aws-architect 6.7.141 → 6.7.143
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/BucketManager.js +37 -20
- package/package.json +3 -1
package/lib/BucketManager.js
CHANGED
|
@@ -3,6 +3,8 @@ let glob = require('glob');
|
|
|
3
3
|
let path = require('path');
|
|
4
4
|
const { createHash } = require('crypto');
|
|
5
5
|
const { lookup } = require('mime-types');
|
|
6
|
+
const { S3Client, HeadBucketCommand, CreateBucketCommand, PutPublicAccessBlockCommand, PutBucketLifecycleConfigurationCommand } = require('@aws-sdk/client-s3');
|
|
7
|
+
const { STSClient, GetCallerIdentityCommand } = require('@aws-sdk/client-sts');
|
|
6
8
|
|
|
7
9
|
const contentTypeMappingConst = {
|
|
8
10
|
'.ico': 'image/x-icon',
|
|
@@ -154,43 +156,58 @@ class BucketManager {
|
|
|
154
156
|
}
|
|
155
157
|
|
|
156
158
|
async ensureBucketExists(bucket) {
|
|
159
|
+
const region = this.S3Manager.config.region;
|
|
160
|
+
const s3Client = new S3Client({ region });
|
|
161
|
+
const stsClient = new STSClient({ region });
|
|
162
|
+
|
|
163
|
+
const { Account: accountId } = await stsClient.send(new GetCallerIdentityCommand({}));
|
|
164
|
+
|
|
165
|
+
if (!bucket.includes(accountId) || !bucket.includes(region)) {
|
|
166
|
+
throw { title: 'Bucket name must include both the AWS account ID and the region', bucket, accountId, region };
|
|
167
|
+
}
|
|
168
|
+
|
|
157
169
|
const bucketLifecycleConfigurationParams = {
|
|
158
170
|
Bucket: bucket,
|
|
159
171
|
LifecycleConfiguration: {
|
|
160
172
|
Rules: [{
|
|
161
173
|
ID: 'AwsArchitect-AutoDeleteOldArtifacts',
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
},
|
|
165
|
-
|
|
166
|
-
NoncurrentVersionExpiration: {
|
|
167
|
-
NoncurrentDays: 5
|
|
168
|
-
},
|
|
169
|
-
AbortIncompleteMultipartUpload: {
|
|
170
|
-
DaysAfterInitiation: 5
|
|
171
|
-
},
|
|
174
|
+
Filter: { Prefix: '' },
|
|
175
|
+
Expiration: { Days: 31 },
|
|
176
|
+
NoncurrentVersionExpiration: { NoncurrentDays: 5 },
|
|
177
|
+
AbortIncompleteMultipartUpload: { DaysAfterInitiation: 5 },
|
|
172
178
|
Status: 'Enabled'
|
|
173
179
|
}]
|
|
174
180
|
}
|
|
175
181
|
};
|
|
176
182
|
|
|
177
183
|
try {
|
|
178
|
-
await
|
|
184
|
+
await s3Client.send(new HeadBucketCommand({ Bucket: bucket }));
|
|
185
|
+
return;
|
|
179
186
|
} catch (error) {
|
|
180
|
-
if (error.
|
|
187
|
+
if (error.name !== 'NotFound') {
|
|
181
188
|
throw { title: 'Failed to validate deployment bucket is available', error, bucket };
|
|
182
189
|
}
|
|
190
|
+
}
|
|
183
191
|
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
192
|
+
const params = { Bucket: bucket };
|
|
193
|
+
if (region !== 'us-east-1') {
|
|
194
|
+
params.CreateBucketConfiguration = { LocationConstraint: region };
|
|
195
|
+
}
|
|
196
|
+
try {
|
|
197
|
+
console.log(`[AWS Architect] (S3) - Creating deployment bucket because it does not exist: ${bucket}`);
|
|
198
|
+
await s3Client.send(new CreateBucketCommand(params));
|
|
199
|
+
} catch (error) {
|
|
200
|
+
if (error.name === 'BucketAlreadyExists' || error.name === 'BucketAlreadyOwnedByYou') {
|
|
201
|
+
return;
|
|
187
202
|
}
|
|
188
|
-
|
|
189
|
-
await this.S3Manager.putPublicAccessBlock({
|
|
190
|
-
Bucket: bucket, PublicAccessBlockConfiguration: { BlockPublicAcls: true, BlockPublicPolicy: true, IgnorePublicAcls: true, RestrictPublicBuckets: true }
|
|
191
|
-
}).promise();
|
|
192
|
-
await this.S3Manager.putBucketLifecycleConfiguration(bucketLifecycleConfigurationParams).promise();
|
|
203
|
+
throw error;
|
|
193
204
|
}
|
|
205
|
+
await s3Client.send(new PutPublicAccessBlockCommand({
|
|
206
|
+
Bucket: bucket,
|
|
207
|
+
PublicAccessBlockConfiguration: { BlockPublicAcls: true, BlockPublicPolicy: true, IgnorePublicAcls: true, RestrictPublicBuckets: true },
|
|
208
|
+
ExpectedBucketOwner: accountId
|
|
209
|
+
}));
|
|
210
|
+
await s3Client.send(new PutBucketLifecycleConfigurationCommand(bucketLifecycleConfigurationParams));
|
|
194
211
|
}
|
|
195
212
|
|
|
196
213
|
// Ensures a path will be in unix format (that is, forward slash), also on Windows systems.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "aws-architect",
|
|
3
|
-
"version": "6.7.
|
|
3
|
+
"version": "6.7.143",
|
|
4
4
|
"description": "AWS Architect is a node based tool to configure and deploy AWS-based microservices.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"types": "index.d.ts",
|
|
@@ -19,6 +19,8 @@
|
|
|
19
19
|
},
|
|
20
20
|
"dependencies": {
|
|
21
21
|
"@aws-sdk/client-cloudformation": "^3.1000.0",
|
|
22
|
+
"@aws-sdk/client-s3": "^3.1000",
|
|
23
|
+
"@aws-sdk/client-sts": "^3.1000",
|
|
22
24
|
"archiver": "^5.3.0",
|
|
23
25
|
"body-parser": "^1.18.2",
|
|
24
26
|
"commander": "^2.5.0",
|