npm - @wraps.dev/cli - Versions diffs - 2.2.0 → 2.2.1 - Mend

@wraps.dev/cli 2.2.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cli.js +366 -366
package/dist/cli.js.map +1 -1
package/dist/console/assets/{index-C2_7RIq3.js → index-JCrXm_D5.js} +2 -2
package/dist/console/index.html +1 -1
package/dist/lambda/event-processor/.bundled +1 -1
package/dist/lambda/sms-event-processor/.bundled +1 -1
package/package.json +1 -1

package/dist/cli.js CHANGED Viewed

@@ -147,7 +147,7 @@ var require_package = __commonJS({
   "package.json"(exports, module) {
     module.exports = {
       name: "@wraps.dev/cli",
-      version: "2.2.0",
+      version: "2.2.1",
       description: "CLI for deploying Wraps email infrastructure to your AWS account",
       type: "module",
       main: "./dist/cli.js",
@@ -2382,8 +2382,8 @@ function addServiceToConnection(accountId, region, provider, service, config2, p
         config: config2,
         deployedAt: timestamp
       };
-    } else if (service === "storage") {
-      existingMetadata.services.storage = {
+    } else if (service === "cdn") {
+      existingMetadata.services.cdn = {
         preset,
         config: config2,
         deployedAt: timestamp
@@ -2412,8 +2412,8 @@ function addServiceToConnection(accountId, region, provider, service, config2, p
       config: config2,
       deployedAt: timestamp
     };
-  } else if (service === "storage") {
-    metadata.services.storage = {
+  } else if (service === "cdn") {
+    metadata.services.cdn = {
       preset,
       config: config2,
       deployedAt: timestamp
@@ -2432,9 +2432,9 @@ function updateServiceConfig(metadata, service, config2) {
       ...metadata.services.sms.config,
       ...config2
     };
-  } else if (service === "storage" && metadata.services.storage) {
-    metadata.services.storage.config = {
-      ...metadata.services.storage.config,
+  } else if (service === "cdn" && metadata.services.cdn) {
+    metadata.services.cdn.config = {
+      ...metadata.services.cdn.config,
       ...config2
     };
   } else {
@@ -2449,8 +2449,8 @@ function removeServiceFromConnection(metadata, service) {
   } else if (service === "sms") {
     const { sms, ...rest } = metadata.services;
     metadata.services = rest;
-  } else if (service === "storage") {
-    const { storage, ...rest } = metadata.services;
+  } else if (service === "cdn") {
+    const { cdn, ...rest } = metadata.services;
     metadata.services = rest;
   }
   metadata.timestamp = (/* @__PURE__ */ new Date()).toISOString();
@@ -2462,8 +2462,8 @@ function hasService(metadata, service) {
   if (service === "sms") {
     return metadata.services.sms !== void 0;
   }
-  if (service === "storage") {
-    return metadata.services.storage !== void 0;
+  if (service === "cdn") {
+    return metadata.services.cdn !== void 0;
   }
   return false;
 }
@@ -2475,8 +2475,8 @@ function getConfiguredServices(metadata) {
   if (metadata.services.sms) {
     services.push("sms");
   }
-  if (metadata.services.storage) {
-    services.push("storage");
+  if (metadata.services.cdn) {
+    services.push("cdn");
   }
   return services;
 }
@@ -15376,11 +15376,11 @@ function createSMSRouter(config2) {
   return router;
 }
-// src/console/routes/storage.ts
+// src/console/routes/cdn.ts
 init_esm_shims();
 init_metadata();
 import { Router as createRouter6 } from "express";
-function createStorageRouter(config2) {
+function createCdnRouter(config2) {
   const router = createRouter6();
   router.get("/settings", async (_req, res) => {
     try {
@@ -15388,36 +15388,36 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const storageService = metadata.services.storage;
-      const storageConfig = storageService.config;
+      const cdnService = metadata.services.cdn;
+      const cdnConfig = cdnService.config;
       const settings = {
-        bucketName: config2.storageBucketName || `wraps-storage-${config2.accountId}`,
-        bucketArn: `arn:aws:s3:::${config2.storageBucketName || `wraps-storage-${config2.accountId}`}`,
+        bucketName: config2.cdnBucketName || `wraps-cdn-${config2.accountId}`,
+        bucketArn: `arn:aws:s3:::${config2.cdnBucketName || `wraps-cdn-${config2.accountId}`}`,
         region: config2.region,
-        roleArn: config2.storageRoleArn || config2.roleArn,
+        roleArn: config2.cdnRoleArn || config2.roleArn,
         cdn: {
-          enabled: storageConfig.cdn?.enabled ?? false,
-          distributionId: config2.storageDistributionId,
-          distributionDomain: config2.storageDistributionDomain,
-          customDomain: storageConfig.cdn?.customDomain,
-          status: config2.storageDistributionId ? "Deployed" : void 0
+          enabled: cdnConfig.cdn?.enabled ?? false,
+          distributionId: config2.cdnDistributionId,
+          distributionDomain: config2.cdnDistributionDomain,
+          customDomain: cdnConfig.cdn?.customDomain,
+          status: config2.cdnDistributionId ? "Deployed" : void 0
         },
-        certificate: storageConfig.cdn?.customDomain ? {
-          arn: config2.storageCertificateArn,
-          status: config2.storageCertificateArn ? "ISSUED" : "PENDING_VALIDATION"
+        certificate: cdnConfig.cdn?.customDomain ? {
+          arn: config2.cdnCertificateArn,
+          status: config2.cdnCertificateArn ? "ISSUED" : "PENDING_VALIDATION"
         } : void 0,
-        versioning: storageConfig.versioning ?? false,
-        retention: storageConfig.retention
+        versioning: cdnConfig.versioning ?? false,
+        retention: cdnConfig.retention
       };
       res.json(settings);
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error fetching settings:", error);
+      console.error("[CDN] Error fetching settings:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15427,16 +15427,16 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { S3Client, ListObjectsV2Command, GetObjectTaggingCommand } = await import("@aws-sdk/client-s3");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const s3Client = new S3Client({ region: config2.region, credentials });
@@ -15446,7 +15446,7 @@ function createStorageRouter(config2) {
           MaxKeys: 100
         })
       );
-      const cdnUrl = config2.storageDistributionDomain ? `https://${metadata.services.storage.config.cdn?.customDomain || config2.storageDistributionDomain}` : null;
+      const cdnUrl = config2.cdnDistributionDomain ? `https://${metadata.services.cdn.config.cdn?.customDomain || config2.cdnDistributionDomain}` : null;
       const getContentType = (key) => {
         const ext = key.split(".").pop()?.toLowerCase();
         const mimeTypes = {
@@ -15509,15 +15509,15 @@ function createStorageRouter(config2) {
       res.json({
         bucketName,
         region: config2.region,
-        cdnDomain: config2.storageDistributionDomain,
-        customDomain: metadata.services.storage.config.cdn?.customDomain,
+        cdnDomain: config2.cdnDistributionDomain,
+        customDomain: metadata.services.cdn.config.cdn?.customDomain,
         files,
         totalSize,
         fileCount: files.length
       });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error fetching files:", error);
+      console.error("[CDN] Error fetching files:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15529,16 +15529,16 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { CloudWatchClient: CloudWatchClient3, GetMetricStatisticsCommand } = await import("@aws-sdk/client-cloudwatch");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const cloudWatchClient = new CloudWatchClient3({
@@ -15580,7 +15580,7 @@ function createStorageRouter(config2) {
         );
         numberOfObjects = objectsResponse.Datapoints?.[0]?.Average || 0;
       } catch (err) {
-        console.log("[Storage] CloudWatch metrics not available yet");
+        console.log("[CDN] CloudWatch metrics not available yet");
       }
       const usage = [];
       const bandwidth = [];
@@ -15616,7 +15616,7 @@ function createStorageRouter(config2) {
       });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error fetching metrics:", error);
+      console.error("[CDN] Error fetching metrics:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15630,17 +15630,17 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { S3Client, PutObjectCommand } = await import("@aws-sdk/client-s3");
       const { getSignedUrl } = await import("@aws-sdk/s3-request-presigner");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const s3Client = new S3Client({ region: config2.region, credentials });
@@ -15653,7 +15653,7 @@ function createStorageRouter(config2) {
         expiresIn: 3600
         // 1 hour
       });
-      const cdnUrl = metadata.services.storage.config.cdn?.customDomain ? `https://${metadata.services.storage.config.cdn.customDomain}/${filename}` : config2.storageDistributionDomain ? `https://${config2.storageDistributionDomain}/${filename}` : `s3://${bucketName}/${filename}`;
+      const cdnUrl = metadata.services.cdn.config.cdn?.customDomain ? `https://${metadata.services.cdn.config.cdn.customDomain}/${filename}` : config2.cdnDistributionDomain ? `https://${config2.cdnDistributionDomain}/${filename}` : `s3://${bucketName}/${filename}`;
       res.json({
         uploadUrl,
         cdnUrl,
@@ -15662,7 +15662,7 @@ function createStorageRouter(config2) {
       });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error generating upload URL:", error);
+      console.error("[CDN] Error generating upload URL:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15680,16 +15680,16 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { S3Client, GetObjectTaggingCommand, PutObjectTaggingCommand } = await import("@aws-sdk/client-s3");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const s3Client = new S3Client({ region: config2.region, credentials });
@@ -15721,7 +15721,7 @@ function createStorageRouter(config2) {
       res.json({ success: true, key, starred });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error toggling star:", error);
+      console.error("[CDN] Error toggling star:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15735,16 +15735,16 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { S3Client, DeleteObjectCommand } = await import("@aws-sdk/client-s3");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const s3Client = new S3Client({ region: config2.region, credentials });
@@ -15757,7 +15757,7 @@ function createStorageRouter(config2) {
       res.json({ success: true, key });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error deleting file:", error);
+      console.error("[CDN] Error deleting file:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15774,16 +15774,16 @@ function createStorageRouter(config2) {
         config2.accountId || "",
         config2.region
       );
-      if (!metadata?.services.storage) {
+      if (!metadata?.services.cdn) {
         return res.status(404).json({
-          error: "No storage infrastructure found for this account and region"
+          error: "No CDN infrastructure found for this account and region"
         });
       }
-      const bucketName = config2.storageBucketName || `wraps-storage-${config2.accountId}`;
+      const bucketName = config2.cdnBucketName || `wraps-cdn-${config2.accountId}`;
       const { S3Client, CopyObjectCommand, DeleteObjectCommand } = await import("@aws-sdk/client-s3");
       const { assumeRole: assumeRole2 } = await Promise.resolve().then(() => (init_assume_role(), assume_role_exports));
-      const credentials = config2.storageRoleArn || config2.roleArn ? await assumeRole2(
-        config2.storageRoleArn || config2.roleArn,
+      const credentials = config2.cdnRoleArn || config2.roleArn ? await assumeRole2(
+        config2.cdnRoleArn || config2.roleArn,
         config2.region
       ) : void 0;
       const s3Client = new S3Client({ region: config2.region, credentials });
@@ -15800,11 +15800,11 @@ function createStorageRouter(config2) {
           Key: oldKey
         })
       );
-      const cdnUrl = metadata.services.storage.config.cdn?.customDomain ? `https://${metadata.services.storage.config.cdn.customDomain}/${newKey}` : config2.storageDistributionDomain ? `https://${config2.storageDistributionDomain}/${newKey}` : `s3://${bucketName}/${newKey}`;
+      const cdnUrl = metadata.services.cdn.config.cdn?.customDomain ? `https://${metadata.services.cdn.config.cdn.customDomain}/${newKey}` : config2.cdnDistributionDomain ? `https://${config2.cdnDistributionDomain}/${newKey}` : `s3://${bucketName}/${newKey}`;
       res.json({ success: true, oldKey, newKey, cdnUrl });
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      console.error("[Storage] Error renaming file:", error);
+      console.error("[CDN] Error renaming file:", error);
       res.status(500).json({ error: errorMessage });
     }
   });
@@ -15904,7 +15904,7 @@ async function startConsoleServer(config2) {
   app.use((_req, res, next) => {
     res.setHeader("X-Frame-Options", "DENY");
     res.setHeader("X-Content-Type-Options", "nosniff");
-    const customDomainSrc = config2.storageCustomDomain ? ` https://${config2.storageCustomDomain}` : "";
+    const customDomainSrc = config2.cdnCustomDomain ? ` https://${config2.cdnCustomDomain}` : "";
     res.setHeader(
       "Content-Security-Policy",
       `default-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://*.amazonaws.com https://*.cloudfront.net${customDomainSrc}; connect-src 'self' https://*.amazonaws.com https://*.cloudfront.net${customDomainSrc}`
@@ -15938,9 +15938,9 @@ async function startConsoleServer(config2) {
   app.use("/api/user", authenticateToken(authToken), createUserRouter(config2));
   app.use("/api/sms", authenticateToken(authToken), createSMSRouter(config2));
   app.use(
-    "/api/storage",
+    "/api/cdn",
     authenticateToken(authToken),
-    createStorageRouter(config2)
+    createCdnRouter(config2)
   );
   const staticDir = path2.join(__dirname2, "console");
   app.use(express.static(staticDir));
@@ -16026,15 +16026,15 @@ async function dashboard(options) {
   const smsPhoneNumberArn = smsStackOutputs.phoneNumberArn?.value;
   const smsPhoneNumberType = smsStackOutputs.phoneNumberType?.value;
   const smsConfigSetName = smsStackOutputs.configSetName?.value;
-  const storageBucketName = storageStackOutputs.bucketName?.value;
-  const storageDistributionId = storageStackOutputs.distributionId?.value;
-  const storageDistributionDomain = storageStackOutputs.distributionDomain?.value;
-  const storageCertificateArn = storageStackOutputs.acmCertificateArn?.value;
+  const cdnBucketName = storageStackOutputs.bucketName?.value;
+  const cdnDistributionId = storageStackOutputs.distributionId?.value;
+  const cdnDistributionDomain = storageStackOutputs.distributionDomain?.value;
+  const cdnCertificateArn = storageStackOutputs.acmCertificateArn?.value;
   let smsProtectEnabled = false;
   let smsAllowedCountries;
   let smsAitFiltering;
   let smsArchiveRetention;
-  let storageCustomDomain;
+  let cdnCustomDomain;
   try {
     const metadata = await loadConnectionMetadata(identity.accountId, region);
     if (metadata?.services?.sms?.config) {
@@ -16048,8 +16048,8 @@ async function dashboard(options) {
         smsArchiveRetention = smsConfig.eventTracking.archiveRetention;
       }
     }
-    if (metadata?.services?.storage?.config?.cdn?.customDomain) {
-      storageCustomDomain = metadata.services.storage.config.cdn.customDomain;
+    if (metadata?.services?.cdn?.config?.cdn?.customDomain) {
+      cdnCustomDomain = metadata.services.cdn.config.cdn.customDomain;
     }
   } catch {
   }
@@ -16080,13 +16080,13 @@ async function dashboard(options) {
     smsAitFiltering,
     smsArchiveRetention,
     // Storage config (don't pass roleArn - use current credentials like email)
-    storageBucketName,
-    storageRoleArn: void 0,
+    cdnBucketName,
+    cdnRoleArn: void 0,
     // Use current credentials instead of assuming role
-    storageDistributionId,
-    storageDistributionDomain,
-    storageCustomDomain,
-    storageCertificateArn
+    cdnDistributionId,
+    cdnDistributionDomain,
+    cdnCustomDomain,
+    cdnCertificateArn
   });
   console.log(`\\n${pc19.bold("Dashboard:")} ${pc19.cyan(url)}`);
   console.log(`${pc19.dim("Press Ctrl+C to stop")}\\n`);
@@ -20106,7 +20106,7 @@ Run ${pc29.cyan(`wraps sms verify-number --phone-number ${phoneNumber} --resend`
   }
 }
-// src/commands/storage/destroy.ts
+// src/commands/cdn/destroy.ts
 init_esm_shims();
 init_events();
 init_route53();
@@ -20117,11 +20117,11 @@ init_metadata();
 import * as clack28 from "@clack/prompts";
 import * as pulumi20 from "@pulumi/pulumi";
 import pc30 from "picocolors";
-async function storageDestroy(options) {
+async function cdnDestroy(options) {
   const startTime = Date.now();
   clack28.intro(
     pc30.bold(
-      options.preview ? "Storage Infrastructure Destruction Preview" : "Storage Infrastructure Teardown"
+      options.preview ? "CDN Infrastructure Destruction Preview" : "CDN Infrastructure Teardown"
     )
   );
   const progress = new DeploymentProgress();
@@ -20131,16 +20131,16 @@ async function storageDestroy(options) {
   );
   let region = options.region || await getAWSRegion();
   if (!(options.region || process.env.AWS_REGION || process.env.AWS_DEFAULT_REGION)) {
-    const storageConnections = await findConnectionsWithService(
+    const cdnConnections = await findConnectionsWithService(
       identity.accountId,
-      "storage"
+      "cdn"
     );
-    if (storageConnections.length === 1) {
-      region = storageConnections[0].region;
-    } else if (storageConnections.length > 1) {
+    if (cdnConnections.length === 1) {
+      region = cdnConnections[0].region;
+    } else if (cdnConnections.length > 1) {
       const selectedRegion = await clack28.select({
-        message: "Multiple storage deployments found. Which region to destroy?",
-        options: storageConnections.map((conn) => ({
+        message: "Multiple CDN deployments found. Which region to destroy?",
+        options: cdnConnections.map((conn) => ({
           value: conn.region,
           label: conn.region
         }))
@@ -20153,17 +20153,17 @@ async function storageDestroy(options) {
     }
   }
   const metadata = await loadConnectionMetadata(identity.accountId, region);
-  const storageService = metadata?.services?.storage;
-  const storageConfig = storageService?.config;
-  const customDomain = storageConfig?.cdn?.customDomain;
-  const storedStackName = storageService?.pulumiStackName;
+  const cdnService = metadata?.services?.cdn;
+  const cdnConfig = cdnService?.config;
+  const customDomain = cdnConfig?.cdn?.customDomain;
+  const storedStackName = cdnService?.pulumiStackName;
   if (!(options.force || options.preview)) {
     clack28.log.warn(
       pc30.yellow("This will delete your S3 bucket and all files in it!")
     );
     const confirmed = await clack28.confirm({
       message: pc30.red(
-        "Are you sure you want to destroy all storage infrastructure?"
+        "Are you sure you want to destroy all CDN infrastructure?"
       ),
       initialValue: false
     });
@@ -20198,7 +20198,7 @@ async function storageDestroy(options) {
         "Generating destruction preview",
         async () => {
           await ensurePulumiWorkDir();
-          const stackName = storedStackName || `wraps-storage-${identity.accountId}-${region}`;
+          const stackName = storedStackName || `wraps-cdn-${identity.accountId}-${region}`;
           let stack;
           try {
             stack = await pulumi20.automation.LocalWorkspace.selectStack({
@@ -20206,7 +20206,7 @@ async function storageDestroy(options) {
               workDir: getPulumiWorkDir()
             });
           } catch (_error) {
-            throw new Error("No storage infrastructure found to preview");
+            throw new Error("No CDN infrastructure found to preview");
           }
           const result = await previewWithResourceChanges(stack, {
             diff: true
@@ -20218,7 +20218,7 @@ async function storageDestroy(options) {
         changeSummary: previewResult.changeSummary,
         resourceChanges: previewResult.resourceChanges,
         costEstimate: "Monthly cost after destruction: $0.00",
-        commandName: "wraps storage destroy"
+        commandName: "wraps cdn destroy"
       });
       if (customDomain) {
         const previewHostedZone = await findHostedZone(customDomain, region);
@@ -20231,7 +20231,7 @@ async function storageDestroy(options) {
       clack28.outro(
         pc30.green("Preview complete. Run without --preview to destroy.")
       );
-      trackServiceRemoved("storage", {
+      trackServiceRemoved("cdn", {
         preview: true,
         region,
         duration_ms: Date.now() - startTime
@@ -20239,8 +20239,8 @@ async function storageDestroy(options) {
       return;
     } catch (error) {
       progress.stop();
-      if (error.message.includes("No storage infrastructure found")) {
-        clack28.log.warn("No storage infrastructure found to preview");
+      if (error.message.includes("No CDN infrastructure found")) {
+        clack28.log.warn("No CDN infrastructure found to preview");
         process.exit(0);
       }
       trackError("PREVIEW_FAILED", "storage destroy", { step: "preview" });
@@ -20252,7 +20252,7 @@ async function storageDestroy(options) {
       await progress.execute(
         `Deleting DNS records for ${customDomain}`,
         async () => {
-          await deleteStorageDNSRecords(hostedZone.id, customDomain);
+          await deleteCdnDNSRecords(hostedZone.id, customDomain);
         }
       );
     } catch (error) {
@@ -20260,7 +20260,7 @@ async function storageDestroy(options) {
       clack28.log.info("You may need to delete them manually from Route53");
     }
   }
-  const bucketName = `wraps-storage-${identity.accountId}`;
+  const bucketName = `wraps-cdn-${identity.accountId}`;
   try {
     await progress.execute(
       "Emptying S3 bucket (this may take a while for large buckets)",
@@ -20273,10 +20273,10 @@ async function storageDestroy(options) {
   }
   try {
     await progress.execute(
-      "Destroying storage infrastructure (this may take 2-3 minutes)",
+      "Destroying CDN infrastructure (this may take 2-3 minutes)",
       async () => {
         await ensurePulumiWorkDir();
-        const stackName = storedStackName || `wraps-storage-${identity.accountId}-${region}`;
+        const stackName = storedStackName || `wraps-cdn-${identity.accountId}-${region}`;
         let stack;
         try {
           stack = await pulumi20.automation.LocalWorkspace.selectStack({
@@ -20284,7 +20284,7 @@ async function storageDestroy(options) {
             workDir: getPulumiWorkDir()
           });
         } catch (_error) {
-          throw new Error("No storage infrastructure found to destroy");
+          throw new Error("No CDN infrastructure found to destroy");
         }
         await stack.destroy({ onOutput: () => {
         } });
@@ -20293,10 +20293,10 @@ async function storageDestroy(options) {
     );
   } catch (error) {
     progress.stop();
-    if (error.message.includes("No storage infrastructure found")) {
-      clack28.log.warn("No storage infrastructure found");
+    if (error.message.includes("No CDN infrastructure found")) {
+      clack28.log.warn("No CDN infrastructure found");
       if (metadata) {
-        removeServiceFromConnection(metadata, "storage");
+        removeServiceFromConnection(metadata, "cdn");
         await saveConnectionMetadata(metadata);
       }
       process.exit(0);
@@ -20306,11 +20306,11 @@ async function storageDestroy(options) {
       throw errors.stackLocked();
     }
     trackError("DESTROY_FAILED", "storage destroy", { step: "destroy" });
-    clack28.log.error("Storage infrastructure destruction failed");
+    clack28.log.error("CDN infrastructure destruction failed");
     throw error;
   }
   if (metadata) {
-    removeServiceFromConnection(metadata, "storage");
+    removeServiceFromConnection(metadata, "cdn");
     const hasOtherServices = Object.keys(metadata.services).length > 0;
     if (hasOtherServices) {
       await saveConnectionMetadata(metadata);
@@ -20324,7 +20324,7 @@ async function storageDestroy(options) {
   if (shouldCleanDNS && hostedZone) {
     deletedItems.push("Route53 DNS records");
   }
-  clack28.outro(pc30.green("Storage infrastructure has been removed"));
+  clack28.outro(pc30.green("CDN infrastructure has been removed"));
   console.log(`
 ${pc30.bold("Cleaned up:")}`);
   for (const item of deletedItems) {
@@ -20332,10 +20332,10 @@ ${pc30.bold("Cleaned up:")}`);
   }
   console.log(
     `
-Run ${pc30.cyan("wraps storage init")} to deploy storage infrastructure again.
+Run ${pc30.cyan("wraps cdn init")} to deploy CDN infrastructure again.
 `
   );
-  trackServiceRemoved("storage", {
+  trackServiceRemoved("cdn", {
     reason: "user_initiated",
     region,
     duration_ms: Date.now() - startTime,
@@ -20374,7 +20374,7 @@ async function emptyS3Bucket(bucketName, region) {
     versionIdMarker = listResponse.NextVersionIdMarker;
   } while (keyMarker);
 }
-async function deleteStorageDNSRecords(hostedZoneId, customDomain) {
+async function deleteCdnDNSRecords(hostedZoneId, customDomain) {
   const {
     Route53Client: Route53Client2,
     ListResourceRecordSetsCommand: ListResourceRecordSetsCommand2,
@@ -20407,18 +20407,18 @@ async function deleteStorageDNSRecords(hostedZoneId, customDomain) {
   );
 }
-// src/commands/storage/init.ts
+// src/commands/cdn/init.ts
 init_esm_shims();
 import * as clack29 from "@clack/prompts";
 import * as pulumi23 from "@pulumi/pulumi";
 import pc31 from "picocolors";
-// src/infrastructure/storage-stack.ts
+// src/infrastructure/cdn-stack.ts
 init_esm_shims();
 import * as aws14 from "@pulumi/aws";
 import * as pulumi22 from "@pulumi/pulumi";
-// src/infrastructure/resources/s3-storage.ts
+// src/infrastructure/resources/s3-cdn.ts
 init_esm_shims();
 import * as aws13 from "@pulumi/aws";
 import * as pulumi21 from "@pulumi/pulumi";
@@ -20440,17 +20440,17 @@ function retentionToDays(retention) {
       return null;
   }
 }
-async function createStorageBucket(config2) {
-  const bucketName = config2.storageConfig.bucketName || `wraps-storage-${config2.accountId}`;
-  const bucket = new aws13.s3.BucketV2("wraps-storage-bucket", {
+async function createCdnBucket(config2) {
+  const bucketName = config2.cdnConfig.bucketName || `wraps-cdn-${config2.accountId}`;
+  const bucket = new aws13.s3.BucketV2("wraps-cdn-bucket", {
     bucket: bucketName,
     tags: {
       ManagedBy: "wraps-cli",
-      Service: "storage"
+      Service: "cdn"
     }
   });
-  if (config2.storageConfig.versioning) {
-    new aws13.s3.BucketVersioningV2("wraps-storage-versioning", {
+  if (config2.cdnConfig.versioning) {
+    new aws13.s3.BucketVersioningV2("wraps-cdn-versioning", {
       bucket: bucket.id,
       versioningConfiguration: {
         status: "Enabled"
@@ -20458,7 +20458,7 @@ async function createStorageBucket(config2) {
     });
   }
   new aws13.s3.BucketServerSideEncryptionConfigurationV2(
-    "wraps-storage-encryption",
+    "wraps-cdn-encryption",
     {
       bucket: bucket.id,
       rules: [
@@ -20481,9 +20481,9 @@ async function createStorageBucket(config2) {
     "http://localhost:5555",
     "http://localhost:5556",
     "http://localhost:8080",
-    ...config2.storageConfig.additionalOrigins || []
+    ...config2.cdnConfig.additionalOrigins || []
   ];
-  new aws13.s3.BucketCorsConfigurationV2("wraps-storage-cors", {
+  new aws13.s3.BucketCorsConfigurationV2("wraps-cdn-cors", {
     bucket: bucket.id,
     corsRules: [
       {
@@ -20495,9 +20495,9 @@ async function createStorageBucket(config2) {
       }
     ]
   });
-  const retentionDays = config2.storageConfig.retention ? retentionToDays(config2.storageConfig.retention) : null;
+  const retentionDays = config2.cdnConfig.retention ? retentionToDays(config2.cdnConfig.retention) : null;
   if (retentionDays) {
-    new aws13.s3.BucketLifecycleConfigurationV2("wraps-storage-lifecycle", {
+    new aws13.s3.BucketLifecycleConfigurationV2("wraps-cdn-lifecycle", {
       bucket: bucket.id,
       rules: [
         {
@@ -20510,7 +20510,7 @@ async function createStorageBucket(config2) {
       ]
     });
   }
-  new aws13.s3.BucketPublicAccessBlock("wraps-storage-public-access", {
+  new aws13.s3.BucketPublicAccessBlock("wraps-cdn-public-access", {
     bucket: bucket.id,
     blockPublicAcls: true,
     blockPublicPolicy: true,
@@ -20523,16 +20523,16 @@ async function createStorageBucket(config2) {
     bucketArn: bucket.arn
   };
 }
-async function createStorageWAF() {
+async function createCdnWAF() {
   const usEast1Provider = new aws13.Provider("storage-waf-us-east-1", {
     region: "us-east-1"
   });
   const webAcl = new aws13.wafv2.WebAcl(
-    "wraps-storage-waf",
+    "wraps-cdn-waf",
     {
       scope: "CLOUDFRONT",
       // WAF for CloudFront must use CLOUDFRONT scope
-      description: "Rate limiting protection for Wraps storage CDN",
+      description: "Rate limiting protection for Wraps CDN",
       defaultAction: {
         allow: {}
         // Allow by default
@@ -20555,20 +20555,20 @@ async function createStorageWAF() {
           visibilityConfig: {
             sampledRequestsEnabled: true,
             cloudwatchMetricsEnabled: true,
-            metricName: "StorageRateLimitRule"
+            metricName: "CdnRateLimitRule"
           }
         }
       ],
       visibilityConfig: {
         sampledRequestsEnabled: true,
         cloudwatchMetricsEnabled: true,
-        metricName: "wraps-storage-waf"
+        metricName: "wraps-cdn-waf"
       },
       tags: {
-        Name: "wraps-storage-waf",
+        Name: "wraps-cdn-waf",
         ManagedBy: "wraps-cli",
-        Service: "storage",
-        Description: "WAF for Wraps storage CDN with rate limiting"
+        Service: "cdn",
+        Description: "WAF for Wraps CDN with rate limiting"
       }
     },
     {
@@ -20577,11 +20577,11 @@ async function createStorageWAF() {
   );
   return webAcl;
 }
-async function createStorageCDN(config2) {
-  const webAcl = config2.wafEnabled ? await createStorageWAF() : void 0;
-  const oac = new aws13.cloudfront.OriginAccessControl("wraps-storage-oac", {
-    name: "wraps-storage-oac",
-    description: "OAC for Wraps storage S3 bucket",
+async function createCdnDistribution(config2) {
+  const webAcl = config2.wafEnabled ? await createCdnWAF() : void 0;
+  const oac = new aws13.cloudfront.OriginAccessControl("wraps-cdn-oac", {
+    name: "wraps-cdn-oac",
+    description: "OAC for Wraps CDN S3 bucket",
     originAccessControlOriginType: "s3",
     signingBehavior: "always",
     signingProtocol: "sigv4"
@@ -20596,7 +20596,7 @@ async function createStorageCDN(config2) {
   };
   const originConfig = {
     domainName: config2.bucket.bucketRegionalDomainName,
-    originId: "s3-storage",
+    originId: "s3-cdn",
     originAccessControlId: oac.id
   };
   if (config2.originShield) {
@@ -20614,9 +20614,9 @@ async function createStorageCDN(config2) {
   } : {
     restrictionType: "none"
   };
-  const distribution = new aws13.cloudfront.Distribution("wraps-storage-cdn", {
+  const distribution = new aws13.cloudfront.Distribution("wraps-cdn-cdn", {
     enabled: true,
-    comment: "Wraps storage CDN",
+    comment: "Wraps CDN",
     aliases,
     // Attach WAF Web ACL for rate limiting protection (only if enabled)
     webAclId: webAcl?.arn,
@@ -20624,7 +20624,7 @@ async function createStorageCDN(config2) {
     origins: [originConfig],
     // Default cache behavior for static assets
     defaultCacheBehavior: {
-      targetOriginId: "s3-storage",
+      targetOriginId: "s3-cdn",
       viewerProtocolPolicy: "redirect-to-https",
       // Allow GET, HEAD, OPTIONS only (uploads go direct to S3 via presigned URLs)
       allowedMethods: ["GET", "HEAD", "OPTIONS"],
@@ -20652,12 +20652,12 @@ async function createStorageCDN(config2) {
     // SSL certificate
     viewerCertificate,
     tags: {
-      Name: "wraps-storage",
+      Name: "wraps-cdn",
       ManagedBy: "wraps-cli",
-      Service: "storage"
+      Service: "cdn"
     }
   });
-  new aws13.s3.BucketPolicy("wraps-storage-bucket-policy", {
+  new aws13.s3.BucketPolicy("wraps-cdn-bucket-policy", {
     bucket: config2.bucket.id,
     policy: pulumi21.interpolate`{
       "Version": "2012-10-17",
@@ -20685,19 +20685,19 @@ async function createStorageCDN(config2) {
     webAcl
   };
 }
-async function createStorageACMCertificate(config2) {
+async function createCdnACMCertificate(config2) {
   const usEast1Provider = new aws13.Provider("storage-acm-us-east-1", {
     region: "us-east-1"
   });
   const certificate = new aws13.acm.Certificate(
-    "wraps-storage-cert",
+    "wraps-cdn-cert",
     {
       domainName: config2.domain,
       validationMethod: "DNS",
       tags: {
         ManagedBy: "wraps-cli",
-        Service: "storage",
-        Description: "SSL certificate for Wraps storage CDN domain"
+        Service: "cdn",
+        Description: "SSL certificate for Wraps CDN domain"
       }
     },
     {
@@ -20714,7 +20714,7 @@ async function createStorageACMCertificate(config2) {
   let certificateValidation;
   if (config2.hostedZoneId) {
     const validationRecord = new aws13.route53.Record(
-      "wraps-storage-cert-validation",
+      "wraps-cdn-cert-validation",
       {
         zoneId: config2.hostedZoneId,
         name: certificate.domainValidationOptions[0].resourceRecordName,
@@ -20724,7 +20724,7 @@ async function createStorageACMCertificate(config2) {
       }
     );
     certificateValidation = new aws13.acm.CertificateValidation(
-      "wraps-storage-cert-validation-waiter",
+      "wraps-cdn-cert-validation-waiter",
       {
         certificateArn: certificate.arn,
         validationRecordFqdns: [validationRecord.fqdn]
@@ -20741,7 +20741,7 @@ async function createStorageACMCertificate(config2) {
   };
 }
-// src/infrastructure/storage-stack.ts
+// src/infrastructure/cdn-stack.ts
 async function roleExists3(roleName) {
   try {
     const { IAMClient: IAMClient3, GetRoleCommand: GetRoleCommand2 } = await import("@aws-sdk/client-iam");
@@ -20758,7 +20758,7 @@ async function roleExists3(roleName) {
     return false;
   }
 }
-async function createStorageIAMRole(config2) {
+async function createCdnIAMRole(config2) {
   let assumeRolePolicy;
   if (config2.provider === "vercel" && config2.oidcProvider) {
     assumeRolePolicy = pulumi22.interpolate`{
@@ -20793,7 +20793,7 @@ async function createStorageIAMRole(config2) {
   } else {
     throw new Error("Other providers not yet implemented");
   }
-  const roleName = "wraps-storage-role";
+  const roleName = "wraps-cdn-role";
   const exists = await roleExists3(roleName);
   const role = exists ? new aws14.iam.Role(
     roleName,
@@ -20802,7 +20802,7 @@ async function createStorageIAMRole(config2) {
       assumeRolePolicy,
       tags: {
         ManagedBy: "wraps-cli",
-        Service: "storage",
+        Service: "cdn",
         Provider: config2.provider
       }
     },
@@ -20814,7 +20814,7 @@ async function createStorageIAMRole(config2) {
     assumeRolePolicy,
     tags: {
       ManagedBy: "wraps-cli",
-      Service: "storage",
+      Service: "cdn",
       Provider: config2.provider
     }
   });
@@ -20847,7 +20847,7 @@ async function createStorageIAMRole(config2) {
       Resource: config2.distributionArn
     });
   }
-  new aws14.iam.RolePolicy("wraps-storage-policy", {
+  new aws14.iam.RolePolicy("wraps-cdn-policy", {
     role: role.name,
     policy: pulumi22.all([statements]).apply(
       ([stmts]) => JSON.stringify({
@@ -20858,7 +20858,7 @@ async function createStorageIAMRole(config2) {
   });
   return role;
 }
-async function deployStorageStack(config2) {
+async function deployCdnStack(config2) {
   const accountId = config2.accountId;
   let oidcProvider;
   if (config2.provider === "vercel" && config2.vercel) {
@@ -20867,42 +20867,42 @@ async function deployStorageStack(config2) {
       accountId
     });
   }
-  const bucketResources = await createStorageBucket({
+  const bucketResources = await createCdnBucket({
     accountId,
     region: config2.region,
-    storageConfig: config2.storageConfig
+    cdnConfig: config2.cdnConfig
   });
   let acmResources;
   let hostedZone = null;
-  if (config2.storageConfig.cdn.customDomain) {
-    const domainParts = config2.storageConfig.cdn.customDomain.split(".");
-    const rootDomain = domainParts.length > 2 ? domainParts.slice(-2).join(".") : config2.storageConfig.cdn.customDomain;
+  if (config2.cdnConfig.cdn.customDomain) {
+    const domainParts = config2.cdnConfig.cdn.customDomain.split(".");
+    const rootDomain = domainParts.length > 2 ? domainParts.slice(-2).join(".") : config2.cdnConfig.cdn.customDomain;
     const { findHostedZone: findHostedZone2 } = await Promise.resolve().then(() => (init_route53(), route53_exports));
     hostedZone = await findHostedZone2(rootDomain, config2.region);
-    acmResources = await createStorageACMCertificate({
-      domain: config2.storageConfig.cdn.customDomain,
+    acmResources = await createCdnACMCertificate({
+      domain: config2.cdnConfig.cdn.customDomain,
       hostedZoneId: hostedZone?.id
     });
   }
   let cdnResources;
-  if (config2.storageConfig.cdn.enabled) {
+  if (config2.cdnConfig.cdn.enabled) {
     const hasAutoValidation2 = acmResources?.certificateValidation;
     const useCertFromUpgrade = config2.certValidated && config2.existingCertArn;
     const certificateArn = useCertFromUpgrade ? pulumi22.output(config2.existingCertArn) : hasAutoValidation2 ? acmResources?.certificateValidation?.certificateArn : void 0;
-    const customDomainForCdn = useCertFromUpgrade || hasAutoValidation2 ? config2.storageConfig.cdn.customDomain : void 0;
-    cdnResources = await createStorageCDN({
+    const customDomainForCdn = useCertFromUpgrade || hasAutoValidation2 ? config2.cdnConfig.cdn.customDomain : void 0;
+    cdnResources = await createCdnDistribution({
       bucket: bucketResources.bucket,
       bucketRegion: config2.region,
       // For Origin Shield
       customDomain: customDomainForCdn,
       certificateArn,
-      priceClass: config2.storageConfig.cdn.priceClass,
-      originShield: config2.storageConfig.cdn.originShield,
-      geoRestriction: config2.storageConfig.cdn.geoRestriction,
-      wafEnabled: config2.storageConfig.cdn.wafEnabled
+      priceClass: config2.cdnConfig.cdn.priceClass,
+      originShield: config2.cdnConfig.cdn.originShield,
+      geoRestriction: config2.cdnConfig.cdn.geoRestriction,
+      wafEnabled: config2.cdnConfig.cdn.wafEnabled
     });
   }
-  const role = await createStorageIAMRole({
+  const role = await createCdnIAMRole({
     provider: config2.provider,
     oidcProvider,
     vercelTeamSlug: config2.vercel?.teamSlug,
@@ -20912,8 +20912,8 @@ async function deployStorageStack(config2) {
   });
   const hasAutoValidation = acmResources?.certificateValidation;
   const hasCertFromUpgrade = config2.certValidated && config2.existingCertArn;
-  const customDomainActive = config2.storageConfig.cdn.customDomain && (hasAutoValidation || hasCertFromUpgrade);
-  const customDomainPending = config2.storageConfig.cdn.customDomain && !hasAutoValidation && !hasCertFromUpgrade;
+  const customDomainActive = config2.cdnConfig.cdn.customDomain && (hasAutoValidation || hasCertFromUpgrade);
+  const customDomainPending = config2.cdnConfig.cdn.customDomain && !hasAutoValidation && !hasCertFromUpgrade;
   return {
     roleArn: role.arn,
     bucketName: bucketResources.bucketName,
@@ -20922,17 +20922,17 @@ async function deployStorageStack(config2) {
     distributionId: cdnResources?.distributionId,
     distributionDomain: cdnResources?.domainName,
     // Report custom domain if it's actually configured on CloudFront (auto or manual validation)
-    customDomain: customDomainActive ? config2.storageConfig.cdn.customDomain : void 0,
+    customDomain: customDomainActive ? config2.cdnConfig.cdn.customDomain : void 0,
     // Report pending custom domain that needs manual cert validation
-    customDomainPending: customDomainPending ? config2.storageConfig.cdn.customDomain : void 0,
+    customDomainPending: customDomainPending ? config2.cdnConfig.cdn.customDomain : void 0,
     acmCertificateArn: acmResources?.certificate.arn,
     acmCertificateValidationRecords: acmResources?.validationRecords,
-    versioning: config2.storageConfig.versioning ?? false,
-    retention: config2.storageConfig.retention
+    versioning: config2.cdnConfig.versioning ?? false,
+    retention: config2.cdnConfig.retention
   };
 }
-// src/commands/storage/init.ts
+// src/commands/cdn/init.ts
 init_events();
 init_aws();
 init_errors();
@@ -20940,7 +20940,7 @@ init_fs();
 init_metadata();
 init_prompts();
-// src/utils/storage/costs.ts
+// src/utils/cdn/costs.ts
 init_esm_shims();
 var PRICING = {
   // S3 Storage (per GB/month)
@@ -21026,7 +21026,7 @@ function getCostSummary2(config2, estimatedStorageGB = 10, estimatedBandwidthGB
   return lines.join("\n");
 }
-// src/utils/storage/presets.ts
+// src/utils/cdn/presets.ts
 init_esm_shims();
 var STARTER_PRESET2 = {
   cdn: {
@@ -21141,13 +21141,13 @@ function validateConfig2(config2) {
   return warnings;
 }
-// src/commands/storage/init.ts
-async function promptStoragePreset() {
+// src/commands/cdn/init.ts
+async function promptCdnPreset() {
   const starterInfo = getPresetInfo2("starter");
   const productionInfo = getPresetInfo2("production");
   const customInfo = getPresetInfo2("custom");
   const result = await clack29.select({
-    message: "Select a storage configuration preset:",
+    message: "Select a CDN configuration preset:",
     options: [
       {
         value: "production",
@@ -21172,7 +21172,7 @@ async function promptStoragePreset() {
   }
   return result;
 }
-async function promptCustomStorageConfig() {
+async function promptCustomCdnConfig() {
   const cdnEnabled = await clack29.confirm({
     message: "Enable CloudFront CDN for fast global delivery?",
     initialValue: true
@@ -21367,7 +21367,7 @@ async function init3(options) {
   const startTime = Date.now();
   clack29.intro(
     pc31.bold(
-      options.preview ? "Wraps Storage Infrastructure Preview" : "Wraps Storage Infrastructure Setup"
+      options.preview ? "Wraps CDN Infrastructure Preview" : "Wraps CDN Infrastructure Setup"
     )
   );
   const progress = new DeploymentProgress();
@@ -21400,45 +21400,45 @@ async function init3(options) {
     identity.accountId,
     region
   );
-  if (existingConnection && hasService(existingConnection, "storage")) {
+  if (existingConnection && hasService(existingConnection, "cdn")) {
     clack29.log.warn(
-      `Storage service already exists for account ${pc31.cyan(identity.accountId)} in region ${pc31.cyan(region)}`
+      `CDN service already exists for account ${pc31.cyan(identity.accountId)} in region ${pc31.cyan(region)}`
     );
     clack29.log.info(
-      `Created: ${existingConnection.services.storage?.deployedAt}`
+      `Created: ${existingConnection.services.cdn?.deployedAt}`
     );
     clack29.log.info(
-      `Use ${pc31.cyan("wraps storage status")} to view current setup`
+      `Use ${pc31.cyan("wraps cdn status")} to view current setup`
     );
     process.exit(0);
   }
   let preset = options.preset;
   if (!preset) {
-    preset = await promptStoragePreset();
+    preset = await promptCdnPreset();
   }
-  let storageConfig;
+  let cdnConfig;
   if (preset === "custom") {
-    storageConfig = await promptCustomStorageConfig();
+    cdnConfig = await promptCustomCdnConfig();
   } else {
-    storageConfig = getPreset2(preset);
+    cdnConfig = getPreset2(preset);
   }
   let customDomain = options.domain;
-  if (!customDomain && storageConfig.cdn.enabled) {
+  if (!customDomain && cdnConfig.cdn.enabled) {
     customDomain = await promptCustomDomain();
   }
   if (customDomain) {
-    storageConfig.cdn.customDomain = customDomain;
+    cdnConfig.cdn.customDomain = customDomain;
   }
   const estimatedUsage = await promptEstimatedUsage();
   progress.info(`
 ${pc31.bold("Cost Estimate:")}`);
   const costSummary = getCostSummary2(
-    storageConfig,
+    cdnConfig,
     estimatedUsage.storageGB,
     estimatedUsage.bandwidthGB
   );
   clack29.log.info(costSummary);
-  const warnings = validateConfig2(storageConfig);
+  const warnings = validateConfig2(cdnConfig);
   if (warnings.length > 0) {
     progress.info(`
 ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
@@ -21450,8 +21450,8 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
     identity.accountId,
     region,
     provider,
-    "storage",
-    storageConfig,
+    "cdn",
+    cdnConfig,
     preset === "custom" ? void 0 : preset,
     existingConnection || void 0
   );
@@ -21470,7 +21470,7 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
     region,
     accountId: identity.accountId,
     vercel: vercelConfig,
-    storageConfig
+    cdnConfig
   };
   if (options.preview) {
     try {
@@ -21480,10 +21480,10 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
           await ensurePulumiWorkDir();
           const stack = await pulumi23.automation.LocalWorkspace.createOrSelectStack(
             {
-              stackName: `wraps-storage-${identity.accountId}-${region}`,
-              projectName: "wraps-storage",
+              stackName: `wraps-cdn-${identity.accountId}-${region}`,
+              projectName: "wraps-cdn",
               program: async () => {
-                const result2 = await deployStorageStack(stackConfig);
+                const result2 = await deployCdnStack(stackConfig);
                 return {
                   roleArn: result2.roleArn,
                   bucketName: result2.bucketName,
@@ -21515,12 +21515,12 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
         changeSummary: previewResult.changeSummary,
         resourceChanges: previewResult.resourceChanges,
         costEstimate: costSummary,
-        commandName: "wraps storage init"
+        commandName: "wraps cdn init"
       });
       clack29.outro(
         pc31.green("Preview complete. Run without --preview to deploy.")
       );
-      trackServiceInit("storage", true, {
+      trackServiceInit("cdn", true, {
         preset,
         provider,
         region,
@@ -21539,15 +21539,15 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
   let outputs;
   try {
     outputs = await progress.execute(
-      "Deploying storage infrastructure (this may take 2-3 minutes)",
+      "Deploying CDN infrastructure (this may take 2-3 minutes)",
       async () => {
         await ensurePulumiWorkDir();
         const stack = await pulumi23.automation.LocalWorkspace.createOrSelectStack(
           {
-            stackName: `wraps-storage-${identity.accountId}-${region}`,
-            projectName: "wraps-storage",
+            stackName: `wraps-cdn-${identity.accountId}-${region}`,
+            projectName: "wraps-cdn",
             program: async () => {
-              const result = await deployStorageStack(stackConfig);
+              const result = await deployCdnStack(stackConfig);
               return {
                 roleArn: result.roleArn,
                 bucketName: result.bucketName,
@@ -21574,7 +21574,7 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
           }
         );
         await stack.workspace.selectStack(
-          `wraps-storage-${identity.accountId}-${region}`
+          `wraps-cdn-${identity.accountId}-${region}`
         );
         await stack.setConfig("aws:region", { value: region });
         const upResult = await stack.up({ onOutput: () => {
@@ -21597,7 +21597,7 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
       }
     );
   } catch (error) {
-    trackServiceInit("storage", false, {
+    trackServiceInit("cdn", false, {
       preset,
       provider,
       region,
@@ -21610,8 +21610,8 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
     trackError("DEPLOYMENT_FAILED", "storage:init", { step: "deploy" });
     throw new Error(`Pulumi deployment failed: ${error.message}`);
   }
-  if (metadata.services.storage) {
-    metadata.services.storage.pulumiStackName = `wraps-storage-${identity.accountId}-${region}`;
+  if (metadata.services.cdn) {
+    metadata.services.cdn.pulumiStackName = `wraps-cdn-${identity.accountId}-${region}`;
   }
   await saveConnectionMetadata(metadata);
   progress.info("Connection metadata saved");
@@ -21649,12 +21649,12 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
           );
           const dnsRecords = [];
           const existingValue = existingCname?.ResourceRecords?.[0]?.Value || null;
-          let cdnStatus = "new";
+          let cdnStatus2 = "new";
           let cdnConflictReason;
           if (existingValue === outputs.distributionDomain) {
-            cdnStatus = "no_change";
+            cdnStatus2 = "no_change";
           } else if (existingValue) {
-            cdnStatus = "conflict";
+            cdnStatus2 = "conflict";
             cdnConflictReason = `Currently points to ${existingValue}`;
           }
           dnsRecords.push({
@@ -21662,7 +21662,7 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
             type: "CNAME",
             proposedValue: outputs.distributionDomain,
             existingValue,
-            status: cdnStatus,
+            status: cdnStatus2,
             conflictReason: cdnConflictReason
           });
           console.log();
@@ -21742,7 +21742,7 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
       }
     }
   }
-  displayStorageSuccess({
+  displayCdnSuccess({
     bucketName: outputs.bucketName,
     region: outputs.region,
     distributionDomain: outputs.distributionDomain,
@@ -21757,31 +21757,31 @@ ${pc31.yellow(pc31.bold("Configuration Notes:"))}`);
   });
   const duration = Date.now() - startTime;
   const enabledFeatures = [];
-  if (storageConfig.cdn.enabled) {
+  if (cdnConfig.cdn.enabled) {
     enabledFeatures.push("cdn");
   }
-  if (storageConfig.cdn.customDomain) {
+  if (cdnConfig.cdn.customDomain) {
     enabledFeatures.push("custom_domain");
   }
-  if (storageConfig.versioning) {
+  if (cdnConfig.versioning) {
     enabledFeatures.push("versioning");
   }
-  trackServiceInit("storage", true, {
+  trackServiceInit("cdn", true, {
     preset,
     provider,
     region,
     features: enabledFeatures,
     duration_ms: duration
   });
-  trackServiceDeployed("storage", {
+  trackServiceDeployed("cdn", {
     duration_ms: duration,
     region,
     features: enabledFeatures,
     preset
   });
 }
-function displayStorageSuccess(options) {
-  clack29.log.success(pc31.green(pc31.bold("Storage infrastructure deployed!")));
+function displayCdnSuccess(options) {
+  clack29.log.success(pc31.green(pc31.bold("CDN infrastructure deployed!")));
   clack29.log.info(`
 ${pc31.bold("Infrastructure:")}`);
   clack29.log.info(`  S3 Bucket: ${pc31.cyan(options.bucketName)}`);
@@ -21821,7 +21821,7 @@ ${pc31.yellow(pc31.bold("DNS Records Required:"))}`);
 `);
     }
     clack29.log.warn(
-      "Custom domain requires manual setup:\n  1. Add the SSL certificate validation DNS record above\n  2. Wait for certificate to be validated (check AWS ACM console)\n  3. Run 'wraps storage upgrade' to add custom domain to CloudFront\n  4. Add the CDN CNAME record to point your domain to CloudFront"
+      "Custom domain requires manual setup:\n  1. Add the SSL certificate validation DNS record above\n  2. Wait for certificate to be validated (check AWS ACM console)\n  3. Run 'wraps cdn upgrade' to add custom domain to CloudFront\n  4. Add the CDN CNAME record to point your domain to CloudFront"
     );
   } else if (options.customDomain && !options.dnsAutoCreated && options.distributionDomain) {
     clack29.log.info(`
@@ -21835,19 +21835,19 @@ ${pc31.yellow(pc31.bold("DNS Record Required:"))}`);
   clack29.log.info(`
 ${pc31.bold("Next Steps:")}`);
   clack29.log.info(
-    `  1. ${pc31.cyan("wraps storage status")} - View your storage setup`
+    `  1. ${pc31.cyan("wraps cdn status")} - View your CDN setup`
   );
   if (options.customDomainPending) {
     clack29.log.info("  2. Add DNS records above and validate SSL certificate");
     clack29.log.info(
-      `  3. ${pc31.cyan("wraps storage upgrade")} - Add custom domain to CloudFront`
+      `  3. ${pc31.cyan("wraps cdn upgrade")} - Add custom domain to CloudFront`
     );
   } else if (options.customDomain && !options.dnsAutoCreated) {
     clack29.log.info(
       "  2. Add DNS record above to point your domain to CloudFront"
     );
     clack29.log.info(
-      `  3. ${pc31.cyan("wraps storage verify")} - Check DNS propagation`
+      `  3. ${pc31.cyan("wraps cdn verify")} - Check DNS propagation`
     );
   }
   const cdnUrl = options.customDomain ? `https://${options.customDomain}` : options.distributionDomain ? `https://${options.distributionDomain}` : null;
@@ -21859,15 +21859,15 @@ ${pc31.bold("CDN URL:")}`);
   if (options.customDomainPending) {
     clack29.outro(
       pc31.yellow(
-        "Storage deployed! Custom domain pending certificate validation."
+        "CDN deployed! Custom domain pending certificate validation."
       )
     );
   } else {
-    clack29.outro(pc31.green("Storage is ready!"));
+    clack29.outro(pc31.green("CDN is ready!"));
   }
 }
-// src/commands/storage/status.ts
+// src/commands/cdn/status.ts
 init_esm_shims();
 init_client();
 init_events();
@@ -21877,26 +21877,26 @@ init_metadata();
 import * as clack30 from "@clack/prompts";
 import * as pulumi24 from "@pulumi/pulumi";
 import pc32 from "picocolors";
-async function storageStatus(options) {
+async function cdnStatus(options) {
   const startTime = Date.now();
   const progress = new DeploymentProgress();
-  clack30.intro(pc32.bold("Wraps Storage Status"));
+  clack30.intro(pc32.bold("Wraps CDN Status"));
   const identity = await progress.execute(
-    "Loading storage infrastructure status",
+    "Loading CDN infrastructure status",
     async () => validateAWSCredentials()
   );
   let region = options.region || await getAWSRegion();
   if (!(options.region || process.env.AWS_REGION || process.env.AWS_DEFAULT_REGION)) {
-    const storageConnections = await findConnectionsWithService(
+    const cdnConnections = await findConnectionsWithService(
       identity.accountId,
-      "storage"
+      "cdn"
     );
-    if (storageConnections.length === 1) {
-      region = storageConnections[0].region;
-    } else if (storageConnections.length > 1) {
+    if (cdnConnections.length === 1) {
+      region = cdnConnections[0].region;
+    } else if (cdnConnections.length > 1) {
       const selectedRegion = await clack30.select({
-        message: "Multiple storage deployments found. Which region?",
-        options: storageConnections.map((conn) => ({
+        message: "Multiple CDN deployments found. Which region?",
+        options: cdnConnections.map((conn) => ({
           value: conn.region,
           label: conn.region
         }))
@@ -21912,22 +21912,22 @@ async function storageStatus(options) {
   try {
     await ensurePulumiWorkDir();
     const stack = await pulumi24.automation.LocalWorkspace.selectStack({
-      stackName: `wraps-storage-${identity.accountId}-${region}`,
+      stackName: `wraps-cdn-${identity.accountId}-${region}`,
       workDir: getPulumiWorkDir()
     });
     stackOutputs = await stack.outputs();
   } catch (_error) {
     progress.stop();
-    clack30.log.error("No storage infrastructure found");
+    clack30.log.error("No CDN infrastructure found");
     console.log(
       `
-Run ${pc32.cyan("wraps storage init")} to deploy storage infrastructure.
+Run ${pc32.cyan("wraps cdn init")} to deploy CDN infrastructure.
 `
     );
     process.exit(1);
   }
   progress.stop();
-  displayStorageStatus({
+  displayCdnStatus({
     bucketName: stackOutputs.bucketName?.value,
     region: stackOutputs.region?.value || region,
     distributionId: stackOutputs.distributionId?.value,
@@ -21949,9 +21949,9 @@ Run ${pc32.cyan("wraps storage init")} to deploy storage infrastructure.
   });
   getTelemetryClient().showFooterOnce();
 }
-function displayStorageStatus(options) {
+function displayCdnStatus(options) {
   clack30.log.info(`
-${pc32.bold("Storage Infrastructure:")}`);
+${pc32.bold("CDN Infrastructure:")}`);
   clack30.log.info(`  S3 Bucket: ${pc32.cyan(options.bucketName)}`);
   clack30.log.info(`  Region: ${pc32.cyan(options.region)}`);
   clack30.log.info(
@@ -22018,19 +22018,19 @@ ${pc32.bold("File URLs:")}`);
 ${pc32.bold("Commands:")}`);
   if (hasPendingCert) {
     clack30.log.info(
-      `  ${pc32.cyan("wraps storage upgrade")} - Add custom domain after cert validation`
+      `  ${pc32.cyan("wraps cdn upgrade")} - Add custom domain after cert validation`
     );
   }
   clack30.log.info(
-    `  ${pc32.cyan("wraps storage verify")} - Check DNS and certificate status`
+    `  ${pc32.cyan("wraps cdn verify")} - Check DNS and certificate status`
   );
   clack30.log.info(
-    `  ${pc32.cyan("wraps storage destroy")} - Remove storage infrastructure`
+    `  ${pc32.cyan("wraps cdn destroy")} - Remove CDN infrastructure`
   );
   clack30.outro("");
 }
-// src/commands/storage/sync.ts
+// src/commands/cdn/sync.ts
 init_esm_shims();
 import * as clack31 from "@clack/prompts";
 import * as pulumi25 from "@pulumi/pulumi";
@@ -22040,26 +22040,26 @@ init_events();
 init_aws();
 init_fs();
 init_metadata();
-async function storageSync(options) {
+async function cdnSync(options) {
   const startTime = Date.now();
   const progress = new DeploymentProgress();
-  clack31.intro(pc33.bold("Wraps Storage Sync"));
+  clack31.intro(pc33.bold("Wraps CDN Sync"));
   const identity = await progress.execute(
     "Validating AWS credentials",
     async () => validateAWSCredentials()
   );
   let region = options.region || await getAWSRegion();
   if (!(options.region || process.env.AWS_REGION || process.env.AWS_DEFAULT_REGION)) {
-    const storageConnections = await findConnectionsWithService(
+    const cdnConnections = await findConnectionsWithService(
       identity.accountId,
-      "storage"
+      "cdn"
     );
-    if (storageConnections.length === 1) {
-      region = storageConnections[0].region;
-    } else if (storageConnections.length > 1) {
+    if (cdnConnections.length === 1) {
+      region = cdnConnections[0].region;
+    } else if (cdnConnections.length > 1) {
       const selectedRegion = await clack31.select({
-        message: "Multiple storage deployments found. Which region?",
-        options: storageConnections.map((conn) => ({
+        message: "Multiple CDN deployments found. Which region?",
+        options: cdnConnections.map((conn) => ({
           value: conn.region,
           label: conn.region
         }))
@@ -22072,25 +22072,25 @@ async function storageSync(options) {
     }
   }
   const metadata = await loadConnectionMetadata(identity.accountId, region);
-  if (!metadata?.services.storage) {
+  if (!metadata?.services.cdn) {
     clack31.log.error(
-      `No storage infrastructure found for account ${pc33.cyan(identity.accountId)} in region ${pc33.cyan(region)}`
+      `No CDN infrastructure found for account ${pc33.cyan(identity.accountId)} in region ${pc33.cyan(region)}`
     );
     clack31.log.info(
-      `Use ${pc33.cyan("wraps storage init")} to deploy storage infrastructure.`
+      `Use ${pc33.cyan("wraps cdn init")} to deploy CDN infrastructure.`
     );
     process.exit(1);
   }
-  const storageService = metadata.services.storage;
-  const storageConfig = storageService.config;
+  const cdnService = metadata.services.cdn;
+  const cdnConfig = cdnService.config;
   progress.info(`Found storage deployment in ${pc33.cyan(region)}`);
   let certValidated = false;
   let existingCertArn;
-  if (storageConfig.cdn.customDomain) {
+  if (cdnConfig.cdn.customDomain) {
     try {
       await ensurePulumiWorkDir();
       const checkStack = await pulumi25.automation.LocalWorkspace.selectStack({
-        stackName: `wraps-storage-${identity.accountId}-${region}`,
+        stackName: `wraps-cdn-${identity.accountId}-${region}`,
         workDir: getPulumiWorkDir()
       });
       const stackOutputs = await checkStack.outputs();
@@ -22106,7 +22106,7 @@ async function storageSync(options) {
           certValidated = true;
           existingCertArn = stackOutputs.acmCertificateArn.value;
           progress.info(
-            `Certificate validated for ${pc33.cyan(storageConfig.cdn.customDomain)}`
+            `Certificate validated for ${pc33.cyan(cdnConfig.cdn.customDomain)}`
           );
         }
       }
@@ -22118,20 +22118,20 @@ async function storageSync(options) {
     region,
     accountId: identity.accountId,
     vercel: metadata.vercel,
-    storageConfig,
+    cdnConfig,
     // Pass cert validation flags if cert is validated externally
     certValidated,
     existingCertArn
   };
   try {
-    await progress.execute("Syncing storage infrastructure", async () => {
+    await progress.execute("Syncing CDN infrastructure", async () => {
       await ensurePulumiWorkDir();
       const stack = await pulumi25.automation.LocalWorkspace.createOrSelectStack(
         {
-          stackName: `wraps-storage-${identity.accountId}-${region}`,
-          projectName: "wraps-storage",
+          stackName: `wraps-cdn-${identity.accountId}-${region}`,
+          projectName: "wraps-cdn",
           program: async () => {
-            const result2 = await deployStorageStack(stackConfig);
+            const result2 = await deployCdnStack(stackConfig);
             return {
               roleArn: result2.roleArn,
               bucketName: result2.bucketName,
@@ -22174,7 +22174,7 @@ async function storageSync(options) {
     clack31.log.error(`Sync failed: ${error.message}`);
     process.exit(1);
   }
-  clack31.log.success(pc33.green("Storage infrastructure synced!"));
+  clack31.log.success(pc33.green("CDN infrastructure synced!"));
   trackCommand("storage:sync", {
     success: true,
     region,
@@ -22184,7 +22184,7 @@ async function storageSync(options) {
   clack31.outro("");
 }
-// src/commands/storage/upgrade.ts
+// src/commands/cdn/upgrade.ts
 init_esm_shims();
 import * as clack32 from "@clack/prompts";
 import * as pulumi26 from "@pulumi/pulumi";
@@ -22194,12 +22194,12 @@ init_events();
 init_aws();
 init_fs();
 init_metadata();
-async function storageUpgrade(options) {
+async function cdnUpgrade(options) {
   const startTime = Date.now();
   const progress = new DeploymentProgress();
   clack32.intro(
     pc34.bold(
-      options.preview ? "Wraps Storage Upgrade Preview" : "Wraps Storage Upgrade"
+      options.preview ? "Wraps CDN Upgrade Preview" : "Wraps CDN Upgrade"
     )
   );
   const identity = await progress.execute(
@@ -22209,16 +22209,16 @@ async function storageUpgrade(options) {
   progress.info(`Connected to AWS account: ${pc34.cyan(identity.accountId)}`);
   let region = options.region || await getAWSRegion();
   if (!(options.region || process.env.AWS_REGION || process.env.AWS_DEFAULT_REGION)) {
-    const storageConnections = await findConnectionsWithService(
+    const cdnConnections = await findConnectionsWithService(
       identity.accountId,
-      "storage"
+      "cdn"
     );
-    if (storageConnections.length === 1) {
-      region = storageConnections[0].region;
-    } else if (storageConnections.length > 1) {
+    if (cdnConnections.length === 1) {
+      region = cdnConnections[0].region;
+    } else if (cdnConnections.length > 1) {
       const selectedRegion = await clack32.select({
-        message: "Multiple storage deployments found. Which region?",
-        options: storageConnections.map((conn) => ({
+        message: "Multiple CDN deployments found. Which region?",
+        options: cdnConnections.map((conn) => ({
           value: conn.region,
           label: conn.region
         }))
@@ -22231,22 +22231,22 @@ async function storageUpgrade(options) {
     }
   }
   const metadata = await loadConnectionMetadata(identity.accountId, region);
-  if (!metadata?.services.storage) {
+  if (!metadata?.services.cdn) {
     clack32.log.error(
-      `No storage infrastructure found for account ${pc34.cyan(identity.accountId)} in region ${pc34.cyan(region)}`
+      `No CDN infrastructure found for account ${pc34.cyan(identity.accountId)} in region ${pc34.cyan(region)}`
     );
     clack32.log.info(
-      `Use ${pc34.cyan("wraps storage init")} to deploy storage infrastructure.`
+      `Use ${pc34.cyan("wraps cdn init")} to deploy CDN infrastructure.`
     );
     process.exit(1);
   }
-  const storageService = metadata.services.storage;
-  const storageConfig = storageService.config;
+  const cdnService = metadata.services.cdn;
+  const cdnConfig = cdnService.config;
   let stackOutputs = {};
   try {
     await ensurePulumiWorkDir();
     const stack = await pulumi26.automation.LocalWorkspace.selectStack({
-      stackName: `wraps-storage-${identity.accountId}-${region}`,
+      stackName: `wraps-cdn-${identity.accountId}-${region}`,
       workDir: getPulumiWorkDir()
     });
     stackOutputs = await stack.outputs();
@@ -22255,7 +22255,7 @@ async function storageUpgrade(options) {
     process.exit(1);
   }
   let cloudFrontHasCustomDomain = false;
-  if (stackOutputs.distributionId?.value && storageConfig.cdn?.customDomain) {
+  if (stackOutputs.distributionId?.value && cdnConfig.cdn?.customDomain) {
     try {
       const { CloudFrontClient, GetDistributionCommand } = await import("@aws-sdk/client-cloudfront");
       const cfClient = new CloudFrontClient({ region: "us-east-1" });
@@ -22266,16 +22266,16 @@ async function storageUpgrade(options) {
       );
       const aliases = cfResponse.Distribution?.DistributionConfig?.Aliases?.Items || [];
       cloudFrontHasCustomDomain = aliases.includes(
-        storageConfig.cdn.customDomain
+        cdnConfig.cdn.customDomain
       );
     } catch {
     }
   }
   const hasPendingCert = stackOutputs.acmCertificateArn?.value && !stackOutputs.customDomain?.value && !cloudFrontHasCustomDomain;
   const pendingDomain = stackOutputs.customDomainPending?.value || (hasPendingCert && stackOutputs.acmCertificateValidationRecords?.value?.[0]?.name ? stackOutputs.acmCertificateValidationRecords.value[0].name.replace(/^_[^.]+\./, "").replace(/\.$/, "") : void 0);
-  const activeCustomDomain = cloudFrontHasCustomDomain ? storageConfig.cdn?.customDomain : stackOutputs.customDomain?.value;
+  const activeCustomDomain = cloudFrontHasCustomDomain ? cdnConfig.cdn?.customDomain : stackOutputs.customDomain?.value;
   if (!hasPendingCert) {
-    clack32.log.info("No pending upgrades found for storage infrastructure.");
+    clack32.log.info("No pending upgrades found for CDN infrastructure.");
     clack32.log.info(
       `
 Current configuration:
@@ -22322,7 +22322,7 @@ Pending domain: ${pc34.cyan(pendingDomain)}`);
     clack32.log.info(
       "After adding the DNS record, wait for validation (typically 5-30 minutes)."
     );
-    clack32.log.info(`Then run ${pc34.cyan("wraps storage upgrade")} again.
+    clack32.log.info(`Then run ${pc34.cyan("wraps cdn upgrade")} again.
 `);
     process.exit(0);
   }
@@ -22344,9 +22344,9 @@ Ready to add custom domain: ${pc34.cyan(pendingDomain)}`);
     }
   }
   const updatedConfig = {
-    ...storageConfig,
+    ...cdnConfig,
     cdn: {
-      ...storageConfig.cdn,
+      ...cdnConfig.cdn,
       customDomain: pendingDomain
     }
   };
@@ -22355,8 +22355,8 @@ Ready to add custom domain: ${pc34.cyan(pendingDomain)}`);
     region,
     accountId: identity.accountId,
     vercel: metadata.vercel,
-    storageConfig: updatedConfig,
-    // Tell deployStorageStack that the cert is validated externally (manual DNS)
+    cdnConfig: updatedConfig,
+    // Tell deployCdnStack that the cert is validated externally (manual DNS)
     certValidated: true,
     existingCertArn: stackOutputs.acmCertificateArn.value
   };
@@ -22386,10 +22386,10 @@ Ready to add custom domain: ${pc34.cyan(pendingDomain)}`);
         await ensurePulumiWorkDir();
         const stack = await pulumi26.automation.LocalWorkspace.createOrSelectStack(
           {
-            stackName: `wraps-storage-${identity.accountId}-${region}`,
-            projectName: "wraps-storage",
+            stackName: `wraps-cdn-${identity.accountId}-${region}`,
+            projectName: "wraps-cdn",
             program: async () => {
-              const result = await deployStorageStack(stackConfig);
+              const result = await deployCdnStack(stackConfig);
               return {
                 roleArn: result.roleArn,
                 bucketName: result.bucketName,
@@ -22432,8 +22432,8 @@ Ready to add custom domain: ${pc34.cyan(pendingDomain)}`);
     clack32.log.error(`Upgrade failed: ${error.message}`);
     process.exit(1);
   }
-  if (metadata.services.storage) {
-    metadata.services.storage.config = updatedConfig;
+  if (metadata.services.cdn) {
+    metadata.services.cdn.config = updatedConfig;
     await saveConnectionMetadata(metadata);
   }
   clack32.log.success(`
@@ -22464,7 +22464,7 @@ ${pc34.green("")} ${pc34.bold("Upgrade complete!")}
   clack32.outro("");
 }
-// src/commands/storage/verify.ts
+// src/commands/cdn/verify.ts
 init_esm_shims();
 init_events();
 init_aws();
@@ -22520,26 +22520,26 @@ async function checkDistributionStatus(distributionId, region) {
     return { status: "ERROR", enabled: false, aliases: [] };
   }
 }
-async function storageVerify(options) {
+async function cdnVerify(options) {
   const startTime = Date.now();
   const progress = new DeploymentProgress();
-  clack33.intro(pc35.bold("Wraps Storage Verification"));
+  clack33.intro(pc35.bold("Wraps CDN Verification"));
   const identity = await progress.execute(
-    "Loading storage infrastructure",
+    "Loading CDN infrastructure",
     async () => validateAWSCredentials()
   );
   let region = options.region || await getAWSRegion();
   if (!(options.region || process.env.AWS_REGION || process.env.AWS_DEFAULT_REGION)) {
-    const storageConnections = await findConnectionsWithService(
+    const cdnConnections = await findConnectionsWithService(
       identity.accountId,
-      "storage"
+      "cdn"
     );
-    if (storageConnections.length === 1) {
-      region = storageConnections[0].region;
-    } else if (storageConnections.length > 1) {
+    if (cdnConnections.length === 1) {
+      region = cdnConnections[0].region;
+    } else if (cdnConnections.length > 1) {
       const selectedRegion = await clack33.select({
-        message: "Multiple storage deployments found. Which region?",
-        options: storageConnections.map((conn) => ({
+        message: "Multiple CDN deployments found. Which region?",
+        options: cdnConnections.map((conn) => ({
           value: conn.region,
           label: conn.region
         }))
@@ -22555,16 +22555,16 @@ async function storageVerify(options) {
   try {
     await ensurePulumiWorkDir();
     const stack = await pulumi27.automation.LocalWorkspace.selectStack({
-      stackName: `wraps-storage-${identity.accountId}-${region}`,
+      stackName: `wraps-cdn-${identity.accountId}-${region}`,
       workDir: getPulumiWorkDir()
     });
     stackOutputs = await stack.outputs();
   } catch (_error) {
     progress.stop();
-    clack33.log.error("No storage infrastructure found");
+    clack33.log.error("No CDN infrastructure found");
     console.log(
       `
-Run ${pc35.cyan("wraps storage init")} to deploy storage infrastructure.
+Run ${pc35.cyan("wraps cdn init")} to deploy CDN infrastructure.
 `
     );
     process.exit(1);
@@ -22647,7 +22647,7 @@ ${pc35.bold("Custom Domain DNS:")}`);
         `  ${pc35.yellow("!")} CloudFront alias not configured for ${targetDomain}`
       );
       clack33.log.info(
-        `    Run ${pc35.cyan("wraps storage upgrade")} to add the custom domain to CloudFront.`
+        `    Run ${pc35.cyan("wraps cdn upgrade")} to add the custom domain to CloudFront.`
       );
       allPassed = false;
     }
@@ -22688,12 +22688,12 @@ ${pc35.bold("Certificate Validation DNS:")}`);
     const cdnUrl = targetDomain ? `https://${targetDomain}` : distributionDomain ? `https://${distributionDomain}` : null;
     if (cdnUrl) {
       clack33.log.info(`
-Your storage is accessible at: ${pc35.cyan(cdnUrl)}`);
+Your CDN is accessible at: ${pc35.cyan(cdnUrl)}`);
     }
     if (stackOutputsStale) {
       clack33.log.info(
         `
-${pc35.dim("Tip:")} Run ${pc35.cyan("wraps storage sync")} to update infrastructure state.`
+${pc35.dim("Tip:")} Run ${pc35.cyan("wraps cdn sync")} to update infrastructure state.`
       );
     }
   } else {
@@ -22701,7 +22701,7 @@ ${pc35.dim("Tip:")} Run ${pc35.cyan("wraps storage sync")} to update infrastruct
     if (validationRecords && validationRecords.length > 0) {
       clack33.log.info("\nDNS records may take up to 48 hours to propagate.");
       clack33.log.info(
-        `Run ${pc35.cyan("wraps storage verify")} again to check status.`
+        `Run ${pc35.cyan("wraps cdn verify")} again to check status.`
       );
     }
   }
@@ -22863,7 +22863,7 @@ function showHelp() {
     `  ${pc38.cyan("sms")}         SMS infrastructure (AWS End User Messaging)`
   );
   console.log(
-    `  ${pc38.cyan("storage")}     File storage infrastructure (AWS S3 + CloudFront)
+    `  ${pc38.cyan("cdn")}         CDN infrastructure (AWS S3 + CloudFront)
 `
   );
   console.log("Email Commands:");
@@ -22912,24 +22912,24 @@ function showHelp() {
     `  ${pc38.cyan("sms destroy")}          Remove SMS infrastructure
 `
   );
-  console.log("Storage Commands:");
+  console.log("CDN Commands:");
   console.log(
-    `  ${pc38.cyan("storage init")}         Deploy storage infrastructure (S3 + CDN)`
+    `  ${pc38.cyan("cdn init")}             Deploy CDN infrastructure (S3 + CloudFront)`
   );
   console.log(
-    `  ${pc38.cyan("storage status")}       Show storage infrastructure details`
+    `  ${pc38.cyan("cdn status")}           Show CDN infrastructure details`
   );
   console.log(
-    `  ${pc38.cyan("storage verify")}       Check DNS and certificate status`
+    `  ${pc38.cyan("cdn verify")}           Check DNS and certificate status`
   );
   console.log(
-    `  ${pc38.cyan("storage upgrade")}      Add custom domain after cert validation`
+    `  ${pc38.cyan("cdn upgrade")}          Add custom domain after cert validation`
   );
   console.log(
-    `  ${pc38.cyan("storage sync")}         Sync infrastructure with current config`
+    `  ${pc38.cyan("cdn sync")}             Sync infrastructure with current config`
   );
   console.log(
-    `  ${pc38.cyan("storage destroy")}      Remove storage infrastructure
+    `  ${pc38.cyan("cdn destroy")}          Remove CDN infrastructure
 `
   );
   console.log("Local Development:");
@@ -23137,8 +23137,8 @@ if (!primaryCommand) {
           hint: "AWS End User Messaging"
         },
         {
-          value: "storage-init",
-          label: "Deploy Storage",
+          value: "cdn-init",
+          label: "Deploy CDN",
           hint: "AWS S3 + CloudFront CDN"
         },
         {
@@ -23196,7 +23196,7 @@ if (!primaryCommand) {
           yes: flags.yes
         });
         break;
-      case "storage-init":
+      case "cdn-init":
         await init3({
           provider: flags.provider,
           region: flags.region,
@@ -23496,7 +23496,7 @@ Run ${pc38.cyan("wraps --help")} for available commands.
       });
       return;
     }
-    if (primaryCommand === "storage" && subCommand) {
+    if (primaryCommand === "cdn" && subCommand) {
       switch (subCommand) {
         case "init":
           await init3({
@@ -23509,36 +23509,36 @@ Run ${pc38.cyan("wraps --help")} for available commands.
           });
           break;
         case "status":
-          await storageStatus({
+          await cdnStatus({
             region: flags.region
           });
           break;
         case "verify":
-          await storageVerify({
+          await cdnVerify({
             region: flags.region
           });
           break;
         case "upgrade":
-          await storageUpgrade({
+          await cdnUpgrade({
             region: flags.region,
             yes: flags.yes,
             preview: flags.preview
           });
           break;
         case "sync":
-          await storageSync({
+          await cdnSync({
             region: flags.region
           });
           break;
         case "destroy":
-          await storageDestroy({
+          await cdnDestroy({
             force: flags.force,
             region: flags.region,
             preview: flags.preview
           });
           break;
         default:
-          clack36.log.error(`Unknown storage command: ${subCommand}`);
+          clack36.log.error(`Unknown cdn command: ${subCommand}`);
           console.log(
             `
 Run ${pc38.cyan("wraps --help")} for available commands.
@@ -23546,12 +23546,12 @@ Run ${pc38.cyan("wraps --help")} for available commands.
           );
           process.exit(1);
       }
-      const storageDuration = Date.now() - startTime;
-      const storageCommandName = `storage:${subCommand}`;
-      trackCommand(storageCommandName, {
+      const cdnDuration = Date.now() - startTime;
+      const cdnCommandName = `cdn:${subCommand}`;
+      trackCommand(cdnCommandName, {
         success: true,
-        duration_ms: storageDuration,
-        service: "storage"
+        duration_ms: cdnDuration,
+        service: "cdn"
       });
       return;
     }
@@ -23674,7 +23674,7 @@ Available commands: ${pc38.cyan("enable")}, ${pc38.cyan("disable")}, ${pc38.cyan
       // Show help for service without subcommand
       case "email":
       case "sms":
-      case "storage":
+      case "cdn":
       case "aws":
         console.log(
           `