puls-dev 0.1.9 → 0.2.1

package/dist/providers/aws/index.d.ts

@@ -7,6 +7,9 @@ import { FargateBuilder } from "./fargate.js";
 import { RDSBuilder } from "./rds.js";
 import { SQSBuilder } from "./sqs.js";
 import { SecretsBuilder } from "./secrets.js";
+import { IAMRoleBuilder, IAMPolicyBuilder } from "./iam.js";
+import { SNSTopicBuilder } from "./sns.js";
+import { CloudWatchAlarmBuilder } from "./cloudwatch.js";
 export declare const AWS: {
     init: (opts: {
         region: string;
@@ -20,4 +23,9 @@ export declare const AWS: {
     RDS: (name: string) => RDSBuilder;
     SQS: (name: string) => SQSBuilder;
     Secret: (secretId: string) => SecretsBuilder;
+    IAMRole: (name: string) => IAMRoleBuilder;
+    IAMPolicy: (name: string) => IAMPolicyBuilder;
+    SNS: (name: string) => SNSTopicBuilder;
+    Alarm: (name: string) => CloudWatchAlarmBuilder;
 };
+export * from "../../types/aws.js";

package/dist/providers/aws/index.js

@@ -8,6 +8,9 @@ import { FargateBuilder } from "./fargate.js";
 import { RDSBuilder } from "./rds.js";
 import { SQSBuilder } from "./sqs.js";
 import { SecretsBuilder } from "./secrets.js";
+import { IAMRoleBuilder, IAMPolicyBuilder } from "./iam.js";
+import { SNSTopicBuilder } from "./sns.js";
+import { CloudWatchAlarmBuilder } from "./cloudwatch.js";
 export const AWS = {
     init: (opts) => {
         Config.set({
@@ -26,4 +29,9 @@ export const AWS = {
     RDS: (name) => new RDSBuilder(name),
     SQS: (name) => new SQSBuilder(name),
     Secret: (secretId) => new SecretsBuilder(secretId),
+    IAMRole: (name) => new IAMRoleBuilder(name),
+    IAMPolicy: (name) => new IAMPolicyBuilder(name),
+    SNS: (name) => new SNSTopicBuilder(name),
+    Alarm: (name) => new CloudWatchAlarmBuilder(name),
 };
+export * from "../../types/aws.js";

package/dist/providers/aws/lambda.d.ts

@@ -1,5 +1,6 @@
 import { BaseBuilder } from "../../core/resource.js";
 import { SecretsBuilder } from "./secrets.js";
+import { IAMRoleBuilder } from "./iam.js";
 export declare class LambdaBuilder extends BaseBuilder {
     private _runtime;
     private _handler;
@@ -8,6 +9,7 @@ export declare class LambdaBuilder extends BaseBuilder {
     private _codePath?;
     private _env;
     private _roleArn?;
+    private _roleBuilder?;
     resolvedArn: string | null;
     constructor(name: string);
     private discoverFunction;
@@ -16,7 +18,7 @@ export declare class LambdaBuilder extends BaseBuilder {
     handler(h: string): this;
     memory(mb: number): this;
     timeout(seconds: number): this;
-    role(arn: string): this;
+    role(arnOrBuilder: string | IAMRoleBuilder): this;
     env(vars: Record<string, string | SecretsBuilder>): this;
     private ensureRole;
     private buildZip;

package/dist/providers/aws/lambda.js

@@ -1,5 +1,5 @@
-import { readFileSync, unlinkSync } from "node:fs";
-import { execSync } from "node:child_process";
+import fs from "node:fs";
+import cp from "node:child_process";
 import { tmpdir } from "node:os";
 import { join, extname } from "node:path";
 import { GetFunctionCommand, CreateFunctionCommand, UpdateFunctionCodeCommand, UpdateFunctionConfigurationCommand, DeleteFunctionCommand, } from "@aws-sdk/client-lambda";
@@ -25,6 +25,7 @@ export class LambdaBuilder extends BaseBuilder {
     _codePath;
     _env = {};
     _roleArn;
+    _roleBuilder;
     resolvedArn = null;
     constructor(name) {
         super(name);
@@ -64,8 +65,13 @@ export class LambdaBuilder extends BaseBuilder {
         this._timeout = seconds;
         return this;
     }
-    role(arn) {
-        this._roleArn = arn;
+    role(arnOrBuilder) {
+        if (typeof arnOrBuilder === "string") {
+            this._roleArn = arnOrBuilder;
+        }
+        else {
+            this._roleBuilder = arnOrBuilder;
+        }
         return this;
     }
     env(vars) {
@@ -73,6 +79,9 @@ export class LambdaBuilder extends BaseBuilder {
         return this;
     }
     async ensureRole() {
+        if (this._roleBuilder) {
+            return await this._roleBuilder.out.arn.get();
+        }
         if (this._roleArn)
             return this._roleArn;
         const roleName = `puls-lambda-${this.name}-role`;
@@ -103,14 +112,14 @@ export class LambdaBuilder extends BaseBuilder {
         if (!this._codePath)
             throw new Error(`[Lambda:${this.name}] .code(path) is required`);
         if (extname(this._codePath) === ".zip") {
-            return readFileSync(this._codePath);
+            return fs.readFileSync(this._codePath);
         }
         const outPath = join(tmpdir(), `puls-lambda-${this.name}-${Date.now()}.zip`);
-        execSync(`cd "${this._codePath}" && zip -r "${outPath}" .`, {
+        cp.execSync(`cd "${this._codePath}" && zip -r "${outPath}" .`, {
             stdio: "pipe",
         });
-        const buf = readFileSync(outPath);
-        unlinkSync(outPath);
+        const buf = fs.readFileSync(outPath);
+        fs.unlinkSync(outPath);
         return buf;
     }
     async deploy() {

package/dist/providers/aws/lambda.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/providers/aws/lambda.test.js

@@ -0,0 +1,189 @@
+import { test, describe, beforeEach, afterEach, mock } from 'node:test';
+import assert from 'node:assert';
+import fs from 'node:fs';
+import { LambdaClient } from '@aws-sdk/client-lambda';
+import { IAMClient } from '@aws-sdk/client-iam';
+import { LambdaBuilder } from './lambda.js';
+import { Config } from '../../core/config.js';
+describe('LambdaBuilder Unit Tests', () => {
+    let originalLambdaSend;
+    let originalIamSend;
+    let lambdaCalls = [];
+    let iamCalls = [];
+    let mockLambdaResponses = {};
+    let mockIamResponses = {};
+    beforeEach(() => {
+        Config.set({
+            dryRun: false,
+            providers: {
+                aws: { region: 'us-east-1' }
+            }
+        });
+        lambdaCalls = [];
+        iamCalls = [];
+        mockLambdaResponses = {};
+        mockIamResponses = {};
+        originalLambdaSend = LambdaClient.prototype.send;
+        originalIamSend = IAMClient.prototype.send;
+        // Command intercept stubs for Lambda and IAM AWS SDK clients
+        LambdaClient.prototype.send = async function (command) {
+            const commandName = command.constructor.name;
+            const input = command.input;
+            lambdaCalls.push({ commandName, input });
+            if (mockLambdaResponses[commandName]) {
+                const handler = mockLambdaResponses[commandName];
+                if (typeof handler === 'function')
+                    return handler(input);
+                if (handler instanceof Error)
+                    throw handler;
+                return handler;
+            }
+            return {};
+        };
+        IAMClient.prototype.send = async function (command) {
+            const commandName = command.constructor.name;
+            const input = command.input;
+            iamCalls.push({ commandName, input });
+            if (mockIamResponses[commandName]) {
+                const handler = mockIamResponses[commandName];
+                if (typeof handler === 'function')
+                    return handler(input);
+                if (handler instanceof Error)
+                    throw handler;
+                return handler;
+            }
+            return {};
+        };
+        // FS Mocking to return a fake zip buffer when reading the code package
+        mock.method(fs, 'readFileSync', () => {
+            return Buffer.from('mock-zip-binary-payload');
+        });
+    });
+    afterEach(() => {
+        LambdaClient.prototype.send = originalLambdaSend;
+        IAMClient.prototype.send = originalIamSend;
+        mock.restoreAll();
+    });
+    test('gracefully handles discovery when function does not exist', async () => {
+        const notFoundError = new Error('Function not found');
+        notFoundError.name = 'ResourceNotFoundException';
+        mockLambdaResponses['GetFunctionCommand'] = notFoundError;
+        const builder = new LambdaBuilder('my-fn');
+        const discoveryResult = await builder.discoveryPromise;
+        assert.strictEqual(discoveryResult, null);
+        assert.strictEqual(lambdaCalls.length, 1);
+        assert.strictEqual(lambdaCalls[0].commandName, 'GetFunctionCommand');
+        assert.strictEqual(lambdaCalls[0].input.FunctionName, 'my-fn');
+    });
+    test('discovers function successfully when it exists', async () => {
+        mockLambdaResponses['GetFunctionCommand'] = {
+            Configuration: { FunctionName: 'my-fn', FunctionArn: 'arn:aws:lambda:us-east-1:12345:function:my-fn' }
+        };
+        const builder = new LambdaBuilder('my-fn');
+        const discoveryResult = await builder.discoveryPromise;
+        assert.ok(discoveryResult);
+        assert.strictEqual(discoveryResult.FunctionName, 'my-fn');
+        assert.strictEqual(builder.resolvedArn, 'arn:aws:lambda:us-east-1:12345:function:my-fn');
+    });
+    test('performs clean dry-run planning without making write requests', async () => {
+        Config.set({
+            dryRun: true,
+            providers: { aws: { region: 'us-east-1' } }
+        });
+        const notFoundError = new Error('Function not found');
+        notFoundError.name = 'ResourceNotFoundException';
+        mockLambdaResponses['GetFunctionCommand'] = notFoundError;
+        const builder = new LambdaBuilder('my-fn');
+        builder
+            .code('my-code.zip')
+            .runtime('nodejs20.x')
+            .memory(256)
+            .env({ DB_HOST: 'localhost' });
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.name, 'my-fn');
+        assert.strictEqual(result.arn, 'arn:aws:lambda:DRYRUN:000000000000:function:my-fn');
+        // Verify only the GET discovery occurred, no IAM or Lambda write commands
+        assert.strictEqual(lambdaCalls.filter(c => c.commandName !== 'GetFunctionCommand').length, 0);
+        assert.strictEqual(iamCalls.length, 0);
+    });
+    test('deploys new function, generates IAM execution role, and uploads code', async () => {
+        const notFoundError = new Error('Function not found');
+        notFoundError.name = 'ResourceNotFoundException';
+        mockLambdaResponses['GetFunctionCommand'] = notFoundError;
+        // Mock role lookup to report it doesn't exist yet, forcing role generation
+        const noRoleError = new Error('Role not found');
+        noRoleError.name = 'NoSuchEntityException';
+        mockIamResponses['GetRoleCommand'] = noRoleError;
+        mockIamResponses['CreateRoleCommand'] = { Role: { Arn: 'arn:aws:iam::12345:role/puls-lambda-my-fn-role' } };
+        mockIamResponses['AttachRolePolicyCommand'] = {};
+        mockLambdaResponses['CreateFunctionCommand'] = {
+            FunctionArn: 'arn:aws:lambda:us-east-1:12345:function:my-fn'
+        };
+        const builder = new LambdaBuilder('my-fn');
+        builder
+            .code('my-code.zip')
+            .runtime('nodejs20.x')
+            .memory(256)
+            .timeout(60);
+        // Bypass long-running IAM propagation timer during testing
+        const originalPromise = global.Promise;
+        const mockTimeout = mock.method(global, 'setTimeout', (fn) => fn());
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.arn, 'arn:aws:lambda:us-east-1:12345:function:my-fn');
+        // Assert IAM execution role was created
+        const createRoleCall = iamCalls.find(c => c.commandName === 'CreateRoleCommand');
+        assert.ok(createRoleCall);
+        assert.strictEqual(createRoleCall.input.RoleName, 'puls-lambda-my-fn-role');
+        // Assert policy was attached to role
+        const attachCall = iamCalls.find(c => c.commandName === 'AttachRolePolicyCommand');
+        assert.ok(attachCall);
+        assert.strictEqual(attachCall.input.PolicyArn, 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole');
+        // Assert Lambda creation was deployed with zip buffer
+        const createFnCall = lambdaCalls.find(c => c.commandName === 'CreateFunctionCommand');
+        assert.ok(createFnCall);
+        assert.strictEqual(createFnCall.input.FunctionName, 'my-fn');
+        assert.strictEqual(createFnCall.input.Runtime, 'nodejs20.x');
+        assert.strictEqual(createFnCall.input.MemorySize, 256);
+        assert.strictEqual(createFnCall.input.Timeout, 60);
+        assert.strictEqual(createFnCall.input.Role, 'arn:aws:iam::12345:role/puls-lambda-my-fn-role');
+        assert.deepStrictEqual(createFnCall.input.Code.ZipFile, Buffer.from('mock-zip-binary-payload'));
+    });
+    test('updates existing function code and configurations correctly', async () => {
+        mockLambdaResponses['GetFunctionCommand'] = {
+            Configuration: { FunctionName: 'my-fn', FunctionArn: 'arn:aws:lambda:us-east-1:12345:function:my-fn' }
+        };
+        mockIamResponses['GetRoleCommand'] = { Role: { Arn: 'arn:aws:iam::12345:role/existing-role' } };
+        mockLambdaResponses['UpdateFunctionConfigurationCommand'] = {};
+        mockLambdaResponses['UpdateFunctionCodeCommand'] = {};
+        const builder = new LambdaBuilder('my-fn');
+        builder
+            .code('new-code.zip')
+            .runtime('nodejs22.x')
+            .memory(512);
+        await builder.deploy();
+        // Verify config update was sent
+        const configCall = lambdaCalls.find(c => c.commandName === 'UpdateFunctionConfigurationCommand');
+        assert.ok(configCall);
+        assert.strictEqual(configCall.input.MemorySize, 512);
+        assert.strictEqual(configCall.input.Runtime, 'nodejs22.x');
+        // Verify code update was sent with new zip buffer
+        const codeCall = lambdaCalls.find(c => c.commandName === 'UpdateFunctionCodeCommand');
+        assert.ok(codeCall);
+        assert.deepStrictEqual(codeCall.input.ZipFile, Buffer.from('mock-zip-binary-payload'));
+    });
+    test('destroys Lambda successfully', async () => {
+        mockLambdaResponses['GetFunctionCommand'] = {
+            Configuration: { FunctionName: 'my-fn', FunctionArn: 'arn:aws:lambda:us-east-1:12345:function:my-fn' }
+        };
+        mockLambdaResponses['DeleteFunctionCommand'] = {};
+        const builder = new LambdaBuilder('my-fn');
+        await builder.discoveryPromise;
+        const result = await builder.destroy();
+        assert.deepStrictEqual(result, { destroyed: 'my-fn' });
+        const deleteCall = lambdaCalls.find(c => c.commandName === 'DeleteFunctionCommand');
+        assert.ok(deleteCall);
+        assert.strictEqual(deleteCall.input.FunctionName, 'my-fn');
+    });
+});

package/dist/providers/aws/rds.d.ts

@@ -14,6 +14,7 @@ export declare class RDSBuilder extends BaseBuilder {
     resolvedPort: number | null;
     resolvedArn: string | null;
     constructor(name: string);
+    get dbInstanceIdentifier(): string;
     engine(e: {
         engine: string;
         version: string;

package/dist/providers/aws/rds.js

@@ -26,6 +26,9 @@ export class RDSBuilder extends BaseBuilder {
         super(name);
         this.discoveryPromise = this.discoverInstance(name);
     }
+    get dbInstanceIdentifier() {
+        return this.name;
+    }
     engine(e) {
         this._engine = e.engine;
         this._engineVersion = e.version;
@@ -74,7 +77,7 @@ export class RDSBuilder extends BaseBuilder {
             return instance;
         }
         catch (e) {
-            if (e.name === "DBInstanceNotFound")
+            if (e.name === "DBInstanceNotFound" || e.name === "DBInstanceNotFoundFault")
                 return null;
             if (e.name === "CredentialsProviderError")
                 return null;

package/dist/providers/aws/route53.d.ts

@@ -21,7 +21,7 @@ export declare class Route53Builder extends BaseBuilder {
     cert(): ACMCertificateBuilder | undefined;
     withWildcardSSL(): this;
     register(contact?: RegistrantContact): this;
-    record(name: string, type: "A" | "CNAME" | "AAAA", value: string): this;
+    record(name: string, type: "A" | "AAAA" | "CNAME" | "MX" | "TXT" | "NS" | "PTR" | "SRV" | "CAA" | "NAPTR" | "SPF", value: string, ttl?: number): this;
     pointer(name: string, target: BaseBuilder): this;
     deploy(): Promise<{
         zone: string;

package/dist/providers/aws/route53.js

@@ -28,6 +28,7 @@ export class Route53Builder extends BaseBuilder {
             const match = (result.HostedZones ?? []).find((z) => z.Name === `${name}.`);
             if (match) {
                 this.zoneId = match.Id.replace("/hostedzone/", "");
+                this.out.zone.resolve({ name: this.zoneName, id: this.zoneId });
                 return match;
             }
             return null;
@@ -58,8 +59,8 @@ export class Route53Builder extends BaseBuilder {
         this._registrantContact = contact;
         return this;
     }
-    record(name, type, value) {
-        this.records.push({ name, type, value });
+    record(name, type, value, ttl = 300) {
+        this.records.push({ name, type, value, ttl });
         return this;
     }
     pointer(name, target) {
@@ -115,8 +116,9 @@ export class Route53Builder extends BaseBuilder {
                 type: r.type,
                 name: r.name,
                 value: r.value instanceof BaseBuilder ? `[alias: ${r.value.name}]` : r.value,
+                ttl: r.ttl ?? 300,
             }));
-            await this.upsertRecords(r53, resolved.map((r) => ({ ...r, ttl: 300 })));
+            await this.upsertRecords(r53, resolved);
         }
         for (const rec of this.records) {
             const val = rec.value instanceof BaseBuilder
@@ -210,15 +212,21 @@ export class Route53Builder extends BaseBuilder {
         await r53.send(new ChangeResourceRecordSetsCommand({
             HostedZoneId: this.zoneId,
             ChangeBatch: {
-                Changes: records.map((r) => ({
-                    Action: "UPSERT",
-                    ResourceRecordSet: {
-                        Name: r.name,
-                        Type: r.type,
-                        TTL: r.ttl,
-                        ResourceRecords: [{ Value: r.value }],
-                    },
-                })),
+                Changes: records.map((r) => {
+                    const value = (r.type === "TXT" || r.type === "SPF") &&
+                        !r.value.startsWith('"')
+                        ? `"${r.value}"`
+                        : r.value;
+                    return {
+                        Action: "UPSERT",
+                        ResourceRecordSet: {
+                            Name: r.name,
+                            Type: r.type,
+                            TTL: r.ttl,
+                            ResourceRecords: [{ Value: value }],
+                        },
+                    };
+                }),
             },
         }));
     }

package/dist/providers/aws/route53.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/providers/aws/route53.test.js

@@ -0,0 +1,229 @@
+import { test, describe, beforeEach, afterEach } from 'node:test';
+import assert from 'node:assert';
+import { Route53Client } from '@aws-sdk/client-route-53';
+import { Route53DomainsClient } from '@aws-sdk/client-route-53-domains';
+import { Route53Builder } from './route53.js';
+import { Config } from '../../core/config.js';
+describe('Route53Builder Unit Tests', () => {
+    let originalR53Send;
+    let originalDomainsSend;
+    let r53Calls = [];
+    let domainsCalls = [];
+    let mockR53Responses = {};
+    let mockDomainsResponses = {};
+    beforeEach(() => {
+        Config.set({
+            dryRun: false,
+            providers: {
+                aws: { region: 'us-east-1' }
+            }
+        });
+        r53Calls = [];
+        domainsCalls = [];
+        mockR53Responses = {};
+        mockDomainsResponses = {};
+        originalR53Send = Route53Client.prototype.send;
+        originalDomainsSend = Route53DomainsClient.prototype.send;
+        // Prototype mocks to intercept Route53 and Route53 Domains API commands
+        Route53Client.prototype.send = async function (command) {
+            const commandName = command.constructor.name;
+            const input = command.input;
+            r53Calls.push({ commandName, input });
+            if (mockR53Responses[commandName]) {
+                const handler = mockR53Responses[commandName];
+                if (typeof handler === 'function')
+                    return handler(input);
+                if (handler instanceof Error)
+                    throw handler;
+                return handler;
+            }
+            return {};
+        };
+        Route53DomainsClient.prototype.send = async function (command) {
+            const commandName = command.constructor.name;
+            const input = command.input;
+            domainsCalls.push({ commandName, input });
+            if (mockDomainsResponses[commandName]) {
+                const handler = mockDomainsResponses[commandName];
+                if (typeof handler === 'function')
+                    return handler(input);
+                if (handler instanceof Error)
+                    throw handler;
+                return handler;
+            }
+            return {};
+        };
+    });
+    afterEach(() => {
+        Route53Client.prototype.send = originalR53Send;
+        Route53DomainsClient.prototype.send = originalDomainsSend;
+    });
+    test('gracefully handles discovery when hosted zone does not exist', async () => {
+        mockR53Responses['ListHostedZonesByNameCommand'] = { HostedZones: [] };
+        const builder = new Route53Builder('example.com');
+        const discoveryResult = await builder.discoveryPromise;
+        assert.strictEqual(discoveryResult, null);
+        assert.strictEqual(r53Calls.length, 1);
+        assert.strictEqual(r53Calls[0].commandName, 'ListHostedZonesByNameCommand');
+        assert.strictEqual(r53Calls[0].input.DNSName, 'example.com');
+    });
+    test('discovers hosted zone successfully when it exists', async () => {
+        mockR53Responses['ListHostedZonesByNameCommand'] = {
+            HostedZones: [{ Id: '/hostedzone/Z111222', Name: 'example.com.' }]
+        };
+        const builder = new Route53Builder('example.com');
+        const discoveryResult = await builder.discoveryPromise;
+        assert.ok(discoveryResult);
+        assert.strictEqual(discoveryResult.Id, '/hostedzone/Z111222');
+        assert.strictEqual(builder.zoneId, 'Z111222');
+        const resolved = await builder.out.zone.get();
+        assert.deepStrictEqual(resolved, { name: 'example.com', id: 'Z111222' });
+    });
+    test('performs clean dry-run planning without making write requests', async () => {
+        Config.set({
+            dryRun: true,
+            providers: { aws: { region: 'us-east-1' } }
+        });
+        mockR53Responses['ListHostedZonesByNameCommand'] = { HostedZones: [] };
+        const builder = new Route53Builder('example.com');
+        builder
+            .record('@', 'A', '1.2.3.4')
+            .withWildcardSSL()
+            .register({
+            FIRSTNAME: 'Jane', LASTNAME: 'Doe', EMAIL: 'jane@example.com',
+            MOBILE: '+1.5555550100', CONTACT_TYPE: 'PERSON', ORGANIZATION: 'N/A',
+            ADDRESSLINE: '123 Main St', CITY: 'Seattle', ZIPCODE: '98101', COUNTRY: 'US'
+        });
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.zone, 'example.com');
+        // Hosted zone, certificate validations, domain registrations are planned, but no writes occur
+        const writeCalls = r53Calls.filter(c => c.commandName !== 'ListHostedZonesByNameCommand');
+        assert.strictEqual(writeCalls.length, 0);
+        assert.strictEqual(domainsCalls.length, 0);
+        const resolved = await builder.out.zone.get();
+        assert.deepStrictEqual(resolved, { name: 'example.com', id: 'PENDING' });
+    });
+    test('deploys new hosted zone when missing', async () => {
+        mockR53Responses['ListHostedZonesByNameCommand'] = { HostedZones: [] };
+        mockR53Responses['CreateHostedZoneCommand'] = {
+            HostedZone: { Id: '/hostedzone/Z999888', Name: 'example.com.' }
+        };
+        const builder = new Route53Builder('example.com');
+        const result = await builder.deploy();
+        assert.ok(result);
+        assert.strictEqual(result.id, 'Z999888');
+        const createCall = r53Calls.find(c => c.commandName === 'CreateHostedZoneCommand');
+        assert.ok(createCall);
+        assert.strictEqual(createCall.input.Name, 'example.com');
+    });
+    test('deploys records with automatic double quoting for TXT/SPF and custom TTLs', async () => {
+        mockR53Responses['ListHostedZonesByNameCommand'] = {
+            HostedZones: [{ Id: '/hostedzone/Z123', Name: 'example.com.' }]
+        };
+        mockR53Responses['ChangeResourceRecordSetsCommand'] = {};
+        const builder = new Route53Builder('example.com');
+        builder
+            .record('www', 'CNAME', 'example.com', 120)
+            .record('@', 'TXT', 'v=spf1 include:_spf.google.com ~all')
+            .record('spf-record', 'SPF', '"v=spf1 -all"', 600); // already quoted
+        await builder.deploy();
+        const changeCall = r53Calls.find(c => c.commandName === 'ChangeResourceRecordSetsCommand');
+        assert.ok(changeCall);
+        assert.strictEqual(changeCall.input.HostedZoneId, 'Z123');
+        const changes = changeCall.input.ChangeBatch.Changes;
+        assert.strictEqual(changes.length, 3);
+        // Assert CNAME configuration
+        assert.deepStrictEqual(changes[0], {
+            Action: 'UPSERT',
+            ResourceRecordSet: {
+                Name: 'www',
+                Type: 'CNAME',
+                TTL: 120,
+                ResourceRecords: [{ Value: 'example.com' }]
+            }
+        });
+        // Assert TXT quoting
+        assert.deepStrictEqual(changes[1].ResourceRecordSet, {
+            Name: '@',
+            Type: 'TXT',
+            TTL: 300, // default
+            ResourceRecords: [{ Value: '"v=spf1 include:_spf.google.com ~all"' }] // wrapped in quotes
+        });
+        // Assert already quoted SPF remains same with custom TTL
+        assert.deepStrictEqual(changes[2].ResourceRecordSet, {
+            Name: 'spf-record',
+            Type: 'SPF',
+            TTL: 600,
+            ResourceRecords: [{ Value: '"v=spf1 -all"' }] // no extra quotes
+        });
+    });
+    test('adds DNS alias pointers to other builders correctly', async () => {
+        mockR53Responses['ListHostedZonesByNameCommand'] = {
+            HostedZones: [{ Id: '/hostedzone/Z123', Name: 'example.com.' }]
+        };
+        const mockTarget = {
+            name: 'api-service'
+        };
+        const builder = new Route53Builder('example.com');
+        builder.pointer('api', mockTarget);
+        const result = await builder.deploy();
+        assert.ok(result);
+        // Pointers are logged correctly (in real mode pointers don't write via upsertRecords because ChangeResourceRecordSets requires an alias target config, which puls handles, or mocks out here)
+        const recordsField = builder.records;
+        const pointerRecord = recordsField.find((r) => r.name === 'api');
+        assert.ok(pointerRecord);
+        assert.strictEqual(pointerRecord.type, 'A');
+        assert.strictEqual(pointerRecord.isAlias, true);
+        assert.strictEqual(pointerRecord.value, mockTarget);
+    });
+    test('registers domain, normalizes phone, and awaits status: successful', async () => {
+        let listCallCount = 0;
+        mockR53Responses['ListHostedZonesByNameCommand'] = () => {
+            listCallCount++;
+            if (listCallCount === 1) {
+                return { HostedZones: [] };
+            }
+            return {
+                HostedZones: [{ Id: '/hostedzone/Z123', Name: 'random-domain.com.' }]
+            };
+        };
+        mockDomainsResponses['CheckDomainAvailabilityCommand'] = { Availability: 'AVAILABLE' };
+        mockDomainsResponses['RegisterDomainCommand'] = { OperationId: 'op-registration-abc' };
+        let pollCount = 0;
+        mockDomainsResponses['GetOperationDetailCommand'] = () => {
+            pollCount++;
+            return {
+                Status: pollCount === 1 ? 'PENDING' : 'SUCCESSFUL'
+            };
+        };
+        const builder = new Route53Builder('random-domain.com');
+        builder.register({
+            FIRSTNAME: 'Jane', LASTNAME: 'Doe', EMAIL: 'jane@example.com',
+            MOBILE: '+46708339809', CONTACT_TYPE: 'PERSON', ORGANIZATION: 'N/A',
+            ADDRESSLINE: '123 Main St', CITY: 'Seattle', ZIPCODE: '98101', COUNTRY: 'US'
+        });
+        // Override the protected waitFor method to execute polling instantly
+        builder.waitFor = async (label, condition) => {
+            let done = false;
+            while (!done) {
+                done = await condition();
+            }
+        };
+        await builder.deploy();
+        // Verify Check Availability was executed
+        const checkCall = domainsCalls.find(c => c.commandName === 'CheckDomainAvailabilityCommand');
+        assert.ok(checkCall);
+        assert.strictEqual(checkCall.input.DomainName, 'random-domain.com');
+        // Verify Phone Normalization (+CC.subscriberSwedish example)
+        const registerCall = domainsCalls.find(c => c.commandName === 'RegisterDomainCommand');
+        assert.ok(registerCall);
+        assert.strictEqual(registerCall.input.DomainName, 'random-domain.com');
+        // Normalization should transform "+46708339809" into "+46.708339809"
+        assert.strictEqual(registerCall.input.RegistrantContact.PhoneNumber, '+46.708339809');
+        // Verify polling was performed
+        const pollCall = domainsCalls.filter(c => c.commandName === 'GetOperationDetailCommand');
+        assert.strictEqual(pollCall.length, 2);
+        assert.strictEqual(pollCall[0].input.OperationId, 'op-registration-abc');
+    });
+});

package/dist/providers/aws/s3.d.ts

@@ -6,15 +6,18 @@ export declare class S3BucketBuilder extends BaseBuilder {
     private _allowedDistributions;
     private _region?;
     private _uploadPath?;
+    private _websiteConfig?;
     constructor(bucketName: string);
     region(r: string): this;
     private discoverBucket;
     versioning(enabled?: boolean): this;
     allowFrom(...distributions: CloudFrontBuilder[]): this;
     upload(filePath: string): this;
+    staticSite(indexDocument?: string, errorDocument?: string): this;
     deploy(): Promise<{
         name: string;
     }>;
     private uploadFile;
     private updateBucketPolicy;
+    private applyPublicReadPolicy;
 }