cdk-local 0.46.0 → 0.48.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/README.md +1 -1
  2. package/dist/cli.js +3 -2
  3. package/dist/cli.js.map +1 -1
  4. package/dist/{local-list-DL6DlYSN.js → cloud-map-resolver-BHapzvlA.js} +561 -5842
  5. package/dist/cloud-map-resolver-BHapzvlA.js.map +1 -0
  6. package/dist/error-handler-BfysjFFj.d.ts +696 -0
  7. package/dist/error-handler-BfysjFFj.d.ts.map +1 -0
  8. package/dist/index.d.ts +3 -1117
  9. package/dist/index.d.ts.map +1 -1
  10. package/dist/index.js +3 -2
  11. package/dist/internal.d.ts +442 -0
  12. package/dist/internal.d.ts.map +1 -0
  13. package/dist/internal.js +3 -0
  14. package/dist/local-list-9MtupW0M.js +5380 -0
  15. package/dist/local-list-9MtupW0M.js.map +1 -0
  16. package/package.json +5 -1
  17. package/dist/local-list-DL6DlYSN.js.map +0 -1
package/dist/error-handler-BfysjFFj.d.ts ADDED
@@ -0,0 +1,696 @@
1
+ import { Command, Option } from "commander";
2
+ import { SSMClient } from "@aws-sdk/client-ssm";
3
+ import { WebSocket } from "ws";
4
+ import { IncomingMessage, Server, ServerResponse } from "node:http";
5
+
6
+ //#region src/types/resource.d.ts
7
+ interface CloudFormationTemplate {
8
+ AWSTemplateFormatVersion?: string;
9
+ Description?: string;
10
+ Parameters?: Record<string, TemplateParameter>;
11
+ Resources: Record<string, TemplateResource>;
12
+ Outputs?: Record<string, TemplateOutput>;
13
+ Conditions?: Record<string, unknown>;
14
+ Mappings?: Record<string, unknown>;
15
+ Transform?: unknown;
16
+ Rules?: Record<string, unknown>;
17
+ }
18
+ interface TemplateParameter {
19
+ Type: string;
20
+ Default?: unknown;
21
+ Description?: string;
22
+ AllowedValues?: unknown[];
23
+ AllowedPattern?: string;
24
+ ConstraintDescription?: string;
25
+ }
26
+ interface TemplateResource {
27
+ Type: string;
28
+ Properties?: Record<string, unknown>;
29
+ DependsOn?: string | readonly string[];
30
+ Condition?: string;
31
+ Metadata?: Record<string, unknown>;
32
+ CreationPolicy?: Record<string, unknown>;
33
+ UpdatePolicy?: Record<string, unknown>;
34
+ DeletionPolicy?: 'Delete' | 'Retain' | 'Snapshot';
35
+ UpdateReplacePolicy?: 'Delete' | 'Retain' | 'Snapshot';
36
+ }
37
+ interface TemplateOutput {
38
+ Value: unknown;
39
+ Description?: string;
40
+ Export?: {
41
+ Name: string;
42
+ };
43
+ }
44
+ //#endregion
45
+ //#region src/types/state.d.ts
46
+ interface ResourceState {
47
+ physicalId: string;
48
+ resourceType: string;
49
+ properties: Record<string, unknown>;
50
+ observedProperties?: Record<string, unknown>;
51
+ attributes?: Record<string, unknown>;
52
+ dependencies?: string[];
53
+ metadata?: Record<string, unknown>;
54
+ deletionPolicy?: 'Delete' | 'Retain' | 'Snapshot' | 'RetainExceptOnCreate' | undefined;
55
+ updateReplacePolicy?: 'Delete' | 'Retain' | 'Snapshot' | 'RetainExceptOnCreate' | undefined;
56
+ provisionedBy?: 'sdk' | 'cc-api' | undefined;
57
+ }
58
+ //#endregion
59
+ //#region src/local/state-resolver.d.ts
60
+ type StateSubstitutionResult = {
61
+ kind: 'literal';
62
+ value: string | number | boolean;
63
+ } | {
64
+ kind: 'unresolved';
65
+ reason: string;
66
+ };
67
+ interface PseudoParameters {
68
+ accountId?: string;
69
+ region?: string;
70
+ partition?: string;
71
+ urlSuffix?: string;
72
+ }
73
+ interface CrossStackResolver {
74
+ resolveImport(exportName: string): Promise<string | undefined>;
75
+ resolveGetStackOutput(producerStack: string, producerRegion: string, outputName: string): Promise<string | undefined>;
76
+ }
77
+ interface SubstitutionContext {
78
+ resources: Record<string, ResourceState>;
79
+ parameters?: Record<string, string>;
80
+ sensitiveParameters?: ReadonlySet<string>;
81
+ onSensitiveParameterConsumed?: (logicalId: string) => void;
82
+ pseudoParameters?: PseudoParameters;
83
+ crossStackResolver?: CrossStackResolver;
84
+ consumerRegion?: string;
85
+ }
86
+ declare function substituteAgainstState(value: unknown, contextOrResources: SubstitutionContext | Record<string, ResourceState>): StateSubstitutionResult;
87
+ declare function substituteAgainstStateAsync(value: unknown, contextOrResources: SubstitutionContext | Record<string, ResourceState>): Promise<StateSubstitutionResult>;
88
+ interface StateEnvSubstitutionAudit {
89
+ resolvedKeys: string[];
90
+ unresolved: Array<{
91
+ key: string;
92
+ reason: string;
93
+ }>;
94
+ sensitiveKeys: string[];
95
+ }
96
+ declare function substituteEnvVarsFromState(templateEnv: Record<string, unknown> | undefined, contextOrResources: SubstitutionContext | Record<string, ResourceState>): {
97
+ env: Record<string, unknown>;
98
+ audit: StateEnvSubstitutionAudit;
99
+ };
100
+ declare function substituteEnvVarsFromStateAsync(templateEnv: Record<string, unknown> | undefined, contextOrResources: SubstitutionContext | Record<string, ResourceState>): Promise<{
101
+ env: Record<string, unknown>;
102
+ audit: StateEnvSubstitutionAudit;
103
+ }>;
104
+ //#endregion
105
+ //#region src/local/ssm-parameter-resolver.d.ts
106
+ interface SsmParameterRef {
107
+ logicalId: string;
108
+ ssmName: string;
109
+ isList: boolean;
110
+ }
111
+ interface ResolvedSsmParameters {
112
+ values: Record<string, string>;
113
+ secureStringLogicalIds: string[];
114
+ }
115
+ declare function collectSsmParameterRefs(template: Pick<CloudFormationTemplate, 'Parameters'> | undefined): SsmParameterRef[];
116
+ declare function resolveSsmParameters(client: SSMClient, refs: readonly SsmParameterRef[], label: string): Promise<ResolvedSsmParameters>;
117
+ //#endregion
118
+ //#region src/local/local-state-provider.d.ts
119
+ interface LocalStateRecord {
120
+ resources: Record<string, ResourceState>;
121
+ outputs: Record<string, string>;
122
+ region: string;
123
+ }
124
+ interface LocalStateProvider {
125
+ readonly label: string;
126
+ load(stackName: string, synthRegion: string | undefined): Promise<LocalStateRecord | undefined>;
127
+ buildCrossStackResolver(consumerRegion: string): Promise<CrossStackResolver | undefined>;
128
+ resolveDeployedFunctionEnv?(functionPhysicalId: string): Promise<Record<string, string> | undefined>;
129
+ resolveTemplateSsmParameters?(template: CloudFormationTemplate): Promise<ResolvedSsmParameters>;
130
+ dispose(): void;
131
+ }
132
+ //#endregion
133
+ //#region src/cli/commands/local-state-source.d.ts
134
+ interface LocalStateSourceOptions {
135
+ fromCfnStack?: string | boolean;
136
+ region?: string;
137
+ profile?: string;
138
+ stackRegion?: string;
139
+ [key: string]: unknown;
140
+ }
141
+ type LocalStateProviderFactory = (options: LocalStateSourceOptions) => LocalStateProvider;
142
+ type ExtraStateProviders = Record<string, LocalStateProviderFactory>;
143
+ declare function resolveCfnStackName(fromCfnStack: string | boolean, stackName: string): string;
144
+ declare function isCfnFlagPresent(opts: Pick<LocalStateSourceOptions, 'fromCfnStack'>): boolean;
145
+ declare function resolveCfnRegion(options: Pick<LocalStateSourceOptions, 'stackRegion' | 'region'>, synthRegion: string | undefined): string;
146
+ declare function resolveCfnFallbackRegion(options: Pick<LocalStateSourceOptions, 'fromCfnStack' | 'profile'>, synthRegion: string | undefined): Promise<string | undefined>;
147
+ declare class LocalStateSourceError extends Error {
148
+ constructor(message: string);
149
+ }
150
+ declare function rejectExplicitCfnStackWithMultipleStacks(options: Pick<LocalStateSourceOptions, 'fromCfnStack'>, routedStackCount: number): void;
151
+ declare function createLocalStateProvider(options: LocalStateSourceOptions, stackName: string, synthRegion: string | undefined, extraStateProviders?: ExtraStateProviders): LocalStateProvider | undefined;
152
+ //#endregion
153
+ //#region src/local/embed-config.d.ts
154
+ interface CdkLocalEmbedConfig {
155
+ cliName?: string;
156
+ binaryName?: string;
157
+ productName?: string;
158
+ resourceNamePrefix?: string;
159
+ awsBindMountPath?: string;
160
+ envPrefix?: string;
161
+ sigV4StrictByDefault?: boolean;
162
+ sigV4OptFlag?: string;
163
+ }
164
+ interface ResolvedEmbedConfig {
165
+ cliName: string;
166
+ binaryName: string;
167
+ productName: string;
168
+ resourceNamePrefix: string;
169
+ awsBindMountPath: string;
170
+ envPrefix: string;
171
+ sigV4StrictByDefault: boolean;
172
+ sigV4OptFlag: string;
173
+ }
174
+ declare function setEmbedConfig(config?: CdkLocalEmbedConfig): void;
175
+ declare function getEmbedConfig(): ResolvedEmbedConfig;
176
+ declare function resetEmbedConfig(): void;
177
+ //#endregion
178
+ //#region src/synthesis/assembly-reader.d.ts
179
+ interface StackInfo {
180
+ stackName: string;
181
+ displayName: string;
182
+ artifactId: string;
183
+ template: CloudFormationTemplate;
184
+ assetManifestPath?: string | undefined;
185
+ dependencyNames: string[];
186
+ region?: string | undefined;
187
+ account?: string | undefined;
188
+ terminationProtection?: boolean | undefined;
189
+ nestedTemplates?: Record<string, string> | undefined;
190
+ }
191
+ //#endregion
192
+ //#region src/local/lambda-resolver.d.ts
193
+ interface ResolvedArnLambdaLayer {
194
+ kind: 'arn';
195
+ logicalId: string;
196
+ arn: string;
197
+ region: string;
198
+ accountId: string;
199
+ name: string;
200
+ version: string;
201
+ }
202
+ //#endregion
203
+ //#region src/local/intrinsic-image.d.ts
204
+ interface ImageResolutionContext {
205
+ pseudoParameters?: {
206
+ accountId?: string;
207
+ region?: string;
208
+ partition?: string;
209
+ urlSuffix?: string;
210
+ };
211
+ stateResources?: Record<string, ResourceState>;
212
+ stateParameters?: Record<string, string>;
213
+ stateSensitiveParameters?: readonly string[];
214
+ }
215
+ declare function derivePseudoParametersFromRegion(region: string | undefined, accountId?: string): {
216
+ accountId?: string;
217
+ region: string;
218
+ partition: string;
219
+ urlSuffix: string;
220
+ } | undefined;
221
+ type FnJoinResolveOutcome = {
222
+ kind: 'not-applicable';
223
+ } | {
224
+ kind: 'resolved';
225
+ uri: string;
226
+ } | {
227
+ kind: 'needs-state';
228
+ repoLogicalId: string;
229
+ } | {
230
+ kind: 'unsupported-join';
231
+ reason: string;
232
+ };
233
+ declare function tryResolveImageFnJoin(raw: unknown, resources: Record<string, TemplateResource>, context: ImageResolutionContext | undefined): FnJoinResolveOutcome;
234
+ declare function substituteImagePlaceholders(flat: string, resources: Record<string, TemplateResource>, context: ImageResolutionContext | undefined): string;
235
+ //#endregion
236
+ //#region src/local/agentcore-resolver.d.ts
237
+ declare const AGENTCORE_RUNTIME_TYPE = "AWS::BedrockAgentCore::Runtime";
238
+ declare const AGENTCORE_HTTP_PROTOCOL = "HTTP";
239
+ declare const AGENTCORE_MCP_PROTOCOL = "MCP";
240
+ interface ResolvedAgentCoreRuntime {
241
+ stack: StackInfo;
242
+ logicalId: string;
243
+ resource: TemplateResource;
244
+ containerUri?: string;
245
+ codeArtifact?: AgentCoreCodeArtifact;
246
+ environmentVariables: Record<string, unknown>;
247
+ roleArn?: string;
248
+ protocol: string;
249
+ jwtAuthorizer?: AgentCoreJwtAuthorizer;
250
+ }
251
+ interface AgentCoreJwtAuthorizer {
252
+ discoveryUrl: string;
253
+ allowedAudience?: string[];
254
+ allowedClients?: string[];
255
+ }
256
+ interface AgentCoreCodeArtifact {
257
+ runtime: string;
258
+ entryPoint: string[];
259
+ codeAssetHash: string;
260
+ }
261
+ declare class AgentCoreResolutionError extends Error {
262
+ constructor(message: string);
263
+ }
264
+ declare function resolveAgentCoreTarget(target: string, stacks: StackInfo[], imageContext?: ImageResolutionContext): ResolvedAgentCoreRuntime;
265
+ //#endregion
266
+ //#region src/local/agentcore-client.d.ts
267
+ declare const AGENTCORE_SESSION_ID_HEADER = "X-Amzn-Bedrock-AgentCore-Runtime-Session-Id";
268
+ interface AgentCoreInvokeResult {
269
+ status: number;
270
+ contentType: string | null;
271
+ raw: string;
272
+ streamed: boolean;
273
+ }
274
+ declare function waitForAgentCorePing(host: string, port: number, timeoutMs?: number): Promise<void>;
275
+ interface InvokeAgentCoreOptions {
276
+ sessionId: string;
277
+ timeoutMs: number;
278
+ authorization?: string;
279
+ onChunk?: (text: string) => void;
280
+ }
281
+ declare function invokeAgentCore(host: string, port: number, event: unknown, options: InvokeAgentCoreOptions): Promise<AgentCoreInvokeResult>;
282
+ //#endregion
283
+ //#region src/local/agentcore-mcp-client.d.ts
284
+ declare const MCP_CONTAINER_PORT = 8000;
285
+ declare const MCP_PATH = "/mcp";
286
+ declare const MCP_PROTOCOL_VERSION = "2025-06-18";
287
+ interface McpJsonRpcRequest {
288
+ method: string;
289
+ params?: unknown;
290
+ }
291
+ interface McpInvokeResult {
292
+ ok: boolean;
293
+ raw: string;
294
+ }
295
+ interface McpInvokeOptions {
296
+ readyTimeoutMs?: number;
297
+ requestTimeoutMs?: number;
298
+ fetchImpl?: typeof fetch;
299
+ }
300
+ declare function mcpInvokeOnce(host: string, port: number, request: McpJsonRpcRequest, options?: McpInvokeOptions): Promise<McpInvokeResult>;
301
+ declare function parseSseForJsonRpc(text: string, id: number): unknown;
302
+ //#endregion
303
+ //#region src/local/agentcore-ws-client.d.ts
304
+ interface InvokeAgentCoreWsOptions {
305
+ sessionId: string;
306
+ onMessage: (text: string) => void;
307
+ timeoutMs: number;
308
+ authorization?: string;
309
+ webSocketImpl?: typeof WebSocket;
310
+ }
311
+ interface AgentCoreWsResult {
312
+ frames: number;
313
+ }
314
+ declare function invokeAgentCoreWs(host: string, port: number, event: unknown, options: InvokeAgentCoreWsOptions): Promise<AgentCoreWsResult>;
315
+ //#endregion
316
+ //#region src/local/env-resolver.d.ts
317
+ interface EnvResolutionResult {
318
+ resolved: Record<string, string>;
319
+ unresolved: string[];
320
+ }
321
+ interface EnvOverrideFile {
322
+ Parameters?: Record<string, string | null>;
323
+ [logicalIdOrDisplayPath: string]: Record<string, string | null> | undefined;
324
+ }
325
+ declare function resolveEnvVars(logicalId: string, displayPath: string | undefined, templateEnv: Record<string, unknown> | undefined, overrides?: EnvOverrideFile): EnvResolutionResult;
326
+ //#endregion
327
+ //#region src/cli/config-loader.d.ts
328
+ interface CdkWatchConfig {
329
+ include: string[];
330
+ exclude: string[];
331
+ }
332
+ declare function resolveWatchConfig(): CdkWatchConfig;
333
+ //#endregion
334
+ //#region src/local/httpv2-service-integration.d.ts
335
+ type SupportedSubtype = 'EventBridge-PutEvents' | 'SQS-SendMessage' | 'SQS-ReceiveMessage' | 'SQS-DeleteMessage' | 'SQS-PurgeQueue' | 'Kinesis-PutRecord' | 'StepFunctions-StartExecution' | 'StepFunctions-StartSyncExecution' | 'StepFunctions-StopExecution' | 'AppConfig-GetConfiguration';
336
+ //#endregion
337
+ //#region src/local/container-pool.d.ts
338
+ interface ContainerHandle {
339
+ logicalId: string;
340
+ containerId: string;
341
+ containerName: string;
342
+ hostPort: number;
343
+ containerHost: string;
344
+ stopLogStream: () => void;
345
+ }
346
+ interface ContainerPool {
347
+ acquire(logicalId: string): Promise<ContainerHandle>;
348
+ release(handle: ContainerHandle): void;
349
+ dispose(): Promise<void>;
350
+ }
351
+ //#endregion
352
+ //#region src/local/vtl-engine.d.ts
353
+ declare class VtlEvaluationError extends Error {
354
+ constructor(message: string);
355
+ }
356
+ //#endregion
357
+ //#region src/local/integration-response-selector.d.ts
358
+ interface IntegrationResponseEntry {
359
+ StatusCode: string;
360
+ SelectionPattern?: string;
361
+ ResponseParameters?: Record<string, string>;
362
+ ResponseTemplates?: Record<string, string>;
363
+ ContentHandling?: string;
364
+ }
365
+ interface SelectedIntegrationResponse {
366
+ entry: IntegrationResponseEntry | null;
367
+ statusCode: number;
368
+ }
369
+ declare function selectIntegrationResponse(entries: IntegrationResponseEntry[] | undefined, matchTarget: string, fallbackStatusCode?: number): SelectedIntegrationResponse;
370
+ declare function tryParseStatus(raw: unknown): number | undefined;
371
+ declare function evaluateResponseParameters(responseParameters: Record<string, string> | undefined, opts?: {
372
+ onUnsupported?: (key: string, value: string, reason: string) => void;
373
+ }): Record<string, string>;
374
+ declare function pickResponseTemplate(responseTemplates: Record<string, string> | undefined, accept: string | undefined): {
375
+ template: string;
376
+ contentType: string;
377
+ } | undefined;
378
+ //#endregion
379
+ //#region src/local/rest-v1-integrations.d.ts
380
+ interface MockIntegrationConfig {
381
+ kind: 'mock';
382
+ requestTemplate: string | undefined;
383
+ responses: IntegrationResponseEntry[];
384
+ }
385
+ interface HttpProxyIntegrationConfig {
386
+ kind: 'http-proxy';
387
+ uri: string;
388
+ integrationHttpMethod?: string;
389
+ requestParameters?: Record<string, string>;
390
+ responses: IntegrationResponseEntry[];
391
+ }
392
+ interface HttpIntegrationConfig {
393
+ kind: 'http';
394
+ uri: string;
395
+ integrationHttpMethod?: string;
396
+ requestParameters?: Record<string, string>;
397
+ requestTemplates?: Record<string, string>;
398
+ responses: IntegrationResponseEntry[];
399
+ }
400
+ interface AwsLambdaIntegrationConfig {
401
+ kind: 'aws-lambda';
402
+ lambdaLogicalId: string;
403
+ requestTemplates?: Record<string, string>;
404
+ responses: IntegrationResponseEntry[];
405
+ }
406
+ //#endregion
407
+ //#region src/local/route-discovery.d.ts
408
+ type RestV1IntegrationConfig = MockIntegrationConfig | HttpProxyIntegrationConfig | HttpIntegrationConfig | AwsLambdaIntegrationConfig;
409
+ interface DiscoveredRoute {
410
+ method: string;
411
+ pathPattern: string;
412
+ lambdaLogicalId: string;
413
+ source: 'http-api' | 'rest-v1' | 'function-url';
414
+ apiVersion: 'v1' | 'v2';
415
+ stage: string;
416
+ apiLogicalId?: string;
417
+ apiStackName?: string;
418
+ apiCdkPath?: string;
419
+ stageVariables?: Record<string, string> | null;
420
+ invokeMode?: 'BUFFERED' | 'RESPONSE_STREAM';
421
+ unsupported?: {
422
+ reason: string;
423
+ };
424
+ mockCors?: {
425
+ statusCode: number;
426
+ headers: Record<string, string>;
427
+ };
428
+ serviceIntegration?: {
429
+ subtype: SupportedSubtype;
430
+ requestParameters: Readonly<Record<string, unknown>>;
431
+ responseParameters?: Readonly<Record<string, Readonly<Record<string, string>>>>;
432
+ };
433
+ restV1Integration?: RestV1IntegrationConfig;
434
+ declaredAt: string;
435
+ }
436
+ declare function discoverRoutes(stacks: readonly StackInfo[]): DiscoveredRoute[];
437
+ //#endregion
438
+ //#region src/local/cors-handler.d.ts
439
+ interface CorsConfig {
440
+ AllowOrigins: string[];
441
+ AllowMethods: string[];
442
+ AllowHeaders: string[];
443
+ ExposeHeaders: string[];
444
+ MaxAge?: number;
445
+ AllowCredentials?: boolean;
446
+ }
447
+ declare function buildCorsConfigByApiId(template: CloudFormationTemplate): Map<string, CorsConfig>;
448
+ declare function buildCorsConfigFromCloudFrontChain(template: CloudFormationTemplate): Map<string, CorsConfig>;
449
+ declare function isFunctionUrlOacFronted(template: CloudFormationTemplate, fnUrlLogicalId: string): boolean;
450
+ interface PreflightResponse {
451
+ statusCode: number;
452
+ headers: Record<string, string>;
453
+ }
454
+ declare function matchPreflight(req: {
455
+ method: string;
456
+ headers: Record<string, string[]>;
457
+ }, config: CorsConfig): PreflightResponse | null;
458
+ declare function applyCorsResponseHeaders(res: ServerResponse, apiLogicalId: string | undefined, corsConfigByApiId: Map<string, CorsConfig>, requestOrigin: string | undefined): void;
459
+ //#endregion
460
+ //#region src/local/authorizer-resolver.d.ts
461
+ interface LambdaTokenAuthorizer {
462
+ kind: 'lambda-token';
463
+ logicalId: string;
464
+ lambdaLogicalId: string;
465
+ tokenHeader: string;
466
+ resultTtlSeconds: number;
467
+ declaredAt: string;
468
+ }
469
+ interface LambdaRequestAuthorizer {
470
+ kind: 'lambda-request';
471
+ logicalId: string;
472
+ lambdaLogicalId: string;
473
+ identitySources: ReadonlyArray<IdentitySourceSelector>;
474
+ resultTtlSeconds: number;
475
+ apiVersion: 'v1' | 'v2';
476
+ declaredAt: string;
477
+ }
478
+ interface CognitoPoolRef {
479
+ userPoolArn: string;
480
+ region: string;
481
+ userPoolId: string;
482
+ }
483
+ interface CognitoUserPoolAuthorizer {
484
+ kind: 'cognito';
485
+ logicalId: string;
486
+ pools: ReadonlyArray<CognitoPoolRef>;
487
+ userPoolArn: string;
488
+ region: string;
489
+ userPoolId: string;
490
+ declaredAt: string;
491
+ }
492
+ interface JwtAuthorizer {
493
+ kind: 'jwt';
494
+ logicalId: string;
495
+ issuer: string;
496
+ audience: ReadonlyArray<string>;
497
+ region?: string;
498
+ userPoolId?: string;
499
+ declaredAt: string;
500
+ }
501
+ interface IamAuthorizer {
502
+ kind: 'iam';
503
+ logicalId: 'AWS_IAM';
504
+ declaredAt: string;
505
+ oacFronted?: boolean;
506
+ }
507
+ type AuthorizerInfo = LambdaTokenAuthorizer | LambdaRequestAuthorizer | CognitoUserPoolAuthorizer | JwtAuthorizer | IamAuthorizer;
508
+ type IdentitySourceSelector = {
509
+ kind: 'header';
510
+ name: string;
511
+ } | {
512
+ kind: 'query';
513
+ name: string;
514
+ } | {
515
+ kind: 'context';
516
+ name: string;
517
+ } | {
518
+ kind: 'stage-variable';
519
+ name: string;
520
+ };
521
+ interface RouteWithAuth {
522
+ route: DiscoveredRoute;
523
+ authorizer?: AuthorizerInfo;
524
+ }
525
+ declare function attachAuthorizers(stacks: readonly StackInfo[], routes: readonly DiscoveredRoute[]): RouteWithAuth[];
526
+ //#endregion
527
+ //#region src/local/authorizer-cache.d.ts
528
+ interface CachedAuthorizerResult {
529
+ allow: boolean;
530
+ principalId?: string;
531
+ context?: Record<string, unknown>;
532
+ policy?: unknown;
533
+ }
534
+ interface AuthorizerCache {
535
+ get(authorizerLogicalId: string, identityHash: string): CachedAuthorizerResult | undefined;
536
+ set(authorizerLogicalId: string, identityHash: string, ttlSeconds: number, result: CachedAuthorizerResult): void;
537
+ clear(): void;
538
+ size(): number;
539
+ }
540
+ declare function createAuthorizerCache(opts?: {
541
+ now?: () => number;
542
+ }): AuthorizerCache;
543
+ //#endregion
544
+ //#region src/local/cognito-jwt.d.ts
545
+ interface JwksKey {
546
+ kid: string;
547
+ n: string;
548
+ e: string;
549
+ alg?: string;
550
+ kty: string;
551
+ use?: string;
552
+ }
553
+ interface JwksCacheEntry {
554
+ byKid: Map<string, JwksKey>;
555
+ expiresAt: number;
556
+ passThrough: boolean;
557
+ }
558
+ interface JwksCache {
559
+ fetchAndCache(jwksUrl: string): Promise<JwksCacheEntry>;
560
+ peek(jwksUrl: string): JwksCacheEntry | undefined;
561
+ clear(): void;
562
+ }
563
+ declare function createJwksCache(opts?: {
564
+ fetchImpl?: (url: string) => Promise<{
565
+ ok: boolean;
566
+ status: number;
567
+ text: () => Promise<string>;
568
+ }>;
569
+ now?: () => number;
570
+ ttlMs?: number;
571
+ failureTtlMs?: number;
572
+ }): JwksCache;
573
+ declare function buildCognitoJwksUrl(region: string, userPoolId: string): string;
574
+ declare function buildJwksUrlFromIssuer(issuer: string): string;
575
+ declare function verifyCognitoJwt(authorizer: CognitoUserPoolAuthorizer, authorizationHeader: string | undefined, jwksCache: JwksCache, opts?: {
576
+ now?: () => number;
577
+ warned?: Set<string>;
578
+ }): Promise<CachedAuthorizerResult & {
579
+ identityHash: string | undefined;
580
+ ttlSeconds: number;
581
+ }>;
582
+ declare function verifyJwtAuthorizer(authorizer: JwtAuthorizer, authorizationHeader: string | undefined, jwksCache: JwksCache, opts?: {
583
+ now?: () => number;
584
+ warned?: Set<string>;
585
+ }): Promise<CachedAuthorizerResult & {
586
+ identityHash: string | undefined;
587
+ ttlSeconds: number;
588
+ }>;
589
+ interface DiscoveryJwtAuthorizer {
590
+ discoveryUrl: string;
591
+ allowedAudience?: readonly string[];
592
+ allowedClients?: readonly string[];
593
+ }
594
+ declare function verifyJwtViaDiscovery(authorizer: DiscoveryJwtAuthorizer, authorizationHeader: string | undefined, jwksCache: JwksCache, opts?: {
595
+ now?: () => number;
596
+ warned?: Set<string>;
597
+ fetchImpl?: (url: string) => Promise<{
598
+ ok: boolean;
599
+ status: number;
600
+ text: () => Promise<string>;
601
+ }>;
602
+ }): Promise<CachedAuthorizerResult & {
603
+ identityHash: string | undefined;
604
+ ttlSeconds: number;
605
+ }>;
606
+ //#endregion
607
+ //#region src/local/sigv4-verify.d.ts
608
+ interface ResolvedCredentials {
609
+ accessKeyId: string;
610
+ secretAccessKey: string;
611
+ sessionToken?: string | undefined;
612
+ }
613
+ type CredentialsLoader = () => Promise<ResolvedCredentials>;
614
+ declare function defaultCredentialsLoader(): CredentialsLoader;
615
+ //#endregion
616
+ //#region src/local/http-server.d.ts
617
+ interface ServerState {
618
+ routes: readonly RouteWithAuth[];
619
+ pool: ContainerPool;
620
+ corsConfigByApiId: Map<string, CorsConfig>;
621
+ }
622
+ interface StartApiServerOptions {
623
+ state: ServerState;
624
+ rieTimeoutMs: number;
625
+ host: string;
626
+ port: number;
627
+ authorizerCache?: AuthorizerCache;
628
+ jwksCache?: JwksCache;
629
+ jwksWarnedUrls?: Set<string>;
630
+ mtls?: MtlsServerConfig;
631
+ sigV4CredentialsLoader?: CredentialsLoader;
632
+ sigV4WarnedForeignIds?: Set<string>;
633
+ sigV4Strict?: boolean;
634
+ defaultRegion?: string;
635
+ preDispatch?: (req: IncomingMessage, res: ServerResponse) => Promise<boolean>;
636
+ }
637
+ interface MtlsServerConfig {
638
+ caPem: Buffer;
639
+ certPem: Buffer;
640
+ keyPem: Buffer;
641
+ }
642
+ interface StartedApiServer {
643
+ port: number;
644
+ host: string;
645
+ scheme: 'http' | 'https';
646
+ server: Server;
647
+ close: () => Promise<void>;
648
+ setServerState: (next: ServerState) => ServerState;
649
+ getServerState: () => ServerState;
650
+ }
651
+ declare function startApiServer(opts: StartApiServerOptions): Promise<StartedApiServer>;
652
+ declare function readMtlsMaterialsFromDisk(opts: {
653
+ truststorePath: string;
654
+ certPath: string;
655
+ keyPath: string;
656
+ }): MtlsServerConfig;
657
+ //#endregion
658
+ //#region src/cli/commands/local-start-api.d.ts
659
+ interface CreateLocalStartApiCommandOptions {
660
+ extraStateProviders?: ExtraStateProviders;
661
+ embedConfig?: CdkLocalEmbedConfig;
662
+ }
663
+ interface WatchPredicates {
664
+ ignored: (absPath: string) => boolean;
665
+ shouldTrigger: (absPath: string) => boolean;
666
+ excludePatterns: string[];
667
+ }
668
+ declare function createWatchPredicates(args: {
669
+ watchRoot: string;
670
+ output: string;
671
+ watchConfig: CdkWatchConfig;
672
+ }): WatchPredicates;
673
+ interface ApiTargetSubset {
674
+ readonly filtered: RouteWithAuth[];
675
+ readonly unmatched: string[];
676
+ }
677
+ declare function resolveApiTargetSubset(routes: readonly RouteWithAuth[], identifiers: readonly string[], stackNames: readonly string[]): ApiTargetSubset;
678
+ declare function createLocalStartApiCommand(opts?: CreateLocalStartApiCommandOptions): Command;
679
+ //#endregion
680
+ //#region src/local/ecs-task-resolver.d.ts
681
+ declare class EcsTaskResolutionError extends Error {
682
+ constructor(message: string);
683
+ }
684
+ //#endregion
685
+ //#region src/utils/error-handler.d.ts
686
+ declare class CdkLocalError extends Error {
687
+ readonly code: string;
688
+ readonly cause: Error | undefined;
689
+ constructor(message: string, code: string, cause?: Error);
690
+ }
691
+ declare class LocalInvokeBuildError extends CdkLocalError {
692
+ constructor(message: string, cause?: Error);
693
+ }
694
+ //#endregion
695
+ export { InvokeAgentCoreWsOptions as $, substituteAgainstStateAsync as $t, RouteWithAuth as A, resetEmbedConfig as At, discoverRoutes as B, resolveCfnRegion as Bt, verifyJwtViaDiscovery as C, derivePseudoParametersFromRegion as Ct, AuthorizerInfo as D, StackInfo as Dt, createAuthorizerCache as E, ResolvedArnLambdaLayer as Et, buildCorsConfigFromCloudFrontChain as F, LocalStateSourceOptions as Ft, tryParseStatus as G, SsmParameterRef as Gt, evaluateResponseParameters as H, LocalStateProvider as Ht, isFunctionUrlOacFronted as I, createLocalStateProvider as It, CdkWatchConfig as J, CrossStackResolver as Jt, VtlEvaluationError as K, collectSsmParameterRefs as Kt, matchPreflight as L, isCfnFlagPresent as Lt, CorsConfig as M, ExtraStateProviders as Mt, applyCorsResponseHeaders as N, LocalStateProviderFactory as Nt, LambdaRequestAuthorizer as O, CdkLocalEmbedConfig as Ot, buildCorsConfigByApiId as P, LocalStateSourceError as Pt, AgentCoreWsResult as Q, substituteAgainstState as Qt, DiscoveredRoute as R, rejectExplicitCfnStackWithMultipleStacks as Rt, verifyJwtAuthorizer as S, ImageResolutionContext as St, CachedAuthorizerResult as T, tryResolveImageFnJoin as Tt, pickResponseTemplate as U, LocalStateRecord as Ut, IntegrationResponseEntry as V, resolveCfnStackName as Vt, selectIntegrationResponse as W, ResolvedSsmParameters as Wt, EnvOverrideFile as X, StateEnvSubstitutionAudit as Xt, resolveWatchConfig as Y, PseudoParameters as Yt, resolveEnvVars as Z, SubstitutionContext as Zt, JwksCache as _, AgentCoreCodeArtifact as _t, WatchPredicates as a, McpInvokeResult as at, createJwksCache as b, ResolvedAgentCoreRuntime as bt, resolveApiTargetSubset as c, parseSseForJsonRpc as ct, StartedApiServer as d, InvokeAgentCoreOptions as dt, substituteEnvVarsFromState as en, invokeAgentCoreWs as et, readMtlsMaterialsFromDisk as f, invokeAgentCore as ft, DiscoveryJwtAuthorizer as g, AGENTCORE_RUNTIME_TYPE as gt, defaultCredentialsLoader as h, AGENTCORE_MCP_PROTOCOL as ht, CreateLocalStartApiCommandOptions as i, McpInvokeOptions as it, attachAuthorizers as j, setEmbedConfig as jt, LambdaTokenAuthorizer as k, getEmbedConfig as kt, MtlsServerConfig as l, AGENTCORE_SESSION_ID_HEADER as lt, CredentialsLoader as m, AGENTCORE_HTTP_PROTOCOL as mt, EcsTaskResolutionError as n, CloudFormationTemplate as nn, MCP_PATH as nt, createLocalStartApiCommand as o, McpJsonRpcRequest as ot, startApiServer as p, waitForAgentCorePing as pt, ContainerPool as q, resolveSsmParameters as qt, ApiTargetSubset as r, MCP_PROTOCOL_VERSION as rt, createWatchPredicates as s, mcpInvokeOnce as st, LocalInvokeBuildError as t, substituteEnvVarsFromStateAsync as tn, MCP_CONTAINER_PORT as tt, ServerState as u, AgentCoreInvokeResult as ut, buildCognitoJwksUrl as v, AgentCoreJwtAuthorizer as vt, AuthorizerCache as w, substituteImagePlaceholders as wt, verifyCognitoJwt as x, resolveAgentCoreTarget as xt, buildJwksUrlFromIssuer as y, AgentCoreResolutionError as yt, RestV1IntegrationConfig as z, resolveCfnFallbackRegion as zt };
696
+ //# sourceMappingURL=error-handler-BfysjFFj.d.ts.map