cdk-turso 0.2.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +1480 -146
- package/AGENTS.md +7 -4
- package/API.md +254 -32
- package/README.md +38 -16
- package/lib/handler/index.d.ts +4 -21
- package/lib/handler/index.js +107 -20
- package/lib/index.d.ts +1 -0
- package/lib/index.js +4 -2
- package/lib/turso-auth-token.d.ts +8 -3
- package/lib/turso-auth-token.js +7 -22
- package/lib/turso-database.d.ts +2 -4
- package/lib/turso-database.js +4 -21
- package/lib/turso-provider.d.ts +34 -0
- package/lib/turso-provider.js +40 -0
- package/package.json +7 -7
- package/lib/handler-auth-token/index.d.ts +0 -15
- package/lib/handler-auth-token/index.js +0 -708
package/AGENTS.md
CHANGED
|
@@ -32,10 +32,13 @@ Most config files are **generated by projen** and must NOT be edited directly. T
|
|
|
32
32
|
```
|
|
33
33
|
src/
|
|
34
34
|
index.ts # Barrel exports — all public symbols re-exported here
|
|
35
|
-
turso-database.ts # Main CDK construct
|
|
36
|
-
|
|
35
|
+
turso-database.ts # Main CDK construct for Turso databases
|
|
36
|
+
turso-auth-token.ts # Auth token generation construct
|
|
37
|
+
turso-provider.ts # Shared CloudFormation custom resource provider
|
|
38
|
+
handler/index.ts # Lambda handler for custom resources (bundled via esbuild)
|
|
37
39
|
test/
|
|
38
40
|
turso-database.test.ts # Construct unit tests (CDK assertions)
|
|
41
|
+
turso-auth-token.test.ts # Auth token construct tests
|
|
39
42
|
handler.test.ts # Handler unit tests (Jest mocks)
|
|
40
43
|
lib/ # Compiled output (generated, gitignored)
|
|
41
44
|
dist/ # Distribution packages (generated, gitignored)
|
|
@@ -109,13 +112,13 @@ Biome is the sole linter and formatter. ESLint is disabled.
|
|
|
109
112
|
- Extend `Construct` from `constructs`, not from `aws-cdk-lib`
|
|
110
113
|
- Constructor signature: `constructor(scope: Construct, id: string, props: XxxProps)`
|
|
111
114
|
- Call `super(scope, id)` first
|
|
112
|
-
- Validate inputs in constructor with `throw new Error(...)` for bad values
|
|
115
|
+
- Validate inputs in constructor with `throw new Error(...)` for bad values (regex checks, length limits)
|
|
113
116
|
- Custom resource pattern: Lambda Function → Provider → CustomResource
|
|
114
117
|
- Expose outputs as `public readonly` properties via `cr.getAttString("AttrName")`
|
|
115
118
|
|
|
116
119
|
## Error Handling
|
|
117
120
|
|
|
118
|
-
- **Constructor validation**: throw `new Error(...)` with clear messages for invalid props
|
|
121
|
+
- **Constructor validation**: throw `new Error(...)` with clear messages for invalid props
|
|
119
122
|
- **Handler errors**: include HTTP status and response text: `throw new Error(\`Failed to create: ${response.status} ${errorText}\`)`
|
|
120
123
|
- **Environment checks**: throw early if required env vars are missing
|
|
121
124
|
- **Idempotent deletes**: tolerate 404 on delete operations
|
package/API.md
CHANGED
|
@@ -62,7 +62,7 @@ Returns a string representation of this construct.
|
|
|
62
62
|
|
|
63
63
|
---
|
|
64
64
|
|
|
65
|
-
#####
|
|
65
|
+
##### `isConstruct` <a name="isConstruct" id="cdk-turso.TursoAuthToken.isConstruct"></a>
|
|
66
66
|
|
|
67
67
|
```typescript
|
|
68
68
|
import { TursoAuthToken } from 'cdk-turso'
|
|
@@ -72,6 +72,20 @@ TursoAuthToken.isConstruct(x: any)
|
|
|
72
72
|
|
|
73
73
|
Checks if `x` is a construct.
|
|
74
74
|
|
|
75
|
+
Use this method instead of `instanceof` to properly detect `Construct`
|
|
76
|
+
instances, even when the construct library is symlinked.
|
|
77
|
+
|
|
78
|
+
Explanation: in JavaScript, multiple copies of the `constructs` library on
|
|
79
|
+
disk are seen as independent, completely different libraries. As a
|
|
80
|
+
consequence, the class `Construct` in each copy of the `constructs` library
|
|
81
|
+
is seen as a different class, and an instance of one class will not test as
|
|
82
|
+
`instanceof` the other class. `npm install` will not create installations
|
|
83
|
+
like this, but users may manually symlink construct libraries together or
|
|
84
|
+
use a monorepo tool: in those cases, multiple copies of the `constructs`
|
|
85
|
+
library can be accidentally installed, and `instanceof` will behave
|
|
86
|
+
unpredictably. It is safest to avoid using `instanceof`, and using
|
|
87
|
+
this type-testing method instead.
|
|
88
|
+
|
|
75
89
|
###### `x`<sup>Required</sup> <a name="x" id="cdk-turso.TursoAuthToken.isConstruct.parameter.x"></a>
|
|
76
90
|
|
|
77
91
|
- *Type:* any
|
|
@@ -174,7 +188,7 @@ Returns a string representation of this construct.
|
|
|
174
188
|
|
|
175
189
|
---
|
|
176
190
|
|
|
177
|
-
#####
|
|
191
|
+
##### `isConstruct` <a name="isConstruct" id="cdk-turso.TursoDatabase.isConstruct"></a>
|
|
178
192
|
|
|
179
193
|
```typescript
|
|
180
194
|
import { TursoDatabase } from 'cdk-turso'
|
|
@@ -184,6 +198,20 @@ TursoDatabase.isConstruct(x: any)
|
|
|
184
198
|
|
|
185
199
|
Checks if `x` is a construct.
|
|
186
200
|
|
|
201
|
+
Use this method instead of `instanceof` to properly detect `Construct`
|
|
202
|
+
instances, even when the construct library is symlinked.
|
|
203
|
+
|
|
204
|
+
Explanation: in JavaScript, multiple copies of the `constructs` library on
|
|
205
|
+
disk are seen as independent, completely different libraries. As a
|
|
206
|
+
consequence, the class `Construct` in each copy of the `constructs` library
|
|
207
|
+
is seen as a different class, and an instance of one class will not test as
|
|
208
|
+
`instanceof` the other class. `npm install` will not create installations
|
|
209
|
+
like this, but users may manually symlink construct libraries together or
|
|
210
|
+
use a monorepo tool: in those cases, multiple copies of the `constructs`
|
|
211
|
+
library can be accidentally installed, and `instanceof` will behave
|
|
212
|
+
unpredictably. It is safest to avoid using `instanceof`, and using
|
|
213
|
+
this type-testing method instead.
|
|
214
|
+
|
|
187
215
|
###### `x`<sup>Required</sup> <a name="x" id="cdk-turso.TursoDatabase.isConstruct.parameter.x"></a>
|
|
188
216
|
|
|
189
217
|
- *Type:* any
|
|
@@ -197,11 +225,9 @@ Any object.
|
|
|
197
225
|
| **Name** | **Type** | **Description** |
|
|
198
226
|
| --- | --- | --- |
|
|
199
227
|
| <code><a href="#cdk-turso.TursoDatabase.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
|
|
200
|
-
| <code><a href="#cdk-turso.TursoDatabase.property.apiToken">apiToken</a></code> | <code>aws-cdk-lib.aws_ssm.IParameter</code> | *No description.* |
|
|
201
228
|
| <code><a href="#cdk-turso.TursoDatabase.property.databaseName">databaseName</a></code> | <code>string</code> | *No description.* |
|
|
202
229
|
| <code><a href="#cdk-turso.TursoDatabase.property.dbId">dbId</a></code> | <code>string</code> | *No description.* |
|
|
203
230
|
| <code><a href="#cdk-turso.TursoDatabase.property.hostname">hostname</a></code> | <code>string</code> | DNS hostname for the database (e.g., `my-db-my-org.turso.io`). Use with libSQL or HTTP connections. |
|
|
204
|
-
| <code><a href="#cdk-turso.TursoDatabase.property.organizationSlug">organizationSlug</a></code> | <code>string</code> | *No description.* |
|
|
205
231
|
|
|
206
232
|
---
|
|
207
233
|
|
|
@@ -217,16 +243,6 @@ The tree node.
|
|
|
217
243
|
|
|
218
244
|
---
|
|
219
245
|
|
|
220
|
-
##### `apiToken`<sup>Required</sup> <a name="apiToken" id="cdk-turso.TursoDatabase.property.apiToken"></a>
|
|
221
|
-
|
|
222
|
-
```typescript
|
|
223
|
-
public readonly apiToken: IParameter;
|
|
224
|
-
```
|
|
225
|
-
|
|
226
|
-
- *Type:* aws-cdk-lib.aws_ssm.IParameter
|
|
227
|
-
|
|
228
|
-
---
|
|
229
|
-
|
|
230
246
|
##### `databaseName`<sup>Required</sup> <a name="databaseName" id="cdk-turso.TursoDatabase.property.databaseName"></a>
|
|
231
247
|
|
|
232
248
|
```typescript
|
|
@@ -259,14 +275,151 @@ DNS hostname for the database (e.g., `my-db-my-org.turso.io`). Use with libSQL o
|
|
|
259
275
|
|
|
260
276
|
---
|
|
261
277
|
|
|
262
|
-
|
|
278
|
+
|
|
279
|
+
### TursoProvider <a name="TursoProvider" id="cdk-turso.TursoProvider"></a>
|
|
280
|
+
|
|
281
|
+
Shared Lambda + CloudFormation custom-resource provider for all Turso resources.
|
|
282
|
+
|
|
283
|
+
Create one per stack and pass it to every
|
|
284
|
+
`TursoDatabase`, `TursoAuthToken`, etc.
|
|
285
|
+
|
|
286
|
+
#### Initializers <a name="Initializers" id="cdk-turso.TursoProvider.Initializer"></a>
|
|
263
287
|
|
|
264
288
|
```typescript
|
|
265
|
-
|
|
289
|
+
import { TursoProvider } from 'cdk-turso'
|
|
290
|
+
|
|
291
|
+
new TursoProvider(scope: Construct, id: string, props: TursoProviderProps)
|
|
292
|
+
```
|
|
293
|
+
|
|
294
|
+
| **Name** | **Type** | **Description** |
|
|
295
|
+
| --- | --- | --- |
|
|
296
|
+
| <code><a href="#cdk-turso.TursoProvider.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
|
|
297
|
+
| <code><a href="#cdk-turso.TursoProvider.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
|
|
298
|
+
| <code><a href="#cdk-turso.TursoProvider.Initializer.parameter.props">props</a></code> | <code><a href="#cdk-turso.TursoProviderProps">TursoProviderProps</a></code> | *No description.* |
|
|
299
|
+
|
|
300
|
+
---
|
|
301
|
+
|
|
302
|
+
##### `scope`<sup>Required</sup> <a name="scope" id="cdk-turso.TursoProvider.Initializer.parameter.scope"></a>
|
|
303
|
+
|
|
304
|
+
- *Type:* constructs.Construct
|
|
305
|
+
|
|
306
|
+
---
|
|
307
|
+
|
|
308
|
+
##### `id`<sup>Required</sup> <a name="id" id="cdk-turso.TursoProvider.Initializer.parameter.id"></a>
|
|
309
|
+
|
|
310
|
+
- *Type:* string
|
|
311
|
+
|
|
312
|
+
---
|
|
313
|
+
|
|
314
|
+
##### `props`<sup>Required</sup> <a name="props" id="cdk-turso.TursoProvider.Initializer.parameter.props"></a>
|
|
315
|
+
|
|
316
|
+
- *Type:* <a href="#cdk-turso.TursoProviderProps">TursoProviderProps</a>
|
|
317
|
+
|
|
318
|
+
---
|
|
319
|
+
|
|
320
|
+
#### Methods <a name="Methods" id="Methods"></a>
|
|
321
|
+
|
|
322
|
+
| **Name** | **Description** |
|
|
323
|
+
| --- | --- |
|
|
324
|
+
| <code><a href="#cdk-turso.TursoProvider.toString">toString</a></code> | Returns a string representation of this construct. |
|
|
325
|
+
|
|
326
|
+
---
|
|
327
|
+
|
|
328
|
+
##### `toString` <a name="toString" id="cdk-turso.TursoProvider.toString"></a>
|
|
329
|
+
|
|
330
|
+
```typescript
|
|
331
|
+
public toString(): string
|
|
332
|
+
```
|
|
333
|
+
|
|
334
|
+
Returns a string representation of this construct.
|
|
335
|
+
|
|
336
|
+
#### Static Functions <a name="Static Functions" id="Static Functions"></a>
|
|
337
|
+
|
|
338
|
+
| **Name** | **Description** |
|
|
339
|
+
| --- | --- |
|
|
340
|
+
| <code><a href="#cdk-turso.TursoProvider.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
|
|
341
|
+
|
|
342
|
+
---
|
|
343
|
+
|
|
344
|
+
##### `isConstruct` <a name="isConstruct" id="cdk-turso.TursoProvider.isConstruct"></a>
|
|
345
|
+
|
|
346
|
+
```typescript
|
|
347
|
+
import { TursoProvider } from 'cdk-turso'
|
|
348
|
+
|
|
349
|
+
TursoProvider.isConstruct(x: any)
|
|
350
|
+
```
|
|
351
|
+
|
|
352
|
+
Checks if `x` is a construct.
|
|
353
|
+
|
|
354
|
+
Use this method instead of `instanceof` to properly detect `Construct`
|
|
355
|
+
instances, even when the construct library is symlinked.
|
|
356
|
+
|
|
357
|
+
Explanation: in JavaScript, multiple copies of the `constructs` library on
|
|
358
|
+
disk are seen as independent, completely different libraries. As a
|
|
359
|
+
consequence, the class `Construct` in each copy of the `constructs` library
|
|
360
|
+
is seen as a different class, and an instance of one class will not test as
|
|
361
|
+
`instanceof` the other class. `npm install` will not create installations
|
|
362
|
+
like this, but users may manually symlink construct libraries together or
|
|
363
|
+
use a monorepo tool: in those cases, multiple copies of the `constructs`
|
|
364
|
+
library can be accidentally installed, and `instanceof` will behave
|
|
365
|
+
unpredictably. It is safest to avoid using `instanceof`, and using
|
|
366
|
+
this type-testing method instead.
|
|
367
|
+
|
|
368
|
+
###### `x`<sup>Required</sup> <a name="x" id="cdk-turso.TursoProvider.isConstruct.parameter.x"></a>
|
|
369
|
+
|
|
370
|
+
- *Type:* any
|
|
371
|
+
|
|
372
|
+
Any object.
|
|
373
|
+
|
|
374
|
+
---
|
|
375
|
+
|
|
376
|
+
#### Properties <a name="Properties" id="Properties"></a>
|
|
377
|
+
|
|
378
|
+
| **Name** | **Type** | **Description** |
|
|
379
|
+
| --- | --- | --- |
|
|
380
|
+
| <code><a href="#cdk-turso.TursoProvider.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
|
|
381
|
+
| <code><a href="#cdk-turso.TursoProvider.property.handler">handler</a></code> | <code>aws-cdk-lib.aws_lambda.Function</code> | The Lambda function backing all Turso custom resources. |
|
|
382
|
+
| <code><a href="#cdk-turso.TursoProvider.property.serviceToken">serviceToken</a></code> | <code>string</code> | The CDK custom-resource provider service token. |
|
|
383
|
+
|
|
384
|
+
---
|
|
385
|
+
|
|
386
|
+
##### `node`<sup>Required</sup> <a name="node" id="cdk-turso.TursoProvider.property.node"></a>
|
|
387
|
+
|
|
388
|
+
```typescript
|
|
389
|
+
public readonly node: Node;
|
|
390
|
+
```
|
|
391
|
+
|
|
392
|
+
- *Type:* constructs.Node
|
|
393
|
+
|
|
394
|
+
The tree node.
|
|
395
|
+
|
|
396
|
+
---
|
|
397
|
+
|
|
398
|
+
##### `handler`<sup>Required</sup> <a name="handler" id="cdk-turso.TursoProvider.property.handler"></a>
|
|
399
|
+
|
|
400
|
+
```typescript
|
|
401
|
+
public readonly handler: Function;
|
|
402
|
+
```
|
|
403
|
+
|
|
404
|
+
- *Type:* aws-cdk-lib.aws_lambda.Function
|
|
405
|
+
|
|
406
|
+
The Lambda function backing all Turso custom resources.
|
|
407
|
+
|
|
408
|
+
Use this to attach additional IAM permissions when a resource
|
|
409
|
+
type needs them (e.g. `ssm:PutParameter` for auth-token storage).
|
|
410
|
+
|
|
411
|
+
---
|
|
412
|
+
|
|
413
|
+
##### `serviceToken`<sup>Required</sup> <a name="serviceToken" id="cdk-turso.TursoProvider.property.serviceToken"></a>
|
|
414
|
+
|
|
415
|
+
```typescript
|
|
416
|
+
public readonly serviceToken: string;
|
|
266
417
|
```
|
|
267
418
|
|
|
268
419
|
- *Type:* string
|
|
269
420
|
|
|
421
|
+
The CDK custom-resource provider service token.
|
|
422
|
+
|
|
270
423
|
---
|
|
271
424
|
|
|
272
425
|
|
|
@@ -286,22 +439,36 @@ const tursoAuthTokenProps: TursoAuthTokenProps = { ... }
|
|
|
286
439
|
|
|
287
440
|
| **Name** | **Type** | **Description** |
|
|
288
441
|
| --- | --- | --- |
|
|
289
|
-
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.
|
|
442
|
+
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.databaseName">databaseName</a></code> | <code>string</code> | The name of the Turso database to create an auth token for. |
|
|
443
|
+
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.organizationSlug">organizationSlug</a></code> | <code>string</code> | The Turso organization slug that owns the database. |
|
|
290
444
|
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.parameterName">parameterName</a></code> | <code>string</code> | The SSM parameter name where the generated JWT will be stored as a SecureString. |
|
|
445
|
+
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.provider">provider</a></code> | <code><a href="#cdk-turso.TursoProvider">TursoProvider</a></code> | *No description.* |
|
|
291
446
|
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.authorization">authorization</a></code> | <code>string</code> | Authorization level for the token. |
|
|
292
447
|
| <code><a href="#cdk-turso.TursoAuthTokenProps.property.expiration">expiration</a></code> | <code>string</code> | Expiration time for the token (e.g., `"2w"`, `"1d30m"`). |
|
|
293
448
|
|
|
294
449
|
---
|
|
295
450
|
|
|
296
|
-
##### `
|
|
451
|
+
##### `databaseName`<sup>Required</sup> <a name="databaseName" id="cdk-turso.TursoAuthTokenProps.property.databaseName"></a>
|
|
452
|
+
|
|
453
|
+
```typescript
|
|
454
|
+
public readonly databaseName: string;
|
|
455
|
+
```
|
|
456
|
+
|
|
457
|
+
- *Type:* string
|
|
458
|
+
|
|
459
|
+
The name of the Turso database to create an auth token for.
|
|
460
|
+
|
|
461
|
+
---
|
|
462
|
+
|
|
463
|
+
##### `organizationSlug`<sup>Required</sup> <a name="organizationSlug" id="cdk-turso.TursoAuthTokenProps.property.organizationSlug"></a>
|
|
297
464
|
|
|
298
465
|
```typescript
|
|
299
|
-
public readonly
|
|
466
|
+
public readonly organizationSlug: string;
|
|
300
467
|
```
|
|
301
468
|
|
|
302
|
-
- *Type:*
|
|
469
|
+
- *Type:* string
|
|
303
470
|
|
|
304
|
-
The Turso
|
|
471
|
+
The Turso organization slug that owns the database.
|
|
305
472
|
|
|
306
473
|
---
|
|
307
474
|
|
|
@@ -317,6 +484,16 @@ The SSM parameter name where the generated JWT will be stored as a SecureString.
|
|
|
317
484
|
|
|
318
485
|
---
|
|
319
486
|
|
|
487
|
+
##### `provider`<sup>Required</sup> <a name="provider" id="cdk-turso.TursoAuthTokenProps.property.provider"></a>
|
|
488
|
+
|
|
489
|
+
```typescript
|
|
490
|
+
public readonly provider: TursoProvider;
|
|
491
|
+
```
|
|
492
|
+
|
|
493
|
+
- *Type:* <a href="#cdk-turso.TursoProvider">TursoProvider</a>
|
|
494
|
+
|
|
495
|
+
---
|
|
496
|
+
|
|
320
497
|
##### `authorization`<sup>Optional</sup> <a name="authorization" id="cdk-turso.TursoAuthTokenProps.property.authorization"></a>
|
|
321
498
|
|
|
322
499
|
```typescript
|
|
@@ -396,26 +573,16 @@ const tursoDatabaseProps: TursoDatabaseProps = { ... }
|
|
|
396
573
|
|
|
397
574
|
| **Name** | **Type** | **Description** |
|
|
398
575
|
| --- | --- | --- |
|
|
399
|
-
| <code><a href="#cdk-turso.TursoDatabaseProps.property.apiToken">apiToken</a></code> | <code>aws-cdk-lib.aws_ssm.IParameter</code> | *No description.* |
|
|
400
576
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.databaseName">databaseName</a></code> | <code>string</code> | *No description.* |
|
|
401
577
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.group">group</a></code> | <code>string</code> | *No description.* |
|
|
402
578
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.organizationSlug">organizationSlug</a></code> | <code>string</code> | *No description.* |
|
|
579
|
+
| <code><a href="#cdk-turso.TursoDatabaseProps.property.provider">provider</a></code> | <code><a href="#cdk-turso.TursoProvider">TursoProvider</a></code> | *No description.* |
|
|
403
580
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.encryption">encryption</a></code> | <code><a href="#cdk-turso.TursoDatabaseEncryption">TursoDatabaseEncryption</a></code> | *No description.* |
|
|
404
581
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.seed">seed</a></code> | <code><a href="#cdk-turso.TursoDatabaseSeed">TursoDatabaseSeed</a></code> | *No description.* |
|
|
405
582
|
| <code><a href="#cdk-turso.TursoDatabaseProps.property.sizeLimit">sizeLimit</a></code> | <code>string</code> | *No description.* |
|
|
406
583
|
|
|
407
584
|
---
|
|
408
585
|
|
|
409
|
-
##### `apiToken`<sup>Required</sup> <a name="apiToken" id="cdk-turso.TursoDatabaseProps.property.apiToken"></a>
|
|
410
|
-
|
|
411
|
-
```typescript
|
|
412
|
-
public readonly apiToken: IParameter;
|
|
413
|
-
```
|
|
414
|
-
|
|
415
|
-
- *Type:* aws-cdk-lib.aws_ssm.IParameter
|
|
416
|
-
|
|
417
|
-
---
|
|
418
|
-
|
|
419
586
|
##### `databaseName`<sup>Required</sup> <a name="databaseName" id="cdk-turso.TursoDatabaseProps.property.databaseName"></a>
|
|
420
587
|
|
|
421
588
|
```typescript
|
|
@@ -446,6 +613,16 @@ public readonly organizationSlug: string;
|
|
|
446
613
|
|
|
447
614
|
---
|
|
448
615
|
|
|
616
|
+
##### `provider`<sup>Required</sup> <a name="provider" id="cdk-turso.TursoDatabaseProps.property.provider"></a>
|
|
617
|
+
|
|
618
|
+
```typescript
|
|
619
|
+
public readonly provider: TursoProvider;
|
|
620
|
+
```
|
|
621
|
+
|
|
622
|
+
- *Type:* <a href="#cdk-turso.TursoProvider">TursoProvider</a>
|
|
623
|
+
|
|
624
|
+
---
|
|
625
|
+
|
|
449
626
|
##### `encryption`<sup>Optional</sup> <a name="encryption" id="cdk-turso.TursoDatabaseProps.property.encryption"></a>
|
|
450
627
|
|
|
451
628
|
```typescript
|
|
@@ -526,5 +703,50 @@ public readonly timestamp: string;
|
|
|
526
703
|
|
|
527
704
|
---
|
|
528
705
|
|
|
706
|
+
### TursoProviderProps <a name="TursoProviderProps" id="cdk-turso.TursoProviderProps"></a>
|
|
707
|
+
|
|
708
|
+
#### Initializer <a name="Initializer" id="cdk-turso.TursoProviderProps.Initializer"></a>
|
|
709
|
+
|
|
710
|
+
```typescript
|
|
711
|
+
import { TursoProviderProps } from 'cdk-turso'
|
|
712
|
+
|
|
713
|
+
const tursoProviderProps: TursoProviderProps = { ... }
|
|
714
|
+
```
|
|
715
|
+
|
|
716
|
+
#### Properties <a name="Properties" id="Properties"></a>
|
|
717
|
+
|
|
718
|
+
| **Name** | **Type** | **Description** |
|
|
719
|
+
| --- | --- | --- |
|
|
720
|
+
| <code><a href="#cdk-turso.TursoProviderProps.property.apiToken">apiToken</a></code> | <code>aws-cdk-lib.aws_ssm.IParameter</code> | SSM parameter that holds the Turso platform API token (stored as SecureString). |
|
|
721
|
+
| <code><a href="#cdk-turso.TursoProviderProps.property.logGroup">logGroup</a></code> | <code>aws-cdk-lib.aws_logs.ILogGroup</code> | Optional log group for the Lambda function. |
|
|
722
|
+
|
|
723
|
+
---
|
|
724
|
+
|
|
725
|
+
##### `apiToken`<sup>Required</sup> <a name="apiToken" id="cdk-turso.TursoProviderProps.property.apiToken"></a>
|
|
726
|
+
|
|
727
|
+
```typescript
|
|
728
|
+
public readonly apiToken: IParameter;
|
|
729
|
+
```
|
|
730
|
+
|
|
731
|
+
- *Type:* aws-cdk-lib.aws_ssm.IParameter
|
|
732
|
+
|
|
733
|
+
SSM parameter that holds the Turso platform API token (stored as SecureString).
|
|
734
|
+
|
|
735
|
+
---
|
|
736
|
+
|
|
737
|
+
##### `logGroup`<sup>Optional</sup> <a name="logGroup" id="cdk-turso.TursoProviderProps.property.logGroup"></a>
|
|
738
|
+
|
|
739
|
+
```typescript
|
|
740
|
+
public readonly logGroup: ILogGroup;
|
|
741
|
+
```
|
|
742
|
+
|
|
743
|
+
- *Type:* aws-cdk-lib.aws_logs.ILogGroup
|
|
744
|
+
|
|
745
|
+
Optional log group for the Lambda function.
|
|
746
|
+
|
|
747
|
+
If not provided, a log group will be automatically created.
|
|
748
|
+
|
|
749
|
+
---
|
|
750
|
+
|
|
529
751
|
|
|
530
752
|
|
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# CDK Turso
|
|
2
2
|
|
|
3
|
-
CDK
|
|
3
|
+
CDK constructs to create [Turso cloud](https://docs.turso.tech/turso-cloud) databases and manage auth tokens.
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
6
|
|
|
@@ -10,30 +10,38 @@ npm install cdk-turso
|
|
|
10
10
|
|
|
11
11
|
## Usage
|
|
12
12
|
|
|
13
|
+
First, create a `TursoProvider` with your API token:
|
|
14
|
+
|
|
13
15
|
```typescript
|
|
14
16
|
import { Stack } from 'aws-cdk-lib';
|
|
15
17
|
import { StringParameter } from 'aws-cdk-lib/aws-ssm';
|
|
16
|
-
import { TursoDatabase } from 'cdk-turso';
|
|
18
|
+
import { TursoProvider, TursoDatabase, TursoAuthToken } from 'cdk-turso';
|
|
17
19
|
|
|
18
20
|
const stack = new Stack();
|
|
19
21
|
|
|
20
|
-
// SSM Parameter containing your Turso API token
|
|
22
|
+
// SSM Parameter containing your Turso API token (must be a SecureString)
|
|
21
23
|
const apiToken = new StringParameter(stack, 'TursoApiToken', {
|
|
22
24
|
parameterName: '/turso/api-token',
|
|
23
25
|
stringValue: 'your-api-token',
|
|
26
|
+
type: ParameterType.SECURE_STRING,
|
|
27
|
+
});
|
|
28
|
+
|
|
29
|
+
// Create the provider (one per stack)
|
|
30
|
+
const provider = new TursoProvider(stack, 'TursoProvider', {
|
|
31
|
+
apiToken,
|
|
24
32
|
});
|
|
25
33
|
|
|
26
34
|
const database = new TursoDatabase(stack, 'Database', {
|
|
35
|
+
provider,
|
|
27
36
|
databaseName: 'my-database',
|
|
28
37
|
group: 'group-name',
|
|
29
38
|
organizationSlug: 'my-org',
|
|
30
|
-
apiToken,
|
|
31
39
|
});
|
|
32
40
|
|
|
33
|
-
//
|
|
34
|
-
database.dbId;
|
|
35
|
-
database.hostname;
|
|
36
|
-
database.databaseName;
|
|
41
|
+
// Access database attributes
|
|
42
|
+
database.dbId; // Database ID
|
|
43
|
+
database.hostname; // Database hostname (e.g., my-database-my-org.turso.io)
|
|
44
|
+
database.databaseName; // Database name
|
|
37
45
|
```
|
|
38
46
|
|
|
39
47
|
### Auth Token
|
|
@@ -41,10 +49,10 @@ database.databaseName; // Database name
|
|
|
41
49
|
Generate a database auth token and store it as a SecureString in SSM Parameter Store:
|
|
42
50
|
|
|
43
51
|
```typescript
|
|
44
|
-
import { TursoAuthToken } from 'cdk-turso';
|
|
45
|
-
|
|
46
52
|
const authToken = new TursoAuthToken(stack, 'AuthToken', {
|
|
47
|
-
|
|
53
|
+
provider,
|
|
54
|
+
databaseName: database.databaseName,
|
|
55
|
+
organizationSlug: 'my-org',
|
|
48
56
|
parameterName: '/turso/db-token',
|
|
49
57
|
expiration: '2w', // optional, default: 'never'
|
|
50
58
|
authorization: 'read-only', // optional, default: 'full-access'
|
|
@@ -56,14 +64,28 @@ authToken.parameterName;
|
|
|
56
64
|
|
|
57
65
|
## API
|
|
58
66
|
|
|
67
|
+
### TursoProviderProps
|
|
68
|
+
|
|
69
|
+
| Prop | Type | Required | Description |
|
|
70
|
+
|------|------|----------|-------------|
|
|
71
|
+
| `apiToken` | `ssm.IParameter` | Yes | SSM Parameter containing the Turso platform API token (must be SecureString) |
|
|
72
|
+
| `logGroup` | `ILogGroup` | No | Optional CloudWatch log group for the Lambda handler |
|
|
73
|
+
|
|
74
|
+
### TursoProvider
|
|
75
|
+
|
|
76
|
+
| Attribute | Type | Description |
|
|
77
|
+
|-----------|------|-------------|
|
|
78
|
+
| `handler` | `Function` | The Lambda function backing all Turso custom resources (for attaching IAM permissions) |
|
|
79
|
+
| `serviceToken` | `string` | The CDK custom-resource provider service token |
|
|
80
|
+
|
|
59
81
|
### TursoDatabaseProps
|
|
60
82
|
|
|
61
83
|
| Prop | Type | Required | Description |
|
|
62
84
|
|------|------|----------|-------------|
|
|
85
|
+
| `provider` | `TursoProvider` | Yes | The Turso provider to use for this database |
|
|
63
86
|
| `databaseName` | `string` | Yes | Database name (lowercase, numbers, dashes only, max 64 chars) |
|
|
64
87
|
| `group` | `string` | Yes | Turso group name (must already exist) |
|
|
65
88
|
| `organizationSlug` | `string` | Yes | Organization slug |
|
|
66
|
-
| `apiToken` | `ssm.IParameter` | Yes | SSM Parameter containing the Turso API token |
|
|
67
89
|
| `sizeLimit` | `string` | No | Size limit (e.g., '256mb') |
|
|
68
90
|
| `seed` | `TursoDatabaseSeed` | No | Database seed configuration |
|
|
69
91
|
| `encryption` | `TursoDatabaseEncryption` | No | Encryption configuration |
|
|
@@ -92,16 +114,16 @@ interface TursoDatabaseEncryption {
|
|
|
92
114
|
| Attribute | Type | Description |
|
|
93
115
|
|-----------|------|-------------|
|
|
94
116
|
| `dbId` | `string` | Turso database ID |
|
|
95
|
-
| `hostname` | `string` | DNS hostname (e.g., `my-
|
|
117
|
+
| `hostname` | `string` | DNS hostname (e.g., `my-database-my-org.turso.io`) for libSQL/HTTP connections |
|
|
96
118
|
| `databaseName` | `string` | Database name |
|
|
97
|
-
| `organizationSlug` | `string` | Organization slug |
|
|
98
|
-
| `apiToken` | `ssm.IParameter` | SSM Parameter containing the Turso API token |
|
|
99
119
|
|
|
100
120
|
### TursoAuthTokenProps
|
|
101
121
|
|
|
102
122
|
| Prop | Type | Required | Description |
|
|
103
123
|
|------|------|----------|-------------|
|
|
104
|
-
| `
|
|
124
|
+
| `provider` | `TursoProvider` | Yes | The Turso provider to use for this auth token |
|
|
125
|
+
| `databaseName` | `string` | Yes | The name of the Turso database to create an auth token for |
|
|
126
|
+
| `organizationSlug` | `string` | Yes | The Turso organization slug that owns the database |
|
|
105
127
|
| `parameterName` | `string` | Yes | SSM parameter name where the generated JWT will be stored as a SecureString |
|
|
106
128
|
| `expiration` | `string` | No | Token expiry (e.g., `'2w'`, `'1d30m'`). Default: `'never'` |
|
|
107
129
|
| `authorization` | `string` | No | `'full-access'` or `'read-only'`. Default: `'full-access'` |
|
package/lib/handler/index.d.ts
CHANGED
|
@@ -3,31 +3,14 @@ export interface CloudFormationCustomResourceEvent {
|
|
|
3
3
|
PhysicalResourceId?: string;
|
|
4
4
|
ResourceProperties: {
|
|
5
5
|
ServiceToken: string;
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
OrganizationSlug: string;
|
|
9
|
-
SizeLimit?: string;
|
|
10
|
-
Seed?: {
|
|
11
|
-
type: string;
|
|
12
|
-
name: string;
|
|
13
|
-
timestamp?: string;
|
|
14
|
-
};
|
|
15
|
-
Encryption?: {
|
|
16
|
-
encryptionKey: string;
|
|
17
|
-
encryptionCipher: string;
|
|
18
|
-
};
|
|
6
|
+
ResourceType: "Database" | "AuthToken";
|
|
7
|
+
[key: string]: unknown;
|
|
19
8
|
};
|
|
20
9
|
OldResourceProperties?: {
|
|
21
|
-
|
|
22
|
-
Group: string;
|
|
23
|
-
OrganizationSlug: string;
|
|
10
|
+
[key: string]: unknown;
|
|
24
11
|
};
|
|
25
12
|
}
|
|
26
13
|
export declare function handler(event: CloudFormationCustomResourceEvent): Promise<{
|
|
27
14
|
PhysicalResourceId: string;
|
|
28
|
-
Data?:
|
|
29
|
-
DbId: string;
|
|
30
|
-
Hostname: string;
|
|
31
|
-
Name: string;
|
|
32
|
-
};
|
|
15
|
+
Data?: Record<string, string>;
|
|
33
16
|
}>;
|