GAAG,EAAE;IACR;IACA,MAAMC,GAAG,GAAGD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACC,GAAG,EAAE;MACrCN,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJM,SAAS,EAAE;MACf;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMC,YAAY,GAAGN,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACjDT,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBM,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAgB;MAClC;IACJ,CAAC,CAAC;IAEF,MAAMC,iBAAiB,GAAGb,GAAG,CAACc,UAAU,CAAC,MAAM;MAC3C,OAAOvB,GAAG,CAACwB,oBAAoB,CAAC;QAC5BC,KAAK,EAAE;MACX,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMC,cAAc,GAAGjB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACnDT,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBa,gBAAgB,EAAEL,iBAAiB,CAACM,KAAK,CAACC,IAAI,IAAIA,IAAI,CAACC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChEV,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAmB;MACrC;IACJ,CAAC,CAAC;IAEF,MAAMU,cAAc,GAAGtB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACI,MAAM,EAAE;MACnDT,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBL,SAAS,EAAE,aAAa;QACxBa,gBAAgB,EAAEL,iBAAiB,CAACM,KAAK,CAACC,IAAI,IAAIA,IAAI,CAACC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChEV,IAAI,EAAE;UAAEC,IAAI,EAAE;QAAmB;MACrC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMW,eAAe,GAAGvB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACqB,eAAe,EAAE;MAC7D1B,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC;MACtB;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMe,mBAAmB,GAAGzB,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACuB,GAAG,EAAE;MACrD5B,IAAI,EAAE,wBAAwB;MAC9BC,MAAM,EAAE;QACJE,GAAG,EAAE;MACT;IACJ,CAAC,CAAC;IAEF,MAAM0B,UAAU,GAAG3B,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACyB,UAAU,EAAE;MACnD9B,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ8B,YAAY,EAAEJ,mBAAmB,CAAChB,MAAM,CAACC,EAAE;QAC3CoB,QAAQ,EAAExB,YAAY,CAACG,MAAM,CAACC;MAClC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAMqB,sBAAsB,GAAG/B,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAAC6B,UAAU,EAAE;MAC/DlC,IAAI,EAAE,QAAQ;MACdC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBuB,MAAM,EAAE,CACJ;UACI5B,SAAS,EAAE,WAAW;UACtB6B,SAAS,EAAEX,eAAe,CAACd,MAAM,CAACC;QACtC,CAAC;MAET;IACJ,CAAC,CAAC;IAEF,MAAMyB,uBAAuB,GAAGnC,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAAC6B,UAAU,EAAE;MAChElC,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJS,KAAK,EAAEP,GAAG,CAACQ,MAAM,CAACC,EAAE;QACpBuB,MAAM,EAAE,CACJ;UACI5B,SAAS,EAAE,WAAW;UACtB+B,YAAY,EAAET,UAAU,CAAClB,MAAM,CAACC;QACpC,CAAC;MAET;IACJ,CAAC,CAAC;;IAEF;IACAV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,uCAAuC;MAC7CC,MAAM,EAAE;QACJ+B,QAAQ,EAAExB,YAAY,CAACG,MAAM,CAACC,EAAE;QAChC4B,YAAY,EAAEP,sBAAsB,CAACtB,MAAM,CAACC;MAChD;IACJ,CAAC,CAAC;IAEFV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,0CAA0C;MAChDC,MAAM,EAAE;QACJ+B,QAAQ,EAAEb,cAAc,CAACR,MAAM,CAACC,EAAE;QAClC4B,YAAY,EAAEH,uBAAuB,CAAC1B,MAAM,CAACC;MACjD;IACJ,CAAC,CAAC;IAEFV,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,GAAG,CAACkC,qBAAqB,EAAE;MAC3CvC,IAAI,EAAE,0CAA0C;MAChDC,MAAM,EAAE;QACJ+B,QAAQ,EAAER,cAAc,CAACb,MAAM,CAACC,EAAE;QAClC4B,YAAY,EAAEH,uBAAuB,CAAC1B,MAAM,CAACC;MACjD;IACJ,CAAC,CAAC;IAEF,MAAM6B,OAAO,GAAG;MACZC,MAAM,EAAE,CAAClC,YAAY,CAAC;MACtBmC,OAAO,EAAE,CAACxB,cAAc,EAAEK,cAAc;IAC5C,CAAC;IAED,MAAMoB,WAAW,GAAG;MAChBC,cAAc,EAAER,uBAAuB;MACvCS,aAAa,EAAEb;IACnB,CAAC;IAED/B,GAAG,CAAC6C,UAAU,CAAC;MACXC,kBAAkB,EAAEP,OAAO,CAACC,MAAM,CAACO,GAAG,CAACC,MAAM,IAAIA,MAAM,CAACvC,MAAM,CAACC,EAAE,CAAC;MAClEuC,mBAAmB,EAAEV,OAAO,CAACE,OAAO,CAACM,GAAG,CAACC,MAAM,IAAIA,MAAM,CAACvC,MAAM,CAACC,EAAE,CAAC;MACpEwC,mBAAmB,EAAE,CAACjD,GAAG,CAACQ,MAAM,CAAC0C,sBAAsB;IAC3D,CAAC,CAAC;IAEF,OAAO;MACHlD,GAAG;MACHsC,OAAO;MACPG;IACJ,CAAC;EACL;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/LogDynamo.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { PulumiAppModule } from "@webiny/pulumi";
1
+ import type { PulumiAppModule } from "@webiny/pulumi";
2
2
  export type LogDynamo = PulumiAppModule<typeof LogDynamo>;
3
3
  export declare const LogDynamo: import("@webiny/pulumi").PulumiAppModuleDefinition<import("@webiny/pulumi").PulumiAppResource<typeof import("@pulumi/aws/dynamodb/table").Table>, {
4
4
  protect: boolean;
package/apps/core/LogDynamo.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","LogDynamo","exports","createAppModule","name","config","app","params","addResource","dynamodb","Table","attributes","type","billingMode","hashKey","rangeKey","globalSecondaryIndexes","projectionType","opts","protect"],"sources":["LogDynamo.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport type LogDynamo = PulumiAppModule<typeof LogDynamo>;\n\nexport const LogDynamo = createAppModule({\n name: \"DynamoDbLog\",\n config(app: PulumiApp, params: { protect: boolean }) {\n return app.addResource(aws.dynamodb.Table, {\n name: \"webiny-log\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" },\n { name: \"GSI1_PK\", type: \"S\" },\n { name: \"GSI1_SK\", type: \"S\" },\n { name: \"GSI2_PK\", type: \"S\" },\n { name: \"GSI2_SK\", type: \"S\" },\n { name: \"GSI3_PK\", type: \"S\" },\n { name: \"GSI3_SK\", type: \"S\" },\n { name: \"GSI4_PK\", type: \"S\" },\n { name: \"GSI4_SK\", type: \"S\" },\n { name: \"GSI5_PK\", type: \"S\" },\n { name: \"GSI5_SK\", type: \"S\" }\n ],\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\",\n globalSecondaryIndexes: [\n {\n name: \"GSI1\",\n hashKey: \"GSI1_PK\",\n rangeKey: \"GSI1_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI2\",\n hashKey: \"GSI2_PK\",\n rangeKey: \"GSI2_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI3\",\n hashKey: \"GSI3_PK\",\n rangeKey: \"GSI3_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI4\",\n hashKey: \"GSI4_PK\",\n rangeKey: \"GSI4_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI5\",\n hashKey: \"GSI5_PK\",\n rangeKey: \"GSI5_SK\",\n projectionType: \"ALL\"\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,SAAS,GAAAC,OAAA,CAAAD,SAAA,GAAG,IAAAE,uBAAe,EAAC;EACrCC,IAAI,EAAE,aAAa;EACnBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,OAAOD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,QAAQ,CAACC,KAAK,EAAE;MACvCN,IAAI,EAAE,YAAY;MAClBC,MAAM,EAAE;QACJM,UAAU,EAAE,CACR;UAAEP,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,CACjC;QACDC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE,IAAI;QACdC,sBAAsB,EAAE,CACpB;UACIZ,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEZ,MAAM,CAACY;MACpB;IACJ,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","LogDynamo","exports","createAppModule","name","config","app","params","addResource","dynamodb","Table","attributes","type","billingMode","hashKey","rangeKey","globalSecondaryIndexes","projectionType","opts","protect"],"sources":["LogDynamo.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\n\nexport type LogDynamo = PulumiAppModule<typeof LogDynamo>;\n\nexport const LogDynamo = createAppModule({\n name: \"DynamoDbLog\",\n config(app: PulumiApp, params: { protect: boolean }) {\n return app.addResource(aws.dynamodb.Table, {\n name: \"webiny-log\",\n config: {\n attributes: [\n { name: \"PK\", type: \"S\" },\n { name: \"SK\", type: \"S\" },\n { name: \"GSI1_PK\", type: \"S\" },\n { name: \"GSI1_SK\", type: \"S\" },\n { name: \"GSI2_PK\", type: \"S\" },\n { name: \"GSI2_SK\", type: \"S\" },\n { name: \"GSI3_PK\", type: \"S\" },\n { name: \"GSI3_SK\", type: \"S\" },\n { name: \"GSI4_PK\", type: \"S\" },\n { name: \"GSI4_SK\", type: \"S\" },\n { name: \"GSI5_PK\", type: \"S\" },\n { name: \"GSI5_SK\", type: \"S\" }\n ],\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"PK\",\n rangeKey: \"SK\",\n globalSecondaryIndexes: [\n {\n name: \"GSI1\",\n hashKey: \"GSI1_PK\",\n rangeKey: \"GSI1_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI2\",\n hashKey: \"GSI2_PK\",\n rangeKey: \"GSI2_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI3\",\n hashKey: \"GSI3_PK\",\n rangeKey: \"GSI3_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI4\",\n hashKey: \"GSI4_PK\",\n rangeKey: \"GSI4_SK\",\n projectionType: \"ALL\"\n },\n {\n name: \"GSI5\",\n hashKey: \"GSI5_PK\",\n rangeKey: \"GSI5_SK\",\n projectionType: \"ALL\"\n }\n ]\n },\n opts: {\n protect: params.protect\n }\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAIO,MAAME,SAAS,GAAAC,OAAA,CAAAD,SAAA,GAAG,IAAAE,uBAAe,EAAC;EACrCC,IAAI,EAAE,aAAa;EACnBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,OAAOD,GAAG,CAACE,WAAW,CAACX,GAAG,CAACY,QAAQ,CAACC,KAAK,EAAE;MACvCN,IAAI,EAAE,YAAY;MAClBC,MAAM,EAAE;QACJM,UAAU,EAAE,CACR;UAAEP,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,IAAI;UAAEQ,IAAI,EAAE;QAAI,CAAC,EACzB;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,EAC9B;UAAER,IAAI,EAAE,SAAS;UAAEQ,IAAI,EAAE;QAAI,CAAC,CACjC;QACDC,WAAW,EAAE,iBAAiB;QAC9BC,OAAO,EAAE,IAAI;QACbC,QAAQ,EAAE,IAAI;QACdC,sBAAsB,EAAE,CACpB;UACIZ,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC,EACD;UACIb,IAAI,EAAE,MAAM;UACZU,OAAO,EAAE,SAAS;UAClBC,QAAQ,EAAE,SAAS;UACnBE,cAAc,EAAE;QACpB,CAAC;MAET,CAAC;MACDC,IAAI,EAAE;QACFC,OAAO,EAAEZ,MAAM,CAACY;MACpB;IACJ,CAAC,CAAC;EACN;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/WatchCommand.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_constants","pulumi","_path","_interopRequireDefault","_","WatchCommand","exports","createAppModule","name","config","app","params","roleName","role","addResource","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","vpc","getModule","CoreVpc","optional","RolePolicyAttachment","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","iotAuthorizerFunction","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","asset","AssetArchive","FileArchive","path","join","__dirname","environment","variables","WEBINY_WATCH_COMMAND_TOPIC","deploymentId","apply","vpcConfig","subnetIds","subnets","private","map","s","id","securityGroupIds","defaultSecurityGroupId","undefined","iotAuthorizer","iot","Authorizer","signingDisabled","authorizerFunctionArn","status","Permission","principal","function","sourceArn","action","addOutputs","iotAuthorizerName"],"sources":["WatchCommand.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp } from \"@webiny/pulumi\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport path from \"path\";\nimport { CoreVpc } from \"~/apps\";\n\nexport interface WatchCommandParams {\n deploymentId: pulumi.Output<string>;\n}\n\nexport const WatchCommand = createAppModule({\n name: \"WatchCommand\",\n config(app: PulumiApp, params: WatchCommandParams) {\n const roleName = \"iot-authorizer-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n const iotAuthorizerFunction = app.addResource(aws.lambda.Function, {\n name: \"watch-command-iot-authorizer\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 10,\n memorySize: 128,\n description: \"Authorizes 'webiny watch' command communication.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(path.join(__dirname, \"webinyWatchCommand\"))\n }),\n environment: {\n variables: {\n WEBINY_WATCH_COMMAND_TOPIC: params.deploymentId.apply(deploymentId => {\n return `webiny-watch-${deploymentId}`;\n })\n }\n },\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const iotAuthorizer = app.addResource(aws.iot.Authorizer, {\n name: \"watch-command-iot-authorizer\",\n config: {\n signingDisabled: true,\n authorizerFunctionArn: iotAuthorizerFunction.output.arn,\n status: \"ACTIVE\"\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"webiny-watch-iot-authorizer\",\n config: {\n principal: \"iot.amazonaws.com\",\n function: iotAuthorizerFunction.output.arn,\n sourceArn: iotAuthorizer.output.arn,\n action: \"lambda:InvokeFunction\"\n }\n });\n\n app.addOutputs({\n iotAuthorizerName: iotAuthorizer.output.name\n });\n\n return { iotAuthorizerFunction };\n }\n});\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,KAAA,GAAAC,sBAAA,CAAAL,OAAA;AACA,IAAAM,CAAA,GAAAN,OAAA;AAMO,MAAMO,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAAE,uBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAEC,MAA0B,EAAE;IAC/C,MAAMC,QAAQ,GAAG,4BAA4B;IAE7C,MAAMC,IAAI,GAAGH,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACC,IAAI,EAAE;MACvCR,IAAI,EAAEI,QAAQ;MACdH,MAAM,EAAE;QACJQ,gBAAgB,EAAE;UACdC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,MAAM,EAAE,gBAAgB;YACxBC,SAAS,EAAE;cACPC,OAAO,EAAE;YACb,CAAC;YACDC,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDC,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,GAAG,GAAGhB,GAAG,CAACiB,SAAS,CAACC,SAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;;IAEtD;IACA,IAAIH,GAAG,EAAE;MACLhB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAE,GAAGI,QAAQ,kCAAkC;QACnDH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHxB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAE,GAAGI,QAAQ,8BAA8B;QAC/CH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEA,MAAMC,qBAAqB,GAAG1B,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACC,QAAQ,EAAE;MAC/D9B,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,WAAW,EAAE,kDAAkD;QAC/DC,IAAI,EAAE,IAAI7C,MAAM,CAAC8C,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI/C,MAAM,CAAC8C,KAAK,CAACE,WAAW,CAACC,aAAI,CAACC,IAAI,CAACC,SAAS,EAAE,oBAAoB,CAAC;QAChF,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,0BAA0B,EAAE5C,MAAM,CAAC6C,YAAY,CAACC,KAAK,CAACD,YAAY,IAAI;cAClE,OAAO,gBAAgBA,YAAY,EAAE;YACzC,CAAC;UACL;QACJ,CAAC;QACDE,SAAS,EAAEhC,GAAG,GACR;UACIiC,SAAS,EAAEjC,GAAG,CAACkC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAAChC,MAAM,CAACiC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACK,MAAM,CAACmC,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAMC,aAAa,GAAG1D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyE,GAAG,CAACC,UAAU,EAAE;MACtD9D,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJ8D,eAAe,EAAE,IAAI;QACrBC,qBAAqB,EAAEpC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QACvDkC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEF/D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACqC,UAAU,EAAE;MACnClE,IAAI,EAAE,6BAA6B;MACnCC,MAAM,EAAE;QACJkE,SAAS,EAAE,mBAAmB;QAC9BC,QAAQ,EAAExC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QAC1CsC,SAAS,EAAET,aAAa,CAACrC,MAAM,CAACQ,GAAG;QACnCuC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEFpE,GAAG,CAACqE,UAAU,CAAC;MACXC,iBAAiB,EAAEZ,aAAa,CAACrC,MAAM,CAACvB;IAC5C,CAAC,CAAC;IAEF,OAAO;MAAE4B;IAAsB,CAAC;EACpC;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_constants","pulumi","_path","_interopRequireDefault","_","WatchCommand","exports","createAppModule","name","config","app","params","roleName","role","addResource","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","vpc","getModule","CoreVpc","optional","RolePolicyAttachment","output","policyArn","ManagedPolicy","AWSLambdaVPCAccessExecutionRole","AWSLambdaBasicExecutionRole","iotAuthorizerFunction","lambda","Function","arn","runtime","LAMBDA_RUNTIME","handler","timeout","memorySize","description","code","asset","AssetArchive","FileArchive","path","join","__dirname","environment","variables","WEBINY_WATCH_COMMAND_TOPIC","deploymentId","apply","vpcConfig","subnetIds","subnets","private","map","s","id","securityGroupIds","defaultSecurityGroupId","undefined","iotAuthorizer","iot","Authorizer","signingDisabled","authorizerFunctionArn","status","Permission","principal","function","sourceArn","action","addOutputs","iotAuthorizerName"],"sources":["WatchCommand.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport type { PulumiApp } from \"@webiny/pulumi\";\nimport { createAppModule } from \"@webiny/pulumi\";\nimport { LAMBDA_RUNTIME } from \"~/constants\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport path from \"path\";\nimport { CoreVpc } from \"~/apps\";\n\nexport interface WatchCommandParams {\n deploymentId: pulumi.Output<string>;\n}\n\nexport const WatchCommand = createAppModule({\n name: \"WatchCommand\",\n config(app: PulumiApp, params: WatchCommandParams) {\n const roleName = \"iot-authorizer-lambda-role\";\n\n const role = app.addResource(aws.iam.Role, {\n name: roleName,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const vpc = app.getModule(CoreVpc, { optional: true });\n\n // Only use `AWSLambdaVPCAccessExecutionRole` policy if VPC feature is enabled.\n if (vpc) {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaVPCAccessExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole\n }\n });\n } else {\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${roleName}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n }\n\n const iotAuthorizerFunction = app.addResource(aws.lambda.Function, {\n name: \"watch-command-iot-authorizer\",\n config: {\n role: role.output.arn,\n runtime: LAMBDA_RUNTIME,\n handler: \"handler.handler\",\n timeout: 10,\n memorySize: 128,\n description: \"Authorizes 'webiny watch' command communication.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(path.join(__dirname, \"webinyWatchCommand\"))\n }),\n environment: {\n variables: {\n WEBINY_WATCH_COMMAND_TOPIC: params.deploymentId.apply(deploymentId => {\n return `webiny-watch-${deploymentId}`;\n })\n }\n },\n vpcConfig: vpc\n ? {\n subnetIds: vpc.subnets.private.map(s => s.output.id),\n securityGroupIds: [vpc.vpc.output.defaultSecurityGroupId]\n }\n : undefined\n }\n });\n\n const iotAuthorizer = app.addResource(aws.iot.Authorizer, {\n name: \"watch-command-iot-authorizer\",\n config: {\n signingDisabled: true,\n authorizerFunctionArn: iotAuthorizerFunction.output.arn,\n status: \"ACTIVE\"\n }\n });\n\n app.addResource(aws.lambda.Permission, {\n name: \"webiny-watch-iot-authorizer\",\n config: {\n principal: \"iot.amazonaws.com\",\n function: iotAuthorizerFunction.output.arn,\n sourceArn: iotAuthorizer.output.arn,\n action: \"lambda:InvokeFunction\"\n }\n });\n\n app.addOutputs({\n iotAuthorizerName: iotAuthorizer.output.name\n });\n\n return { iotAuthorizerFunction };\n }\n});\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,KAAA,GAAAC,sBAAA,CAAAL,OAAA;AACA,IAAAM,CAAA,GAAAN,OAAA;AAMO,MAAMO,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAAE,uBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAEC,MAA0B,EAAE;IAC/C,MAAMC,QAAQ,GAAG,4BAA4B;IAE7C,MAAMC,IAAI,GAAGH,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACC,IAAI,EAAE;MACvCR,IAAI,EAAEI,QAAQ;MACdH,MAAM,EAAE;QACJQ,gBAAgB,EAAE;UACdC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,MAAM,EAAE,gBAAgB;YACxBC,SAAS,EAAE;cACPC,OAAO,EAAE;YACb,CAAC;YACDC,MAAM,EAAE;UACZ,CAAC;QAET;MACJ,CAAC;MACDC,IAAI,EAAE;QAAEC,oBAAoB,EAAE;MAAK;IACvC,CAAC,CAAC;IAEF,MAAMC,GAAG,GAAGhB,GAAG,CAACiB,SAAS,CAACC,SAAO,EAAE;MAAEC,QAAQ,EAAE;IAAK,CAAC,CAAC;;IAEtD;IACA,IAAIH,GAAG,EAAE;MACLhB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAE,GAAGI,QAAQ,kCAAkC;QACnDH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACC;QACrC;MACJ,CAAC,CAAC;IACN,CAAC,MAAM;MACHxB,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACmB,GAAG,CAACe,oBAAoB,EAAE;QAC1CtB,IAAI,EAAE,GAAGI,QAAQ,8BAA8B;QAC/CH,MAAM,EAAE;UACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM;UACjBC,SAAS,EAAEpC,GAAG,CAACmB,GAAG,CAACkB,aAAa,CAACE;QACrC;MACJ,CAAC,CAAC;IACN;IAEA,MAAMC,qBAAqB,GAAG1B,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACC,QAAQ,EAAE;MAC/D9B,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJI,IAAI,EAAEA,IAAI,CAACkB,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAEC,yBAAc;QACvBC,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,WAAW,EAAE,kDAAkD;QAC/DC,IAAI,EAAE,IAAI7C,MAAM,CAAC8C,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAI/C,MAAM,CAAC8C,KAAK,CAACE,WAAW,CAACC,aAAI,CAACC,IAAI,CAACC,SAAS,EAAE,oBAAoB,CAAC;QAChF,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE;YACPC,0BAA0B,EAAE5C,MAAM,CAAC6C,YAAY,CAACC,KAAK,CAACD,YAAY,IAAI;cAClE,OAAO,gBAAgBA,YAAY,EAAE;YACzC,CAAC;UACL;QACJ,CAAC;QACDE,SAAS,EAAEhC,GAAG,GACR;UACIiC,SAAS,EAAEjC,GAAG,CAACkC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,CAAC,IAAIA,CAAC,CAAChC,MAAM,CAACiC,EAAE,CAAC;UACpDC,gBAAgB,EAAE,CAACvC,GAAG,CAACA,GAAG,CAACK,MAAM,CAACmC,sBAAsB;QAC5D,CAAC,GACDC;MACV;IACJ,CAAC,CAAC;IAEF,MAAMC,aAAa,GAAG1D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyE,GAAG,CAACC,UAAU,EAAE;MACtD9D,IAAI,EAAE,8BAA8B;MACpCC,MAAM,EAAE;QACJ8D,eAAe,EAAE,IAAI;QACrBC,qBAAqB,EAAEpC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QACvDkC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEF/D,GAAG,CAACI,WAAW,CAAClB,GAAG,CAACyC,MAAM,CAACqC,UAAU,EAAE;MACnClE,IAAI,EAAE,6BAA6B;MACnCC,MAAM,EAAE;QACJkE,SAAS,EAAE,mBAAmB;QAC9BC,QAAQ,EAAExC,qBAAqB,CAACL,MAAM,CAACQ,GAAG;QAC1CsC,SAAS,EAAET,aAAa,CAACrC,MAAM,CAACQ,GAAG;QACnCuC,MAAM,EAAE;MACZ;IACJ,CAAC,CAAC;IAEFpE,GAAG,CAACqE,UAAU,CAAC;MACXC,iBAAiB,EAAEZ,aAAa,CAACrC,MAAM,CAACvB;IAC5C,CAAC,CAAC;IAEF,OAAO;MAAE4B;IAAsB,CAAC;EACpC;AACJ,CAAC,CAAC","ignoreList":[]}
package/apps/core/cognitoIdentityProviders/amazon.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import * as pulumi from "@pulumi/pulumi";
2
- import { IdentityProviderArgs } from "@pulumi/aws/cognito";
3
- import { CognitoIdentityProviderConfig } from "./configure";
1
+ import type * as pulumi from "@pulumi/pulumi";
2
+ import type { IdentityProviderArgs } from "@pulumi/aws/cognito";
3
+ import type { CognitoIdentityProviderConfig } from "./configure";
4
4
  /**
5
5
  * Amazon doesn't provide first/last name as separate attributes. Instead, it gives you a `name`.
6
6
  * To handle this, developers will need to set up a pre-authentication Lambda trigger on the user pool,
package/apps/core/cognitoIdentityProviders/amazon.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["getAmazonIdpConfig","userPoolId","config","providerName","providerType","providerDetails","idpIdentifiers","attributeMapping","username","email","given_name","family_name","exports"],"sources":["amazon.ts"],"sourcesContent":["import * as pulumi from \"@pulumi/pulumi\";\nimport { IdentityProviderArgs } from \"@pulumi/aws/cognito\";\nimport { CognitoIdentityProviderConfig } from \"./configure\";\n\n/**\n * Amazon doesn't provide first/last name as separate attributes. Instead, it gives you a `name`.\n * To handle this, developers will need to set up a pre-authentication Lambda trigger on the user pool,\n * to generate proper first/last name using custom code.\n */\nexport const getAmazonIdpConfig = (\n userPoolId: pulumi.Input<string>,\n config: CognitoIdentityProviderConfig\n): IdentityProviderArgs => {\n return {\n userPoolId,\n providerName: \"Amazon\",\n providerType: \"LoginWithAmazon\",\n providerDetails: config.providerDetails,\n idpIdentifiers: config.idpIdentifiers,\n attributeMapping: {\n \"custom:id\": \"user_id\",\n username: \"user_id\",\n email: \"email\",\n given_name: \"name\",\n family_name: \"name\",\n ...config.attributeMapping\n }\n };\n};\n"],"mappings":";;;;;;AAIA;AACA;AACA;AACA;AACA;AACO,MAAMA,kBAAkB,GAAGA,CAC9BC,UAAgC,EAChCC,MAAqC,KACd;EACvB,OAAO;IACHD,UAAU;IACVE,YAAY,EAAE,QAAQ;IACtBC,YAAY,EAAE,iBAAiB;IAC/BC,eAAe,EAAEH,MAAM,CAACG,eAAe;IACvCC,cAAc,EAAEJ,MAAM,CAACI,cAAc;IACrCC,gBAAgB,EAAE;MACd,WAAW,EAAE,SAAS;MACtBC,QAAQ,EAAE,SAAS;MACnBC,KAAK,EAAE,OAAO;MACdC,UAAU,EAAE,MAAM;MAClBC,WAAW,EAAE,MAAM;MACnB,GAAGT,MAAM,CAACK;IACd;EACJ,CAAC;AACL,CAAC;AAACK,OAAA,CAAAZ,kBAAA,GAAAA,kBAAA","ignoreList":[]}
1
+ {"version":3,"names":["getAmazonIdpConfig","userPoolId","config","providerName","providerType","providerDetails","idpIdentifiers","attributeMapping","username","email","given_name","family_name","exports"],"sources":["amazon.ts"],"sourcesContent":["import type * as pulumi from \"@pulumi/pulumi\";\nimport type { IdentityProviderArgs } from \"@pulumi/aws/cognito\";\nimport type { CognitoIdentityProviderConfig } from \"./configure\";\n\n/**\n * Amazon doesn't provide first/last name as separate attributes. Instead, it gives you a `name`.\n * To handle this, developers will need to set up a pre-authentication Lambda trigger on the user pool,\n * to generate proper first/last name using custom code.\n */\nexport const getAmazonIdpConfig = (\n userPoolId: pulumi.Input<string>,\n config: CognitoIdentityProviderConfig\n): IdentityProviderArgs => {\n return {\n userPoolId,\n providerName: \"Amazon\",\n providerType: \"LoginWithAmazon\",\n providerDetails: config.providerDetails,\n idpIdentifiers: config.idpIdentifiers,\n attributeMapping: {\n \"custom:id\": \"user_id\",\n username: \"user_id\",\n email: \"email\",\n given_name: \"name\",\n family_name: \"name\",\n ...config.attributeMapping\n }\n };\n};\n"],"mappings":";;;;;;AAIA;AACA;AACA;AACA;AACA;AACO,MAAMA,kBAAkB,GAAGA,CAC9BC,UAAgC,EAChCC,MAAqC,KACd;EACvB,OAAO;IACHD,UAAU;IACVE,YAAY,EAAE,QAAQ;IACtBC,YAAY,EAAE,iBAAiB;IAC/BC,eAAe,EAAEH,MAAM,CAACG,eAAe;IACvCC,cAAc,EAAEJ,MAAM,CAACI,cAAc;IACrCC,gBAAgB,EAAE;MACd,WAAW,EAAE,SAAS;MACtBC,QAAQ,EAAE,SAAS;MACnBC,KAAK,EAAE,OAAO;MACdC,UAAU,EAAE,MAAM;MAClBC,WAAW,EAAE,MAAM;MACnB,GAAGT,MAAM,CAACK;IACd;EACJ,CAAC;AACL,CAAC;AAACK,OAAA,CAAAZ,kBAAA,GAAAA,kBAAA","ignoreList":[]}
package/apps/core/cognitoIdentityProviders/apple.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import * as pulumi from "@pulumi/pulumi";
2
- import { IdentityProviderArgs } from "@pulumi/aws/cognito";
3
- import { CognitoIdentityProviderConfig } from "./configure";
1
+ import type * as pulumi from "@pulumi/pulumi";
2
+ import type { IdentityProviderArgs } from "@pulumi/aws/cognito";
3
+ import type { CognitoIdentityProviderConfig } from "./configure";
4
4
  export declare const getAppleIdpConfig: (userPoolId: pulumi.Input<string>, config: CognitoIdentityProviderConfig) => IdentityProviderArgs;